Started by user Yuriy Movchan
Building on master in workspace /home/tomcat/.jenkins/jobs/oxAuth/workspace
> git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
> git config remote.origin.url https://github.com/GluuFederation/oxAuth # timeout=10
Fetching upstream changes from https://github.com/GluuFederation/oxAuth
> git --version # timeout=10
> git fetch --tags --progress https://github.com/GluuFederation/oxAuth +refs/heads/*:refs/remotes/origin/*
> git rev-parse refs/remotes/origin/version_3.1.2.sp1^{commit} # timeout=10
> git rev-parse refs/remotes/origin/origin/version_3.1.2.sp1^{commit} # timeout=10
Checking out Revision 1993d4a8ec053353c9fb95705fd662d82c362209 (refs/remotes/origin/version_3.1.2.sp1)
> git config core.sparsecheckout # timeout=10
> git checkout -f 1993d4a8ec053353c9fb95705fd662d82c362209
Commit message: "Merge from 3.1.4: oxAuth #837 Different clients must receive a different sub value also when the sector identifier is the same"
First time build. Skipping changelog.
[workspace] $ /bin/bash /opt/tomcat/temp/jenkins7943389421257641262.sh
Cloning into 'oxHudsonProfiles'...
[workspace] $ /home/tomcat/.jenkins/tools/hudson.tasks.Maven_MavenInstallation/maven_3.3.9/bin/mvn -DVERSION_NAME=version_3.1.2.sp1 -DPROFILE_NAME=ce-dev4 -DDEVELOPMENT_BUILD=false -DMAVEN_SKIP_TESTS=false -Dpython.import.site=false -DPYTHON_HOME=/opt/jython -Dcfg=ce-dev4 -Dmaven.test.skip=false -Ddevelopment-build=false clean compile install findbugs:findbugs javadoc:javadoc site
[INFO] Scanning for projects...
[WARNING]
[WARNING] Some problems were encountered while building the effective model for org.xdi:oxauth-rp:war:3.1.2.sp1
[WARNING] 'build.plugins.plugin.version' for org.mortbay.jetty:jetty-maven-plugin is missing. @ org.xdi:oxauth-rp:[unknown-version], /home/tomcat/.jenkins/jobs/oxAuth/workspace/RP/pom.xml, line 74, column 12
[WARNING]
[WARNING] Some problems were encountered while building the effective model for org.xdi:oxauth-server:war:3.1.2.sp1
[WARNING] 'build.plugins.plugin.version' for org.codehaus.mojo:exec-maven-plugin is missing. @ org.xdi:oxauth-server:[unknown-version], /home/tomcat/.jenkins/jobs/oxAuth/workspace/Server/pom.xml, line 1075, column 14
[WARNING]
[WARNING] It is highly recommended to fix these problems because they threaten the stability of your build.
[WARNING]
[WARNING] For this reason, future Maven versions might no longer support building such malformed projects.
[WARNING]
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] oxAuth
[INFO] oxAuth Model
[INFO] oxAuth Client
[INFO] oxauth-static
[INFO] oxAuth RP
[INFO] oxAuth RP Demo
[INFO] oxAuth Server
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth 3.1.2.sp1
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/target
[INFO]
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth ---
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/pom.xml to /var/www/html/maven/org/xdi/oxauth/3.1.2.sp1/oxauth-3.1.2.sp1.pom
[INFO]
[INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth ---
[INFO]
[INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth >>>
[INFO]
[INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth <<<
[INFO]
[INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth ---
[INFO]
[INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth ---
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth Model 3.1.2.sp1
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-model ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target
[INFO]
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO]
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model ---
[INFO] Compiling 156 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/classes
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[144,36] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[INFO]
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO]
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model ---
[INFO] Nothing to compile - all classes are up to date
[INFO]
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 4 resources
[INFO]
[INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-model ---
[INFO] Compiling 5 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/test-classes
[INFO]
[INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-model ---
-------------------------------------------------------
T E S T S
-------------------------------------------------------
Running TestSuite
CodeVerifier{codeVerifier='C1J1_2y9jlbdazAUV1K8QMfP70sIDkMH4IhSlq0e7ZszPAMbs7WdJwkrwg2b0nsshD0xtaIT9OxXk_ycJ.w-tLgxPSxxe0paOS__znPxXT5A6R-8TqENnagvzr6O~_l_', codeChallenge='C1J1_2y9jlbdazAUV1K8QMfP70sIDkMH4IhSlq0e7ZszPAMbs7WdJwkrwg2b0nsshD0xtaIT9OxXk_ycJ.w-tLgxPSxxe0paOS__znPxXT5A6R-8TqENnagvzr6O~_l_', transformationType=PLAIN}
CodeVerifier{codeVerifier='44u6lwp_VEKv7Bydq3AsHIrnwgPV8mW4NWCSef-h7q1edGVtv9EDTLQecOSWC8zsUq_exG2JsF1pAcbZSQGT3-g2RNrrblOPY-uUzaYFL0MlmBcbq8t9udoI49BWDe4I', codeChallenge='Yn7ZsUhHH82HBukTsL8dgmKYj2C5jSXwmM3L0n-AHYs', transformationType=S256}
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
Hi there from Javascript,
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging.
Tests run: 7, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 2.655 sec - in TestSuite
Results :
Tests run: 7, Failures: 0, Errors: 0, Skipped: 0
[INFO]
[INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ oxauth-model ---
[INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar
[INFO]
[INFO] --- maven-jar-plugin:2.4:test-jar (default) @ oxauth-model ---
[INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar
[INFO]
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth-model ---
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar to /var/www/html/maven/org/xdi/oxauth-model/3.1.2.sp1/oxauth-model-3.1.2.sp1.jar
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/pom.xml to /var/www/html/maven/org/xdi/oxauth-model/3.1.2.sp1/oxauth-model-3.1.2.sp1.pom
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar to /var/www/html/maven/org/xdi/oxauth-model/3.1.2.sp1/oxauth-model-3.1.2.sp1-tests.jar
[INFO]
[INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth-model ---
[INFO] Fork Value is true
[java] Warnings generated: 51
[INFO] Done FindBugs Analysis....
[INFO]
[INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth-model >>>
[INFO]
[INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth-model <<<
[INFO]
[INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth-model ---
[INFO]
Loading source files for package org.xdi.oxauth.model.uma...
Loading source files for package org.xdi.oxauth.model.uma.wrapper...
Loading source files for package org.xdi.oxauth.model.uma.persistence...
Loading source files for package org.xdi.oxauth.model.jwt...
Loading source files for package org.xdi.oxauth.model.common...
Loading source files for package org.xdi.oxauth.model.jwk...
Loading source files for package org.xdi.oxauth.model.exception...
Loading source files for package org.xdi.oxauth.model.session...
Loading source files for package org.xdi.oxauth.model.fido.u2f...
Loading source files for package org.xdi.oxauth.model.fido.u2f.message...
Loading source files for package org.xdi.oxauth.model.fido.u2f.exception...
Loading source files for package org.xdi.oxauth.model.fido.u2f.protocol...
Loading source files for package org.xdi.oxauth.model.gluu...
Loading source files for package org.xdi.oxauth.model.register...
Loading source files for package org.xdi.oxauth.model.discovery...
Loading source files for package org.xdi.oxauth.model.jwe...
Loading source files for package org.xdi.oxauth.model.userinfo...
Loading source files for package org.xdi.oxauth.model.util...
Loading source files for package org.xdi.oxauth.model.authorize...
Loading source files for package org.xdi.oxauth.model.configuration...
Loading source files for package org.xdi.oxauth.model.error...
Loading source files for package org.xdi.oxauth.model.jws...
Loading source files for package org.xdi.oxauth.model.token...
Loading source files for package org.xdi.oxauth.model.crypto...
Loading source files for package org.xdi.oxauth.model.crypto.signature...
Loading source files for package org.xdi.oxauth.model.crypto.encryption...
Constructing Javadoc information...
Standard Doclet version 1.8.0_121
Building tree for all the packages and classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/ClaimTokenFormatType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogic.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNodeParser.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/PermissionTicket.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptIntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptProfiles.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RPTResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaMetadata.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermissionList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceWithId.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaTokenResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/Token.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/Jwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaims.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimSet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeader.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeaderName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtStateClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtSubClaimObject.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/PureJwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthenticationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthorizationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Display.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/GrantType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/HasParamName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Holder.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Id.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/JSONable.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/PairwiseIdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ProgrammingLanguage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Prompt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseMode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/SubjectType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/TokenType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/WebKeyStorage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKeySet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JWKParameter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/KeyType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/Use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidClaimException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJweException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJwtException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidParameterException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/SignatureException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/DeviceRegistrationStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawRegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/BadInputException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/RegistrationNotAllowed.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/ClientData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/DeviceData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/ApplicationType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/OAuth2Discovery.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerLink.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/Jwe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/KeyDerivationFunction.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/Schema.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/UserInfoErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Base64Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/JwtUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/LocaleUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Pair.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SecurityProviderUtility.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/StringUtils.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SubjectIdentifierGenerator.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/URLPatternList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.CodeChallengeMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AppConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/BaseFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ClientAuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/Configuration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ConfigurationResponseClaim.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/CorsConfigurationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/IErrorType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/AbstractJwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/ECDSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/HMACSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/JwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/PlainTextSignature.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/RSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/ClientAssertionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/JsonWebResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/TokenErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Certificate.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/CryptoProviderFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Key.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/KeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxAuthCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxElevenCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/AbstractSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECEllipticCurve.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithmFamily.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/Signer.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/BlockEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/KeyEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/constant-values.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/serialized-form.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogic.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNodeParser.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptIntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/PermissionTicket.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/ClaimTokenFormatType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceWithId.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptProfiles.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaTokenResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaMetadata.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaNeedInfoResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermissionList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RPTResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/class-use/Token.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/Jwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeader.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/PureJwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtStateClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimSet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtSubClaimObject.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaims.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeaderName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ProgrammingLanguage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/HasParamName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/GrantType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthorizationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/PairwiseIdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Holder.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/JSONable.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/TokenType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Id.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Prompt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseMode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/WebKeyStorage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Display.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/SubjectType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthenticationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKeySet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JWKParameter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/Use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/KeyType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidParameterException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/SignatureException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJwtException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJweException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidClaimException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/DeviceRegistrationStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawAuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawRegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/RegistrationNotAllowed.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/BadInputException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/DeviceData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/ClientData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/ApplicationType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/OAuth2Discovery.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerLink.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/KeyDerivationFunction.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/Jwe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/UserInfoErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/Schema.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/URLPatternList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Base64Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SecurityProviderUtility.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/LocaleUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/StringUtils.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SubjectIdentifierGenerator.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/JwtUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Pair.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.CodeChallengeMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/Configuration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/BaseFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AppConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/CorsConfigurationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ConfigurationResponseClaim.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ClientAuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/class-use/IErrorType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/RSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/HMACSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/AbstractJwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/PlainTextSignature.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/ECDSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/JwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/JsonWebResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/TokenErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/ClientAssertionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxElevenCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxAuthCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/AbstractCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Key.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/CryptoProviderFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Certificate.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/KeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithmFamily.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/Signer.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/AbstractSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECEllipticCurve.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/BlockEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/KeyEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-use.html...
Building index for all the packages and classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index-all.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/deprecated-list.html...
Building index for all classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-noframe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/help-doc.html...
12 warnings
[WARNING] Javadoc Warnings
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for clientId
[WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for claimsRedirectUri
[WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:44: warning: no @return
[WARNING] public JwtHeader setType(JwtType type) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:63: warning: no @return
[WARNING] public JwtHeader setAlgorithm(SignatureAlgorithm algorithm) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:77: warning: no @return
[WARNING] public JwtHeader setAlgorithm(KeyEncryptionAlgorithm algorithm) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:96: warning: no @return
[WARNING] public JwtHeader setKeyId(String keyId) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/common/ScopeType.java:30: warning: empty tag
[WARNING] *
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:37: warning: no @return
[WARNING] public byte getUserPresence() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:45: warning: no @return
[WARNING] public long getCounter() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:52: warning: no @return
[WARNING] public byte[] getSignature() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:210: warning: no description for @return
[WARNING] * @return
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:212: warning: no @throws for org.codehaus.jettison.json.JSONException
[WARNING] public static Map jsonObjectArrayStringAsMap(String jsonString) throws JSONException {
[WARNING] ^
[INFO]
[INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth-model ---
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth Client 3.1.2.sp1
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-client ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target
[INFO]
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources
[INFO]
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client ---
[INFO] Compiling 59 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/classes
[INFO]
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources
[INFO]
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client ---
[INFO] Nothing to compile - all classes are up to date
[INFO]
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 17 resources
[INFO]
[INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-client ---
[INFO] Compiling 143 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/test-classes
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[47,35] X509CertImpl is internal proprietary API and may be removed in a future release
[INFO]
[INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-client ---
-------------------------------------------------------
T E S T S
-------------------------------------------------------
Running TestSuite
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging.
Invoked init test suite method
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:25:58 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:25:58 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: applicationTypeNativeSubjectTypePairwise
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "native",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"scope": "openid profile address email user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1344
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:25:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D26A.A0EC.3B85.1E9A",
"client_secret": "c439c59f-26a1-473f-94ee-5334a0d68d13",
"registration_access_token": "eba9b57e-b3c0-4ae6-8d2c-3c60afa7c191",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D26A.A0EC.3B85.1E9A",
"client_id_issued_at": 1530815158,
"client_secret_expires_at": 1530901558,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "native",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer eba9b57e-b3c0-4ae6-8d2c-3c60afa7c191
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1344
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:25:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D26A.A0EC.3B85.1E9A",
"client_secret": "c439c59f-26a1-473f-94ee-5334a0d68d13",
"registration_access_token": "eba9b57e-b3c0-4ae6-8d2c-3c60afa7c191",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D26A.A0EC.3B85.1E9A",
"client_id_issued_at": 1530815158,
"client_secret_expires_at": 1530901558,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "native",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D26A.A0EC.3B85.1E9A&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=aeacb424-7ff7-4021-a756-fc3eb7cfd4af&nonce=bf496d73-9328-4156-a40d-16a80469ec2d
14:26:21.767 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:2283af29-7d68-4ed3-bc63-05da139a9f4d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D26A.A0EC.3B85.1E9A&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=aeacb424-7ff7-4021-a756-fc3eb7cfd4af&nonce=bf496d73-9328-4156-a40d-16a80469ec2d
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=bb22df6e-dd43-483a-8716-53265e4d1dcb&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMjZBLkEwRUMuM0I4NS4xRTlBIiwiZXhwIjoxNTMwODE4NzYzLCJpYXQiOjE1MzA4MTUxNjMsIm5vbmNlIjoiYmY0OTZkNzMtOTMyOC00MTU2LWE0MGQtMTZhODA0NjllYzJkIiwiYXV0aF90aW1lIjoxNTMwODE1MTYzLCJjX2hhc2giOiJBUTN6MmZ6RmFTRmFyRGFtT3FVWWZ3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiT2ZlaGdtYlFmbEwyRUctSnNpQVVTVUJOU1g1SUJEOUloRnB6UWZUYlVNTSJ9.o6UJpcJi1ZPTNt6QwBE9QRl377eLBXniQfbYQRURyoH0MxxrFROm-v8fzPv8chCeR1cT1_xcZmhxuLlm_OWsEpUdH-SvEBxQjsH2vfKJyQE2R72X84WnhTOpfiHOGrVyUmimopINHqjM-bKLVsqS25wFy0nXGTc-uHwJULi-D-W_R2w716gjCxDWdl0uGkUnIww0_NLjKrDZWlm47btezXUm3gq3X4g8MMWqPLLVetdnMXq9SOR98ve9hGXL9bvsA7xGSPLl2WRXU286eDAyW2KzOqg4DAw7JorG8wWvHlX2-agX8znKSf71-hE_XTo45OFNlE77Z-ZaUnj5Ommx9Q&session_id=367fda6e-f30e-47af-adba-bfe76ee5dc26&state=aeacb424-7ff7-4021-a756-fc3eb7cfd4af&session_state=2283af29-7d68-4ed3-bc63-05da139a9f4d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDI2QS5BMEVDLjNCODUuMUU5QTpjNDM5YzU5Zi0yNmExLTQ3M2YtOTRlZS01MzM0YTBkNjhkMTM=
grant_type=authorization_code&code=bb22df6e-dd43-483a-8716-53265e4d1dcb&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"ee6ab403-fb01-487d-8cc6-fe4c6d952385","token_type":"bearer","expires_in":299,"refresh_token":"1b60a92a-7d67-4659-8ca7-49fde2a604c0","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMjZBLkEwRUMuM0I4NS4xRTlBIiwiZXhwIjoxNTMwODE4NzYzLCJpYXQiOjE1MzA4MTUxNjMsIm5vbmNlIjoiYmY0OTZkNzMtOTMyOC00MTU2LWE0MGQtMTZhODA0NjllYzJkIiwiYXV0aF90aW1lIjoxNTMwODE1MTYzLCJhdF9oYXNoIjoieUJOa1hlUnJBQUE5NDJ0X0xZNUhVQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik9mZWhnbWJRZmxMMkVHLUpzaUFVU1VCTlNYNUlCRDlJaEZwelFmVGJVTU0ifQ.Pt44xNuQrnWI7EnTJSbQkxQ6_JbUyA2uWjGNDRMepitLDACldV_FqY-I9PBw0ztfpdmlniAKb1cgyHTfJAQcaGQWwdmqYr1Xid_bUtJSlvYOa8wVIb1bERCqk6ofP7vvoV-B-hc3WS2qrYUqibcVYwcJDOZ-ZQx5PCDdv90lVlikOA5dyweqRaMuzQsb_ihkAY4838wxsk0j8Iua3precrPdYtcPzernpNTfwS8DNKmA1joY5qwXMpy70ihTCRm7wxaFeXl--smrautg2JlBsyQLYcip8kaFFcblB6TKq1uaAi8VX8zDPqloQtBjf7VlBcu81bHZ8s5sK9mKZWSVNA"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDI2QS5BMEVDLjNCODUuMUU5QTpjNDM5YzU5Zi0yNmExLTQ3M2YtOTRlZS01MzM0YTBkNjhkMTM=
grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=1b60a92a-7d67-4659-8ca7-49fde2a604c0
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"ccd22f8b-ec3b-4c0f-806c-82e3149b3701","token_type":"bearer","expires_in":299,"refresh_token":"0a356bbe-fc92-4d87-a452-be19b06e6a8b","scope":"address openid user_name profile email"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer ccd22f8b-ec3b-4c0f-806c-82e3149b3701
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:26:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"OfehgmbQflL2EG-JsiAUSUBNSX5IBD9IhFpzQfTbUMM","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: applicationTypeNativeSubjectTypePublic
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "native",
"client_name": "oxAuth test app",
"subject_type": "public",
"scope": "openid profile address email user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1209
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1CB.206C.2B4C.BD90",
"client_secret": "4f37f1c4-7637-4638-8d61-62ae2b608989",
"registration_access_token": "671acef0-5b98-4b49-a851-7d18e8a7e230",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1CB.206C.2B4C.BD90",
"client_id_issued_at": 1530815164,
"client_secret_expires_at": 1530901564,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "native",
"client_name": "oxAuth test app",
"subject_type": "public",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 671acef0-5b98-4b49-a851-7d18e8a7e230
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1209
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1CB.206C.2B4C.BD90",
"client_secret": "4f37f1c4-7637-4638-8d61-62ae2b608989",
"registration_access_token": "671acef0-5b98-4b49-a851-7d18e8a7e230",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1CB.206C.2B4C.BD90",
"client_id_issued_at": 1530815164,
"client_secret_expires_at": 1530901564,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "native",
"client_name": "oxAuth test app",
"subject_type": "public",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A1CB.206C.2B4C.BD90&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1508c0ee-f750-4e72-919f-28e45e08d791&nonce=925c5e36-be46-44f4-9f03-440ca2a5cce9
14:26:26.258 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b5659b83-9fd6-4a05-8a6f-77171be1dcfe
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A1CB.206C.2B4C.BD90&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1508c0ee-f750-4e72-919f-28e45e08d791&nonce=925c5e36-be46-44f4-9f03-440ca2a5cce9
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=bc9bf052-daaf-4c42-b08a-2e76b79fe920&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMUNCLjIwNkMuMkI0Qy5CRDkwIiwiZXhwIjoxNTMwODE4NzY2LCJpYXQiOjE1MzA4MTUxNjYsIm5vbmNlIjoiOTI1YzVlMzYtYmU0Ni00NGY0LTlmMDMtNDQwY2EyYTVjY2U5IiwiYXV0aF90aW1lIjoxNTMwODE1MTY2LCJjX2hhc2giOiI5MTM3RHpHRG9BX1Y1RTVPN2tzNDN3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDAhQjFGMy5BRUFFLkI3OTgifQ.OAkg-2fK86RktsEJSlz8DUau0j3jFdIYD02-c48DESS5ohDsgOKCIy2hBHPKXpzAG9jWyFdnv08Oauykq7cLa82QXAWq2YH9tpogxo101Ed4vgDjZlWfRqOQ8Hx15fs1MaBsNLXHlgN1JStw_bH5j7CQDKerMhT9DRlDII4PCYe42GVkHql8OaVqozAY2w2aZDyWrCmBW2b68SpmtCNjHZXOGfa9jYpEvQhpR8OdWO6UYAWZDomOYjNx5baJxn1Oa3sSkylRcTqHXdnDgy30grUPs1aD4AY-ZXKavDnStAY2vowMJ8N0ohyTPxHdShoYhDsBMSNLrB69bov1tlMQEQ&session_id=c064890b-3b1f-48ca-9910-902ddf7d80e8&state=1508c0ee-f750-4e72-919f-28e45e08d791&session_state=b5659b83-9fd6-4a05-8a6f-77171be1dcfe
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTFDQi4yMDZDLjJCNEMuQkQ5MDo0ZjM3ZjFjNC03NjM3LTQ2MzgtOGQ2MS02MmFlMmI2MDg5ODk=
grant_type=authorization_code&code=bc9bf052-daaf-4c42-b08a-2e76b79fe920&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1074
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"1c289492-da2f-4132-ae4b-e2c9598cc7b0","token_type":"bearer","expires_in":299,"refresh_token":"20738a6d-6f0c-4b96-b918-c60118119ef9","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMUNCLjIwNkMuMkI0Qy5CRDkwIiwiZXhwIjoxNTMwODE4NzY2LCJpYXQiOjE1MzA4MTUxNjYsIm5vbmNlIjoiOTI1YzVlMzYtYmU0Ni00NGY0LTlmMDMtNDQwY2EyYTVjY2U5IiwiYXV0aF90aW1lIjoxNTMwODE1MTY2LCJhdF9oYXNoIjoiNUt6a0daVlhWZnZEbGJNSEpERU95USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkAhMzhENC40MTBDLjFENDMuODkzMiEwMDAxITM3RjIuQjc0NCEwMDAwIUIxRjMuQUVBRS5CNzk4In0.jBhO3SaxGHc2l4eSzL3QN0SqMF7UM_X6MTRziO5K-E7LOkjL7TDlZ8JSLfmkt_4lLPOBhvKWHizh1wGZyVSOIaQm7jYT6l3OpVXCTZgaLyRR5X3hXJoSE9RTUD2KJoGqsT9-nOfKK6Y2-mraO8VWsh12Xiu53KdcXkodriX_4Utu90JcyGVOoA87PT-6xXyfcd4vxaoQKGOO8lUaI7Lqbh6NUcbDWw3dAfFO1apUSaikvqU_weccB6WadS4BaUm7nsgLVG6VeooTj4O46aevJEfmWY9QCQU8WeEv6lcM6D7iIFHo5PrpIpZHqXuqPwVtJIz4ettLy1zm_D00U5UfKA"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTFDQi4yMDZDLjJCNEMuQkQ5MDo0ZjM3ZjFjNC03NjM3LTQ2MzgtOGQ2MS02MmFlMmI2MDg5ODk=
grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=20738a6d-6f0c-4b96-b918-c60118119ef9
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"f30a0e36-d069-41ab-b7d2-a62b921f83f3","token_type":"bearer","expires_in":299,"refresh_token":"b04f4764-3fba-4bbf-9dc6-45414e61f2b6","scope":"address openid user_name profile email"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f30a0e36-d069-41ab-b7d2-a62b921f83f3
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 647
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:26:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"@!38D4.410C.1D43.8932!0001!37F2.B744!0000!B1F3.AEAE.B798","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: applicationTypeWeb
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2495.27A4.20A0.A17D",
"client_secret": "044a503b-1808-4d83-8931-67e4f1a204dd",
"registration_access_token": "f53b6355-7f09-4d9b-88eb-06190821b59a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2495.27A4.20A0.A17D",
"client_id_issued_at": 1530815167,
"client_secret_expires_at": 1530901567,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f53b6355-7f09-4d9b-88eb-06190821b59a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2495.27A4.20A0.A17D",
"client_secret": "044a503b-1808-4d83-8931-67e4f1a204dd",
"registration_access_token": "f53b6355-7f09-4d9b-88eb-06190821b59a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2495.27A4.20A0.A17D",
"client_id_issued_at": 1530815167,
"client_secret_expires_at": 1530901567,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
#######################################################
TEST: applicationTypeWebFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": ["http://client.example.com/cb"],
"application_type": "web",
"client_name": "oxAuth test app"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 101
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:07 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_redirect_uri","error_description":"Value of one or more redirect_uris is invalid."}
#######################################################
TEST: omittedApplicationType
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6411.D0C4.6D1E.D2F8",
"client_secret": "a48d6c6f-e80d-4152-9ff5-827d957a7f12",
"registration_access_token": "47c3a300-6fb0-4771-b8c9-ba447620f82d",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6411.D0C4.6D1E.D2F8",
"client_id_issued_at": 1530815167,
"client_secret_expires_at": 1530901567,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 47c3a300-6fb0-4771-b8c9-ba447620f82d
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6411.D0C4.6D1E.D2F8",
"client_secret": "a48d6c6f-e80d-4152-9ff5-827d957a7f12",
"registration_access_token": "47c3a300-6fb0-4771-b8c9-ba447620f82d",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6411.D0C4.6D1E.D2F8",
"client_id_issued_at": 1530815167,
"client_secret_expires_at": 1530901567,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:26:07 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:07 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: authorizationCodeDynamicScopeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"scope": "openid profile address email user_name org_name work_phone"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1361
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!040F.0575.DFAA.8EDB",
"client_secret": "ca484c85-72ce-4105-abf3-7cb13ab4e358",
"registration_access_token": "93a3f39a-67f2-4b43-a866-cb1a11efcfc0",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!040F.0575.DFAA.8EDB",
"client_id_issued_at": 1530815167,
"client_secret_expires_at": 1530901567,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name org_name work_phone",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21040F.0575.DFAA.8EDB&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f9e1f45e-8631-438f-94af-675d5fac36fc&nonce=7c85b4e1-d761-4f85-b778-310b76710c59
14:26:29.235 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:c2976b85-a9cb-4a7a-90e8-42f87d5d0e54
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21040F.0575.DFAA.8EDB&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f9e1f45e-8631-438f-94af-675d5fac36fc&nonce=7c85b4e1-d761-4f85-b778-310b76710c59
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=ddc9eb95-0ed8-4e5f-90fc-3f4f22df1c7a&scope=address+openid+user_name+profile+work_phone+org_name+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwNDBGLjA1NzUuREZBQS44RURCIiwiZXhwIjoxNTMwODE4NzY5LCJpYXQiOjE1MzA4MTUxNjksIm5vbmNlIjoiN2M4NWI0ZTEtZDc2MS00Zjg1LWI3NzgtMzEwYjc2NzEwYzU5IiwiYXV0aF90aW1lIjoxNTMwODE1MTY5LCJjX2hhc2giOiJhZ0Y0V1pIc2UxMGhkS3hqX3dReTZ3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiOFpXSGNSWDhaaUhrWElsbDZqMjNzdTl5TG03dkpUSnhmNTZHVkwxNG5iVSJ9.TkxA_HA79m8D0H3oU8bvsk67bJ3IAeogwFNlkBujUnWrVvYsZ7_ENiqRztBOC-6QV9Kx18dsghmEAhjSE0FeBRdjE5Ozs656WOxX-DjXVF3L_j_8NUimQsu-7RsFnBckTydv227BOHTj8Bb1SQMpP9zbpo8quQPyJtCuIqd9mQHgYKZLJl_YiURgFlL-YxsKyvec7Rl3xKRuSv-N3L-beLcsiz3ZYxEjwppdZkJFxake7C-_cgbyX_INiQ1D2p7rf2DcQYDqfpTWBjgH7yrv-Mm3BnDhKvXLVvX27F-y1Vv2luSXZnWEUaJbf0hFIbcsqGLey2Xr2xrIOWqKu2pFHA&session_id=5b68f4fe-7df0-4cca-8a6d-c2cfa954d73a&state=f9e1f45e-8631-438f-94af-675d5fac36fc&session_state=c2976b85-a9cb-4a7a-90e8-42f87d5d0e54
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMDQwRi4wNTc1LkRGQUEuOEVEQjpjYTQ4NGM4NS03MmNlLTQxMDUtYWJmMy03Y2IxM2FiNGUzNTg=
grant_type=authorization_code&code=ddc9eb95-0ed8-4e5f-90fc-3f4f22df1c7a&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"c45943ed-bdcc-457e-ba80-159eaf2dbf19","token_type":"bearer","expires_in":299,"refresh_token":"8c49eea1-c290-4a24-a3ae-20da8bef84b9","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwNDBGLjA1NzUuREZBQS44RURCIiwiZXhwIjoxNTMwODE4NzY5LCJpYXQiOjE1MzA4MTUxNjksIm5vbmNlIjoiN2M4NWI0ZTEtZDc2MS00Zjg1LWI3NzgtMzEwYjc2NzEwYzU5IiwiYXV0aF90aW1lIjoxNTMwODE1MTY5LCJhdF9oYXNoIjoiMlZ0UlZzRE5UNzRCVDVOR0hDSE9SQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjhaV0hjUlg4WmlIa1hJbGw2ajIzc3U5eUxtN3ZKVEp4ZjU2R1ZMMTRuYlUifQ.PxjNaRmoXzDrh9HyrksSWSGVpr9IeBBv3GZbS-5VUCE2PzD9HLqPN858K6C6ZX0lzYzw9gWr7ktXYmt30iBCNidxGIHQ0_38tvK8VTKd_PGPZ1VclK4DzEMJpY5T_y2q912OV81jJ9o18xivqmerW57T5aCc931ulLL1wr3_smVU2osi_jx4l1BLedJqNWWEzgQ8BUhHkxzcnPDBSqNQhIF1Gsirl0lvMzFnlwCRLEEH2GJW9eEGwx5vazKgBx31whHy5kxX3_t1ZHrxKKIuNidDN7k3M6LKdrZ3AD0ppmS1oVNJ2KhqyxTXYZlppk75exdxwMquVbR6AcDFSe6xqQ"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer c45943ed-bdcc-457e-ba80-159eaf2dbf19
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 690
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:26:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"8ZWHcRX8ZiHkXIll6j23su9yLm7vJTJxf56GVL14nbU","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org","org_name":"Gluu, Inc.","work_phone":["(512) 516-2413"]}
#######################################################
TEST: authorizationCodeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"scope": "openid profile address email phone user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1347
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DECD.F839.0F61.1251",
"client_secret": "de60dacc-2007-452a-a6ae-8f2f2bc218d0",
"registration_access_token": "5b44eda3-2322-43af-91ab-3a962d54743d",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DECD.F839.0F61.1251",
"client_id_issued_at": 1530815169,
