FailedConsole Output

Started by user Yuriy Movchan
Building on master in workspace /home/tomcat/.jenkins/jobs/oxAuth/workspace
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/GluuFederation/oxAuth # timeout=10
Fetching upstream changes from https://github.com/GluuFederation/oxAuth
 > git --version # timeout=10
 > git fetch --tags --progress https://github.com/GluuFederation/oxAuth +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/version_3.1.2.sp1^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/version_3.1.2.sp1^{commit} # timeout=10
Checking out Revision 1993d4a8ec053353c9fb95705fd662d82c362209 (refs/remotes/origin/version_3.1.2.sp1)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f 1993d4a8ec053353c9fb95705fd662d82c362209
Commit message: "Merge from 3.1.4: oxAuth #837 Different clients must receive a different sub value also when the sector identifier is the same"
 > git rev-list --no-walk 1993d4a8ec053353c9fb95705fd662d82c362209 # timeout=10
[workspace] $ /bin/bash /opt/tomcat/temp/jenkins2952842331187814200.sh
Cloning into 'oxHudsonProfiles'...
[workspace] $ /home/tomcat/.jenkins/tools/hudson.tasks.Maven_MavenInstallation/maven_3.3.9/bin/mvn -DVERSION_NAME=version_3.1.2.sp1 -DPROFILE_NAME=ce-dev4 -DDEVELOPMENT_BUILD=false -DMAVEN_SKIP_TESTS=false -Dpython.import.site=false -DPYTHON_HOME=/opt/jython -Dcfg=ce-dev4 -Dmaven.test.skip=false -Ddevelopment-build=false clean compile install findbugs:findbugs javadoc:javadoc site
[INFO] Scanning for projects...
[WARNING] 
[WARNING] Some problems were encountered while building the effective model for org.xdi:oxauth-rp:war:3.1.2.sp1
[WARNING] 'build.plugins.plugin.version' for org.mortbay.jetty:jetty-maven-plugin is missing. @ org.xdi:oxauth-rp:[unknown-version], /home/tomcat/.jenkins/jobs/oxAuth/workspace/RP/pom.xml, line 74, column 12
[WARNING] 
[WARNING] Some problems were encountered while building the effective model for org.xdi:oxauth-server:war:3.1.2.sp1
[WARNING] 'build.plugins.plugin.version' for org.codehaus.mojo:exec-maven-plugin is missing. @ org.xdi:oxauth-server:[unknown-version], /home/tomcat/.jenkins/jobs/oxAuth/workspace/Server/pom.xml, line 1075, column 14
[WARNING] 
[WARNING] It is highly recommended to fix these problems because they threaten the stability of your build.
[WARNING] 
[WARNING] For this reason, future Maven versions might no longer support building such malformed projects.
[WARNING] 
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO] 
[INFO] oxAuth
[INFO] oxAuth Model
[INFO] oxAuth Client
[INFO] oxauth-static
[INFO] oxAuth RP
[INFO] oxAuth RP Demo
[INFO] oxAuth Server
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth 3.1.2.sp1
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/target
[INFO] 
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth ---
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/pom.xml to /var/www/html/maven/org/xdi/oxauth/3.1.2.sp1/oxauth-3.1.2.sp1.pom
[INFO] 
[INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth ---
[INFO] 
[INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth >>>
[INFO] 
[INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth <<<
[INFO] 
[INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth ---
[INFO] 
[INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth ---
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth Model 3.1.2.sp1
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-model ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model ---
[INFO] Compiling 156 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/classes
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[144,36] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model ---
[INFO] Nothing to compile - all classes are up to date
[INFO] 
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 4 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-model ---
[INFO] Compiling 5 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/test-classes
[INFO] 
[INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-model ---

-------------------------------------------------------
 T E S T S
-------------------------------------------------------
Running TestSuite
CodeVerifier{codeVerifier='RVBNOrdMPFZjrvMybKPD2Vhff1-M~3uk19bI6ndZK28tUpH5DIIACSPwLodm6BJHg3obo4vzMazRRaVKXEtVlMg1gQ85Ws9lSDvI23kQKgPxlE8YaNONUbrIzGjoH84r', codeChallenge='RVBNOrdMPFZjrvMybKPD2Vhff1-M~3uk19bI6ndZK28tUpH5DIIACSPwLodm6BJHg3obo4vzMazRRaVKXEtVlMg1gQ85Ws9lSDvI23kQKgPxlE8YaNONUbrIzGjoH84r', transformationType=PLAIN}
CodeVerifier{codeVerifier='B7iuXnZAk55EnF5V2HEPjRPkHWafeUAhHUd8Fr.iSt.gqXbIJL~Rylq0a5dlculxvjXcZmAGJIGEKeVEOEsau_nhKJ8hqYik9~JjQ-ZTx7SSXog2TL7LvkqES5lXE0bH', codeChallenge='FlGE7q1T4ePqpRbsTKUgwYMo9IKf6Ga8oRL96uHcZDo', transformationType=S256}
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See http://www.slf4j.org/codes.html#StaticLoggerBinder for further details.
Hi there from Javascript, 
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging.
Tests run: 7, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 2.384 sec - in TestSuite

Results :

Tests run: 7, Failures: 0, Errors: 0, Skipped: 0

[INFO] 
[INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ oxauth-model ---
[INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar
[INFO] 
[INFO] --- maven-jar-plugin:2.4:test-jar (default) @ oxauth-model ---
[INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar
[INFO] 
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth-model ---
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar to /var/www/html/maven/org/xdi/oxauth-model/3.1.2.sp1/oxauth-model-3.1.2.sp1.jar
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/pom.xml to /var/www/html/maven/org/xdi/oxauth-model/3.1.2.sp1/oxauth-model-3.1.2.sp1.pom
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar to /var/www/html/maven/org/xdi/oxauth-model/3.1.2.sp1/oxauth-model-3.1.2.sp1-tests.jar
[INFO] 
[INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth-model ---
[INFO] Fork Value is true
     [java] Warnings generated: 51
[INFO] Done FindBugs Analysis....
[INFO] 
[INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth-model >>>
[INFO] 
[INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth-model <<<
[INFO] 
[INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth-model ---
[INFO] 
Loading source files for package org.xdi.oxauth.model.uma...
Loading source files for package org.xdi.oxauth.model.uma.wrapper...
Loading source files for package org.xdi.oxauth.model.uma.persistence...
Loading source files for package org.xdi.oxauth.model.jwt...
Loading source files for package org.xdi.oxauth.model.common...
Loading source files for package org.xdi.oxauth.model.jwk...
Loading source files for package org.xdi.oxauth.model.exception...
Loading source files for package org.xdi.oxauth.model.session...
Loading source files for package org.xdi.oxauth.model.fido.u2f...
Loading source files for package org.xdi.oxauth.model.fido.u2f.message...
Loading source files for package org.xdi.oxauth.model.fido.u2f.exception...
Loading source files for package org.xdi.oxauth.model.fido.u2f.protocol...
Loading source files for package org.xdi.oxauth.model.gluu...
Loading source files for package org.xdi.oxauth.model.register...
Loading source files for package org.xdi.oxauth.model.discovery...
Loading source files for package org.xdi.oxauth.model.jwe...
Loading source files for package org.xdi.oxauth.model.userinfo...
Loading source files for package org.xdi.oxauth.model.util...
Loading source files for package org.xdi.oxauth.model.authorize...
Loading source files for package org.xdi.oxauth.model.configuration...
Loading source files for package org.xdi.oxauth.model.error...
Loading source files for package org.xdi.oxauth.model.jws...
Loading source files for package org.xdi.oxauth.model.token...
Loading source files for package org.xdi.oxauth.model.crypto...
Loading source files for package org.xdi.oxauth.model.crypto.signature...
Loading source files for package org.xdi.oxauth.model.crypto.encryption...
Constructing Javadoc information...
Standard Doclet version 1.8.0_121
Building tree for all the packages and classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/ClaimTokenFormatType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogic.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNodeParser.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/PermissionTicket.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptIntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptProfiles.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RPTResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaMetadata.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermissionList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceWithId.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaTokenResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/Token.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/Jwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaims.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimSet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeader.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeaderName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtStateClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtSubClaimObject.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/PureJwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthenticationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthorizationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Display.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/GrantType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/HasParamName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Holder.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Id.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/JSONable.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/PairwiseIdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ProgrammingLanguage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Prompt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseMode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/SubjectType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/TokenType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/WebKeyStorage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKeySet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JWKParameter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/KeyType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/Use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidClaimException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJweException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJwtException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidParameterException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/SignatureException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/DeviceRegistrationStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawRegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/BadInputException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/RegistrationNotAllowed.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/ClientData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/DeviceData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/ApplicationType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/OAuth2Discovery.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerLink.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/Jwe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/KeyDerivationFunction.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/Schema.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/UserInfoErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Base64Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/JwtUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/LocaleUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Pair.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SecurityProviderUtility.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/StringUtils.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SubjectIdentifierGenerator.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/URLPatternList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.CodeChallengeMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AppConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/BaseFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ClientAuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/Configuration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ConfigurationResponseClaim.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/CorsConfigurationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/IErrorType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/AbstractJwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/ECDSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/HMACSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/JwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/PlainTextSignature.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/RSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/ClientAssertionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/JsonWebResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/TokenErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Certificate.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/CryptoProviderFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Key.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/KeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxAuthCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxElevenCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/AbstractSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECEllipticCurve.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithmFamily.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/Signer.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/BlockEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/KeyEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/constant-values.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/serialized-form.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogic.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNodeParser.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptIntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/PermissionTicket.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/ClaimTokenFormatType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceWithId.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptProfiles.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaTokenResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaMetadata.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaNeedInfoResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermissionList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RPTResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/class-use/Token.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/Jwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeader.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/PureJwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtStateClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimSet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtSubClaimObject.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaims.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeaderName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ProgrammingLanguage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/HasParamName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/GrantType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthorizationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/PairwiseIdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Holder.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/JSONable.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/TokenType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Id.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Prompt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseMode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/WebKeyStorage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Display.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/SubjectType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthenticationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKeySet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JWKParameter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/Use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/KeyType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidParameterException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/SignatureException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJwtException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJweException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidClaimException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/DeviceRegistrationStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawAuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawRegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/RegistrationNotAllowed.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/BadInputException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/DeviceData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/ClientData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/ApplicationType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/OAuth2Discovery.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerLink.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/KeyDerivationFunction.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/Jwe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/UserInfoErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/Schema.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/URLPatternList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Base64Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SecurityProviderUtility.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/LocaleUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/StringUtils.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SubjectIdentifierGenerator.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/JwtUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Pair.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.CodeChallengeMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/Configuration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/BaseFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AppConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/CorsConfigurationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ConfigurationResponseClaim.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ClientAuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/class-use/IErrorType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/RSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/HMACSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/AbstractJwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/PlainTextSignature.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/ECDSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/JwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/JsonWebResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/TokenErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/ClientAssertionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxElevenCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxAuthCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/AbstractCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Key.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/CryptoProviderFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Certificate.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/KeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithmFamily.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/Signer.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/AbstractSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECEllipticCurve.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/BlockEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/KeyEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-use.html...
Building index for all the packages and classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index-all.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/deprecated-list.html...
Building index for all classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-noframe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/help-doc.html...
12 warnings
[WARNING] Javadoc Warnings
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for clientId
[WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for claimsRedirectUri
[WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:44: warning: no @return
[WARNING] public JwtHeader setType(JwtType type) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:63: warning: no @return
[WARNING] public JwtHeader setAlgorithm(SignatureAlgorithm algorithm) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:77: warning: no @return
[WARNING] public JwtHeader setAlgorithm(KeyEncryptionAlgorithm algorithm) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:96: warning: no @return
[WARNING] public JwtHeader setKeyId(String keyId) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/common/ScopeType.java:30: warning: empty <p> tag
[WARNING] * <p>
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:37: warning: no @return
[WARNING] public byte getUserPresence() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:45: warning: no @return
[WARNING] public long getCounter() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:52: warning: no @return
[WARNING] public byte[] getSignature() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:210: warning: no description for @return
[WARNING] * @return
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:212: warning: no @throws for org.codehaus.jettison.json.JSONException
[WARNING] public static Map<String, String> jsonObjectArrayStringAsMap(String jsonString) throws JSONException {
[WARNING] ^
[INFO] 
[INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth-model ---
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth Client 3.1.2.sp1
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-client ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client ---
[INFO] Compiling 59 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/classes
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client ---
[INFO] Nothing to compile - all classes are up to date
[INFO] 
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 17 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-client ---
[INFO] Compiling 143 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/test-classes
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[47,35] X509CertImpl is internal proprietary API and may be removed in a future release
[INFO] 
[INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-client ---

-------------------------------------------------------
 T E S T S
-------------------------------------------------------
Running TestSuite
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging.
Invoked init test suite method 

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:45:52 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:45:52 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: applicationTypeNativeSubjectTypePairwise
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1344
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:45:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA18.B387.62C0.5686",
    "client_secret": "f3eeb804-ab8f-4b49-b1ab-cd36f023a185",
    "registration_access_token": "f9580973-7dc7-4ae8-af6f-fee045594c55",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA18.B387.62C0.5686",
    "client_id_issued_at": 1530816352,
    "client_secret_expires_at": 1530902752,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f9580973-7dc7-4ae8-af6f-fee045594c55

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1344
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:45:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA18.B387.62C0.5686",
    "client_secret": "f3eeb804-ab8f-4b49-b1ab-cd36f023a185",
    "registration_access_token": "f9580973-7dc7-4ae8-af6f-fee045594c55",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FA18.B387.62C0.5686",
    "client_id_issued_at": 1530816352,
    "client_secret_expires_at": 1530902752,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FA18.B387.62C0.5686&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2eae011c-60b6-4920-9b46-c0b41d5a7be7&nonce=9bb3f652-bc2c-435d-943b-39dda7276f04
14:46:15.799 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:18927844-3ebc-4340-9c5c-e149b11e8b33
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FA18.B387.62C0.5686&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2eae011c-60b6-4920-9b46-c0b41d5a7be7&nonce=9bb3f652-bc2c-435d-943b-39dda7276f04

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=f902512d-fbc7-4a62-8dad-a6d1303c9775&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGQTE4LkIzODcuNjJDMC41Njg2IiwiZXhwIjoxNTMwODE5OTU3LCJpYXQiOjE1MzA4MTYzNTcsIm5vbmNlIjoiOWJiM2Y2NTItYmMyYy00MzVkLTk0M2ItMzlkZGE3Mjc2ZjA0IiwiYXV0aF90aW1lIjoxNTMwODE2MzU2LCJjX2hhc2giOiJRMlFyOGRrbk9IMDQydzhXUWFUWGpRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiRUZ5dHZaOTZ6cWNPX3pzS29oMkFFc3NpSDZ5aWstOWkxWjZoZk9MREF3ZyJ9.Srt1hxTptBsF8sBJw94nXlMG_TDJmrPkhcCQ-utXuPbzJdI4C94LEvj0kBnP6zku0-IRm0CEDenR58lbJjIhBPuonHj4bz37LVlTO6DG6DlsJh1yCxNnGJJBO9qzCCAhmHU0vKb_6Uv70oVLHfT4Gz4s1hidRRnRxHIyU_XcjheTYnUHWThn4tpZAFTjfx3pIrh_mZjWO6Une9999Y2BgxxVDACDI9u07KB-gCkq0wItz7ZijG82Jm31YcH482cWYHkPZcDtSZhEWVmluFge2eUdmz3e4oxSUWC4-i2RDgwHZIzmuxnbIOAlRrRX-pyXnEjz8MAymr1O5SRE4w7UGg&session_id=3bf18956-5c2e-4f98-9935-6765fb4b2be3&state=2eae011c-60b6-4920-9b46-c0b41d5a7be7&session_state=18927844-3ebc-4340-9c5c-e149b11e8b33

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRkExOC5CMzg3LjYyQzAuNTY4NjpmM2VlYjgwNC1hYjhmLTRiNDktYjFhYi1jZDM2ZjAyM2ExODU=

grant_type=authorization_code&code=f902512d-fbc7-4a62-8dad-a6d1303c9775&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:45:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"2516497a-5492-428c-baf6-d9f2f0c7704a","token_type":"bearer","expires_in":299,"refresh_token":"d3fd72af-c1fb-4a9f-9a47-130c6813c88e","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGQTE4LkIzODcuNjJDMC41Njg2IiwiZXhwIjoxNTMwODE5OTU3LCJpYXQiOjE1MzA4MTYzNTcsIm5vbmNlIjoiOWJiM2Y2NTItYmMyYy00MzVkLTk0M2ItMzlkZGE3Mjc2ZjA0IiwiYXV0aF90aW1lIjoxNTMwODE2MzU2LCJhdF9oYXNoIjoiY21KcE12OHVKb3UxVmlRY1NVMDhWQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkVGeXR2Wjk2enFjT196c0tvaDJBRXNzaUg2eWlrLTlpMVo2aGZPTERBd2cifQ.Tfh-TzNNHAY-gcGVEsXsfpAuxmWcxB7NL0OUek4dYHekzjAW9oBNVBlmOXJjZ3RvFpXIeZ5XvmqHXX1ROQqWJl5XchmkbWuK7TKYJ7TaG3IO3-3QPikoYVjAAYvPBvJWFEH0bAVATWuORuL-Ce5HdRUG7TSmUOATjZf4dxjB8H9dATz_MM8Lg6piLd8arnB30tcPOm5QT0L5rJr3IfWTgg4Xyq9VufgK6nsANfxEUmhtCkJz4ytbgYFyF_Bbyb2miPF4J8ioyV-lXbjQqyWhR4faUi70QWN6aPvA7gjph0GQZTq8IFlQqj7GaTSToztTADuk7S5xT1g-WS72IrBrIw"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRkExOC5CMzg3LjYyQzAuNTY4NjpmM2VlYjgwNC1hYjhmLTRiNDktYjFhYi1jZDM2ZjAyM2ExODU=

grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=d3fd72af-c1fb-4a9f-9a47-130c6813c88e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:45:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"41063342-2e11-4d8a-8bb2-f9a4b39e5ba9","token_type":"bearer","expires_in":299,"refresh_token":"1e7d80a0-9f9c-45f3-aae6-b03ed7c30851","scope":"address openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 41063342-2e11-4d8a-8bb2-f9a4b39e5ba9

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:45:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"EFytvZ96zqcO_zsKoh2AEssiH6yik-9i1Z6hfOLDAwg","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: applicationTypeNativeSubjectTypePublic
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1209
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:45:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1F8.B404.9C4B.1376",
    "client_secret": "bc64b235-4e8e-4134-896b-3dd3fe251696",
    "registration_access_token": "454532eb-f623-49d6-9f52-dc7b5e4ddec1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1F8.B404.9C4B.1376",
    "client_id_issued_at": 1530816358,
    "client_secret_expires_at": 1530902758,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 454532eb-f623-49d6-9f52-dc7b5e4ddec1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1209
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:45:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1F8.B404.9C4B.1376",
    "client_secret": "bc64b235-4e8e-4134-896b-3dd3fe251696",
    "registration_access_token": "454532eb-f623-49d6-9f52-dc7b5e4ddec1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1F8.B404.9C4B.1376",
    "client_id_issued_at": 1530816358,
    "client_secret_expires_at": 1530902758,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A1F8.B404.9C4B.1376&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ffbb14c1-e68b-42bf-b270-2c3d83251567&nonce=ba90a695-189e-427c-b31f-64ae49f6f6df
14:46:19.784 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3e6bc143-cb25-4aa0-9448-60e2970bfffc
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A1F8.B404.9C4B.1376&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ffbb14c1-e68b-42bf-b270-2c3d83251567&nonce=ba90a695-189e-427c-b31f-64ae49f6f6df

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=ad5466e7-1ad4-415a-bd52-63370d153495&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMUY4LkI0MDQuOUM0Qi4xMzc2IiwiZXhwIjoxNTMwODE5OTYwLCJpYXQiOjE1MzA4MTYzNjAsIm5vbmNlIjoiYmE5MGE2OTUtMTg5ZS00MjdjLWIzMWYtNjRhZTQ5ZjZmNmRmIiwiYXV0aF90aW1lIjoxNTMwODE2MzYwLCJjX2hhc2giOiJ6UU9SSFZXNlp2RDBEcjlqZ1hwSmNBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDAhQjFGMy5BRUFFLkI3OTgifQ.Am4h-VsRn3W45FI97O5uymRvCX3Seq6KLlYetsMplhRWtJ6t7TCTjAUTM6YxJClf-zHqDEaocEZ6Z0jAyB_8m9T5cFPyS6TZp77MK9hHv0gGX_oT9zFByXe56IlCR18DZrrKPN9LETlccmX-5kMEqd-N-EfddFrbLBFblgo6L5Bs-xycd906OMBQX7hvnuN9ucqsx4pcATWzmXzCco4-juahcQ5ALjAdoqZBZ9rPWh2kAiLUFEmK_FDtr1Xch9Nhv62gACQOVu96rltKddSPoLaEf7Jht5kW1cYWyrYkHWuNxJGxYDlTyLzBVRQ6HC_if_IqZ7F5cXkdx4h0sZ41Ag&session_id=532ea73b-9461-47e0-b680-4a479671bbfc&state=ffbb14c1-e68b-42bf-b270-2c3d83251567&session_state=3e6bc143-cb25-4aa0-9448-60e2970bfffc

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTFGOC5CNDA0LjlDNEIuMTM3NjpiYzY0YjIzNS00ZThlLTQxMzQtODk2Yi0zZGQzZmUyNTE2OTY=

grant_type=authorization_code&code=ad5466e7-1ad4-415a-bd52-63370d153495&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1074
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"e70ed2af-e10d-4656-aecc-55e1731f8a0f","token_type":"bearer","expires_in":299,"refresh_token":"ce7b4550-4e58-435e-b39d-edf395317262","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMUY4LkI0MDQuOUM0Qi4xMzc2IiwiZXhwIjoxNTMwODE5OTYwLCJpYXQiOjE1MzA4MTYzNjAsIm5vbmNlIjoiYmE5MGE2OTUtMTg5ZS00MjdjLWIzMWYtNjRhZTQ5ZjZmNmRmIiwiYXV0aF90aW1lIjoxNTMwODE2MzYwLCJhdF9oYXNoIjoiT3lwVlRKUThQdjRuMjFjMGljNFJnUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkAhMzhENC40MTBDLjFENDMuODkzMiEwMDAxITM3RjIuQjc0NCEwMDAwIUIxRjMuQUVBRS5CNzk4In0.E9z4jmeOhrUqBFU1IX683IkG6EqhdqRWOt2-J8pEb756ytHNLoTGRCcEz_BseoxPuO0WJt-MgOJS0dgecehO8hGjw19WJFhfT1ouCshYL_5-E5VPittCCt950lb1sOcvJjHpqvDgL_A8mIoSZ6r4pZKoS4Pxme29Ac25g0s4G3w8j6fNwcOK2EPwFO7s2mMzjuVHSUf3eGG1d67j9V8g1qPSlxJkS9ilwXD-oc4-HxxZQSGGXkr6rYJ4xY9mRNJso-OxV342VuLyM8Dq8OUVdrgVAcpTAWuC9DGzajAWYx1YkR6JUXrHHA8agjWNElrw4rZZQdwO8HGpqnd-jjMlkQ"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTFGOC5CNDA0LjlDNEIuMTM3NjpiYzY0YjIzNS00ZThlLTQxMzQtODk2Yi0zZGQzZmUyNTE2OTY=

grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=ce7b4550-4e58-435e-b39d-edf395317262

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"a06cfe5a-cc0b-475b-ab11-da0dd34d6aea","token_type":"bearer","expires_in":299,"refresh_token":"ad5e7ea8-3f6d-4aa8-8ce2-8cca4339b0f0","scope":"address openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer a06cfe5a-cc0b-475b-ab11-da0dd34d6aea

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 647
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:46:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"@!38D4.410C.1D43.8932!0001!37F2.B744!0000!B1F3.AEAE.B798","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: applicationTypeWeb
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ED60.B734.A221.5356",
    "client_secret": "4eb47469-28b7-4332-a367-7c0a23270185",
    "registration_access_token": "c2947dde-ceec-4f4e-b900-96907eec885e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ED60.B734.A221.5356",
    "client_id_issued_at": 1530816360,
    "client_secret_expires_at": 1530902760,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer c2947dde-ceec-4f4e-b900-96907eec885e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ED60.B734.A221.5356",
    "client_secret": "4eb47469-28b7-4332-a367-7c0a23270185",
    "registration_access_token": "c2947dde-ceec-4f4e-b900-96907eec885e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ED60.B734.A221.5356",
    "client_id_issued_at": 1530816360,
    "client_secret_expires_at": 1530902760,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

#######################################################
TEST: applicationTypeWebFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": ["http://client.example.com/cb"],
    "application_type": "web",
    "client_name": "oxAuth test app"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 101
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:01 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_redirect_uri","error_description":"Value of one or more redirect_uris is invalid."}

#######################################################
TEST: omittedApplicationType
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5819.A48E.3052.66AD",
    "client_secret": "008e4355-760a-42f9-9fd9-5c90df7f79fb",
    "registration_access_token": "55830b5e-3841-428e-8b04-d0ef1ff5d355",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5819.A48E.3052.66AD",
    "client_id_issued_at": 1530816361,
    "client_secret_expires_at": 1530902761,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 55830b5e-3841-428e-8b04-d0ef1ff5d355

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5819.A48E.3052.66AD",
    "client_secret": "008e4355-760a-42f9-9fd9-5c90df7f79fb",
    "registration_access_token": "55830b5e-3841-428e-8b04-d0ef1ff5d355",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5819.A48E.3052.66AD",
    "client_id_issued_at": 1530816361,
    "client_secret_expires_at": 1530902761,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:46:01 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:01 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: authorizationCodeDynamicScopeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name org_name work_phone"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1361
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6999.8C5B.B50E.42D0",
    "client_secret": "2396817c-d560-4261-8998-94c5318f3de8",
    "registration_access_token": "5482f909-c9dd-44e1-9693-7d06d44fb02d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6999.8C5B.B50E.42D0",
    "client_id_issued_at": 1530816361,
    "client_secret_expires_at": 1530902761,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name org_name work_phone",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216999.8C5B.B50E.42D0&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0d7b1cf1-496b-4663-b2d6-7e401bdd3c01&nonce=70bdafe8-49bf-47bf-95e2-5ac01d61fa39
14:46:23.035 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f250807e-f51f-4e2c-b375-9394e9b38208
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216999.8C5B.B50E.42D0&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0d7b1cf1-496b-4663-b2d6-7e401bdd3c01&nonce=70bdafe8-49bf-47bf-95e2-5ac01d61fa39

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=39f40c6c-222d-4f1c-9a31-304deb38de22&scope=address+openid+user_name+profile+work_phone+org_name+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2OTk5LjhDNUIuQjUwRS40MkQwIiwiZXhwIjoxNTMwODE5OTYzLCJpYXQiOjE1MzA4MTYzNjMsIm5vbmNlIjoiNzBiZGFmZTgtNDliZi00N2JmLTk1ZTItNWFjMDFkNjFmYTM5IiwiYXV0aF90aW1lIjoxNTMwODE2MzYzLCJjX2hhc2giOiJOLXpLQ2VVTWN6UE9QT29hTHl5TThBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiZzR5VHptYnJBQVlvam1aQzNQRTZyYlZ5dnFkOWo1Rnh0SzhFb3NyQWpUMCJ9.Sadk0U1l81wJ9uoKIifLenisHtR_SP8xB5tefR34rhSAfCwBD5ls_PXg2v2duaRtM3KwAUkSG4HSMFVYers3hAEWYDHG8ykLgTEUNMT8QL7BYaId3TsIboBcmX8IRH-Vo-w6eIgEaRx21ekUi8isSCxYc89lHFYxbbgWH8RU-bqUY_EnppncbHvD9lKVrVwUnumKX05AtH29GzSf-etii-n1vUHkcwkqebXVLECP3Atl-LgxezqOFa6f7VzYPGqqCmo6hwL6S-Pqu0HqCaH7233gi5Ni1RZ4HdUEoZK4cL1hiQuMxB-eZt2Mx2eX7h45_ZAWUxiVArDCC2iUTewECQ&session_id=a7207996-67d3-44ae-b64e-d6fe1004ecd4&state=0d7b1cf1-496b-4663-b2d6-7e401bdd3c01&session_state=f250807e-f51f-4e2c-b375-9394e9b38208

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjk5OS44QzVCLkI1MEUuNDJEMDoyMzk2ODE3Yy1kNTYwLTQyNjEtODk5OC05NGM1MzE4ZjNkZTg=

grant_type=authorization_code&code=39f40c6c-222d-4f1c-9a31-304deb38de22&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"e7f4599e-e410-405a-93c2-b59d1509b944","token_type":"bearer","expires_in":299,"refresh_token":"91525f5e-aa5f-4f2f-8ec1-e4eca9d0237b","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2OTk5LjhDNUIuQjUwRS40MkQwIiwiZXhwIjoxNTMwODE5OTYzLCJpYXQiOjE1MzA4MTYzNjMsIm5vbmNlIjoiNzBiZGFmZTgtNDliZi00N2JmLTk1ZTItNWFjMDFkNjFmYTM5IiwiYXV0aF90aW1lIjoxNTMwODE2MzYzLCJhdF9oYXNoIjoiRC03bk96Z3pxaDl4dVVKUURYYmRxdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Imc0eVR6bWJyQUFZb2ptWkMzUEU2cmJWeXZxZDlqNUZ4dEs4RW9zckFqVDAifQ.e2xa9NQilZI3N9bj6wCwUiN35cjyz7fmMqCYKKFezQ63pKUYeVsthBhmOIvKtUeFTMQEs1-KAPXRgAqhyCb6o7ADHjhZjROQGg_UrF3HWV_lxzrNdgLlsXo2D1gFoeAE1L-QJ8as6vAvy_VDo8r3PdenmRhlskAH0Y0UGxPUxHtpWHwf6SN1AWVeZ0zi_wH1MV8KY9qBNgTNqqN0vpky6bQdvipcYN_totc4EeS9McuVK8psvDKafQ9DiSY2m8T7wxqySlgN7Awe5j_Wy5NnmcRVQb0HNFklKiyeABvecuIXhjk1a8ONMXV3XCtIi3acfhMk8IIVSnEhyHWtyxEIKQ"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer e7f4599e-e410-405a-93c2-b59d1509b944

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 690
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:46:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"g4yTzmbrAAYojmZC3PE6rbVyvqd9j5FxtK8EosrAjT0","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org","org_name":"Gluu, Inc.","work_phone":["(512) 516-2413"]}

#######################################################
TEST: authorizationCodeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email phone user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1347
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D11F.657D.2CB6.EB78",
    "client_secret": "e94a3ecd-8728-4aaa-989a-c529f2fdd864",
    "registration_access_token": "f1c275b6-b7a6-4c7f-86d2-aab47bc1eb7a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D11F.657D.2CB6.EB78",
    "client_id_issued_at": 1530816363,
    "client_secret_expires_at": 1530902763,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email phone user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D11F.657D.2CB6.EB78&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a3325b1e-e575-4751-9ba0-5ad6d3a2170c&nonce=388d894a-87b6-4aee-9372-51eea81cbe72
14:46:25.457 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:82b9055d-c343-4473-be70-cdc41484ec5e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D11F.657D.2CB6.EB78&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a3325b1e-e575-4751-9ba0-5ad6d3a2170c&nonce=388d894a-87b6-4aee-9372-51eea81cbe72

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=8a2be0a3-255f-4f0a-a61e-ce6869b9ffcb&scope=address+phone+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMTFGLjY1N0QuMkNCNi5FQjc4IiwiZXhwIjoxNTMwODE5OTY1LCJpYXQiOjE1MzA4MTYzNjUsIm5vbmNlIjoiMzg4ZDg5NGEtODdiNi00YWVlLTkzNzItNTFlZWE4MWNiZTcyIiwiYXV0aF90aW1lIjoxNTMwODE2MzY1LCJjX2hhc2giOiI0elY0V0ZVTE0zNHRVNTJFeHJxN0RBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoibkZuNzExbmxFQVJudGRNYzZiRmpqVzY0ZF9DdHRZR2d4RFBsRi1OQmx3RSJ9.FEX1E24qnmd31VGT1zxl0SsiehPa821KtHMzQo8fu8vmjsny9Y_U5pZ-HqgG-FWTzIsHaFqjdS1IT_Sha0ReoeOJ4XkpyqKIax3MMhs3giGMyOOsSWWhF8eVwNHHS-LeNX47Zp_Ym0654BAH_Gz3DFujfBeOLDRJVkUuO5PfNk6q-dMLKfsB7HstaXAjcGzerJylPKtl4tZJedA_tIVzlmbLEOoFOKkHUJK6Kch61B40tAU3r2rCxVZsT2GJze3khHc7Fzsn-3zxele9n9jEY0sAnlf_eOHKWnmEMjJ8uGuOvpoRmIrXF1il2E8RfoJcMdMp9wp9S8RaRHRTecjM1w&session_id=e405ec0b-6f9f-415e-ab37-55e400ca99cf&state=a3325b1e-e575-4751-9ba0-5ad6d3a2170c&session_state=82b9055d-c343-4473-be70-cdc41484ec5e

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDExRi42NTdELjJDQjYuRUI3ODplOTRhM2VjZC04NzI4LTRhYWEtOTg5YS1jNTI5ZjJmZGQ4NjQ=

grant_type=authorization_code&code=8a2be0a3-255f-4f0a-a61e-ce6869b9ffcb&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"fb42a286-6a86-4dae-a5fd-b2be9dd32924","token_type":"bearer","expires_in":299,"refresh_token":"1b5b3a5d-89c7-4c4b-a9e7-3ce3f7183e32","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMTFGLjY1N0QuMkNCNi5FQjc4IiwiZXhwIjoxNTMwODE5OTY1LCJpYXQiOjE1MzA4MTYzNjUsIm5vbmNlIjoiMzg4ZDg5NGEtODdiNi00YWVlLTkzNzItNTFlZWE4MWNiZTcyIiwiYXV0aF90aW1lIjoxNTMwODE2MzY1LCJhdF9oYXNoIjoiUF9fcHExbTVnaUhWdUVvZUs1U0dsQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Im5GbjcxMW5sRUFSbnRkTWM2YkZqalc2NGRfQ3R0WUdneERQbEYtTkJsd0UifQ.czcfvkSfenRVuZHgr-I7QDTSYOZPgcmy4mpH0b7ULKW16X3qfjObpY_qmIbFxeF-OkadWjOzq_ETCTossW1k5f7KlESo4n9omWW1htrIZbBdKZHWAuFEtSbcQ48ixB9BvTvl_ug0q4oeA-1aNnhnVsAMaKUc35PpwWj_GGAqoPDJ3bfQS6agAQc31V1nBqbbMyabNjEHiH0a6PsKQisAAmEX-s6yBD9iYHTV5-OYjsEZ1l8XuScZb-r6ALgCWU5Z8PfyMi-qL3gauIwmw8s8qQ-pMJY5cPZF7fqe7XFCd-lVCBgOMbwooASo_nn3kNGmP77dB-rV9Ezq_3Ez3DyRQQ"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDExRi42NTdELjJDQjYuRUI3ODplOTRhM2VjZC04NzI4LTRhYWEtOTg5YS1jNTI5ZjJmZGQ4NjQ=

grant_type=refresh_token&scope=address+phone+openid+user_name+profile+email&refresh_token=1b5b3a5d-89c7-4c4b-a9e7-3ce3f7183e32

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 204
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"9ed1bc8c-d965-4f69-96b6-40b796e73127","token_type":"bearer","expires_in":299,"refresh_token":"8748a439-c841-47ab-9f5b-f07b5732af4f","scope":"address phone openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 9ed1bc8c-d965-4f69-96b6-40b796e73127

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 695
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:46:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"nFn711nlEARntdMc6bFjjW64d_CttYGgxDPlF-NBlwE","phone_number_verified":true,"phone_number":"(512) 516-2413","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: authorizationCodeFlowLoginHint
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1341
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EDAC.6DDE.538F.FC89",
    "client_secret": "98212897-47cf-4060-ae7b-dc6bdcb158ff",
    "registration_access_token": "3accbc91-f139-4f87-bd99-7b2f02079ccb",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EDAC.6DDE.538F.FC89",
    "client_id_issued_at": 1530816366,
    "client_secret_expires_at": 1530902766,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EDAC.6DDE.538F.FC89&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e51f463a-feee-40ce-9cbc-07a710cba8ab&nonce=75efe6c1-f225-4992-9990-f4a16095d586&login_hint=test_user
14:46:27.533 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:cc4e6342-7991-476d-9740-a74865a44e6d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EDAC.6DDE.538F.FC89&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e51f463a-feee-40ce-9cbc-07a710cba8ab&nonce=75efe6c1-f225-4992-9990-f4a16095d586&login_hint=test_user

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=70e0edfa-9546-4d1f-b7ef-60a082e068ca&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFREFDLjZEREUuNTM4Ri5GQzg5IiwiZXhwIjoxNTMwODE5OTY3LCJpYXQiOjE1MzA4MTYzNjcsIm5vbmNlIjoiNzVlZmU2YzEtZjIyNS00OTkyLTk5OTAtZjRhMTYwOTVkNTg2IiwiYXV0aF90aW1lIjoxNTMwODE2MzY3LCJjX2hhc2giOiI4SERuZndfVk9QNGJaUFYtUTZEVXp3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiZWsxNXpZazVWQ2l4UEkwZnh1dVZEU0tGWlN6b1JIdTlsSGxoZmM1TlpXdyJ9.fuykPUe6faEnej10KTcTdbkQ_wOWuR2jOVs4JhZiX36s_NG2SR6mfsZPpPq4Us1SsNtF4J94afw7TQCpXzgNO-ICkdD130alR1i8oO2MDqP3OzGdoWgDiXWRCTv9gtvjPozRB7fxUe71D4l1hOn4bfDQwK4yst6AZt1bR0A_7WYXbn-m6dZeHskLwW1Wy92o4UaetDtdxA7Iaw9V0PMOLRIKk2F66RuOYqOKOXcfJhc6wXsJPqL_T38vFJQadZ2EGD8luwtSlRp9W0nR7gxZBQ3FeIx_O1ZNR2R-LTNoYqrdH0-RN8KggD639FeCIDxLER9M_xxjwtPQe8FdIsEjNA&session_id=c35830c6-8b9e-4e26-9a9d-ab7155876f41&state=e51f463a-feee-40ce-9cbc-07a710cba8ab&session_state=cc4e6342-7991-476d-9740-a74865a44e6d

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRURBQy42RERFLjUzOEYuRkM4OTo5ODIxMjg5Ny00N2NmLTQwNjAtYWU3Yi1kYzZiZGNiMTU4ZmY=

grant_type=authorization_code&code=70e0edfa-9546-4d1f-b7ef-60a082e068ca&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"849b6ff0-e706-4a3e-abf9-7357fddfb1dd","token_type":"bearer","expires_in":299,"refresh_token":"04eb967a-a4d8-4a74-b43b-b134e9bc1fda","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFREFDLjZEREUuNTM4Ri5GQzg5IiwiZXhwIjoxNTMwODE5OTY3LCJpYXQiOjE1MzA4MTYzNjcsIm5vbmNlIjoiNzVlZmU2YzEtZjIyNS00OTkyLTk5OTAtZjRhMTYwOTVkNTg2IiwiYXV0aF90aW1lIjoxNTMwODE2MzY3LCJhdF9oYXNoIjoiXzFaN01HeVRJX2Z5X3BINVNwTWtSUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImVrMTV6WWs1VkNpeFBJMGZ4dXVWRFNLRlpTem9SSHU5bEhsaGZjNU5aV3cifQ.GYSBTzFUE42GxR_Zxh7OCyefnH_n4mE2-_q28iRp7L01Szin1Db0n7U7urP2MgPp2E-IW0rE7qLo7ejEybKnG5TGg66TetRZJBox3kKU8iUX_HSJxkBkkTLtDjApWloRJTDlFBt-aYf5Jfrm3ozHCpd675TICx7cOqQOxmzpdij2oKrNPMvpp9ach_Uu6y_OsYsfGyspRbNOA1Jcf3hyUUQTT0rpo_i1AHoFNE9xwjrn2T-DyfHVu-jcFrHElQALnM5INBYlhEHTvx3EPhwmKAsuZK94gMweY0yvkfSoo3ltTafB5ZwubAZzF_ntSPzvXb0nF-4hvpZbgD4v0fzLzQ"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRURBQy42RERFLjUzOEYuRkM4OTo5ODIxMjg5Ny00N2NmLTQwNjAtYWU3Yi1kYzZiZGNiMTU4ZmY=

grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=04eb967a-a4d8-4a74-b43b-b134e9bc1fda

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"f7439616-ee07-41a4-a455-648dbd18f4c3","token_type":"bearer","expires_in":299,"refresh_token":"2a602f4e-1c2a-4311-a36d-0e4b7b74b3b3","scope":"address openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f7439616-ee07-41a4-a455-648dbd18f4c3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:46:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"ek15zYk5VCixPI0fxuuVDSKFZSzoRHu9lHlhfc5NZWw","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: authorizationCodeFlowWithOptionalNonce
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0CB5.5597.4B0B.535A",
    "client_secret": "0dd78c76-096a-4f3b-9557-cafeb39266b8",
    "registration_access_token": "d9c6fb3e-88cf-4d13-a2fe-4fb97ce9a84d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0CB5.5597.4B0B.535A",
    "client_id_issued_at": 1530816367,
    "client_secret_expires_at": 1530902767,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210CB5.5597.4B0B.535A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9d336bf1-e404-4364-9049-47c7050687f5&nonce=713ef999-6438-4a73-a9b8-4a44e64cb85e
14:46:29.431 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:65006a95-ba45-4f26-bd1d-c0dbbd789248
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210CB5.5597.4B0B.535A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9d336bf1-e404-4364-9049-47c7050687f5&nonce=713ef999-6438-4a73-a9b8-4a44e64cb85e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=b57397e8-ded4-4c67-bd35-1aba8cd9d029&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwQ0I1LjU1OTcuNEIwQi41MzVBIiwiZXhwIjoxNTMwODE5OTY5LCJpYXQiOjE1MzA4MTYzNjksIm5vbmNlIjoiNzEzZWY5OTktNjQzOC00YTczLWE5YjgtNGE0NGU2NGNiODVlIiwiYXV0aF90aW1lIjoxNTMwODE2MzY5LCJjX2hhc2giOiJyYlVSNUpYRm5xMTFSdkxibEd1S0dBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiUnV3SmpXb05nMTNBRTdIc1FhZmdva1dOZDNqSTBsb1pZdmZwWncwcVJLMCJ9.QMBDzXJ4YYIejmjzpuk6jLLlJ3nBTiNA1v4U3lzSv-HZ0aEX_qpGwrhAsYuua7S7ewu02aEtQarx0Dns0qFM1gHNCnc9s7dOzAO8wr1o7bdHcF25qCRJOl6Hzz1gcUbhVrDIfUlUHu9589gvZI9Fn4zlvUdJIs6INtobjcJWnt4fDDIWB784hwsnZtdtUIvhZ7Q79GHFR1FDh_9EDN28ATifpw9zreRUblitZQnh2KadBaAFdaoiNrzghQcTWNuiTh7hlRbAqdlenEQELnIhhfCxRRSMNmDsT2Bv86gIj0C1Bx6eJGAByQFjfaBlrq9k5PNbzh6UMzrrMxpfEplJfQ&session_id=599d7f4f-5bcb-4dbb-a09b-78806f839fdb&state=9d336bf1-e404-4364-9049-47c7050687f5&session_state=65006a95-ba45-4f26-bd1d-c0dbbd789248

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMENCNS41NTk3LjRCMEIuNTM1QTowZGQ3OGM3Ni0wOTZhLTRmM2ItOTU1Ny1jYWZlYjM5MjY2Yjg=

grant_type=authorization_code&code=b57397e8-ded4-4c67-bd35-1aba8cd9d029&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"553a2576-b123-4206-b2cc-80c1f2d95411","token_type":"bearer","expires_in":299,"refresh_token":"0798b3ce-5ff2-4f67-80be-f74fa1b1281f","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwQ0I1LjU1OTcuNEIwQi41MzVBIiwiZXhwIjoxNTMwODE5OTY5LCJpYXQiOjE1MzA4MTYzNjksIm5vbmNlIjoiNzEzZWY5OTktNjQzOC00YTczLWE5YjgtNGE0NGU2NGNiODVlIiwiYXV0aF90aW1lIjoxNTMwODE2MzY5LCJhdF9oYXNoIjoiZUdpWnlGaUhWbWw1MFFMUF9jQ3lHUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlJ1d0pqV29OZzEzQUU3SHNRYWZnb2tXTmQzakkwbG9aWXZmcFp3MHFSSzAifQ.INOh13CClw_IAD4Lp67SNAfxvfxpnVt4cDzC3olzFE5rjCjVOXC5OJNeempTXqihOlcDhyUiQLWd_wSX9Td_-_N4n5Bev0pHq0qyJ7oK5AJMZzWQNhVkSHPuRLlVzdm2rVTfILG1075nGTFQ-a8TGkCJYWBuUw-T7_3acdjKE4hqlnHW7mLhge_O9_3jwlKxc-HV96DvGIiSxqBssEFPXcvW3jnGkkWw2ocByuaHsuxbEW0JxBycM6aq85ncPspIkgzLi6wp1l_naHKfKaJ3rSaByhi66iWBzVcZqSvc1mbjBCGTR9gSZEPUNv_OX0PswrtcsNk8mqLcGuR8ytx4Jg"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMENCNS41NTk3LjRCMEIuNTM1QTowZGQ3OGM3Ni0wOTZhLTRmM2ItOTU1Ny1jYWZlYjM5MjY2Yjg=

grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=0798b3ce-5ff2-4f67-80be-f74fa1b1281f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 188
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"36caeac0-972a-4fb3-81a5-bfe03d81ce0e","token_type":"bearer","expires_in":299,"refresh_token":"903883df-283e-46b2-9365-52d1b11454d3","scope":"address openid profile email"}

#######################################################
TEST: authorizationCodeWithNotAllowedScopeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1341
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CFC8.1E59.4F6B.A8A0",
    "client_secret": "ef36ea21-4c25-4121-9c92-8472146804cc",
    "registration_access_token": "a0d756e5-4cd5-4054-b312-88a8aa5a3a6c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CFC8.1E59.4F6B.A8A0",
    "client_id_issued_at": 1530816370,
    "client_secret_expires_at": 1530902770,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CFC8.1E59.4F6B.A8A0&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=438813a9-c108-40cf-a32e-564928c4ff39&nonce=88a288bc-1689-46f5-ad3f-497d1816676e
14:46:31.488 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:cd43b6aa-7a6d-4b3f-9d52-f95f92473a64
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CFC8.1E59.4F6B.A8A0&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=438813a9-c108-40cf-a32e-564928c4ff39&nonce=88a288bc-1689-46f5-ad3f-497d1816676e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=5eec448a-b351-41b9-b4e3-0dd4722102fc&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDRkM4LjFFNTkuNEY2Qi5BOEEwIiwiZXhwIjoxNTMwODE5OTcxLCJpYXQiOjE1MzA4MTYzNzEsIm5vbmNlIjoiODhhMjg4YmMtMTY4OS00NmY1LWFkM2YtNDk3ZDE4MTY2NzZlIiwiYXV0aF90aW1lIjoxNTMwODE2MzcxLCJjX2hhc2giOiJranlaM2xVOXVLWnBlaUpNOGRwQmRBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoia2Q5XzR5OUQwMU94Y2VvMGhFeG9SN3lOaVhZTkNoeG5CWGZfQnFaZTJQUSJ9.lRe19ReoaUqXYbUb2JxD76uJElhabEUsoP48w7872orRnVYi1WP8GRrVezk8_h8ufIcP0BtUETmMYflcbWUyNBANposUfCrwqcB8_5qP1Oj2Wxz9nKcsMuQzfzWGowdmfmzRyNWzGjaRgz1cDFaap8-SwLUlxmpzJN_UPRUsAVx6djb0FmDMO1-tIqfIJJz3G1bIjFYAS74Ks3kgWgrZwmrd7x_n8jMm9oyvXvzJ8x7acqs18T4nbmrZ-jADtcHkFRbTtFm7WTB0XJttAHBu2x5UlVHR2Zg0vB81scmBbahmmbweLMT1ZAIcbxmcdHFVw2sKwlH1u99aADFCNmkhbw&session_id=82027d23-99c7-41f5-92f4-df2329590842&state=438813a9-c108-40cf-a32e-564928c4ff39&session_state=cd43b6aa-7a6d-4b3f-9d52-f95f92473a64

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQ0ZDOC4xRTU5LjRGNkIuQThBMDplZjM2ZWEyMS00YzI1LTQxMjEtOWM5Mi04NDcyMTQ2ODA0Y2M=

grant_type=authorization_code&code=5eec448a-b351-41b9-b4e3-0dd4722102fc&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"1f5c80cc-9c9d-4b24-836a-9cb09335628c","token_type":"bearer","expires_in":299,"refresh_token":"143163cd-9752-4f92-8b92-d79346095d36","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDRkM4LjFFNTkuNEY2Qi5BOEEwIiwiZXhwIjoxNTMwODE5OTcxLCJpYXQiOjE1MzA4MTYzNzEsIm5vbmNlIjoiODhhMjg4YmMtMTY4OS00NmY1LWFkM2YtNDk3ZDE4MTY2NzZlIiwiYXV0aF90aW1lIjoxNTMwODE2MzcxLCJhdF9oYXNoIjoiclJWQllmdVowSDBsSGtzMDlHdExnUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImtkOV80eTlEMDFPeGNlbzBoRXhvUjd5TmlYWU5DaHhuQlhmX0JxWmUyUFEifQ.g33xkDQT60BBriFj-GnFfP-OQ12qS0VMzoslQ3TS2GydU9tipjibes-df-VYnyfIRWiodqlTx_gz5TEYd96Cb54MH0efGysdnHEmOcm0BoqC_CxPl-YAEEPlwj4-grnwjs2m-l5JFpCeISwoI0TPBHjchPPMzlwVoRCjsggOlT-ul5djCHMByWPqc-G9-m--296evirgXF988P0grNS3BLIEjSaYjTpPn6cZ9XdyHTF1ogfsFOvCSXdzKZ709gHVmNW34nAjZwasDRnlmzMSu0pt4Wtb2DtydF3HRJSitEq0BfZgmnLPGVXM-C9XFMX5maXXfWeZzN9jYMyyD9c9jQ"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 1f5c80cc-9c9d-4b24-836a-9cb09335628c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Thu, 05 Jul 2018 18:46:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"kd9_4y9D01Oxceo0hExoR7yNiXYNChxnBXf_BqZe2PQ","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: revokeTokens
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A3B.8707.B27A.EF54",
    "client_secret": "36f82f93-942d-40d0-ab2d-e4ff6a3843c5",
    "registration_access_token": "4975f189-8b96-4159-a617-b2796696dbb8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A3B.8707.B27A.EF54",
    "client_id_issued_at": 1530816371,
    "client_secret_expires_at": 1530902771,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 4975f189-8b96-4159-a617-b2796696dbb8

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A3B.8707.B27A.EF54",
    "client_secret": "36f82f93-942d-40d0-ab2d-e4ff6a3843c5",
    "registration_access_token": "4975f189-8b96-4159-a617-b2796696dbb8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A3B.8707.B27A.EF54",
    "client_id_issued_at": 1530816371,
    "client_secret_expires_at": 1530902771,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213A3B.8707.B27A.EF54&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b1ace137-c569-499b-8a4b-f83368fc3beb&nonce=5839442e-a0ea-4fea-9ec2-16911b91b826
14:46:33.147 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:bdd11645-58ce-436f-899a-15ce76bef611
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213A3B.8707.B27A.EF54&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b1ace137-c569-499b-8a4b-f83368fc3beb&nonce=5839442e-a0ea-4fea-9ec2-16911b91b826

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=2caf82ad-8b08-47da-8df9-36f65f6a1af9&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzQTNCLjg3MDcuQjI3QS5FRjU0IiwiZXhwIjoxNTMwODE5OTczLCJpYXQiOjE1MzA4MTYzNzMsIm5vbmNlIjoiNTgzOTQ0MmUtYTBlYS00ZmVhLTllYzItMTY5MTFiOTFiODI2IiwiYXV0aF90aW1lIjoxNTMwODE2MzcyLCJjX2hhc2giOiJPemEtd1hHVWVVS3NfRmowUTBHc21nIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoicnJIQmFUYnB1TlVSNnl1U215UE56TGI0aWhNSko2Rmc5bXUteXhvSExrWSJ9.JWZkFkl6yjxAOorDfuVmcEdnlLk27N8-9MQ7Xeq0mrsWVRMvmNFIPxTthgAcIPb8GvPoKpzfv84WwnfhYgogcaqDihZgMswE9viKD2wO_wWrEhKQwRR0elo0LSwO701OnjMOBJrv-Nnib-dLOERpR6NMeKejL3MV2RPKN3-LE4xCtR5Z4FxOHFz5xduLDZyrKFqbcWsKZ3UDEY_DkThojvjK0o_2gM3beKcFoKStK2LKtW18doAj3_qbJVsR7qtpQu7LQXRDTs8z7GSbWwoyPMs7p6WQfuf-4KVRcsjxdI5STgdy_7eF59i3fCVDYOi8Vs0XurKldR5OKIdepzNd_g&session_id=af7304f6-b13d-41e7-baa9-b6337fa328e3&state=b1ace137-c569-499b-8a4b-f83368fc3beb&session_state=bdd11645-58ce-436f-899a-15ce76bef611