"client_secret_expires_at": 1530901569,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email phone user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DECD.F839.0F61.1251&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=95270bd0-98ef-4ae0-ab2e-514f18900ca5&nonce=5a1d5907-c8b8-4d40-b25e-09d87a7d8c2d
14:26:31.349 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a3b5d587-e34e-47e8-afe6-1b087e581585
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DECD.F839.0F61.1251&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=95270bd0-98ef-4ae0-ab2e-514f18900ca5&nonce=5a1d5907-c8b8-4d40-b25e-09d87a7d8c2d
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=0aa6b675-dc77-4778-850c-cc1540553a46&scope=address+phone+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFERUNELkY4MzkuMEY2MS4xMjUxIiwiZXhwIjoxNTMwODE4NzcxLCJpYXQiOjE1MzA4MTUxNzEsIm5vbmNlIjoiNWExZDU5MDctYzhiOC00ZDQwLWIyNWUtMDlkODdhN2Q4YzJkIiwiYXV0aF90aW1lIjoxNTMwODE1MTcxLCJjX2hhc2giOiJ1UmJoRWdaNWFjMUVNVk1aZ2swQWtRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoibWdrY0JSX0ppS2gzVmlnSkhEbnNsdnhGcWlQRU1hakJzTy1naDRGREk1USJ9.VubslSKAJpO-vS-JrgxHnN2DJ91sfuqkrRMv3qhAyxwz0eaE0bGaSt5oqAzQmDdzAKcUCl5uEgP-DbTjytv_NDkvfdH9iiv6-BL1iiGmSnwL2NYTb78WWL4lmAd_J0eDGH3GpPF6mEhUirnz1FuXipG0lw0sBaYMKe2_EIsuyMQN3Z0t-FiYYYo8fmDv34ev156_4BEDYCVAZU4bvWW2CmkvayZt2khIeDKahQMkLZAtAzHAZIJO_8VA3772ie1Cl4Y09_4nCk5QFrYMTHRtZLC2MTsNngtB7-aLqaKIIm7A4-U9AelWD5vPk96Q47xtQ2arvSHPGwsoJQiimhCSYA&session_id=8c847785-6c8b-4add-a984-d8f01dc40898&state=95270bd0-98ef-4ae0-ab2e-514f18900ca5&session_state=a3b5d587-e34e-47e8-afe6-1b087e581585
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghREVDRC5GODM5LjBGNjEuMTI1MTpkZTYwZGFjYy0yMDA3LTQ1MmEtYTZhZS04ZjJmMmJjMjE4ZDA=
grant_type=authorization_code&code=0aa6b675-dc77-4778-850c-cc1540553a46&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"8eb99fde-d495-48bd-87a0-cdfb967ae9ba","token_type":"bearer","expires_in":299,"refresh_token":"c922bd32-a144-4c77-9c2e-5cbfe652856c","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFERUNELkY4MzkuMEY2MS4xMjUxIiwiZXhwIjoxNTMwODE4NzcxLCJpYXQiOjE1MzA4MTUxNzEsIm5vbmNlIjoiNWExZDU5MDctYzhiOC00ZDQwLWIyNWUtMDlkODdhN2Q4YzJkIiwiYXV0aF90aW1lIjoxNTMwODE1MTcxLCJhdF9oYXNoIjoiMGFFa3JkX1lHSlFNOG1lckZONXBzQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Im1na2NCUl9KaUtoM1ZpZ0pIRG5zbHZ4RnFpUEVNYWpCc08tZ2g0RkRJNVEifQ.NsdzPHJO9t0oXZfGsg1b88SbUKydK3LpJ4qHwZSfd4GUXpP8r-QDy3BFVNpUGmykBtoU0gIukPnXQTfOSbwCtP_texRfh3jahMtTLzIN6J0_zBgoNjZV2RcfDVJR9ZJ-9ncPRSG5xp08MxUzoXgZVL4Z8vUlyEMwA0HK3BEvuPipdaslJnV9lYdoqhtbY0N6Rl9EqAxAFKiCDEmomP2TYbw2nEaHyoyuEXkVzpE36SNQ669_sVIvwXeW_gJGSst-0ZayK12ZdRX40NPiixkuNfVu601PFCWlzMG8oGg6TDEE6XKiCzaBCdzGd7k1GBh_8fQWvSpF3hjz776tTPwkhw"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghREVDRC5GODM5LjBGNjEuMTI1MTpkZTYwZGFjYy0yMDA3LTQ1MmEtYTZhZS04ZjJmMmJjMjE4ZDA=
grant_type=refresh_token&scope=address+phone+openid+user_name+profile+email&refresh_token=c922bd32-a144-4c77-9c2e-5cbfe652856c
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 204
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"49c6001c-9454-4a2f-897c-49a86fb49204","token_type":"bearer","expires_in":299,"refresh_token":"6bc33a75-ec1b-496f-9217-162b679c0637","scope":"address phone openid user_name profile email"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 49c6001c-9454-4a2f-897c-49a86fb49204
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 695
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:26:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"mgkcBR_JiKh3VigJHDnslvxFqiPEMajBsO-gh4FDI5Q","phone_number_verified":true,"phone_number":"(512) 516-2413","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: authorizationCodeFlowLoginHint
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"scope": "openid profile address email user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1341
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6847.AF78.BFFF.0157",
"client_secret": "a7ec46ff-bdd2-4bfc-99cf-57983421eb0b",
"registration_access_token": "fc07e0ed-000b-41b0-8848-6e454077d744",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6847.AF78.BFFF.0157",
"client_id_issued_at": 1530815172,
"client_secret_expires_at": 1530901572,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216847.AF78.BFFF.0157&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=481a187f-becd-46b2-8d1c-4fb4f463bd4a&nonce=a08b6c57-75a9-4bbf-b895-7b90a2a44ebf&login_hint=test_user
14:26:33.598 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b2d5b41c-25e7-4fea-9624-7e6f8d45425a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216847.AF78.BFFF.0157&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=481a187f-becd-46b2-8d1c-4fb4f463bd4a&nonce=a08b6c57-75a9-4bbf-b895-7b90a2a44ebf&login_hint=test_user
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=3d17527e-a5e6-48bf-80ca-b2ad9feef0ae&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2ODQ3LkFGNzguQkZGRi4wMTU3IiwiZXhwIjoxNTMwODE4NzczLCJpYXQiOjE1MzA4MTUxNzMsIm5vbmNlIjoiYTA4YjZjNTctNzVhOS00YmJmLWI4OTUtN2I5MGEyYTQ0ZWJmIiwiYXV0aF90aW1lIjoxNTMwODE1MTczLCJjX2hhc2giOiJDbDc4M3djUEZyNWh5QTd2WmdQdG1RIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiVnIzT3k1OGZ6UG5SZWIxd203NHowSUZLV3l3V05ZY212bHFTUmhTakVGWSJ9.PuDTvspH6vlA-toBNpVIICoH2FH46CR1kmm25TaACC_PHKom71TxtSeLwiZhYyzxNHjZ_e_VTpf-yKmcZsYQsrUkU6KpqtgOiY2el0HVj3sbuWvv-l3JlI1iyJhaCKFJ3VXtk7agz3NPI-n973OidP_H-usJR9p-BmY4o1iShuRgG6uyNcl9g3w5F3VRgxTlq3Qm3kMHig2CfU4mv5w-_NHMhDP4V57x_kR4tHwMN7EA5hdaEOxD03Fdk0fbwuJUlNr3bA9CMFXYOepmHcg0qMW24ByF7GrvFQVM__F_K4La6-46AJqscjhVS0Nd4ZW9VNlql1igtNQ96BBPSYl1dw&session_id=0d0794ce-bd1c-42c6-9c7d-0df6875c4c80&state=481a187f-becd-46b2-8d1c-4fb4f463bd4a&session_state=b2d5b41c-25e7-4fea-9624-7e6f8d45425a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjg0Ny5BRjc4LkJGRkYuMDE1NzphN2VjNDZmZi1iZGQyLTRiZmMtOTljZi01Nzk4MzQyMWViMGI=
grant_type=authorization_code&code=3d17527e-a5e6-48bf-80ca-b2ad9feef0ae&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"aa370452-dae0-415f-ae79-c765d1925b3f","token_type":"bearer","expires_in":299,"refresh_token":"764368d7-feb2-4df3-8d1f-7907126b3562","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2ODQ3LkFGNzguQkZGRi4wMTU3IiwiZXhwIjoxNTMwODE4NzczLCJpYXQiOjE1MzA4MTUxNzMsIm5vbmNlIjoiYTA4YjZjNTctNzVhOS00YmJmLWI4OTUtN2I5MGEyYTQ0ZWJmIiwiYXV0aF90aW1lIjoxNTMwODE1MTczLCJhdF9oYXNoIjoibGRDWGtlemdZaDZDcmk2enZnZ1BTUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlZyM095NThmelBuUmViMXdtNzR6MElGS1d5d1dOWWNtdmxxU1JoU2pFRlkifQ.stlEQtlLapmGCvuG4AgdYRGgQsZjRA6piy_oMlb5hh61gGuo1MBlJTcZ_1oDmZyznhkBBNNVl1RusnFRgSEup8U88kOHQdnouSPcolZIwZP0NJg9U_Z68wjADPXTscqHR5iAxfdrdTWEtMwACokn1Pj74GK791Suol82U61XVhJofp0nE1w7wLfuC8PSlgK0_g5RMmv_jErT3D6aWcAOpypUYyV6QIvSbe3N1e2f1r9wqY4QbbMuEothNdXz5rArLX-tpsVaM_BA2-Bo1wivlikwR0a_AB5cySCnZD1cd2ta00NvIXW_Z3e083X_mWaeUVmT5nqHdsT1KR8bfcWSVg"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjg0Ny5BRjc4LkJGRkYuMDE1NzphN2VjNDZmZi1iZGQyLTRiZmMtOTljZi01Nzk4MzQyMWViMGI=
grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=764368d7-feb2-4df3-8d1f-7907126b3562
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"bebab1e1-6294-4747-b7db-9377ab3a5e1c","token_type":"bearer","expires_in":299,"refresh_token":"c6b7fbc0-41b9-4748-920f-979df1503673","scope":"address openid user_name profile email"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer bebab1e1-6294-4747-b7db-9377ab3a5e1c
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:26:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"Vr3Oy58fzPnReb1wm74z0IFKWywWNYcmvlqSRhSjEFY","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: authorizationCodeFlowWithOptionalNonce
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7645.B78B.28F7.0ED3",
"client_secret": "f2257b3f-3725-43e3-ad78-15fec791f2ef",
"registration_access_token": "9b175b5a-005e-473b-bc04-4d98d5680686",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7645.B78B.28F7.0ED3",
"client_id_issued_at": 1530815173,
"client_secret_expires_at": 1530901573,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217645.B78B.28F7.0ED3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=af417847-b53a-4552-adc8-3ea1052e0ded&nonce=a8f70c4b-77d7-4832-870a-368017a91372
14:26:35.430 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:5371d7f8-7aa0-4698-9225-068548dd3a73
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217645.B78B.28F7.0ED3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=af417847-b53a-4552-adc8-3ea1052e0ded&nonce=a8f70c4b-77d7-4832-870a-368017a91372
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=77c1b933-c508-4ff2-86d7-df453de62843&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3NjQ1LkI3OEIuMjhGNy4wRUQzIiwiZXhwIjoxNTMwODE4Nzc1LCJpYXQiOjE1MzA4MTUxNzUsIm5vbmNlIjoiYThmNzBjNGItNzdkNy00ODMyLTg3MGEtMzY4MDE3YTkxMzcyIiwiYXV0aF90aW1lIjoxNTMwODE1MTc1LCJjX2hhc2giOiJLZlpXczRTdnJlMlZwZDZQa2tQeGtBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiNTgzNDQ3VDM2Wnp0SUhLUHFSWk1BYmxzdUhqSWdLbmdvcUNUaEVkNEVicyJ9.QhegU81j5MoAu8gtiNq6LI0h3Z7oKRzYBraq6r6HU8S5ow4xRpqJ0IXNFEC4S6M3ImjYddsoyUk5Ag535bnXrQKVmhHbeyw6TY9v85Z0OFT750Akd_psDG4I4MUSfckQIxObZ27tMkChwAWZq918c777o3SkFjwJDEWc_DXp0GJqvFAS0EuzhbaufD8amSf7-H5-IB-qtnOF1pWOv18Ataw7-KqHNX-OkwHlPcsldf5Cu9spC9FEzydPP3cKKjWZT00TIKzs1xwqQkCTYJuIUUfJr9mP1YaKimsZB_o0BtkSqQh7l8XIVNgXxO82sKA1h5KxWt_45Qg4tUZCSWpSLA&session_id=2f2a15f7-c614-499a-9e0c-53628dd877d4&state=af417847-b53a-4552-adc8-3ea1052e0ded&session_state=5371d7f8-7aa0-4698-9225-068548dd3a73
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNzY0NS5CNzhCLjI4RjcuMEVEMzpmMjI1N2IzZi0zNzI1LTQzZTMtYWQ3OC0xNWZlYzc5MWYyZWY=
grant_type=authorization_code&code=77c1b933-c508-4ff2-86d7-df453de62843&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"4d22b6d7-8052-40e4-9451-3e47fc4e61f4","token_type":"bearer","expires_in":299,"refresh_token":"caac8e40-f86d-4104-aecf-c0db678998ae","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3NjQ1LkI3OEIuMjhGNy4wRUQzIiwiZXhwIjoxNTMwODE4Nzc1LCJpYXQiOjE1MzA4MTUxNzUsIm5vbmNlIjoiYThmNzBjNGItNzdkNy00ODMyLTg3MGEtMzY4MDE3YTkxMzcyIiwiYXV0aF90aW1lIjoxNTMwODE1MTc1LCJhdF9oYXNoIjoiSngwN3VNV3hodHY5NGZmQlY1M3lOQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjU4MzQ0N1QzNlp6dElIS1BxUlpNQWJsc3VIaklnS25nb3FDVGhFZDRFYnMifQ.N7-TUo_jn_Lm2Dx2LkH26-I0pJfzV-NRD0xU2dMN07SM4ZwesWZk4VDwupgj4vawsvKjFSmh7jSwXMA0xjgaMspcBt_grWp-Os2QHF6gEe70QxaWBQiFEc022UKVH5ti08y84EY3SRt9prEXcONjXI-E4iuKBZySInk-4yMZ4lb51KiirDhxo76PbdQo7jWVXieCXT1D6TG1kQd0iQON9PO1ny3G-OjyprWowmfsWHI0FSBhgZRemPoUO1yXYTcdLTQULcWfx_tO_Q__PzGgdbwygE36B5-zKPPPrT1QNsVVP6ZqD5uCmaxHnw1VEXHRHU-vSSqNuAnQ2lZ8K5jF7A"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNzY0NS5CNzhCLjI4RjcuMEVEMzpmMjI1N2IzZi0zNzI1LTQzZTMtYWQ3OC0xNWZlYzc5MWYyZWY=
grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=caac8e40-f86d-4104-aecf-c0db678998ae
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 188
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"4747b85e-6688-4014-bf1f-a55b6cf21103","token_type":"bearer","expires_in":299,"refresh_token":"3f8d841f-aded-44ce-a1f5-fba883a588a2","scope":"address openid profile email"}
#######################################################
TEST: authorizationCodeWithNotAllowedScopeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"scope": "openid profile address email user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1341
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A811.EC02.2A01.8FBF",
"client_secret": "908b2f4b-cf56-493a-a582-63a0291c838f",
"registration_access_token": "f18cba0b-3d32-4779-8db0-dc3f4e799646",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A811.EC02.2A01.8FBF",
"client_id_issued_at": 1530815176,
"client_secret_expires_at": 1530901576,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A811.EC02.2A01.8FBF&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5b31b78d-ebb3-46cb-85af-1fb7d60b8b28&nonce=0139e4e3-871b-43ab-992e-f91cf2cdb237
14:26:37.485 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:1d47fbc3-4ed1-4e7c-9bf2-27e42600c8aa
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A811.EC02.2A01.8FBF&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5b31b78d-ebb3-46cb-85af-1fb7d60b8b28&nonce=0139e4e3-871b-43ab-992e-f91cf2cdb237
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=e0eeea9d-2b67-4052-88cf-e750b0e1e9a4&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBODExLkVDMDIuMkEwMS44RkJGIiwiZXhwIjoxNTMwODE4Nzc3LCJpYXQiOjE1MzA4MTUxNzcsIm5vbmNlIjoiMDEzOWU0ZTMtODcxYi00M2FiLTk5MmUtZjkxY2YyY2RiMjM3IiwiYXV0aF90aW1lIjoxNTMwODE1MTc3LCJjX2hhc2giOiJ5d0dKSll0YWVPNHYxdXJPMTd3WjN3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiOV9zeDM1NHc5bHRfTUxJanpWVFd2TVlzTV81QUN5b2dvNkcxbXdpV05CRSJ9.A7siZf_Xc1kOFLuqnCzcFicQn7ADmioslkWhCulGL-NTGt1yIewdZC-B0NH6nwPliZH7BtbSld1LrXLukRmyzFWDbHf0H56y-8xR45NgS9fjM6R4ZLJXttnLC0ZI_1HJ-1MC2mmGAyAqnomUGJ4t9II_I2Xs9zV5rBX1u18yKvnTtIXt3Y8zPCWa-sbcdHZ2Z_pEE-j8ABka3E2k0e2Q7dnw7LyLZ3VL0mdbfABzrs27AEaNtsbRcWfvUEbZp6nkvFfi6T3CWTL-g_m9BEu4Zsp8gTjXMrF55f7Nx_ayx-MIOF8PWEvsQXt1ErpTr_97vBrzHx6tuSK6lldg728k3g&session_id=53d5df0e-8470-46a4-96c8-be337fd84b41&state=5b31b78d-ebb3-46cb-85af-1fb7d60b8b28&session_state=1d47fbc3-4ed1-4e7c-9bf2-27e42600c8aa
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTgxMS5FQzAyLjJBMDEuOEZCRjo5MDhiMmY0Yi1jZjU2LTQ5M2EtYTU4Mi02M2EwMjkxYzgzOGY=
grant_type=authorization_code&code=e0eeea9d-2b67-4052-88cf-e750b0e1e9a4&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"e12a406e-0f41-4ecd-9407-6daf5d4141ca","token_type":"bearer","expires_in":299,"refresh_token":"94715fae-2c36-4def-a125-6cc0c5367ee6","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBODExLkVDMDIuMkEwMS44RkJGIiwiZXhwIjoxNTMwODE4Nzc3LCJpYXQiOjE1MzA4MTUxNzcsIm5vbmNlIjoiMDEzOWU0ZTMtODcxYi00M2FiLTk5MmUtZjkxY2YyY2RiMjM3IiwiYXV0aF90aW1lIjoxNTMwODE1MTc3LCJhdF9oYXNoIjoiNDdyNXJYeUdEQkxsVS1MQkZtcEtfdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ijlfc3gzNTR3OWx0X01MSWp6VlRXdk1Zc01fNUFDeW9nbzZHMW13aVdOQkUifQ.RKFrt0ODW4BvqvLzYRBhV8SpDpPLoWA8MCy9AeQzKyOjqNEGcbXUveaTZExd-gUQI6TqD-EughKpiJqimK4FsKvKTIFkC6IpZc8BnUHwlTwrwY6GoCJik_HiAE37M3yh6judoZZUvG2p29BZRhM25DFczExxO5OKevAizlNTRnI7j2bySCOOBxqE_URA0DSeSV6xUI_DFRQCMqna6HqgGPB2W_bEtDwV3Lxz2NgxcLAHFuqu_SLuuPBT-LCSsk_Kgne1O9_wOwmOE13PLE55gZ0j-W9dXIYYT-TZV1xzV0-cFSpKo64I-n2-xox3NLBVsgUlMenI2gqJ_JnPz0wBEg"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer e12a406e-0f41-4ecd-9407-6daf5d4141ca
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:26:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"9_sx354w9lt_MLIjzVTWvMYsM_5ACyogo6G1mwiWNBE","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: revokeTokens
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B028.F367.6D1D.35CC",
"client_secret": "48b77abc-b878-4d94-bbf5-518be01e7269",
"registration_access_token": "a56c991a-35f2-48e0-89e2-d8f9927bfa48",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B028.F367.6D1D.35CC",
"client_id_issued_at": 1530815177,
"client_secret_expires_at": 1530901577,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer a56c991a-35f2-48e0-89e2-d8f9927bfa48
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B028.F367.6D1D.35CC",
"client_secret": "48b77abc-b878-4d94-bbf5-518be01e7269",
"registration_access_token": "a56c991a-35f2-48e0-89e2-d8f9927bfa48",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B028.F367.6D1D.35CC",
"client_id_issued_at": 1530815177,
"client_secret_expires_at": 1530901577,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B028.F367.6D1D.35CC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4fce8b8e-d921-42f0-b95c-fa5ec57c5f09&nonce=8107ef0d-0604-4f1c-9bdc-79d071bd6e67
14:26:39.304 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:06404e22-a04d-4114-abbc-5944ed50ce79
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B028.F367.6D1D.35CC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4fce8b8e-d921-42f0-b95c-fa5ec57c5f09&nonce=8107ef0d-0604-4f1c-9bdc-79d071bd6e67
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=524b7ef7-b87c-4528-a6f1-49e0eaaf9039&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCMDI4LkYzNjcuNkQxRC4zNUNDIiwiZXhwIjoxNTMwODE4Nzc5LCJpYXQiOjE1MzA4MTUxNzksIm5vbmNlIjoiODEwN2VmMGQtMDYwNC00ZjFjLTliZGMtNzlkMDcxYmQ2ZTY3IiwiYXV0aF90aW1lIjoxNTMwODE1MTc5LCJjX2hhc2giOiJqSnFnTTdHaGVuYVB5Yk1ubUM4VTdBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiWWJZYmk2TzZheW96dG8wRkZGUUVjUXRseHhIWVp4UEpfdFhOZ0w1YlU1cyJ9.Efg52bf2X-IOkQE7hVFePtbDyjD337skH7OSSWOsEpz-pGVBpBeVNv6vuZf6g-kR3B4iM2LpQMX7cCu1W29Xp5sm_qBfwhlZn1l3DlK2bbkjTqDjuJln2RcZ6dFjUHbXMjNCOkdeGLRZo8zCr_imiV4wW-Y1pX47CHPFD0n-IEcwdYHN8_cnkjQnSdUGuL2a5SjeHdI7CT37OAzAh2kxrT4psj8_M54ipJp3Xf20_-a7UuyJneDfk87BxvlX3KsY0mpwNisITXv1SgATWuQ8iX7c8UU5iCKAIheN_ZdVpVeuwynCgvaqelEBaYER_8MQ4Gz2DKZSJklnMaXXaD2Ivw&session_id=12adf55a-13f9-4ff5-b3cb-d524ec7314ce&state=4fce8b8e-d921-42f0-b95c-fa5ec57c5f09&session_state=06404e22-a04d-4114-abbc-5944ed50ce79
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQjAyOC5GMzY3LjZEMUQuMzVDQzo0OGI3N2FiYy1iODc4LTRkOTQtYmJmNS01MThiZTAxZTcyNjk=
grant_type=authorization_code&code=524b7ef7-b87c-4528-a6f1-49e0eaaf9039&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"78909c40-2ab3-47ae-ad8b-b21c9ef3b7f7","token_type":"bearer","expires_in":299,"refresh_token":"14f130f6-8591-4858-847d-974b21c072e0","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCMDI4LkYzNjcuNkQxRC4zNUNDIiwiZXhwIjoxNTMwODE4Nzc5LCJpYXQiOjE1MzA4MTUxNzksIm5vbmNlIjoiODEwN2VmMGQtMDYwNC00ZjFjLTliZGMtNzlkMDcxYmQ2ZTY3IiwiYXV0aF90aW1lIjoxNTMwODE1MTc5LCJhdF9oYXNoIjoiMDhBdVlJNTNkTjlWWHl4MldlMzhIQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlliWWJpNk82YXlvenRvMEZGRlFFY1F0bHh4SFlaeFBKX3RYTmdMNWJVNXMifQ.qavH1lcuzh9nG3THhHDUp4jlNICmtYa-2Lf1cTfFsrMqJiLVvT7_3UJsbKuj-KAdFTOYYLCOQIhXwo2qh0m3bHyM1PiE1h-9rg0VDJrtWKkIzfzwLUwbbUpL4QryUmfm146ZgkkMjo816A1Bu6aE_kyQuY0VcpvvRNY4IFKsKye3f588Q11ZY1HxByhWD6tnDpoKaZufxdogS7Gz7YKIu0Fa1Su52PcQVw1JozfzqsC3K4lDrkfdI9swKFy-GGss_4T-NoCVCx3Q1uwEfIZpUi1Y2qpaVCzXr37zaUc6RbvEP80gE-zr36kZaMcxpGMrrV99tzPoeJNfZsqEW3Jriw"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQjAyOC5GMzY3LjZEMUQuMzVDQzo0OGI3N2FiYy1iODc4LTRkOTQtYmJmNS01MThiZTAxZTcyNjk=
grant_type=authorization_code&code=524b7ef7-b87c-4528-a6f1-49e0eaaf9039&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 213
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:19 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQjAyOC5GMzY3LjZEMUQuMzVDQzo0OGI3N2FiYy1iODc4LTRkOTQtYmJmNS01MThiZTAxZTcyNjk=
grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=14f130f6-8591-4858-847d-974b21c072e0
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 213
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 78909c40-2ab3-47ae-ad8b-b21c9ef3b7f7
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 203
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:19 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:26:19 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:19 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D25E.A333.13BB.FD6D",
"client_secret": "e29b15ca-add5-4aa6-8079-ecd11a92df62",
"registration_access_token": "54af6290-1e64-43bf-9c55-65526b3f0358",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D25E.A333.13BB.FD6D",
"client_id_issued_at": 1530815179,
"client_secret_expires_at": 1530901579,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D25E.A333.13BB.FD6D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4f94fbdc-d5c4-4afa-b3d9-851e36552eee&nonce=19b3c612-ac30-4b76-9be1-56e9cdc25925&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:26:19 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=b8a2ada6-1fd6-4ead-a4f6-90d01f4e0b9b&scope=address+openid+profile+email&session_id=a08d143d-4392-416f-b3e7-cb7b1a0586be&state=4f94fbdc-d5c4-4afa-b3d9-851e36552eee&session_state=352e80e4-0609-41b0-8fdf-faa9cb1dd1ab
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!900B.4A20.AC41.7FF9",
"client_secret": "26a66af9-a3a3-429f-b165-e6ea1cfc7421",
"registration_access_token": "3be9d79c-679c-4948-a7dc-1c4fc387727f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!900B.4A20.AC41.7FF9",
"client_id_issued_at": 1530815180,
"client_secret_expires_at": 1530901580,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21900B.4A20.AC41.7FF9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4a4ecc08-b02b-4337-bfe2-3e2c36fbe9b5&nonce=90b4f720-25a1-43c7-b665-976681add0ce&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:26:20 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=d413aff0-3f70-48cd-8618-6e93387f8729&scope=address+openid+profile+email&session_id=766c2722-8614-422c-99f0-3134c2fa0a0f&state=4a4ecc08-b02b-4337-bfe2-3e2c36fbe9b5&token_type=bearer&session_state=77b7ebad-2ab4-4074-a8ba-53582af429bc&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E2B3.B665.9C1C.157B",
"client_secret": "abfd83bd-82c1-43ac-8125-57a91555cffd",
"registration_access_token": "8208cfc7-6792-4b45-93ad-1c0c68d84790",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E2B3.B665.9C1C.157B",
"client_id_issued_at": 1530815180,
"client_secret_expires_at": 1530901580,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E2B3.B665.9C1C.157B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bba77ca2-e1c8-43b5-acee-596c199a8cd7&nonce=603cf25f-f3a1-4d0c-81be-43cb999e1d72&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:26:20 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMkIzLkI2NjUuOUMxQy4xNTdCIiwiZXhwIjoxNTMwODE4NzgwLCJpYXQiOjE1MzA4MTUxODAsIm5vbmNlIjoiNjAzY2YyNWYtZjNhMS00ZDBjLTgxYmUtNDNjYjk5OWUxZDcyIiwiYXV0aF90aW1lIjoxNTMwODE1MTgwLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJqd1RXLXR4VXZtR1pXdERRM1JKN0dLUERaUS1NMlZQRTB5VW5WeUNlOTRvIn0.QXXINBokspjfiG2bb4CLqbcZpf4jbLYySOR3shrWYB_CCoCjImVzKhSqMldUngOU5riDGnu3U_xlJL_E0cdwHyCDP_OaHeOp4qm6K1CCsZPEu4uncwPJJhiYJws0GK4IU3nqLiiHiQReetzwFju5skmmB6wvcdT5WExA8PnTqFYmIKjmXoVlU1sSVkmMo1ag5izvl14ilhAgmennwqwS1527raf_ID9uvv9Xorsn47fQSWhNbAeY-sl9wSURMdVZ3nRL8mq1sbe6heydzYsD27iNB87qZritK1e3Gz7ZDKX_O7Ny_Eu5QFCWv3r4wrd6Jv6TuOXNjoyCC640EMnsUw&session_id=04b700da-2df4-44b4-8dbe-21a44985944a&state=bba77ca2-e1c8-43b5-acee-596c199a8cd7&session_state=7d00958a-9872-484a-9b6f-abf82035c252
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2B88.EFBE.38E3.C60B",
"client_secret": "a6f6fdd4-5965-4f02-a3ba-ac30ba17f8b8",
"registration_access_token": "01629827-aa39-4515-a787-8df27501c411",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2B88.EFBE.38E3.C60B",
"client_id_issued_at": 1530815180,
"client_secret_expires_at": 1530901580,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212B88.EFBE.38E3.C60B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=28b058ea-caf2-48b1-b460-1549740cbc77&nonce=f6a53322-6672-4c83-9d6a-5817ee0ca92a&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:26:20 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=315c151e-d3f9-4b6a-8100-b3bd935196e1&code=a0b1c462-d2d2-4777-b0a6-ef103d94c41d&scope=address+openid+profile+email&session_id=995fb1a9-ec2f-4d59-b50b-c72946d6e0ef&state=28b058ea-caf2-48b1-b460-1549740cbc77&token_type=bearer&session_state=727689f4-2b3f-40c6-9e4f-72e811a609ee&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2049.3052.CB39.E5A1",
"client_secret": "6c90195f-653b-40ac-a2f5-586eb5821b32",
"registration_access_token": "2677f92b-d859-467f-809e-4a48ad284b03",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2049.3052.CB39.E5A1",
"client_id_issued_at": 1530815180,
"client_secret_expires_at": 1530901580,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212049.3052.CB39.E5A1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b9eb2584-e347-4f3a-8681-59a265a5c819&nonce=3ef0b184-7851-4b35-8c48-b7d9b35a1d56&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:26:20 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=67ed3a7a-ab73-4072-9425-c2a639685d54&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyMDQ5LjMwNTIuQ0IzOS5FNUExIiwiZXhwIjoxNTMwODE4NzgxLCJpYXQiOjE1MzA4MTUxODEsIm5vbmNlIjoiM2VmMGIxODQtNzg1MS00YjM1LThjNDgtYjdkOWIzNWExZDU2IiwiYXV0aF90aW1lIjoxNTMwODE1MTgwLCJjX2hhc2giOiItU240cjcybV9jZ3VhYUxueFRzbE1RIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoieDhCOG92SkJYSmZoWllHTW9TMXRpUFQ5aE0xV1RSVHpKX3JtOXg0VGxwdyJ9.h46TSHdxNAAJMJpg6buHRI_BC7JqHLjnNW1DupHrgzcVN6zov5CbIRn02Y5FUdDdCtL6VsBbg8S4JiCS-aFEcB1dPLfQwl1Vvpb6eT1z2-1jjsEj6YTcBIR2T-yCaLyxcafyIa9uTmyXXOYHWK2Popxa6mwVgxUmS_e7uHhS-Urm-oNDIh_k_g9pzdr3DOSoPjtAoCBuSoerXrfcxRsUC2sgo6orVz6mo7Pn2TefaJlC5Sw-x9TCmtUsXB0metadtGiKUJOoov5C_pkgxPoPijE9BF6D3Ust9XRwXdsUgf0XtI-o0wAr3IXi8JwHk2JHkO9-F6pX4EPl_FlI0a7FdQ&session_id=8733dbce-3a13-4f53-bd18-5208bbc48094&state=b9eb2584-e347-4f3a-8681-59a265a5c819&session_state=8781f1f7-7faa-4eed-ac06-95a9d06b40bf
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F864.3303.4310.1FC6",
"client_secret": "6cae0627-f2de-4633-9d39-6355d089b8b1",
"registration_access_token": "3be60d23-f24e-4791-973a-d0ed5553fc16",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F864.3303.4310.1FC6",
"client_id_issued_at": 1530815181,
"client_secret_expires_at": 1530901581,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F864.3303.4310.1FC6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5acf9f3f-6397-4e34-b09f-fa6c4c14995a&nonce=e18263ac-7558-4172-9b0e-73cdf056df3f&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:26:21 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=c81aba35-6d35-460e-af7e-66ab3b714fb5&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGODY0LjMzMDMuNDMxMC4xRkM2IiwiZXhwIjoxNTMwODE4NzgxLCJpYXQiOjE1MzA4MTUxODEsIm5vbmNlIjoiZTE4MjYzYWMtNzU1OC00MTcyLTliMGUtNzNjZGYwNTZkZjNmIiwiYXV0aF90aW1lIjoxNTMwODE1MTgxLCJhdF9oYXNoIjoiY0hsZEU1cjJDSnUya2F2TVhzamI3ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImFqTjJoZFlEZHIwZU9sUHBkRFNKb25zMFh1VHMxSUt3UkpEMmplelVzTTQifQ.ptao-7pDJialxBxUJbef-oTVS3wtaaMPzhlfAAQ6N2GlSitymbfdzs59EvB61oowoQLl1ZxE0JNH_psyVcdk6CJSAQqlHDEaHhUjJBHebnI-O1lQ-Za5fZzSi5HXx0KMAjqj-92775FhxDLZDmeifHJCsW7JXaEkapwtihTDlh2ppm3tA9vG48f3Gfh14Feic_ldUTR9fszfi_sB_Ktx3qWdCC8oVS1KScLiq14xhk-_vG13aWHyd1km3KBb8zSAmMKHkYH1EMi2JFY1YcKzpHdlJ4qZEo-yF_oGu6rA0qNJg8eRdYRfQSXzsaeW54hcxPai3lRX4Yzj4TqN-dkQxw&session_id=52db7a2f-8b43-47e6-89b2-52aee9a006fc&state=5acf9f3f-6397-4e34-b09f-fa6c4c14995a&token_type=bearer&session_state=47ac8803-d843-4d7b-b858-1a067694cbfb&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2019.26B4.E67F.1921",
"client_secret": "b34bebd4-7b54-4242-a9ba-86d1de8a43c8",
"registration_access_token": "51fdfb8b-c328-4638-8cae-0bd2d55b6d8f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2019.26B4.E67F.1921",
"client_id_issued_at": 1530815181,
"client_secret_expires_at": 1530901581,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code+token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212019.26B4.E67F.1921&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3891c0a2-4f27-49d2-a85c-ea22b76b25ee&nonce=1a5dce1a-3eed-4fef-9e04-581a510f91d4&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:26:21 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=06a32636-c9c7-4aee-b84a-d33717a93fd2&code=e57321bc-a6e4-456d-a8e1-abc7c4572b5f&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyMDE5LjI2QjQuRTY3Ri4xOTIxIiwiZXhwIjoxNTMwODE4NzgxLCJpYXQiOjE1MzA4MTUxODEsIm5vbmNlIjoiMWE1ZGNlMWEtM2VlZC00ZmVmLTllMDQtNTgxYTUxMGY5MWQ0IiwiYXV0aF90aW1lIjoxNTMwODE1MTgxLCJjX2hhc2giOiI1dy1IdVV3aHFZRkZBZ19UM0JnU0FBIiwiYXRfaGFzaCI6IjNKdmVVdmRUTUF5WDAwZW5TRWJobWciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJKUS1TTXcwbUpsZG9rUHQ1N1I0X1Rrc01RZlBTdXpiRzhaaVM1azBJYWdrIn0.RAo2MgMk1b--XPv-ewRdK69Vhw7wHKFLjU62cv7iTKPjP3uEC3t0_0ulg1mfTdFSlL-kbh8zvakZ8J8VuSJk1hXcRp4dZ1QzNk6Ni09kEWLCM7XesN1qVorzXVPHfX56EwaJurbRv50_BFP7G5HOEhkqCAMCfkUUgide8bq00ZwIj-wxmx-qUeIpLb2qMB3X2Vgfl3xSO_NUao-ODJjPWIoVY7as-opeLh1VrW0GViwzaURgnQt4gyhv4a2cL5g8AWqIBlAyAS2AaWyy31VJ20-oRSQSgIJZe1FKNTNDMqQ5rdtRBZiGG_EKp14QK3dZfUwOCqwprFJJJCV1Zn73eQ&session_id=3c4363cb-f5a0-4f29-a46e-9337eeebc3ed&state=3891c0a2-4f27-49d2-a85c-ea22b76b25ee&token_type=bearer&session_state=0beb931a-b62c-4b21-b6cc-a418098bd2a5&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:26:21 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:21 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: defaultResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!38AE.491B.B9D9.68D9",
"client_secret": "6505b35b-da14-42cc-adee-ef433eac2ee0",
"registration_access_token": "113d66dc-abd1-48f5-bf24-47183631f395",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!38AE.491B.B9D9.68D9",
"client_id_issued_at": 1530815181,
"client_secret_expires_at": 1530901581,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2138AE.491B.B9D9.68D9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2d74699e-7030-4187-93ec-17e524c38de0
14:26:43.239 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:5a362db4-d603-4927-a3fc-d6fca9e94b54
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2138AE.491B.B9D9.68D9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2d74699e-7030-4187-93ec-17e524c38de0
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=43974070-3001-4e84-92cf-6e684676f5de&scope=address+openid+profile+email&session_id=008f38ea-d905-4081-b867-bea629809e2c&state=2d74699e-7030-4187-93ec-17e524c38de0&session_state=5a362db4-d603-4927-a3fc-d6fca9e94b54
#######################################################
TEST: defaultResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A034.89AC.916F.11D1",
"client_secret": "7f46a8b4-dd5f-46d5-85b7-235a179f35d3",
"registration_access_token": "3b507ed5-3c09-4c47-87d9-b10f481ffed6",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A034.89AC.916F.11D1",
"client_id_issued_at": 1530815183,
"client_secret_expires_at": 1530901583,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A034.89AC.916F.11D1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=19a33c54-2d60-4a20-964c-a36addb2d475&nonce=3801d5e0-0cd9-4220-8360-fa535ef78212
14:26:44.718 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:185f7d1b-4e78-4c0f-b988-8b78db4d0e2a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A034.89AC.916F.11D1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=19a33c54-2d60-4a20-964c-a36addb2d475&nonce=3801d5e0-0cd9-4220-8360-fa535ef78212
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=9f1f36ca-364d-41f5-944d-bfa31b3ff398&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMDM0Ljg5QUMuOTE2Ri4xMUQxIiwiZXhwIjoxNTMwODE4Nzg0LCJpYXQiOjE1MzA4MTUxODQsIm5vbmNlIjoiMzgwMWQ1ZTAtMGNkOS00MjIwLTgzNjAtZmE1MzVlZjc4MjEyIiwiYXV0aF90aW1lIjoxNTMwODE1MTg0LCJjX2hhc2giOiJBNWswLVA2X1NOOFVEZm5nbVU0aW9nIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoibklwMlZ0SHpETHVIZC1WRE9TZTBlZllJMnNBZnYwRl93QThIWDYxaFYyRSJ9.IHOz1joKyP4ehK4Gv-jIX94B8ZStx-wS1UMak0M-pueRExFoHrv45LnoWnNZGlZ-YHuU-D-xp7VG26P6VNvx1oTc5BOTIGGFMRMQoe8uMwgb4aGlMymLCFYoMDO3V3Bj_fjOSGJpaHGrDif1XXFlTPa2Yt94IQ_X4Pu6-xVxOp2uvxn1tRw0XLQqA3W5idijb0JcopyADvwv7n0A87Ku1q5it3bax60DHbI4BBJZ533_FZyUPP_O5u1IjhTf30ircBjsGZk2BnCKAq2dL8nLBnLAUR6Aq4HUg8FkB6KY-SPAFU5obpXqQbD3mzu2KaHZrPvNXB6UcH9zPnIBgXI5qw&session_id=1b84cdf3-1b0f-4ec9-879d-6f1139d588da&state=19a33c54-2d60-4a20-964c-a36addb2d475&session_state=185f7d1b-4e78-4c0f-b988-8b78db4d0e2a
#######################################################
TEST: defaultResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D1E7.1004.E2AE.5B86",
"client_secret": "dea58d03-935a-46f7-ac45-b8fda0ae554b",
"registration_access_token": "4c7c9cc7-b2f5-427b-b412-e92301a340fd",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D1E7.1004.E2AE.5B86",
"client_id_issued_at": 1530815184,
"client_secret_expires_at": 1530901584,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D1E7.1004.E2AE.5B86&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=008cff0b-f092-4c35-940b-8f878b4f1226&nonce=dd6aa713-590f-4680-a6dd-2ae6ea78cfd1
14:26:46.029 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b953018f-79cd-4aab-9c82-b13bf8b3d4ef
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D1E7.1004.E2AE.5B86&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=008cff0b-f092-4c35-940b-8f878b4f1226&nonce=dd6aa713-590f-4680-a6dd-2ae6ea78cfd1
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=d5ddc5eb-60d1-460f-9343-b079eff28103&code=5a4ee529-6fff-4c4f-93f8-8b22318adff1&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMUU3LjEwMDQuRTJBRS41Qjg2IiwiZXhwIjoxNTMwODE4Nzg1LCJpYXQiOjE1MzA4MTUxODUsIm5vbmNlIjoiZGQ2YWE3MTMtNTkwZi00NjgwLWE2ZGQtMmFlNmVhNzhjZmQxIiwiYXV0aF90aW1lIjoxNTMwODE1MTg1LCJjX2hhc2giOiJzalk4T0U5LTZQQXplOXZmYUkya1d3IiwiYXRfaGFzaCI6InlBemlSbEQySWExaFNVbnRTNndjbUEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJnYTZQWVRhMm5PTGV2RGlZRnI5T3JjdVZHNExzbjJIbkhJeEVpemR4dVFnIn0.RQOoovlO3Rl567nfMar1_Emrh8VxiG9ItabGHLbmKNM8X19ZJfrv81_3e8eQE-fEbhkYigvhPk4bo-szdpyUnXlhzx4TMZomTRWnFBMv6AdpWNSja6X9PuVrGl5Zr43xe7ePBOpDoLfPcFP4yfZhbkQmNAIkskWnzaUU_DGmhGUYNcwdKCY0Kd4_-26Q5mlBKEtjw0vIl6NHdjwBZT9T9Jv-GsoVJInkp1bh2rpgzmecRlctzO2YXu7_IOOY7x5VY5_9XX55OiE4iyUkgMyr8Z5MffkLSqXfWyr7mztb_29xe1fplYC_kl-lwnmzLCLp3QiC1Z-x5KAKIbrLR3dreQ&session_id=1c44efeb-9f64-40f0-bf8d-0264125adeaa&state=008cff0b-f092-4c35-940b-8f878b4f1226&token_type=bearer&session_state=b953018f-79cd-4aab-9c82-b13bf8b3d4ef&expires_in=299
#######################################################
TEST: defaultResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9413.D9B8.29EB.A4C8",
"client_secret": "7d7bd52d-626c-4149-9a54-10c470dd867c",
"registration_access_token": "de69969f-1c8c-4195-9b26-c49de43bce60",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9413.D9B8.29EB.A4C8",
"client_id_issued_at": 1530815186,
"client_secret_expires_at": 1530901586,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219413.D9B8.29EB.A4C8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2c7abb87-e4ed-4045-a74b-1750c5d55100&nonce=e7a98266-3756-4edc-bfde-64f56c0088d0
14:26:47.392 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:5b074dca-4be0-461a-8508-897d147c8441
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219413.D9B8.29EB.A4C8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2c7abb87-e4ed-4045-a74b-1750c5d55100&nonce=e7a98266-3756-4edc-bfde-64f56c0088d0
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=4e4fdca1-79ed-42d4-abe8-60a2841b38bd&code=67543f3f-d260-41a4-b9fa-67c4611b06bd&scope=address+openid+profile+email&session_id=f164b08c-1d3d-488e-8568-0ece760ba226&state=2c7abb87-e4ed-4045-a74b-1750c5d55100&token_type=bearer&session_state=5b074dca-4be0-461a-8508-897d147c8441&expires_in=299
#######################################################
TEST: defaultResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0289.65DA.DC77.8B19",
"client_secret": "5fecf8dc-af79-43f0-80d1-99eccdc71fd7",
"registration_access_token": "016a7ec0-77b0-4127-a15b-3fe4edce7263",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0289.65DA.DC77.8B19",
"client_id_issued_at": 1530815187,
"client_secret_expires_at": 1530901587,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210289.65DA.DC77.8B19&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=70060f83-0eed-4bfa-8ba5-9782f389b7b7&nonce=65479789-3154-4077-b8c8-a65939ddb530
14:26:48.744 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:c468ecc3-ce41-4df3-bc07-a1e0a92adef0
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210289.65DA.DC77.8B19&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=70060f83-0eed-4bfa-8ba5-9782f389b7b7&nonce=65479789-3154-4077-b8c8-a65939ddb530
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwMjg5LjY1REEuREM3Ny44QjE5IiwiZXhwIjoxNTMwODE4Nzg4LCJpYXQiOjE1MzA4MTUxODgsIm5vbmNlIjoiNjU0Nzk3ODktMzE1NC00MDc3LWI4YzgtYTY1OTM5ZGRiNTMwIiwiYXV0aF90aW1lIjoxNTMwODE1MTg4LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJfSG9IbVByV09KY2pZUUpmV1EtVnVRZi0wMlpaenBjNE9iWk5KZjYwX0ZnIn0.F_76SMtC7rwlnjVSAZogbPz-vD96R9rR-jmiYgJj4XI598S5ukpO1imkCCf87ZlfRgWwJs9DqydVS893kdmZsJ0JI7beVrfDj9DuH4yApZ45Plm7xPvU4RW54cEnOEku2IgeMsHN_ATolihesduW22Y-CLlshLjUi81UN2VWr0K24p3BqUCXqsGKNVTdQw5WYzyzrFA_Mo6Fwk4T6pRfxLxl141wzP98PNOKeASpZpYKXc8gOnB-6VKVNKjtPfa9swGuPra8jpMs7uUXQqXB3to1un10Q6UAoK1l1u23AvflMS9zuxcBgtfXIL9pRb5-pcxqSvuYi-8MJLqg9bk6HQ&session_id=b157281c-7303-43e6-b40d-d5975f2bf197&state=70060f83-0eed-4bfa-8ba5-9782f389b7b7&session_state=c468ecc3-ce41-4df3-bc07-a1e0a92adef0
#######################################################
TEST: defaultResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA27.884E.6A0C.2A02",
"client_secret": "8731b406-4ced-4cc3-974a-fb545b33ae7c",
"registration_access_token": "3eb9d579-ce08-4ef1-895f-c5272ec8d0cc",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA27.884E.6A0C.2A02",
"client_id_issued_at": 1530815188,
"client_secret_expires_at": 1530901588,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FA27.884E.6A0C.2A02&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0321df1f-d95c-45a3-95d9-f9379a9d92ad&nonce=c5b2838b-8c9a-4367-af35-83fe87364709
14:26:50.010 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4297eead-244b-459e-9df1-4511c0f2ae44
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FA27.884E.6A0C.2A02&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0321df1f-d95c-45a3-95d9-f9379a9d92ad&nonce=c5b2838b-8c9a-4367-af35-83fe87364709
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=88e6aa1b-a9d7-49fa-8481-d508dcc65c5a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGQTI3Ljg4NEUuNkEwQy4yQTAyIiwiZXhwIjoxNTMwODE4Nzg5LCJpYXQiOjE1MzA4MTUxODksIm5vbmNlIjoiYzViMjgzOGItOGM5YS00MzY3LWFmMzUtODNmZTg3MzY0NzA5IiwiYXV0aF90aW1lIjoxNTMwODE1MTg5LCJhdF9oYXNoIjoidXhoN3FWZzdVcmlhSGtidEJ3Z3Q2ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjctR2ZIVURIbEpHQnNrOEZjZVEtbTI4dlVqSmR1dnlnb20zdElYVEIwbFkifQ.f8oYoLvQLj_gOgMM0vGtUx39lzxo_orX2RU-3QdoDX1oEJw-ADbC5UxxDyXSr7MkKsmfBwdhJnoDYHEz0Wj4ySIjls69ym-PG96lGf915Q0hDTdfVLLkOjFE46-9G9A3LqgTTmgPu3ZBl5ht5AdDAxSrLKjx3eRNN2Puw6OyaAAg8vCjFCoKlR8OqtxYoM6jjr_1Ygy42EwX6impTyWP36pkpXY43bDjHAI9xuHrN3Cmi_F7_6bTk8eKgmB50rVRZ3eO9VBE-r-g6dG3UewjGBUlypGdBp34MUM-sw5E1SkxVnFzWL0Y8NPMgGwhOP5sfKmKlLGoESDBP91Om5xrYA&session_id=71a04a58-29f8-468b-af2b-2aa02124bb4f&state=0321df1f-d95c-45a3-95d9-f9379a9d92ad&token_type=bearer&session_state=4297eead-244b-459e-9df1-4511c0f2ae44&expires_in=299
#######################################################
TEST: formPostResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!112F.6940.2C31.A942",
"client_secret": "502204d2-77b6-482e-b809-508129621ca2",
"registration_access_token": "7147012e-f568-4a9a-a1dd-34a6bdaa8314",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!112F.6940.2C31.A942",
"client_id_issued_at": 1530815189,
"client_secret_expires_at": 1530901589,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21112F.6940.2C31.A942&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f15163fc-fce3-495a-a020-68befd02f9f1&response_mode=form_post
14:26:51.247 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:0a1d2d54-6960-4b9b-bec1-dfea96e1fb50
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21112F.6940.2C31.A942&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f15163fc-fce3-495a-a020-68befd02f9f1&response_mode=form_post
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm
#######################################################
TEST: formPostResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E6EC.725E.F4FA.8B97",
"client_secret": "563afbff-22cf-4e2b-bfd3-8367bde3cf03",
"registration_access_token": "e335ed42-dd9c-4f3a-a32a-9f2e6cf317cd",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E6EC.725E.F4FA.8B97",
"client_id_issued_at": 1530815191,
"client_secret_expires_at": 1530901591,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E6EC.725E.F4FA.8B97&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=49e02618-57ce-483c-b539-9beaff79de3a&response_mode=form_post&nonce=418c5e40-c9ef-4503-8381-9ff3ccb31ad9
14:26:52.497 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f820c2d7-3d5d-4555-b31c-ce958e852cd7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E6EC.725E.F4FA.8B97&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=49e02618-57ce-483c-b539-9beaff79de3a&response_mode=form_post&nonce=418c5e40-c9ef-4503-8381-9ff3ccb31ad9
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm
#######################################################
TEST: formPostResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:32 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BA10.CE5E.26F7.8076",
"client_secret": "4faac0cd-204e-46de-97f5-abbe441fd10f",
"registration_access_token": "734e2de6-2a42-4544-921c-f389faa49264",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BA10.CE5E.26F7.8076",
"client_id_issued_at": 1530815192,