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghM0EzQi44NzA3LkIyN0EuRUY1NDozNmY4MmY5My05NDJkLTQwZDAtYWIyZC1lNGZmNmEzODQzYzU=

grant_type=authorization_code&code=2caf82ad-8b08-47da-8df9-36f65f6a1af9&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"4cb51d7d-d703-42d4-96a6-5d0f3e0c5b07","token_type":"bearer","expires_in":299,"refresh_token":"30bb53c0-ef47-4dee-854b-d895b62fd9e3","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzQTNCLjg3MDcuQjI3QS5FRjU0IiwiZXhwIjoxNTMwODE5OTczLCJpYXQiOjE1MzA4MTYzNzMsIm5vbmNlIjoiNTgzOTQ0MmUtYTBlYS00ZmVhLTllYzItMTY5MTFiOTFiODI2IiwiYXV0aF90aW1lIjoxNTMwODE2MzcyLCJhdF9oYXNoIjoiYnBzNGxtelBzcjl1RnYxWkNobXcyZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InJySEJhVGJwdU5VUjZ5dVNteVBOekxiNGloTUpKNkZnOW11LXl4b0hMa1kifQ.nCp_gG-lFWrjNA7GRz_4G4g8HmA2i022F_xrjfZUghZLcaqnnXOfuUrv2Dn6TJfBZIibZbFEemy9adS8NATSIqAVZ1wNtuqRmc85xM0FZsFR3kHqbmWhVXhLDwbHm2Dd3fjIE8m2O1w-c_m_LeehXXnuuRUNhr20m7ODKSzCfB_W7Yz3XwRakzVB66yrOXN2O68bS9hE4i4WdlnMiWT5e-bke6AV4wIzh3dNWwZ_vOoK9FLll5cTt8-xSoGolFseC5usjml8s-x68HZv7A1ZK3uhzy4e6ZZlKrX0bD7wt0IdIU0Pk0qvrWH9WkyPJp0TbgEhxmhI8fWmPN-ZfJdIPA"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghM0EzQi44NzA3LkIyN0EuRUY1NDozNmY4MmY5My05NDJkLTQwZDAtYWIyZC1lNGZmNmEzODQzYzU=

grant_type=authorization_code&code=2caf82ad-8b08-47da-8df9-36f65f6a1af9&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 213
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:13 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghM0EzQi44NzA3LkIyN0EuRUY1NDozNmY4MmY5My05NDJkLTQwZDAtYWIyZC1lNGZmNmEzODQzYzU=

grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=30bb53c0-ef47-4dee-854b-d895b62fd9e3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 213
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 4cb51d7d-d703-42d4-96a6-5d0f3e0c5b07

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 203
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:13 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:46:13 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:13 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6327.9A87.B6F0.0B02",
    "client_secret": "3653556e-e6fa-43e2-b33d-ad0b0b858a1a",
    "registration_access_token": "60ebd35a-5109-48c9-ba6c-d6d7c0edb097",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6327.9A87.B6F0.0B02",
    "client_id_issued_at": 1530816373,
    "client_secret_expires_at": 1530902773,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216327.9A87.B6F0.0B02&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=42847611-0f34-473f-8216-f7d798959c8d&nonce=204e4431-8404-454f-8dd5-c57dbaa17b31&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:46:13 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=e9e8ffd0-d5b0-4acc-9578-c0f18416f13e&scope=address+openid+profile+email&session_id=fb45b9d6-377e-44af-bd9d-1809a5e196c8&state=42847611-0f34-473f-8216-f7d798959c8d&session_state=538ef548-f0c3-4085-be0a-20445beac171
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BA6D.6E09.961B.5401",
    "client_secret": "c196f21e-600e-4f30-8c96-118c1fd00b70",
    "registration_access_token": "64786369-52ee-4062-b442-d06af3d0c8f9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BA6D.6E09.961B.5401",
    "client_id_issued_at": 1530816373,
    "client_secret_expires_at": 1530902773,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BA6D.6E09.961B.5401&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3adba3f4-895c-4ced-b25f-91a786073445&nonce=3bcd91ea-c26e-4dd6-b64b-3e4b2c5209c5&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:46:13 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=86db8f60-c976-4864-948c-ee74dfda84fb&scope=address+openid+profile+email&session_id=1ed70848-836c-426c-bbb9-a66148e3be8a&state=3adba3f4-895c-4ced-b25f-91a786073445&token_type=bearer&session_state=25f06b98-2ad3-4e1c-9b78-44d330e1fba5&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!459F.F00B.E163.C97F",
    "client_secret": "2518a80e-2ee7-4dc4-813a-5a8554364b68",
    "registration_access_token": "a3b79839-2745-4e58-a803-342418e7dbc3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!459F.F00B.E163.C97F",
    "client_id_issued_at": 1530816374,
    "client_secret_expires_at": 1530902774,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21459F.F00B.E163.C97F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=61d7b2c1-96f5-431e-9988-122216d31a56&nonce=f2d26525-869c-4d19-965a-ac616013a6de&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:46:14 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0NTlGLkYwMEIuRTE2My5DOTdGIiwiZXhwIjoxNTMwODE5OTc0LCJpYXQiOjE1MzA4MTYzNzQsIm5vbmNlIjoiZjJkMjY1MjUtODY5Yy00ZDE5LTk2NWEtYWM2MTYwMTNhNmRlIiwiYXV0aF90aW1lIjoxNTMwODE2Mzc0LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJZd19zSmtFY0w2RXJNM19ZcHlvUUZNeFI0WUNqVWs3bzNpeVlIOUZaaXB3In0.rvvGqAxMVTcvjLbp5bnzurVXq_soA8-LHq8ed91MKkV89Jy6xpXHo3vsbuuTwcPRaNAHG3A-sXfMmhsTvYPHHGPWPXoNW4Baz6tJKROYc4qmVneeEJylZRshMzl9FKh8iaZ-yt2xTdPPgzJUhmZC-jEoWee-9uSRsj40P088Su80FH7vBBZxHBZu6oWGjESu1hyoVuNJSSLKrRskLruxHn278vUXzF-TLxoq7BNLcdZ7IhpyklCL3t2aQCchmlGyQaFSVP-VqLeU2JnhkxBxbR9VgbN8Jy9zgTQUnUoxsgi1489zxy9gh9a_91BUiRfSf3eYjcqCNt4LkWjuFN5b6A&session_id=e5c6fc01-64cd-4c2f-9d7e-2a6ec74d7e53&state=61d7b2c1-96f5-431e-9988-122216d31a56&session_state=44ee5b1a-2e76-4a75-ae97-280ef0f81133
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6D3A.37C5.E6DB.C01D",
    "client_secret": "ace33fa1-8f79-4de4-8b43-e8aa098d2eec",
    "registration_access_token": "63435af3-45d9-4214-9b6c-bf2f1cb7c60e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6D3A.37C5.E6DB.C01D",
    "client_id_issued_at": 1530816374,
    "client_secret_expires_at": 1530902774,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216D3A.37C5.E6DB.C01D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=45f07f56-6c54-499f-b148-f6d7a9d2a51a&nonce=a3718a6d-026d-4760-9362-470a696fddab&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:46:14 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=07737119-197b-47ac-9ba4-f3957490d193&code=930daeb3-85da-4c50-9ee9-20a5e5b8f5b8&scope=address+openid+profile+email&session_id=dfd62610-f172-43fd-a267-a00f8bea877b&state=45f07f56-6c54-499f-b148-f6d7a9d2a51a&token_type=bearer&session_state=dd05c064-79f6-47f5-bce9-53155c547168&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6C1B.C9F0.E7E0.9E5C",
    "client_secret": "74f9479d-0dfd-4834-9be7-f63796fc8212",
    "registration_access_token": "8d52a1f1-f27b-48e0-844a-23796bfcc04b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6C1B.C9F0.E7E0.9E5C",
    "client_id_issued_at": 1530816374,
    "client_secret_expires_at": 1530902774,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216C1B.C9F0.E7E0.9E5C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=be6ccee9-8584-44ad-aa89-70eca1526eb5&nonce=98562037-2e74-47f6-8421-6515cdbf0cfc&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:46:14 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=730ee13d-6203-4f66-b9c2-d54c484870f0&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2QzFCLkM5RjAuRTdFMC45RTVDIiwiZXhwIjoxNTMwODE5OTc0LCJpYXQiOjE1MzA4MTYzNzQsIm5vbmNlIjoiOTg1NjIwMzctMmU3NC00N2Y2LTg0MjEtNjUxNWNkYmYwY2ZjIiwiYXV0aF90aW1lIjoxNTMwODE2Mzc0LCJjX2hhc2giOiJveDlvdURSTTE5VlJYQUd4bi1CeVZ3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiVXU5NGpRNjFWYWxGLWN0ODZZNS1kcjNxVlp2bDJkWFhwblRzWlhuWVFVNCJ9.eAKkOEE3U_ofAnb4QjQjUfSj1sPn5hV0QQj9mat73t8TQCZhX1uDtuOuvn9px8HQqHzY7Qy4e0qCrNVD-l7q3ZoUASa6OXIm7VBj3ZOfuZtvGoGTicvqPkRv4VksC01z67u-cxxMU-zZvKIOCWhEYKEIoiE1_BYQbs66WWmJ7g4ujcD-2AkRXp3FnXJr7hHrH3g41qUWr7zwzyd2b0LuLmKwm0Mh_9g7r4Q-r8-b34uUcmA-HPAQT0tpwL5Bt2TaWjeN4ltg2v4oijT4-S36fxPOQaPe48ZcUYx6BNHqWdfUEeLxRFlw_09oziFjzzUgIBue3G2RHstBahwaLgrz0g&session_id=d0ae00d5-9a01-4afd-b1c9-db665c2e83ef&state=be6ccee9-8584-44ad-aa89-70eca1526eb5&session_state=f47b3c84-d86e-478b-ba58-5b6d6dbbd837
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2A3E.FDF4.1AEC.3027",
    "client_secret": "04344ab8-732d-46a5-a1ec-81cc2b7e012b",
    "registration_access_token": "ffc78d47-19df-4b7b-9479-85782ea0b702",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2A3E.FDF4.1AEC.3027",
    "client_id_issued_at": 1530816374,
    "client_secret_expires_at": 1530902774,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212A3E.FDF4.1AEC.3027&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=781aa89f-c9a7-4398-aa30-01006d5d328f&nonce=8c2ad874-edf0-4a34-a1a3-68e0fbad0dd8&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:46:14 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=811c632e-40ee-41ee-8d83-5eeaeadb3993&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyQTNFLkZERjQuMUFFQy4zMDI3IiwiZXhwIjoxNTMwODE5OTc1LCJpYXQiOjE1MzA4MTYzNzUsIm5vbmNlIjoiOGMyYWQ4NzQtZWRmMC00YTM0LWExYTMtNjhlMGZiYWQwZGQ4IiwiYXV0aF90aW1lIjoxNTMwODE2Mzc0LCJhdF9oYXNoIjoiSFVYQzg2UFEtb0RQWEQ4OGc4RnozUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImlvS0xXWWIyTzdpbERQLU15WHYyczNYcnh3RTNBOWs1bjR2Mk84NmpKM1EifQ.j0xp3d4_wh-OG5L7nONC1LXl8jAMsLCHuRbBuxAgQx45Xdi6rhXBPLlZ2jJixOGhBXkMMAPT8-o0-oDyM8w3U6oGOqn-DM_rLM1Nzk87O1-rzVPS-tSZ7mW_vvj7GgORXESRj_rGpGAc4XRI3IZhnuGT1SztR3jLASpLjYnvko_DpVtae3kVW0g6u8Ccu3BX0kkh_2wcnm6E-CdbV9_cd9tsFh4nR744oSBZA-wyDQSv5blGCKTrGehZj4u0RfAG4uYkvFaDodCyB7L9MpavBEjASw1BtOX_mm_DFSFuIfM_b6pmQxztS9wr2GVbkWb5_PvSXDEOCqonbvh99DzKwA&session_id=50737c42-9c93-48a8-9440-fd529ced495f&state=781aa89f-c9a7-4398-aa30-01006d5d328f&token_type=bearer&session_state=32f2c26a-f23d-4c9d-affe-4d58e0059c7e&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6859.57BD.D052.B380",
    "client_secret": "512062bc-1857-4ee7-ae4b-541d5826b449",
    "registration_access_token": "dad98a5e-2792-479e-b244-bea098c53fdd",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6859.57BD.D052.B380",
    "client_id_issued_at": 1530816375,
    "client_secret_expires_at": 1530902775,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216859.57BD.D052.B380&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0f78bb4a-fc66-442f-b8ae-67ec4e5a5f6f&nonce=8f344392-d069-4187-93f2-2e451884aa14&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Thu, 05 Jul 2018 18:46:15 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=63954873-29b7-4cca-bdaf-7b9176eb5e84&code=d16f3aca-480c-4af8-9e85-7385d2b7b0ac&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2ODU5LjU3QkQuRDA1Mi5CMzgwIiwiZXhwIjoxNTMwODE5OTc1LCJpYXQiOjE1MzA4MTYzNzUsIm5vbmNlIjoiOGYzNDQzOTItZDA2OS00MTg3LTkzZjItMmU0NTE4ODRhYTE0IiwiYXV0aF90aW1lIjoxNTMwODE2Mzc1LCJjX2hhc2giOiJTak1fTS1yVmRxUUlLRVNobFJaNTJBIiwiYXRfaGFzaCI6IkFEUUhaMEhXeC1PRkpYWmtSaHdkeUEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJFaml5dDVoaUpDdkZWTVdBU21aM2dlUmttb3VWdVFSSGcxMXR4dGNzYnRRIn0.NOvKWekaXToyL1B_cu3lg9DNrYy3wfHkySUDJ7KWltI0qUzRM4ENtWPOgjVWBYT8cnMTW85JrCqNyU8I8Yec1QC79x6bHvLXEqZt09g867eI6ujfgC_LfwcoQP4AsLimJwI6yebruAtjDY18l04xYXpKd-5IuvwuIbsMlOhXb5Ir0zjeltpNRN8X1L4qM16XjXbEbMy5wdiFiWLfG4TBroGrxGHDb_u44sAGRnn-V1bXWB4g-NYomshiPdTRckUyQQEMN-sLDvKlLPfUWk-GhDBNFBaoG3AoPKGuzEAcf-x_y5e8gp86gu1ENGtO9v4t92eWBdaIH_AW85kselbcsg&session_id=fe45d5c5-435a-4f8b-b8c7-fe65659a15b4&state=0f78bb4a-fc66-442f-b8ae-67ec4e5a5f6f&token_type=bearer&session_state=a1abfa47-6051-45e1-9490-bed7bafa78ea&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:46:15 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:15 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: defaultResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C431.3747.FF59.44DE",
    "client_secret": "5c480920-7078-438a-9e60-868bae00c3d3",
    "registration_access_token": "ed1cd65e-47dc-48bb-b4d1-abe7d04278a4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C431.3747.FF59.44DE",
    "client_id_issued_at": 1530816375,
    "client_secret_expires_at": 1530902775,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C431.3747.FF59.44DE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=98f41c24-dda0-4f45-8d09-4fa3537f4e4e
14:46:36.932 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:0b83fdb4-238a-4322-9cf5-4d04c32a48ba
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C431.3747.FF59.44DE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=98f41c24-dda0-4f45-8d09-4fa3537f4e4e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=93b44e6d-5875-480a-b83e-089ced30eb10&scope=address+openid+profile+email&session_id=2e15d1b5-5f5e-476c-8ec9-2a136a04b151&state=98f41c24-dda0-4f45-8d09-4fa3537f4e4e&session_state=0b83fdb4-238a-4322-9cf5-4d04c32a48ba

#######################################################
TEST: defaultResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DAC0.FD68.81A1.10A7",
    "client_secret": "4ddc5361-b1b6-41ec-a080-026ae40e8b1c",
    "registration_access_token": "3ec5f8f2-ed0a-42c3-9e41-095d1c192f4d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DAC0.FD68.81A1.10A7",
    "client_id_issued_at": 1530816376,
    "client_secret_expires_at": 1530902776,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DAC0.FD68.81A1.10A7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=58e47d30-ed84-41cb-a3b7-8eb6bb10f647&nonce=d409d8c9-35e2-49ed-bff2-f64fef8c99dc
14:46:38.210 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:32c4c007-fb1e-4fab-8a6b-af9ce104db5e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DAC0.FD68.81A1.10A7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=58e47d30-ed84-41cb-a3b7-8eb6bb10f647&nonce=d409d8c9-35e2-49ed-bff2-f64fef8c99dc

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=7583711c-009d-467d-9c40-9bad2c50e6a9&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQUMwLkZENjguODFBMS4xMEE3IiwiZXhwIjoxNTMwODE5OTc4LCJpYXQiOjE1MzA4MTYzNzgsIm5vbmNlIjoiZDQwOWQ4YzktMzVlMi00OWVkLWJmZjItZjY0ZmVmOGM5OWRjIiwiYXV0aF90aW1lIjoxNTMwODE2Mzc3LCJjX2hhc2giOiIzY3lsVlNkV1l0X2o3QXJSZ3N6dDNRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoibTRHVWRyYVktMU5yZDlBWV81a0FOVC1kNU9UR2xITjEtcEFreUNLUzNvTSJ9.fJtl8WYSzm7hEIfCqbQ_0RNKuj0HcQmRPfhDFbo-rSYlMwNSuN3jl7eOVV2KLWvPCfdkVYZqQAhWFCf1uhfic1REJBwQFzY-EvfAAjO-yo8xxEGPI22T_lti6e8hh6Fy23Z0unxPGM_NSmTTPvRVx1dNxxHrMN8xG4SuRrFcNpxQboYpJ8u9X374bO3pc7fxcHrzZTe_pfjte8PMgoYXL3EtdRSfDvew4xP1xqSGGchWmk2AZipSpqJa0wGK65BM0mlIT2E_HG1p0bEW1ZvA0hpDSJcI6e_nyo-leM4thOl_hx-I8eox8rK_LgM_hYiFOh_71m51uEhAltrCXijoiw&session_id=87977d93-dc43-4093-9435-8ee87a851211&state=58e47d30-ed84-41cb-a3b7-8eb6bb10f647&session_state=32c4c007-fb1e-4fab-8a6b-af9ce104db5e

#######################################################
TEST: defaultResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!21B3.DED8.D1D6.A259",
    "client_secret": "43e1bec9-3d3d-454b-9dea-09f20c3e4138",
    "registration_access_token": "ca8208e0-fcfc-4340-8127-196beea57338",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!21B3.DED8.D1D6.A259",
    "client_id_issued_at": 1530816378,
    "client_secret_expires_at": 1530902778,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2121B3.DED8.D1D6.A259&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d9dbc82e-289d-49a9-9a57-44ce69b2a2c4&nonce=c1998bfb-ea8d-469c-bd20-77b094892e1a
14:46:39.537 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e71df7d6-e890-48e6-8ca0-51f1d1c1b5a1
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2121B3.DED8.D1D6.A259&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d9dbc82e-289d-49a9-9a57-44ce69b2a2c4&nonce=c1998bfb-ea8d-469c-bd20-77b094892e1a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=2ce0f0c9-e279-4ba7-9672-784bf7030778&code=72887357-6194-4794-bb15-bb99f56c9dc1&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyMUIzLkRFRDguRDFENi5BMjU5IiwiZXhwIjoxNTMwODE5OTc5LCJpYXQiOjE1MzA4MTYzNzksIm5vbmNlIjoiYzE5OThiZmItZWE4ZC00NjljLWJkMjAtNzdiMDk0ODkyZTFhIiwiYXV0aF90aW1lIjoxNTMwODE2Mzc5LCJjX2hhc2giOiJzMXBzY2NvQkM3bU5YXzV3aW1ZT3ZRIiwiYXRfaGFzaCI6InNrVGEtbHJoampqWmNPNXF3ZGtpeFEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJpOHh0V25NQ2IzbDRHZE5pVVIwTTRMRV9zOUtvRnpaU3lLb0pyaUVMVHdrIn0.oqClVzYTOGkuqzOvIT2aY8fWSmSD1MlQVucx1hYpEsi23TN4NcwvK2c2NI7zH9hr-_lITZIHwqZSkL3yvNt_Vy6n4am-ybmZkujCqcnjmRELp7bPl3O9btp_V8KdLolRh075PEABgXCdUTW3FiUKHYlP9pcxYNHAxKEPk7O1hHtLlTdzgLjaa3GYZmSVk1z0v66Ggf4KXskTbLGhV57We--2MFf2KS7KJpQOTV_CEspUZRR0w-qpQA2wV_i4byWIpoVCkk-DgQ01q93fbeZFdp-MspE5ySTdmIrTcufwvCO3oUevJiycOye1glXdm-kiHPFX3CjrNF2HMnS6-a0Lng&session_id=bcbe7c20-f2d1-47ad-a16c-8907a04dcf08&state=d9dbc82e-289d-49a9-9a57-44ce69b2a2c4&token_type=bearer&session_state=e71df7d6-e890-48e6-8ca0-51f1d1c1b5a1&expires_in=299

#######################################################
TEST: defaultResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CD9A.5074.8185.9B3A",
    "client_secret": "70255807-7137-4c7f-a71e-85837b18f777",
    "registration_access_token": "6476c565-5b83-4171-a8e7-cc09ab29e0ea",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CD9A.5074.8185.9B3A",
    "client_id_issued_at": 1530816379,
    "client_secret_expires_at": 1530902779,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CD9A.5074.8185.9B3A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=38afad66-f63b-41dc-9d5d-3747e242f59b&nonce=36d2d09f-eb95-4f91-849b-819a737930db
14:46:40.862 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a419c502-0ef9-433d-8e0a-424fa6c91595
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CD9A.5074.8185.9B3A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=38afad66-f63b-41dc-9d5d-3747e242f59b&nonce=36d2d09f-eb95-4f91-849b-819a737930db

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=0bcf6ccf-b5c9-4905-a6ab-b5356d7ae1d4&code=9dde0180-7ba6-474f-8591-78538d9dcdf7&scope=address+openid+profile+email&session_id=4f31a963-b8ed-4d9e-a097-471da3864bfa&state=38afad66-f63b-41dc-9d5d-3747e242f59b&token_type=bearer&session_state=a419c502-0ef9-433d-8e0a-424fa6c91595&expires_in=299

#######################################################
TEST: defaultResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9628.66C8.71A1.8C72",
    "client_secret": "7fcc601c-8c44-4173-9ebb-b75f6155f8f0",
    "registration_access_token": "9a6331fd-37d3-4ba5-838f-b5d863223971",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9628.66C8.71A1.8C72",
    "client_id_issued_at": 1530816380,
    "client_secret_expires_at": 1530902780,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219628.66C8.71A1.8C72&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6595302d-a96c-47c3-a73e-3e7b35912a7e&nonce=27bf8f8d-fa08-4f63-a916-8b12ffe2f9ad
14:46:42.154 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:50f89816-9051-4da3-b5a2-0764a7232b13
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219628.66C8.71A1.8C72&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6595302d-a96c-47c3-a73e-3e7b35912a7e&nonce=27bf8f8d-fa08-4f63-a916-8b12ffe2f9ad

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5NjI4LjY2QzguNzFBMS44QzcyIiwiZXhwIjoxNTMwODE5OTgxLCJpYXQiOjE1MzA4MTYzODEsIm5vbmNlIjoiMjdiZjhmOGQtZmEwOC00ZjYzLWE5MTYtOGIxMmZmZTJmOWFkIiwiYXV0aF90aW1lIjoxNTMwODE2MzgxLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJ2dmIteTd6azJ4eGZqeENlYk9iUUdySmhlX0tXa3hJajJJU0Y2MzNyc2RrIn0.IQDX5ZiaF8Sm-YQ8G1RhjFKX7rqm8ZcurwvdCU2WcaYlz5PGqijGsg8ziqx2XkqMqJmXG9qbXRbbHCPjJloaHBC_d0dDaMcvUBwRieW0M1vkBYfphMa6zvo1ZG5bzUnsoppbZZ4Vf4qoXId7-X631pIatkWk_ZQcfOMgIkS42bINKZA6F5hfeAzW3rueF6rN3cpR4Y6b7PGqVahUt2LWJuzLCQYDKIfj-xdZU6VjCqzan4mwcVWgDCTJBBOfr51C4avXGHFJqCteGNFVEXD0hmZ4yUBq-JU6y2hHerdLs2vhCl_2G4yiSPrl6nJSQ0hdV9PMOYSk8xV7Ui_ndslWtQ&session_id=b3a9ba15-1001-47e0-a967-4c69a8f6683c&state=6595302d-a96c-47c3-a73e-3e7b35912a7e&session_state=50f89816-9051-4da3-b5a2-0764a7232b13

#######################################################
TEST: defaultResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!01C3.D6A2.1B59.5A9E",
    "client_secret": "8d213db0-b3fd-4b19-b2af-6add3d1efe1c",
    "registration_access_token": "3969e096-2b1c-4474-bab5-7cf205d864b8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!01C3.D6A2.1B59.5A9E",
    "client_id_issued_at": 1530816382,
    "client_secret_expires_at": 1530902782,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2101C3.D6A2.1B59.5A9E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=33156cb2-0310-4c7f-b801-197f8379c48b&nonce=9fbcdd3f-09a3-4c5d-b4b5-b5d9557cc6b4
14:46:43.434 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:21f7a1a4-1d7c-4bd0-bd56-36f90a5337ce
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2101C3.D6A2.1B59.5A9E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=33156cb2-0310-4c7f-b801-197f8379c48b&nonce=9fbcdd3f-09a3-4c5d-b4b5-b5d9557cc6b4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=5eea22dc-a2f7-49b2-8428-632a7976b480&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwMUMzLkQ2QTIuMUI1OS41QTlFIiwiZXhwIjoxNTMwODE5OTgzLCJpYXQiOjE1MzA4MTYzODMsIm5vbmNlIjoiOWZiY2RkM2YtMDlhMy00YzVkLWI0YjUtYjVkOTU1N2NjNmI0IiwiYXV0aF90aW1lIjoxNTMwODE2MzgzLCJhdF9oYXNoIjoia2hEVXYwWmRMRDAwRzBIMVhRWnZ0dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImxQelkxbXJLOURZMXZ4SVQwV2JsSVVZMXl5VFdNT1N3dFhfc3BUU3FJRXcifQ.d_Mvhrla-3kcE0OT_bquwWYrRYdvA2lxar6mjy2d6vLSBkRMFvxu268RQKuMGQtDyYCI1AEwTCPv7wfWBw3VoSOevXpEUnlp9AdxFn94fWx_vl_m4l6Ax-EgGMUa_6BGOZP6bIXzfIUSf25Ppobsbfcfo7d-PAy-E3r0tgp1M36o3R7oPucpJBIZBsE5IHv2iDq4JtI_OD4j_mziRbKl_vFfLrMuj4BGZUUQLCHMutq5PgS-9v2n8EaHWaq62iAW9U8JifnCnwzMzeW06iwzVH9GCxzKIFEMYG5ymD_6p6-41c0IFWe9zHHdX4aj4NrPujz38CuqOQJTanrBvX5C6A&session_id=511fbaf1-48ab-4514-a36b-95a51fc16658&state=33156cb2-0310-4c7f-b801-197f8379c48b&token_type=bearer&session_state=21f7a1a4-1d7c-4bd0-bd56-36f90a5337ce&expires_in=299

#######################################################
TEST: formPostResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E340.360A.02DA.AF95",
    "client_secret": "dc443fd4-862c-4664-807c-c79fb622ba6a",
    "registration_access_token": "25b11ff1-dffd-44dc-bc49-c4e952a2daf1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E340.360A.02DA.AF95",
    "client_id_issued_at": 1530816383,
    "client_secret_expires_at": 1530902783,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E340.360A.02DA.AF95&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=efdcec9c-717f-4d1d-afef-d78482244691&response_mode=form_post
14:46:44.812 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e0474d7c-c417-44f0-890e-231e684a18d5
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E340.360A.02DA.AF95&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=efdcec9c-717f-4d1d-afef-d78482244691&response_mode=form_post

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A78F.290D.0B3D.FEF5",
    "client_secret": "ae1fbc25-74e9-42ce-baca-6e4c65a9c678",
    "registration_access_token": "1b30579d-f8c1-4484-b825-c95c8dc9efe7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A78F.290D.0B3D.FEF5",
    "client_id_issued_at": 1530816384,
    "client_secret_expires_at": 1530902784,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A78F.290D.0B3D.FEF5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f5ddcf7b-e9b1-461a-9af9-312b609834ee&response_mode=form_post&nonce=bc033343-7c4b-4267-ae08-894dbef550d6
14:46:46.215 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e21f2151-96aa-463c-a9c3-cf924e5a3a25
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A78F.290D.0B3D.FEF5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f5ddcf7b-e9b1-461a-9af9-312b609834ee&response_mode=form_post&nonce=bc033343-7c4b-4267-ae08-894dbef550d6

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FE36.BBB6.07A6.0B43",
    "client_secret": "ce8e0437-0117-47af-a954-b40ac32c9d50",
    "registration_access_token": "e87db432-7684-4dbf-b647-3cbf058041ae",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FE36.BBB6.07A6.0B43",
    "client_id_issued_at": 1530816386,
    "client_secret_expires_at": 1530902786,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FE36.BBB6.07A6.0B43&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7da5b4ad-99b3-4dd4-8769-98da9810f1f0&response_mode=form_post&nonce=88868807-7ac4-49f4-9295-9a79478b05bc
14:46:47.520 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:31da6ad4-d961-4198-8ae4-f6f305ce956b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FE36.BBB6.07A6.0B43&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7da5b4ad-99b3-4dd4-8769-98da9810f1f0&response_mode=form_post&nonce=88868807-7ac4-49f4-9295-9a79478b05bc

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8B27.55A7.A292.AE5C",
    "client_secret": "3823647b-4cba-42fe-86e0-633633be9a26",
    "registration_access_token": "866ce7af-2acc-4a17-8e22-1c6d959da0ee",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8B27.55A7.A292.AE5C",
    "client_id_issued_at": 1530816387,
    "client_secret_expires_at": 1530902787,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218B27.55A7.A292.AE5C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=651fff64-2138-4e1f-8d61-2fa1d1216173&response_mode=form_post&nonce=e38cbf43-5bc6-479f-a577-9c579003d5f4
14:46:48.922 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:69b84a10-ceb5-4ec0-ace0-28e1c602a706
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218B27.55A7.A292.AE5C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=651fff64-2138-4e1f-8d61-2fa1d1216173&response_mode=form_post&nonce=e38cbf43-5bc6-479f-a577-9c579003d5f4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!84A2.B433.E031.819F",
    "client_secret": "143f4245-b30c-489a-9e7a-2a37f7a4ab0c",
    "registration_access_token": "327bcc6b-198e-4236-9420-ec882ce8ffe6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!84A2.B433.E031.819F",
    "client_id_issued_at": 1530816388,
    "client_secret_expires_at": 1530902788,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2184A2.B433.E031.819F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=45838293-199b-4f5b-8d28-4fe61de94691&response_mode=form_post&nonce=4e44d70f-32c5-4017-89b0-09b5865fd73e
14:46:50.308 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:08168a7e-a8b5-46b3-838b-bf0086ce6eb1
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2184A2.B433.E031.819F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=45838293-199b-4f5b-8d28-4fe61de94691&response_mode=form_post&nonce=4e44d70f-32c5-4017-89b0-09b5865fd73e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0108.A385.E6F2.8549",
    "client_secret": "0ff3ccf8-5a6c-4b8a-be51-740c622502aa",
    "registration_access_token": "0b81d996-17e9-43c5-8e09-000b872a2489",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0108.A385.E6F2.8549",
    "client_id_issued_at": 1530816390,
    "client_secret_expires_at": 1530902790,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210108.A385.E6F2.8549&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8a0c9e01-fe9a-4ba6-9e8d-1ef4ebf21cf1&response_mode=form_post&nonce=0387e782-cfd4-49f7-a5b9-a06458ba36e1
14:46:51.670 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4c25c0f4-8ced-4712-833a-d1ff701df186
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210108.A385.E6F2.8549&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8a0c9e01-fe9a-4ba6-9e8d-1ef4ebf21cf1&response_mode=form_post&nonce=0387e782-cfd4-49f7-a5b9-a06458ba36e1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: fragmentResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CDA7.26B6.C41C.2897",
    "client_secret": "2ad07352-5f78-40be-836a-ae85cad46211",
    "registration_access_token": "934d5dc0-ae55-47bf-9387-ef5ef56d1254",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CDA7.26B6.C41C.2897",
    "client_id_issued_at": 1530816391,
    "client_secret_expires_at": 1530902791,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CDA7.26B6.C41C.2897&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5ab518b2-3fd3-4bd1-8aba-0e2051c8d624&response_mode=fragment
14:46:53.046 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:882bcfc7-3092-4baf-8a14-410b998f003e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CDA7.26B6.C41C.2897&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5ab518b2-3fd3-4bd1-8aba-0e2051c8d624&response_mode=fragment

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=9edf4a5f-5dce-419a-abb3-7643436b4394&scope=address+openid+profile+email&session_id=4e6d947b-03b8-4e95-9c49-cdf9e2d8d2ea&state=5ab518b2-3fd3-4bd1-8aba-0e2051c8d624&session_state=882bcfc7-3092-4baf-8a14-410b998f003e

#######################################################
TEST: fragmentResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:32 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!552C.B979.20FC.D584",
    "client_secret": "06ab4b33-5003-42ba-82ff-309935664eb1",
    "registration_access_token": "0fc9c558-74b9-4826-b09d-8058f858ccc5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!552C.B979.20FC.D584",
    "client_id_issued_at": 1530816392,
    "client_secret_expires_at": 1530902792,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21552C.B979.20FC.D584&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=28ccff38-4c51-49f7-a6c0-459fc0dd16b8&response_mode=fragment&nonce=4ecdfa22-e9f2-4d11-93ee-cddec9324d84
14:46:54.360 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:da424425-d971-4729-869d-42bb1e7f2140
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21552C.B979.20FC.D584&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=28ccff38-4c51-49f7-a6c0-459fc0dd16b8&response_mode=fragment&nonce=4ecdfa22-e9f2-4d11-93ee-cddec9324d84

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=56c69fbe-cf8d-496a-8c8f-60b7eb20d51f&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1NTJDLkI5NzkuMjBGQy5ENTg0IiwiZXhwIjoxNTMwODE5OTk0LCJpYXQiOjE1MzA4MTYzOTQsIm5vbmNlIjoiNGVjZGZhMjItZTlmMi00ZDExLTkzZWUtY2RkZWM5MzI0ZDg0IiwiYXV0aF90aW1lIjoxNTMwODE2MzkzLCJjX2hhc2giOiJnZlFPOEFlUE5WVWp5SWF4N3FqRFZBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiWGo4TUE2WDlnS1Nia0pxcTNTdElwUHlKVHprZWNNX3EySU9mMnJhLUlXcyJ9.HiZ4RDLXt8FMu-hELS-bWo86egnrSTvpNWr0JNfSBxuYmdbVo92pAPyCGFEx4c3v5N4Bb8ZQk_0lXlioTLIjCDwl8GfR0VaXysd74Ibcjv9evoQIwhcXPmYJzkx3FBR8tgU5wqw1GPlzgHtfcW0kUHg5s0xoQALKN1j2LIP-k6KAIoiV-CBSOkE8lTQjm_1BwBYl1EwXZcNSlALW_EMuQiCnV5esymQvllcJVjFPLx-3ZSDkOBfj5Dq1zyNpeH_RI7Orh5BVm6NAhfSY3J7UVX897PWE4Wcg8yU7_yKHnSQH_eZYH-ughcCpY6UUeqhiNBGsEhfRZorAykSWUumVKA&session_id=a83195e5-674d-49f9-a556-8b7f0be25345&state=28ccff38-4c51-49f7-a6c0-459fc0dd16b8&session_state=da424425-d971-4729-869d-42bb1e7f2140

#######################################################
TEST: fragmentResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1B04.9352.2C94.09E9",
    "client_secret": "6fe09a1a-ece9-45cf-92e0-81ab29d97bf4",
    "registration_access_token": "c349ec7c-75c0-4fc6-a0b5-0c99631a341e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1B04.9352.2C94.09E9",
    "client_id_issued_at": 1530816394,
    "client_secret_expires_at": 1530902794,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211B04.9352.2C94.09E9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5d561041-614b-48f0-9595-98d4df53ea63&response_mode=fragment&nonce=2b77f9a0-fba5-4716-8e95-689259f757eb
14:46:55.649 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:281bb061-ca3e-4244-be8a-b37a73940e83
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211B04.9352.2C94.09E9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5d561041-614b-48f0-9595-98d4df53ea63&response_mode=fragment&nonce=2b77f9a0-fba5-4716-8e95-689259f757eb

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=1a6c753a-fd10-4a88-8747-c7513fbe12ad&code=9272772e-2310-4475-a515-a92b6c66ba6c&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQjA0LjkzNTIuMkM5NC4wOUU5IiwiZXhwIjoxNTMwODE5OTk1LCJpYXQiOjE1MzA4MTYzOTUsIm5vbmNlIjoiMmI3N2Y5YTAtZmJhNS00NzE2LThlOTUtNjg5MjU5Zjc1N2ViIiwiYXV0aF90aW1lIjoxNTMwODE2Mzk1LCJjX2hhc2giOiJnSVhGNGwzbW5VT2Z5Q0RKaExMSjBRIiwiYXRfaGFzaCI6IllLUWVMcG82amo5ZUlWWGhEWm1nTnciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJlTzhBc3dPNDB6UzdBWmhieFBKcGZFZEJnUkJQY3FlME5kVmhkbHFIUjAwIn0.PulVdf2ap11fDznOTWEwfNMcuWCQMogpwDXHNrZC4OHwVu92U9NCuIUJCxWTbwR1Lnkkmdh1KGSoJ-NbMfsGShdv-NOdc89NAByx68bSr46VHgrjPhChR3Q02nxYnPwr9EsRchF78uiJtS642WCYLyyIHf9VKnT_D25k5qlkt3foijbFumhmlEJ5ollC-oT_vyMiQNPuFhxHWXkx5MoXZTTh6JIcuVpEQIh54svZG7ZGdJ21x-O_QgjYSpYz2onk7Z33kyRyz2VIZUENm--B23TO4YecGYuQsd83PItgILFlSrmNSt4Uh2oX1qVV4zQjqWxc9LrW1AEkiM7xNbXN9Q&session_id=b5cc32b6-cc8c-405f-81f1-7012e895751b&state=5d561041-614b-48f0-9595-98d4df53ea63&token_type=bearer&session_state=281bb061-ca3e-4244-be8a-b37a73940e83&expires_in=299

#######################################################
TEST: fragmentResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!93D6.45F7.20B3.0E20",
    "client_secret": "58f41a53-ab97-4ff7-8662-07ebd49b45b8",
    "registration_access_token": "b5a5e382-fb9f-4f57-a29d-c7adc8e22407",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!93D6.45F7.20B3.0E20",
    "client_id_issued_at": 1530816395,
    "client_secret_expires_at": 1530902795,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2193D6.45F7.20B3.0E20&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8a1a690e-e3af-494e-9c52-a6e38238c39f&response_mode=fragment&nonce=25073c04-c638-4a92-9454-4458218eddfd
14:46:56.880 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:1e57984b-1b91-4784-b4a1-3de69fb980fc
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2193D6.45F7.20B3.0E20&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8a1a690e-e3af-494e-9c52-a6e38238c39f&response_mode=fragment&nonce=25073c04-c638-4a92-9454-4458218eddfd

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=021f1a68-7349-4950-b855-4ee0e8d0f5d1&code=5d9e8862-1432-4c3c-b5f2-7e410570f1b8&scope=address+openid+profile+email&session_id=9ea1409d-9c8c-42ac-b308-69da458a24fc&state=8a1a690e-e3af-494e-9c52-a6e38238c39f&token_type=bearer&session_state=1e57984b-1b91-4784-b4a1-3de69fb980fc&expires_in=299

#######################################################
TEST: fragmentResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!937E.28D4.69E2.081B",
    "client_secret": "77dd4d58-9ef7-4848-964c-d0e548b28d8e",
    "registration_access_token": "b95c46cf-7479-41ed-b02c-e8d0f5dfa853",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!937E.28D4.69E2.081B",
    "client_id_issued_at": 1530816396,
    "client_secret_expires_at": 1530902796,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21937E.28D4.69E2.081B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f5360168-8838-4eb2-8033-575c42b23575&response_mode=fragment&nonce=e6ac66f7-94ba-4c61-860b-55c794348573
14:46:57.989 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d4cca362-331f-42a6-ad5a-5bbab62f130f
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21937E.28D4.69E2.081B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f5360168-8838-4eb2-8033-575c42b23575&response_mode=fragment&nonce=e6ac66f7-94ba-4c61-860b-55c794348573

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5MzdFLjI4RDQuNjlFMi4wODFCIiwiZXhwIjoxNTMwODE5OTk3LCJpYXQiOjE1MzA4MTYzOTcsIm5vbmNlIjoiZTZhYzY2ZjctOTRiYS00YzYxLTg2MGItNTVjNzk0MzQ4NTczIiwiYXV0aF90aW1lIjoxNTMwODE2Mzk3LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiI4VHpDZ2pBOHdqZzc0Q1NKQnFsWGwyNHZYTjZmbGxMQVZpSUxNT3lTUGxRIn0.Y8jH2pN3M9VKbKCBCgaz0GEJTgBfBTA57HLeitd4tNQSUR1kUAFWV05hGBr6tGj7cTdlKGfCE5Vw_4Ft-eK2iobYzrlMCX8OwxHxHvG4xPuEyQlnOY-rSIBJtTmZBPQ7fN3Qy2rg-dAo4dSdgGBwWeMgLTi_STTJKzoJrbwjyziyR9RMh9udbUskfvgpYr70E_fQeJkABdvXs7RqTFD0oiMsm98DrkesNhLwPZDX0iDdI8J_p6fV0uZC2qoI70GOy95LRP3QiFV-Bjj6zmrWoKjcSMAdHiDaDxYT5LuiK2tVvnPntSPKSPT8C82yX87o8OHbBDiizbs4vjkZ8Otpkg&session_id=bc69394d-8ed8-4194-966e-5bd7ea30d6b4&state=f5360168-8838-4eb2-8033-575c42b23575&session_state=d4cca362-331f-42a6-ad5a-5bbab62f130f

#######################################################
TEST: fragmentResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07F1.A49F.3C75.05C1",
    "client_secret": "17e9add0-1d5e-459a-be25-ac91dce51020",
    "registration_access_token": "5b2052c1-ef7d-492c-8e26-c2106479e58c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07F1.A49F.3C75.05C1",
    "client_id_issued_at": 1530816397,
    "client_secret_expires_at": 1530902797,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2107F1.A49F.3C75.05C1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f8284530-5a03-4afc-9b2b-1beb016afa1a&response_mode=fragment&nonce=09482ad9-d34f-4d36-826c-fe915bea5006
14:46:59.125 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:c0b7b640-880b-401c-bca1-bf0bdda67716
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2107F1.A49F.3C75.05C1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f8284530-5a03-4afc-9b2b-1beb016afa1a&response_mode=fragment&nonce=09482ad9-d34f-4d36-826c-fe915bea5006

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=707de505-04d6-4d8c-ae90-30b2e0c3fd78&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwN0YxLkE0OUYuM0M3NS4wNUMxIiwiZXhwIjoxNTMwODE5OTk4LCJpYXQiOjE1MzA4MTYzOTgsIm5vbmNlIjoiMDk0ODJhZDktZDM0Zi00ZDM2LTgyNmMtZmU5MTViZWE1MDA2IiwiYXV0aF90aW1lIjoxNTMwODE2Mzk4LCJhdF9oYXNoIjoicDV4U1JCaUstZ2ZtVzV6bGZsN0pEUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlJxazJRQ0tfT0Y0QVRKeWpxSFM3dHhuNmF2QWUzUW5TYXlIazd5eUhvR0kifQ.PpXdDLELMfTPp6cuW50HMuiX19ZnfwlEyEjRMVMUAv5T630hmnPYkIDVhbLmBd8ENgPwwGr_qNMYJgVcUMZBWpR_vjG2nRCHYjkvGZaFNZOcm4qzz7toDSWZRoOX_g3zdJ3fBvfnE-qmomJZi_U9nZr3GdgB6R45c3JWD6AyN6YR7zH_zASuxxDu_N4nGhBqxdKUxpFp63w2wck2Dx_BHa-7o7fe95l2LWUBVaoJ1HuAVWBdYSir_iocK1Une4GzAy_Q9ogg1-Ycx6jEscwpVz6HJEj9BKeWeRA-FP1GMtBc9v5FqEASrOo_sZqY9d5-eYjlP-9cCsxFETx7Q_ZUCg&session_id=87b59ce1-5fff-448a-88f6-5ea44882460d&state=f8284530-5a03-4afc-9b2b-1beb016afa1a&token_type=bearer&session_state=c0b7b640-880b-401c-bca1-bf0bdda67716&expires_in=299

#######################################################
TEST: queryResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8404.2ED4.3C63.9E26",
    "client_secret": "f32b4908-41ef-4780-a7f6-f1ac340bf3da",
    "registration_access_token": "34f8b766-d800-47a1-93ad-f00496fb2df6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8404.2ED4.3C63.9E26",
    "client_id_issued_at": 1530816398,
    "client_secret_expires_at": 1530902798,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218404.2ED4.3C63.9E26&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f51d0738-a93f-4193-8a03-4cc65a19732f&response_mode=query
14:47:00.345 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:736336e7-021c-4f28-acc2-83f2127ab75a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218404.2ED4.3C63.9E26&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f51d0738-a93f-4193-8a03-4cc65a19732f&response_mode=query

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=f7fc29b1-40ff-4844-b38e-37fbeeba45d1&scope=address+openid+profile+email&session_id=4068eea5-e558-4d14-8345-fdeabdea044c&state=f51d0738-a93f-4193-8a03-4cc65a19732f&session_state=736336e7-021c-4f28-acc2-83f2127ab75a

#######################################################
TEST: queryResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:40 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7D2F.5248.0065.6642",
    "client_secret": "72e9def1-7712-49ed-b677-e5eba8d23c36",
    "registration_access_token": "0c99a459-12e5-4588-ad91-12b7e11bc182",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7D2F.5248.0065.6642",
    "client_id_issued_at": 1530816400,
    "client_secret_expires_at": 1530902800,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217D2F.5248.0065.6642&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d508b660-0313-4188-b27e-a5974963eac0&response_mode=query&nonce=1de24308-4be4-4eab-a024-65a5724caa28
14:47:02.395 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:8ce17491-3f4a-4e05-a989-f399d7c9317d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217D2F.5248.0065.6642&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d508b660-0313-4188-b27e-a5974963eac0&response_mode=query&nonce=1de24308-4be4-4eab-a024-65a5724caa28

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=758a368e-1cd0-40fa-9c5b-f1783394a168&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3RDJGLjUyNDguMDA2NS42NjQyIiwiZXhwIjoxNTMwODIwMDAyLCJpYXQiOjE1MzA4MTY0MDIsIm5vbmNlIjoiMWRlMjQzMDgtNGJlNC00ZWFiLWEwMjQtNjVhNTcyNGNhYTI4IiwiYXV0aF90aW1lIjoxNTMwODE2NDAxLCJjX2hhc2giOiJyQWdQRWJhMXNFSDMzNms0LW5PRFR3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiQkUxUTdXb3NBUHVnNUZpbnJpQ1hYVlp3MHgyOUZOazJ4RU9WSFVpM2h4USJ9.fRoDn25mIt5r7ISQkPj3hDxiV7h-3HnRoXq-AWSh_zh8eiHvkb6ei68ywtUVQ7JbVJYpzZvKi9CRxnWRvxMMyM_UyH4efnF9H7PUrZLIXllnhT_1euswBDjDjZIaWMy21EmzvwKArq00sB_Vx-k2npsifUNInr57B1dwouf2F8LGGQKCURrY9z7M_6-W8UeeTUO9MArfVM8lzXjFzX-5r0RrO2wDDNVfVxXYujhwMeKRVLXaODNyruGiweQhr5LN-1CVQLmvm4J011atgbrE9bCoToHoL7eHGqB_EzjIlboFptGIiKdtwAgsZAtuE03CFfpPUT0ope5ctT0L_NLesw&session_id=340e16af-7107-4120-a36e-bc563bf26411&state=d508b660-0313-4188-b27e-a5974963eac0&session_state=8ce17491-3f4a-4e05-a989-f399d7c9317d

#######################################################
TEST: queryResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4B52.35C0.1C7B.6C14",
    "client_secret": "4082a0fe-4103-4e9e-bff1-e508d6adf5e5",
    "registration_access_token": "6b992068-b287-4269-ba41-db7b1178cc4b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4B52.35C0.1C7B.6C14",
    "client_id_issued_at": 1530816402,
    "client_secret_expires_at": 1530902802,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214B52.35C0.1C7B.6C14&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=34165379-d7e4-4504-83df-155d452efe32&response_mode=query&nonce=af6ef1cf-9f57-4905-a84f-6663c26991e6
14:47:03.677 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3cd33d99-4037-4e53-b862-9ded503b48e3
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214B52.35C0.1C7B.6C14&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=34165379-d7e4-4504-83df-155d452efe32&response_mode=query&nonce=af6ef1cf-9f57-4905-a84f-6663c26991e6

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=df2d4618-45bf-461c-bc03-85d43824684a&code=e3ecf875-06a0-4ba0-bbff-a2c31497f962&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0QjUyLjM1QzAuMUM3Qi42QzE0IiwiZXhwIjoxNTMwODIwMDAzLCJpYXQiOjE1MzA4MTY0MDMsIm5vbmNlIjoiYWY2ZWYxY2YtOWY1Ny00OTA1LWE4NGYtNjY2M2MyNjk5MWU2IiwiYXV0aF90aW1lIjoxNTMwODE2NDAzLCJjX2hhc2giOiIxOUN5eWQ5Q1h5VHpsUjVYbEY0Y053IiwiYXRfaGFzaCI6ImJRMi1hODBwX3EteVkyVUE4T2F2aGciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiI0THpxVHpFdmN0OWhIb19RQjFPLWlRNk1JX0RjTlp1NUNVNTlsQUUyUl9VIn0.JcDtxKDAmRZlqIegsapmDl4yGPbKvhmAcBYuVoIrOnu1IRdSRNnjs63Mujmo3T5QJ-yoxMAmfC6sezow-mOUEWQk3uVzedoGeNIaUjQRHmO34Usm8IT6E5wSJ8ZkVeZtsTi8WgyVoReUBOpaV8T1pMvwbL_aMduZ6SGop4DayWpVJpK2aQ51-TE_vDkGHXwg5Bm44eWUR0WRKc1mN6BgzgJN-DX-HWvuL9rG208MkPgSrQFK1kKEiGjyZ-W2O9gkc3gG7V8wSGy3ApDj0-_VPVafR0HB8s1RA0iXCMaz9TdMv13rx2owj8WllMvE1JPJhADC-83Fxo7L1PrqcrKjQg&session_id=814a6d88-a420-4063-b076-0dda3d04a203&state=34165379-d7e4-4504-83df-155d452efe32&token_type=bearer&session_state=3cd33d99-4037-4e53-b862-9ded503b48e3&expires_in=299

#######################################################
TEST: queryResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:43 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61C1.8CBB.BD18.6186",
    "client_secret": "7862031e-90af-43c5-9ed8-626129df40e7",
    "registration_access_token": "be497f32-2f9b-4e24-8b41-1f2af012eb89",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61C1.8CBB.BD18.6186",
    "client_id_issued_at": 1530816403,
    "client_secret_expires_at": 1530902803,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2161C1.8CBB.BD18.6186&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2fbc8edc-e5d0-4146-a4c6-6cd9b71efe6f&response_mode=query&nonce=f9bcd1ad-2b49-4e19-b562-1afaad5cb54c
14:47:04.824 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:57581008-172c-444f-8b8c-b2ca807cc410
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2161C1.8CBB.BD18.6186&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2fbc8edc-e5d0-4146-a4c6-6cd9b71efe6f&response_mode=query&nonce=f9bcd1ad-2b49-4e19-b562-1afaad5cb54c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=7c0b9e60-a4d6-4dad-801d-7fb8156483d5&code=469b8aca-4f5c-4f20-a0f1-e90f1ff00850&scope=address+openid+profile+email&session_id=3fbac0f6-f3bf-4492-9f89-764aa3aa5f17&state=2fbc8edc-e5d0-4146-a4c6-6cd9b71efe6f&token_type=bearer&session_state=57581008-172c-444f-8b8c-b2ca807cc410&expires_in=299