"client_secret_expires_at": 1530901592,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BA10.CE5E.26F7.8076&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4d5666a7-f99e-4467-9fa1-864cf1f46edf&response_mode=form_post&nonce=f57bb3bc-d919-4fcc-98be-678ded802f88
14:26:53.778 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:6605462b-b9c7-49e2-bf19-8e9d6cc1364c
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BA10.CE5E.26F7.8076&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4d5666a7-f99e-4467-9fa1-864cf1f46edf&response_mode=form_post&nonce=f57bb3bc-d919-4fcc-98be-678ded802f88
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm
#######################################################
TEST: formPostResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B623.25D4.CEEA.2DBC",
"client_secret": "28dbf7b1-ab59-4688-abc7-a57f8d900690",
"registration_access_token": "59ec4ee9-9f8b-4cce-acd3-78826b26135b",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B623.25D4.CEEA.2DBC",
"client_id_issued_at": 1530815193,
"client_secret_expires_at": 1530901593,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B623.25D4.CEEA.2DBC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=04affbdf-07ee-441f-8fac-ea95a0f66d0e&response_mode=form_post&nonce=a4ea59d3-627f-418e-bac3-8a3eba4678dc
14:26:55.091 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:865276d3-8113-48ba-8f08-e9fd75f32528
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B623.25D4.CEEA.2DBC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=04affbdf-07ee-441f-8fac-ea95a0f66d0e&response_mode=form_post&nonce=a4ea59d3-627f-418e-bac3-8a3eba4678dc
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm
#######################################################
TEST: formPostResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EB1C.595A.39C5.65EC",
"client_secret": "f67f9e6b-ddd7-4968-b4ab-5c220736108b",
"registration_access_token": "392ee45e-3f39-412f-8f2b-252373b485fc",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EB1C.595A.39C5.65EC",
"client_id_issued_at": 1530815195,
"client_secret_expires_at": 1530901595,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EB1C.595A.39C5.65EC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7542f39a-0f9f-49fe-b872-1358be93ad7c&response_mode=form_post&nonce=7362638f-d838-4607-8622-3d55e5b8dd83
14:26:56.458 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b21422aa-30c0-434e-822c-d98af70a2770
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EB1C.595A.39C5.65EC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7542f39a-0f9f-49fe-b872-1358be93ad7c&response_mode=form_post&nonce=7362638f-d838-4607-8622-3d55e5b8dd83
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm
#######################################################
TEST: formPostResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!21D8.EAD3.94F1.9B87",
"client_secret": "046b4d41-46c8-4b59-a89c-75515c0f1be4",
"registration_access_token": "9896ddcf-7b91-4a14-b71f-01ca325e0fa0",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!21D8.EAD3.94F1.9B87",
"client_id_issued_at": 1530815196,
"client_secret_expires_at": 1530901596,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2121D8.EAD3.94F1.9B87&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3af1bef3-16ec-416c-bc7a-ece993b561ec&response_mode=form_post&nonce=bced91e5-f1a5-4c59-a9bc-93de31cbc143
14:26:58.054 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a633e552-159c-4042-9f7d-a457d4a88ae8
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2121D8.EAD3.94F1.9B87&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3af1bef3-16ec-416c-bc7a-ece993b561ec&response_mode=form_post&nonce=bced91e5-f1a5-4c59-a9bc-93de31cbc143
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm
#######################################################
TEST: fragmentResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!88AA.7384.1F72.7840",
"client_secret": "99ff23d5-a6a9-4170-8cbf-22c1cf9e2d1d",
"registration_access_token": "6585981b-2259-4199-a3c7-9d528bbe14c2",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!88AA.7384.1F72.7840",
"client_id_issued_at": 1530815197,
"client_secret_expires_at": 1530901597,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2188AA.7384.1F72.7840&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5b928361-60e8-4716-8ecf-8a9405570098&response_mode=fragment
14:26:59.328 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:6f03695c-a4a0-4a27-9ce8-b86c46c7d2b6
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2188AA.7384.1F72.7840&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5b928361-60e8-4716-8ecf-8a9405570098&response_mode=fragment
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=999ff2b4-946f-4f52-9a9e-0915f2980948&scope=address+openid+profile+email&session_id=30285138-3c55-4064-a832-16dbb4a11325&state=5b928361-60e8-4716-8ecf-8a9405570098&session_state=6f03695c-a4a0-4a27-9ce8-b86c46c7d2b6
#######################################################
TEST: fragmentResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:39 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8C05.AF4E.C0EF.26ED",
"client_secret": "ca5988bd-9afb-4137-ab0b-398f69546397",
"registration_access_token": "73670b3b-3285-445d-923b-43e092994f8f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8C05.AF4E.C0EF.26ED",
"client_id_issued_at": 1530815199,
"client_secret_expires_at": 1530901599,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218C05.AF4E.C0EF.26ED&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=66793ca4-5e0f-4b88-829d-6649e4cb7c26&response_mode=fragment&nonce=4af7c183-a81e-4867-9c8f-a770c650738d
14:27:00.600 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:23e5879f-0116-47ed-8afa-170c017653d2
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218C05.AF4E.C0EF.26ED&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=66793ca4-5e0f-4b88-829d-6649e4cb7c26&response_mode=fragment&nonce=4af7c183-a81e-4867-9c8f-a770c650738d
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=bfe1d179-7570-4363-9912-e6d2e3402180&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4QzA1LkFGNEUuQzBFRi4yNkVEIiwiZXhwIjoxNTMwODE4ODAxLCJpYXQiOjE1MzA4MTUyMDEsIm5vbmNlIjoiNGFmN2MxODMtYTgxZS00ODY3LTljOGYtYTc3MGM2NTA3MzhkIiwiYXV0aF90aW1lIjoxNTMwODE1MjAxLCJjX2hhc2giOiJNWlAwWEttUkZGZWZKUHgxb1d2bkxnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiM2tJbnpOeG5LWUFISk1GVkU2dnZPSWxPdEZMTW9ZSmhNZE54eTR5RlhlcyJ9.CewYC0Z1pAue1jVKU5yL7Z0OkxVGEPUdfuIHC7Ezx5yQQMU_o2LomqT4kPtuMFGR3vhsuBYF_UgYM_vjEGwWg_34ur7Rpon5YuM0srVlWSDTT5jQvmRK9OhmZjRtRAVDSU0Oq8WicLHAJOoe5EeXAQzPApEPfeQBE_L2ZEi1dwQc0ODl-3oY1suwjhWnBuc02mBgAqH4_qNe4FxPcsr6cID12t5iArykmEIy2uoqJ_6ONpRfmSPKf62JFNXbdnrG0BUFxQj9_ErgYJose8mc62K6Nxg4eG74FA9M-pFby4x91Mlh1ouS-m-4sR1-xND3deG03OYXmw5bg1GmocNprQ&session_id=c6a3840a-9b95-4635-8d32-905bb8426aab&state=66793ca4-5e0f-4b88-829d-6649e4cb7c26&session_state=23e5879f-0116-47ed-8afa-170c017653d2
#######################################################
TEST: fragmentResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:41 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8D15.2242.21C4.EF23",
"client_secret": "13b8f2e7-7732-456c-9695-031976bd80bc",
"registration_access_token": "7ebe24dd-ef77-424d-aa55-9ba18ec52758",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8D15.2242.21C4.EF23",
"client_id_issued_at": 1530815201,
"client_secret_expires_at": 1530901601,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218D15.2242.21C4.EF23&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5bcdc932-2860-4768-ab9d-10f049d15625&response_mode=fragment&nonce=15bc5b24-6e91-4836-813c-2d8ffd955747
14:27:02.832 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:2589c227-e3b7-4b95-956e-28ba7f82b82b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218D15.2242.21C4.EF23&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5bcdc932-2860-4768-ab9d-10f049d15625&response_mode=fragment&nonce=15bc5b24-6e91-4836-813c-2d8ffd955747
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=90a5f0a7-8a05-431f-9559-9bda658934b9&code=48fbe375-799a-4b79-8601-99563c1fe797&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4RDE1LjIyNDIuMjFDNC5FRjIzIiwiZXhwIjoxNTMwODE4ODAyLCJpYXQiOjE1MzA4MTUyMDIsIm5vbmNlIjoiMTViYzViMjQtNmU5MS00ODM2LTgxM2MtMmQ4ZmZkOTU1NzQ3IiwiYXV0aF90aW1lIjoxNTMwODE1MjAyLCJjX2hhc2giOiIxaVBUbnJmVVljZTJIN2p1d1JrUTVBIiwiYXRfaGFzaCI6InpJRThQdlBsdnNXalZtdFZaeW9ITnciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJlaDNkV2duTkk5YXhnaHhyZFhBZnZPZFVoRG5mY1NNaFhKNk1xQVNIZWFrIn0.OQfFITd9GcZ_qD6zg7JbjbwMCX5S5Py2OlzLCfvL6_84fk8nuEMK1yH62mKody5xlkgbtwLf1AQxzT2c3IEiLQtOa8RSIi0C41PSLXuErVx-ZtnS1f_EPPduJymPig5aTvh9jfv8OsVL3WLd4FEtFWjboQgULFsQ2zA65SJhJ_TIKJ9dArdzC12khNSPsBf5hzN8yskTxKnoUs0V4pLX-NrBcl3l2EeOb7RKMRQLRkEhl6-qt0VOWWa_gV6RVAIdrcwTqxzFaP758EU3l8VKErYAzLmedBKIbySpz-u1R0MISvIU_IoS7LpP_V0oZYHG-qK8QiEvje2nN5cvLsZyoA&session_id=5ed72198-9a6e-424c-89d2-1dc1d6eb8e66&state=5bcdc932-2860-4768-ab9d-10f049d15625&token_type=bearer&session_state=2589c227-e3b7-4b95-956e-28ba7f82b82b&expires_in=299
#######################################################
TEST: fragmentResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E5FB.F4E9.8AC7.0A42",
"client_secret": "89650868-8295-4352-a3be-a8574339c424",
"registration_access_token": "f4c045ff-f326-4159-a99e-e02ac9963457",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E5FB.F4E9.8AC7.0A42",
"client_id_issued_at": 1530815202,
"client_secret_expires_at": 1530901602,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E5FB.F4E9.8AC7.0A42&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=46c1b9af-3477-4530-bd40-511f7c162561&response_mode=fragment&nonce=9ec0eabe-3151-4682-8dcf-1fc05f154a8a
14:27:04.193 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:de299e3c-3bb0-424d-bfb3-9ed9412fbe73
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E5FB.F4E9.8AC7.0A42&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=46c1b9af-3477-4530-bd40-511f7c162561&response_mode=fragment&nonce=9ec0eabe-3151-4682-8dcf-1fc05f154a8a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=c0fb612f-ee38-4fa8-b590-eeb4f86ef5ac&code=ce00dab4-82bf-4db7-bd01-87b0d9bb6a25&scope=address+openid+profile+email&session_id=4d07b51e-83e5-4f33-a6a8-4eb2de90951c&state=46c1b9af-3477-4530-bd40-511f7c162561&token_type=bearer&session_state=de299e3c-3bb0-424d-bfb3-9ed9412fbe73&expires_in=299
#######################################################
TEST: fragmentResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C331.5EE9.5ECC.B795",
"client_secret": "686286de-ed3c-4cfc-ade5-a024cfd5e019",
"registration_access_token": "14a2cc25-bc64-4be0-a7da-9beff926005c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C331.5EE9.5ECC.B795",
"client_id_issued_at": 1530815204,
"client_secret_expires_at": 1530901604,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C331.5EE9.5ECC.B795&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dc8b3b01-1326-4ecc-af62-f2806c68106c&response_mode=fragment&nonce=b0083945-3555-456c-8263-5d925b83c266
14:27:05.568 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:c7765f4c-5629-4479-8e2f-15f0ef2ce782
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C331.5EE9.5ECC.B795&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dc8b3b01-1326-4ecc-af62-f2806c68106c&response_mode=fragment&nonce=b0083945-3555-456c-8263-5d925b83c266
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDMzMxLjVFRTkuNUVDQy5CNzk1IiwiZXhwIjoxNTMwODE4ODA1LCJpYXQiOjE1MzA4MTUyMDUsIm5vbmNlIjoiYjAwODM5NDUtMzU1NS00NTZjLTgyNjMtNWQ5MjViODNjMjY2IiwiYXV0aF90aW1lIjoxNTMwODE1MjA1LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJza1VQcTluT1ctQmZsRmRvUGNJTlpNbzE5MHduVHc1YTY5YmFHYmlSc0VVIn0.HCxoJEmswtrwq7cq4eCnWRAIXV7Ws_O197g7XTDt1qqy15T_ZRdF2iNMYEts0qX0XY9GJk9DJzwAI1mtCCeUHA0_wZIrqEvFhCeR0dLOXpYCS5Yv9q7oUnTjotaA87cRn-KV8OYKFHJp3aUFNdxOPQ_Tr5G0VGxkOibLO7EQ0JakRaJY_yshoi2LPkN5C4JRpBsIOKp0GRVPrXGR1FVrZwR7f8GPBNWHwyGDAOVYBj3KTu3rQPLyd8LFvDlscpOjFwlE7bct_623sGyp5Y8Q-2xGB-LuL-1B9steVjcs5wvjsH9abnaWwHoSMnx1UM8P0k-fO3jitriYrNVJOs6CqQ&session_id=294145df-2e11-4969-8256-564c64426292&state=dc8b3b01-1326-4ecc-af62-f2806c68106c&session_state=c7765f4c-5629-4479-8e2f-15f0ef2ce782
#######################################################
TEST: fragmentResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!721D.9A20.7CD7.838F",
"client_secret": "d3d0b917-1e03-4cd1-a2fa-4361a9a40b57",
"registration_access_token": "ff8ef661-5f2b-4c6c-b4f7-bab65f7b4a7b",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!721D.9A20.7CD7.838F",
"client_id_issued_at": 1530815205,
"client_secret_expires_at": 1530901605,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21721D.9A20.7CD7.838F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4a0d359d-b9b3-44ee-a298-c47ec5b598ad&response_mode=fragment&nonce=0943f3ff-a6ad-43c1-8d99-b1bd5f340bb0
14:27:06.767 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a9850b70-e4fe-4c6e-8366-9ed3f7521633
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21721D.9A20.7CD7.838F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4a0d359d-b9b3-44ee-a298-c47ec5b598ad&response_mode=fragment&nonce=0943f3ff-a6ad-43c1-8d99-b1bd5f340bb0
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=2033f262-d16e-4c4f-a4dd-e099ee166f18&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3MjFELjlBMjAuN0NENy44MzhGIiwiZXhwIjoxNTMwODE4ODA2LCJpYXQiOjE1MzA4MTUyMDYsIm5vbmNlIjoiMDk0M2YzZmYtYTZhZC00M2MxLThkOTktYjFiZDVmMzQwYmIwIiwiYXV0aF90aW1lIjoxNTMwODE1MjA2LCJhdF9oYXNoIjoiZHRYcTd4TDViT0dYZGpqRXFGVzJLdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Imt5eGZ6bGYtdWdMS3U5R3Yxbnlva0RkNlpNaVVlX2hnVWFDZkl0UmZDVlEifQ.YkYpgb8jA_qMS9Fi6XZq3HELMXCzsPTTlWSGqur4FbIWW5EZAwjWze4yuy4FprYpAZe8oUYSN1HJpHyh48Lm-YQFXrGw9uzf4q2zjaB5pYMRz62N7NIsU7-w_1oH94sIhRHmv4Uh2SsEA7uj8ojbfYqnXDtOxOc7cAiWJkCZ-rWdZ7B7-aIl2kRRXC36x4LDAIljYKi_ijTafnEtawqJpaz9SYHJ94oxTwDwFN0L5XMcYhqbdf8m5-5Vi7shgnojQ7acf6gOA1d3bzyhZXS_0clalx4xQFC8Cz2XuplW4M2idIQqAHfaBx-Arr4vRjQpmTZN33CqOvehPxIJV8XhrQ&session_id=b2610766-30c0-4b13-aa5a-aacc4b66e9e2&state=4a0d359d-b9b3-44ee-a298-c47ec5b598ad&token_type=bearer&session_state=a9850b70-e4fe-4c6e-8366-9ed3f7521633&expires_in=299
#######################################################
TEST: queryResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:46 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!654F.63CB.5AFD.00AA",
"client_secret": "252055e2-7883-4698-8af4-7989433f6630",
"registration_access_token": "ab4ddb7f-d150-429e-ae1b-c8b2aefb9ed4",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!654F.63CB.5AFD.00AA",
"client_id_issued_at": 1530815206,
"client_secret_expires_at": 1530901606,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21654F.63CB.5AFD.00AA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f75f239e-0470-4670-bdd1-2623bf7d53cf&response_mode=query
14:27:07.976 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:1866a7e7-8b0e-4e82-9a95-629716ce6406
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21654F.63CB.5AFD.00AA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f75f239e-0470-4670-bdd1-2623bf7d53cf&response_mode=query
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=cbe11c6f-7042-479b-91e4-17cf6e9a09fc&scope=address+openid+profile+email&session_id=01f9901d-2799-42ec-a5ab-ae2c673646cf&state=f75f239e-0470-4670-bdd1-2623bf7d53cf&session_state=1866a7e7-8b0e-4e82-9a95-629716ce6406
#######################################################
TEST: queryResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E7E2.F3DE.A10D.4712",
"client_secret": "5ab1311f-e885-4290-bc68-048a7f1457fb",
"registration_access_token": "532aaa85-a86d-45c7-bbbf-bccee3a939bc",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E7E2.F3DE.A10D.4712",
"client_id_issued_at": 1530815207,
"client_secret_expires_at": 1530901607,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E7E2.F3DE.A10D.4712&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6a5ef011-2b0c-4e42-aba4-9c78a76f0417&response_mode=query&nonce=431b2afb-60a4-4854-a7df-0f66b0de1adf
14:27:09.184 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a41caffa-c6fc-451b-a072-1f0abf149f3f
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E7E2.F3DE.A10D.4712&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6a5ef011-2b0c-4e42-aba4-9c78a76f0417&response_mode=query&nonce=431b2afb-60a4-4854-a7df-0f66b0de1adf
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=1fea40ef-187f-4eb2-aaba-80d3ab9a726b&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFN0UyLkYzREUuQTEwRC40NzEyIiwiZXhwIjoxNTMwODE4ODA4LCJpYXQiOjE1MzA4MTUyMDgsIm5vbmNlIjoiNDMxYjJhZmItNjBhNC00ODU0LWE3ZGYtMGY2NmIwZGUxYWRmIiwiYXV0aF90aW1lIjoxNTMwODE1MjA4LCJjX2hhc2giOiJQRG5aaGFiQkI5QWhNZ0tJZWN6bTFBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoibjR1Y1ZlU01jR0U2dDFSX3Z0T3N5WVVJYjdGYXdFVzd5VXdfRWc3bnFYSSJ9.H7xE5FbAF0CtENge0T63HFvoEsQ9dB9f7Xm9_C_Sa2hlz4dKDQHWla9Dcp-Q-FUJcuJGieBM2IE20ylgtF8ZSBYHbSH4Ik6zZ6ho3HgZtepKWqS09X8MgQHEnNwuMvGJw_sSbUSSoM1yovgRefC98CyNy3Pwza_ectolnOedW1xWyJb341Kidf8nnXlpPIMoxDMq0uKgIPOV6dFX9lH1pVmNWbp9EL2z526j0LG4Ia41fXhkSzxnhaoJOPualkkD4uQxbiCWxrFHrSQH0fjERIy0SXK-Wzr1tgPncBSe1jtUG7WumpBfpx8D58X6efXXDaWvdsTUJSA_bRlCUb-n1w&session_id=21cb7ae1-579e-4250-b6d7-d55416577c15&state=6a5ef011-2b0c-4e42-aba4-9c78a76f0417&session_state=a41caffa-c6fc-451b-a072-1f0abf149f3f
#######################################################
TEST: queryResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:49 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!10AB.B9AF.886C.D866",
"client_secret": "ecde74a1-a73f-4e39-a399-58e5b2aa9c4e",
"registration_access_token": "0338856c-3d75-4ceb-8535-b36a81b69a08",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!10AB.B9AF.886C.D866",
"client_id_issued_at": 1530815209,
"client_secret_expires_at": 1530901609,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2110AB.B9AF.886C.D866&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=19739457-7b11-4bdd-9e52-dbd7379fe3b6&response_mode=query&nonce=decfd9cb-fa5e-487c-ac9b-caec7f623d86
14:27:10.460 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3d3789d3-447d-4c0f-9e8d-4738020512d5
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2110AB.B9AF.886C.D866&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=19739457-7b11-4bdd-9e52-dbd7379fe3b6&response_mode=query&nonce=decfd9cb-fa5e-487c-ac9b-caec7f623d86
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=fe5e4130-c1ca-48c2-9a9e-02cd746af749&code=08c7c8cb-8d6b-45bc-9597-c7ac566b4979&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExMEFCLkI5QUYuODg2Qy5EODY2IiwiZXhwIjoxNTMwODE4ODEwLCJpYXQiOjE1MzA4MTUyMTAsIm5vbmNlIjoiZGVjZmQ5Y2ItZmE1ZS00ODdjLWFjOWItY2FlYzdmNjIzZDg2IiwiYXV0aF90aW1lIjoxNTMwODE1MjA5LCJjX2hhc2giOiJta2VxTHpKQWFtMVpOQ2xwTEU4LUhnIiwiYXRfaGFzaCI6Ink1Q2xTekF0SmpLa0FMM19KNUFaMEEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiI5YzlqbkVXTlpndGdyVjUwcHpZbng3ZGpVcjE0OUdrRG9yTnU0NnNWTWQ0In0.mWt-0T0gtZgXQrHMhvd_CoHIxsfhSAY5sRIz5K-_cySO3zpbrwHCB-SjwkO3tMQHv-jij5xXtsoYbB1m7h_NBr1y5S77RIfPzuOVrnWri2CtGHbdBgk4ga-NIjJ-b2Hzt1VnnSQePZM0DnsCrHlM2OC9SmDOKUe41uPIwmj_M3qub0JzT7375VziDGFuIi6wL0dpaEr7BBAyNoZJKrEuHrGChP85rZwujcSU10pTCu-NfyfyqFrgpCC-_0HoM7CCXqjZkgEdtfKtkrixGF80_76jl7mqoByucnlm_2ntIpy0h8dAi0o9GoTr709pE1ZxDPosjXNBZgly3HaouD01Ow&session_id=b08a3a51-c18a-408b-836f-abc2e0a70507&state=19739457-7b11-4bdd-9e52-dbd7379fe3b6&token_type=bearer&session_state=3d3789d3-447d-4c0f-9e8d-4738020512d5&expires_in=299
#######################################################
TEST: queryResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A64C.F145.4DA0.A833",
"client_secret": "938632ff-4ae5-4509-9a58-7d4e0f64fddb",
"registration_access_token": "2008b4eb-2486-4c01-9a01-ffc9e178c0de",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A64C.F145.4DA0.A833",
"client_id_issued_at": 1530815210,
"client_secret_expires_at": 1530901610,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A64C.F145.4DA0.A833&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=400d12a5-3315-487f-a4aa-0a25ae7a0692&response_mode=query&nonce=3efa4cf8-1014-4182-856a-ab8795a02ddf
14:27:11.671 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:240b04e1-c1e6-4fb9-b070-234070415ff3
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A64C.F145.4DA0.A833&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=400d12a5-3315-487f-a4aa-0a25ae7a0692&response_mode=query&nonce=3efa4cf8-1014-4182-856a-ab8795a02ddf
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=98329a09-3fd3-45fe-9f3a-66638e5c4b92&code=d43fc5fd-18c6-4902-8efb-338bee3b03f0&scope=address+openid+profile+email&session_id=f08f9846-7d90-4642-9a47-e3cc51c64d60&state=400d12a5-3315-487f-a4aa-0a25ae7a0692&token_type=bearer&session_state=240b04e1-c1e6-4fb9-b070-234070415ff3&expires_in=299
#######################################################
TEST: queryResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B37D.1861.B063.8EA3",
"client_secret": "a3ae85c0-f007-4701-b884-9bc02eec22aa",
"registration_access_token": "ac225e7d-35b4-4bc5-8bbf-9d3a233895ed",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B37D.1861.B063.8EA3",
"client_id_issued_at": 1530815211,
"client_secret_expires_at": 1530901611,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B37D.1861.B063.8EA3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b80a6c6b-d350-41a4-90b9-de08308b7012&response_mode=query&nonce=42f09f7e-cbd6-48a2-8329-e4b5fd4f53a1
14:27:12.873 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:5114869b-4eea-457b-8491-c41d8a785c5a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B37D.1861.B063.8EA3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b80a6c6b-d350-41a4-90b9-de08308b7012&response_mode=query&nonce=42f09f7e-cbd6-48a2-8329-e4b5fd4f53a1
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCMzdELjE4NjEuQjA2My44RUEzIiwiZXhwIjoxNTMwODE4ODEyLCJpYXQiOjE1MzA4MTUyMTIsIm5vbmNlIjoiNDJmMDlmN2UtY2JkNi00OGEyLTgzMjktZTRiNWZkNGY1M2ExIiwiYXV0aF90aW1lIjoxNTMwODE1MjEyLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJZbEREbHVKMlluR2o5NHVaNFFzS0UxdEFXb2tTVEFBUUdVZDdXSUQ0MWNvIn0.CTLuEJ1_RdT3D-p1pZX6mMfhFJ8zFTF0t3dSp7pWnnWqY3qsjR-uCWahi4YzIGF0jhsqwCPZEGC5mDsn4P7Do7pl9n4dWe7n5DbJK_v_BAWbIlUUXTEEDEHlX-n2iinQe0NV5jffqXZk93V8oQHYqM1Kd_1hNKQv55334YMx5jMyZ1hjhK2dQm4iUi3Sk_6N2vn4KsBpM13uq2FSesuMdJKanKGlbTeOGe__wPjb0rrAGOfz7l1FoXGBhS4sUAnXayMW9TxES7ARZiuGFJ8RVisDlz04Fz0UkKTXF74-JbB8GDEB2I1WwItMSTdoGK4npNUTHmUc6_N5QwVtUpWKKA&session_id=f297269c-a1b6-42f3-ab82-32c31a237c42&state=b80a6c6b-d350-41a4-90b9-de08308b7012&session_state=5114869b-4eea-457b-8491-c41d8a785c5a
#######################################################
TEST: queryResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"id_token",
"token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7A2D.C977.0A1A.AC17",
"client_secret": "4d013b82-67dc-453b-9e92-f2d5819d0eac",
"registration_access_token": "ea7366c8-21be-46c4-9b9a-d504c4340de7",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7A2D.C977.0A1A.AC17",
"client_id_issued_at": 1530815212,
"client_secret_expires_at": 1530901612,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217A2D.C977.0A1A.AC17&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=79cfe9ff-ef09-4a21-95d8-77731618d897&response_mode=query&nonce=24ee94c0-ab1f-4da4-97b2-5d2fec7f31c3
14:27:14.101 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f1fa8208-6f56-4159-b19e-ace8811646d7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217A2D.C977.0A1A.AC17&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=79cfe9ff-ef09-4a21-95d8-77731618d897&response_mode=query&nonce=24ee94c0-ab1f-4da4-97b2-5d2fec7f31c3
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=70e69b6d-25e7-4a53-8550-a513abfe8ec1&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3QTJELkM5NzcuMEExQS5BQzE3IiwiZXhwIjoxNTMwODE4ODEzLCJpYXQiOjE1MzA4MTUyMTMsIm5vbmNlIjoiMjRlZTk0YzAtYWIxZi00ZGE0LTk3YjItNWQyZmVjN2YzMWMzIiwiYXV0aF90aW1lIjoxNTMwODE1MjEzLCJhdF9oYXNoIjoiMGZmbHNmdnVGSjRMd1o4ZjRucHY4dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkpXbnVvZXdHYk8za2laRC1scFFKOXM5aFdRNk9NemE3UVhqN3NHcFNJNk0ifQ.bWCDpcXVkpG0KLKPzvagZF5cuJiXpg4ltGuHYpW57CJFbRGqSGPRx-ImR8SOr-PzKnz3d7W_o6aFMhucldHwsdakeyIitGLlVN9v_toRTQGYK7HtfctkasmipUTptW-ES7M8j3h67VqW9-3-AIPHycjZ5no2_UNgwY2f9RsUjX-Uu4J8TM2__mUCcE2WxH50JCZZtZ1DC3qPj6PHCZUeqax20DwarLhlTXlB033kcyIWI0jb__x6zN24DH46pHb4Adu7PNqNvAGVbkAGjxsF_axeEGFDaM0BCcDZv7TaLsu5rxtG-rPIVyGX6vecT68cyCnUBlJw0GsSLfGx442SkA&session_id=1cf6fbca-d851-4b23-8e27-e3d93e9bcacf&state=79cfe9ff-ef09-4a21-95d8-77731618d897&token_type=bearer&session_state=f1fa8208-6f56-4159-b19e-ace8811646d7&expires_in=299
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:26:53 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:53 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: requestAuthorizationAccessToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A32A.F29A.2BAA.F7A8",
"client_secret": "94f53cb7-959d-4204-b58a-3a0775aa9979",
"registration_access_token": "5ba4575d-58aa-4fce-8a24-7336b504d8eb",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A32A.F29A.2BAA.F7A8",
"client_id_issued_at": 1530815214,
"client_secret_expires_at": 1530901614,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 5ba4575d-58aa-4fce-8a24-7336b504d8eb
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A32A.F29A.2BAA.F7A8",
"client_secret": "94f53cb7-959d-4204-b58a-3a0775aa9979",
"registration_access_token": "5ba4575d-58aa-4fce-8a24-7336b504d8eb",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A32A.F29A.2BAA.F7A8",
"client_id_issued_at": 1530815214,
"client_secret_expires_at": 1530901614,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A32A.F29A.2BAA.F7A8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=18aea2fd-7e31-410d-a3a9-895cc993f13c&nonce=1395d81b-a763-4ab1-9aef-1d5f5393fe46
14:27:15.529 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:9ce58a6d-76b7-4e1d-b81d-b3e28afd2f9b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A32A.F29A.2BAA.F7A8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=18aea2fd-7e31-410d-a3a9-895cc993f13c&nonce=1395d81b-a763-4ab1-9aef-1d5f5393fe46
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=dee0aba8-f95b-40f9-8ed6-1435cbb695c1&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMzJBLkYyOUEuMkJBQS5GN0E4IiwiZXhwIjoxNTMwODE4ODE1LCJpYXQiOjE1MzA4MTUyMTUsIm5vbmNlIjoiMTM5NWQ4MWItYTc2My00YWIxLTlhZWYtMWQ1ZjUzOTNmZTQ2IiwiYXV0aF90aW1lIjoxNTMwODE1MjE1LCJhdF9oYXNoIjoiTlZFQTkweDhiaTJWbzJPbXg5aGNzUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImVnVVZXeXBrZkJ1NktDSUMxZkR0QXVhMkdJNmtlRll2cmJsSy1GQUdTeFEifQ.YZ67hrQ2evmS4nMO3UNgezz8eYnNR68_hgtYqbRALVy6gd93rHqo3W8nUGhaMNWVxlRmlrzG5U0Z50l1LTxVHaZYHfFBH7tc_rEYGd5IvO4boZlGoE3MldduAxxs7txHkf1jwBqzQC6CvgXHPfnk2CYcE2S5vJUC4S00WkrmRxFKduaG5I-JbZNtloosTSt9kenTV0UOYbU83FySiDBG_vQ9xHoG8HRD5_WKb4riZq27aBwjtNzFFmltMEPbQqkkmsGMrNRQCA0DvCA9cDWp6KBWyfFHOohGA5gkDbEj01A2RLyNHvf-PJNPzeK5F1RnGudGEAna0U-kBNU6qYtzSw&session_id=01c609e5-a995-464a-bf2d-a098832258ff&state=18aea2fd-7e31-410d-a3a9-895cc993f13c&token_type=bearer&session_state=9ce58a6d-76b7-4e1d-b81d-b3e28afd2f9b&expires_in=299
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A32A.F29A.2BAA.F7A8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=faee0180-4073-431a-94d8-6a9303260801&nonce=5beebc01-53e3-4994-a11a-67f25be4d6b1&prompt=none&access_token=dee0aba8-f95b-40f9-8ed6-1435cbb695c1
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:26:55 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=18bd7292-ee72-4ed0-95db-5b7ca583295d&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMzJBLkYyOUEuMkJBQS5GN0E4IiwiZXhwIjoxNTMwODE4ODE1LCJpYXQiOjE1MzA4MTUyMTUsIm5vbmNlIjoiNWJlZWJjMDEtNTNlMy00OTk0LWExMWEtNjdmMjViZTRkNmIxIiwiYXV0aF90aW1lIjoxNTMwODE1MjE1LCJjX2hhc2giOiJidW4wM19wU0ZkOUk2QVZ1Tm9UUi1BIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiZWdVVld5cGtmQnU2S0NJQzFmRHRBdWEyR0k2a2VGWXZyYmxLLUZBR1N4USJ9.WYcs1VbpW4Icn67iGV49cRMcxsJx8HJgIwfynMimV2a5DYL41r_8nbfmcAct9nFZdQRzeVeAoaAPtZc8MGOk-eS-2dBPDcne_5158KgzvsopIAPGXGGPFdUzF8b_dDTFIKvfzrtS6-OSErYjvslFvoOtnJ4sLs-z4Jw2C6Fo4O-_VRD10YpLVNoJpbviOSRTNI0--2byBDLTRWJ-5rPa9CT5vc-Zad1UHRxIfzNZHUXaa34-61YjUyPWL0cY1Iz83mg_Mv93BYneS54Oq9BF-JsoEac_fy85hidK8akIVnsAYyJexQ2p82pR_GzhHbghcksTbkf4UV0Ykj8YTs0kQA&session_id=86007c2a-ee36-4d98-817c-2d3fed0e9565&state=faee0180-4073-431a-94d8-6a9303260801&session_state=16515207-d4cc-4ab5-9ef3-fbd1af2f4e06
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTMyQS5GMjlBLjJCQUEuRjdBODo5NGY1M2NiNy05NTlkLTQyMDQtYjU4YS0zYTA3NzVhYTk5Nzk=
grant_type=authorization_code&code=18bd7292-ee72-4ed0-95db-5b7ca583295d&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"f3c04236-923c-49a3-a8dc-63c28f06b9b0","token_type":"bearer","expires_in":299,"refresh_token":"88a1e6fe-f312-4872-9111-99cf737386b0","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMzJBLkYyOUEuMkJBQS5GN0E4IiwiZXhwIjoxNTMwODE4ODE1LCJpYXQiOjE1MzA4MTUyMTUsIm5vbmNlIjoiNWJlZWJjMDEtNTNlMy00OTk0LWExMWEtNjdmMjViZTRkNmIxIiwiYXV0aF90aW1lIjoxNTMwODE1MjE1LCJhdF9oYXNoIjoiRDlMWnJVRDdNTUVmajVrTjVMaHdCQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImVnVVZXeXBrZkJ1NktDSUMxZkR0QXVhMkdJNmtlRll2cmJsSy1GQUdTeFEifQ.DJiedKm_F2D2Oi7fbb7jQw82NFuaRud4H8EfhGj9hlCY-rL6J9MKe0l7DWbfLYCy1GFNVRSq0kR5tbNXFfdZBpJACjy4H5VTAIGLAIdAoFwT_4YmC491HMIysehnt4TCi7S1OHnlb_AWz3j550GqCgGva4cemw-6SmlTTj6iXnlpO9W8cLtJW9twnIWyfbKoGP8yqXZm9Qjbu0ID0_2-b9icepCNIn-J3zNUP6iKiOdTG-yP_56PiySi4DOSzWRr7GWxKjU7vd3_XHFiI_nPTuWxsxMmEdZKIu6zP3Kd-1R-afKYBS3nDZeIrSaLAE_DiJr-uVPUgICvydlzG44Szw"}
#######################################################
TEST: requestAuthorizationAccessTokenFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E47E.4A63.7EF7.5E3A",
"client_secret": "8edc5ffb-87cc-4693-aad4-5fe4364b8853",
"registration_access_token": "c84ece65-99cc-492c-a324-5d5d02f91cf6",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E47E.4A63.7EF7.5E3A",
"client_id_issued_at": 1530815215,
"client_secret_expires_at": 1530901615,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer c84ece65-99cc-492c-a324-5d5d02f91cf6
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E47E.4A63.7EF7.5E3A",
"client_secret": "8edc5ffb-87cc-4693-aad4-5fe4364b8853",
"registration_access_token": "c84ece65-99cc-492c-a324-5d5d02f91cf6",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E47E.4A63.7EF7.5E3A",
"client_id_issued_at": 1530815215,
"client_secret_expires_at": 1530901615,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E47E.4A63.7EF7.5E3A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ca9218e0-c510-469f-b9e9-e8c2b9adb608&prompt=none&access_token=INVALID_ACCESS_TOKEN
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:26:55 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=ca9218e0-c510-469f-b9e9-e8c2b9adb608&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: requestAuthorizationAccessTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA3F.FFFE.03AA.FCBF",
"client_secret": "8b526d87-8575-4bbd-9bdd-779a1be47774",
"registration_access_token": "6c231b2a-012a-4572-9351-b6e4574d9bb0",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA3F.FFFE.03AA.FCBF",
"client_id_issued_at": 1530815215,
"client_secret_expires_at": 1530901615,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 6c231b2a-012a-4572-9351-b6e4574d9bb0
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA3F.FFFE.03AA.FCBF",
"client_secret": "8b526d87-8575-4bbd-9bdd-779a1be47774",
"registration_access_token": "6c231b2a-012a-4572-9351-b6e4574d9bb0",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA3F.FFFE.03AA.FCBF",
"client_id_issued_at": 1530815215,
"client_secret_expires_at": 1530901615,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DA3F.FFFE.03AA.FCBF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c5610806-8314-45eb-acae-d8758232adf2&nonce=33bf0b4b-8199-4f90-ae69-4fcd083876a8
14:27:17.266 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:30f24e31-d2f9-4acc-a29c-858a1fed7b6d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DA3F.FFFE.03AA.FCBF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c5610806-8314-45eb-acae-d8758232adf2&nonce=33bf0b4b-8199-4f90-ae69-4fcd083876a8
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=50219d90-957a-4629-b6e5-9f0817e6793f&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQTNGLkZGRkUuMDNBQS5GQ0JGIiwiZXhwIjoxNTMwODE4ODE3LCJpYXQiOjE1MzA4MTUyMTcsIm5vbmNlIjoiMzNiZjBiNGItODE5OS00ZjkwLWFlNjktNGZjZDA4Mzg3NmE4IiwiYXV0aF90aW1lIjoxNTMwODE1MjE2LCJhdF9oYXNoIjoidHBienR4bGRwb0JZSVZmbXhGVzZoZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImFpSER6Sk1neVhGdkxaWWhFMGw1c0FwcnZYSzVRSWIwOTBBd1Nfc2RLa0EifQ.gskrCwOORQKZwPeJSr5B6kYvB7tU4xhXVmiIBlD_1zLBL8gE_1vaYgXDNd2tKgnwyqSp7tKk0QHduqIhJbZU8IWvjEihrsTmXHSQpwwYRIvurphLIvaBMb0y_CfDyCH213SwUztVWTREsYcZ01NLrf2IklWs9j7neT8iVI2nUCKP1koAWiJliVZUjtCrq8wJsauouA1-8rMhcFTH-IkWp1rsHDO-n2UnQotOQkQQxrQmUTdA8qVTKRq-aIMe3cwg5xtbdM8zAFOiSsUctUTPzO3y9oIBQvfNJH8lPlBfhYfeVpWVJ0p4wo2CM2pRgoUCB271-88Q7XilC6GnQZiuVg&session_id=71981a53-94fe-46de-849d-c503b9d697ce&state=c5610806-8314-45eb-acae-d8758232adf2&token_type=bearer&session_state=30f24e31-d2f9-4acc-a29c-858a1fed7b6d&expires_in=299
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DA3F.FFFE.03AA.FCBF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cf9253fe-e819-480e-ac8a-bdd21000124d&nonce=dfa68761-82a8-446c-9c22-00dfb1392057&prompt=none&access_token=50219d90-957a-4629-b6e5-9f0817e6793f
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:26:57 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=eccbcb00-7280-42a2-90ca-8b5856bdc334&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQTNGLkZGRkUuMDNBQS5GQ0JGIiwiZXhwIjoxNTMwODE4ODE3LCJpYXQiOjE1MzA4MTUyMTcsIm5vbmNlIjoiZGZhNjg3NjEtODJhOC00NDZjLTljMjItMDBkZmIxMzkyMDU3IiwiYXV0aF90aW1lIjoxNTMwODE1MjE3LCJjX2hhc2giOiJWVkFrekh5TE5iUHpFYmt3LXNpdG1nIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiYWlIRHpKTWd5WEZ2TFpZaEUwbDVzQXBydlhLNVFJYjA5MEF3U19zZEtrQSJ9.LQt2t9YmjEv6kdbT306kaOA45fA4G_SPE9iaSbURfy4OdQoKPYLxsyBqS8YxtlkOyb8UcLJj1nmqPav1XRvyvpazO4CLvCsOAksxXwnIcEnvf5SkCshiGM1BGL1QPN9krf7VOo1EMdsMCc28N02h7H9HducDEBztZaDNZbcA7EJkjSXVVMlym6MNIhUOPZ0eA_GAgEY5U9x7UgDRnTV0xY9fwRKcQVdPpeSB2IX7wTnp-XyTfTxMEQvouIrCz8Y9EdBdZ__fcd-xrgsan63a7ie49cDwa7HBp2tghX0K6586X45DHOmbZUDWxQsMdKqtbD23zFQQOlEABRrGlPFioQ&session_id=dd2cd353-3fe5-4cdc-865d-1623c47bcbc3&state=cf9253fe-e819-480e-ac8a-bdd21000124d&session_state=2c82c148-949b-4306-a69e-708f8a97592f
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghREEzRi5GRkZFLjAzQUEuRkNCRjo4YjUyNmQ4Ny04NTc1LTRiYmQtOWJkZC03NzlhMWJlNDc3NzQ=
grant_type=authorization_code&code=eccbcb00-7280-42a2-90ca-8b5856bdc334&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"bad11a22-bfd0-4a8d-8cd3-09b49e84f958","token_type":"bearer","expires_in":299,"refresh_token":"c96f5154-5976-4889-8299-ef4b7dbf0914","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQTNGLkZGRkUuMDNBQS5GQ0JGIiwiZXhwIjoxNTMwODE4ODE3LCJpYXQiOjE1MzA4MTUyMTcsIm5vbmNlIjoiZGZhNjg3NjEtODJhOC00NDZjLTljMjItMDBkZmIxMzkyMDU3IiwiYXV0aF90aW1lIjoxNTMwODE1MjE3LCJhdF9oYXNoIjoiM3pBeUhIRXVJeXZ6Q2FyX19KOUNvZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImFpSER6Sk1neVhGdkxaWWhFMGw1c0FwcnZYSzVRSWIwOTBBd1Nfc2RLa0EifQ.H_02nnEaiZlKiXMxy5lF8qvT07cvFfo73B-eTdB8GqdE5FEIE6fE3JsvijRqeUFr_-InC24XKpCE-zLRSIxg-r_bF3KXuLNPBZRfgG7kB7GE50LRa7wxPc6sFGQjSmgE2RwodgJ_Xepxo00OiF-Y81pDVagwPcl2hm6Tk0TRVi5PUMuyOLfJCo0kkMBSfzlsmSiW1IAQlU44dTWFVyGSr4I1Siu3F6pw01qgi3ghHgEpKhFqItgGpgC8KSpPM9zfa-B1D3-sZOftg6QHivy16ahRU0DVW_2WxkEyb9u4IWjwKp7L3pnE8RhruhY8MzemNhKfMZPwGPJ1BxAQsWviMQ"}
#######################################################
TEST: requestAuthorizationCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBA6.22C2.6C23.ED1A",
"client_secret": "5e84f7f7-2d0b-46f4-941a-f6d57acf82f5",
"registration_access_token": "155080f0-526c-49c7-8eab-72eabf293483",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBA6.22C2.6C23.ED1A",
"client_id_issued_at": 1530815217,
"client_secret_expires_at": 1530901617,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 155080f0-526c-49c7-8eab-72eabf293483
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBA6.22C2.6C23.ED1A",
"client_secret": "5e84f7f7-2d0b-46f4-941a-f6d57acf82f5",
"registration_access_token": "155080f0-526c-49c7-8eab-72eabf293483",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBA6.22C2.6C23.ED1A",
"client_id_issued_at": 1530815217,
"client_secret_expires_at": 1530901617,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DBA6.22C2.6C23.ED1A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f2e474d9-c52d-4531-8f4f-07f79e9aade8
14:27:18.771 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:966dc965-62e0-4e9d-8fda-07b81551dc16
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DBA6.22C2.6C23.ED1A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f2e474d9-c52d-4531-8f4f-07f79e9aade8
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=fac74340-a37d-4d0c-8d3f-5769ea3737ec&scope=address+openid+profile+email&session_id=88788316-8792-420a-bb5b-8d8d317c8dc2&state=f2e474d9-c52d-4531-8f4f-07f79e9aade8&session_state=966dc965-62e0-4e9d-8fda-07b81551dc16
#######################################################
TEST: requestAuthorizationCodeFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 175
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:26:58 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed."}
#######################################################
TEST: requestAuthorizationCodeFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!80F0.0223.7E05.5ACF",
"client_secret": "4216e04c-7b1a-4932-94dc-d449ae0861c4",
"registration_access_token": "3d1e4c3d-f1e2-4bfe-b66f-77832e34dbfd",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!80F0.0223.7E05.5ACF",
"client_id_issued_at": 1530815218,
"client_secret_expires_at": 1530901618,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 3d1e4c3d-f1e2-4bfe-b66f-77832e34dbfd
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!80F0.0223.7E05.5ACF",
"client_secret": "4216e04c-7b1a-4932-94dc-d449ae0861c4",
"registration_access_token": "3d1e4c3d-f1e2-4bfe-b66f-77832e34dbfd",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!80F0.0223.7E05.5ACF",
"client_id_issued_at": 1530815218,
"client_secret_expires_at": 1530901618,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2180F0.0223.7E05.5ACF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2FINVALID_REDIRECT_URI&state=bf90006a-94e8-4de8-bb5b-921bf67301d6&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 220
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:26:59 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"bf90006a-94e8-4de8-bb5b-921bf67301d6"}
#######################################################
TEST: requestAuthorizationCodeFail3
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
response_type=code&client_id=%40%211111%210008%21INVALID_VALUE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9e3008ab-b5d0-4c07-8905-6c1b21ed128e
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 175
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:26:59 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"unauthorized_client","error_description":"The client is not authorized to request an access token using this method.","state":"9e3008ab-b5d0-4c07-8905-6c1b21ed128e"}
#######################################################
TEST: requestAuthorizationCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F601.4331.96CD.EC5F",
"client_secret": "834a3279-7627-47b5-9e81-df5e43eef182",
"registration_access_token": "16334004-17fd-4e05-ab15-cee8f0322254",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F601.4331.96CD.EC5F",
"client_id_issued_at": 1530815219,
"client_secret_expires_at": 1530901619,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 16334004-17fd-4e05-ab15-cee8f0322254
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:26:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F601.4331.96CD.EC5F",
"client_secret": "834a3279-7627-47b5-9e81-df5e43eef182",
"registration_access_token": "16334004-17fd-4e05-ab15-cee8f0322254",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F601.4331.96CD.EC5F",
"client_id_issued_at": 1530815219,
"client_secret_expires_at": 1530901619,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F601.4331.96CD.EC5F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6cf609f0-b0d0-4ab6-9b7c-7a80ada2ce00&nonce=47629bd3-7660-4b23-89f9-f6e7da623dda