#######################################################
TEST: queryResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4633.71CE.7831.088C",
    "client_secret": "b9dc4fa0-f8b7-4bad-8caa-76bbca8cd557",
    "registration_access_token": "d7e6b2fc-7302-4ae9-8858-9016b1def259",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4633.71CE.7831.088C",
    "client_id_issued_at": 1530816404,
    "client_secret_expires_at": 1530902804,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214633.71CE.7831.088C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=af662dca-d2dc-431e-ad28-7dbe36651a55&response_mode=query&nonce=3f80dfe7-65de-4eb5-964a-c4eb969bcb7f
14:47:06.073 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:91901cab-838c-4404-91aa-5a869af712c1
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214633.71CE.7831.088C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=af662dca-d2dc-431e-ad28-7dbe36651a55&response_mode=query&nonce=3f80dfe7-65de-4eb5-964a-c4eb969bcb7f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0NjMzLjcxQ0UuNzgzMS4wODhDIiwiZXhwIjoxNTMwODIwMDA1LCJpYXQiOjE1MzA4MTY0MDUsIm5vbmNlIjoiM2Y4MGRmZTctNjVkZS00ZWI1LTk2NGEtYzRlYjk2OWJjYjdmIiwiYXV0aF90aW1lIjoxNTMwODE2NDA1LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJZYU85cGo4S1lFWTFpbHpfZ0VFOEtnTlpILUJHZTdYYjNQRktueDRSNE1JIn0.KEgA5kSI4sFKK0qv3g5mwT7806wpGkE6xZHwG1a7wrZ1wmmw0S9PpwzlYjzzUJh1k_e7I4az_1ezdBvLqndC79XwUdth4MCUu2F8AN5psC4O3ri_6lfpUjAuVdFuI7WUZI4t6OQ0ZeZODrYK0jDcz1nkzV0ZsCGCVZDyBbH0-51ClAmojZmaxTn3tYlvlJihgjRb3-QSWno-Y3tR7BhJngYJxEntQtsWFUawoGqy3_RdZ_UUAlwaXRYco_GXPuV1_cSbtZrme1rvgfPcKBt9XnYcHmfG7xgT3LjJGjb9wcvg-10mfz70Le47V2rdSl5Ll_-ezOLuC0uACdyFatVEsw&session_id=7d72c885-916e-47ba-bcb3-ff29911a22ac&state=af662dca-d2dc-431e-ad28-7dbe36651a55&session_state=91901cab-838c-4404-91aa-5a869af712c1

#######################################################
TEST: queryResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!890A.E82B.EC0D.5E8B",
    "client_secret": "feaa17eb-bacf-4cd7-8ff0-ff3850ba6206",
    "registration_access_token": "0f3404ac-1627-40d4-a5d1-a877f6830fb8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!890A.E82B.EC0D.5E8B",
    "client_id_issued_at": 1530816405,
    "client_secret_expires_at": 1530902805,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21890A.E82B.EC0D.5E8B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8974b867-36cf-4269-a729-7fcff4c74abb&response_mode=query&nonce=96989f47-aff7-4d0e-8eee-e226df698e52
14:47:07.255 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:6cdab0d2-7439-4667-b2d3-9ee9f941f8a1
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21890A.E82B.EC0D.5E8B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8974b867-36cf-4269-a729-7fcff4c74abb&response_mode=query&nonce=96989f47-aff7-4d0e-8eee-e226df698e52

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=93e9aaed-f1f0-4486-981b-efaeaaf5b0f3&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4OTBBLkU4MkIuRUMwRC41RThCIiwiZXhwIjoxNTMwODIwMDA2LCJpYXQiOjE1MzA4MTY0MDYsIm5vbmNlIjoiOTY5ODlmNDctYWZmNy00ZDBlLThlZWUtZTIyNmRmNjk4ZTUyIiwiYXV0aF90aW1lIjoxNTMwODE2NDA2LCJhdF9oYXNoIjoiZy05dkNBckpHM3IyRk5VekFoSkU4QSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImtHekFGQzNDdGx2bEczN3lSNXNVTl9DTjh6NGkwN3AyR3hsZkhtNEZORE0ifQ.I2olK9Wu1GXZ8ApT1FePzm2aeKRUUCpfoRDUVHNhWaxTB_nV0gx0R6viZqEQ3v0b9_h_DGevKHgKKI5zDbWKYt_KXFbvOkVvkVzqDDZSlkIJ7G_JAOj08uI0e7tM4SjEbko65XAtsRaLnY-HmZ8EQWxLeuKuaLKu0KOsxOGMZjpnni2GoMVUj5zQaDPNhrd2C-5m9RIuR_W1MpdZ-4DObj630Iknt7aLo0CVxIsokHpAaef1bTp5Wv0l6fn5If5b6DKBrSGnJa4FzAmZ1WXdIky6QQYEfuA51m8thdlzyxC528I6hNMssdCq8uBw6dIiFQ8Cbqu8PxqOmgtZtb6MhQ&session_id=8b0374f5-216a-498b-bd34-9554b83a8d9f&state=8974b867-36cf-4269-a729-7fcff4c74abb&token_type=bearer&session_state=6cdab0d2-7439-4667-b2d3-9ee9f941f8a1&expires_in=299

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:46:47 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:47 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: requestAuthorizationAccessToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CC59.9B57.5A9F.E135",
    "client_secret": "dc8d55a9-26fa-42d8-a24a-c8d2c81ef22d",
    "registration_access_token": "1402af1f-ac1a-4be4-9a97-1e4ccce20c7c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CC59.9B57.5A9F.E135",
    "client_id_issued_at": 1530816407,
    "client_secret_expires_at": 1530902807,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 1402af1f-ac1a-4be4-9a97-1e4ccce20c7c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CC59.9B57.5A9F.E135",
    "client_secret": "dc8d55a9-26fa-42d8-a24a-c8d2c81ef22d",
    "registration_access_token": "1402af1f-ac1a-4be4-9a97-1e4ccce20c7c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CC59.9B57.5A9F.E135",
    "client_id_issued_at": 1530816407,
    "client_secret_expires_at": 1530902807,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CC59.9B57.5A9F.E135&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f7a972b1-4042-4035-b767-f87367998724&nonce=30187cad-2460-4d7a-89b3-8e2ed54bf6a0
14:47:08.643 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e5ccf8c7-d18a-4a7c-b6b5-6fcfa0ce1191
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CC59.9B57.5A9F.E135&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f7a972b1-4042-4035-b767-f87367998724&nonce=30187cad-2460-4d7a-89b3-8e2ed54bf6a0

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=de36148b-a908-48dc-a034-a702e8c59c89&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDQzU5LjlCNTcuNUE5Ri5FMTM1IiwiZXhwIjoxNTMwODIwMDA4LCJpYXQiOjE1MzA4MTY0MDgsIm5vbmNlIjoiMzAxODdjYWQtMjQ2MC00ZDdhLTg5YjMtOGUyZWQ1NGJmNmEwIiwiYXV0aF90aW1lIjoxNTMwODE2NDA4LCJhdF9oYXNoIjoiamNIQURHNTZPcWZLVkhrMDJuNmJkdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkNXSHMzeE5nYm5ER1dmSm1kSnpTUXZPd3ZoUV9Cbzhlem9WV2ZPeUhkSVkifQ.W64jag6oJuqqkZ-_yeGZAQNBxSAqcThn-e0y5jLBf2Pj3ICbzILvxAgoJstxptSx9fnuKueh4aVyFva3v46xTERUpDTiJAjkf2bYDzNGSoJDpXba1_vwhmiNwcTatZR_f-Ro4HC9RDWZPzXyV_5omKBPnESEu681LZfIWZL7f7lznq-1NueGChddrnx0XjtKbQ_iAcOjx_MKg4FXkS5WpmDkakra7-xw3yeNUGIDC3K9ZUWcWk-YRpxd483O4wwgZZ6P30qkAwJKyAwVzs4A7tKj4uNkE-ZNjufHbyAbGWrgePxK3-RZ2sjhzFu7EHJMzb8lcQnHnYsTennKLNBb8g&session_id=1cfb67d3-036c-48ca-849d-df55cf40692d&state=f7a972b1-4042-4035-b767-f87367998724&token_type=bearer&session_state=e5ccf8c7-d18a-4a7c-b6b5-6fcfa0ce1191&expires_in=299

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CC59.9B57.5A9F.E135&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=329cf212-2732-449f-9883-9ac427701991&nonce=a436e042-7f47-4f8d-a804-696e650b0c4f&prompt=none&access_token=de36148b-a908-48dc-a034-a702e8c59c89

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:46:48 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=55df6935-6a7d-4c70-83f0-78ae414a36c5&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDQzU5LjlCNTcuNUE5Ri5FMTM1IiwiZXhwIjoxNTMwODIwMDA4LCJpYXQiOjE1MzA4MTY0MDgsIm5vbmNlIjoiYTQzNmUwNDItN2Y0Ny00ZjhkLWE4MDQtNjk2ZTY1MGIwYzRmIiwiYXV0aF90aW1lIjoxNTMwODE2NDA4LCJjX2hhc2giOiI0SmQ0aFM1blB1ZWc1QldRQ0E0Tk1RIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiQ1dIczN4TmdibkRHV2ZKbWRKelNRdk93dmhRX0JvOGV6b1ZXZk95SGRJWSJ9.khAnq2vtCzR-KIOaCqDGVD3yHvtyrhlP5RS4poXBW_T8fpZ-2BJGkjmCAOzVGHQeHyvDyxuvdUBxpyRMx7gihYmYvnewAxeETBQFcJmukjRccHoW87JE6H7v1Zvltj7vyqnncyKbg_sgtdpCXheVEAXe7gnznyvB-jaH7780aqcJJE5k6lJuRp5QQj12oyP3pu90n-LUtIdgw9h90Bw7stua3prnlnlV7YftEgL42RTn3NSc3L5gcjULXAeNhsWY4UajbLOn_-cmJpT4VXBrtlPSTyH2J6zeHi9STi51jFvqJrAoHuQhS0GXiADLP_poZz62aAwEPSXaZn1VfenG2w&session_id=e3b1f91f-f9f9-4f06-a41c-a1baf97f53a3&state=329cf212-2732-449f-9883-9ac427701991&session_state=507a685f-339e-430d-9c36-055c82335c8f
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQ0M1OS45QjU3LjVBOUYuRTEzNTpkYzhkNTVhOS0yNmZhLTQyZDgtYTI0YS1jOGQyYzgxZWYyMmQ=

grant_type=authorization_code&code=55df6935-6a7d-4c70-83f0-78ae414a36c5&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"f57d6101-7b0c-4f53-ac9c-173860e95ff8","token_type":"bearer","expires_in":299,"refresh_token":"f0d64938-e080-4660-8bd6-76f63b33d8d2","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDQzU5LjlCNTcuNUE5Ri5FMTM1IiwiZXhwIjoxNTMwODIwMDA4LCJpYXQiOjE1MzA4MTY0MDgsIm5vbmNlIjoiYTQzNmUwNDItN2Y0Ny00ZjhkLWE4MDQtNjk2ZTY1MGIwYzRmIiwiYXV0aF90aW1lIjoxNTMwODE2NDA4LCJhdF9oYXNoIjoiNEgyZ0twM3JCVkRxZm1KQUgyWDA4ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkNXSHMzeE5nYm5ER1dmSm1kSnpTUXZPd3ZoUV9Cbzhlem9WV2ZPeUhkSVkifQ.fpAl9Qn0KRIG7k-FZxxmbLuQI28EomY6sxclUwal7Hm8MWRn-82UgEjCha1mw9Psp-3y1lzYuh8uV6xax8kwWKmQmn_GR-Cpg7CTlsTMBYgpNiyPdO5qdj5oNt8-O32ZD4-3TfCEPTDkgqHpQtqf_2oT3nVBihrbCQrIktU0610Q6sBZQxrWujyokYtioxSR3z2gwVvq161Q0s1_gjdOS4jMBPXLlLW0lFY9vwvsCeSpEY1kDhUfMLaoxUvXkw8Gtf8s3a37FMjA_Ou5vq0o8yHGMCvv0T3L1aNnaLykDJ5efEkS4j1AVYAundwnEwbXwBt1C5JvNKr_q_VpTQk4YQ"}

#######################################################
TEST: requestAuthorizationAccessTokenFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4B41.3FFB.DBF6.39D7",
    "client_secret": "d5e2703f-eaf7-47a1-9eb5-b1f49daffd30",
    "registration_access_token": "80cb574d-9b3b-465d-82c9-e304b9d32ec4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4B41.3FFB.DBF6.39D7",
    "client_id_issued_at": 1530816408,
    "client_secret_expires_at": 1530902808,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 80cb574d-9b3b-465d-82c9-e304b9d32ec4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4B41.3FFB.DBF6.39D7",
    "client_secret": "d5e2703f-eaf7-47a1-9eb5-b1f49daffd30",
    "registration_access_token": "80cb574d-9b3b-465d-82c9-e304b9d32ec4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4B41.3FFB.DBF6.39D7",
    "client_id_issued_at": 1530816408,
    "client_secret_expires_at": 1530902808,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214B41.3FFB.DBF6.39D7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c332fe59-fab9-4492-87bf-00248d7da902&prompt=none&access_token=INVALID_ACCESS_TOKEN

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:46:48 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=c332fe59-fab9-4492-87bf-00248d7da902&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationAccessTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9C94.404A.E6A6.7977",
    "client_secret": "3562798c-9be3-4ae4-b0d5-8524ab44005d",
    "registration_access_token": "2373d015-e5f0-4ddb-b118-ff7d0741ca93",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9C94.404A.E6A6.7977",
    "client_id_issued_at": 1530816408,
    "client_secret_expires_at": 1530902808,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 2373d015-e5f0-4ddb-b118-ff7d0741ca93

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9C94.404A.E6A6.7977",
    "client_secret": "3562798c-9be3-4ae4-b0d5-8524ab44005d",
    "registration_access_token": "2373d015-e5f0-4ddb-b118-ff7d0741ca93",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9C94.404A.E6A6.7977",
    "client_id_issued_at": 1530816408,
    "client_secret_expires_at": 1530902808,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219C94.404A.E6A6.7977&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ec904732-357b-4ec4-9103-c148350f566a&nonce=bc016a5b-e108-476c-910c-01b7de1b8fe0
14:47:10.391 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:7de3c67d-8c6a-4f6c-b126-6f4215456459
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219C94.404A.E6A6.7977&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ec904732-357b-4ec4-9103-c148350f566a&nonce=bc016a5b-e108-476c-910c-01b7de1b8fe0

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=49aa88cb-a3c2-4fd9-a502-f120b2c1003a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5Qzk0LjQwNEEuRTZBNi43OTc3IiwiZXhwIjoxNTMwODIwMDEwLCJpYXQiOjE1MzA4MTY0MTAsIm5vbmNlIjoiYmMwMTZhNWItZTEwOC00NzZjLTkxMGMtMDFiN2RlMWI4ZmUwIiwiYXV0aF90aW1lIjoxNTMwODE2NDA5LCJhdF9oYXNoIjoidUVHVUZDcDVDOWN2OUh1VmFNYTRRZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImVIek0tblRFOUZXUFBYWlh3cGRHR3M5bUhCVW95MENocUxPYUVCVTdHaGsifQ.I8sZKOMrSnDC9aPx4dVz8h7U74w4sirIhlIJxJQgRjobnmEcF-qf1c7O2rBmbKNipus3dThFj3yWNkvEK03hmCwT3FCntWilf-loBLojK4Sz_kVYmElj50gFiIzIgx-2Quyy89hY1iRvOa5pbPFnqQTDfhl3fMvYKSREZo0cBiZDXrq36lQg2wOVji7D89nxqzlHhXglj8UmwY_qQVt7C-2BENBMYbVIedtswdxtW8zZt57Wa86dbE1nLtMGAoT8YO_5h_mL_1ylpUzVuqDxQ49pezyzs7gwmnHxIIDrkLn2XqeoZg5-AN6nywZvy1YRYSr1uZ9qgm1wbb4G5VB-jw&session_id=df57ba91-0b7d-4ad2-9c60-d4dcd0ee3795&state=ec904732-357b-4ec4-9103-c148350f566a&token_type=bearer&session_state=7de3c67d-8c6a-4f6c-b126-6f4215456459&expires_in=299

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219C94.404A.E6A6.7977&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a6de2497-2fdd-43f8-b11f-3f78c9d4fa7f&nonce=2572fb4c-0254-4b57-bbc6-c47a1c89d66f&prompt=none&access_token=49aa88cb-a3c2-4fd9-a502-f120b2c1003a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:46:50 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=4dbe3bb9-8523-46bd-9780-551b3b351267&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5Qzk0LjQwNEEuRTZBNi43OTc3IiwiZXhwIjoxNTMwODIwMDEwLCJpYXQiOjE1MzA4MTY0MTAsIm5vbmNlIjoiMjU3MmZiNGMtMDI1NC00YjU3LWJiYzYtYzQ3YTFjODlkNjZmIiwiYXV0aF90aW1lIjoxNTMwODE2NDEwLCJjX2hhc2giOiJnQ0FmV0k3N2hacTJsNVRWZlFhaEFnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiZUh6TS1uVEU5RldQUFhaWHdwZEdHczltSEJVb3kwQ2hxTE9hRUJVN0doayJ9.ERxj2IS7LggZa-OCrb91Nv4KjYtXnTmcUH2us6jC_pr1L3R2YI_zPxCv0TM48ccv4_ADAvZf0R2rRkj6VirA3m8ss8-dknWaHTU6OHYqDCbSYnkQWazHoIMFHayQ66bHXNdSdPJkhDJuIgQaTEwJKq9HNMafG7D4I3nieWU-sRlXO-A5nf4EyAnvBkU_dbdeF4WmT2EN5PVWTLmSNzd-1IMaw0LMxlFssBe944QJNESX7sZfVc9ZXZ9N9quTjvH1UetBQpcc8pjgDM8OzO_Vmx-t_onXu0z4ZotbZaX4dp0C9gfp1VaqACDDc9QZp4e2Dz0_clh08Dpcl24JBgJRmQ&session_id=f040afb9-0021-4e61-859d-ce530a157551&state=a6de2497-2fdd-43f8-b11f-3f78c9d4fa7f&session_state=f38f9910-9e8d-4e93-b08b-728c2c8811a9
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOUM5NC40MDRBLkU2QTYuNzk3NzozNTYyNzk4Yy05YmUzLTRhZTQtYjBkNS04NTI0YWI0NDAwNWQ=

grant_type=authorization_code&code=4dbe3bb9-8523-46bd-9780-551b3b351267&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"89561ac9-8bbe-449b-89af-bdbb91d315a8","token_type":"bearer","expires_in":299,"refresh_token":"59ffb44d-46c2-4212-8f9b-a6f49dfc267d","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5Qzk0LjQwNEEuRTZBNi43OTc3IiwiZXhwIjoxNTMwODIwMDEwLCJpYXQiOjE1MzA4MTY0MTAsIm5vbmNlIjoiMjU3MmZiNGMtMDI1NC00YjU3LWJiYzYtYzQ3YTFjODlkNjZmIiwiYXV0aF90aW1lIjoxNTMwODE2NDEwLCJhdF9oYXNoIjoia1Jaa1lHa3BxTTd2Nl9CMHZIYWx0ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImVIek0tblRFOUZXUFBYWlh3cGRHR3M5bUhCVW95MENocUxPYUVCVTdHaGsifQ.VnC_QnP9h5NfFc82-mk3oj4roQqDJbJDU5cz3VVewRd_WrvSTh7yreg1Yd2o0caf4dwA9_IjmisUpjakuVZk784oavaGEqewsT9_teRFI-2En2DY4Ww8IzWzdYhQ5ccxsZnnwi0RGr-lLXPgvJK_hoXR81oTT3iwJH9cc6p0gch46Z6v-xipu-L-pkGcLcy17pXdmvjbN51fMFZcm8EzH3_3hN5mLxzv9yM22buBVWoWteIM3h4ikbR96OBHE8fAP8LL61k7lQje9PTn1WNQaVOGt85FF4Ae0md8lP7JgIa3jSDce_8-Iq4xy15m1HfsMrfKvdY8e922P5LsXbTV6Q"}

#######################################################
TEST: requestAuthorizationCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ECC5.DFDC.FD86.A934",
    "client_secret": "f988af40-ce98-4f87-99a6-e798e0b8413b",
    "registration_access_token": "10c50bb3-c747-46e2-96e0-472cd862cb86",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ECC5.DFDC.FD86.A934",
    "client_id_issued_at": 1530816410,
    "client_secret_expires_at": 1530902810,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 10c50bb3-c747-46e2-96e0-472cd862cb86

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ECC5.DFDC.FD86.A934",
    "client_secret": "f988af40-ce98-4f87-99a6-e798e0b8413b",
    "registration_access_token": "10c50bb3-c747-46e2-96e0-472cd862cb86",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ECC5.DFDC.FD86.A934",
    "client_id_issued_at": 1530816410,
    "client_secret_expires_at": 1530902810,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ECC5.DFDC.FD86.A934&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=42c05134-447d-4311-be48-df1f7393788d
14:47:11.874 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:6f01ef0a-46ce-40ff-881b-662a8234457c
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ECC5.DFDC.FD86.A934&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=42c05134-447d-4311-be48-df1f7393788d

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=b6054b70-1fd0-480f-87a0-9d7073a68a4a&scope=address+openid+profile+email&session_id=54045296-c6d8-483a-869a-c48b52ce432f&state=42c05134-447d-4311-be48-df1f7393788d&session_state=6f01ef0a-46ce-40ff-881b-662a8234457c

#######################################################
TEST: requestAuthorizationCodeFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 175
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:46:51 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed."}

#######################################################
TEST: requestAuthorizationCodeFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DE5F.97F6.20FC.9534",
    "client_secret": "ab0e3bf9-6c19-486c-81bc-1eb0456ee160",
    "registration_access_token": "fe07b175-2cf2-4986-86bb-66e981f397b1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DE5F.97F6.20FC.9534",
    "client_id_issued_at": 1530816411,
    "client_secret_expires_at": 1530902811,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer fe07b175-2cf2-4986-86bb-66e981f397b1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DE5F.97F6.20FC.9534",
    "client_secret": "ab0e3bf9-6c19-486c-81bc-1eb0456ee160",
    "registration_access_token": "fe07b175-2cf2-4986-86bb-66e981f397b1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DE5F.97F6.20FC.9534",
    "client_id_issued_at": 1530816411,
    "client_secret_expires_at": 1530902811,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DE5F.97F6.20FC.9534&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2FINVALID_REDIRECT_URI&state=f12730c7-d728-4a44-bc10-cda37644072a&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 220
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:46:51 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"f12730c7-d728-4a44-bc10-cda37644072a"}

#######################################################
TEST: requestAuthorizationCodeFail3
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code&client_id=%40%211111%210008%21INVALID_VALUE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=540fac06-2a09-4424-bec0-eafd4832f90a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 175
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:46:51 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"unauthorized_client","error_description":"The client is not authorized to request an access token using this method.","state":"540fac06-2a09-4424-bec0-eafd4832f90a"}

#######################################################
TEST: requestAuthorizationCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!90E7.ED96.8F82.238E",
    "client_secret": "65e90a1c-94f3-40b0-ac1d-aef48b49ca84",
    "registration_access_token": "86cfb767-7d66-4f4d-b281-e31c9ea634db",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!90E7.ED96.8F82.238E",
    "client_id_issued_at": 1530816412,
    "client_secret_expires_at": 1530902812,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 86cfb767-7d66-4f4d-b281-e31c9ea634db

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!90E7.ED96.8F82.238E",
    "client_secret": "65e90a1c-94f3-40b0-ac1d-aef48b49ca84",
    "registration_access_token": "86cfb767-7d66-4f4d-b281-e31c9ea634db",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!90E7.ED96.8F82.238E",
    "client_id_issued_at": 1530816412,
    "client_secret_expires_at": 1530902812,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2190E7.ED96.8F82.238E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dd8e777d-69fc-4d55-94ce-1f1dffbf54c6&nonce=289d5306-fb9a-4209-a56d-883831f0d6a7
14:47:13.579 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f01ccfcf-c5eb-4329-a448-8462478bc1dc
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2190E7.ED96.8F82.238E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dd8e777d-69fc-4d55-94ce-1f1dffbf54c6&nonce=289d5306-fb9a-4209-a56d-883831f0d6a7

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=912ef446-1ce9-49ee-a3e2-ac6e0dd39710&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5MEU3LkVEOTYuOEY4Mi4yMzhFIiwiZXhwIjoxNTMwODIwMDEzLCJpYXQiOjE1MzA4MTY0MTMsIm5vbmNlIjoiMjg5ZDUzMDYtZmI5YS00MjA5LWE1NmQtODgzODMxZjBkNmE3IiwiYXV0aF90aW1lIjoxNTMwODE2NDEzLCJjX2hhc2giOiJZUU1rNUhsa2RvM3ZWMUFLQzY3YUVBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoicVNKMHFNZ2tvRFA3V0lPNGJDRHBrTDJqZnVtd3B5M0JRUUpmc1EycTY0ZyJ9.NY895gDzUEPQwDNRmlcDlnU6HvhtPZCj4klkn-lO5xS_kZaIr_I3wmMplQhdqt8WNrxYvrhRZ2rMvQ9WrGYR-FgU1xmbjr63vdQx7XEYehQ1GDhhKSoQgx4MO6Uj0T4HWSCcRp0Gpum_qkaclUQneS6oLtXC1IyKkOgue7ENr8vdCOlUdha85d58-Gi9qlJp_cSOAZP4hwPKo7Gap5MUqNoi7NMs0DR4L8gX4A30Jsueo8golyWjBSVibwwyMM7d98OXMsg0bEptDAnsWStS1GHSvAEvwJHAgJUX3xjH4mjx_NFIbFSWpIqGJJgtoFwtiiRwD4P80FzlRtvBoiBj2w&session_id=a18745bb-136c-419b-83d5-38a0478a2d85&state=dd8e777d-69fc-4d55-94ce-1f1dffbf54c6&session_state=f01ccfcf-c5eb-4329-a448-8462478bc1dc

#######################################################
TEST: requestAuthorizationCodeIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B990.70FC.9063.4CF9",
    "client_secret": "5cffc121-4059-440e-b45e-e9dbdb52b075",
    "registration_access_token": "7752573f-3cb8-4581-bf6a-4b095001ec1c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B990.70FC.9063.4CF9",
    "client_id_issued_at": 1530816413,
    "client_secret_expires_at": 1530902813,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 7752573f-3cb8-4581-bf6a-4b095001ec1c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B990.70FC.9063.4CF9",
    "client_secret": "5cffc121-4059-440e-b45e-e9dbdb52b075",
    "registration_access_token": "7752573f-3cb8-4581-bf6a-4b095001ec1c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B990.70FC.9063.4CF9",
    "client_id_issued_at": 1530816413,
    "client_secret_expires_at": 1530902813,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B990.70FC.9063.4CF9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e9188fed-4b93-4ae2-958d-db9dfd845d41&nonce=14e21c6c-de60-48c7-aab3-f37d1dd90cf7
14:47:14.935 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:761446ec-0d59-4942-95fc-b2545ae7124e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B990.70FC.9063.4CF9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e9188fed-4b93-4ae2-958d-db9dfd845d41&nonce=14e21c6c-de60-48c7-aab3-f37d1dd90cf7

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=f38048ab-643c-4003-af36-bb0dabf9b175&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCOTkwLjcwRkMuOTA2My40Q0Y5IiwiZXhwIjoxNTMwODIwMDE0LCJpYXQiOjE1MzA4MTY0MTQsIm5vbmNlIjoiMTRlMjFjNmMtZGU2MC00OGM3LWFhYjMtZjM3ZDFkZDkwY2Y3IiwiYXV0aF90aW1lIjoxNTMwODE2NDE0LCJjX2hhc2giOiJUSGJlQTVHbnhxdF9YN2d1dEw5MFdBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiRjFkOFJrUnRTalYySml6WTFReE9JSkhqWEtuOHAxY3BwemVXcEROMmJqdyJ9.fKCvyCChiY_aE6J--XHSjB3ES7aXVYSLC_xLqqmL4DReSfmH2FqugduKQusPQ-w3TgQacund2bV5DHOM-k-2VzwKossH9b3e76XGeebm7cA6z-GdCAKbqt-r9RWJd331HZWQE_c5-vuWHzB1DCgbosP9Jq3aNecmpLcNgAOpGXM_FYqyAfSLysqV3wU7ocvgOo_XRZGnWaF5DVRg-AsRWB9P-4KLEqBs7x-YkfxyUKUjNY6Ddm6YakW5UTRHJXIkTCRGM8aaCRKpMmrPO2ANvK7102iAr7hSzQv0wgnHqVKeRP-jDjFzPemQgimu5_Y5nkRj8hihEMZlSvNH5OE8GA&session_id=99bdc3eb-a00a-45ab-92e6-1673d1f94dfe&state=e9188fed-4b93-4ae2-958d-db9dfd845d41&session_state=761446ec-0d59-4942-95fc-b2545ae7124e

#######################################################
TEST: requestAuthorizationCodeNoRedirection
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7D96.BA85.7E50.B9FB",
    "client_secret": "81cb3186-c187-4807-b62e-5e04cc8abcfc",
    "registration_access_token": "838041b1-19cd-4587-904a-fc4c7522b1fe",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7D96.BA85.7E50.B9FB",
    "client_id_issued_at": 1530816414,
    "client_secret_expires_at": 1530902814,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 838041b1-19cd-4587-904a-fc4c7522b1fe

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7D96.BA85.7E50.B9FB",
    "client_secret": "81cb3186-c187-4807-b62e-5e04cc8abcfc",
    "registration_access_token": "838041b1-19cd-4587-904a-fc4c7522b1fe",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7D96.BA85.7E50.B9FB",
    "client_id_issued_at": 1530816414,
    "client_secret_expires_at": 1530902814,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217D96.BA85.7E50.B9FB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=306403f2-331a-4590-84e8-d39024b7632c
14:47:16.215 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e72916d8-e739-4841-ba02-b5b6844b77f7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217D96.BA85.7E50.B9FB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=306403f2-331a-4590-84e8-d39024b7632c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=4c892be1-a0d7-4b3f-8435-fe136888868c&scope=address+openid+profile+email&session_id=7cfd96e7-cc13-4258-a957-1046953ef045&state=306403f2-331a-4590-84e8-d39024b7632c&session_state=e72916d8-e739-4841-ba02-b5b6844b77f7

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
X-Gluu-NoRedirect: true

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217D96.BA85.7E50.B9FB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=306403f2-331a-4590-84e8-d39024b7632c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------


#######################################################
TEST: requestAuthorizationCodeUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0196.942C.67DC.952E",
    "client_secret": "fb048ae5-bdb7-4aec-8c95-e5ba3b23bc9b",
    "registration_access_token": "262156b3-e30b-4a77-8921-f72e0f79e047",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0196.942C.67DC.952E",
    "client_id_issued_at": 1530816416,
    "client_secret_expires_at": 1530902816,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 262156b3-e30b-4a77-8921-f72e0f79e047

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0196.942C.67DC.952E",
    "client_secret": "fb048ae5-bdb7-4aec-8c95-e5ba3b23bc9b",
    "registration_access_token": "262156b3-e30b-4a77-8921-f72e0f79e047",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0196.942C.67DC.952E",
    "client_id_issued_at": 1530816416,
    "client_secret_expires_at": 1530902816,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210196.942C.67DC.952E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=57584b2c-e8d8-4f6f-a27e-1fdf0c6c8196
14:47:17.531 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:8aba2c35-db1d-498a-9ebf-c1f6c45837ad
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210196.942C.67DC.952E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=57584b2c-e8d8-4f6f-a27e-1fdf0c6c8196

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=7eb0f01e-76ca-427a-8a2d-442523956d22&scope=address+openid+profile+email&session_id=d8023709-1abe-4d40-9896-e2cfd5c63055&state=57584b2c-e8d8-4f6f-a27e-1fdf0c6c8196&session_state=8aba2c35-db1d-498a-9ebf-c1f6c45837ad

#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUri
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "application_type": "web",
    "client_name": "oxAuth test app"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1082
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CEFD.58A8.3D0F.B4AF",
    "client_secret": "539e64ca-be9b-480c-9bcd-bac7261347a4",
    "registration_access_token": "71a30361-4760-4044-b1f0-6a3bc6ef772a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CEFD.58A8.3D0F.B4AF",
    "client_id_issued_at": 1530816417,
    "client_secret_expires_at": 1530902817,
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CEFD.58A8.3D0F.B4AF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b6d26855-26e6-4036-8f66-19e59d19db52
14:47:18.604 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:8b9ee114-10f5-4645-9d3b-7e1a0090ed6f
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CEFD.58A8.3D0F.B4AF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b6d26855-26e6-4036-8f66-19e59d19db52

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=e01f21c0-8e42-4b77-a200-53428e622e35&scope=address+openid+profile+email&session_id=aa74a813-019f-4ee4-b3a4-e476268411a6&state=b6d26855-26e6-4036-8f66-19e59d19db52&session_state=8b9ee114-10f5-4645-9d3b-7e1a0090ed6f

#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUriFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F23C.FA65.167B.9D39",
    "client_secret": "8586331f-1b35-47cc-8dd0-564b1fcd53d2",
    "registration_access_token": "634b45c2-2a81-417e-a2ae-9707a5f6778c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F23C.FA65.167B.9D39",
    "client_id_issued_at": 1530816418,
    "client_secret_expires_at": 1530902818,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F23C.FA65.167B.9D39&scope=openid+profile+address+email&state=e0b7d84e-5ad5-4bdf-8f5f-34ffc873ad14&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 220
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:46:58 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"e0b7d84e-5ad5-4bdf-8f5f-34ffc873ad14"}

#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUriUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1080
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F686.2264.E8D0.2B06",
    "client_secret": "19f4efe7-c35e-407d-b9e2-24870e9e01fe",
    "registration_access_token": "e699bbfd-5d9d-4d67-8ff4-2edee12395c2",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F686.2264.E8D0.2B06",
    "client_id_issued_at": 1530816418,
    "client_secret_expires_at": 1530902818,
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F686.2264.E8D0.2B06&scope=openid+profile+address+email&state=f0dff00f-a685-411d-a0d4-7717911e012c&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:46:58 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=8829c569-b44d-49d2-8f7e-351adafec80e&scope=address+openid+profile+email&session_id=cfc2523d-205e-4c2e-b3cc-710b539e1b54&state=f0dff00f-a685-411d-a0d4-7717911e012c&session_state=6c453c84-377f-4235-bde6-6830e25265cd
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationDenyAccessThenGrantAccess
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:46:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CA78.FA13.7BE1.20C2",
    "client_secret": "854bde55-5fdf-4938-8b14-e459d84ad277",
    "registration_access_token": "f947113d-0e6a-48bc-aeb5-23596dcb2952",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CA78.FA13.7BE1.20C2",
    "client_id_issued_at": 1530816418,
    "client_secret_expires_at": 1530902818,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CA78.FA13.7BE1.20C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=773bf449-ed71-45fc-8898-61de46190390
14:47:20.025 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndDenyAccess: sessionId:d6b78030-9958-4dff-b8e5-5ddb5fe14646
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CA78.FA13.7BE1.20C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=773bf449-ed71-45fc-8898-61de46190390

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=773bf449-ed71-45fc-8898-61de46190390

authorizationRequestAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CA78.FA13.7BE1.20C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=95a43259-5472-48c1-90e8-15b8a3a6e838&session_id=d6b78030-9958-4dff-b8e5-5ddb5fe14646
authorizationRequestAndDenyAccess: sessionState:null
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CA78.FA13.7BE1.20C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=95a43259-5472-48c1-90e8-15b8a3a6e838&session_id=d6b78030-9958-4dff-b8e5-5ddb5fe14646

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=95a43259-5472-48c1-90e8-15b8a3a6e838

authorizationRequestAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CA78.FA13.7BE1.20C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=001198ab-09fd-480d-abcf-208a67d8293c&session_id=d6b78030-9958-4dff-b8e5-5ddb5fe14646
authorizationRequestAndGrantAccess: sessionState:8a053702-f198-4aa7-b1e8-7ace35a5d3e1
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CA78.FA13.7BE1.20C2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=001198ab-09fd-480d-abcf-208a67d8293c&session_id=d6b78030-9958-4dff-b8e5-5ddb5fe14646

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=2ae6cbaf-3811-4e07-ab89-b708c2616c88&scope=address+openid+profile+email&session_id=d6b78030-9958-4dff-b8e5-5ddb5fe14646&state=001198ab-09fd-480d-abcf-208a67d8293c&session_state=8a053702-f198-4aa7-b1e8-7ace35a5d3e1

#######################################################
TEST: requestAuthorizationIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!108E.F200.C935.5F44",
    "client_secret": "4191ae35-ada6-4158-a671-d0b5368156d8",
    "registration_access_token": "52a14c40-2114-470e-9fc3-1381f8db1cc5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!108E.F200.C935.5F44",
    "client_id_issued_at": 1530816420,
    "client_secret_expires_at": 1530902820,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 52a14c40-2114-470e-9fc3-1381f8db1cc5

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!108E.F200.C935.5F44",
    "client_secret": "4191ae35-ada6-4158-a671-d0b5368156d8",
    "registration_access_token": "52a14c40-2114-470e-9fc3-1381f8db1cc5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!108E.F200.C935.5F44",
    "client_id_issued_at": 1530816420,
    "client_secret_expires_at": 1530902820,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21108E.F200.C935.5F44&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=565920b3-65f0-4477-b926-4334ffd2def2&nonce=6ec7611c-15fa-46af-aead-568846d3cea5
14:47:22.144 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:9b0e7993-6abb-4f39-9035-b66e6b670d17
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21108E.F200.C935.5F44&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=565920b3-65f0-4477-b926-4334ffd2def2&nonce=6ec7611c-15fa-46af-aead-568846d3cea5

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExMDhFLkYyMDAuQzkzNS41RjQ0IiwiZXhwIjoxNTMwODIwMDIyLCJpYXQiOjE1MzA4MTY0MjIsIm5vbmNlIjoiNmVjNzYxMWMtMTVmYS00NmFmLWFlYWQtNTY4ODQ2ZDNjZWE1IiwiYXV0aF90aW1lIjoxNTMwODE2NDIxLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJxSDJZWEl2bHhxRFRuT2ItY2F5cC1NYVFTNjFrV1VGS0Z4R2Q5Y1EtcnFRIn0.oSjwAsAAJat3Xoh4UYOhq9S9RopQXSN9nnhGdqoTuQ_qX6lbvVTCOJOrR7c4Nq61_bfYFaJVAMCzmViZSY9GOj_QdDJ7UrQf2CgoQo__tGnfIUICZsVC1XASZN-DlQ70CvMaROI3xl-4Kc0dyHLqWYM_nPsJlYyu-69VqqgqSE9R5bjW8-S8EcE_cnl7Dsj_xE6cScSl0f7_7QhrCXaKQtPQG0n9m5PKbxASDoBhGkhckTBYC9fvBppoGaR6GPAlH6uMgv_vxj6Nx1EpawEchzBnbsEHjLDj420KrayJUYrnCtGPhnUzMdF2y9hJFfgul5ztIloqkhC7t60DV4PfTg&session_id=8e2c8bd6-a4b4-4fb0-8e4f-1335be4f3e80&state=565920b3-65f0-4477-b926-4334ffd2def2&session_state=9b0e7993-6abb-4f39-9035-b66e6b670d17

#######################################################
TEST: requestAuthorizationIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FE57.39B0.52DE.F8DE",
    "client_secret": "fa91c795-ca8f-44ee-9529-f94e2cd49d08",
    "registration_access_token": "79ccbafc-07c1-45e4-96a6-f23196cb595c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FE57.39B0.52DE.F8DE",
    "client_id_issued_at": 1530816422,
    "client_secret_expires_at": 1530902822,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 79ccbafc-07c1-45e4-96a6-f23196cb595c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FE57.39B0.52DE.F8DE",
    "client_secret": "fa91c795-ca8f-44ee-9529-f94e2cd49d08",
    "registration_access_token": "79ccbafc-07c1-45e4-96a6-f23196cb595c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FE57.39B0.52DE.F8DE",
    "client_id_issued_at": 1530816422,
    "client_secret_expires_at": 1530902822,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FE57.39B0.52DE.F8DE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0c4dae48-9493-47ac-ae7e-dc59023d5373&nonce=3abc2cac-0cb7-4313-afd4-182b001c607a
14:47:23.592 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:9cd4202f-ea14-4c93-9d20-f01925167a07
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FE57.39B0.52DE.F8DE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0c4dae48-9493-47ac-ae7e-dc59023d5373&nonce=3abc2cac-0cb7-4313-afd4-182b001c607a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGRTU3LjM5QjAuNTJERS5GOERFIiwiZXhwIjoxNTMwODIwMDIzLCJpYXQiOjE1MzA4MTY0MjMsIm5vbmNlIjoiM2FiYzJjYWMtMGNiNy00MzEzLWFmZDQtMTgyYjAwMWM2MDdhIiwiYXV0aF90aW1lIjoxNTMwODE2NDIzLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJ2WF9RaTR2ZjU0OUp3R2VhNzZaY0toT3hJeVR3Z0Y0ZlJuUFNkblhLTmtnIn0.IrJJ8oN49m7myuIQC2VtqZ-y7jxS5C3CraIHQhga46jtRrJc-6lIzjDDnCZ3cIbBnQCKAoHYRcJmo8SY93AcVVw4EvfmxKZx1qHTfrkcqTelGUSYYFOUDcWPVWkYDN5ipaR9cYRsyNFE-g6sg2AQ8pt9eJy5zMKgXJ0AzrruosPcSQp1WjhCBWi-0Jyv5dBHpXGOfxklRpbv4bmi280p97i6--Bbi5fEL4aTGq_zo-m8DC6a0sJpBd-7WXgBARW09vc8G4iQYBTH3cGSDYgfpvBZnb1mHkaTNwpIE2ujDkdV49X7JsCqm2Tyx1pfaIugy5gmUtDRSMh-mIbiCSnRbA&session_id=a07ee18b-856b-4fae-8a8b-765a4f49c28c&state=0c4dae48-9493-47ac-ae7e-dc59023d5373&session_state=9cd4202f-ea14-4c93-9d20-f01925167a07

#######################################################
TEST: requestAuthorizationPromptConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FAED.308A.CE4A.7257",
    "client_secret": "17b21396-2d94-4a12-8b51-70a1f8593fbd",
    "registration_access_token": "d5d2168c-681f-499d-9239-584f268124ec",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FAED.308A.CE4A.7257",
    "client_id_issued_at": 1530816423,
    "client_secret_expires_at": 1530902823,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer d5d2168c-681f-499d-9239-584f268124ec

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FAED.308A.CE4A.7257",
    "client_secret": "17b21396-2d94-4a12-8b51-70a1f8593fbd",
    "registration_access_token": "d5d2168c-681f-499d-9239-584f268124ec",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FAED.308A.CE4A.7257",
    "client_id_issued_at": 1530816423,
    "client_secret_expires_at": 1530902823,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FAED.308A.CE4A.7257&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8e802f3e-c011-47ed-a9d3-5afb8c189d7f&prompt=consent
14:47:24.770 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:fd9f35c0-6d41-4dc2-bd71-9b2dd98230be
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FAED.308A.CE4A.7257&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8e802f3e-c011-47ed-a9d3-5afb8c189d7f&prompt=consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=f8a4ad94-a3fa-4a0e-be1c-f69158a6d343&scope=address+openid+profile+email&session_id=29b281b4-7eb7-4ae6-9a4c-3d436a514577&state=8e802f3e-c011-47ed-a9d3-5afb8c189d7f&session_state=fd9f35c0-6d41-4dc2-bd71-9b2dd98230be

#######################################################
TEST: requestAuthorizationPromptConsentTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!574B.B68F.3692.F506",
    "client_secret": "fa4b964c-ef2c-45e4-b385-9a816b5c4fa5",
    "registration_access_token": "f25029c7-f2b6-49a7-b3af-628bbde0ec98",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!574B.B68F.3692.F506",
    "client_id_issued_at": 1530816424,
    "client_secret_expires_at": 1530902824,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f25029c7-f2b6-49a7-b3af-628bbde0ec98

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!574B.B68F.3692.F506",
    "client_secret": "fa4b964c-ef2c-45e4-b385-9a816b5c4fa5",
    "registration_access_token": "f25029c7-f2b6-49a7-b3af-628bbde0ec98",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!574B.B68F.3692.F506",
    "client_id_issued_at": 1530816424,
    "client_secret_expires_at": 1530902824,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21574B.B68F.3692.F506&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1da2ce7c-2dea-4962-8f0f-4fa3fe922a5a&prompt=consent
14:47:25.923 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:7e8a7ffd-e64d-41df-b60b-cb57895e9c56
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21574B.B68F.3692.F506&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1da2ce7c-2dea-4962-8f0f-4fa3fe922a5a&prompt=consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=98264840-14a8-4310-b438-00ebefce6b3f&scope=address+openid+profile+email&session_id=f4ff9b56-98d8-4c31-9ade-b06b4d6847a9&state=1da2ce7c-2dea-4962-8f0f-4fa3fe922a5a&session_state=7e8a7ffd-e64d-41df-b60b-cb57895e9c56

#######################################################
TEST: requestAuthorizationPromptLogin
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A3F3.F8AE.D95B.1567",
    "client_secret": "a77ab0ba-8972-44ba-99eb-871c32ff61d2",
    "registration_access_token": "f99027b9-e82a-4b8e-b2a8-4a6774aee856",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A3F3.F8AE.D95B.1567",
    "client_id_issued_at": 1530816425,
    "client_secret_expires_at": 1530902825,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f99027b9-e82a-4b8e-b2a8-4a6774aee856

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A3F3.F8AE.D95B.1567",
    "client_secret": "a77ab0ba-8972-44ba-99eb-871c32ff61d2",
    "registration_access_token": "f99027b9-e82a-4b8e-b2a8-4a6774aee856",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A3F3.F8AE.D95B.1567",
    "client_id_issued_at": 1530816425,
    "client_secret_expires_at": 1530902825,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A3F3.F8AE.D95B.1567&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c3242023-2343-40ef-9340-610bffa80625&prompt=login
14:47:27.146 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ed576fd5-4c31-415b-b73d-baa60c6b5598
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A3F3.F8AE.D95B.1567&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c3242023-2343-40ef-9340-610bffa80625&prompt=login

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=fa927e29-7336-4eac-a722-5ad1e7950147&scope=address+openid+profile+email&session_id=36aceb67-d4cd-430b-bef7-5e5cbc0eaae1&state=c3242023-2343-40ef-9340-610bffa80625&session_state=ed576fd5-4c31-415b-b73d-baa60c6b5598

#######################################################
TEST: requestAuthorizationPromptLoginConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!375D.556F.BE3D.FCD2",
    "client_secret": "3480261f-1aa8-4517-9241-e6bd371dc976",
    "registration_access_token": "030105cc-0b37-464f-a747-b8b0400e001a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!375D.556F.BE3D.FCD2",
    "client_id_issued_at": 1530816426,
    "client_secret_expires_at": 1530902826,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 030105cc-0b37-464f-a747-b8b0400e001a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!375D.556F.BE3D.FCD2",
    "client_secret": "3480261f-1aa8-4517-9241-e6bd371dc976",
    "registration_access_token": "030105cc-0b37-464f-a747-b8b0400e001a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!375D.556F.BE3D.FCD2",
    "client_id_issued_at": 1530816426,
    "client_secret_expires_at": 1530902826,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21375D.556F.BE3D.FCD2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=89aafaf4-bd5a-4f67-99cc-f2d4d2359e58&prompt=login+consent
14:47:28.437 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d8c04af1-5cc4-47b9-811a-7182e1d32c9b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21375D.556F.BE3D.FCD2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=89aafaf4-bd5a-4f67-99cc-f2d4d2359e58&prompt=login+consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=a5b19dc6-1027-43c7-a8ea-b38842ee6181&scope=address+openid+profile+email&session_id=07208e61-cceb-4556-91a4-10d0858036e2&state=89aafaf4-bd5a-4f67-99cc-f2d4d2359e58&session_state=d8c04af1-5cc4-47b9-811a-7182e1d32c9b

#######################################################
TEST: requestAuthorizationPromptLoginConsentTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:08 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B354.8DD5.4BD4.A402",
    "client_secret": "bc24069c-388f-4a61-ba46-e79119c45042",
    "registration_access_token": "97250e63-df64-4eca-a437-467e96bdd607",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B354.8DD5.4BD4.A402",
    "client_id_issued_at": 1530816428,
    "client_secret_expires_at": 1530902828,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 97250e63-df64-4eca-a437-467e96bdd607

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:08 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B354.8DD5.4BD4.A402",
    "client_secret": "bc24069c-388f-4a61-ba46-e79119c45042",
    "registration_access_token": "97250e63-df64-4eca-a437-467e96bdd607",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B354.8DD5.4BD4.A402",
    "client_id_issued_at": 1530816428,
    "client_secret_expires_at": 1530902828,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B354.8DD5.4BD4.A402&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=33ef5315-a1bc-4a07-9a89-aed152cce306&prompt=login+consent
14:47:29.660 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:da380438-b138-4fbb-9739-1ff71927428d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B354.8DD5.4BD4.A402&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=33ef5315-a1bc-4a07-9a89-aed152cce306&prompt=login+consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=4164188a-4c77-44ad-87e1-3764d244f22a&scope=address+openid+profile+email&session_id=e8ef8090-a941-49e9-a0fa-357fcbe1675f&state=33ef5315-a1bc-4a07-9a89-aed152cce306&session_state=da380438-b138-4fbb-9739-1ff71927428d

#######################################################
TEST: requestAuthorizationPromptNoneFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FECE.B159.3552.6E05",
    "client_secret": "12ba1457-04b9-4547-b937-09675f92734d",
    "registration_access_token": "9f3e25e1-397d-4af5-9044-d5989f334c04",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FECE.B159.3552.6E05",
    "client_id_issued_at": 1530816429,
    "client_secret_expires_at": 1530902829,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 9f3e25e1-397d-4af5-9044-d5989f334c04

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FECE.B159.3552.6E05",
    "client_secret": "12ba1457-04b9-4547-b937-09675f92734d",
    "registration_access_token": "9f3e25e1-397d-4af5-9044-d5989f334c04",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FECE.B159.3552.6E05",
    "client_id_issued_at": 1530816429,
    "client_secret_expires_at": 1530902829,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FECE.B159.3552.6E05&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1d853622-7feb-4424-979a-9c47ddd9381e&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:47:09 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+Authorization+Server+requires+End-User+authentication.+This+error+MAY+be+returned+when+the+prompt+parameter+in+the+Authorization+Request+is+set+to+none+to+request+that+the+Authorization+Server+should+not+display+any+user+interfaces+to+the+End-User%2C+but+the+Authorization+Request+cannot+be+completed+without+displaying+a+user+interface+for+user+authentication.&state=1d853622-7feb-4424-979a-9c47ddd9381e&error=login_required
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationPromptLoginConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A44A.A451.458B.2FE9",
    "client_secret": "18a06622-3af3-42f2-9de8-929818ef7f49",
    "registration_access_token": "e6f56b98-e9b9-4830-9f7f-f4dc5fa5b341",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A44A.A451.458B.2FE9",
    "client_id_issued_at": 1530816429,
    "client_secret_expires_at": 1530902829,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer e6f56b98-e9b9-4830-9f7f-f4dc5fa5b341