14:27:20.729 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3626b97d-5d0b-4b44-8675-69c2b9da2c8f
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F601.4331.96CD.EC5F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6cf609f0-b0d0-4ab6-9b7c-7a80ada2ce00&nonce=47629bd3-7660-4b23-89f9-f6e7da623dda
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=6816eccc-ab4f-419e-8314-bbdb41ad81e0&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGNjAxLjQzMzEuOTZDRC5FQzVGIiwiZXhwIjoxNTMwODE4ODIwLCJpYXQiOjE1MzA4MTUyMjAsIm5vbmNlIjoiNDc2MjliZDMtNzY2MC00YjIzLTg5ZjktZjZlN2RhNjIzZGRhIiwiYXV0aF90aW1lIjoxNTMwODE1MjIwLCJjX2hhc2giOiIyQXRoVXlYa3VzVk92bU9MVkhkd0tRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiY095SVhTWlpMaHZqY0JwRXJjOXlVSWFGR1Rpb0ZfVTRETmFreURoZ0xCcyJ9.Xs5bgFeVErYDm1PhG5-qeqyUy8LJfhv1LbJe2oXPLoGOjYv54IjC9YKenAi4_WWGgK-BiQv0WU9PtpXz6FZkDWJY7GLf1dLOchRVN_2DiTIH8SzvT7QiC5ba7jD-8KXFaExbwKLtDbYBVayGo21Y8lTmHlepPWcg5dv4tJy6BVoQpfGV66wCZouNe7L6D5vIGyau2cnlj_AsRaSI03NrCB2AkRH7IqK5myDq_AXQVd_GNTqquFn0yceqzSKcy0tLoBRe3YCuN8e07shbZq1jxPvZJUTb2cN-G8istakKIl4RPZaQKp1s0WYV6Kqn5lXfDSlkO9cWKklpVwmaucGF0w&session_id=f000383d-dd73-462b-8c84-4638b9cee9b1&state=6cf609f0-b0d0-4ab6-9b7c-7a80ada2ce00&session_state=3626b97d-5d0b-4b44-8675-69c2b9da2c8f
#######################################################
TEST: requestAuthorizationCodeIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3673.74E6.EB8E.056B",
"client_secret": "5382e679-1b29-4482-a7a4-4c9ddf3113f3",
"registration_access_token": "1a45598b-404c-451f-bde2-61f02d21cd91",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3673.74E6.EB8E.056B",
"client_id_issued_at": 1530815220,
"client_secret_expires_at": 1530901620,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 1a45598b-404c-451f-bde2-61f02d21cd91
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3673.74E6.EB8E.056B",
"client_secret": "5382e679-1b29-4482-a7a4-4c9ddf3113f3",
"registration_access_token": "1a45598b-404c-451f-bde2-61f02d21cd91",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3673.74E6.EB8E.056B",
"client_id_issued_at": 1530815220,
"client_secret_expires_at": 1530901620,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213673.74E6.EB8E.056B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b1ed1b2d-1a66-40f9-8f3c-294f225e22be&nonce=dc4bcbae-8186-45f9-9b1e-ac6fb8745e77
14:27:22.082 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:c0e9d859-46fa-4515-b446-a3e65a6c40d9
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213673.74E6.EB8E.056B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b1ed1b2d-1a66-40f9-8f3c-294f225e22be&nonce=dc4bcbae-8186-45f9-9b1e-ac6fb8745e77
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=fa351213-3eb3-4551-a382-b8dbdd8a92f4&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNjczLjc0RTYuRUI4RS4wNTZCIiwiZXhwIjoxNTMwODE4ODIxLCJpYXQiOjE1MzA4MTUyMjEsIm5vbmNlIjoiZGM0YmNiYWUtODE4Ni00NWY5LTliMWUtYWM2ZmI4NzQ1ZTc3IiwiYXV0aF90aW1lIjoxNTMwODE1MjIxLCJjX2hhc2giOiJFMjd5UkI2UVVSWktwdmZ6T3NHVXVRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoieU1pb0FTMjNHVU9PWkxJcGlLUHhzZ1FSZXlzbFMyQjVrMlBRWENrQnh6USJ9.oj7d5zGD3MrGbgkzY3pG4uyrSkAj_Qg2lx-ubGiDkl_8FeVtH9MqlHlxBJoWHakN1zRDL2U5vYIJG43zM9KrgwJ_sChIvsvpcaWEMX2eB3M4f49JTbEF8yupCfbwu-cM_fX68DTl6NE8UBGvF4EatoABLlTbMIoyCZC9Y8dy4GwDy22qmZJkTUjIruNZQKXv9034HsEPOl_dnCkPGprZA19DrUxdSpYhYMlFZRnokP01zVxzFg8mKg-JZbELgMCLJBp-tTgrBapnXBEPVzLgA6iGWaotEnfCTrcfqjg86MuSjh_kLR1_QeOsTNeDiaen_5BZMARHqb0Gli7CzwuHKw&session_id=bf1f7fb8-b06f-44b0-9244-9c17180ef608&state=b1ed1b2d-1a66-40f9-8f3c-294f225e22be&session_state=c0e9d859-46fa-4515-b446-a3e65a6c40d9
#######################################################
TEST: requestAuthorizationCodeNoRedirection
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B013.3E74.BBD9.331F",
"client_secret": "85cd581e-4a4e-4a5f-93bd-243586ed338b",
"registration_access_token": "882a8711-36a2-4237-af5a-da2b55ebb305",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B013.3E74.BBD9.331F",
"client_id_issued_at": 1530815222,
"client_secret_expires_at": 1530901622,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 882a8711-36a2-4237-af5a-da2b55ebb305
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B013.3E74.BBD9.331F",
"client_secret": "85cd581e-4a4e-4a5f-93bd-243586ed338b",
"registration_access_token": "882a8711-36a2-4237-af5a-da2b55ebb305",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B013.3E74.BBD9.331F",
"client_id_issued_at": 1530815222,
"client_secret_expires_at": 1530901622,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B013.3E74.BBD9.331F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8f69a53e-90ae-4c93-ae24-c2b1f3210d06
14:27:23.564 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:2bc9fb58-4f1e-4e25-8feb-8374b9bd55c0
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B013.3E74.BBD9.331F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8f69a53e-90ae-4c93-ae24-c2b1f3210d06
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=d94dba20-d1d9-4c12-b6ee-68784dbddfda&scope=address+openid+profile+email&session_id=d8b128a1-b793-481c-b077-e314d0858588&state=8f69a53e-90ae-4c93-ae24-c2b1f3210d06&session_state=2bc9fb58-4f1e-4e25-8feb-8374b9bd55c0
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
X-Gluu-NoRedirect: true
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B013.3E74.BBD9.331F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8f69a53e-90ae-4c93-ae24-c2b1f3210d06
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
#######################################################
TEST: requestAuthorizationCodeUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E79F.4D0B.78D5.DAFC",
"client_secret": "80fdadc5-9988-497e-90bb-948a78468131",
"registration_access_token": "45139a89-4adf-4468-be2f-630fa516378e",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E79F.4D0B.78D5.DAFC",
"client_id_issued_at": 1530815223,
"client_secret_expires_at": 1530901623,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 45139a89-4adf-4468-be2f-630fa516378e
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E79F.4D0B.78D5.DAFC",
"client_secret": "80fdadc5-9988-497e-90bb-948a78468131",
"registration_access_token": "45139a89-4adf-4468-be2f-630fa516378e",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E79F.4D0B.78D5.DAFC",
"client_id_issued_at": 1530815223,
"client_secret_expires_at": 1530901623,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E79F.4D0B.78D5.DAFC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dceb2995-081d-423e-9fb0-4a6ec9cec38a
14:27:24.951 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4d9b471f-3bf5-4485-96b7-d295b6ca6be3
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E79F.4D0B.78D5.DAFC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dceb2995-081d-423e-9fb0-4a6ec9cec38a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=b6c0ffef-538f-47ec-8178-4dfa23dbb836&scope=address+openid+profile+email&session_id=44fa7783-b2b2-4dee-be2c-dd517e5d32f1&state=dceb2995-081d-423e-9fb0-4a6ec9cec38a&session_state=4d9b471f-3bf5-4485-96b7-d295b6ca6be3
#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUri
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"application_type": "web",
"client_name": "oxAuth test app"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1082
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B2AB.FDDA.567F.8FF4",
"client_secret": "fe1118c9-632f-4a47-a881-5e4f6caeafac",
"registration_access_token": "6c025654-47b0-4342-83be-fe0bb2415383",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B2AB.FDDA.567F.8FF4",
"client_id_issued_at": 1530815224,
"client_secret_expires_at": 1530901624,
"redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B2AB.FDDA.567F.8FF4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0b0e2ecb-f08a-4ab8-87af-a137a9ad6eb3
14:27:26.028 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:11e5958f-06b1-4f53-9042-7e1f8fd557f5
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B2AB.FDDA.567F.8FF4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0b0e2ecb-f08a-4ab8-87af-a137a9ad6eb3
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=92e820db-1c39-4cc3-9625-9e31df9f61ae&scope=address+openid+profile+email&session_id=c1f5cbcd-6027-4680-9d79-ce6dff857abd&state=0b0e2ecb-f08a-4ab8-87af-a137a9ad6eb3&session_state=11e5958f-06b1-4f53-9042-7e1f8fd557f5
#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUriFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AAD1.71F3.C0AE.B213",
"client_secret": "1fb2589f-abe7-40ec-a345-79114e1c99d8",
"registration_access_token": "dcda7b99-f69f-4024-a69b-4f7a5224ea40",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AAD1.71F3.C0AE.B213",
"client_id_issued_at": 1530815225,
"client_secret_expires_at": 1530901625,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AAD1.71F3.C0AE.B213&scope=openid+profile+address+email&state=3fe9b310-9216-4d15-b8db-a22fe8a1ba82&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 220
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:27:05 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"3fe9b310-9216-4d15-b8db-a22fe8a1ba82"}
#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUriUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"application_type": "web",
"client_name": "oxAuth test app",
"subject_type": "public",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1080
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9B8C.42E5.1B58.3A8F",
"client_secret": "5bf5de99-6efa-4482-baa2-f108dc414cef",
"registration_access_token": "ac95fa70-eecf-488e-b504-f0ca4143a676",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9B8C.42E5.1B58.3A8F",
"client_id_issued_at": 1530815225,
"client_secret_expires_at": 1530901625,
"redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"subject_type": "public",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219B8C.42E5.1B58.3A8F&scope=openid+profile+address+email&state=05101cd8-95f9-4009-9028-59e8240e9941&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:27:05 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=4e29d91e-31a1-48be-9a41-e94fa29bab2d&scope=address+openid+profile+email&session_id=53c94d02-1211-4d41-ad87-30aa2cfcc187&state=05101cd8-95f9-4009-9028-59e8240e9941&session_state=b62151d7-bf08-45c4-b6d7-b71a0653b14e
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: requestAuthorizationDenyAccessThenGrantAccess
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4EDB.61B1.FA4C.219A",
"client_secret": "107ddf20-d8e6-431d-8608-b1dadfeb2da7",
"registration_access_token": "34f4ab26-c8cc-4477-bc78-e0ffc04f713f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4EDB.61B1.FA4C.219A",
"client_id_issued_at": 1530815226,
"client_secret_expires_at": 1530901626,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214EDB.61B1.FA4C.219A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=acafad58-7eba-438f-b42d-27d1113ed01a
14:27:27.545 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndDenyAccess: sessionId:799d020a-a29d-4f96-a2e8-dc9871bd8781
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214EDB.61B1.FA4C.219A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=acafad58-7eba-438f-b42d-27d1113ed01a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=acafad58-7eba-438f-b42d-27d1113ed01a
authorizationRequestAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214EDB.61B1.FA4C.219A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9e8efe38-dc58-47c4-8ba5-b4b490b4f26a&session_id=799d020a-a29d-4f96-a2e8-dc9871bd8781
authorizationRequestAndDenyAccess: sessionState:null
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214EDB.61B1.FA4C.219A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9e8efe38-dc58-47c4-8ba5-b4b490b4f26a&session_id=799d020a-a29d-4f96-a2e8-dc9871bd8781
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=9e8efe38-dc58-47c4-8ba5-b4b490b4f26a
authorizationRequestAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214EDB.61B1.FA4C.219A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f884ccca-8280-4d95-b636-aa68fec6ae91&session_id=799d020a-a29d-4f96-a2e8-dc9871bd8781
authorizationRequestAndGrantAccess: sessionState:c643a72b-7377-4b3f-9685-85993b6d2e84
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214EDB.61B1.FA4C.219A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f884ccca-8280-4d95-b636-aa68fec6ae91&session_id=799d020a-a29d-4f96-a2e8-dc9871bd8781
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=b0a24659-e44b-4a94-8aec-6d3e97100e52&scope=address+openid+profile+email&session_id=799d020a-a29d-4f96-a2e8-dc9871bd8781&state=f884ccca-8280-4d95-b636-aa68fec6ae91&session_state=c643a72b-7377-4b3f-9685-85993b6d2e84
#######################################################
TEST: requestAuthorizationIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:08 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C575.2FEA.2BF3.98F5",
"client_secret": "46fec247-5281-4881-a19e-afbb613c2f91",
"registration_access_token": "442da6f9-89a0-4140-8804-3ef39330fdd9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C575.2FEA.2BF3.98F5",
"client_id_issued_at": 1530815228,
"client_secret_expires_at": 1530901628,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 442da6f9-89a0-4140-8804-3ef39330fdd9
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:08 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C575.2FEA.2BF3.98F5",
"client_secret": "46fec247-5281-4881-a19e-afbb613c2f91",
"registration_access_token": "442da6f9-89a0-4140-8804-3ef39330fdd9",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C575.2FEA.2BF3.98F5",
"client_id_issued_at": 1530815228,
"client_secret_expires_at": 1530901628,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C575.2FEA.2BF3.98F5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0bbd1d92-f847-4ce3-8395-7e913ad890f7&nonce=4613c1e4-cf24-4c07-9d18-d09b0598b21f
14:27:29.736 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d47a8749-d45d-4682-8798-59a40c72b9cd
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C575.2FEA.2BF3.98F5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0bbd1d92-f847-4ce3-8395-7e913ad890f7&nonce=4613c1e4-cf24-4c07-9d18-d09b0598b21f
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDNTc1LjJGRUEuMkJGMy45OEY1IiwiZXhwIjoxNTMwODE4ODI5LCJpYXQiOjE1MzA4MTUyMjksIm5vbmNlIjoiNDYxM2MxZTQtY2YyNC00YzA3LTlkMTgtZDA5YjA1OThiMjFmIiwiYXV0aF90aW1lIjoxNTMwODE1MjI5LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJoc3ZjSGt5VE1qb0VqMmdqTFFJb19ydHdMcGUwQlZYRzhSRUdSTzFtM244In0.snuX51V-4W4dVQ8_GSNBJ7xvS-5lfsGktgmg4PLK7NutFAvS-9anGdO0Pey7dIXt-_FKUA3ndu0UrCJkmtlvrqE9OQNY3vtK-1ApuYXKwiBA--Y4abpSOxMdMF29XoDqS8LWjTnG85HejiYLziDq_-epEng99PD1FWj728Gx89_WC7z6enxhkzlUO-kz5KXi8IEoI79d5qsSPDzj5tmoGK9QymJOtZcIKTxAYfGmg0CHWTFFqv62vRECxaFTRAMXSN2KD6hHzxOVMOg5m0Cy_fwSnKgLBS6GEQ-XvRxnXjVH_fMdmaK5TFVRblOGHX17PUFM_uwAUU-j-7OMwc6YOw&session_id=06003554-4e39-4db8-9a22-a596d431c788&state=0bbd1d92-f847-4ce3-8395-7e913ad890f7&session_state=d47a8749-d45d-4682-8798-59a40c72b9cd
#######################################################
TEST: requestAuthorizationIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["id_token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!97F6.917B.25D1.FEFC",
"client_secret": "273711bb-ea5d-43a9-bedb-3f62c3cd6fa2",
"registration_access_token": "8715e5ab-e1ff-43d4-be83-e69cefdeb7a1",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!97F6.917B.25D1.FEFC",
"client_id_issued_at": 1530815229,
"client_secret_expires_at": 1530901629,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8715e5ab-e1ff-43d4-be83-e69cefdeb7a1
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!97F6.917B.25D1.FEFC",
"client_secret": "273711bb-ea5d-43a9-bedb-3f62c3cd6fa2",
"registration_access_token": "8715e5ab-e1ff-43d4-be83-e69cefdeb7a1",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!97F6.917B.25D1.FEFC",
"client_id_issued_at": 1530815229,
"client_secret_expires_at": 1530901629,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2197F6.917B.25D1.FEFC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a737255e-c3b0-4789-ab3e-228ae4dba727&nonce=0c5e3560-6ccc-4c56-aac6-429e5f9b7613
14:27:30.930 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:7051db04-21e0-47ef-8d6d-36a5038d7b35
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2197F6.917B.25D1.FEFC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a737255e-c3b0-4789-ab3e-228ae4dba727&nonce=0c5e3560-6ccc-4c56-aac6-429e5f9b7613
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5N0Y2LjkxN0IuMjVEMS5GRUZDIiwiZXhwIjoxNTMwODE4ODMwLCJpYXQiOjE1MzA4MTUyMzAsIm5vbmNlIjoiMGM1ZTM1NjAtNmNjYy00YzU2LWFhYzYtNDI5ZTVmOWI3NjEzIiwiYXV0aF90aW1lIjoxNTMwODE1MjMwLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJEX19YNXFOamtkSHltSUtWMFNyOFRzTmpwSnJRYXRTc1lhc3ZHYkN3bmdBIn0.idNHooljhb92w3_rFhEcbnSIHP1UDkoAwTpIFStnSDMlbzP2sT_ONKAgwOIvrT09l-WaC5qW1_pdoU25VUzCZdXDBtq0YiXJeq2eiuYE-FcvmROGPgIuiULn6_E_ejJ2Iaz5WaXJc8lKyjrhhILSGZSaiHLNyBqDTmcFqecsR_FNxnYHSRmCqKs09uy5on1bWbjae3KAfpCv2y5oObJL3Ym8zv92LMOtgSLifiK8vksoS6zvv6fTRAfg0bTQ7YuOZriykuqwGeBZMvdpdF5LANHW8HRAvHAxUGvZajw8dY9aLuQcN-YoHgpfwKdxNqODgsZITBLqG61GDb1qMfGDQA&session_id=42e9c102-e0e3-4b87-b944-f315cc4f042f&state=a737255e-c3b0-4789-ab3e-228ae4dba727&session_state=7051db04-21e0-47ef-8d6d-36a5038d7b35
#######################################################
TEST: requestAuthorizationPromptConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!73A0.CA0C.BFB1.BF80",
"client_secret": "74d0af10-4300-475f-83df-3e081e91a08a",
"registration_access_token": "947d6a04-14b7-49e9-b8c1-b752b8ff02f4",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!73A0.CA0C.BFB1.BF80",
"client_id_issued_at": 1530815230,
"client_secret_expires_at": 1530901630,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 947d6a04-14b7-49e9-b8c1-b752b8ff02f4
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!73A0.CA0C.BFB1.BF80",
"client_secret": "74d0af10-4300-475f-83df-3e081e91a08a",
"registration_access_token": "947d6a04-14b7-49e9-b8c1-b752b8ff02f4",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!73A0.CA0C.BFB1.BF80",
"client_id_issued_at": 1530815230,
"client_secret_expires_at": 1530901630,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2173A0.CA0C.BFB1.BF80&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5a627a34-4fc1-4eec-b9e3-dbfba1f39ba1&prompt=consent
14:27:32.189 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:17b92da7-609a-4fec-b732-65d1e16db524
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2173A0.CA0C.BFB1.BF80&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5a627a34-4fc1-4eec-b9e3-dbfba1f39ba1&prompt=consent
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=68d3fbe1-9608-44a0-93ef-afdf0cf80684&scope=address+openid+profile+email&session_id=f43b4028-7604-467f-bc33-c19258168550&state=5a627a34-4fc1-4eec-b9e3-dbfba1f39ba1&session_state=17b92da7-609a-4fec-b732-65d1e16db524
#######################################################
TEST: requestAuthorizationPromptConsentTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E372.29C3.C66B.F997",
"client_secret": "15322c91-3c5f-4dfd-8185-2a32724cca86",
"registration_access_token": "273247f5-6e41-4835-9f5b-6cbead356e9a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E372.29C3.C66B.F997",
"client_id_issued_at": 1530815231,
"client_secret_expires_at": 1530901631,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 273247f5-6e41-4835-9f5b-6cbead356e9a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E372.29C3.C66B.F997",
"client_secret": "15322c91-3c5f-4dfd-8185-2a32724cca86",
"registration_access_token": "273247f5-6e41-4835-9f5b-6cbead356e9a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E372.29C3.C66B.F997",
"client_id_issued_at": 1530815231,
"client_secret_expires_at": 1530901631,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E372.29C3.C66B.F997&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1946c5c6-f6d5-4dd5-a905-e3d44a3983ba&prompt=consent
14:27:33.418 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3377ed83-420c-4e12-bcf5-b7fc937992ba
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E372.29C3.C66B.F997&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1946c5c6-f6d5-4dd5-a905-e3d44a3983ba&prompt=consent
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=838d5e32-d2d7-4f4a-aca9-c9bb096c2c8f&scope=address+openid+profile+email&session_id=160eadc6-f988-435c-9d3f-0bc113dc8925&state=1946c5c6-f6d5-4dd5-a905-e3d44a3983ba&session_state=3377ed83-420c-4e12-bcf5-b7fc937992ba
#######################################################
TEST: requestAuthorizationPromptLogin
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!584C.0CE8.E643.104C",
"client_secret": "3b07b013-1bdf-419b-ae1f-d341cd02eafa",
"registration_access_token": "a3f79138-3a5c-4925-b0c1-c3f36dc4f493",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!584C.0CE8.E643.104C",
"client_id_issued_at": 1530815233,
"client_secret_expires_at": 1530901633,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer a3f79138-3a5c-4925-b0c1-c3f36dc4f493
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!584C.0CE8.E643.104C",
"client_secret": "3b07b013-1bdf-419b-ae1f-d341cd02eafa",
"registration_access_token": "a3f79138-3a5c-4925-b0c1-c3f36dc4f493",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!584C.0CE8.E643.104C",
"client_id_issued_at": 1530815233,
"client_secret_expires_at": 1530901633,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21584C.0CE8.E643.104C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c01f16f7-f598-472a-b54d-59c451635423&prompt=login
14:27:34.610 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a5fa5c71-78c4-4b7a-95bf-272af575d902
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21584C.0CE8.E643.104C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c01f16f7-f598-472a-b54d-59c451635423&prompt=login
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=e31eec6c-830c-4ba2-92ff-0d6ba952cb1b&scope=address+openid+profile+email&session_id=585da5e0-6954-4e52-b243-698fc2649036&state=c01f16f7-f598-472a-b54d-59c451635423&session_state=a5fa5c71-78c4-4b7a-95bf-272af575d902
#######################################################
TEST: requestAuthorizationPromptLoginConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A903.B342.43C1.7606",
"client_secret": "69b273fc-51ac-4a62-a13e-d4a2d6658378",
"registration_access_token": "2ef42e49-f8e9-4c70-b153-382e808422f2",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A903.B342.43C1.7606",
"client_id_issued_at": 1530815234,
"client_secret_expires_at": 1530901634,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 2ef42e49-f8e9-4c70-b153-382e808422f2
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A903.B342.43C1.7606",
"client_secret": "69b273fc-51ac-4a62-a13e-d4a2d6658378",
"registration_access_token": "2ef42e49-f8e9-4c70-b153-382e808422f2",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A903.B342.43C1.7606",
"client_id_issued_at": 1530815234,
"client_secret_expires_at": 1530901634,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A903.B342.43C1.7606&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a1c22b02-10b9-4cd2-bfcf-fed60095a489&prompt=login+consent
14:27:36.149 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3b1276c1-df43-44b7-b482-3bf3bdb1a6a2
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A903.B342.43C1.7606&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a1c22b02-10b9-4cd2-bfcf-fed60095a489&prompt=login+consent
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=75491b07-915d-4fd0-9447-ea3629265824&scope=address+openid+profile+email&session_id=07c5fa59-ce62-47dc-b76c-f6ff638949fe&state=a1c22b02-10b9-4cd2-bfcf-fed60095a489&session_state=3b1276c1-df43-44b7-b482-3bf3bdb1a6a2
#######################################################
TEST: requestAuthorizationPromptLoginConsentTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BF5C.A449.69BF.049D",
"client_secret": "3ecb3bae-f01f-430a-aadc-33e930ba218c",
"registration_access_token": "dbf5ca49-0886-4efb-8d8b-5d85defb139f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BF5C.A449.69BF.049D",
"client_id_issued_at": 1530815236,
"client_secret_expires_at": 1530901636,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer dbf5ca49-0886-4efb-8d8b-5d85defb139f
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BF5C.A449.69BF.049D",
"client_secret": "3ecb3bae-f01f-430a-aadc-33e930ba218c",
"registration_access_token": "dbf5ca49-0886-4efb-8d8b-5d85defb139f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BF5C.A449.69BF.049D",
"client_id_issued_at": 1530815236,
"client_secret_expires_at": 1530901636,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BF5C.A449.69BF.049D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1417883e-0204-459b-b9ad-73c3c04418a3&prompt=login+consent
14:27:37.471 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:782fdf9c-9e4c-47a4-ab9b-d9ecc4ed0f83
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BF5C.A449.69BF.049D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1417883e-0204-459b-b9ad-73c3c04418a3&prompt=login+consent
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=77360070-63c3-4d93-8dec-2d17ef9328f4&scope=address+openid+profile+email&session_id=bd93ec96-415a-4a30-8890-1f4a1eb1ae29&state=1417883e-0204-459b-b9ad-73c3c04418a3&session_state=782fdf9c-9e4c-47a4-ab9b-d9ecc4ed0f83
#######################################################
TEST: requestAuthorizationPromptNoneFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!90C1.58B9.E9C1.558B",
"client_secret": "75a17fb9-2b86-48a0-a8d3-1a6fd75024dd",
"registration_access_token": "1af61090-aaf5-4cc6-92ce-dd376be0290a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!90C1.58B9.E9C1.558B",
"client_id_issued_at": 1530815237,
"client_secret_expires_at": 1530901637,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 1af61090-aaf5-4cc6-92ce-dd376be0290a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!90C1.58B9.E9C1.558B",
"client_secret": "75a17fb9-2b86-48a0-a8d3-1a6fd75024dd",
"registration_access_token": "1af61090-aaf5-4cc6-92ce-dd376be0290a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!90C1.58B9.E9C1.558B",
"client_id_issued_at": 1530815237,
"client_secret_expires_at": 1530901637,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2190C1.58B9.E9C1.558B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f7ba8cd8-f60f-4613-bc9a-040d1b901a7a&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:27:17 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+Authorization+Server+requires+End-User+authentication.+This+error+MAY+be+returned+when+the+prompt+parameter+in+the+Authorization+Request+is+set+to+none+to+request+that+the+Authorization+Server+should+not+display+any+user+interfaces+to+the+End-User%2C+but+the+Authorization+Request+cannot+be+completed+without+displaying+a+user+interface+for+user+authentication.&state=f7ba8cd8-f60f-4613-bc9a-040d1b901a7a&error=login_required
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: requestAuthorizationPromptLoginConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4C30.0AC8.E156.6ECC",
"client_secret": "4e4caffd-faed-4dec-a2c9-ef0181fcb94e",
"registration_access_token": "b8405798-391f-4824-8b2b-44412cc86f2d",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4C30.0AC8.E156.6ECC",
"client_id_issued_at": 1530815237,
"client_secret_expires_at": 1530901637,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b8405798-391f-4824-8b2b-44412cc86f2d
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4C30.0AC8.E156.6ECC",
"client_secret": "4e4caffd-faed-4dec-a2c9-ef0181fcb94e",
"registration_access_token": "b8405798-391f-4824-8b2b-44412cc86f2d",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4C30.0AC8.E156.6ECC",
"client_id_issued_at": 1530815237,
"client_secret_expires_at": 1530901637,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214C30.0AC8.E156.6ECC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fe94eef1-0c8a-4199-9d7b-8f4eea465a39&prompt=none+login+consent
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:27:17 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=fe94eef1-0c8a-4199-9d7b-8f4eea465a39&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: requestAuthorizationPromptNoneTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C4B2.8958.C385.E50D",
"client_secret": "878115dc-131a-4965-b474-6659747d4a78",
"registration_access_token": "03f86741-ecb7-4916-8946-6ab0c2b5215c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C4B2.8958.C385.E50D",
"client_id_issued_at": 1530815237,
"client_secret_expires_at": 1530901637,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 03f86741-ecb7-4916-8946-6ab0c2b5215c
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C4B2.8958.C385.E50D",
"client_secret": "878115dc-131a-4965-b474-6659747d4a78",
"registration_access_token": "03f86741-ecb7-4916-8946-6ab0c2b5215c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C4B2.8958.C385.E50D",
"client_id_issued_at": 1530815237,
"client_secret_expires_at": 1530901637,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C4B2.8958.C385.E50D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f985e102-3285-4cab-89f9-b4d4c0e3cefb&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:27:17 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=90e8acb8-7b47-4fde-92eb-1fa1d057ef0e&scope=address+openid+profile+email&session_id=4d857119-4dab-485d-aaff-00d278aebeb9&state=f985e102-3285-4cab-89f9-b4d4c0e3cefb&session_state=f02db3a7-a73c-4c4f-a92e-dc361c6ebc1f
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: requestAuthorizationToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!833A.C6AE.1E3A.2C1E",
"client_secret": "fcbb8ba1-8a1e-4194-aff2-bbbfb512f5a7",
"registration_access_token": "0e576a94-1439-45e1-98a9-4e69b8e50a62",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!833A.C6AE.1E3A.2C1E",
"client_id_issued_at": 1530815238,
"client_secret_expires_at": 1530901638,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 0e576a94-1439-45e1-98a9-4e69b8e50a62
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!833A.C6AE.1E3A.2C1E",
"client_secret": "fcbb8ba1-8a1e-4194-aff2-bbbfb512f5a7",
"registration_access_token": "0e576a94-1439-45e1-98a9-4e69b8e50a62",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!833A.C6AE.1E3A.2C1E",
"client_id_issued_at": 1530815238,
"client_secret_expires_at": 1530901638,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21833A.C6AE.1E3A.2C1E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=47e99c6b-07c0-4852-b2a3-121ddaafd2b8&nonce=a03be457-eb95-492b-8c58-1058bf6d1577
14:27:39.531 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ac7f5ec4-5e3c-4912-af29-bae41be2e3df
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21833A.C6AE.1E3A.2C1E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=47e99c6b-07c0-4852-b2a3-121ddaafd2b8&nonce=a03be457-eb95-492b-8c58-1058bf6d1577
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=03d4b929-63df-4c8b-b4b9-d3152e8ebe0d&scope=address+openid+profile+email&session_id=7dca5d8f-2377-4b81-b855-86a502c99b10&state=47e99c6b-07c0-4852-b2a3-121ddaafd2b8&token_type=bearer&session_state=ac7f5ec4-5e3c-4912-af29-bae41be2e3df&expires_in=299
#######################################################
TEST: requestAuthorizationTokenCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C419.66CE.D605.A3C5",
"client_secret": "a639bf4e-7414-4a02-8c18-1ef220635550",
"registration_access_token": "12d53242-31ed-4b10-881a-c7500bafdf8a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C419.66CE.D605.A3C5",
"client_id_issued_at": 1530815239,
"client_secret_expires_at": 1530901639,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 12d53242-31ed-4b10-881a-c7500bafdf8a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C419.66CE.D605.A3C5",
"client_secret": "a639bf4e-7414-4a02-8c18-1ef220635550",
"registration_access_token": "12d53242-31ed-4b10-881a-c7500bafdf8a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C419.66CE.D605.A3C5",
"client_id_issued_at": 1530815239,
"client_secret_expires_at": 1530901639,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C419.66CE.D605.A3C5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8b27c143-9ae2-4974-a06a-8060dc422026&nonce=7cfd8b72-4950-407b-aec1-146e31820718
14:27:40.778 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d5a739a2-7de8-40ed-9ed0-6445c389b70f
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C419.66CE.D605.A3C5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8b27c143-9ae2-4974-a06a-8060dc422026&nonce=7cfd8b72-4950-407b-aec1-146e31820718
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=974494da-d3b1-424f-adbb-81af2061fa90&code=c235c5ca-92dd-4969-8bd1-dae382923b52&scope=address+openid+profile+email&session_id=fefbb553-a110-4822-883b-237894517bc5&state=8b27c143-9ae2-4974-a06a-8060dc422026&token_type=bearer&session_state=d5a739a2-7de8-40ed-9ed0-6445c389b70f&expires_in=299
#######################################################
TEST: requestAuthorizationTokenCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5490.2653.32B6.B0C2",
"client_secret": "71d508bb-8b49-460c-9640-bc806d569645",
"registration_access_token": "9b698892-bf55-4c8f-95d6-3e78be24ddf7",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5490.2653.32B6.B0C2",
"client_id_issued_at": 1530815240,
"client_secret_expires_at": 1530901640,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 9b698892-bf55-4c8f-95d6-3e78be24ddf7
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5490.2653.32B6.B0C2",
"client_secret": "71d508bb-8b49-460c-9640-bc806d569645",
"registration_access_token": "9b698892-bf55-4c8f-95d6-3e78be24ddf7",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5490.2653.32B6.B0C2",
"client_id_issued_at": 1530815240,
"client_secret_expires_at": 1530901640,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215490.2653.32B6.B0C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c48e0b4f-c3ed-4224-a355-c9cb16c2113d&nonce=1c27407c-b83d-47b9-9099-a17df1e78ce9
14:27:42.009 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f95bf20f-618c-42da-a1ff-d5618fbef2cd
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215490.2653.32B6.B0C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c48e0b4f-c3ed-4224-a355-c9cb16c2113d&nonce=1c27407c-b83d-47b9-9099-a17df1e78ce9
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=5ed1b670-2009-488a-8523-b1bfc3b46934&code=de29a9a9-a04f-414d-825f-411b03a49ae5&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1NDkwLjI2NTMuMzJCNi5CMEMyIiwiZXhwIjoxNTMwODE4ODQxLCJpYXQiOjE1MzA4MTUyNDEsIm5vbmNlIjoiMWMyNzQwN2MtYjgzZC00N2I5LTkwOTktYTE3ZGYxZTc4Y2U5IiwiYXV0aF90aW1lIjoxNTMwODE1MjQxLCJjX2hhc2giOiJUdjhzWEItZG1OSWltLWp5MEhQcVpBIiwiYXRfaGFzaCI6IndKSHBHbXJCRGZjdHVuSDAteTZ3TXciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJ1VTR4VXhkNGhsa1JiVUJVbGNWcHl3c0dsNF9US1pLWk9tczlKcEJKcjNrIn0.HyInj365gNnltRG52Wk1Uqk_J_wH5UmTrxJXBQzDLSFeFkhXq4v7Qct8RopVHk0c9hvN89OSxFbG_7nzSXBMpU7GwQ_KukEwVR-MHh3kn8qTqA9D1ostJBt9L8EVjByxjhUIEj63sUBIoraDG2LC3wXak2LtscX5hc1-U63IWIoHFCZfVrjQk2zQ9UvZRpwE2eqwsMQz7IPJyrdP82mgT4ngGcCtA3nSyA99HUa5L9muCKt6-LbsZE7YnwNNrElIyhPEgZWr9FwpHnNIUx1Oqmqo681WgbAmg5xbf7rv076Dn9T94weUFy18BihiZW5Fw1IN_GwJUf3K_PFwWj2Q9g&session_id=2e97dbd6-4d8e-4dba-a480-fc6e76ec3d6b&state=c48e0b4f-c3ed-4224-a355-c9cb16c2113d&token_type=bearer&session_state=f95bf20f-618c-42da-a1ff-d5618fbef2cd&expires_in=299
#######################################################
TEST: requestAuthorizationTokenCodeIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!136E.B4F4.BF24.57CE",
"client_secret": "c4f07b72-8f10-40ef-8370-ce2555575ca5",
"registration_access_token": "e7530ed6-1bd0-47fe-a9a7-b4096b9e71cb",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!136E.B4F4.BF24.57CE",
"client_id_issued_at": 1530815241,
"client_secret_expires_at": 1530901641,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer e7530ed6-1bd0-47fe-a9a7-b4096b9e71cb
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!136E.B4F4.BF24.57CE",
"client_secret": "c4f07b72-8f10-40ef-8370-ce2555575ca5",
"registration_access_token": "e7530ed6-1bd0-47fe-a9a7-b4096b9e71cb",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!136E.B4F4.BF24.57CE",
"client_id_issued_at": 1530815241,
"client_secret_expires_at": 1530901641,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21136E.B4F4.BF24.57CE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3d73e70a-7276-42ff-a602-2d10948ebf74&nonce=572d1b4c-a033-43cc-a7bf-a5a6a6166a29
14:27:43.234 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d65bedce-54b8-420d-83ad-0d65f26df962
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21136E.B4F4.BF24.57CE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3d73e70a-7276-42ff-a602-2d10948ebf74&nonce=572d1b4c-a033-43cc-a7bf-a5a6a6166a29
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=4a335ce7-a95b-4be3-8786-241de2f66b8c&code=62b94f72-f70b-47b5-bb19-c119a5d56074&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExMzZFLkI0RjQuQkYyNC41N0NFIiwiZXhwIjoxNTMwODE4ODQyLCJpYXQiOjE1MzA4MTUyNDIsIm5vbmNlIjoiNTcyZDFiNGMtYTAzMy00M2NjLWE3YmYtYTVhNmE2MTY2YTI5IiwiYXV0aF90aW1lIjoxNTMwODE1MjQyLCJjX2hhc2giOiIwcEV6WkpiUVJhb0hDMnJKbGMyQ2pnIiwiYXRfaGFzaCI6Iko1RFE4d2FvUzEzMXNpbVNDdElPM3ciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJrcFNobDE2MzlDMHhJa1BPQmdJQVVSSlN4ZHU2ZWNLNER3VEdwMWhybmFrIn0.NEEq_Fzay9gCcOxcYVYmEFYap4WQZIjjklD80oAOMvn7rEmi2LlLYF8OSPaMtD8T9MWPZ5sS0craye2_M9GCq4txbRet9EQICxdjnaceDraaNLOgUXG-F8hairdumcJd0KyfoXd-RxG1Rr-YRp8gXZ57hr-FkvZYM_f8lmqOksJVWj4TNKNk2BBAuKReKPSwgtwhbvgfLVgwYAEuHZXbko9ZO8rg23_FTabJKrEV6w29iorkW69IoayhjY2iguS58QXOlq0wxh19kU4ZTw9hQQdumd8rdoUeSmWrkT7LQYHYhFNpZq-gr7BlEvE8rYnkwhfma6AHH1-RWzNtJ2KH5A&session_id=fec6c0ca-82e6-4623-a10b-31eeba711bd4&state=3d73e70a-7276-42ff-a602-2d10948ebf74&token_type=bearer&session_state=d65bedce-54b8-420d-83ad-0d65f26df962&expires_in=299
#######################################################
TEST: requestAuthorizationTokenCodeUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D8B5.B712.ADE2.E0AC",
"client_secret": "db05ab35-3d80-485d-b3f5-e4eba9ba5ab1",
"registration_access_token": "9bbf0b1a-6494-45f9-a946-c07590e5a874",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D8B5.B712.ADE2.E0AC",
"client_id_issued_at": 1530815243,
"client_secret_expires_at": 1530901643,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 9bbf0b1a-6494-45f9-a946-c07590e5a874
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D8B5.B712.ADE2.E0AC",
"client_secret": "db05ab35-3d80-485d-b3f5-e4eba9ba5ab1",
"registration_access_token": "9bbf0b1a-6494-45f9-a946-c07590e5a874",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D8B5.B712.ADE2.E0AC",
"client_id_issued_at": 1530815243,
"client_secret_expires_at": 1530901643,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D8B5.B712.ADE2.E0AC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6582fa0c-eedc-4254-bed6-1b1c33c23e49&nonce=1a4d1475-9925-45e8-a66e-4f7bed8f87a0
14:27:44.546 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:26a69592-1d65-4a21-a8cb-5b536a4c5764
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D8B5.B712.ADE2.E0AC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6582fa0c-eedc-4254-bed6-1b1c33c23e49&nonce=1a4d1475-9925-45e8-a66e-4f7bed8f87a0
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=3d7bd39e-ccf5-401a-ac17-0a0351229594&code=2e120352-961b-4f92-a30a-0f3d64eef301&scope=address+openid+profile+email&session_id=7fbcad39-0248-4187-a9ae-82e8889c1ead&state=6582fa0c-eedc-4254-bed6-1b1c33c23e49&token_type=bearer&session_state=26a69592-1d65-4a21-a8cb-5b536a4c5764&expires_in=299
#######################################################
TEST: requestAuthorizationTokenFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=token&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=46e8249d-161b-4fc3-b25f-135c39b5db26
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 222
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:27:24 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed.","state":"46e8249d-161b-4fc3-b25f-135c39b5db26"}
#######################################################
TEST: requestAuthorizationTokenFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AF3A.AF47.5A8A.73CA",
"client_secret": "14d783fa-ba1d-4a2c-b5f7-32c3dbefd7f0",
"registration_access_token": "0468ef25-ef81-4a28-aec4-86d31e68782f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AF3A.AF47.5A8A.73CA",