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A44A.A451.458B.2FE9",
    "client_secret": "18a06622-3af3-42f2-9de8-929818ef7f49",
    "registration_access_token": "e6f56b98-e9b9-4830-9f7f-f4dc5fa5b341",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A44A.A451.458B.2FE9",
    "client_id_issued_at": 1530816429,
    "client_secret_expires_at": 1530902829,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A44A.A451.458B.2FE9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0879265f-5c15-499d-80fb-37b69c69e909&prompt=none+login+consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:47:09 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=0879265f-5c15-499d-80fb-37b69c69e909&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationPromptNoneTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6236.09AE.4ADB.9681",
    "client_secret": "51033f3a-07fd-459f-9b1b-deaed8c0b577",
    "registration_access_token": "dc910917-ed0f-4b7d-a27d-6875d821116a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6236.09AE.4ADB.9681",
    "client_id_issued_at": 1530816430,
    "client_secret_expires_at": 1530902830,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer dc910917-ed0f-4b7d-a27d-6875d821116a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6236.09AE.4ADB.9681",
    "client_secret": "51033f3a-07fd-459f-9b1b-deaed8c0b577",
    "registration_access_token": "dc910917-ed0f-4b7d-a27d-6875d821116a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6236.09AE.4ADB.9681",
    "client_id_issued_at": 1530816430,
    "client_secret_expires_at": 1530902830,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216236.09AE.4ADB.9681&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1ae551f7-e34e-4016-abe1-97c35ba9b4d9&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:47:10 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=83f26293-412f-45f4-a548-86bb5874c35c&scope=address+openid+profile+email&session_id=6e602965-466f-4df8-9848-05a465035b69&state=1ae551f7-e34e-4016-abe1-97c35ba9b4d9&session_state=8980f704-5057-450e-befa-f45c412ab8c9
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61FA.B7F7.971D.5B89",
    "client_secret": "b3455105-51dc-4bc4-8807-2b6d80cb08ae",
    "registration_access_token": "67e16930-cb56-47b0-9b29-b73f7e0e4399",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61FA.B7F7.971D.5B89",
    "client_id_issued_at": 1530816430,
    "client_secret_expires_at": 1530902830,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 67e16930-cb56-47b0-9b29-b73f7e0e4399

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61FA.B7F7.971D.5B89",
    "client_secret": "b3455105-51dc-4bc4-8807-2b6d80cb08ae",
    "registration_access_token": "67e16930-cb56-47b0-9b29-b73f7e0e4399",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61FA.B7F7.971D.5B89",
    "client_id_issued_at": 1530816430,
    "client_secret_expires_at": 1530902830,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2161FA.B7F7.971D.5B89&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d0a19c6e-4d2c-443f-ad4f-525bf709c299&nonce=0f7d257e-11ec-44d0-ae9d-0e76eb3dcd3d
14:47:31.809 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:24034bef-2f2c-4bb2-8ae5-f92b5ec51581
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2161FA.B7F7.971D.5B89&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d0a19c6e-4d2c-443f-ad4f-525bf709c299&nonce=0f7d257e-11ec-44d0-ae9d-0e76eb3dcd3d

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=0bb8bb1f-2ab3-49a9-a18f-ebb37b8ff129&scope=address+openid+profile+email&session_id=c2f6d109-8e6b-4aad-9e32-4d56484f0968&state=d0a19c6e-4d2c-443f-ad4f-525bf709c299&token_type=bearer&session_state=24034bef-2f2c-4bb2-8ae5-f92b5ec51581&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7696.ABA9.F74F.9F35",
    "client_secret": "58f13810-eb88-44c0-9cf7-c57f9dfa1504",
    "registration_access_token": "b1716057-a8c3-45c7-8cab-2c9a38f7eda7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7696.ABA9.F74F.9F35",
    "client_id_issued_at": 1530816431,
    "client_secret_expires_at": 1530902831,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b1716057-a8c3-45c7-8cab-2c9a38f7eda7

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7696.ABA9.F74F.9F35",
    "client_secret": "58f13810-eb88-44c0-9cf7-c57f9dfa1504",
    "registration_access_token": "b1716057-a8c3-45c7-8cab-2c9a38f7eda7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7696.ABA9.F74F.9F35",
    "client_id_issued_at": 1530816431,
    "client_secret_expires_at": 1530902831,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217696.ABA9.F74F.9F35&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9d678226-a03a-4e15-8749-e3536ab8a6da&nonce=7094b13c-ad5f-476e-8426-64943b9c0e5a
14:47:32.944 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:cb9e0bb1-fe4e-48f8-8c86-775b61b552fc
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217696.ABA9.F74F.9F35&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9d678226-a03a-4e15-8749-e3536ab8a6da&nonce=7094b13c-ad5f-476e-8426-64943b9c0e5a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=59fe34a8-b349-4086-a73d-c4342f2ea7ba&code=28899ee9-be0f-47da-8867-407583456664&scope=address+openid+profile+email&session_id=4c94c766-e910-4bf2-b60c-9037b85a7262&state=9d678226-a03a-4e15-8749-e3536ab8a6da&token_type=bearer&session_state=cb9e0bb1-fe4e-48f8-8c86-775b61b552fc&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!25FB.3420.9DCB.7453",
    "client_secret": "ab572b6a-b5f5-486a-99bd-cf72dfdb300a",
    "registration_access_token": "b8a191f3-cb9e-44bb-98d8-918feddb7df7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!25FB.3420.9DCB.7453",
    "client_id_issued_at": 1530816432,
    "client_secret_expires_at": 1530902832,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b8a191f3-cb9e-44bb-98d8-918feddb7df7

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!25FB.3420.9DCB.7453",
    "client_secret": "ab572b6a-b5f5-486a-99bd-cf72dfdb300a",
    "registration_access_token": "b8a191f3-cb9e-44bb-98d8-918feddb7df7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!25FB.3420.9DCB.7453",
    "client_id_issued_at": 1530816432,
    "client_secret_expires_at": 1530902832,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2125FB.3420.9DCB.7453&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=646d3a43-bf34-40a4-b825-8ddd883a731c&nonce=05f4e7ab-092f-4445-9f05-5bb7fd64ee21
14:47:34.219 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:25fb1bb6-ee58-4ea2-9f37-c669256abb28
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2125FB.3420.9DCB.7453&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=646d3a43-bf34-40a4-b825-8ddd883a731c&nonce=05f4e7ab-092f-4445-9f05-5bb7fd64ee21

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=a7e2bc10-de3c-4d7f-b77c-ac1a85185dec&code=88ba6e76-dc5d-40f7-861b-9cfe4d6cb9b3&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyNUZCLjM0MjAuOURDQi43NDUzIiwiZXhwIjoxNTMwODIwMDM0LCJpYXQiOjE1MzA4MTY0MzQsIm5vbmNlIjoiMDVmNGU3YWItMDkyZi00NDQ1LTlmMDUtNWJiN2ZkNjRlZTIxIiwiYXV0aF90aW1lIjoxNTMwODE2NDMzLCJjX2hhc2giOiI1aWQ3a01QVlRTUnpaTndvem9QXzJRIiwiYXRfaGFzaCI6IlZUeW8tWHdOcERuOU5GcHJTQ1RRVlEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIyaXhfZHpUU2k3QWM0Ti1sX1Z4QUt1ZU5NR201UlV4b3dnQUd2ek9CRnY0In0.WIu7aHboAGbU7tMrrPUDcCGUvgdCb3V-2cPNG7BX9JWslvia5PTZTptrKPPVt5XQb-oT39MkpSnZ8nOG4wNWmh2sJKsF7h8eAzDfb6OX94UdskMNorvujpmkowdzICKpfOix07qA5TaVfumqtGaOdzEd_Oj7iM1i1Ieg_9l21QbrOEk3aapdixZdaJLHgFoSvyaPmG1YwegMUyveLKtD5BWISvcnUZYY27CnszueLt0oYz1pc1l1NRMRUwR8o4ZkRSW1Ln6MIdO01fCuD33etlJhcw251Xrpd_bQU2aZfLpUTojCLhZDL-D2HAxC5Qw96obV_bqV16AYMDaxNe_PFw&session_id=2bd9868c-f4eb-497c-bf5a-4a6447b9d662&state=646d3a43-bf34-40a4-b825-8ddd883a731c&token_type=bearer&session_state=25fb1bb6-ee58-4ea2-9f37-c669256abb28&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCodeIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1861.88DB.1747.65D2",
    "client_secret": "f83fe3f9-bdfc-49f2-8688-5681bf2320eb",
    "registration_access_token": "5cfeafb2-0b3c-419c-98c0-7696c5e85c15",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1861.88DB.1747.65D2",
    "client_id_issued_at": 1530816434,
    "client_secret_expires_at": 1530902834,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 5cfeafb2-0b3c-419c-98c0-7696c5e85c15

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1861.88DB.1747.65D2",
    "client_secret": "f83fe3f9-bdfc-49f2-8688-5681bf2320eb",
    "registration_access_token": "5cfeafb2-0b3c-419c-98c0-7696c5e85c15",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1861.88DB.1747.65D2",
    "client_id_issued_at": 1530816434,
    "client_secret_expires_at": 1530902834,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211861.88DB.1747.65D2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4c08ed03-ba55-4ec8-b3c4-1d3baec51bef&nonce=ede07790-962a-4b0e-a7dc-aee918845db7
14:47:35.676 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ddcf5bd9-2184-4663-9ca9-614497345155
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211861.88DB.1747.65D2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4c08ed03-ba55-4ec8-b3c4-1d3baec51bef&nonce=ede07790-962a-4b0e-a7dc-aee918845db7

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=8973556c-5ffe-4edd-9173-f4e2755ea834&code=3201d2ca-29c2-4dd7-a984-d24eb7b3bd57&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExODYxLjg4REIuMTc0Ny42NUQyIiwiZXhwIjoxNTMwODIwMDM1LCJpYXQiOjE1MzA4MTY0MzUsIm5vbmNlIjoiZWRlMDc3OTAtOTYyYS00YjBlLWE3ZGMtYWVlOTE4ODQ1ZGI3IiwiYXV0aF90aW1lIjoxNTMwODE2NDM1LCJjX2hhc2giOiJYUzZmbVp3NHU2VzEtU2RMU2wtb1NnIiwiYXRfaGFzaCI6InVIMzRLaUhqTmFwdjAyNWhRMXBIUlEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiI1dXZIUW5CRWlabVY2a1pOSkFKTkFvWjdBdXJPVkxOYmRNYWVJbTg2S3lBIn0.Kw1UVHeYddoRKG8s4_5OYnXxXggqGcCqez0IEJJaVWvKTO4TU-dDnYXyKygtPp23xMSEmacwAIcdUvS-XSwEvzh8XStRNyAeGHRhki5hjSPP_c_fB4eACr9NXvjU3IvSNSEQWYiuoCkR_VONtfayWnfrDQLzdlfukvuWkAiPc8UVZ1H4iovQdhsC31ZwWsp50tjT4enY5_m3DRvj9UFSLsqFRpttAZkn_XQcSyurtLHZw3YEdtb2gu9XjyEKLoHuGBrlHhk8W459i2HIytgz9U1AY02MwJKZyQ1zwiM0-XynXpT69t7G2mtgeritp0UVEdQpmmRoTY6WC8h3VKBL_A&session_id=e05814bf-466f-4fab-80d6-06ac71050a59&state=4c08ed03-ba55-4ec8-b3c4-1d3baec51bef&token_type=bearer&session_state=ddcf5bd9-2184-4663-9ca9-614497345155&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCodeUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6CDF.46FC.0082.A34F",
    "client_secret": "b6bf4ffc-7fa0-43f2-90ea-85fa256e91a4",
    "registration_access_token": "a9457d6d-680e-4a87-88d9-42f2f351308e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6CDF.46FC.0082.A34F",
    "client_id_issued_at": 1530816435,
    "client_secret_expires_at": 1530902835,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer a9457d6d-680e-4a87-88d9-42f2f351308e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6CDF.46FC.0082.A34F",
    "client_secret": "b6bf4ffc-7fa0-43f2-90ea-85fa256e91a4",
    "registration_access_token": "a9457d6d-680e-4a87-88d9-42f2f351308e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6CDF.46FC.0082.A34F",
    "client_id_issued_at": 1530816435,
    "client_secret_expires_at": 1530902835,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216CDF.46FC.0082.A34F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d2add757-cbe1-4677-8897-f1fe608b0180&nonce=370f31de-57a0-484f-b01c-835d08f794d1
14:47:36.884 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:16c01457-a956-45b9-8af3-9eb576e8651a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216CDF.46FC.0082.A34F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d2add757-cbe1-4677-8897-f1fe608b0180&nonce=370f31de-57a0-484f-b01c-835d08f794d1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=c036a6a7-7709-4b0a-a4f5-03aaa10d6a1d&code=52d303fa-5009-47c5-8ae8-0fa79e66837b&scope=address+openid+profile+email&session_id=aafcf6f8-5a2b-49ea-b24f-bb5632bf69d9&state=d2add757-cbe1-4677-8897-f1fe608b0180&token_type=bearer&session_state=16c01457-a956-45b9-8af3-9eb576e8651a&expires_in=299

#######################################################
TEST: requestAuthorizationTokenFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1b04e239-5904-498a-a98c-ff6f12921bd0

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 222
Content-Type: text/plain
Date: Thu, 05 Jul 2018 18:47:16 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed.","state":"1b04e239-5904-498a-a98c-ff6f12921bd0"}

#######################################################
TEST: requestAuthorizationTokenFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1BED.3EAD.AC24.21AE",
    "client_secret": "cb2020a7-aeb9-4f35-a8b2-0bfcc1806022",
    "registration_access_token": "ee85d5bb-4926-4492-bf91-6b387a336800",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1BED.3EAD.AC24.21AE",
    "client_id_issued_at": 1530816436,
    "client_secret_expires_at": 1530902836,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer ee85d5bb-4926-4492-bf91-6b387a336800

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1BED.3EAD.AC24.21AE",
    "client_secret": "cb2020a7-aeb9-4f35-a8b2-0bfcc1806022",
    "registration_access_token": "ee85d5bb-4926-4492-bf91-6b387a336800",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1BED.3EAD.AC24.21AE",
    "client_id_issued_at": 1530816436,
    "client_secret_expires_at": 1530902836,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211BED.3EAD.AC24.21AE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9135c496-e7f6-4ded-97d2-98252d514949&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:47:16 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=9135c496-e7f6-4ded-97d2-98252d514949&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationTokenIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2042.95A0.748B.5A55",
    "client_secret": "489df3c8-af6b-4534-a4de-9384cc092356",
    "registration_access_token": "4f2f363a-d8be-4a58-82de-b415be8fb65c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2042.95A0.748B.5A55",
    "client_id_issued_at": 1530816437,
    "client_secret_expires_at": 1530902837,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 4f2f363a-d8be-4a58-82de-b415be8fb65c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2042.95A0.748B.5A55",
    "client_secret": "489df3c8-af6b-4534-a4de-9384cc092356",
    "registration_access_token": "4f2f363a-d8be-4a58-82de-b415be8fb65c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2042.95A0.748B.5A55",
    "client_id_issued_at": 1530816437,
    "client_secret_expires_at": 1530902837,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212042.95A0.748B.5A55&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7a7a46eb-33e8-4e1b-aa5e-98ca09f4dbff&nonce=f98b0c7d-83e1-405c-981f-62db7a3b5c1d
14:47:38.549 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:dba8ef8b-abda-41f6-99c0-211609f34d9d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212042.95A0.748B.5A55&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7a7a46eb-33e8-4e1b-aa5e-98ca09f4dbff&nonce=f98b0c7d-83e1-405c-981f-62db7a3b5c1d

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=edfb4ebb-942b-4c16-adc3-c5bff1f010d2&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyMDQyLjk1QTAuNzQ4Qi41QTU1IiwiZXhwIjoxNTMwODIwMDM4LCJpYXQiOjE1MzA4MTY0MzgsIm5vbmNlIjoiZjk4YjBjN2QtODNlMS00MDVjLTk4MWYtNjJkYjdhM2I1YzFkIiwiYXV0aF90aW1lIjoxNTMwODE2NDM4LCJhdF9oYXNoIjoiMElUWmF6amtrMTFMR0dwWkZGM0toUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InlTZF9URjFhbDk2MWhXV3hSSEM2blV2U1ZaNThHNVo2YlpOUFlRNTFPNkEifQ.ESMir0pgyiDJkCsB16vQvw0ovMFooYjEH-_jm8HmoG2XOBgXlOGvl7n6O_EvOWdNdzOn1FDdxWOY6jPVYkUJUBZ8RtRM25QQaJEGf5F51rmls3__tM2modq9rLAqkmlBRMyPDy5u_6lt4OL6oX1HXBXbqD_U-4FDmJODquJ_3cFLiN6uqQaLBj1TGBoKJepB_BSEnv1CijUlP_hiY8mInQq9dQ1Duk5IxCeixZkKU3gkBa5gMdPtiFyXr40wXc47y3fUCqn-hOeTGkJ8qm1Z-bO2LNZdYNhjhYKX0LQoCZzBn8th-72gMKhD4WaAvh49veZ7Lsh52meR1uhmofNxbA&session_id=34b2a1d2-841e-4137-a5a3-5a575be8788c&state=7a7a46eb-33e8-4e1b-aa5e-98ca09f4dbff&token_type=bearer&session_state=dba8ef8b-abda-41f6-99c0-211609f34d9d&expires_in=299

#######################################################
TEST: requestAuthorizationTokenIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!256F.A9ED.9A8A.6282",
    "client_secret": "4c7dea79-4752-409f-8211-1e9bae08f47a",
    "registration_access_token": "6ce44830-ce47-4cab-acd5-fa8a3d562ee4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!256F.A9ED.9A8A.6282",
    "client_id_issued_at": 1530816438,
    "client_secret_expires_at": 1530902838,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 6ce44830-ce47-4cab-acd5-fa8a3d562ee4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!256F.A9ED.9A8A.6282",
    "client_secret": "4c7dea79-4752-409f-8211-1e9bae08f47a",
    "registration_access_token": "6ce44830-ce47-4cab-acd5-fa8a3d562ee4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!256F.A9ED.9A8A.6282",
    "client_id_issued_at": 1530816438,
    "client_secret_expires_at": 1530902838,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21256F.A9ED.9A8A.6282&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3b6f7ec3-3926-4c26-89a5-d532a5512f50&nonce=4a874af6-0440-4d81-b67f-2fc818fb6230
14:47:39.843 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:8c725159-b3cb-4792-9166-993141eb0dee
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21256F.A9ED.9A8A.6282&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3b6f7ec3-3926-4c26-89a5-d532a5512f50&nonce=4a874af6-0440-4d81-b67f-2fc818fb6230

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=bf7e8949-96e8-412b-ad02-c0f0d256fa4d&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyNTZGLkE5RUQuOUE4QS42MjgyIiwiZXhwIjoxNTMwODIwMDM5LCJpYXQiOjE1MzA4MTY0MzksIm5vbmNlIjoiNGE4NzRhZjYtMDQ0MC00ZDgxLWI2N2YtMmZjODE4ZmI2MjMwIiwiYXV0aF90aW1lIjoxNTMwODE2NDM5LCJhdF9oYXNoIjoienoyTEtzeEFuSC1sVTNvMjFHV1FidyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlYwd0VpZDJIMnI3Q3h5X3FyYWZuMXVPSFNMYWNzZmI1RlhkNVZsellabEEifQ.LNh8HGwDM1VXAHb1RyznB30Ma2AAQ56Jt27dFOF0pfWH-x7c3RdYQcYIFdA39VYA8PDpfx0NuaZ30qr5M8dZkp2Wip7Jt1NMIC55Xy6n3g49qvUjaZfyl37L8MVl6UXRDWkBPIukC6c4MaYXz0rQlXy7cGsTT8PqhZVtZbGQouPXDmv0igUIyX6Fp0tOm6IgxzVcJTmlkz4dGLMOBKPVoHVCqbqc_KDoE_EDGB4yhGM4pLiy6OHVUfwaG3RsjfJ-35WRlu-bRnmPt9Aw3WDKVIGsfisZdZJScfpTJhvo1pqF3DoHFnl_LdTFo7rVTHMEj1VHEMWb0ppY7MpBo_PqTg&session_id=5619d1e4-6cba-4e1d-92c6-b4892dca8764&state=3b6f7ec3-3926-4c26-89a5-d532a5512f50&token_type=bearer&session_state=8c725159-b3cb-4792-9166-993141eb0dee&expires_in=299

#######################################################
TEST: requestAuthorizationTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3D9B.9DC8.C261.DE69",
    "client_secret": "f3c8b14a-69fb-48bc-b816-2061dd60c163",
    "registration_access_token": "a89d7494-cff5-4c0c-aee2-038f768d7e2a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3D9B.9DC8.C261.DE69",
    "client_id_issued_at": 1530816439,
    "client_secret_expires_at": 1530902839,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer a89d7494-cff5-4c0c-aee2-038f768d7e2a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3D9B.9DC8.C261.DE69",
    "client_secret": "f3c8b14a-69fb-48bc-b816-2061dd60c163",
    "registration_access_token": "a89d7494-cff5-4c0c-aee2-038f768d7e2a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3D9B.9DC8.C261.DE69",
    "client_id_issued_at": 1530816439,
    "client_secret_expires_at": 1530902839,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213D9B.9DC8.C261.DE69&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a31c1ed9-ca08-4747-860c-2c785d8c490a&nonce=8de4cd7f-670c-4f9c-81f9-3bb6b495d5a1
14:47:41.240 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:c1e0af97-994b-4300-914a-1158a63daf50
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213D9B.9DC8.C261.DE69&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a31c1ed9-ca08-4747-860c-2c785d8c490a&nonce=8de4cd7f-670c-4f9c-81f9-3bb6b495d5a1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=02f46405-5e96-42f5-9066-0f1337d8be21&scope=address+openid+profile+email&session_id=e4706987-f254-4500-a854-b4e9c1066340&state=a31c1ed9-ca08-4747-860c-2c785d8c490a&token_type=bearer&session_state=c1e0af97-994b-4300-914a-1158a63daf50&expires_in=299

#######################################################
TEST: requestAuthorizationWithoutScope
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2492.53B0.20C5.659C",
    "client_secret": "6bd24759-878f-44f8-b84a-e4959465c036",
    "registration_access_token": "9d5cb799-ce03-4bed-b857-38644865d88a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2492.53B0.20C5.659C",
    "client_id_issued_at": 1530816441,
    "client_secret_expires_at": 1530902841,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 9d5cb799-ce03-4bed-b857-38644865d88a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2492.53B0.20C5.659C",
    "client_secret": "6bd24759-878f-44f8-b84a-e4959465c036",
    "registration_access_token": "9d5cb799-ce03-4bed-b857-38644865d88a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2492.53B0.20C5.659C",
    "client_id_issued_at": 1530816441,
    "client_secret_expires_at": 1530902841,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212492.53B0.20C5.659C&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5dbedcbb-c23d-4f37-9b66-dc9dd2e8dd2c&nonce=1c88ab87-5d42-4e21-a968-633eea06b52e
14:47:42.569 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a517abb2-ea09-4f55-9a1d-8d45dae6d51b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212492.53B0.20C5.659C&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5dbedcbb-c23d-4f37-9b66-dc9dd2e8dd2c&nonce=1c88ab87-5d42-4e21-a968-633eea06b52e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=afb25bcd-5d6d-4daf-b97b-71ea8e1634c3&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyNDkyLjUzQjAuMjBDNS42NTlDIiwiZXhwIjoxNTMwODIwMDQyLCJpYXQiOjE1MzA4MTY0NDIsIm5vbmNlIjoiMWM4OGFiODctNWQ0Mi00ZTIxLWE5NjgtNjMzZWVhMDZiNTJlIiwiYXV0aF90aW1lIjoxNTMwODE2NDQyLCJjX2hhc2giOiJucUFadDB0SFhmNXIwY1FjTXc5QzB3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiVmloenhOQ3VrbXV4WFRUUHZBbnNVQkJyajIxcWVYbHFYQUFTLXJWVThDbyJ9.XHjh12a8LNcpkL_BjxoMXT4DdWWdl23oZ23BLlNPPA-ZKrxhDA6z2TFx-vM8dKnCjOSv20sctynw3nr5pkxWK6M03-YeNHwMDnGUqsgAkEFZblEo-egWvaF2yy4QemeJ8s8kWCZtjr4aaMUZsKVZgEDlVVU7WREj7N8oadtjMc5bGbptXNAEEsFPIBbUPprw-uKg6IlGocxOkdGWf5fwUkiNZSH36fDWn4mp2dvnTzvk8CVXor040MFpFHMBfEU7LmbfotVZcmpYYrwoOejT0wLnGC8dtwZ7JFlxV-1jYB8kZOUMKst-Jdo4U5JYx2tRvPEqrzD9ViexbnzrCY-H4g&session_id=8d6c3836-66a9-43ab-b9fd-5c0735fc7cc2&state=5dbedcbb-c23d-4f37-9b66-dc9dd2e8dd2c&session_state=a517abb2-ea09-4f55-9a1d-8d45dae6d51b

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:22 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:22 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: requestSessionIdAuthorizationCode1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:22 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!306F.6B25.7EAE.AABD",
    "client_secret": "1109b527-3abf-4836-bd8d-5cd48cd6692a",
    "registration_access_token": "ffd9700a-6f5c-4b34-97f7-28548a228321",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!306F.6B25.7EAE.AABD",
    "client_id_issued_at": 1530816442,
    "client_secret_expires_at": 1530902842,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer ffd9700a-6f5c-4b34-97f7-28548a228321

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:22 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!306F.6B25.7EAE.AABD",
    "client_secret": "1109b527-3abf-4836-bd8d-5cd48cd6692a",
    "registration_access_token": "ffd9700a-6f5c-4b34-97f7-28548a228321",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!306F.6B25.7EAE.AABD",
    "client_id_issued_at": 1530816442,
    "client_secret_expires_at": 1530902842,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21306F.6B25.7EAE.AABD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dfdeed09-d4e6-4842-93b7-e0c892695db6
14:47:43.989 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
waitForResourceOwnerAndGrantLoginForm: sessionState:7b0eb2e3-516f-4718-bf6a-7775d4d2658e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21306F.6B25.7EAE.AABD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dfdeed09-d4e6-4842-93b7-e0c892695db6

authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21306F.6B25.7EAE.AABD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0795489d-fd8a-47be-a70b-c144e744450f
14:47:44.204 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:00d6edcc-13a8-402e-bece-3db33ba2dd40
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21306F.6B25.7EAE.AABD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0795489d-fd8a-47be-a70b-c144e744450f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=9ffdf420-890f-479c-9e64-8fec56320cfa&scope=address+openid+profile+email&session_id=8236a110-5af9-472d-be0f-e9c140786c5c&state=0795489d-fd8a-47be-a70b-c144e744450f&session_state=00d6edcc-13a8-402e-bece-3db33ba2dd40