"client_id_issued_at": 1530815244,
"client_secret_expires_at": 1530901644,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 0468ef25-ef81-4a28-aec4-86d31e68782f
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AF3A.AF47.5A8A.73CA",
"client_secret": "14d783fa-ba1d-4a2c-b5f7-32c3dbefd7f0",
"registration_access_token": "0468ef25-ef81-4a28-aec4-86d31e68782f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AF3A.AF47.5A8A.73CA",
"client_id_issued_at": 1530815244,
"client_secret_expires_at": 1530901644,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AF3A.AF47.5A8A.73CA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0380059e-6449-4202-bdbd-be954babf3d4&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:27:24 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=0380059e-6449-4202-bdbd-be954babf3d4&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
#######################################################
TEST: requestAuthorizationTokenIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0E1.2EDD.CC18.CCBF",
"client_secret": "29445b64-c69d-4be4-a352-28f85a78dec2",
"registration_access_token": "c1758df6-3587-446f-bd6d-0c888a2b34ff",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0E1.2EDD.CC18.CCBF",
"client_id_issued_at": 1530815244,
"client_secret_expires_at": 1530901644,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer c1758df6-3587-446f-bd6d-0c888a2b34ff
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0E1.2EDD.CC18.CCBF",
"client_secret": "29445b64-c69d-4be4-a352-28f85a78dec2",
"registration_access_token": "c1758df6-3587-446f-bd6d-0c888a2b34ff",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0E1.2EDD.CC18.CCBF",
"client_id_issued_at": 1530815244,
"client_secret_expires_at": 1530901644,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D0E1.2EDD.CC18.CCBF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=34c147f9-c2bd-48ab-9781-05339ccd2770&nonce=8987e786-0e8d-4cdc-bc48-43f1910386e5
14:27:46.146 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:bc4c0b68-5c46-4363-a499-790bd1345952
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D0E1.2EDD.CC18.CCBF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=34c147f9-c2bd-48ab-9781-05339ccd2770&nonce=8987e786-0e8d-4cdc-bc48-43f1910386e5
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=71393301-48ac-436b-a66f-686f14e1ce0b&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMEUxLjJFREQuQ0MxOC5DQ0JGIiwiZXhwIjoxNTMwODE4ODQ1LCJpYXQiOjE1MzA4MTUyNDUsIm5vbmNlIjoiODk4N2U3ODYtMGU4ZC00Y2RjLWJjNDgtNDNmMTkxMDM4NmU1IiwiYXV0aF90aW1lIjoxNTMwODE1MjQ1LCJhdF9oYXNoIjoiNVRnRFpMZ3JMUlRfcDVvMXF1OVVZQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlBwYkxJRmdrMUk4QklFWjNhZzJXOHd0NFhzX29UMndHMjVYSzlHSTlqRTAifQ.izIMalPXAaPca6t-PKQOQkfO8p-U_tYNtd7ATiMtK3Hv1S6hdZZ48GaSrnuMGtewWwbU8d4Dtkz0q2v_iq4sN11dI7L1QfKCNQyPQiYfPktytlCPEOjfu9GZbMGvbL-6tDdgZdykdSbUmdFChJmtoKcHlBd_XNTXMxea49rurZCswBG1h8OQBz9THP4P4PbMUhYs5gYmA1rcCoXyp8sn_TiZ4QqyhY_d7PMvxCtZ2xYxbJtPOeVyragqX3d3K0ZXCBwCu7wVQf8xmUwChiLlzd7VpNZ1xtGDG7kJelxrzwknbNCHNbAZ1CuL1f4vgaTnDSrIh6rh0PaO5xFDzKHpnQ&session_id=70f48c78-3e03-4b66-9a83-18fc7340fade&state=34c147f9-c2bd-48ab-9781-05339ccd2770&token_type=bearer&session_state=bc4c0b68-5c46-4363-a499-790bd1345952&expires_in=299
#######################################################
TEST: requestAuthorizationTokenIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!48AF.EAFB.F0D8.B347",
"client_secret": "a6384e4f-7b62-4159-aa74-36cdc4cc6549",
"registration_access_token": "00dc995f-3d49-42e8-bd19-729793426780",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!48AF.EAFB.F0D8.B347",
"client_id_issued_at": 1530815246,
"client_secret_expires_at": 1530901646,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 00dc995f-3d49-42e8-bd19-729793426780
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!48AF.EAFB.F0D8.B347",
"client_secret": "a6384e4f-7b62-4159-aa74-36cdc4cc6549",
"registration_access_token": "00dc995f-3d49-42e8-bd19-729793426780",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!48AF.EAFB.F0D8.B347",
"client_id_issued_at": 1530815246,
"client_secret_expires_at": 1530901646,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2148AF.EAFB.F0D8.B347&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=327e4091-22dc-4941-b155-e8eaa40ea37e&nonce=45079064-d96b-489a-96d3-2172203f790a
14:27:47.435 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a5d59c8c-486f-43a9-8c01-775191d38da9
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2148AF.EAFB.F0D8.B347&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=327e4091-22dc-4941-b155-e8eaa40ea37e&nonce=45079064-d96b-489a-96d3-2172203f790a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=98f8fa64-5fb1-4a15-bf05-ea517163250d&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0OEFGLkVBRkIuRjBEOC5CMzQ3IiwiZXhwIjoxNTMwODE4ODQ3LCJpYXQiOjE1MzA4MTUyNDcsIm5vbmNlIjoiNDUwNzkwNjQtZDk2Yi00ODlhLTk2ZDMtMjE3MjIwM2Y3OTBhIiwiYXV0aF90aW1lIjoxNTMwODE1MjQ2LCJhdF9oYXNoIjoiNVB6WEE5dlQ0d1dqcFBlUG1zRzhlUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlQwZ3hIWVhvMUhzcHlKZVViel9aSTBJa0w5cFVWM0pLVWNLSUJQLVdubGMifQ.Z7sQtBFk1bvIEWfYe1hAUAq6glZYRjDxyrxAXwEXXt-t6Igiv9aC7UcPKsin4_5zsd77p-3NRzNO7xQ7ymTah6DOJWRsHpouDk53HEWNv8RYfCXk7dx7IzqQ5IuBS5DvVqPEReIx8cqaHtbdeY3uTfONHlrS6QTUmBxV_VoYDd2MSy64H2wXMa9BK14QIH6_kr92gMMyAUCU130MP0hFiXjgs7L2Q5hbUqOwBXSxafkcUv2zxPHuQPzwBbXABhplPA0Vo1_9LR1lZZPbcIN2-lW5PxnW1TIVtePfYPI2lj1db5EtnLnttzDlw_2mrH6ppZw8i_g1E0YPXpC3j9bCNg&session_id=1c3c16c5-2dd5-41c8-9c10-4e098bd48bed&state=327e4091-22dc-4941-b155-e8eaa40ea37e&token_type=bearer&session_state=a5d59c8c-486f-43a9-8c01-775191d38da9&expires_in=299
#######################################################
TEST: requestAuthorizationTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BF34.D733.0C0C.2852",
"client_secret": "48c98946-6f94-425d-8267-3fe1d5ea7ce1",
"registration_access_token": "6d835307-bbcd-4cc6-8edf-25fbc2a1476c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BF34.D733.0C0C.2852",
"client_id_issued_at": 1530815247,
"client_secret_expires_at": 1530901647,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 6d835307-bbcd-4cc6-8edf-25fbc2a1476c
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BF34.D733.0C0C.2852",
"client_secret": "48c98946-6f94-425d-8267-3fe1d5ea7ce1",
"registration_access_token": "6d835307-bbcd-4cc6-8edf-25fbc2a1476c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BF34.D733.0C0C.2852",
"client_id_issued_at": 1530815247,
"client_secret_expires_at": 1530901647,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["token"],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BF34.D733.0C0C.2852&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f4f6d090-df17-4435-a346-003d9bd8a402&nonce=7de7ec33-9420-49e4-8e49-833185d390e3
14:27:48.649 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:2aadabb1-417b-4823-aeaf-d2980a4cd002
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BF34.D733.0C0C.2852&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f4f6d090-df17-4435-a346-003d9bd8a402&nonce=7de7ec33-9420-49e4-8e49-833185d390e3
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=ee6973f4-07b7-4645-bad7-18f8377b77bd&scope=address+openid+profile+email&session_id=3b241671-5a46-4f87-9254-20706b98146b&state=f4f6d090-df17-4435-a346-003d9bd8a402&token_type=bearer&session_state=2aadabb1-417b-4823-aeaf-d2980a4cd002&expires_in=299
#######################################################
TEST: requestAuthorizationWithoutScope
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C2D0.7B0F.3E1B.C190",
"client_secret": "3a141d3e-0f83-4049-9cbc-7269981fbff9",
"registration_access_token": "2cade6b3-f30e-404e-a2a1-d06e5fc6d802",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C2D0.7B0F.3E1B.C190",
"client_id_issued_at": 1530815248,
"client_secret_expires_at": 1530901648,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 2cade6b3-f30e-404e-a2a1-d06e5fc6d802
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C2D0.7B0F.3E1B.C190",
"client_secret": "3a141d3e-0f83-4049-9cbc-7269981fbff9",
"registration_access_token": "2cade6b3-f30e-404e-a2a1-d06e5fc6d802",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C2D0.7B0F.3E1B.C190",
"client_id_issued_at": 1530815248,
"client_secret_expires_at": 1530901648,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C2D0.7B0F.3E1B.C190&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b6cd4cb0-b170-4a25-88a2-bf4ef4641181&nonce=725ba49e-fef2-416b-b6a9-6e95001f89c6
14:27:49.946 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:26af03e1-3f2b-414f-bc08-76539f09a305
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C2D0.7B0F.3E1B.C190&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b6cd4cb0-b170-4a25-88a2-bf4ef4641181&nonce=725ba49e-fef2-416b-b6a9-6e95001f89c6
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=6d1cdd5f-99c0-414f-b985-f20700e9991c&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDMkQwLjdCMEYuM0UxQi5DMTkwIiwiZXhwIjoxNTMwODE4ODQ5LCJpYXQiOjE1MzA4MTUyNDksIm5vbmNlIjoiNzI1YmE0OWUtZmVmMi00MTZiLWI2YTktNmU5NTAwMWY4OWM2IiwiYXV0aF90aW1lIjoxNTMwODE1MjQ5LCJjX2hhc2giOiJZSjJ6N3hQNGs3alpPT2RyV3g2dzV3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiczZ5dGJVRHlwYnpxbmZHclI3YnE2WUhLSlk4SU1jR2gzQlI2VHljTjE1MCJ9.jMm2Qommto8tw5VU1Jye_Sgk0hKPYCt5JgazdpIKbX1fnEng7YbFTd1WiKB3mYihZDduBJGR2nMl64YQ69Dp23T_pzXYMQzGQ_6s6E_v90XrCEDHxHZCr2sh23QFIFdPTZNFvGQ7ds39odLJ841gm02yoyLEsvXGcDD0sByf9AnNTizWPYEZN0n1ClhTHWgbhpPdGo66fP8yHTTzXnZfO4Bk0ppiurQqMBf2HCSWNbt30DtGjeGgiR9abP9HWYWjhQYZh_I3GjZqMCIN22k3v8s6yWaKg9EWm8k5kufG7AUoBGoE--1RuUabPC--IJApsJxQjhyhj_LLIvAvsVIgTA&session_id=b3174388-cf85-4bfb-bfbe-9468994d4ee3&state=b6cd4cb0-b170-4a25-88a2-bf4ef4641181&session_state=26af03e1-3f2b-414f-bc08-76539f09a305
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:29 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:29 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: requestSessionIdAuthorizationCode1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6E00.4ED3.B1A0.FD26",
"client_secret": "bc97c00d-569e-4b50-b7a6-5473470739f9",
"registration_access_token": "72bdc0f5-1d09-4972-9b08-c9d221c489a1",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6E00.4ED3.B1A0.FD26",
"client_id_issued_at": 1530815249,
"client_secret_expires_at": 1530901649,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 72bdc0f5-1d09-4972-9b08-c9d221c489a1
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6E00.4ED3.B1A0.FD26",
"client_secret": "bc97c00d-569e-4b50-b7a6-5473470739f9",
"registration_access_token": "72bdc0f5-1d09-4972-9b08-c9d221c489a1",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6E00.4ED3.B1A0.FD26",
"client_id_issued_at": 1530815249,
"client_secret_expires_at": 1530901649,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216E00.4ED3.B1A0.FD26&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dd0828a5-1622-4f83-ad13-2ba8d46b4b68
14:27:51.355 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
waitForResourceOwnerAndGrantLoginForm: sessionState:b4c0ab50-27c6-4a8b-91eb-7d40dc716878
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216E00.4ED3.B1A0.FD26&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dd0828a5-1622-4f83-ad13-2ba8d46b4b68
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216E00.4ED3.B1A0.FD26&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9427bf69-701f-4c4e-a7ce-64db34c35f5b
14:27:51.522 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b9493cae-e605-4bae-8705-87e0e657394f
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216E00.4ED3.B1A0.FD26&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9427bf69-701f-4c4e-a7ce-64db34c35f5b
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=d446f7d0-049c-4a95-8cae-7bbb157b92cc&scope=address+openid+profile+email&session_id=e1db542e-4b21-4025-9b88-dd7cbb8e3d2a&state=9427bf69-701f-4c4e-a7ce-64db34c35f5b&session_state=b9493cae-e605-4bae-8705-87e0e657394f
#######################################################
TEST: requestSessionIdAuthorizationCode2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!997B.4861.8C66.A24E",
"client_secret": "6665208d-8627-48a9-bef8-d942c46dd5e9",
"registration_access_token": "ddc315e5-ea8f-4a6a-abd6-1f17a0c89afb",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!997B.4861.8C66.A24E",
"client_id_issued_at": 1530815251,
"client_secret_expires_at": 1530901651,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer ddc315e5-ea8f-4a6a-abd6-1f17a0c89afb
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!997B.4861.8C66.A24E",
"client_secret": "6665208d-8627-48a9-bef8-d942c46dd5e9",
"registration_access_token": "ddc315e5-ea8f-4a6a-abd6-1f17a0c89afb",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!997B.4861.8C66.A24E",
"client_id_issued_at": 1530815251,
"client_secret_expires_at": 1530901651,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21997B.4861.8C66.A24E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=09b32c96-c45b-4f31-80d4-79e4be216414
14:27:52.691 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
waitForResourceOwnerAndGrantLoginForm: sessionState:867c294a-ed74-4cd4-9c0a-d529d1e46b35
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21997B.4861.8C66.A24E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=09b32c96-c45b-4f31-80d4-79e4be216414
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21997B.4861.8C66.A24E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d7d3da4a-5c07-47ee-a678-039892545d36
14:27:52.864 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d5b74113-af1d-4dfc-86fe-d43ed81d7515
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21997B.4861.8C66.A24E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d7d3da4a-5c07-47ee-a678-039892545d36
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=ac4da8bd-8d62-4116-8488-6cea4b8435d6&scope=address+openid+profile+email&session_id=62eed825-3381-4b78-acd8-962aac7b0072&state=d7d3da4a-5c07-47ee-a678-039892545d36&session_state=d5b74113-af1d-4dfc-86fe-d43ed81d7515
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:32 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:32 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: requestClientRegistrationWithCustomAttributes
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"code",
"token",
"id_token"
],
"grant_types": ["password"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"oxAuthTrustedClient": "true",
"myCustomAttr1": "9542cc46-cbaa-47a4-a972-20657f3e2a3d"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1445
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:32 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B161.734B.A7A4.C817",
"client_secret": "5f300cf4-c699-4451-be00-bcd10290d300",
"registration_access_token": "7afe3d47-125f-4780-a311-dfaa0828287e",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B161.734B.A7A4.C817",
"client_id_issued_at": 1530815252,
"client_secret_expires_at": 1530901652,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"code",
"id_token",
"token"
],
"grant_types": [
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
#######################################################
TEST: requestAccessTokenCustomClientAuth1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==
response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B161.734B.A7A4.C817&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8663ffcb-7570-4b55-b545-acca5b3e141e&nonce=f796cd0c-992a-4ce4-adf1-4f575d6c6a6b&prompt=none
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:27:32 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=9ca88101-c37c-495f-a3cc-6d6da6422082&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCMTYxLjczNEIuQTdBNC5DODE3IiwiZXhwIjoxNTMwODE4ODUyLCJpYXQiOjE1MzA4MTUyNTIsIm5vbmNlIjoiZjc5NmNkMGMtOTkyYS00Y2U0LWFkZjEtNGY1NzVkNmM2YTZiIiwiYXV0aF90aW1lIjoxNTMwODE1MjUyLCJjX2hhc2giOiJpTk8xcDVodHhEQVVQSHBOYVloRnVnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoicGZxTmhqY29VWno4QVFMMWVwdGZxbWptR3dicVltejFqSmh3a043WWtvTSJ9.eKwubmfBX6nGMGcZq2GbpClBAPQdK3mm1DuGtQC2mDwxg5jTTLUx3gI88YbBrVcnrwv6KdF3X_6jp8iGhVLbNvuCF62elP5ZaU5cijIfdMNPeyM6Ux6srbBMe7Bp37F2twxUcGFcCCYmKW3SATrBIGKInYu55YDCDSqMbDwrchvioRR4_T7nUaj1IMyYm5_RMQX4w5ten0fbzNJya8YVI44hBOkk9YqQk--FUMOA2kWdPF4BA0WWcOb6oGOTdDjpvR4DKOZZKnXPM1kUbiO0d0N9v7mZCVy93AhlHQQa-KgzvhLVufB872FPH5leseuHcmqznxvkTMNSliBcLUBaIw&session_id=9ae7cdba-8681-463e-8c79-09eb169bfd8e&state=8663ffcb-7570-4b55-b545-acca5b3e141e&session_state=70921459-54e7-4fef-b417-a5e7138342a0
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=authorization_code&code=9ca88101-c37c-495f-a3cc-6d6da6422082&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&myCustomAttr1=9542cc46-cbaa-47a4-a972-20657f3e2a3d
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"721c1578-f8eb-4e3d-aec5-d26b4e6d1346","token_type":"bearer","expires_in":299,"refresh_token":"b958562c-7b0c-44cf-a73f-12604b2beb37","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCMTYxLjczNEIuQTdBNC5DODE3IiwiZXhwIjoxNTMwODE4ODUzLCJpYXQiOjE1MzA4MTUyNTMsIm5vbmNlIjoiZjc5NmNkMGMtOTkyYS00Y2U0LWFkZjEtNGY1NzVkNmM2YTZiIiwiYXV0aF90aW1lIjoxNTMwODE1MjUyLCJhdF9oYXNoIjoiR2hsVHEwbWFSS3IzdU9NeHQzYndqZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InBmcU5oamNvVVp6OEFRTDFlcHRmcW1qbUd3YnFZbXoxakpod2tON1lrb00ifQ.DgGmrRnn5bgesuKHaLNx0ws4lfxWnwzCD45FYmuTX4UPrlVCiUyxutAl6-5IK-w--VdsyJphQPPdCty_n3Cf29LCiUrg4wt6p1nqPqTxIQ_9KKTljg5F9yVeH4FW0EEoNSmrf7-PbA2YxwTFzcwHshhDyO9lBlIU4bhRoOu0my_jR6qzqBTOV-mjxocbklhyGFz31PxBzcuuOfSlkp_kCUWJfYIY4xsCgb9m9X4E1jdEGKFiNCneUZgg43WzyvHb14GM88MWN_eKQbFSnih5-NQx65KsxBAE43_ERsBciB93jwRAtS3GCQFyRfdYoi2FWAHqtiFlnN1nJlhxQ6BN3Q"}
#######################################################
TEST: requestAccessTokenCustomClientAuth2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=password&scope=openid&username=test_user&password=test_user_password&myCustomAttr1=9542cc46-cbaa-47a4-a972-20657f3e2a3d
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 934
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"f265c41d-8115-4714-a3d2-f67d6d75e927","token_type":"bearer","expires_in":299,"refresh_token":"62eb992e-424d-4a70-b05c-0eb34544be6a","scope":"openid","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCMTYxLjczNEIuQTdBNC5DODE3IiwiZXhwIjoxNTMwODE4ODUzLCJpYXQiOjE1MzA4MTUyNTMsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InBmcU5oamNvVVp6OEFRTDFlcHRmcW1qbUd3YnFZbXoxakpod2tON1lrb00ifQ.bvzlItI9cKoaYPeGbcTPYU4N7G5s6AynJQmD1_o6KAxGKb4h2X-SsydxkPq_KXGYUzD68wsgb3-62lPmvkakWF_zWHANK8eRzdqFTVFTusFodzhEnMveb6hKENz_jKr3fJqDTr3l2biSEwTC2E66y0UoxQ5nS_E6XEqV-3tZa1GN7v97ipqUjwqtQHwESOSK1KT-U_c1qrfN2xQtZ5fv-NtT2C_03d88XB52jDTE3u5J5FGKSFitfjh86BnNcuKpgwOnTE99faDE8rME_sI_-7_IeneSfzlBgPT5RH3XibS3lE7jjqNHzgG9Ry8bTTdx6cb4u9EAcx8fT6cUvzL4ew"}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:33 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:33 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: clientSecretBasicAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_basic",
"scope": "openid profile address email clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1226
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A579.1006.91EA.8FEF",
"client_secret": "ef1f149b-39c3-438d-bd6f-1f84699fbf33",
"registration_access_token": "d1d8ee11-8837-4914-b47d-d4b2e1e68c76",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A579.1006.91EA.8FEF",
"client_id_issued_at": 1530815253,
"client_secret_expires_at": 1530901653,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "openid profile address email clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTU3OS4xMDA2LjkxRUEuOEZFRjplZjFmMTQ5Yi0zOWMzLTQzOGQtYmQ2Zi0xZjg0Njk5ZmJmMzM=
grant_type=client_credentials&scope=clientinfo
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"8cb4329a-1e77-4d17-ac0f-cb4a83732a7a","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 412
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A579.1006.91EA.8FEF","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["openid","profile","address","email","clientinfo"]}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8cb4329a-1e77-4d17-ac0f-cb4a83732a7a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 403
Connection: Keep-Alive
Content-Length: 126
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:33 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"insufficient_scope","error_description":"The request requires higher privileges than provided by the access token."}
#######################################################
TEST: clientSecretBasicAuthenticationMethodFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_basic",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1242
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F342.23DF.A2B5.8FB1",
"client_secret": "bdc80b48-a7e9-4d15-85e5-acfe62c59907",
"registration_access_token": "394a5a30-d496-4bb9-95b2-1f6d6a38f8bb",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F342.23DF.A2B5.8FB1",
"client_id_issued_at": 1530815253,
"client_secret_expires_at": 1530901653,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRjM0Mi4yM0RGLkEyQjUuOEZCMTpJTlZBTElEX0NMSUVOVF9TRUNSRVQ=
grant_type=client_credentials&scope=clientinfo
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:33 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: clientSecretJwtAuthenticationMethodHS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C99.516A.B97E.B340",
"client_secret": "2c057692-3c4f-4b3e-8b0a-e288320aaa93",
"registration_access_token": "bd31cf39-db71-4520-9f54-44584587f5f4",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C99.516A.B97E.B340",
"client_id_issued_at": 1530815253,
"client_secret_expires_at": 1530901653,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQzk5LjUxNkEuQjk3RS5CMzQwIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMUM5OS41MTZBLkI5N0UuQjM0MCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiY2YzYmUxZjAtMTA5Ni00Nzk2LThjYmMtYThkY2E3MjJiZjg0IiwiZXhwIjoxNTMwODE1NTc1LCJpYXQiOjE1MzA4MTUyNzV9.308ZGhsjnci8kRXYLl5GVBPlWrK1lr9JXYpxKcS9X0s
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"319bc8eb-25e7-4549-8b9c-d7e56e4eb7ac","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C99.516A.B97E.B340","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: clientSecretJwtAuthenticationMethodHS256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5B6A.A4FF.06D4.7CCA",
"client_secret": "74ec3bc3-1b51-4291-bc24-32539b43107b",
"registration_access_token": "22a1782a-9728-4f43-9160-a594d356bdf8",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5B6A.A4FF.06D4.7CCA",
"client_id_issued_at": 1530815254,
"client_secret_expires_at": 1530901654,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1QjZBLkE0RkYuMDZENC43Q0NBIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNUI2QS5BNEZGLjA2RDQuN0NDQSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiOGVhODMwYWUtZjJiMC00ODliLTk1Y2MtNDY0ZmMyNWEwYmJmIiwiZXhwIjoxNTMwODE1NTc1LCJpYXQiOjE1MzA4MTUyNzV9.5WNnipnQ7rRwUaZfgqyn1I-pNO9A8_QIjDr_blspmhE
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:34 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: clientSecretJwtAuthenticationMethodHS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2F43.2978.476C.4723",
"client_secret": "cf005301-c788-42b9-87c9-01bfa2cd88c1",
"registration_access_token": "0189ff57-f9c8-448b-8c40-e88ddd8a30e4",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2F43.2978.476C.4723",
"client_id_issued_at": 1530815254,
"client_secret_expires_at": 1530901654,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyRjQzLjI5NzguNDc2Qy40NzIzIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMkY0My4yOTc4LjQ3NkMuNDcyMyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNTNhZjI5NGItMWM4ZC00NDljLTg4NDItYmNmYTI5YzFmZmMxIiwiZXhwIjoxNTMwODE1NTc1LCJpYXQiOjE1MzA4MTUyNzV9.tMsyfSzqrHC9mBIhMTAhGtUiKA5JMSnY5dxCCFzatyaC-RVEQvyISr8BrqTN5iLN
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"f3b679f6-7d4b-479a-8a82-b94d3a8b86e3","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2F43.2978.476C.4723","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: clientSecretJwtAuthenticationMethodHS384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5181.FF2A.8904.47F2",
"client_secret": "a383310f-0f24-4e81-b316-020ffb46bd44",
"registration_access_token": "60df49e9-0fbb-4d1e-a94c-042145b1e5fc",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5181.FF2A.8904.47F2",
"client_id_issued_at": 1530815254,
"client_secret_expires_at": 1530901654,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1MTgxLkZGMkEuODkwNC40N0YyIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNTE4MS5GRjJBLjg5MDQuNDdGMiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiOWJmZDUwZWMtMzhlZC00M2I4LWE3MDYtMGE4NjEwNTdhNGQ2IiwiZXhwIjoxNTMwODE1NTc1LCJpYXQiOjE1MzA4MTUyNzV9.8TD9OyR6ZfSTCyukuXnu_2ItggqnZIGbAqZP0SfM70wjTal71hoTT_iTE05BPEIy
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:34 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: clientSecretJwtAuthenticationMethodHS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!817A.AB3E.D588.DBAA",
"client_secret": "358d14a3-966e-4590-80bf-5e8a2b88bf13",
"registration_access_token": "a7a50c45-440a-419f-9753-12a4ee8c6bd5",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!817A.AB3E.D588.DBAA",
"client_id_issued_at": 1530815254,
"client_secret_expires_at": 1530901654,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4MTdBLkFCM0UuRDU4OC5EQkFBIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghODE3QS5BQjNFLkQ1ODguREJBQSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiM2NhMzA4MzctODg1MC00OTYyLThmYjktNDRkOTIxNzM2MjYzIiwiZXhwIjoxNTMwODE1NTc1LCJpYXQiOjE1MzA4MTUyNzV9.5m3WAaxOvCvBu6dKDFQSEatjqj1xFxH97kv_z7rfccsLFl8uGMKndc1Uva70h9PoMghsQ8iPYL7ACI2BRDNHZw
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"bc6f26b2-6cfd-48a3-b0c9-50b02e910057","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!817A.AB3E.D588.DBAA","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: clientSecretJwtAuthenticationMethodHS512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61EB.8B6C.613A.D52F",
"client_secret": "da89f6f4-f0a7-4435-ae63-b877f01d4d07",
"registration_access_token": "7f9c4c17-f552-4d46-9601-2f6bc61082c1",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61EB.8B6C.613A.D52F",
"client_id_issued_at": 1530815254,
"client_secret_expires_at": 1530901654,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MUVCLjhCNkMuNjEzQS5ENTJGIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjFFQi44QjZDLjYxM0EuRDUyRiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiY2M1ZDU5ZWMtMWIzNi00ZTAzLWFiY2QtYjBkOWE5ZDJlNTBiIiwiZXhwIjoxNTMwODE1NTc2LCJpYXQiOjE1MzA4MTUyNzZ9.7Uj1GeWbASbMUKVEY9quP_0-o8X4FGD65UaTDhh4xZ9xplvVPRy7ZdLwl5ljZSCR7Fd67GlhNb3nSVDRxevSAA
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:34 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: clientSecretPostAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_post",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1196
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!218F.0C04.6630.43CC",
"client_secret": "3299cf2b-65f5-408e-8609-ddc25e1a1e57",
"registration_access_token": "5723df8b-6c8f-4e41-a07b-fc64c659424b",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!218F.0C04.6630.43CC",
"client_id_issued_at": 1530815255,
"client_secret_expires_at": 1530901655,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_post",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21218F.0C04.6630.43CC&client_secret=3299cf2b-65f5-408e-8609-ddc25e1a1e57
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"c32c6198-618b-414a-9459-12d5e8d3ed82","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!218F.0C04.6630.43CC","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: clientSecretPostAuthenticationMethodFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_post",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!89F1.C4C7.9C81.40A3",
"client_secret": "cf3255c2-c67f-42ea-8e07-0143924868dd",
"registration_access_token": "a329465b-73fc-4526-81b2-0453e1b3eaf4",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!89F1.C4C7.9C81.40A3",
"client_id_issued_at": 1530815255,
"client_secret_expires_at": 1530901655,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_post",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2189F1.C4C7.9C81.40A3&client_secret=INVALID_CLIENT_SECRET
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:35 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: clientSecretPostAuthenticationMethodFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_post",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0B84.317A.90DA.CE5D",
"client_secret": "09828c98-9827-4ba9-87a8-d7a76e923cd4",
"registration_access_token": "46416129-f051-4769-9cb6-9974af3c2973",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0B84.317A.90DA.CE5D",
"client_id_issued_at": 1530815255,
"client_secret_expires_at": 1530901655,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_post",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210B84.317A.90DA.CE5D
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:35 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: clientSecretPostAuthenticationMethodFail3
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "client_secret_post",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EB6C.BE3A.1319.E6F6",
"client_secret": "d8e4c3fc-e216-4dfa-b90a-06769de16c67",
"registration_access_token": "641523bc-26a5-4e62-893c-c049290dae75",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EB6C.BE3A.1319.E6F6",
"client_id_issued_at": 1530815255,
"client_secret_expires_at": 1530901655,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_post",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:35 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: defaultAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1197
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A8DA.0718.6F40.B4F2",
"client_secret": "61f4cff1-d9ff-4ec4-b0a8-c942ddc021a7",
"registration_access_token": "8196198d-d813-4c13-bd63-dca5e8aa15df",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A8DA.0718.6F40.B4F2",
"client_id_issued_at": 1530815255,
"client_secret_expires_at": 1530901655,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQThEQS4wNzE4LjZGNDAuQjRGMjo2MWY0Y2ZmMS1kOWZmLTRlYzQtYjBhOC1jOTQyZGRjMDIxYTc=
grant_type=client_credentials&scope=clientinfo
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"b0fc40aa-7b6e-44cf-a943-850d77ef071c","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A8DA.0718.6F40.B4F2","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: defaultAuthenticationMethodFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1242
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A3D0.33E2.7443.0ECA",
"client_secret": "8c3a2103-29fa-4ba6-86f0-e25f9d91470b",
"registration_access_token": "5ae73dbb-d724-4804-a3e1-c0f45ba7cd94",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A3D0.33E2.7443.0ECA",
"client_id_issued_at": 1530815255,
"client_secret_expires_at": 1530901655,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTNEMC4zM0UyLjc0NDMuMEVDQTpJTlZBTElEX0NMSUVOVF9TRUNSRVQ=
grant_type=client_credentials&scope=clientinfo
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:36 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: privateKeyJwtAuthenticationMethodES256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!39F4.0C07.8BE1.D96B",
"client_secret": "d3ecc8ca-870f-40a6-baef-8258a5ea2d5a",
"registration_access_token": "f852e005-7802-4de2-b54c-0dceb3531b17",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!39F4.0C07.8BE1.D96B",
"client_id_issued_at": 1530815256,
"client_secret_expires_at": 1530901656,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzOUY0LjBDMDcuOEJFMS5EOTZCIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMzlGNC4wQzA3LjhCRTEuRDk2QiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNjg3NGYxYjAtMjgyNi00ZGZjLTkyYzItM2RjZWJhZmU4NzRhIiwiZXhwIjoxNTMwODE1NTc3LCJpYXQiOjE1MzA4MTUyNzd9.MEQCICBy7sb2cBugjwgazSBYN19KyfxryLM3iRcdAX8IdVpSAiAFiwfCv2eEiZzEGsZWVkR5Q-B5OWwQy6aAgekN-6xkDw
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"64cb9554-e03f-4b7c-8ff1-96a99f340e0d","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!39F4.0C07.8BE1.D96B","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: privateKeyJwtAuthenticationMethodES256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9993.5FC8.B069.DAF1",
"client_secret": "59a0d6c1-947a-4306-ae7c-f0fc1e5abc72",
"registration_access_token": "abce18d8-68d9-4793-94fd-242c4affd4e1",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9993.5FC8.B069.DAF1",
"client_id_issued_at": 1530815256,
"client_secret_expires_at": 1530901656,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
14:27:57.909 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1312) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
14:27:58.015 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:761) [test-classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1314) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IkVTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5OTkzLjVGQzguQjA2OS5EQUYxIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOTk5My41RkM4LkIwNjkuREFGMSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMDc2OGU0YWEtYjgzNC00OWMyLTllNjMtZGM2OGI3MTVmMGEyIiwiZXhwIjoxNTMwODE1NTc4LCJpYXQiOjE1MzA4MTUyNzh9.
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:36 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: privateKeyJwtAuthenticationMethodES384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F241.15C3.0441.2F8E",
"client_secret": "64f6dd48-8c7e-4f4f-930e-a7d68c9c34d0",
"registration_access_token": "04ce839f-cfa0-4327-8711-420f77e027bc",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F241.15C3.0441.2F8E",
"client_id_issued_at": 1530815256,
"client_secret_expires_at": 1530901656,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGMjQxLjE1QzMuMDQ0MS4yRjhFIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRjI0MS4xNUMzLjA0NDEuMkY4RSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYjMyNGYzZmYtYzQ3Zi00ZTBmLWJmOWEtMzM0ZmFlMjE4NGUzIiwiZXhwIjoxNTMwODE1NTc4LCJpYXQiOjE1MzA4MTUyNzh9.MGUCMQCgi3zfAwRMYASinmU6j3kQRL-5LAzVoanoe-LyrPnYrGcsnz99soR3SY4XWE5HuLYCMBVhl91m_2Za7BtNXkFR_QuoaXHuLHfnqlHgLemFro3JvuYDiYkjC7e2aQkdyLF4qg
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"d3cefab1-d8a5-4a61-8255-f0320a7302e5","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F241.15C3.0441.2F8E","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: privateKeyJwtAuthenticationMethodES384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F29E.6B2E.06E8.8609",
"client_secret": "d1fb8e23-651d-4970-aa59-6538136a2289",
"registration_access_token": "d0145cd4-0db7-4282-ae6b-bc3851c42b63",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F29E.6B2E.06E8.8609",
"client_id_issued_at": 1530815257,
"client_secret_expires_at": 1530901657,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
14:27:58.471 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1437) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
14:27:58.571 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:761) [test-classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1439) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6IkVTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGMjlFLjZCMkUuMDZFOC44NjA5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRjI5RS42QjJFLjA2RTguODYwOSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMjc1NTgwMGEtNzk2OC00Y2Q5LWFiOGYtYzhmYTU0YzY3MWQwIiwiZXhwIjoxNTMwODE1NTc4LCJpYXQiOjE1MzA4MTUyNzh9.
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:37 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: privateKeyJwtAuthenticationMethodES512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBB0.6D72.2CAE.8358",
"client_secret": "2f08f354-899a-4baf-ade0-e8c3d4831389",
"registration_access_token": "b531f145-656c-41bc-8e53-286d8b29be56",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBB0.6D72.2CAE.8358",
"client_id_issued_at": 1530815257,
"client_secret_expires_at": 1530901657,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQkIwLjZENzIuMkNBRS44MzU4Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghREJCMC42RDcyLjJDQUUuODM1OCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMDFmODFiZDEtZmIyMS00ZmI3LWJhODEtMWNjYWI2NDcxZDdlIiwiZXhwIjoxNTMwODE1NTc4LCJpYXQiOjE1MzA4MTUyNzh9.MIGIAkIAyCeRz6T_kWuQWJ6FGMN4XbXv9TIreAXIQ3tCB2Kwau1jh9RLRwaHMQ3_fPmhpUS1qbsL8xSnAfgixK6OSWa0Kr0CQgEnryJTtpq7di-0-FqjaYOuK_wBh6QGMxYU3yqqi4JCQKAWPyOaRmMjLoHvQ-Y7obB2cjVf-OTEQV77tVbRQt6z5Q
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"f2e688ea-68b4-4edf-b2a3-c8676b43e14e","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBB0.6D72.2CAE.8358","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: privateKeyJwtAuthenticationMethodES512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9913.CC50.D50D.CE21",
"client_secret": "feec9240-0a22-40a3-a92b-ed293eecc9f2",
"registration_access_token": "a38907a3-9fbb-4671-a8e6-664110db1b96",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9913.CC50.D50D.CE21",
"client_id_issued_at": 1530815257,
"client_secret_expires_at": 1530901657,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
14:27:58.999 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1562) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
14:27:59.104 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:761) [test-classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1564) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IkVTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5OTEzLkNDNTAuRDUwRC5DRTIxIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOTkxMy5DQzUwLkQ1MEQuQ0UyMSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiODNiNGQ4NjgtMzI0Mi00ZDdkLWFlY2QtNGFjMDZiOTMxMzlmIiwiZXhwIjoxNTMwODE1NTc5LCJpYXQiOjE1MzA4MTUyNzl9.
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:37 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: privateKeyJwtAuthenticationMethodRS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5606.6987.0A3D.4FB8",
"client_secret": "b9bc5d66-2c72-4fd9-aae1-86df5a0e7c96",
"registration_access_token": "01cff72b-077a-483f-a759-7e51a3dbecf3",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5606.6987.0A3D.4FB8",
"client_id_issued_at": 1530815257,
"client_secret_expires_at": 1530901657,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1NjA2LjY5ODcuMEEzRC40RkI4Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNTYwNi42OTg3LjBBM0QuNEZCOCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiM2NjMTk2Y2EtZGFhYS00ZmMzLWI4YWMtOTc1ZTVkZTk5NDQ5IiwiZXhwIjoxNTMwODE1NTc5LCJpYXQiOjE1MzA4MTUyNzl9.IR9ULH7KA_xepNagCM5Aw3LGMMnpGFG1DLJf0Td77u6yJc6sb8z6inR--umFZ8L64dhYTuY0gI8VXtJ0fmX9GnNLmfsQQxpL3mtEtmR2MO353iflZRhrSLQEfVaZf8Eawm9DSx_JTexvafC5IBIiTSJ1hREDw2OZH5QHmDpTqAK_GuZbee0FmSd68FQQ1BFmYyLkE8jxHKwIKE1C6IqOvozqSSuJbsoNUTy3VWcsgjEvwZrRzJihoP2919QvhDsVPOFFmC6Z7ZbUmlhWtCh-qFkaJL5T9NdaN5VURKGpn0YrbWf2HyfmwruY_hTndSm0SeTBBJXzJtpyb6zqIHzvHw
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"8b72f844-305a-426d-8c18-7cf32d6bcde9","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5606.6987.0A3D.4FB8","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: privateKeyJwtAuthenticationMethodRS256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5F3E.F2AC.61CE.06D5",
"client_secret": "beb81799-7390-45c6-9b99-1961c050f899",
"registration_access_token": "a41d24fc-3fbb-42a3-b340-88ebf653d337",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5F3E.F2AC.61CE.06D5",
"client_id_issued_at": 1530815258,
"client_secret_expires_at": 1530901658,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
14:27:59.553 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:937) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
14:27:59.672 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:761) [test-classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:939) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IlJTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1RjNFLkYyQUMuNjFDRS4wNkQ1Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNUYzRS5GMkFDLjYxQ0UuMDZENSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZDVjMmQzZTEtNjc3ZC00OTY2LTgxM2UtNjVkYTk4NGI1ZTBiIiwiZXhwIjoxNTMwODE1NTc5LCJpYXQiOjE1MzA4MTUyNzl9.
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:38 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: privateKeyJwtAuthenticationMethodRS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F961.789E.74D4.3CE3",
"client_secret": "0ac40454-8d2b-4369-ad5e-f6107679c5b4",
"registration_access_token": "c80d6d8b-1074-4aab-9823-fdfeb384dd69",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F961.789E.74D4.3CE3",
"client_id_issued_at": 1530815258,
"client_secret_expires_at": 1530901658,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGOTYxLjc4OUUuNzRENC4zQ0UzIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRjk2MS43ODlFLjc0RDQuM0NFMyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNzE5NTIwYmUtZGY5NC00MTJiLTk2Y2EtMDg3OWJkM2YzZGYwIiwiZXhwIjoxNTMwODE1NTc5LCJpYXQiOjE1MzA4MTUyNzl9.T9e6wRLD2GeUsQqh22Cy4nGgFGB9FUA954x6GDMnZQPqp1bl5lhxkUKcFQ6j35zrxBpNE4zPScCfPMHMRrO4XcMEfckLDDc7QeRUnBOsENgkWyWFjuVywMl3VIiCCEkeUUITl_un0wPBTKWcNdGMGI2gDS0Mt0vnLeK8eRu8044LXf33nzvgYzFMArTUDG6tis2IxIRQcmRcik8_iHj0Sn5rpRTfcT0SxJ-oNb06kIzNF_0xQ8pDzSAHMTzxy0ByvnHKw070Tk9VM3fHqwj4wKbw2B9p9Jjwhu1qtASJBr39o6HouBbYpjxAH7QhT9UYh09fJ9lgSolUEj3BYR5SDA
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"35ed7116-556f-4286-858a-8bae58ca2380","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F961.789E.74D4.3CE3","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: privateKeyJwtAuthenticationMethodRS384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7550.2C4D.B57E.1A66",
"client_secret": "63698985-0307-4d7e-8e9f-0dc33580fece",
"registration_access_token": "d5057c63-8399-45a0-b9d5-f54226116440",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7550.2C4D.B57E.1A66",
"client_id_issued_at": 1530815258,
"client_secret_expires_at": 1530901658,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
14:28:00.104 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1062) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
14:28:00.209 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:761) [test-classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1064) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6IlJTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3NTUwLjJDNEQuQjU3RS4xQTY2Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNzU1MC4yQzRELkI1N0UuMUE2NiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMTJkMjE2ZTItMWI1MC00OTI2LThhZjUtZjY3ZDU3ZDAwYzk4IiwiZXhwIjoxNTMwODE1NTgwLCJpYXQiOjE1MzA4MTUyODB9.
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:38 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: privateKeyJwtAuthenticationMethodRS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:39 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8EFB.B6E6.7F9A.CC36",
"client_secret": "c014a12e-c5e9-4519-a0cb-674d38145784",
"registration_access_token": "1ea99166-cd08-42a1-8b28-3f9bb07d356e",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8EFB.B6E6.7F9A.CC36",
"client_id_issued_at": 1530815259,
"client_secret_expires_at": 1530901659,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["client_credentials"],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4RUZCLkI2RTYuN0Y5QS5DQzM2Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOEVGQi5CNkU2LjdGOUEuQ0MzNiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMmZiMzNmZmEtMDQyMy00ZmIzLTlmZDMtOGM2NTEyY2VmYWQ5IiwiZXhwIjoxNTMwODE1NTgwLCJpYXQiOjE1MzA4MTUyODB9.Hcj-W9jaMFVLZx9sp9k9d28NRHFkgn4aCsTEK_ZRl0j0Y45STb_7SJ3CNkCL7aQoaNbvIPheLX40tTePyNuKjkp9hRRQ7YmylGBxMSxM7IdlHzfXGBqTiCARCH1qGyLWHFYtEUGFNth9SV5skH1esJOolv-_lMKAbt0T9FE06Vle9O1j2KE52mEiVH75y4q6Vl4ed97tGFNeobFT0YnD4blYc3h0LlriwbjK_YWp_8QWz8NrIvzMeaYU5tesz2U1q1rVdIC_m6p3HHztdjMlfXi2UP5BFRsq5T55K_dTi83fvmWJQSyc10-X7BbYO4AR7R123w5HEkKDmFZHK3Aeeg
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:39 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"9380613f-72bd-4e77-bfab-e46d1c6dccb7","token_type":"bearer","expires_in":299,"scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:39 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8EFB.B6E6.7F9A.CC36","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}
#######################################################
TEST: privateKeyJwtAuthenticationMethodRS512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"token_endpoint_auth_method": "private_key_jwt",
"scope": "clientinfo"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:39 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8176.BAA6.CFF0.E55B",
"client_secret": "894889eb-3ecc-4e2b-938a-0f8cd52c6184",
"registration_access_token": "ac8de9de-b79d-4d0a-8096-b27889b251fd",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8176.BAA6.CFF0.E55B",
"client_id_issued_at": 1530815259,
"client_secret_expires_at": 1530901659,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "private_key_jwt",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "clientinfo",
"claims": ""
}
14:28:00.688 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS512Fail(ClientCredentialsGrantHttpTest.java:1187) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
14:28:00.796 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:761) [test-classes/:?]
at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS512Fail(ClientCredentialsGrantHttpTest.java:1189) [test-classes/:?]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6IlJTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4MTc2LkJBQTYuQ0ZGMC5FNTVCIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghODE3Ni5CQUE2LkNGRjAuRTU1QiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiOTMwMjFiY2EtNWI5MS00NmExLWE4ZGMtMmM5Nzk1ZWQxMmFkIiwiZXhwIjoxNTMwODE1NTgwLCJpYXQiOjE1MzA4MTUyODB9.
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:39 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:39 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:39 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: requestClientInfoImplicitFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:39 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!56BD.DD52.A941.6CF0",
"client_secret": "db72b6bc-68ef-479d-9823-c55821e19576",
"registration_access_token": "c1ad10da-f648-4d2a-b486-4facd8d9057c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!56BD.DD52.A941.6CF0",
"client_id_issued_at": 1530815259,
"client_secret_expires_at": 1530901659,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2156BD.DD52.A941.6CF0&scope=clientinfo&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cfa98fa8-8d09-41b3-8a12-381b1dd0aee1&nonce=a57baba6-a96c-40e5-93f3-4821c9dde73a
14:28:01.268 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:1f0a42e6-8f2d-4b6d-b2c2-9f14a5a7ff91
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2156BD.DD52.A941.6CF0&scope=clientinfo&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cfa98fa8-8d09-41b3-8a12-381b1dd0aee1&nonce=a57baba6-a96c-40e5-93f3-4821c9dde73a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=1d4b7d46-3c89-4ac9-b480-8d0f415ec156&scope=clientinfo&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1NkJELkRENTIuQTk0MS42Q0YwIiwiZXhwIjoxNTMwODE4ODYyLCJpYXQiOjE1MzA4MTUyNjIsIm5vbmNlIjoiYTU3YmFiYTYtYTk2Yy00MGU1LTkzZjMtNDgyMWM5ZGRlNzNhIiwiYXV0aF90aW1lIjoxNTMwODE1MjYxLCJhdF9oYXNoIjoidDZhX3BETUpybUV2SU5WY1lScUFGZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlBHeEIzUmZ2MGVpdE5zRFR1eTBMU2c0dkJXNnhwTFduYXhrajBWX3B0ZFUifQ.iBwFQZASMRYYZJCoJAnaXBVLkSIVXfHAiChuRlNBmpSh7O4l1a4ad8sTrk92Hs9s_eyj7fBH__yZAWLSGK9BqAaIGZCBhWqGEN6HDuOeOcYEUCl8Y6wPSpgUkHbfpzOZDFWu0zSSsLHro9btITzHnwXSffgbYv4s2rx1PHinukEizrsvGWb30jtz11aDBBOTz5JnTviCUmCEbpD0pqNiQAFpvX4uroAVoVbwU-R5BZ81LqhzAg0DqtPJWY-bACIYhTaDPFZISMWGRR_4fgG2b2vQOYJhzxBVp6kxrFGcoL0cMBI_xOFDI0GFdicJDmjpbBmX7xYnBp6IpN5zsMEp-A&session_id=ffededac-6d03-42e8-9962-7173e8a48b2f&state=cfa98fa8-8d09-41b3-8a12-381b1dd0aee1&token_type=bearer&session_state=1f0a42e6-8f2d-4b6d-b2c2-9f14a5a7ff91&expires_in=299
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 513
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!56BD.DD52.A941.6CF0","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["permission","uma_protection","clientinfo","email","user_name","sub","org_name","address","openid","test_scope1","work_phone","phone","profile","test"]}
#######################################################
TEST: requestClientInfoInvalidRequest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 260
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:42 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats the same parameter, uses more than one method for including an access token, or is otherwise malformed."}
#######################################################
TEST: requestClientInfoInvalidToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 203
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:42 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."}
#######################################################
TEST: requestClientInfoPasswordFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"grant_types": ["password"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1299
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!51D0.A1C9.ACB7.A242",
"client_secret": "41678b92-cc85-4795-90bd-81ac4a54fc71",
"registration_access_token": "552b1962-131b-4ad2-84e3-951c08e11db6",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!51D0.A1C9.ACB7.A242",
"client_id_issued_at": 1530815262,
"client_secret_expires_at": 1530901662,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [],
"grant_types": ["password"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNTFEMC5BMUM5LkFDQjcuQTI0Mjo0MTY3OGI5Mi1jYzg1LTQ3OTUtOTBiZC04MWFjNGE1NGZjNzE=
grant_type=password&scope=clientinfo&username=test_user&password=test_user_password
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 170
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"9caab1ac-8d15-4887-8662-bb5851d846a9","token_type":"bearer","expires_in":299,"refresh_token":"d299d07f-5566-4850-a66d-2194709a070a","scope":"clientinfo"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 513
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!51D0.A1C9.ACB7.A242","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["permission","uma_protection","clientinfo","email","user_name","sub","org_name","address","openid","test_scope1","work_phone","phone","profile","test"]}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:42 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:42 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: testEncode1
#######################################################
#######################################################
TEST: testEncode2
#######################################################
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:42 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:42 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: requestClientAssociate
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FDE0.9956.EF3B.F014",
"client_secret": "6fd9d7a9-6fc3-496c-a652-2e899c09ed05",
"registration_access_token": "a0cdb560-fc8a-4de6-842a-83784b83b54f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FDE0.9956.EF3B.F014",
"client_id_issued_at": 1530815262,
"client_secret_expires_at": 1530901662,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
#######################################################
TEST: requestClientAssociateInBlackList
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": ["https://www.attacker.com"],
"application_type": "web",
"client_name": "oxAuth test app"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 101
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:42 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_redirect_uri","error_description":"Value of one or more redirect_uris is invalid."}
#######################################################
TEST: testUrlPatterList
#######################################################
#######################################################
TEST: requestClientUpdate
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 282
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:42 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_client_metadata","error_description":"The value of one of the Client Metadata fields is invalid and the server has rejected this request. Note that an Authorization Server MAY choose to substitute a valid value for any requested parameter of a Client's Metadata."}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:42 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:43 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:43 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
#######################################################
TEST: OpenID Connect Configuration
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:43 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:27:43 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:43 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: encodeClaimsInStateParameterAlgA128KWEncA128GCM
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:43 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!375B.F479.FF01.6519",
"client_secret": "22312af4-f756-4d90-8ff7-547aac0dd52f",
"registration_access_token": "df7e9109-d729-48cc-a19b-617d103e0fbd",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!375B.F479.FF01.6519",
"client_id_issued_at": 1530815263,
"client_secret_expires_at": 1530901663,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21375B.F479.FF01.6519&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.e2jtPvbGUA5f-udR6k6T6JqDzPaUlRb9.TZ3z6QwYMxgkJz5j.0dKLs4EM4wKTKWRYBGueEBWLHSXNlYdnSxPVh_B7PIa0Jkttrw1pw4OUvxJ9gUbc-t_6oanVIvZei083Vm8r5KPvsqxupLImUPKHrhdYlddBSFZCAMe5pBTWTYHKkRk70m8haheNU_JtdsMJEiiJqgdpahIRQ9GV7vQGlg1Uz875p575pY6TPzU7iumwHVYN_C2l0usFCX-70xUVPvWbxH2vFw_DgyNMgy6yOpZWD1Rvlf8KFOWPAZYSFXA5Sh_u8fcu13-5WFRzFcPxAzcEG7YVoInUF05-xppplFEedU-EvfAZmu5-I4TXpaIqUe2EFb5_vHxOZA.IjnAdx7Hdem5TI1RmejSSg&nonce=c5f058cc-7df4-44ac-a792-f0f0e7986295
14:28:04.784 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:6bbe54a1-552f-4035-9e71-c52e2f769aad
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21375B.F479.FF01.6519&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.e2jtPvbGUA5f-udR6k6T6JqDzPaUlRb9.TZ3z6QwYMxgkJz5j.0dKLs4EM4wKTKWRYBGueEBWLHSXNlYdnSxPVh_B7PIa0Jkttrw1pw4OUvxJ9gUbc-t_6oanVIvZei083Vm8r5KPvsqxupLImUPKHrhdYlddBSFZCAMe5pBTWTYHKkRk70m8haheNU_JtdsMJEiiJqgdpahIRQ9GV7vQGlg1Uz875p575pY6TPzU7iumwHVYN_C2l0usFCX-70xUVPvWbxH2vFw_DgyNMgy6yOpZWD1Rvlf8KFOWPAZYSFXA5Sh_u8fcu13-5WFRzFcPxAzcEG7YVoInUF05-xppplFEedU-EvfAZmu5-I4TXpaIqUe2EFb5_vHxOZA.IjnAdx7Hdem5TI1RmejSSg&nonce=c5f058cc-7df4-44ac-a792-f0f0e7986295
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=4e9e359e-7f28-454b-9d6b-ace1cf13827c&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNzVCLkY0NzkuRkYwMS42NTE5IiwiZXhwIjoxNTMwODE4ODY0LCJpYXQiOjE1MzA4MTUyNjQsIm5vbmNlIjoiYzVmMDU4Y2MtN2RmNC00NGFjLWE3OTItZjBmMGU3OTg2Mjk1IiwiYXV0aF90aW1lIjoxNTMwODE1MjY0LCJhdF9oYXNoIjoicGVYRzFzdURmNUVZWkp0OWliZ3dBdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Inh5RUl5eGllY3JmNUR5QkJlaXZWTWx0YTVFVFdrZ19wNXZhSjNxazhDNlUifQ.olWqiPIQUMv_4xo2QmSpC8i3twCGwp40ePIIrAMEYRl5Kg_uI29c7Sto_IB80vxuRPKpUBkYZyL0GI-zy3jK1s85Zs1bnySR61zBnGKZ1ilX8qr7sBdNMRvnI1iHjCmGyp_VdIYr4vZjsW8ixNmFayozUldwm2g1Qe1gf80Mkvyq1nnNTV2R6BG7QVo25HPyV_e5Cf8CQZf-QbfUC-Ltx_tmItiT9uFk6DtPPaM5qFUqK-9fEAWcoHBUPGBYbfkaBeBptFxac8VU7iS0aLr7U5mKb0buqNqveWKAyYgSrWYX7t5o3MlfO5RmtnHqfcfNXaAyfvGcK_dj8KMTeWJMew&session_id=a111ac9b-2ffa-4243-b926-2213f94057fe&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.e2jtPvbGUA5f-udR6k6T6JqDzPaUlRb9.TZ3z6QwYMxgkJz5j.0dKLs4EM4wKTKWRYBGueEBWLHSXNlYdnSxPVh_B7PIa0Jkttrw1pw4OUvxJ9gUbc-t_6oanVIvZei083Vm8r5KPvsqxupLImUPKHrhdYlddBSFZCAMe5pBTWTYHKkRk70m8haheNU_JtdsMJEiiJqgdpahIRQ9GV7vQGlg1Uz875p575pY6TPzU7iumwHVYN_C2l0usFCX-70xUVPvWbxH2vFw_DgyNMgy6yOpZWD1Rvlf8KFOWPAZYSFXA5Sh_u8fcu13-5WFRzFcPxAzcEG7YVoInUF05-xppplFEedU-EvfAZmu5-I4TXpaIqUe2EFb5_vHxOZA.IjnAdx7Hdem5TI1RmejSSg&token_type=bearer&session_state=6bbe54a1-552f-4035-9e71-c52e2f769aad&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterAlgA256KWEncA256GCM
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1E3B.7BB4.89F3.05F6",
"client_secret": "27372618-0a8a-4478-8e55-b3ac9d1857c9",
"registration_access_token": "007d6d83-516f-4421-af51-ce93d72c516a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1E3B.7BB4.89F3.05F6",
"client_id_issued_at": 1530815264,
"client_secret_expires_at": 1530901664,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211E3B.7BB4.89F3.05F6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.cSCy4cY2NnmZgkcxdtt6MvQV1rS7ZlDsRGonSPhoR-QlfKNBGLHL8A.N1CKgMMpIyaEdb8H.NI-xAwRpnNPY1kJNkUVNlBlw7LkCoUMMHw5uQYc2uDWNKdYbIqSTZpBSAOFbrbszv9ee7Fl5pw9zqZHpoYrOgH-PbCNRsMLAE2E2J3xWchoTY56XudQyXZUQjS8lfMOsf4JK_MiG0T2jFJmGMJ54wrOre0UcBDYIq1qzvf2F4kolq8ms23s4v6l4gE8DUGVJKFZWLMU9jpCC6H-DLvb4UXUMC2nTARC0PAa3gi42Mf77Rsh4fH8dwBTI02DZmGX8OK5F2-AzCAD2kWhtfWCtRM3wJbtJ-F_LUMkAB7noLv4QQhZwaMyuZXShM5QtfzU2cZj70iN6lQ.UAcoooDa3wDXYmri6VIOQA&nonce=ac9550e9-4363-4901-9831-a5d527c3a894
14:28:05.942 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:1ed819e9-d23f-4ccc-acb0-32d1dd30d9b3
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211E3B.7BB4.89F3.05F6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.cSCy4cY2NnmZgkcxdtt6MvQV1rS7ZlDsRGonSPhoR-QlfKNBGLHL8A.N1CKgMMpIyaEdb8H.NI-xAwRpnNPY1kJNkUVNlBlw7LkCoUMMHw5uQYc2uDWNKdYbIqSTZpBSAOFbrbszv9ee7Fl5pw9zqZHpoYrOgH-PbCNRsMLAE2E2J3xWchoTY56XudQyXZUQjS8lfMOsf4JK_MiG0T2jFJmGMJ54wrOre0UcBDYIq1qzvf2F4kolq8ms23s4v6l4gE8DUGVJKFZWLMU9jpCC6H-DLvb4UXUMC2nTARC0PAa3gi42Mf77Rsh4fH8dwBTI02DZmGX8OK5F2-AzCAD2kWhtfWCtRM3wJbtJ-F_LUMkAB7noLv4QQhZwaMyuZXShM5QtfzU2cZj70iN6lQ.UAcoooDa3wDXYmri6VIOQA&nonce=ac9550e9-4363-4901-9831-a5d527c3a894
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=36c3b93f-8f4d-4a11-b3df-fb8fc8d5c2fd&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExRTNCLjdCQjQuODlGMy4wNUY2IiwiZXhwIjoxNTMwODE4ODY1LCJpYXQiOjE1MzA4MTUyNjUsIm5vbmNlIjoiYWM5NTUwZTktNDM2My00OTAxLTk4MzEtYTVkNTI3YzNhODk0IiwiYXV0aF90aW1lIjoxNTMwODE1MjY1LCJhdF9oYXNoIjoic3dWSXpnRGxZaXhBdm5TejFUcTN1USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InpFOVY3UjFkTXZ2dVFMTWozVVp2aGhhMm1US0FncmlsVzRsazFHaHBKZ0UifQ.cSS7833euf2g9S-MiVPRwrvQvme8AIGySdHHpodasGA4xb2LQwWVhVAFCYt-xDjFOl18pU5UHCf_vnvTTregEcQOMBPPhtpkdb9sgTvKo065kHogUFhOxOeoVzJaBY2OLD_FJdfrpj4Nomdweq1tuxovzXmlOpCWtn5VBiKHdY93fJZZkZ6loimNeIQMwwkv0is0-M_rhTDCyZthxl-fF7Feb4TPOF9zkWgDRgOOIoL5sfnT1a3a7AVqhQd6ktKiDfdkOfrf7fc-xjAofB3oJ4XXe7SsSel0sUDV17jL1xn5n6qxoSkcRIiOJtr4eNtKmXzo0X6tqodXjHGZi2wdOQ&session_id=c350c5e9-a338-4027-9c02-0da7dd1649f3&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.cSCy4cY2NnmZgkcxdtt6MvQV1rS7ZlDsRGonSPhoR-QlfKNBGLHL8A.N1CKgMMpIyaEdb8H.NI-xAwRpnNPY1kJNkUVNlBlw7LkCoUMMHw5uQYc2uDWNKdYbIqSTZpBSAOFbrbszv9ee7Fl5pw9zqZHpoYrOgH-PbCNRsMLAE2E2J3xWchoTY56XudQyXZUQjS8lfMOsf4JK_MiG0T2jFJmGMJ54wrOre0UcBDYIq1qzvf2F4kolq8ms23s4v6l4gE8DUGVJKFZWLMU9jpCC6H-DLvb4UXUMC2nTARC0PAa3gi42Mf77Rsh4fH8dwBTI02DZmGX8OK5F2-AzCAD2kWhtfWCtRM3wJbtJ-F_LUMkAB7noLv4QQhZwaMyuZXShM5QtfzU2cZj70iN6lQ.UAcoooDa3wDXYmri6VIOQA&token_type=bearer&session_state=1ed819e9-d23f-4ccc-acb0-32d1dd30d9b3&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterAlgRSA15EncA128CBCPLUSHS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3FC7.98FB.EA35.CEF1",
"client_secret": "a589e989-5b30-44cb-8916-cfaa5c038404",
"registration_access_token": "dd5e2680-14f2-43af-b763-710e80da1cca",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3FC7.98FB.EA35.CEF1",
"client_id_issued_at": 1530815265,
"client_secret_expires_at": 1530901665,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213FC7.98FB.EA35.CEF1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDK0hTMjU2Iiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.AgYbARJQUlMptCbEebKbfZKqW9S63fNX5T2CEx1mmAW80U744YrN3f-xwkRb5r3dSmUm2d5Cpjj-Pj758-UBDbgIvSmNfEd6YsBCNYG5UYVU3XuIwHlpVVCkgdsNNES2QST4K4Q6XoQ7kkvj3rpuRvFSXeZsh_hvC0iOA2tmsZx1oEGfF1u3F_FOttTRDZuBMc8ftz3PF5hirrp6GYVPyvUiML8UQeXCMwH0DN9ICQK3hCATmXWA4Fj7xJGOl00clM4mOVKG8N_F7dVHF9cIETxKd3QcwT6tKzUARDfakvuGdIGlZ8RrOiLGY8YC9RgGdKqDKZnc4GcMhjzXP8pE5Q.G26Hev_NV3Np_UqgWc-RXQ.g5XwIycOgA4pO3m3D1Z5If1h6-Jf477SRdJKck0Y8OC_q6NTkC-rYBJOMhwTDkq_cogyc39kCci7Wq4zVxfoqJbvnT8qmtSkTiVm5VewZLlSsKnrFLVU8SQlTLy6d4Krnj27CKzUnffN2om5qOdO-Gifjj1FuJvzBmp2oHeZLnhJsqjdXl1sD_X75Ca4bZQUaDE7c7RPZC15Z8VvI8UEiUSFKIm-JOT3TQrMAOoDKKT4S4U4gxl5BjsYNZliEERkkfc9aogm3jebQIxO6diIc_V0lPPVCj3pBMFe-ZLfkLTqYj4xY7TVESey7VNF4plY_kjHe3WMEZtAlhmhMoJWwpday4k0DJa86A68KKMR-pJvkOYuurBtv27m89Kr_iG9DG51-G2ic3Q-0xKYs2kf5uR-3hC5rD-Y0a3FnVrGQGk.NZevwns90-vINE0YXwRWOKcMOt1SUU-MzjDFGA9ObOk&nonce=b96e6908-6e08-40ed-a12d-cd4e9c5301e4
14:28:07.290 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:5314dee8-4eaf-42de-a96e-a94fd7bb8e52
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213FC7.98FB.EA35.CEF1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDK0hTMjU2Iiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.AgYbARJQUlMptCbEebKbfZKqW9S63fNX5T2CEx1mmAW80U744YrN3f-xwkRb5r3dSmUm2d5Cpjj-Pj758-UBDbgIvSmNfEd6YsBCNYG5UYVU3XuIwHlpVVCkgdsNNES2QST4K4Q6XoQ7kkvj3rpuRvFSXeZsh_hvC0iOA2tmsZx1oEGfF1u3F_FOttTRDZuBMc8ftz3PF5hirrp6GYVPyvUiML8UQeXCMwH0DN9ICQK3hCATmXWA4Fj7xJGOl00clM4mOVKG8N_F7dVHF9cIETxKd3QcwT6tKzUARDfakvuGdIGlZ8RrOiLGY8YC9RgGdKqDKZnc4GcMhjzXP8pE5Q.G26Hev_NV3Np_UqgWc-RXQ.g5XwIycOgA4pO3m3D1Z5If1h6-Jf477SRdJKck0Y8OC_q6NTkC-rYBJOMhwTDkq_cogyc39kCci7Wq4zVxfoqJbvnT8qmtSkTiVm5VewZLlSsKnrFLVU8SQlTLy6d4Krnj27CKzUnffN2om5qOdO-Gifjj1FuJvzBmp2oHeZLnhJsqjdXl1sD_X75Ca4bZQUaDE7c7RPZC15Z8VvI8UEiUSFKIm-JOT3TQrMAOoDKKT4S4U4gxl5BjsYNZliEERkkfc9aogm3jebQIxO6diIc_V0lPPVCj3pBMFe-ZLfkLTqYj4xY7TVESey7VNF4plY_kjHe3WMEZtAlhmhMoJWwpday4k0DJa86A68KKMR-pJvkOYuurBtv27m89Kr_iG9DG51-G2ic3Q-0xKYs2kf5uR-3hC5rD-Y0a3FnVrGQGk.NZevwns90-vINE0YXwRWOKcMOt1SUU-MzjDFGA9ObOk&nonce=b96e6908-6e08-40ed-a12d-cd4e9c5301e4
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=e1ba43e3-8e27-4799-91b0-6b2ed083b4fb&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzRkM3Ljk4RkIuRUEzNS5DRUYxIiwiZXhwIjoxNTMwODE4ODY3LCJpYXQiOjE1MzA4MTUyNjcsIm5vbmNlIjoiYjk2ZTY5MDgtNmUwOC00MGVkLWExMmQtY2Q0ZTljNTMwMWU0IiwiYXV0aF90aW1lIjoxNTMwODE1MjY2LCJhdF9oYXNoIjoiQlhrbkxSbDk5UkN6SkloVEstbGUtdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkszRTlaZkM5SlU4SXljSmc0YjUxM29pamZPODZPcXBmSlpNdGRzeWYxeTgifQ.YcFrPz8TM98T-S3yl1n_CPKarKHv-RB0ntlthy8nDJpOgo56Hi3zfC2kUW-korkRT7-lp52vXllpP_dt121Oag4sCUC0aahpOSFFsQmglXMCU_8FAmePQxuz-2_IR_0dO6XtrPaTkoffvWYpEgAHsm9o0rFFQWDvrlP9ixmdT8myNkzDZJlvQlqZmlX71fbeZzj2oR5_MbRsBcMB6ZE9aHP-Lup7dDGayFR5CMNEr6pKZO_FirJxtnd7mRBbOVv37uw7CH91Y7HeRLfPrh-3P717D_VvWM4I5vXzLo157klSOw72FUn5YUB2Ibd28-xwal1HeixvH1it6irV14Rt8A&session_id=6dec8b2e-6ac7-4d97-a869-1d3f6cbb467b&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDK0hTMjU2Iiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.AgYbARJQUlMptCbEebKbfZKqW9S63fNX5T2CEx1mmAW80U744YrN3f-xwkRb5r3dSmUm2d5Cpjj-Pj758-UBDbgIvSmNfEd6YsBCNYG5UYVU3XuIwHlpVVCkgdsNNES2QST4K4Q6XoQ7kkvj3rpuRvFSXeZsh_hvC0iOA2tmsZx1oEGfF1u3F_FOttTRDZuBMc8ftz3PF5hirrp6GYVPyvUiML8UQeXCMwH0DN9ICQK3hCATmXWA4Fj7xJGOl00clM4mOVKG8N_F7dVHF9cIETxKd3QcwT6tKzUARDfakvuGdIGlZ8RrOiLGY8YC9RgGdKqDKZnc4GcMhjzXP8pE5Q.G26Hev_NV3Np_UqgWc-RXQ.g5XwIycOgA4pO3m3D1Z5If1h6-Jf477SRdJKck0Y8OC_q6NTkC-rYBJOMhwTDkq_cogyc39kCci7Wq4zVxfoqJbvnT8qmtSkTiVm5VewZLlSsKnrFLVU8SQlTLy6d4Krnj27CKzUnffN2om5qOdO-Gifjj1FuJvzBmp2oHeZLnhJsqjdXl1sD_X75Ca4bZQUaDE7c7RPZC15Z8VvI8UEiUSFKIm-JOT3TQrMAOoDKKT4S4U4gxl5BjsYNZliEERkkfc9aogm3jebQIxO6diIc_V0lPPVCj3pBMFe-ZLfkLTqYj4xY7TVESey7VNF4plY_kjHe3WMEZtAlhmhMoJWwpday4k0DJa86A68KKMR-pJvkOYuurBtv27m89Kr_iG9DG51-G2ic3Q-0xKYs2kf5uR-3hC5rD-Y0a3FnVrGQGk.NZevwns90-vINE0YXwRWOKcMOt1SUU-MzjDFGA9ObOk&token_type=bearer&session_state=5314dee8-4eaf-42de-a96e-a94fd7bb8e52&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterAlgRSA15EncA256CBCPLUSHS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EE96.1C7B.8EE4.B917",
"client_secret": "fd03b8b5-f394-4934-91a3-91ec6c692e0a",
"registration_access_token": "b344a33e-47dd-43d9-ac5f-cd7544129489",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EE96.1C7B.8EE4.B917",
"client_id_issued_at": 1530815267,
"client_secret_expires_at": 1530901667,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EE96.1C7B.8EE4.B917&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDK0hTNTEyIiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.GonllEp_NDmRsHLuUBM_caDBSyawBVcXMTd31Zp98NigCycaNKLtpjr6ssb1gbrsjTtM5hwr2ymp_2ZtftTP5fne1TpF0nYhxzAXLIKVbwIAhrwlWIWSv20eQfZnXsS6Z35LJKhOGRy2cl5Hn3dV6v2ZshJHCrTWro5-ozm21FNy0NqXpsNRcKZIo7HGp9s5-9F-NC6wsJ-2s0bzUEtAE5l0mvqnVLETlmHpq9ZDNAGZRHFcLjEVPwJJ8kdUvleLY-ngj5mIIuo_jhOKzEDAhQpIFogwQwamjPn_X6KUler17Wenpm-_k32Fn5dnmg7xEk4vZMecAfNNKGRs3yNatg.XvTmSgXk33-9vxvRJeycCg.7S489NVzyg3eFZTtSDB2kpIckpvysNeh4p0eskqTFiYEm_1IiRHK_srQCqeZeGImSJPii6f1g9mo4azyu3HCcH0ivYFe4VNrLvXjgsIajQIcqtk_2HtsN_5Flar7oZQhhIvDkA8rUQqQwkPEQ_PHwyPN78r-2dzuvtNwbtBi8QAk7qKLP6F1eJ2IPpGQQBwFDaus-wzCMBka71kkCGBeR7CJrx2MNCKK5hZkKkzGS-oTtneb0CiIob7cNTktobZsBp1e00zma0sIdpx_10fTtsj3qb-T4b9cgDYiBelVzXu97FlhvHsHimyWm8QkcqMpJ0C94a6e0VQI6s9o2NuVUbmQ6BY_hEttWMkwdUtLvaehz62HHLTi9ZRNQvvhuYTY2OuOSIv1CtjvgkGrsHjWe7ZAjRJ2gaMXOXEnvGyXS5k.GeewnEJ9P9WQWcihlHRi3e8Zyrzky5hH0NPrB0itbfmCm7Gh2sL3xpKnY424gfvMPr49gwn0Be1PEt0IqNoVTw&nonce=5405dd01-f0d9-48d5-8e80-e5f83c89bc3b
14:28:08.679 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:41dd09ec-63f9-4634-b886-11830873695c
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EE96.1C7B.8EE4.B917&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDK0hTNTEyIiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.GonllEp_NDmRsHLuUBM_caDBSyawBVcXMTd31Zp98NigCycaNKLtpjr6ssb1gbrsjTtM5hwr2ymp_2ZtftTP5fne1TpF0nYhxzAXLIKVbwIAhrwlWIWSv20eQfZnXsS6Z35LJKhOGRy2cl5Hn3dV6v2ZshJHCrTWro5-ozm21FNy0NqXpsNRcKZIo7HGp9s5-9F-NC6wsJ-2s0bzUEtAE5l0mvqnVLETlmHpq9ZDNAGZRHFcLjEVPwJJ8kdUvleLY-ngj5mIIuo_jhOKzEDAhQpIFogwQwamjPn_X6KUler17Wenpm-_k32Fn5dnmg7xEk4vZMecAfNNKGRs3yNatg.XvTmSgXk33-9vxvRJeycCg.7S489NVzyg3eFZTtSDB2kpIckpvysNeh4p0eskqTFiYEm_1IiRHK_srQCqeZeGImSJPii6f1g9mo4azyu3HCcH0ivYFe4VNrLvXjgsIajQIcqtk_2HtsN_5Flar7oZQhhIvDkA8rUQqQwkPEQ_PHwyPN78r-2dzuvtNwbtBi8QAk7qKLP6F1eJ2IPpGQQBwFDaus-wzCMBka71kkCGBeR7CJrx2MNCKK5hZkKkzGS-oTtneb0CiIob7cNTktobZsBp1e00zma0sIdpx_10fTtsj3qb-T4b9cgDYiBelVzXu97FlhvHsHimyWm8QkcqMpJ0C94a6e0VQI6s9o2NuVUbmQ6BY_hEttWMkwdUtLvaehz62HHLTi9ZRNQvvhuYTY2OuOSIv1CtjvgkGrsHjWe7ZAjRJ2gaMXOXEnvGyXS5k.GeewnEJ9P9WQWcihlHRi3e8Zyrzky5hH0NPrB0itbfmCm7Gh2sL3xpKnY424gfvMPr49gwn0Be1PEt0IqNoVTw&nonce=5405dd01-f0d9-48d5-8e80-e5f83c89bc3b
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=6e2bdd1c-48a1-46c1-894d-52db09cd6b24&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFRTk2LjFDN0IuOEVFNC5COTE3IiwiZXhwIjoxNTMwODE4ODY4LCJpYXQiOjE1MzA4MTUyNjgsIm5vbmNlIjoiNTQwNWRkMDEtZjBkOS00OGQ1LThlODAtZTVmODNjODliYzNiIiwiYXV0aF90aW1lIjoxNTMwODE1MjY4LCJhdF9oYXNoIjoiMUlWVGI1Y2lLTDN5Yko5cGQwZWtZQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Im9vaEswUTZ0QmN5WmZMdWxrdm9JUmFQUG5YXzVKWUhkTkdXNnFpSzNTZ00ifQ.daWq_yJXt5_Noq-loVnIRVK2NoAyRWtJD5gHkRkpn8dYNcw4zyBIWOpww7Jyh3ga6_ssCxLlZXWUsy7-GyU0QrqIlSkrA05YtVEAQ3P_XquL2K_RMZT1RxdloInZ8IXZtg9dcQavhfJlhzgP-CMpIVut3n-kN8tjuN2Sk8m3QbJ7R3bQ-KRxmaIPfa28OEUwgx9S8cYczbO4sR6UDt9kpAbLn64Qo2fnogWMfkURhIDdzUD6jwmCesZhQ9uuik9mKZzbrnUfazNpEBztsZihHPqqH8Fok4ClH5rU2oeQ5me2YghibWTUNNq98AyTIZXwflGCSwj2ktmrV9L0KXZE_A&session_id=dab0848f-95bc-497c-9106-a4b1b939cee5&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDK0hTNTEyIiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.GonllEp_NDmRsHLuUBM_caDBSyawBVcXMTd31Zp98NigCycaNKLtpjr6ssb1gbrsjTtM5hwr2ymp_2ZtftTP5fne1TpF0nYhxzAXLIKVbwIAhrwlWIWSv20eQfZnXsS6Z35LJKhOGRy2cl5Hn3dV6v2ZshJHCrTWro5-ozm21FNy0NqXpsNRcKZIo7HGp9s5-9F-NC6wsJ-2s0bzUEtAE5l0mvqnVLETlmHpq9ZDNAGZRHFcLjEVPwJJ8kdUvleLY-ngj5mIIuo_jhOKzEDAhQpIFogwQwamjPn_X6KUler17Wenpm-_k32Fn5dnmg7xEk4vZMecAfNNKGRs3yNatg.XvTmSgXk33-9vxvRJeycCg.7S489NVzyg3eFZTtSDB2kpIckpvysNeh4p0eskqTFiYEm_1IiRHK_srQCqeZeGImSJPii6f1g9mo4azyu3HCcH0ivYFe4VNrLvXjgsIajQIcqtk_2HtsN_5Flar7oZQhhIvDkA8rUQqQwkPEQ_PHwyPN78r-2dzuvtNwbtBi8QAk7qKLP6F1eJ2IPpGQQBwFDaus-wzCMBka71kkCGBeR7CJrx2MNCKK5hZkKkzGS-oTtneb0CiIob7cNTktobZsBp1e00zma0sIdpx_10fTtsj3qb-T4b9cgDYiBelVzXu97FlhvHsHimyWm8QkcqMpJ0C94a6e0VQI6s9o2NuVUbmQ6BY_hEttWMkwdUtLvaehz62HHLTi9ZRNQvvhuYTY2OuOSIv1CtjvgkGrsHjWe7ZAjRJ2gaMXOXEnvGyXS5k.GeewnEJ9P9WQWcihlHRi3e8Zyrzky5hH0NPrB0itbfmCm7Gh2sL3xpKnY424gfvMPr49gwn0Be1PEt0IqNoVTw&token_type=bearer&session_state=41dd09ec-63f9-4634-b886-11830873695c&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterAlgRSAOAEPEncA256GCM
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1794.AF2B.6A94.2572",
"client_secret": "941b765f-f3fc-4c5c-a684-c77c31670ea1",
"registration_access_token": "53891ed4-1772-492e-b93c-c9f6d816b67c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1794.AF2B.6A94.2572",
"client_id_issued_at": 1530815268,
"client_secret_expires_at": 1530901668,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211794.AF2B.6A94.2572&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkifQ.Z9oE1AsJe-u56tNXG6hUItqeoG401lkyMoh6l-R8bl4VgfPjhgk2fFR6_z6ZMhqD6zhcA7M4tXvK31mY3SBFEMRAkVwxKoX1xog9t7QOMcTZbSlo3Ztpt4GRIRoDzv0npqurXZID6IzQLMjACCcMSmZ1-0zfpuIH9N86ASfDsrEaViqagoQpoQl1ILfqGlJhgw1Vfwwjx46tv0HFltoq4m4imqobe2jj6I1mbSj1BEUwcu_UOHyz0RTqAg7kP7J-CdB3qbsPUMKSCq5LS2TViW-Mrf3QKAoiZeA6qdmY0PcZEkoiLlsYw-VENzthPwG3EQE_gguti616X-kqObXF5w.yrem3s3__AKHltQK.TvJn7kpDtlE0bTIUhCm00IjyUkPCltojnlP1h9OtNCGiiStiM_7QFlnK726Y_yQnEBv0S4ef-k7_BCnu5CUsMLblinfiYNBPNqisIijIjhfYjNpIvFznFfLrWGx243UNtmthGm5ISmsdtSi7pcwdpM7BrAbh3czZY0sufcs_vBVVGooyL3FuhM9yalTINVI4gkQV2uRRnprdTIHN9sm1mT1yoJ4G2bJ0nlipkwpdYFoaq1y0sl9cv9wciWytQNxjo1ahlKYohlcZ7-R0WxJ1oNs6T6TLRNeRU4jHmJfZFHx_Ckm6r2fVBhDdB2lupB4A4FVLu68UfCkQ9D_oGlliuAmrFR6rlB0-FQbX64HwIPOydYHbUuAIaRDz7TiEGWPcQOlFMlnYyknoeH_yDa1N5iGA8Q.wFaYoXf6A-Xa8sNYlxooUg&nonce=1a5dc8ec-c6ec-476b-a98a-beb4380e6c36
14:28:09.969 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b323de04-0ef4-48b6-9126-dd3a6151a58d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211794.AF2B.6A94.2572&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkifQ.Z9oE1AsJe-u56tNXG6hUItqeoG401lkyMoh6l-R8bl4VgfPjhgk2fFR6_z6ZMhqD6zhcA7M4tXvK31mY3SBFEMRAkVwxKoX1xog9t7QOMcTZbSlo3Ztpt4GRIRoDzv0npqurXZID6IzQLMjACCcMSmZ1-0zfpuIH9N86ASfDsrEaViqagoQpoQl1ILfqGlJhgw1Vfwwjx46tv0HFltoq4m4imqobe2jj6I1mbSj1BEUwcu_UOHyz0RTqAg7kP7J-CdB3qbsPUMKSCq5LS2TViW-Mrf3QKAoiZeA6qdmY0PcZEkoiLlsYw-VENzthPwG3EQE_gguti616X-kqObXF5w.yrem3s3__AKHltQK.TvJn7kpDtlE0bTIUhCm00IjyUkPCltojnlP1h9OtNCGiiStiM_7QFlnK726Y_yQnEBv0S4ef-k7_BCnu5CUsMLblinfiYNBPNqisIijIjhfYjNpIvFznFfLrWGx243UNtmthGm5ISmsdtSi7pcwdpM7BrAbh3czZY0sufcs_vBVVGooyL3FuhM9yalTINVI4gkQV2uRRnprdTIHN9sm1mT1yoJ4G2bJ0nlipkwpdYFoaq1y0sl9cv9wciWytQNxjo1ahlKYohlcZ7-R0WxJ1oNs6T6TLRNeRU4jHmJfZFHx_Ckm6r2fVBhDdB2lupB4A4FVLu68UfCkQ9D_oGlliuAmrFR6rlB0-FQbX64HwIPOydYHbUuAIaRDz7TiEGWPcQOlFMlnYyknoeH_yDa1N5iGA8Q.wFaYoXf6A-Xa8sNYlxooUg&nonce=1a5dc8ec-c6ec-476b-a98a-beb4380e6c36
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=bb54413f-b5ed-46ff-af1c-d40bebe68e26&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExNzk0LkFGMkIuNkE5NC4yNTcyIiwiZXhwIjoxNTMwODE4ODY5LCJpYXQiOjE1MzA4MTUyNjksIm5vbmNlIjoiMWE1ZGM4ZWMtYzZlYy00NzZiLWE5OGEtYmViNDM4MGU2YzM2IiwiYXV0aF90aW1lIjoxNTMwODE1MjY5LCJhdF9oYXNoIjoiWm45VFFQdXdPZDlGazVVZExNUlNVZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Im93SHJDc1ZSR3NHbDBZajU2cTBLNkluRzk5dEd3ZnFmMDR5ZFo2Y3VRNUUifQ.gvobSa2CCMpw7kBysRkWo2KX5xkJnaGtXbOkHFmBtyBWIA1fJ9_oVpoYCvreSc-YeszVscmA2Ccsau06kotD_zIt7i60Cgveefr_M6xJON8yzUqmKx75PKkUJ8tFfeiQjo5tmInHfc8cKcb_3Fan-d8Bx2NXuA0w52DnhxAeWI41ZtCpgXhvpPFMt7WcZz2DED9PPyv5o0Gk_Dy2QuWM7J8H1oIJTIfezJv44Kug0uyOoP9wWtRqudvyiRYfZJM0V1IE3oKobY-Yy_t3zUKxFi68kKiyYIh7bxkAO6RvhqlkxtsB9phQkNao7SS0rFXkK7JBGdMZx2X5vY6lA-iVDA&session_id=4dc36c2c-66ef-4870-bd8a-1c76a2978814&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkifQ.Z9oE1AsJe-u56tNXG6hUItqeoG401lkyMoh6l-R8bl4VgfPjhgk2fFR6_z6ZMhqD6zhcA7M4tXvK31mY3SBFEMRAkVwxKoX1xog9t7QOMcTZbSlo3Ztpt4GRIRoDzv0npqurXZID6IzQLMjACCcMSmZ1-0zfpuIH9N86ASfDsrEaViqagoQpoQl1ILfqGlJhgw1Vfwwjx46tv0HFltoq4m4imqobe2jj6I1mbSj1BEUwcu_UOHyz0RTqAg7kP7J-CdB3qbsPUMKSCq5LS2TViW-Mrf3QKAoiZeA6qdmY0PcZEkoiLlsYw-VENzthPwG3EQE_gguti616X-kqObXF5w.yrem3s3__AKHltQK.TvJn7kpDtlE0bTIUhCm00IjyUkPCltojnlP1h9OtNCGiiStiM_7QFlnK726Y_yQnEBv0S4ef-k7_BCnu5CUsMLblinfiYNBPNqisIijIjhfYjNpIvFznFfLrWGx243UNtmthGm5ISmsdtSi7pcwdpM7BrAbh3czZY0sufcs_vBVVGooyL3FuhM9yalTINVI4gkQV2uRRnprdTIHN9sm1mT1yoJ4G2bJ0nlipkwpdYFoaq1y0sl9cv9wciWytQNxjo1ahlKYohlcZ7-R0WxJ1oNs6T6TLRNeRU4jHmJfZFHx_Ckm6r2fVBhDdB2lupB4A4FVLu68UfCkQ9D_oGlliuAmrFR6rlB0-FQbX64HwIPOydYHbUuAIaRDz7TiEGWPcQOlFMlnYyknoeH_yDa1N5iGA8Q.wFaYoXf6A-Xa8sNYlxooUg&token_type=bearer&session_state=b323de04-0ef4-48b6-9126-dd3a6151a58d&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterES256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:49 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9322.1C50.0907.0A34",
"client_secret": "79e3e533-f364-4daf-a175-be08ecfca929",
"registration_access_token": "3adbd975-0fba-4df0-a92d-daac0934a9c5",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9322.1C50.0907.0A34",
"client_id_issued_at": 1530815269,
"client_secret_expires_at": 1530901669,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219322.1C50.0907.0A34&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJyZnAiOiJkNWJiZDk0YS00MTAzLTQ3MjktYjc3NS02ZTY5ZGJmYmM2ODciLCJraWQiOiI1NDdiMjgzOC1hODQ4LTQ2NzEtOGE0Ny1kNTM2MTczOGYyYWUiLCJqdGkiOiI3ZTA2OTQ4MS1iNThkLTQwZGYtOWM3ZS1kZWJmNzhmYjRhNjMiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MEUCIGeP8oJlMLsw0hcREVf4Q9x7Xn51bIyoScmhXZwywvR_AiEA0Rlw7N9UyP_chT-WosXYDT6nIRco_BfGoqsxxb8rkGg&nonce=f8d46ee0-b24a-4571-bece-05202c0b47fa
14:28:11.157 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:8aab84d2-fcae-4e30-b3de-9a7010596853
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219322.1C50.0907.0A34&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJyZnAiOiJkNWJiZDk0YS00MTAzLTQ3MjktYjc3NS02ZTY5ZGJmYmM2ODciLCJraWQiOiI1NDdiMjgzOC1hODQ4LTQ2NzEtOGE0Ny1kNTM2MTczOGYyYWUiLCJqdGkiOiI3ZTA2OTQ4MS1iNThkLTQwZGYtOWM3ZS1kZWJmNzhmYjRhNjMiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MEUCIGeP8oJlMLsw0hcREVf4Q9x7Xn51bIyoScmhXZwywvR_AiEA0Rlw7N9UyP_chT-WosXYDT6nIRco_BfGoqsxxb8rkGg&nonce=f8d46ee0-b24a-4571-bece-05202c0b47fa
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=6e8033d4-ce92-4419-8fc4-efb856e5f1cd&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5MzIyLjFDNTAuMDkwNy4wQTM0IiwiZXhwIjoxNTMwODE4ODcwLCJpYXQiOjE1MzA4MTUyNzAsIm5vbmNlIjoiZjhkNDZlZTAtYjI0YS00NTcxLWJlY2UtMDUyMDJjMGI0N2ZhIiwiYXV0aF90aW1lIjoxNTMwODE1MjcwLCJhdF9oYXNoIjoiY2txeUo2V1dZengtS0tTSHNxeERRdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlktVDFmR3ZHc2tBS1ozNWM2cVVKYVVrQjZtSWZ6dXBuTlJnWFF5ZG55eVkifQ.a3a2I6zCmQ6-c76tk626l4pURZtOBugo6gppxIGri2UvMF7041QGBbkrKwUats1y0o56zzSCLP4reJdqUz024djsyPCCtI1awxLZo3mEo7AHZfv20HOWLgNtj93mMoBUPyYTgEE0EaQwuvFBii7fKarcjpE1UaRH4Hzf0QtFNMUBTUvPwdw9dMoYYB_eJeVOgOLsDn5t8HGuRu2xTMuZGJ5_R6PCgcroTHEoShn178ZW3nJ0uczszajn3RB_QOiDe7vowUQruEholxDFF-MtBOHdaSxBgaaKaIeeeP1ot7DEFLM59lPKSBLkXxsT4wBZwEWDwnQCXK6JM5ZSATmM1A&session_id=8b242a46-3ca0-4aeb-a0cf-201361e7e7cc&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJyZnAiOiJkNWJiZDk0YS00MTAzLTQ3MjktYjc3NS02ZTY5ZGJmYmM2ODciLCJraWQiOiI1NDdiMjgzOC1hODQ4LTQ2NzEtOGE0Ny1kNTM2MTczOGYyYWUiLCJqdGkiOiI3ZTA2OTQ4MS1iNThkLTQwZGYtOWM3ZS1kZWJmNzhmYjRhNjMiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MEUCIGeP8oJlMLsw0hcREVf4Q9x7Xn51bIyoScmhXZwywvR_AiEA0Rlw7N9UyP_chT-WosXYDT6nIRco_BfGoqsxxb8rkGg&token_type=bearer&session_state=8aab84d2-fcae-4e30-b3de-9a7010596853&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterES384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E545.F6D9.CF81.FDE6",
"client_secret": "8e220351-78f5-4d44-8e95-1984bc8aa195",
"registration_access_token": "a21a024a-2c01-4aff-b831-a0e865d72b67",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E545.F6D9.CF81.FDE6",
"client_id_issued_at": 1530815270,
"client_secret_expires_at": 1530901670,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E545.F6D9.CF81.FDE6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJyZnAiOiJkYTk1MTYxYi1lNjM5LTRhMTQtODQ4Ny1hNDcyOTljM2VjZWYiLCJraWQiOiJjNGZlNDExMC1lYjU2LTQxYzYtYmFjMy01MzE2ZjZiMTQ0M2QiLCJqdGkiOiI1MDc4MDMxYS0wNzNkLTQ1MzgtYTI0MC1jODdiZjdiMTI3ZjgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MGYCMQDx1Wxnnj7vRuAIV8ZNmIQTQAOvB6b_JT9vkbAET-Ay55VucnIQsV_MbuGl_2E5MpsCMQCf6uTKSmXGAwJHjS1GcF8Le1m49QjV4GoAACwwlEBsDbcti7nomVvMxSLiBewoyvs&nonce=e931b0a7-840e-4115-bdfe-4ff5e33ba84d
14:28:12.332 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:c8715e33-af39-4223-8ff1-c53ea0c64547
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E545.F6D9.CF81.FDE6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJyZnAiOiJkYTk1MTYxYi1lNjM5LTRhMTQtODQ4Ny1hNDcyOTljM2VjZWYiLCJraWQiOiJjNGZlNDExMC1lYjU2LTQxYzYtYmFjMy01MzE2ZjZiMTQ0M2QiLCJqdGkiOiI1MDc4MDMxYS0wNzNkLTQ1MzgtYTI0MC1jODdiZjdiMTI3ZjgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MGYCMQDx1Wxnnj7vRuAIV8ZNmIQTQAOvB6b_JT9vkbAET-Ay55VucnIQsV_MbuGl_2E5MpsCMQCf6uTKSmXGAwJHjS1GcF8Le1m49QjV4GoAACwwlEBsDbcti7nomVvMxSLiBewoyvs&nonce=e931b0a7-840e-4115-bdfe-4ff5e33ba84d
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=e48d6812-08ed-4e75-8aec-ad412e5c8d51&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFNTQ1LkY2RDkuQ0Y4MS5GREU2IiwiZXhwIjoxNTMwODE4ODcyLCJpYXQiOjE1MzA4MTUyNzIsIm5vbmNlIjoiZTkzMWIwYTctODQwZS00MTE1LWJkZmUtNGZmNWUzM2JhODRkIiwiYXV0aF90aW1lIjoxNTMwODE1MjcxLCJhdF9oYXNoIjoiaWt1ZUtqZ2ZvRnU2V05QeWpMZmNkZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Im9BMlBlSWVFMmc2bDlSY2p4d3RZakw0dmcySnJiR3BSeUxyWnVURTlwaGMifQ.IWmg29BHkhyu0YBSenpcoqcIqErtoj6EQMxPdqcAOZCytamjo8KI3H8YvM24DcRXTbiiwLbR7iokMG4QblWOp60kHIUS4jafNXrecLufGAUlEByYSl0A0FbBYeqNzFTrCQrmCHt_pHFDAbUPBqfdoqJ-SeZh563Mzd7iDrIPWgtutW-nGsGm41I7hDkiHwPe8K-VHYBrPAfRwT6RWT1Rp1Qg1efipMPKgtf9Kfo_oJtH_cOF0_4r4zxM2xigEQ0ja1OxEc03gY-1xIzPiHI1M3p1-vLQKAXnwVh5hwn4f-ooFeVmqpUvpdCBxmQlHobx14YGhWV78vDgB6yDC-R2dQ&session_id=7cb1f378-b4b7-43d4-a3e6-ede12289e20e&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJyZnAiOiJkYTk1MTYxYi1lNjM5LTRhMTQtODQ4Ny1hNDcyOTljM2VjZWYiLCJraWQiOiJjNGZlNDExMC1lYjU2LTQxYzYtYmFjMy01MzE2ZjZiMTQ0M2QiLCJqdGkiOiI1MDc4MDMxYS0wNzNkLTQ1MzgtYTI0MC1jODdiZjdiMTI3ZjgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MGYCMQDx1Wxnnj7vRuAIV8ZNmIQTQAOvB6b_JT9vkbAET-Ay55VucnIQsV_MbuGl_2E5MpsCMQCf6uTKSmXGAwJHjS1GcF8Le1m49QjV4GoAACwwlEBsDbcti7nomVvMxSLiBewoyvs&token_type=bearer&session_state=c8715e33-af39-4223-8ff1-c53ea0c64547&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterES512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1F71.1D84.5E0B.A6A3",
"client_secret": "ca797528-9356-45d4-ad78-38c9dc228ab1",
"registration_access_token": "13ab2c51-d34d-457f-b49b-c96bce2523b1",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1F71.1D84.5E0B.A6A3",
"client_id_issued_at": 1530815272,
"client_secret_expires_at": 1530901672,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211F71.1D84.5E0B.A6A3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJyZnAiOiI2Mzc5YTBhNS0zNzQ5LTQ1NDUtYmM0Ny04MmRhZDc1YWYxYTYiLCJraWQiOiIyNmY4MDQwYy1hZThiLTRkYWEtOGY3MS1hN2ZkZjE0ZGY2NDMiLCJqdGkiOiI4NzM3NjkxNy0xYmVhLTQ4MjEtOTgyNi00YmEwMjViNTFlMTciLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MIGIAkIBk6bEhm87HgH9kkffm2KDWvJEpH7dR7dnUIl6Vynlj9d5b5EBEbJcORjKgt0H9_mvOGNvU1-LrnX9c6b2N8AQDZkCQgDnDXzkI1V80ks1MhAnft_FrJ_nFbnqVCWN9_o6YvC0jX9MZytylbAgrpDRwDBdZF1R9lbPhxWdX_j_1thNsfOMKQ&nonce=52d88ed9-1fdb-4b80-89a3-d08275e2abf9
14:28:13.560 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:406108c7-3283-4ecc-9a16-a6ec493f8abf
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211F71.1D84.5E0B.A6A3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJyZnAiOiI2Mzc5YTBhNS0zNzQ5LTQ1NDUtYmM0Ny04MmRhZDc1YWYxYTYiLCJraWQiOiIyNmY4MDQwYy1hZThiLTRkYWEtOGY3MS1hN2ZkZjE0ZGY2NDMiLCJqdGkiOiI4NzM3NjkxNy0xYmVhLTQ4MjEtOTgyNi00YmEwMjViNTFlMTciLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MIGIAkIBk6bEhm87HgH9kkffm2KDWvJEpH7dR7dnUIl6Vynlj9d5b5EBEbJcORjKgt0H9_mvOGNvU1-LrnX9c6b2N8AQDZkCQgDnDXzkI1V80ks1MhAnft_FrJ_nFbnqVCWN9_o6YvC0jX9MZytylbAgrpDRwDBdZF1R9lbPhxWdX_j_1thNsfOMKQ&nonce=52d88ed9-1fdb-4b80-89a3-d08275e2abf9
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=3bfc6fe4-c43c-4c3c-a080-7f72b2ec99a7&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExRjcxLjFEODQuNUUwQi5BNkEzIiwiZXhwIjoxNTMwODE4ODczLCJpYXQiOjE1MzA4MTUyNzMsIm5vbmNlIjoiNTJkODhlZDktMWZkYi00YjgwLTg5YTMtZDA4Mjc1ZTJhYmY5IiwiYXV0aF90aW1lIjoxNTMwODE1MjczLCJhdF9oYXNoIjoieVVic0NoQjN6Ul9DVmc2OGdRSlFOQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlIyczYtSzVTRzBRbWMwX054MHl6X1ZmWXRBLWw2VE5lN3NYcUl3eUg5ZUEifQ.YxzDQYcdTAKS4P814DYXkUBCOmuqevLesjsi0-trJFQPEp2-CzKO5LoO4eKTxzlZ0qEuAcUm6fVtm3kZ9IyagxdFkcmK9MbhLVBdu58x70ebAamJiZsW-a7gm4h6JNZ0xTnlUrxtW8MYKyX2rNDlHjxq3Ypy8CP43VCRyhd-BtyNHjGAhC7vlKRV5nOEGm09c57ZShb3HVUKcbtAbKlsl-hxrioQk4Y_mckXQJIe5EtNcFSyyDB0uGsz-gxnZZ-YASt1_5VvmqVL9vfu0E5A-Om7es7H9aaJoMsN0GvuwxW9TBLYFwSH1P_ib23wnYu1nsZBj66BY_pKPetuu4xhNg&session_id=f5c51827-6447-4956-b6ea-7cfe56cf0ed5&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJyZnAiOiI2Mzc5YTBhNS0zNzQ5LTQ1NDUtYmM0Ny04MmRhZDc1YWYxYTYiLCJraWQiOiIyNmY4MDQwYy1hZThiLTRkYWEtOGY3MS1hN2ZkZjE0ZGY2NDMiLCJqdGkiOiI4NzM3NjkxNy0xYmVhLTQ4MjEtOTgyNi00YmEwMjViNTFlMTciLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MIGIAkIBk6bEhm87HgH9kkffm2KDWvJEpH7dR7dnUIl6Vynlj9d5b5EBEbJcORjKgt0H9_mvOGNvU1-LrnX9c6b2N8AQDZkCQgDnDXzkI1V80ks1MhAnft_FrJ_nFbnqVCWN9_o6YvC0jX9MZytylbAgrpDRwDBdZF1R9lbPhxWdX_j_1thNsfOMKQ&token_type=bearer&session_state=406108c7-3283-4ecc-9a16-a6ec493f8abf&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterHS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0965.3E2A.5451.C4FE",
"client_secret": "a68079d9-6e7e-4647-929c-04234179c981",
"registration_access_token": "a5236d65-4bc5-4589-a930-a4f6a453807a",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0965.3E2A.5451.C4FE",
"client_id_issued_at": 1530815273,
"client_secret_expires_at": 1530901673,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210965.3E2A.5451.C4FE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZnAiOiI3MjA2NTVlYi01MjdlLTQzNmQtYThlZi0yZDUzZGE5ZTllOTMiLCJqdGkiOiIyNWYxNDQyMS0zZmJkLTQ2OTktOWZiNS0yNTU5MGQzNGZjNzYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.p_r7K-r4VRX1GIqxsCyQQmYjSDZXO14ldcgIdUI3Bic&nonce=b59e70ce-ecd2-47b2-ad51-f758dcabe4a1
14:28:14.792 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:574135ba-564c-4cc0-80bd-6b3bcfac0b0f
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210965.3E2A.5451.C4FE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZnAiOiI3MjA2NTVlYi01MjdlLTQzNmQtYThlZi0yZDUzZGE5ZTllOTMiLCJqdGkiOiIyNWYxNDQyMS0zZmJkLTQ2OTktOWZiNS0yNTU5MGQzNGZjNzYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.p_r7K-r4VRX1GIqxsCyQQmYjSDZXO14ldcgIdUI3Bic&nonce=b59e70ce-ecd2-47b2-ad51-f758dcabe4a1
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=b16482cc-9155-4043-be87-9eed3a991c44&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwOTY1LjNFMkEuNTQ1MS5DNEZFIiwiZXhwIjoxNTMwODE4ODc0LCJpYXQiOjE1MzA4MTUyNzQsIm5vbmNlIjoiYjU5ZTcwY2UtZWNkMi00N2IyLWFkNTEtZjc1OGRjYWJlNGExIiwiYXV0aF90aW1lIjoxNTMwODE1Mjc0LCJhdF9oYXNoIjoiU3k3dGo4d00ySl9ZYWlKbEhMTnRrUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IldOQUlNNng0ZklfQXhsVkJTZWRCZDJEZkNMQmM1SGVQdHo4WWtfNTBFXzAifQ.qM9385BjZm3UNMgq-8R6m97Ofseyq1Fz874DLcoBz41NzxO36JUKMzyPsrDdQP716rNL7XcSwM5L9rv8xPqGSVBNd-p38vsUH2I7a2JI-y16BgDD7NSnWJhR3MG-sM1P4FN4FxetNuJvZpzQ5_lBN1fuHKUiuo4obTKLj7s02BhtESaEEa-_V3xVfkk4SL71-MXuMIc9afeDUXgsjN8UN5MAbmuL25AFd2X2eWNHNVNg9EHorRlx1eMINHMdCFzuT8jvrWEuvui1LMCn8W9CBspaEkFRWRaeHwA0xkA_UPnAn-F9LOeeAQxZoemIMwyNvo412guHMQpCdOYIdS7dhw&session_id=14281c84-542c-4e62-9bfb-9a9f479b4672&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZnAiOiI3MjA2NTVlYi01MjdlLTQzNmQtYThlZi0yZDUzZGE5ZTllOTMiLCJqdGkiOiIyNWYxNDQyMS0zZmJkLTQ2OTktOWZiNS0yNTU5MGQzNGZjNzYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.p_r7K-r4VRX1GIqxsCyQQmYjSDZXO14ldcgIdUI3Bic&token_type=bearer&session_state=574135ba-564c-4cc0-80bd-6b3bcfac0b0f&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterHS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7F85.72DA.CDC6.7FC6",
"client_secret": "722147a6-ca79-4db5-842d-e1e8908c147d",
"registration_access_token": "4461f598-9551-4627-bbbb-4c8b8f80c48c",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7F85.72DA.CDC6.7FC6",
"client_id_issued_at": 1530815274,
"client_secret_expires_at": 1530901674,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217F85.72DA.CDC6.7FC6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJyZnAiOiJlMmRhOGEzYS0yNmEzLTQxZjYtYjNjZS01NzE2ZDNiOWY5ZGMiLCJqdGkiOiIzZDJlY2I0Zi1iODUwLTRlNDEtOTdiMC05MGI2NmIzNTAxOGQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.ylfCaRgLkNSYTQg6FbWcvA92waTav3yMDrhu0RSFkzqcrmWKmE7rnO9kf6vy59hv&nonce=cb060818-c47a-4143-8146-949af37d0aef
14:28:16.011 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:48066ede-8148-47d6-b7df-ea9d587117ca
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217F85.72DA.CDC6.7FC6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJyZnAiOiJlMmRhOGEzYS0yNmEzLTQxZjYtYjNjZS01NzE2ZDNiOWY5ZGMiLCJqdGkiOiIzZDJlY2I0Zi1iODUwLTRlNDEtOTdiMC05MGI2NmIzNTAxOGQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.ylfCaRgLkNSYTQg6FbWcvA92waTav3yMDrhu0RSFkzqcrmWKmE7rnO9kf6vy59hv&nonce=cb060818-c47a-4143-8146-949af37d0aef
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=28cd7914-080d-472b-b57c-bf0b7a51c2d5&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3Rjg1LjcyREEuQ0RDNi43RkM2IiwiZXhwIjoxNTMwODE4ODc1LCJpYXQiOjE1MzA4MTUyNzUsIm5vbmNlIjoiY2IwNjA4MTgtYzQ3YS00MTQzLTgxNDYtOTQ5YWYzN2QwYWVmIiwiYXV0aF90aW1lIjoxNTMwODE1Mjc1LCJhdF9oYXNoIjoiazUxRFItblQxMWRwd3JGU0R1ck1ZZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImpQRjZSS1pQTmJmUVB4dUp6bE0zS2trZ2VjRTJITFRFRGhSTEJabmtCWFUifQ.eadaMOzMIPVYCQsdI42Z0DscbTvcEk4Z-CWEGSFtLqzxzHhfX_CmxG2Oj-5CiR6FcSuG_2r3rMrxX9rmQZjikyCVEhn_xgOwX9jMIhOlk983fnA1H_tIlzg8mSeys4GrqoYfCPbK7TqsRZoDc2RSA3WMka2lpq_na212LN05bGr7d6teIeIDAHq2Qz-D7rxZUGp7TPOwLjvfskU3HNUEdemqSIiQ7Uja84xZxyGQmddW7j435dcX6gGWxtdQKqISeWoVbdBFYMMrXhHiMvxEsElPx3Dh3EEbvgpt7dqTpaD75J7jm4ZiqaFgXE3_ZkKfIE-9ZCw_5UsFivB4KV_4tw&session_id=57f84a60-c9c3-4b16-977c-74d528e87392&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJyZnAiOiJlMmRhOGEzYS0yNmEzLTQxZjYtYjNjZS01NzE2ZDNiOWY5ZGMiLCJqdGkiOiIzZDJlY2I0Zi1iODUwLTRlNDEtOTdiMC05MGI2NmIzNTAxOGQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.ylfCaRgLkNSYTQg6FbWcvA92waTav3yMDrhu0RSFkzqcrmWKmE7rnO9kf6vy59hv&token_type=bearer&session_state=48066ede-8148-47d6-b7df-ea9d587117ca&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterHS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CDD2.3A94.3987.F4D9",
"client_secret": "3a9f44f8-e890-4686-b0a7-81db31586239",
"registration_access_token": "818ba760-f441-412b-94aa-3267fe94d515",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CDD2.3A94.3987.F4D9",
"client_id_issued_at": 1530815275,
"client_secret_expires_at": 1530901675,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CDD2.3A94.3987.F4D9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJyZnAiOiIzOWNiZjAwZi0yYjQyLTRhZGEtODc1NS0yZGMzZmJjYmQ0ZTgiLCJqdGkiOiI5ZDcxMTFmNS1hYTM1LTQwMTktODgwNS0yN2JlNTFlZmZiYzQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.bsB1T_RG-46UdDBU5Po9D_5pJTky9oWKamtqLsJWlwn_axDeGch5zd8KKCAqHySIhBZXTQsu7j_vmMy0wLzQ4A&nonce=ec0c539d-60d9-404a-9fb0-8d8767bcc0de
14:28:17.201 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:563b5cbd-e8be-424d-9cd9-e648c48f9366
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CDD2.3A94.3987.F4D9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJyZnAiOiIzOWNiZjAwZi0yYjQyLTRhZGEtODc1NS0yZGMzZmJjYmQ0ZTgiLCJqdGkiOiI5ZDcxMTFmNS1hYTM1LTQwMTktODgwNS0yN2JlNTFlZmZiYzQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.bsB1T_RG-46UdDBU5Po9D_5pJTky9oWKamtqLsJWlwn_axDeGch5zd8KKCAqHySIhBZXTQsu7j_vmMy0wLzQ4A&nonce=ec0c539d-60d9-404a-9fb0-8d8767bcc0de
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=7c71cabe-6be3-422c-b70e-062ca7ec4382&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDREQyLjNBOTQuMzk4Ny5GNEQ5IiwiZXhwIjoxNTMwODE4ODc2LCJpYXQiOjE1MzA4MTUyNzYsIm5vbmNlIjoiZWMwYzUzOWQtNjBkOS00MDRhLTlmYjAtOGQ4NzY3YmNjMGRlIiwiYXV0aF90aW1lIjoxNTMwODE1Mjc2LCJhdF9oYXNoIjoicnEzNzZIUkE1QW81bDhoX0dJZ0J4dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjhEWUxpdVlnWFYySHVBaTJ5U1B3VDFTaVRFYlZSUUFaSnVKQmRoWUg3bVkifQ.C9syb5doen2tzGW0Kq3XcSy_JDqtj5fnIJLlfk0l7d2MV073e5-ggpfc1f-m5mOgXN5zN6CCXuGhyagLp1JQk-ELMJXvlpBJkTQ2bLacBCfflXrjEN-rY2JKAiFMppQMLDFcctNJTI_XHKxfU-47Nctx7KOD8nEGTMjHLOdMu5-RiYRFe15I9Mogn1tlnWR82SxnEPbrNkhHPVlWOhgyg48-718OHcACZzqPNAZUVx0JP0YjLJLmARWD1kDENNTk4zK829RnRHR6Tkgh5MkOx0DDNYuKoGog5R7YDjWqjnMidrpUoD4dNx9tLrBuot7mbSsyQcGMnLOIt_S77I-fxQ&session_id=58682a3a-a8ad-49fe-83f6-69c34f526a42&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJyZnAiOiIzOWNiZjAwZi0yYjQyLTRhZGEtODc1NS0yZGMzZmJjYmQ0ZTgiLCJqdGkiOiI5ZDcxMTFmNS1hYTM1LTQwMTktODgwNS0yN2JlNTFlZmZiYzQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.bsB1T_RG-46UdDBU5Po9D_5pJTky9oWKamtqLsJWlwn_axDeGch5zd8KKCAqHySIhBZXTQsu7j_vmMy0wLzQ4A&token_type=bearer&session_state=563b5cbd-e8be-424d-9cd9-e648c48f9366&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterRS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3E39.5149.1D7A.EF42",
"client_secret": "1d5d740c-2056-43e0-9c67-cfc2b4e9ce52",
"registration_access_token": "4cd4922b-a7e4-4548-989d-3e1bf0252b15",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3E39.5149.1D7A.EF42",
"client_id_issued_at": 1530815277,
"client_secret_expires_at": 1530901677,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213E39.5149.1D7A.EF42&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJyZnAiOiI5ZjM0YTllMS1hNWJmLTRiNzItYWE2ZC0wZDAwOTY5MGY4YmQiLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkiLCJqdGkiOiJmMzU2YzI2My0wZjQyLTRiMjQtYTdiYy1mMmJhZDhjZjY2MjkiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.Ah082M7jB8iWKTQIyU0ouqkyUBNH1X9jY2knNni3DVGpgcQzagrTo8VoBRH9qKhYcWOQSTRjESyx1HCiIrIy00OYJhh3U5gFiFsnnn0qClIuX6VBnpSoXDMmAr7RU1SGp7yBNhwNZgWjAGtojIxOEx5_HTf8BzoRMnRZtcqFBg2r8XJViJAe71-rbtGYV6iPK_ILkFvroff1k4YcWF0sRekGluUCnDNYuG20Ig0o4_fPxTBU6SqFQrETZmGoXnzwnLVkbmuxJ19cgU5MPgtZfTGGmPXeC1Nwwa-cbLhQjKqWRZZzyOu83qTckCuuVuboKSqMLeSOCHzYZYGSHifXtA&nonce=5da38d72-9672-4625-98e0-50385c03735a
14:28:18.417 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:065aac3e-6e65-44ca-af3b-c5fd73115b93
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213E39.5149.1D7A.EF42&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJyZnAiOiI5ZjM0YTllMS1hNWJmLTRiNzItYWE2ZC0wZDAwOTY5MGY4YmQiLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkiLCJqdGkiOiJmMzU2YzI2My0wZjQyLTRiMjQtYTdiYy1mMmJhZDhjZjY2MjkiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.Ah082M7jB8iWKTQIyU0ouqkyUBNH1X9jY2knNni3DVGpgcQzagrTo8VoBRH9qKhYcWOQSTRjESyx1HCiIrIy00OYJhh3U5gFiFsnnn0qClIuX6VBnpSoXDMmAr7RU1SGp7yBNhwNZgWjAGtojIxOEx5_HTf8BzoRMnRZtcqFBg2r8XJViJAe71-rbtGYV6iPK_ILkFvroff1k4YcWF0sRekGluUCnDNYuG20Ig0o4_fPxTBU6SqFQrETZmGoXnzwnLVkbmuxJ19cgU5MPgtZfTGGmPXeC1Nwwa-cbLhQjKqWRZZzyOu83qTckCuuVuboKSqMLeSOCHzYZYGSHifXtA&nonce=5da38d72-9672-4625-98e0-50385c03735a
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=1641862a-5f14-4e93-af6f-091b075448fa&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzRTM5LjUxNDkuMUQ3QS5FRjQyIiwiZXhwIjoxNTMwODE4ODc4LCJpYXQiOjE1MzA4MTUyNzgsIm5vbmNlIjoiNWRhMzhkNzItOTY3Mi00NjI1LTk4ZTAtNTAzODVjMDM3MzVhIiwiYXV0aF90aW1lIjoxNTMwODE1Mjc3LCJhdF9oYXNoIjoiZzNqRXpldEl5aVBSRVhweVJudVJ4dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ijd4M0lwTEJ3YjJsOVZoMHNQUnVFU3pVbDctWUg3amRka1pkQm8tTEVadjAifQ.mgWXSebhWxWq33RjiP4Wpq9sUu4SEUsnQcnwXSsC08_WNov6AlkheuXRUpWE_OPo4OONXxbu631o3sOEx9yMn-lC88ay_WpupTSf3v0gDJZH5TCladkvOBQlCdH6hIAPR5nvnt7aSfFkkkKHWjTl539M-KNh6792PXLUzj3_zxPUxKizl5I5261WlIhmPCw-VPUFd7swMF5iA5mVf17KVIhkHY2j00ZdHrhlGMtMaC8Jo21N1Xlq3GBPhpFHScdGhnGTy64LrY3K1p6tAnTFZ0IQr1EDSMz0_TA8atff7Ql5L8s0nD6pkCTH0GV21lnC8zJGBNHYTIDcud78OkGBvg&session_id=26dfacaf-c88f-4230-a704-a47234fb62c2&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJyZnAiOiI5ZjM0YTllMS1hNWJmLTRiNzItYWE2ZC0wZDAwOTY5MGY4YmQiLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkiLCJqdGkiOiJmMzU2YzI2My0wZjQyLTRiMjQtYTdiYy1mMmJhZDhjZjY2MjkiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.Ah082M7jB8iWKTQIyU0ouqkyUBNH1X9jY2knNni3DVGpgcQzagrTo8VoBRH9qKhYcWOQSTRjESyx1HCiIrIy00OYJhh3U5gFiFsnnn0qClIuX6VBnpSoXDMmAr7RU1SGp7yBNhwNZgWjAGtojIxOEx5_HTf8BzoRMnRZtcqFBg2r8XJViJAe71-rbtGYV6iPK_ILkFvroff1k4YcWF0sRekGluUCnDNYuG20Ig0o4_fPxTBU6SqFQrETZmGoXnzwnLVkbmuxJ19cgU5MPgtZfTGGmPXeC1Nwwa-cbLhQjKqWRZZzyOu83qTckCuuVuboKSqMLeSOCHzYZYGSHifXtA&token_type=bearer&session_state=065aac3e-6e65-44ca-af3b-c5fd73115b93&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterRS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B685.828C.5E42.87FF",
"client_secret": "b7df5396-1306-4fe8-a1ad-4d9ff8a541d6",
"registration_access_token": "06817edb-ae62-46dd-9aa1-f12d7b32ad08",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B685.828C.5E42.87FF",
"client_id_issued_at": 1530815278,
"client_secret_expires_at": 1530901678,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B685.828C.5E42.87FF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJyZnAiOiIyYWVkYjgzMi04ZWJmLTQ4NDEtOTMzMy01MzAwZjIxM2NjYzAiLCJraWQiOiJjNDYyMTQzZi1hMTk3LTRmN2EtYWY5OS0wYjEwODczNjg2MTYiLCJqdGkiOiJlMmVjNWFkYy1jNDg3LTQ4YWQtOTYzOC05MzRjNTRmZTYyNzAiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.NfVGHzz3KvchdnymjEovLhd6W37YkMG2toUVRmmrhykyjtexXX3ZUp82-8r7NiHSTLRwSgCSlFEOqKj2aXm39YGfQBxPh8bF3vO4t7TKy1C9WvXexeFRlfUscfQxjTidBqm7qogqsQj_yMtg_Z1RJ-pNABeG-OiCdmLBnHDWl0oeqSi0w4Py4vVW0_49dY775CzYlDwbr9S1uCE2iCKXOp75WeEGhvUgTe1H9E0W1E9tUGiuRtIHKdyFcsyQs9cR5vPiNZcd6v98VWijK_JcQtbgP3q7_fvlmf6sujZNr8YKLjwsP8WkL7KdreqX-SVbzM2Loo26qxLfJ9zX30-lRQ&nonce=e0783043-9d42-4a2a-85a8-78e4c8daf8ee
14:28:19.624 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d7a49f3d-e5af-4fc6-9c3b-664ab5d99af8
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B685.828C.5E42.87FF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJyZnAiOiIyYWVkYjgzMi04ZWJmLTQ4NDEtOTMzMy01MzAwZjIxM2NjYzAiLCJraWQiOiJjNDYyMTQzZi1hMTk3LTRmN2EtYWY5OS0wYjEwODczNjg2MTYiLCJqdGkiOiJlMmVjNWFkYy1jNDg3LTQ4YWQtOTYzOC05MzRjNTRmZTYyNzAiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.NfVGHzz3KvchdnymjEovLhd6W37YkMG2toUVRmmrhykyjtexXX3ZUp82-8r7NiHSTLRwSgCSlFEOqKj2aXm39YGfQBxPh8bF3vO4t7TKy1C9WvXexeFRlfUscfQxjTidBqm7qogqsQj_yMtg_Z1RJ-pNABeG-OiCdmLBnHDWl0oeqSi0w4Py4vVW0_49dY775CzYlDwbr9S1uCE2iCKXOp75WeEGhvUgTe1H9E0W1E9tUGiuRtIHKdyFcsyQs9cR5vPiNZcd6v98VWijK_JcQtbgP3q7_fvlmf6sujZNr8YKLjwsP8WkL7KdreqX-SVbzM2Loo26qxLfJ9zX30-lRQ&nonce=e0783043-9d42-4a2a-85a8-78e4c8daf8ee
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=7d214670-6e05-4f1f-a809-58ecd315c36d&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCNjg1LjgyOEMuNUU0Mi44N0ZGIiwiZXhwIjoxNTMwODE4ODc5LCJpYXQiOjE1MzA4MTUyNzksIm5vbmNlIjoiZTA3ODMwNDMtOWQ0Mi00YTJhLTg1YTgtNzhlNGM4ZGFmOGVlIiwiYXV0aF90aW1lIjoxNTMwODE1Mjc5LCJhdF9oYXNoIjoicXhYZnhOdVhBMGROZXdkc0NRRkxqZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ikt4bUxKMXJ4cFk0NVpKTTJBNTY2cnY4QlRicWlNdjZnMUd4bGVSUnpNUlUifQ.sTksQL0R9TR-1yhHlKhA9pkD_TTL5puKGrqIYyTwOnjb9fO9tG72Yvk7oPnasfC-s2Mxq374MC-rSStHhI_rX9WE3FdyMmBtytdxP6IoOy7QcAMFkWlMtQTW9sR8MfpRzRJoUEmYewMjWlZftFYNeTo3f_lAWD6bWlNNq1hvb0q1mPo6_oN16Y6pRrvjJhsKwecelrqlukydysYlAxkycbazejmV9TDIQSXJf0wKYeLoxcb9AoOkfAA-v9yRlZfLC9Y7dVN3tbfTPVUPSGA8bMgFLKFt0on-zTE_DaZypG-22lrLPJhSWXRajytRO9_f_R3jjSZO44Pl7YmXJS8zZA&session_id=3c5753b7-42e3-4662-a2d1-3946bd7b6cfd&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJyZnAiOiIyYWVkYjgzMi04ZWJmLTQ4NDEtOTMzMy01MzAwZjIxM2NjYzAiLCJraWQiOiJjNDYyMTQzZi1hMTk3LTRmN2EtYWY5OS0wYjEwODczNjg2MTYiLCJqdGkiOiJlMmVjNWFkYy1jNDg3LTQ4YWQtOTYzOC05MzRjNTRmZTYyNzAiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.NfVGHzz3KvchdnymjEovLhd6W37YkMG2toUVRmmrhykyjtexXX3ZUp82-8r7NiHSTLRwSgCSlFEOqKj2aXm39YGfQBxPh8bF3vO4t7TKy1C9WvXexeFRlfUscfQxjTidBqm7qogqsQj_yMtg_Z1RJ-pNABeG-OiCdmLBnHDWl0oeqSi0w4Py4vVW0_49dY775CzYlDwbr9S1uCE2iCKXOp75WeEGhvUgTe1H9E0W1E9tUGiuRtIHKdyFcsyQs9cR5vPiNZcd6v98VWijK_JcQtbgP3q7_fvlmf6sujZNr8YKLjwsP8WkL7KdreqX-SVbzM2Loo26qxLfJ9zX30-lRQ&token_type=bearer&session_state=d7a49f3d-e5af-4fc6-9c3b-664ab5d99af8&expires_in=299
#######################################################
TEST: encodeClaimsInStateParameterRS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:27:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1B9E.3C0A.F4AF.2F82",
"client_secret": "717138ec-6da0-4b5f-a865-1a17a07f9ce4",
"registration_access_token": "0ba739da-cbd2-4c9e-9ae1-6107883d489f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1B9E.3C0A.F4AF.2F82",
"client_id_issued_at": 1530815279,
"client_secret_expires_at": 1530901679,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211B9E.3C0A.F4AF.2F82&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJyZnAiOiI2MjYwYmVmZS1lYjcwLTRjY2QtODEwMy05NGYyZTBkNDZhYmMiLCJraWQiOiI4NWIwODQ4My02ODkwLTQ4NDMtOWJhZi04MzdhMjRhM2M2ZDIiLCJqdGkiOiJjYjBlOTI5Mi03MjYyLTQ1ZjgtODY0Yi0zMWQyMTc2OWZlYmEiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.nZFgdDKPtGzMA_RskowsV-7nviO2AA8rQ5HZJzl65eGscUgiwzx7U5t_vyThevzVrgyOdG2J0rF4jdlU1VjbzSYtYtjwCddfF_Uo4yOCMUCNeV7cYjCKfTdzTzYHujyEYB-gQcxnclMAbHLKhGX4DINRyy0FBxMiKoRckgsjyedW8AXGrDXrNwJ7o6cbvqZ3kQWapsEKdgD-nZ6jMuRgLqolrm3CRm6Dgb785BiTotr4lDBb5i9DvLblozqx7fuQhDysYGDjaNzi_7yRRWhDTv-lipKFcMW2wvI26XoxuvP3klgzw5joFe5ukmW1irWrhhb8933sLWhK4xDopgdZ6g&nonce=d67a7f1a-0725-4745-b888-86e00d3c1dfa
14:28:20.852 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3eacea38-de35-408a-a590-ee4629c8af92
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211B9E.3C0A.F4AF.2F82&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJyZnAiOiI2MjYwYmVmZS1lYjcwLTRjY2QtODEwMy05NGYyZTBkNDZhYmMiLCJraWQiOiI4NWIwODQ4My02ODkwLTQ4NDMtOWJhZi04MzdhMjRhM2M2ZDIiLCJqdGkiOiJjYjBlOTI5Mi03MjYyLTQ1ZjgtODY0Yi0zMWQyMTc2OWZlYmEiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.nZFgdDKPtGzMA_RskowsV-7nviO2AA8rQ5HZJzl65eGscUgiwzx7U5t_vyThevzVrgyOdG2J0rF4jdlU1VjbzSYtYtjwCddfF_Uo4yOCMUCNeV7cYjCKfTdzTzYHujyEYB-gQcxnclMAbHLKhGX4DINRyy0FBxMiKoRckgsjyedW8AXGrDXrNwJ7o6cbvqZ3kQWapsEKdgD-nZ6jMuRgLqolrm3CRm6Dgb785BiTotr4lDBb5i9DvLblozqx7fuQhDysYGDjaNzi_7yRRWhDTv-lipKFcMW2wvI26XoxuvP3klgzw5joFe5ukmW1irWrhhb8933sLWhK4xDopgdZ6g&nonce=d67a7f1a-0725-4745-b888-86e00d3c1dfa
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=5319e205-3d0c-45af-9215-5eeee4c10be2&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQjlFLjNDMEEuRjRBRi4yRjgyIiwiZXhwIjoxNTMwODE4ODgwLCJpYXQiOjE1MzA4MTUyODAsIm5vbmNlIjoiZDY3YTdmMWEtMDcyNS00NzQ1LWI4ODgtODZlMDBkM2MxZGZhIiwiYXV0aF90aW1lIjoxNTMwODE1MjgwLCJhdF9oYXNoIjoicUZBVzhMTUVGZHNveHNjTlcyTFpvdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkNCTVpjdm8yX2duTnlLSFFjWGw4M3g4d0hRalg1YktrUzZNUnRJTVRHVjgifQ.qre6dvYjcrUJhFtkk7MlUrBpKYHWps3SyDowLj4QBb_njHqgI1n4pjVcupFBHZFC0C_cbyet1Htmn6FMu5gycmThioi0Pb-JJ17ixmh4tkwJRbdMeTC8A6Omk-iOTQwyTQe0xcYG1B4M_y3jsABzeT3FlricbWk7MAwtx1kuGd7mRAkoGcsdm2oSR7qXeC5Ccql9dQfX_neIhHtohOHoSV7PmRVOZf9CzTa6BI0Y6I4s43yhmn9jyKb-IbHdOT-6iofyaxZVgMWmFfPdDc1srcIYkPAWHP1o9avzG3U1Q7vFI6Hu876q3rSwqNjqXwJpdQhnhAJa3nLmLk5hwezj3g&session_id=85742cfc-1df9-451a-a542-e50a390ac4af&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJyZnAiOiI2MjYwYmVmZS1lYjcwLTRjY2QtODEwMy05NGYyZTBkNDZhYmMiLCJraWQiOiI4NWIwODQ4My02ODkwLTQ4NDMtOWJhZi04MzdhMjRhM2M2ZDIiLCJqdGkiOiJjYjBlOTI5Mi03MjYyLTQ1ZjgtODY0Yi0zMWQyMTc2OWZlYmEiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.nZFgdDKPtGzMA_RskowsV-7nviO2AA8rQ5HZJzl65eGscUgiwzx7U5t_vyThevzVrgyOdG2J0rF4jdlU1VjbzSYtYtjwCddfF_Uo4yOCMUCNeV7cYjCKfTdzTzYHujyEYB-gQcxnclMAbHLKhGX4DINRyy0FBxMiKoRckgsjyedW8AXGrDXrNwJ7o6cbvqZ3kQWapsEKdgD-nZ6jMuRgLqolrm3CRm6Dgb785BiTotr4lDBb5i9DvLblozqx7fuQhDysYGDjaNzi_7yRRWhDTv-lipKFcMW2wvI26XoxuvP3klgzw5joFe5ukmW1irWrhhb8933sLWhK4xDopgdZ6g&token_type=bearer&session_state=3eacea38-de35-408a-a590-ee4629c8af92&expires_in=299
#######################################################
TEST: jwtStateAlgA128KWEncA128GCMTest
#######################################################
Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.xNyeMgvqDFjtfuVKngSRlhhoR2CCTNC_.Nxq4jHBIs13N0uGn.gtCqSu1VCnZH6T687e3-rF8EpzohIOOazeTliGFQGe7LyI9-kfiYa5IW4LGrZRcsZI6E3_IupjSnSrchVdP-hm3T5sKZnqCz0JS0huaMntW404983qF4V1zILomxvAVTSx7Hc3YVGzUomrHu2ysoyEuXUO-FOfPFHGe4i_wa1Ni0txRW3hYzkDwp1w4m-Y3G9GogssVI3X6f2VtNy_H96CFlkU0w9eh77HXJg6TfnmeoGQeb54Lq0GmgvIoDMfrnHE4BPWjKuKU3mpNFHYowWQSJOiEPGpors2khG3g_sGAtGxBCSVARdTGXwaJTb7-KfIZPlDe_RQ.CYHVX8lIKaXwnT35RcYBOw
#######################################################
TEST: jwtStateAlgA256KWEncA256GCMTest
#######################################################
Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.TNf8VtHa5Ke_3Og_zYTyH56Ue5J5vGIqXFjkWizI6y_Nf0QJwe3ASQ.AYwkbvy9RfnwWIdu.F_6QMm3lrGrx9K5HrDywLZpc9-HgQY8PpsFR-ml0tR41k0tCDQf-a7nMqj3BWY4RW0JSt-1exvXXpiiPBt4xl7Y_SNpwAR06mlsdRk1QPYE_n5wcZw2QSu6n2DC70EhAsEvUuvQrMXnVCdZCCKNfxyhzvF-UVwr8SiJJjqrjWLFJX2ipUGp2JRW21134z0LdaF8-K7cCJiEL3BnKYhL-cK9zPtEjM830dSVCd1QYwSZyV6wftyB4XJk8InZR7aqbTezFvMmxF8apdUXFCQPpL3IDwhD2LvmfQuTs3ifsssmoOc4RNKRJW06Vrmw3OSAIWqRtD_yFpw.NzCPc2anmrC_HnhSs9ejwg
#######################################################
TEST: jwtStateAlgRSA15EncA128CBCPLUSHS256Test
#######################################################
Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDK0hTMjU2Iiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.EwhGbAFPhWxo3PJelvDXhUDL84xOwKbC01qw70FcPqfSUVIlYrVp1xrbMuF-vpOMB4jdcy09PPtoTReZ3iGmrGaWN-xFSScSAwplUxkJVK9T_XpWDbGOko4m3it09G_aFC4vH1OKbHDFAqKIjD7TivM0zfcdt2u2zf3qLOoZJtJcMv7zwUjmqywz-kBpm8nLN6huiEhTidG_GGb94lHsgLEtHksWhEDBqPb1SmQkb8h5qgouytlmrhT351avWqzz42YjggGZqzVzCzvRzcZ3drUwrndN-vVfzzO0-24WwXsy-xiXPHenKN59azCS5SDylzZsSzIRIkfoJy_tY2ShQw.zKYbyrlnWT3_JNszHnpJog.rotwDkbFyZ-nDFnGERXEyHoTnlZVI0zpzyZ_esYxK06uU3WbRhNtFXZU6057CkREVm4JKL6hPedF4Do7q84IACx4WkVBylJKDQkj6VUZ0aPyJhIF8EK__Sk3vFpaap-vqCjS9h_N6i2XZkFPLd5sGWJCbjUYDK0C3LkmIJE9PJCOs7RnYAh7nMGqq5wbShPneFLAbeB6y4YlV_PlgqzQHBszwIneZ2i8ympVlgq1nWrUJxAimOcMYCsQg0xMBUjXY0rWKppTwIE_9ZjZVMiHrhmb7hlW9Y7Bpt7ojyjK31ipgMLK7-bZ22PHjqKDsoxt_cn1uVweIfGrp-IjPtbgJbbSzvKVYMYz8zukthxdJG45-CTWAjRAuoZIpXuCnUgmB8gDh4Wcx0UiViuqmg96JKHa_OMvqaOfmmWKUDcswbk.NiTFtOoGFdl25luxa-xdyDCD_UPXJafUbhF-rVopEug
#######################################################
TEST: jwtStateAlgRSA15EncA256CBCPLUSHS512Test
#######################################################
Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDK0hTNTEyIiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.A-30jw6Q1S_UlrxMat-6qFjaDRzxHM2-8le2jUgxgTEdI0yae5Uh1jFy2kxOpq-arBkfXd35ymqosubdsEwKowKtaWRmmyBSCR9wCllwtOGwqi2cFidusqfvuAajTNPZyF-PX_yo4VpFj4pLE8dfgf4CTKGw3kQoMcTaMwe5584VD4_0OGmykE1mklT0IFZO0I5IJkR0YX55KW1AC_hvx_2fe5gTaXkc03WwZSuoYRh9NRjw71zLwir87h4pDuP11BkK2zUXg3KaPu6pUHvO465cZewi3qxPE_gzFKn8NzDLz2YzINP59jOiezzImB7gXksFfSUCKNCfehn51NkNYQ.VirTvd_mOzQNekx5-7zMGA.IqsLGMWPTmpf5ugmviSbmTk7CT81KGUedy2u77g2vuiGiwApc7IUnZv3aHHBWAisI1vCsVBPSB4-hsJZc_nSCU9PvhNr1WdsAufJ-FVB-Iwtg_7f7psWnXdNGjE-mSEDOVA5qj1vm0SS19w5IqwKd_mj942ObZ4uGq1GAqelBRC0RLzgp6YYshB8kdpiFBE4DdrZN6pV0bWmr4bAOOcdUJU66DK2nq17aduEcrHa-C9CwwPzrQIkfRLfZAX39TK1DFYG2eccNt1rM2dU_MfbAB8vfO5YizkNwyIp-H6DVt0wMLG_bNPQQgzipN8szO5RiuhCAwE1TZ0S82urofwVbFFhq-3prNeebxxcYI4P1PzxjfrPRQiJlUzWIfERGy5KUiUlr2l6w8mclzWa91GUkfIwkWri4F1NKG-_Vqw9Dos.0Xq_riwE5QeDhuG4TmWMwcRf9WezHxQrZFSyzRD01CrzppCfnnBn5yK54YeQwlHI8dLxhNaSEGIyBoq-Y-jHrQ
#######################################################
TEST: jwtStateAlgRSAOAEPEncA256GCMTest
#######################################################
Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkifQ.Y9To2k1VJV5MFQu-5St5T6XQ_1zjIt2jvolCLmxZh7Rgxrwehxo1Unq9AI8pGmeoKogdhUYoHk7rGNqIvNoDPeCGPEzBR-wNxFveiCHmkLcoCL-ax8Q-lNcn_vEo3BXsuWdJLMNTKybRu7NJYbYmigSsuOO4xhP9w0hWMyKmHtZ50Q-xMCi65_jahLxLXY4CVu0fcJBvRGu8ypoAh1qOd5wDqMl0Jy3SOb8pR3BCZrlSOmyXmW3IBwsna3B6IjPzADVnn8WzJrL8mPWLCUIJxgVfAhY0KXiZDkukxRrfyMicx2LPJNqSb3X8KvV5ZAUqz4x5jC0-VC1mUUYv9TIiuA.pXV6v7PrMCDpWvyR.lIUZrm-ZwoLQD3976PHGzvHzmm_TM_16zOqIERXMMcD91JtTxhhlNGrr9AOkMycXs8y5mNuirzOW5R8zrMm3uojxM9a8y-dHOLp_9e2sEC36_9nWREOJeU8sSV7Bz6UbeCqvnspwD5I3cWZVbbOmJc-HjNTtZQvS3L6ownPEr40NwHWUDEEntKFoFzY_NiixLF3_Kg-1873dXouUnWa_K_Gk-GknraQ4_YY7dx0x_R4v1z7ov2zkUmeogFr6jfDoxqE618HHYAuc1bPrjIAPyRI_rW8MwAarv3NnJYfyjKwDRyAQY7x0vgXqYKFJ62Px3G5IkGHzmZIfOHmjqBbjdQFtjEDqhFrSmP9QHztr_C7EttfjqLZa4LftLS9QnkDiye8EkxVx6xMlkYhhXQBkDpukJw.K96XW8aRVBj-w-KmXUWpqg
#######################################################
TEST: jwtStateES256Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJyZnAiOiIxZTZlYmY5MC1mYzhhLTQ3MTgtOWZiMy1iY2JiYWY0MzgzZGYiLCJraWQiOiI1NDdiMjgzOC1hODQ4LTQ2NzEtOGE0Ny1kNTM2MTczOGYyYWUiLCJqdGkiOiJjMmE4NDA1Ny1mZjY3LTQxMzgtYWEwYS05M2E5NmY0NmJkY2IiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MEUCIQDkWa38EiD1JpxTf1LAI-rARaKFTDhxiUh74JmQh9NCOAIgRGN8qpiU_kmi6GwaGm4AP20Efnoeu719kchcIG4qcdM
#######################################################
TEST: jwtStateES384Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJyZnAiOiJiYmZhYjdjMi1hMzdiLTQ5MDMtODc3ZS02Y2E4NTM1YzgzZTMiLCJraWQiOiJjNGZlNDExMC1lYjU2LTQxYzYtYmFjMy01MzE2ZjZiMTQ0M2QiLCJqdGkiOiI0NzQ0MDY4YS1hYzg5LTQ2Y2QtYmMwNy1kNWU1Nzk3ZjhhYzgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MGUCMC2qvpJepWsjCDnaK3NexRwSVIfXnibZdhUdIfcWrhcVNvb1nd79G1M7GU3F-JbsPAIxAIJiyGiiFiY33lDiCNnRHtKq7LlSfeP15lbMTr7iCMvq7I8L4Hl4E8bUqsMBmqTI3g
#######################################################
TEST: jwtStateES512Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJyZnAiOiIxNWM1MjdmNy1hYzg3LTQ0MDUtOGJmNS01ZmUxMGQwMjhhNmIiLCJraWQiOiIyNmY4MDQwYy1hZThiLTRkYWEtOGY3MS1hN2ZkZjE0ZGY2NDMiLCJqdGkiOiI2YjIyODgwNS1lNTM3LTRmOWYtYjljZC01NzI4Mjk3Njk5NDQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MIGIAkIByXFXaTtt3hxNKvd7OzUuMXPEUXHawSdfxQ6z8Pqkjf2cWesEDIfMUTxFY-kvqUeQH1xvlf0qSwXW4wS4n1bM0_MCQgGpRA-Bl5rxNrRwyWtG3lTb18QsN-2hek_NNZe5ehzz5zqUBEmKuggEv4BORuMo_J0GHXStZo0Q4NdccEoO9fKBxQ
#######################################################
TEST: jwtStateHS256Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZnAiOiJmZTVjYTllMi1kODUwLTRkZWMtYTNlNi0zNzg0NzI3MTA0MTkiLCJqdGkiOiJlZWU4ODU4NS0xZDExLTQyNGUtOWFkOC00ZTg4NDViYWY5YzQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.0KpOz9gNiVExzp9_B_WZOMZiKGECfTkhxPpT7Vpf7yY
#######################################################
TEST: jwtStateHS384Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJyZnAiOiJjYjQyNmE5ZS1mNjNjLTQ2NzYtOTZiNC1jOTU5NmMwYWE5MzEiLCJqdGkiOiJhN2MyMmQ1Mi1kMTQwLTQxYzUtOGE2Mi01MmZlNDZhMDkwNDMiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.iHo7bYcZ7UDrOXB5Cu_LzNBjLphegDhMpqE42fUwn261QzQ2uK59YynIgvq3BK_I
#######################################################
TEST: jwtStateHS512Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJyZnAiOiJlZmMzZWEyOS0xZWE3LTQxMTYtOGFiMi01ZmI5MzQxMjYyYzAiLCJqdGkiOiI0ZGU0YTEyMy1jZjNmLTQxYmItYjYzMS02MzU0OGNiYjgwYWYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.fcs_kaispM8CcLnDo91yGjiqJYJKazIAdT08OVQZrtpDUyMzyANI_5ucMAudPVappWpRiCM-FJw6dT8eLGB1bw
#######################################################
TEST: jwtStateNONETest
#######################################################
Encoded State: eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJyZnAiOiI2NDliMWIzYi0wODg3LTQ2OTctOWZhNy0xNThkZjA1NzY3OGUiLCJqdGkiOiJmODEyZjQyZi1lMDhjLTQ4MzYtYmU2ZS04NWYwNGNlZDhiNTYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.
#######################################################
TEST: jwtStateRS256Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJyZnAiOiIzMmFmZDQ4ZC02ODAxLTRkYmUtYWExYy1jYWFkYTJkZjlkYzQiLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkiLCJqdGkiOiJiZTRkN2ZhNi00NmQ4LTRkZDEtYTVhNS03NTFmZDgyOGUzYjYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.jFa7pYAmvKzcr5ucrkl-I9zVniJZy8pxYR90BC6GerBp1bSKIt21So8OaFFaFOo_oe5kTlC2eh1rUrfuujHOSjfuSeOxRc9LX6I8QQGKeKXJo-e-tnpdlLFduY0YRkVvZ6FUmf6Ix_3f8IH0arDaV9_XECIZTBfqnmASSrPwG6Gv3QW2W_4o6vnvVPORbDj3NrEXIcnZNLlsEXnB-dLN_ePz4RRwI_3wddlxsrLs63-FQuFhBUQwliv6LlSZntXxvTe-t5a_EEbVf9We2IC5N71cHgv92h9BTXMLt1ruUVDlxLKtqfFDihGcITjy3t3Df7p2B95RlkWDa_dNixZXBw
#######################################################
TEST: jwtStateRS384Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJyZnAiOiJhYTMzOTQ3MC1lZmE4LTQ1NjQtYTM1ZS03NDZiZWY1ZGVhYWEiLCJraWQiOiJjNDYyMTQzZi1hMTk3LTRmN2EtYWY5OS0wYjEwODczNjg2MTYiLCJqdGkiOiI0ZDM4MDYxMS1iNzUwLTQyOWEtOWJhMi03OTM4NWE3MWFhOTkiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.wNpdGiBncqfbEJltqOQDf8rYYhsaYfczPxkoqFvUy2zmpg4gVf__heGc-LC0u4ym-rnmzAtwEbcns0I2NLtxQ3HafP3fboShoDiAK1o27SoOi88MaAXx57GQaZEs39i9vQsGfdzVRCX442BR__dZgrvCbJR1OFcHz_Wb1kLUXvTbuM5O6Rc0m2ob14XzgaWhh8OyU-nvgUttgGZ593vUa0ePBuWlxdvOLwzSC9VidGBaHtApX9qL7JdBj9PJfMfK5qDUJh48Xa_ntG7CDdemoQzqXN9F8l6c5Mv0fZ5UmC5vrCPCsuAQ8jcFS-uhlg0QzzO5SetLzoXssTLpBETmcg
#######################################################
TEST: jwtStateRS512Test
#######################################################
Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJyZnAiOiJmODBhODljNi1lYmE2LTQ0NmEtOTFjOC05NGQ2NTJiOWU2NDkiLCJraWQiOiI4NWIwODQ4My02ODkwLTQ4NDMtOWJhZi04MzdhMjRhM2M2ZDIiLCJqdGkiOiIwZTAyODE5Ny02YTMzLTRmMzItODM0Ni0yZjE5YTQxMDJlNDMiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.HQFbWX6GRYKvxj__pzTcU8aayE6vnss7B1vZ4CzHolMiyYa9eytMpT6osEi5zVKCoWTDr4mhB6CWjoTGPktOdu0jZIMp2kmrxpCFg_sQ0rHfzpm6QSzxnKYBmfU-ycfMzGzHreDPhWPgfhdOKjoK36yWpVc5XIR9Djoc2fLsux8ERmqB9H1oloxWCvxsgk42tzFpKsLfx1G1MBCyegbw7WP5TVysAtJtVfWTL4zh5B4Y3nhM2-E3DKcrGbvGEcSjqSrXjUlzc9ZqjIMuUhFoJzKzPJyYJw5PV87Sl-jLqI9oZXm6BsFW5Rnb-JzqyhFvhSjRj-LYibMt09E9_hdtzw
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:28:00 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:28:00 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: requestEndSession by id_token
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"]
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1488
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:28:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C29.718D.B793.9F2B",
"client_secret": "c7e2e40e-4a10-475d-82bd-2c04e23a235d",
"registration_access_token": "b8307399-dba6-4f7d-87e3-4d8f1fb02a1f",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C29.718D.B793.9F2B",
"client_id_issued_at": 1530815281,
"client_secret_expires_at": 1530901681,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211C29.718D.B793.9F2B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=47f66926-91d9-4330-82c5-bf525d5c6763&nonce=8acc8516-6fca-4e4a-8798-d89ad3bbed83
14:28:22.511 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:bbf6a219-bffc-43f5-a66e-c40fd7bf6484
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211C29.718D.B793.9F2B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=47f66926-91d9-4330-82c5-bf525d5c6763&nonce=8acc8516-6fca-4e4a-8798-d89ad3bbed83
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=151e46a7-5cb9-4ea2-8ab6-cb6957500119&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQzI5LjcxOEQuQjc5My45RjJCIiwiZXhwIjoxNTMwODE4ODgyLCJpYXQiOjE1MzA4MTUyODIsIm5vbmNlIjoiOGFjYzg1MTYtNmZjYS00ZTRhLTg3OTgtZDg5YWQzYmJlZDgzIiwiYXV0aF90aW1lIjoxNTMwODE1MjgyLCJhdF9oYXNoIjoiUk5oVGk1djlUVWtHSWZJNi0yQW9GZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IklXX1pqUGNKMFc0NHNyVVloLTZjMnVQU1YzdU1YSXpFTVkwYXNYOXVRR1kifQ.WwJK9s8FcNF7HY9GR7VpxhRTq8oJ43iKhgxO_leJEtJMekaNR81ig8FzUdEDclxuY6JoymWHR14Ea5hwc9F6QcC5HaVn2i0B-mLH4DqjjAILKQ-6QUyasEEKybwz1IlmOOm3BuJOvEdAWJ4hj0Zvy8YCl9GI7eiSjQzPEg_3MTE5GsPEYNn1264_IsVIxdOo9h3AwevUr1HcrJDDxyAPik5YNcvjTxcSDrJJgqbX7GtHhWrVvyYwVLTaD1uye3OMTLZls3P_jU3bbWdjWRA7c0G8nGSJvm2svRgLU8x1L6Pv3kEuYiOpbiNlCdl0cby00EoI_WXskiInsFRZPpum7w&session_id=cb548f8d-342a-43ba-b289-eee22921802c&state=47f66926-91d9-4330-82c5-bf525d5c6763&token_type=bearer&session_state=bbf6a219-bffc-43f5-a66e-c40fd7bf6484&expires_in=299
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/end_session?id_token_hint=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQzI5LjcxOEQuQjc5My45RjJCIiwiZXhwIjoxNTMwODE4ODgyLCJpYXQiOjE1MzA4MTUyODIsIm5vbmNlIjoiOGFjYzg1MTYtNmZjYS00ZTRhLTg3OTgtZDg5YWQzYmJlZDgzIiwiYXV0aF90aW1lIjoxNTMwODE1MjgyLCJhdF9oYXNoIjoiUk5oVGk1djlUVWtHSWZJNi0yQW9GZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IklXX1pqUGNKMFc0NHNyVVloLTZjMnVQU1YzdU1YSXpFTVkwYXNYOXVRR1kifQ.WwJK9s8FcNF7HY9GR7VpxhRTq8oJ43iKhgxO_leJEtJMekaNR81ig8FzUdEDclxuY6JoymWHR14Ea5hwc9F6QcC5HaVn2i0B-mLH4DqjjAILKQ-6QUyasEEKybwz1IlmOOm3BuJOvEdAWJ4hj0Zvy8YCl9GI7eiSjQzPEg_3MTE5GsPEYNn1264_IsVIxdOo9h3AwevUr1HcrJDDxyAPik5YNcvjTxcSDrJJgqbX7GtHhWrVvyYwVLTaD1uye3OMTLZls3P_jU3bbWdjWRA7c0G8nGSJvm2svRgLU8x1L6Pv3kEuYiOpbiNlCdl0cby00EoI_WXskiInsFRZPpum7w&post_logout_redirect_uri=https%3A%2F%2Fclient.example.com%2Fpl&state=3429a5e2-5ddf-4f97-a228-7976b3512dea&session_id=cb548f8d-342a-43ba-b289-eee22921802c HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-transform, no-store
Connection: Keep-Alive
Content-Length: 343
Content-Type: text/html
Date: Thu, 05 Jul 2018 18:28:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Set-Cookie: session_id=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Gluu Generated logout pageLogout requests sent.
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/end_session?id_token_hint=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQzI5LjcxOEQuQjc5My45RjJCIiwiZXhwIjoxNTMwODE4ODgyLCJpYXQiOjE1MzA4MTUyODIsIm5vbmNlIjoiOGFjYzg1MTYtNmZjYS00ZTRhLTg3OTgtZDg5YWQzYmJlZDgzIiwiYXV0aF90aW1lIjoxNTMwODE1MjgyLCJhdF9oYXNoIjoiUk5oVGk1djlUVWtHSWZJNi0yQW9GZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IklXX1pqUGNKMFc0NHNyVVloLTZjMnVQU1YzdU1YSXpFTVkwYXNYOXVRR1kifQ.WwJK9s8FcNF7HY9GR7VpxhRTq8oJ43iKhgxO_leJEtJMekaNR81ig8FzUdEDclxuY6JoymWHR14Ea5hwc9F6QcC5HaVn2i0B-mLH4DqjjAILKQ-6QUyasEEKybwz1IlmOOm3BuJOvEdAWJ4hj0Zvy8YCl9GI7eiSjQzPEg_3MTE5GsPEYNn1264_IsVIxdOo9h3AwevUr1HcrJDDxyAPik5YNcvjTxcSDrJJgqbX7GtHhWrVvyYwVLTaD1uye3OMTLZls3P_jU3bbWdjWRA7c0G8nGSJvm2svRgLU8x1L6Pv3kEuYiOpbiNlCdl0cby00EoI_WXskiInsFRZPpum7w&post_logout_redirect_uri=https%3A%2F%2Fclient.example.com%2Fpl&state=4fec0e31-8e95-4041-9055-24ed1de3b720&session_id=cb548f8d-342a-43ba-b289-eee22921802c HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 307
Connection: Keep-Alive
Content-Length: 149
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:28:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://client.example.com/pl
Server: Jetty(9.4.9.v20180320)
Set-Cookie: session_id=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_grant_and_session","error_description":"The provided access token and session state are invalid or were issued to another client."}
#######################################################
TEST: requestEndSessionFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/end_session HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 149
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:28:02 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_grant_and_session","error_description":"The provided access token and session state are invalid or were issued to another client."}
#######################################################
TEST: requestEndSessionFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/end_session?id_token_hint=INVALID_ACCESS_TOKEN&post_logout_redirect_uri=https%3A%2F%2Fclient.example.com%2Fpl&state=ba6d467f-a192-4c28-9f45-dc3d15d6872c HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 307
Connection: Keep-Alive
Content-Length: 149
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:28:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://client.example.com/pl
Server: Jetty(9.4.9.v20180320)
Set-Cookie: session_id=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_grant_and_session","error_description":"The provided access token and session state are invalid or were issued to another client."}
#######################################################
TEST: requestEndSession by session_id
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": [
"token",
"id_token"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"]
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1488
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:28:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3902.C5B3.1CC8.8010",
"client_secret": "5ec10d95-4856-4e85-b0ea-668a7d12a4cf",
"registration_access_token": "174c39bf-c86f-4d34-ae05-2bb0e6d81d06",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3902.C5B3.1CC8.8010",
"client_id_issued_at": 1530815282,
"client_secret_expires_at": 1530901682,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": [
"id_token",
"token"
],
"grant_types": ["implicit"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"frontchannel_logout_session_required": false,
"scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213902.C5B3.1CC8.8010&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9ae7873e-6182-4494-9a80-8fb3383e6f9d&nonce=17e814b8-a551-491f-83d4-f681b4c6338e
14:28:24.214 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f60c9e4b-1802-4d93-857e-825e133e8584
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213902.C5B3.1CC8.8010&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9ae7873e-6182-4494-9a80-8fb3383e6f9d&nonce=17e814b8-a551-491f-83d4-f681b4c6338e
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=9b6d0685-3afc-48a5-be93-bf27069d5ea7&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzOTAyLkM1QjMuMUNDOC44MDEwIiwiZXhwIjoxNTMwODE4ODgzLCJpYXQiOjE1MzA4MTUyODMsIm5vbmNlIjoiMTdlODE0YjgtYTU1MS00OTFmLTgzZDQtZjY4MWI0YzYzMzhlIiwiYXV0aF90aW1lIjoxNTMwODE1MjgzLCJhdF9oYXNoIjoiVmhwMUh4VERMV2hGSG0yZGJjbUozQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InRuSlZFWmVzNHNTNnBfQ1QtSFNvSk43UUNQRUdxVlp4Vi1sc2FfZkJ2djgifQ.lwoHrgYTzZkGGQgKKJ3vQSn_dKdVdykTkDvtY9wGL7kkPZ8KyvsROxkOa-d-aBiTBJM-WapkxrvQkcH2QoSjH4uRmZsLCeajim93EE2pxNCpJ3c2y5cBjcXlHljymHy3O1iHCQ0CfR-uFgdyPJGQXRKBnPi9VWrjtycm4Jtq3J4jkasXqPH6Brdzx66AxGDuwahUQKHqtdWDgrRPX-pzKoLPCJApahjq6YWdda3sH_j3TBtdCeuJZA-xucOVQoVB-WN7hIflwFMwCHx1fpBWOEw2eBYpjcF5JBeTp8R9j3XnEtycjfVKDIaD20IxIiDcFWLgpaoHPzR4FYLYcqI1YQ&session_id=8ed44f57-f9b1-4744-ba26-9d8f0e1fe0d1&state=9ae7873e-6182-4494-9a80-8fb3383e6f9d&token_type=bearer&session_state=f60c9e4b-1802-4d93-857e-825e133e8584&expires_in=299
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/end_session?&post_logout_redirect_uri=https%3A%2F%2Fclient.example.com%2Fpl&state=77ae28c2-3cca-412b-94e3-96aa1da4451b&session_id=8ed44f57-f9b1-4744-ba26-9d8f0e1fe0d1 HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-transform, no-store
Connection: Keep-Alive
Content-Length: 343
Content-Type: text/html
Date: Thu, 05 Jul 2018 18:28:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Set-Cookie: session_id=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Gluu Generated logout pageLogout requests sent.
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/end_session?&post_logout_redirect_uri=https%3A%2F%2Fclient.example.com%2Fpl&state=e6753d46-183a-4e21-abee-c66578d92c6e&session_id=8ed44f57-f9b1-4744-ba26-9d8f0e1fe0d1 HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 307
Connection: Keep-Alive
Content-Length: 149
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:28:04 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://client.example.com/pl
Server: Jetty(9.4.9.v20180320)
Set-Cookie: session_id=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"error":"invalid_grant_and_session","error_description":"The provided access token and session state are invalid or were issued to another client."}
#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:28:04 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"subject": "acct:test_user@ce-dev4.gluu.org",
"links": [{
"rel": "http://openid.net/specs/connect/1.0/issuer",
"href": "https://ce-dev4.gluu.org"
}]
}
OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:28:04 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"issuer": "https://ce-dev4.gluu.org",
"authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
"token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
"userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
"clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
"check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
"end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
"jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
"registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
"id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
"introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
"scopes_supported": [
"permission",
"clientinfo",
"email",
"user_name",
"sub",
"org_name",
"address",
"openid",
"test_scope1",
"work_phone",
"phone",
"profile",
"mobile_phone",
"test"
],
"response_types_supported": [
"code",
"code id_token",
"code id_token token",
"id_token",
"id_token token",
"token",
"code token"
],
"grant_types_supported": [
"urn:ietf:params:oauth:grant-type:uma-ticket",
"client_credentials",
"refresh_token",
"implicit",
"password",
"authorization_code"
],
"acr_values_supported": [
"super_gluu",
"u2f",
"otp",
"basic",
"auth_ldap_server"
],
"auth_level_mapping": {
"-1": ["auth_ldap_server"],
"50": ["otp"],
"100": ["basic"],
"10": ["u2f"],
"15": ["super_gluu"]
},
"subject_types_supported": [
"public",
"pairwise"
],
"userinfo_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"userinfo_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"userinfo_encryption_enc_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"id_token_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"id_token_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"request_object_signing_alg_values_supported": [
"none",
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"request_object_encryption_alg_values_supported": [
"RSA1_5",
"RSA-OAEP",
"A128KW",
"A256KW"
],
"request_object_encryption_enc_values_supported": [
"A128CBC+HS256",
"A256CBC+HS512",
"A128GCM",
"A256GCM"
],
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post",
"client_secret_jwt",
"private_key_jwt"
],
"token_endpoint_auth_signing_alg_values_supported": [
"HS256",
"HS384",
"HS512",
"RS256",
"RS384",
"RS512",
"ES256",
"ES384",
"ES512"
],
"display_values_supported": [
"page",
"popup"
],
"claim_types_supported": ["normal"],
"claims_supported": [
"birthdate",
"country",
"name",
"email",
"email_verified",
"given_name",
"gender",
"inum",
"family_name",
"updated_at",
"locale",
"member_of",
"middle_name",
"nickname",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope",
"phone_number_verified",
"picture",
"preferred_username",
"profile",
"zoneinfo",
"user_name",
"website"
],
"service_documentation": "http://gluu.org/docs",
"claims_locales_supported": ["en"],
"ui_locales_supported": [
"en",
"es"
],
"scope_to_claims_mapping": [
{"permission": []},
{"uma_protection": []},
{"clientinfo": [
"name",
"inum",
"oxAuthAppType",
"oxAuthIdTokenSignedResponseAlg",
"oxAuthRedirectURI",
"oxAuthScope"
]},
{"email": [
"email_verified",
"email"
]},
{"user_name": ["user_name"]},
{"sub": []},
{"org_name": []},
{"address": [
"formatted",
"postal_code",
"street_address",
"locality",
"country",
"region"
]},
{"openid": []},
{"test_scope1": []},
{"work_phone": []},
{"phone": [
"phone_number_verified",
"phone_number"
]},
{"profile": [
"name",
"family_name",
"given_name",
"middle_name",
"nickname",
"preferred_username",
"profile",
"picture",
"website",
"gender",
"birthdate",
"zoneinfo",
"locale",
"updated_at"
]},
{"mobile_phone": ["phone_mobile_number"]},
{"test": ["member_of"]}
],
"claims_parameter_supported": true,
"request_parameter_supported": true,
"request_uri_parameter_supported": true,
"require_request_uri_registration": false,
"op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
"op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported": true,
"frontchannel_logout_session_supported": true
}
#######################################################
TEST: grantTypesRestriction
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"scope": "openid profile address email user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1418
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:28:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!89C2.C808.EA13.7092",
"client_secret": "1ea5f2d0-8a60-44f7-b313-08fc7aaafe04",
"registration_access_token": "4293904a-c32b-4311-ae09-7e8743200e84",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!89C2.C808.EA13.7092",
"client_id_issued_at": 1530815284,
"client_secret_expires_at": 1530901684,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"scope": "openid profile address email user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1418
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:28:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4C5D.AC6A.E7AB.8912",
"client_secret": "71779c8d-6269-464a-9e23-065ea44737e5",
"registration_access_token": "95b12292-8641-41e1-9cf6-dc0320732642",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4C5D.AC6A.E7AB.8912",
"client_id_issued_at": 1530815284,
"client_secret_expires_at": 1530901684,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2189C2.C808.EA13.7092&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=77a2a305-337f-4789-988e-28e7ec61db46&nonce=722ecc4d-c20d-4583-922a-8809bc76cff4
14:28:25.784 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e38cc3d0-557e-4854-90dc-585f657f77c7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2189C2.C808.EA13.7092&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=77a2a305-337f-4789-988e-28e7ec61db46&nonce=722ecc4d-c20d-4583-922a-8809bc76cff4
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=c991891d-4977-4196-b688-9f4b41fc4132&scope=address+openid+user_name+profile+email&session_id=990d4f4f-0ef7-49d6-b785-f13062821825&state=77a2a305-337f-4789-988e-28e7ec61db46&session_state=e38cc3d0-557e-4854-90dc-585f657f77c7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghODlDMi5DODA4LkVBMTMuNzA5MjoxZWE1ZjJkMC04YTYwLTQ0ZjctYjMxMy0wOGZjN2FhYWZlMDQ=
grant_type=authorization_code&code=c991891d-4977-4196-b688-9f4b41fc4132&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:28:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"97b1211f-6920-47b5-b8be-ecb0060d98c1","token_type":"bearer","expires_in":299,"refresh_token":"8fd06b98-d895-4710-9f70-fd271d344ea4","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4OUMyLkM4MDguRUExMy43MDkyIiwiZXhwIjoxNTMwODE4ODg1LCJpYXQiOjE1MzA4MTUyODUsIm5vbmNlIjoiNzIyZWNjNGQtYzIwZC00NTgzLTkyMmEtODgwOWJjNzZjZmY0IiwiYXV0aF90aW1lIjoxNTMwODE1Mjg1LCJhdF9oYXNoIjoiaHFFLWFxaFpnRWs0V2pYQWM0T0todyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjNKVXNDN1RidjlxWlhEVmxmcjEwSi1QTEMwUU5NOEhSNTFuT2RCb2pCNFkifQ.ccqfT8Bd-OGzLlXGR2jCT5eWr1w6zDmO2mjT0jZj2vmzP2ZM3w3wgFjLbuJfg0BPg7mgbhiY14KgsqTrqDyvMW5qvoGQk5m37EusoPB0rzwr6_jxdVeePgEvpM5jkhUvIAQZtVCvryGOK_zo1L3ASg_YjBZrU_tDtonFUQco5voN5qNfFba8LTR7DsvmFdjJv2033FWUeauYuVmPhScvSaPNjyYFGbUU8Y2VmgC2k-QSOMDLsGwcd39AqKbPVocdUP9lYNJ6vu5R9VWUdH4i3a8ldQrJ0-tM3ftaJDMVEgp83dv610Xv8RWRNHQDDBrz4pLYpH3DRZqVpma1MSZcPw"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghODlDMi5DODA4LkVBMTMuNzA5MjoxZWE1ZjJkMC04YTYwLTQ0ZjctYjMxMy0wOGZjN2FhYWZlMDQ=
grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=8fd06b98-d895-4710-9f70-fd271d344ea4
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:28:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"f989f86d-d995-41c3-aadc-ed532e4e1cf4","token_type":"bearer","expires_in":299,"refresh_token":"e312f393-1c05-44a0-8ca0-60b95d26ade2","scope":"address openid user_name profile email"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f989f86d-d995-41c3-aadc-ed532e4e1cf4
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:28:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"3JUsC7Tbv9qZXDVlfr10J-PLC0QNM8HR51nOdBojB4Y","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: grantTypesRestriction
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"scope": "openid profile address email user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1418
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:28:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!610D.56E9.3595.0273",
"client_secret": "20740057-515b-43e6-803d-651357461cfd",
"registration_access_token": "d2cae6fe-abb3-42e2-a708-523fe85c82ed",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!610D.56E9.3595.0273",
"client_id_issued_at": 1530815285,
"client_secret_expires_at": 1530901685,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["code"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"scope": "openid profile address email user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1418
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:28:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{
"client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62A2.CD6E.439D.BFC1",
"client_secret": "a8d61e48-8b24-4f76-a7bb-5c85dd32f7ee",
"registration_access_token": "f65721a8-3c9d-4c2b-92ac-19dbf886b821",
"registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62A2.CD6E.439D.BFC1",
"client_id_issued_at": 1530815285,
"client_secret_expires_at": 1530901685,
"redirect_uris": [
"https://client.example.com/cb2",
"https://client.example.com/cb1",
"https://client.example.com/cb",
"https://ce-dev4.gluu.org/oxauth-rp/home.htm"
],
"response_types": ["code"],
"grant_types": [
"refresh_token",
"authorization_code"
],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"id_token_signed_response_alg": "RS256",
"token_endpoint_auth_method": "client_secret_basic",
"require_auth_time": false,
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"frontchannel_logout_session_required": false,
"scope": "openid profile address email user_name",
"claims": ""
}
authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21610D.56E9.3595.0273&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6d464664-eb5c-42eb-99c2-14f20f1252ae&nonce=48bf90d0-6fdb-45d7-9548-385b4e8613c6
14:28:27.254 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ea6c2057-c774-4813-9399-25e2326f4b98
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21610D.56E9.3595.0273&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6d464664-eb5c-42eb-99c2-14f20f1252ae&nonce=48bf90d0-6fdb-45d7-9548-385b4e8613c6
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=6c42dff3-4a1b-462a-a4dd-0dccef6180cf&scope=address+openid+user_name+profile+email&session_id=a2117b3e-3e4f-4b7b-a785-df1c1ca7f2f9&state=6d464664-eb5c-42eb-99c2-14f20f1252ae&session_state=ea6c2057-c774-4813-9399-25e2326f4b98
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjEwRC41NkU5LjM1OTUuMDI3MzoyMDc0MDA1Ny01MTViLTQzZTYtODAzZC02NTEzNTc0NjFjZmQ=
grant_type=authorization_code&code=6c42dff3-4a1b-462a-a4dd-0dccef6180cf&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:28:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"bb0fc719-ed2e-4c26-89fa-ee6e0ae84934","token_type":"bearer","expires_in":299,"refresh_token":"386ede5f-d9eb-42f0-8a8b-cca1f162735e","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MTBELjU2RTkuMzU5NS4wMjczIiwiZXhwIjoxNTMwODE4ODg2LCJpYXQiOjE1MzA4MTUyODYsIm5vbmNlIjoiNDhiZjkwZDAtNmZkYi00NWQ3LTk1NDgtMzg1YjRlODYxM2M2IiwiYXV0aF90aW1lIjoxNTMwODE1Mjg2LCJhdF9oYXNoIjoiUGdJSjlidkMwZ1d2UkdYaGt4WHotZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkFkV09NcDBsOWg4Y2kzaVozMkxSQWNuMHd0anBBdFFNdGQ0OWk2WEpaRlUifQ.e9HRxGiqWdQD1beThyzmOcOzK0S5T-_5uFKV4Z-RILKdTXK8df7Rfz-gZijkOfgDsGriTZ26Siz7TDVxFaO0HYr9ReHeM8nyQc1b3tu3_bZ7ZyS-SboXfPkYoqIlq9Iangcik79wAmh4aAUpcykHgSSOiQKFVZlUifFqjN3KZBCljIMIvS_5AGtTrmz5Qp6JAd7IfxfQ851nzkzJktg8NfT52nrhOeK0ZYMiSeR8PXEftrbNWpy_QdOJ9STb9WuEoCaRMtVWVujzwu4q_frLhPqO70c0HQuIKA6bacCSzD3iG4GYbSkwYXMw4fEb5t2_Az_thQXiHUslbLlX3RYR0w"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjEwRC41NkU5LjM1OTUuMDI3MzoyMDc0MDA1Ny01MTViLTQzZTYtODAzZC02NTEzNTc0NjFjZmQ=
grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=386ede5f-d9eb-42f0-8a8b-cca1f162735e
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:28:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"access_token":"d58a852e-e6ec-4143-bc83-acb0fdf96fcf","token_type":"bearer","expires_in":299,"refresh_token":"128c75ae-c234-45f2-92ba-c68bb2e8fea4","scope":"address openid user_name profile email"}
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer d58a852e-e6ec-4143-bc83-acb0fdf96fcf
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:28:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"AdWOMp0l9h8ci3iZ32LRAcn0wtjpAtQMtd49i6XJZFU","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}
#######################################################
TEST: grantTypesRestriction
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org
{
"redirect_uris": [
"https://ce-dev4.gluu.org/oxauth-rp/home.htm",
"https://client.example.com/cb",
"https://client.example.com/cb1",
"https://client.example.com/cb2"
],
"response_types": ["token"],
"application_type": "web",
"client_name": "oxAuth test app",
"sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
"subject_type": "pairwise",
"post_logout_redirect_uris": ["https://client.example.com/pl"],
"frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
"scope": "openid profile address email user_name"
}
-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1370
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:28:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=315360