#######################################################
TEST: requestSessionIdAuthorizationCode2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9D45.6293.C4D6.9B60",
    "client_secret": "a2ee8a3e-f895-4323-90a8-544966c88e85",
    "registration_access_token": "cd0c2d87-a17a-4090-9138-6c3a367f72b1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9D45.6293.C4D6.9B60",
    "client_id_issued_at": 1530816443,
    "client_secret_expires_at": 1530902843,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer cd0c2d87-a17a-4090-9138-6c3a367f72b1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9D45.6293.C4D6.9B60",
    "client_secret": "a2ee8a3e-f895-4323-90a8-544966c88e85",
    "registration_access_token": "cd0c2d87-a17a-4090-9138-6c3a367f72b1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9D45.6293.C4D6.9B60",
    "client_id_issued_at": 1530816443,
    "client_secret_expires_at": 1530902843,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219D45.6293.C4D6.9B60&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a6a75c96-73c2-41dc-8fe6-ce1b4e8ebf90
14:47:45.323 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
waitForResourceOwnerAndGrantLoginForm: sessionState:2379de32-d849-47c0-9d69-e3f9735ee76c
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219D45.6293.C4D6.9B60&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a6a75c96-73c2-41dc-8fe6-ce1b4e8ebf90

authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219D45.6293.C4D6.9B60&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=03b2dbfb-cf25-4653-a2d4-78e289ab3b37
14:47:45.506 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:7bfe635c-7a45-4d9d-a2c9-78d5f0488f4d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219D45.6293.C4D6.9B60&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=03b2dbfb-cf25-4653-a2d4-78e289ab3b37

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=924b5303-09af-4287-93a4-96cd32b5c426&scope=address+openid+profile+email&session_id=b19bc504-545a-4c67-97ed-f6a29e7cf9fe&state=03b2dbfb-cf25-4653-a2d4-78e289ab3b37&session_state=7bfe635c-7a45-4d9d-a2c9-78d5f0488f4d

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:25 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:25 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: requestClientRegistrationWithCustomAttributes
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "grant_types": ["password"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true",
    "myCustomAttr1": "a116b884-d9ab-48d4-9a37-09ec79ae745f"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1445
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2998.3333.9FD7.E3F4",
    "client_secret": "ed1182a7-43e4-4199-a3f4-b38c4b15994a",
    "registration_access_token": "23c2ea9d-0714-4c51-a347-f0d72b519fbb",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2998.3333.9FD7.E3F4",
    "client_id_issued_at": 1530816445,
    "client_secret_expires_at": 1530902845,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

#######################################################
TEST: requestAccessTokenCustomClientAuth1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212998.3333.9FD7.E3F4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=43b99928-ebe9-4a46-8a53-9faf0864e588&nonce=49bfb98b-c5ed-4a07-831b-fd8a72a65703&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 05 Jul 2018 18:47:25 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=1fc7f98b-2da9-4c43-9e0e-59569c183fae&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyOTk4LjMzMzMuOUZENy5FM0Y0IiwiZXhwIjoxNTMwODIwMDQ1LCJpYXQiOjE1MzA4MTY0NDUsIm5vbmNlIjoiNDliZmI5OGItYzVlZC00YTA3LTgzMWItZmQ4YTcyYTY1NzAzIiwiYXV0aF90aW1lIjoxNTMwODE2NDQ1LCJjX2hhc2giOiJHQTZVYWZZdlR0V3UxLWhaVllJYWpBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiTlM5Qjdod1JTWmNHSEloRVFfMTZEb1lJU3RDSGMwT2I4UnpyRTRJY0o2ZyJ9.fxmpve9pM8F6L56yHTSG-8xICyZdgAyXcryQ4_KZCQQjhoGCbHVlFPawWomUmWRsWGQBTI4Luluj-OsVzaa83AoX8vPdjVLDIA-aEfZMT4EXKiEMSkQ1xaqi9soEjbqAH1Q91E6Tvm8q9FmtzqgKnjfc_tzDea-5mLpYaeQLdsUKcmPGGFvQ992crMisv4Dg_tl2w3nftDsQOoLGyawKewUY1on4JrWzeEjHHJKgjly4OkoiZzBYBIaNoUqqPIO4z4WMI-SZxQVQwmKB4FGe5qclHPEn3e6P4TdTSDVPJheqGLGivlaFwbUhTkEWKfAKmFKcg_7ntnxTA8rcLv_Z9Q&session_id=f86386bc-fdf7-41ea-b3fc-17265c3da68d&state=43b99928-ebe9-4a46-8a53-9faf0864e588&session_state=86351f8a-669e-40dc-ad9a-efb7d3f138af
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=authorization_code&code=1fc7f98b-2da9-4c43-9e0e-59569c183fae&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&myCustomAttr1=a116b884-d9ab-48d4-9a37-09ec79ae745f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"f3773454-72eb-43a5-904b-1208b16f2ff2","token_type":"bearer","expires_in":299,"refresh_token":"81bc26e5-9b34-4913-a145-c48872414ec6","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyOTk4LjMzMzMuOUZENy5FM0Y0IiwiZXhwIjoxNTMwODIwMDQ1LCJpYXQiOjE1MzA4MTY0NDUsIm5vbmNlIjoiNDliZmI5OGItYzVlZC00YTA3LTgzMWItZmQ4YTcyYTY1NzAzIiwiYXV0aF90aW1lIjoxNTMwODE2NDQ1LCJhdF9oYXNoIjoiRkpEZ3huT1k0SkdCRHNENmVCQkJPdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik5TOUI3aHdSU1pjR0hJaEVRXzE2RG9ZSVN0Q0hjME9iOFJ6ckU0SWNKNmcifQ.clGaJr2JF6Ue_9JfPFgnUUy3FsqJ4Fxu8JSuiaDujErqYKrwm_YdX480byaw5NepvD4OdXR2Rot2opPpalrIQLKoShNKmvD6vVGMGemU8Gw9C7kdfo7BYee1b706P8B6Nu7fdrmTJac6VQUdHPGvRZtpED0KZx7B_Pdm0dL4rCoUBswH3XbZ2H7-HuO46WMdZNtLv7yJ-qF41F7HUrJ6Pklt9Q-vjWDB1S20V3QXNSQ40k4Qy1Zmrdy-_zhd8oKv-ukoQnGICk6yThAaJtlALXsj0XU2c9hgM7cCsnFeFas9QfHPDrDOzpZniK29TZMyCw20gpkGl4z5umU6edaZ2w"}

#######################################################
TEST: requestAccessTokenCustomClientAuth2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=password&scope=openid&username=test_user&password=test_user_password&myCustomAttr1=a116b884-d9ab-48d4-9a37-09ec79ae745f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 934
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"906fff9b-f690-4481-b06a-7a4ca01531fd","token_type":"bearer","expires_in":299,"refresh_token":"b3b1ee4a-8e22-4809-9e19-1ec3942b01fc","scope":"openid","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyOTk4LjMzMzMuOUZENy5FM0Y0IiwiZXhwIjoxNTMwODIwMDQ1LCJpYXQiOjE1MzA4MTY0NDUsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik5TOUI3aHdSU1pjR0hJaEVRXzE2RG9ZSVN0Q0hjME9iOFJ6ckU0SWNKNmcifQ.l_mHbvvdDlcexsxEP_Hm-9c5nLYDXChnba8Pdonp40aMisIpzCbmmKryIJ9skqR7hl0VXvv9zf0HyaAy_SOx9vu9vBzOZJAM6Aguw2VVTOEtVepwk0a1SAnHA8zWv9bAHoEpF3l5mN3dL1S57iGTOTAQDDriiCZBz4zqCuMhPCPPwwWnF98qqR1O1SYxdWzkNbwtI6ht0My-3000u_dwP5-XINNB79vVcLtEdtVwy6FV-GzV0LN6VPEehnaTiPGMcbptgm780jbpJ52ygCssAKB8yv6UbHYeqVlvb9E5oqz1A8eFFS2BMLoIGPIC8Y2lmS9iFP-1_dvo5n577MZCBA"}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:25 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:25 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: clientSecretBasicAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_basic",
    "scope": "openid profile address email clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1226
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BF73.C845.0BEF.2475",
    "client_secret": "5aafd510-00b5-4981-8f59-89315e911759",
    "registration_access_token": "9b05d534-c079-413b-b12f-c13d9e0ebfe5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BF73.C845.0BEF.2475",
    "client_id_issued_at": 1530816445,
    "client_secret_expires_at": 1530902845,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQkY3My5DODQ1LjBCRUYuMjQ3NTo1YWFmZDUxMC0wMGI1LTQ5ODEtOGY1OS04OTMxNWU5MTE3NTk=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"c0766be5-45f2-426f-b035-f7519bf0e2cc","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 412
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BF73.C845.0BEF.2475","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["openid","profile","address","email","clientinfo"]}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer c0766be5-45f2-426f-b035-f7519bf0e2cc

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 403
Connection: Keep-Alive
Content-Length: 126
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"insufficient_scope","error_description":"The request requires higher privileges than provided by the access token."}

#######################################################
TEST: clientSecretBasicAuthenticationMethodFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_basic",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1242
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7F0C.AB40.DFA4.E073",
    "client_secret": "10cfef92-6496-4243-be79-9dc24941226f",
    "registration_access_token": "dd47bb07-3deb-4261-a7c0-3b204962b9df",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7F0C.AB40.DFA4.E073",
    "client_id_issued_at": 1530816446,
    "client_secret_expires_at": 1530902846,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghN0YwQy5BQjQwLkRGQTQuRTA3MzpJTlZBTElEX0NMSUVOVF9TRUNSRVQ=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7D9D.A49B.6F2B.52C5",
    "client_secret": "7beaa877-d317-4cac-92fc-88b3680322f5",
    "registration_access_token": "6e274c6d-d264-47a5-8c23-2d8908af45f4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7D9D.A49B.6F2B.52C5",
    "client_id_issued_at": 1530816446,
    "client_secret_expires_at": 1530902846,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3RDlELkE0OUIuNkYyQi41MkM1Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghN0Q5RC5BNDlCLjZGMkIuNTJDNSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMTY4ODNmMDUtMmZlNi00MDA0LTgzOGQtYTgzMTYyYzY3YjI5IiwiZXhwIjoxNTMwODE2NzY3LCJpYXQiOjE1MzA4MTY0Njd9.x8ZtxEL-SSaHmF5CCyAe9PnpNfRAzGje47zTUfguDhY

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"2f182c3d-159a-4250-895a-dc5b76ed5a0e","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7D9D.A49B.6F2B.52C5","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E0EF.5B1C.4938.78C7",
    "client_secret": "3ea40b38-2138-42de-83c4-717c9006f350",
    "registration_access_token": "ac1b6cd5-3023-48fe-81f3-cbbe03a3bfa9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E0EF.5B1C.4938.78C7",
    "client_id_issued_at": 1530816446,
    "client_secret_expires_at": 1530902846,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMEVGLjVCMUMuNDkzOC43OEM3Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRTBFRi41QjFDLjQ5MzguNzhDNyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYmU3ODQzMDktOThkYS00M2FkLTlkYTItY2EyYjlhMTJiZGVmIiwiZXhwIjoxNTMwODE2NzY3LCJpYXQiOjE1MzA4MTY0Njd9.a8lMciXGVVuF4zzJTaxWKWfDxzfhdplysMKraMEmn7Y

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F7AD.F1CF.2652.321D",
    "client_secret": "65557bc4-11d9-4c32-b90e-b65802b0904c",
    "registration_access_token": "6cb9420b-f5e9-45c3-9632-bf1743f585db",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F7AD.F1CF.2652.321D",
    "client_id_issued_at": 1530816446,
    "client_secret_expires_at": 1530902846,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGN0FELkYxQ0YuMjY1Mi4zMjFEIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRjdBRC5GMUNGLjI2NTIuMzIxRCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZjBhMzliN2YtMThiOC00ZTRkLWJjY2ItNzYwNjdkYjQ2NmZmIiwiZXhwIjoxNTMwODE2NzY4LCJpYXQiOjE1MzA4MTY0Njh9.FjIvlkqjMR-vvcok6vkqCeX8I0GN7bExK2rHOYVQBvZMDNC8U-vXPmD54Ufqsx74

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"22b1abe5-b1cb-4e89-ae87-be354354665d","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F7AD.F1CF.2652.321D","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!283F.2996.083F.3D63",
    "client_secret": "0f01193f-3b04-493a-a3be-eb67be0b5c3f",
    "registration_access_token": "5703cea5-9cce-489b-ae4e-2648bd197a46",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!283F.2996.083F.3D63",
    "client_id_issued_at": 1530816447,
    "client_secret_expires_at": 1530902847,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyODNGLjI5OTYuMDgzRi4zRDYzIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMjgzRi4yOTk2LjA4M0YuM0Q2MyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiY2MxYmIwMWUtMGVkYy00NGM0LWI5NTctMDk5NzRiZWRmMTIxIiwiZXhwIjoxNTMwODE2NzY4LCJpYXQiOjE1MzA4MTY0Njh9.NQS5uO3TQBdImK2_GWGkp1DCKgJ3KtEwEd1SJhuRYUvtKFCy4F750O0ecg5Liz5l

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:27 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9B91.0471.C5E1.8164",
    "client_secret": "26371959-ced9-4fe9-b3ed-73f0115713de",
    "registration_access_token": "cdf6b0c9-58c5-4c34-b090-57e5fdc5b0e6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9B91.0471.C5E1.8164",
    "client_id_issued_at": 1530816447,
    "client_secret_expires_at": 1530902847,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5QjkxLjA0NzEuQzVFMS44MTY0Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOUI5MS4wNDcxLkM1RTEuODE2NCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZmI5YjA2ZjAtOTNiMS00N2NkLWJjMzUtNzBjNGVkMzk1NzVkIiwiZXhwIjoxNTMwODE2NzY4LCJpYXQiOjE1MzA4MTY0Njh9.ujdfQ_Je1WNZADODSmJ5wD516uD_Za96YiwQtPenr2yuBZTtcdF-guZcB7UKfVozvVw1QHAfpzr8xG42X_3iSQ

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"c6a25362-27a2-4ff7-be15-1d040cf69a96","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9B91.0471.C5E1.8164","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62D7.9BA6.62D6.12DD",
    "client_secret": "3d941f3c-3127-4512-9989-6f098075cb96",
    "registration_access_token": "2a06e18b-73f9-48da-858c-1368abb7e32b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62D7.9BA6.62D6.12DD",
    "client_id_issued_at": 1530816447,
    "client_secret_expires_at": 1530902847,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MkQ3LjlCQTYuNjJENi4xMkREIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNjJENy45QkE2LjYyRDYuMTJERCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNjgzMmYxY2QtMWZmZi00ZWZiLWJhZjgtMzM3NGUxYmY4NTFlIiwiZXhwIjoxNTMwODE2NzY4LCJpYXQiOjE1MzA4MTY0Njh9.tDA2WF3mqYAY1NaT4YEMI_mJRTTbx1VzcoQHLhEejSvKg0WhmMa7Q-It59Cl3C8F271iTOxsklWnWG31BOim7A

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:27 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretPostAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1196
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CF8F.14D4.05CC.41A1",
    "client_secret": "008cd2c7-6cee-46a4-9ec1-a98757a47321",
    "registration_access_token": "34591f56-2d8b-4d5f-ae0f-37375e813b0c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CF8F.14D4.05CC.41A1",
    "client_id_issued_at": 1530816447,
    "client_secret_expires_at": 1530902847,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CF8F.14D4.05CC.41A1&client_secret=008cd2c7-6cee-46a4-9ec1-a98757a47321

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"f1e2b561-1bbe-472f-a670-2c1e04e3b79c","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CF8F.14D4.05CC.41A1","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretPostAuthenticationMethodFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EE78.97EC.D8EF.B0CF",
    "client_secret": "9db20113-8d57-49a0-8c3d-40de88fa4b3c",
    "registration_access_token": "e2b65a06-9e7e-486e-b092-b973f10f0250",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EE78.97EC.D8EF.B0CF",
    "client_id_issued_at": 1530816447,
    "client_secret_expires_at": 1530902847,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EE78.97EC.D8EF.B0CF&client_secret=INVALID_CLIENT_SECRET

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:27 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretPostAuthenticationMethodFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7378.3420.10E1.7F1F",
    "client_secret": "2e2730a9-af82-427d-8e8c-d17d10483447",
    "registration_access_token": "62719f30-5fb1-473a-b6ba-0522ea88a4c6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7378.3420.10E1.7F1F",
    "client_id_issued_at": 1530816448,
    "client_secret_expires_at": 1530902848,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217378.3420.10E1.7F1F

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:28 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretPostAuthenticationMethodFail3
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!46AE.F82B.74A2.9F1C",
    "client_secret": "eb433648-e00b-4ee3-96dc-fe6e3bc7a2c3",
    "registration_access_token": "7ba1340f-80cf-48ba-a5b8-e4853d98b143",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!46AE.F82B.74A2.9F1C",
    "client_id_issued_at": 1530816448,
    "client_secret_expires_at": 1530902848,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:28 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: defaultAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1197
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D6AC.73B2.24B5.7ADD",
    "client_secret": "c4e73f5f-908b-4473-ad58-8c8137166099",
    "registration_access_token": "14399069-01c3-43b4-95c9-5d1b22cb1b3a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D6AC.73B2.24B5.7ADD",
    "client_id_issued_at": 1530816448,
    "client_secret_expires_at": 1530902848,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDZBQy43M0IyLjI0QjUuN0FERDpjNGU3M2Y1Zi05MDhiLTQ0NzMtYWQ1OC04YzgxMzcxNjYwOTk=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"ca413565-d127-4cdc-8575-bb7d077f7d23","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D6AC.73B2.24B5.7ADD","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: defaultAuthenticationMethodFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1242
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A121.814E.6220.B83C",
    "client_secret": "9c00eddf-1dfd-4548-8520-637ba8462a1b",
    "registration_access_token": "c5f399b3-345a-419c-9ab6-080b676b8ef3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A121.814E.6220.B83C",
    "client_id_issued_at": 1530816448,
    "client_secret_expires_at": 1530902848,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic QCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTEyMS44MTRFLjYyMjAuQjgzQzpJTlZBTElEX0NMSUVOVF9TRUNSRVQ=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:28 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7620.756D.D2FA.5069",
    "client_secret": "4c0c650a-5c26-4a29-8713-0e190dcfe2e6",
    "registration_access_token": "32d56354-6af9-44e4-ba25-7e0cf7938289",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7620.756D.D2FA.5069",
    "client_id_issued_at": 1530816448,
    "client_secret_expires_at": 1530902848,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3NjIwLjc1NkQuRDJGQS41MDY5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNzYyMC43NTZELkQyRkEuNTA2OSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZTI3ODI5ODAtYzVhMC00ZDNjLWI3NjQtOGJlMWU2MTYzOTY3IiwiZXhwIjoxNTMwODE2NzcwLCJpYXQiOjE1MzA4MTY0NzB9.MEQCICMuOhNzJgBMieHSF7K1z7iD0itN-8cSO2PDhyZupu7TAiBwr5qpP3G0Jrczn49ORPlF8YMxexA2e2--RSKhbbrEEQ

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"b1391495-9e33-4a4b-bf9e-0992c24e29ae","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7620.756D.D2FA.5069","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E29E.56D4.737B.AF8D",
    "client_secret": "affeb223-1246-44ab-b879-eaa1fdd8ceaa",
    "registration_access_token": "f485517c-c7ee-40c0-ac4f-ea51f49022f1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E29E.56D4.737B.AF8D",
    "client_id_issued_at": 1530816449,
    "client_secret_expires_at": 1530902849,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

14:47:50.487 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1312) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
14:47:50.594 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:761) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1314) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IkVTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMjlFLjU2RDQuNzM3Qi5BRjhEIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRTI5RS41NkQ0LjczN0IuQUY4RCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNWRiZjZiMjMtNGJkZS00MjczLWEwZGItNzA5YjZlOTMyZTAxIiwiZXhwIjoxNTMwODE2NzcwLCJpYXQiOjE1MzA4MTY0NzB9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:29 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!28FC.FF26.A842.8B49",
    "client_secret": "7263f274-8200-41f1-917e-015c05bd402d",
    "registration_access_token": "bac764b5-9bff-4f17-9b2b-7ecfb21f5b6f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!28FC.FF26.A842.8B49",
    "client_id_issued_at": 1530816449,
    "client_secret_expires_at": 1530902849,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyOEZDLkZGMjYuQTg0Mi44QjQ5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMjhGQy5GRjI2LkE4NDIuOEI0OSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNmE1Y2Y2NDQtZmQyNy00MTk0LTg2NDYtNTI1ODRjNWQwZGMzIiwiZXhwIjoxNTMwODE2NzcwLCJpYXQiOjE1MzA4MTY0NzB9.MGQCMCu9t0IVOX7GW4Is9po3aKfFOrCy6YjQmrYWNvkVK016XojkIuxJMW_JihxpoNaIlwIwLzRcvuR32DGcLHTc_4fMG1aKkfA5OOhc0sFYNvaiZc4rppefGwCKhOALvfp_tqlA

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"5da25b00-5203-438a-a769-226adcccf20b","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!28FC.FF26.A842.8B49","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E2BF.DF95.0852.0FC0",
    "client_secret": "ab51d7d1-f5da-4d2f-ad86-53c7483e10ff",
    "registration_access_token": "c811005b-9ff7-4290-bd34-1f50a60c6cd6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E2BF.DF95.0852.0FC0",
    "client_id_issued_at": 1530816449,
    "client_secret_expires_at": 1530902849,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

14:47:51.037 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1437) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
14:47:51.138 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:761) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1439) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6IkVTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMkJGLkRGOTUuMDg1Mi4wRkMwIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRTJCRi5ERjk1LjA4NTIuMEZDMCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiY2JlYzQ5YWEtY2VjNy00ZGYwLTg0NjgtMWM3NTBmMWQ1Y2QxIiwiZXhwIjoxNTMwODE2NzcxLCJpYXQiOjE1MzA4MTY0NzF9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:29 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F62B.0699.FEF4.BEB4",
    "client_secret": "71a127ff-cab5-4b9b-8e50-8f9b48f0532a",
    "registration_access_token": "5b74441b-6e02-4e08-96bf-5f089c984b9e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F62B.0699.FEF4.BEB4",
    "client_id_issued_at": 1530816449,
    "client_secret_expires_at": 1530902849,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGNjJCLjA2OTkuRkVGNC5CRUI0Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRjYyQi4wNjk5LkZFRjQuQkVCNCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMmJjNTEyMDctODIyYi00YjU1LThmODMtNzlkNTEyMTBmNTA3IiwiZXhwIjoxNTMwODE2NzcxLCJpYXQiOjE1MzA4MTY0NzF9.MIGIAkIBBZ15cT5lWP67995Qwf_LzPtq2-r4GuhH8KvVPrZxTWZejXLrKTBAmsv0Lv3TDGNwgLPV8WJgYAMG99yMYSZ3FkcCQgEqwtk5kAo4bNp_B2BIMKS3DnFusFd6jbMlmtNeFg3-p6NuZOIWKmjz2D-v2DLV9HBXY1jcn9CU3nrit0DYOdMAig

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"947cc474-b42a-400c-afb9-d6bdcdb8056b","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F62B.0699.FEF4.BEB4","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!92CD.B806.3E45.EB95",
    "client_secret": "dc25e57f-9586-44db-bff5-5a0310012f1a",
    "registration_access_token": "92c82798-3c43-406e-a645-2f5e2c5b7589",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!92CD.B806.3E45.EB95",
    "client_id_issued_at": 1530816450,
    "client_secret_expires_at": 1530902850,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

14:47:51.584 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1562) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
14:47:51.691 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:761) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1564) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IkVTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5MkNELkI4MDYuM0U0NS5FQjk1Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOTJDRC5CODA2LjNFNDUuRUI5NSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZGVlNGMwMjAtNzBiYy00MWZiLTlkYTEtOTA1YzI5NTlmYWJiIiwiZXhwIjoxNTMwODE2NzcxLCJpYXQiOjE1MzA4MTY0NzF9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:30 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0B60.3A19.439F.DAFE",
    "client_secret": "cb757fae-f1ae-4701-806b-6eee2d13488d",
    "registration_access_token": "4aa5df07-a7b9-4d5a-a04a-cae91edb1bbe",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0B60.3A19.439F.DAFE",
    "client_id_issued_at": 1530816450,
    "client_secret_expires_at": 1530902850,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwQjYwLjNBMTkuNDM5Ri5EQUZFIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMEI2MC4zQTE5LjQzOUYuREFGRSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMWY5OWFhMTItNDk3My00Njc3LWExNjMtOGRkM2EyMTY1YmEwIiwiZXhwIjoxNTMwODE2NzcxLCJpYXQiOjE1MzA4MTY0NzF9.krseaxgLhtnivAtTwW4lEJF4LocCwvSLugvewjpALH-2AVBOUL2jv-1EuabsFE8_BcSR8HVPTwFr-sKoOK5xQjvzWbvi33SfBxu2WwGzoqf7g4QAVjy2EBdR1Nn2t4EJ6ijPhGP_cj97EKbJZ1R6qWaVepOOD1gmY0wNgzVFT3SKt-kr7kDLmjjMadzNdgFp6eFuf5y7mdx6g93tp39XtKZ0qA5GzbrdvWHLksZogJAGtaHj15g0AnD_O51cQqSGoTg4NJX2RVtG2t6C8wxYvc8vlZwmn8vHMF7hnyI4FbD0q9MLpVq21XuyFs1ce7jV9pQLuZnStZ-sWHnwMwoxfQ

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"2929bc70-d1ad-401e-ae30-4957f42c191c","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0B60.3A19.439F.DAFE","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CD0B.697E.9ABB.BF8C",
    "client_secret": "fe58291a-1f46-4c3e-97af-3d4c1d6bf21b",
    "registration_access_token": "ac4c3c80-6d89-4dc6-a13f-56594228dfd1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CD0B.697E.9ABB.BF8C",
    "client_id_issued_at": 1530816450,
    "client_secret_expires_at": 1530902850,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

14:47:52.119 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:937) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
14:47:52.222 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:761) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:939) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IlJTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDRDBCLjY5N0UuOUFCQi5CRjhDIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQ0QwQi42OTdFLjlBQkIuQkY4QyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYWYwMTMyNDEtYzllYy00ZGQxLTkzY2ItOWI5YmMwMDc5YzU4IiwiZXhwIjoxNTMwODE2NzcyLCJpYXQiOjE1MzA4MTY0NzJ9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:30 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8D80.6F1B.7E36.B151",
    "client_secret": "a224b885-9c5e-4700-9434-10acf4f9dd3c",
    "registration_access_token": "e5f1c9d8-de3f-4c43-823c-e3053e0c2fbe",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8D80.6F1B.7E36.B151",
    "client_id_issued_at": 1530816451,
    "client_secret_expires_at": 1530902851,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4RDgwLjZGMUIuN0UzNi5CMTUxIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOEQ4MC42RjFCLjdFMzYuQjE1MSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNDA4OTViZmItMDA4My00NDBmLWJmMTctMTFiNGNmMWJhNTBiIiwiZXhwIjoxNTMwODE2NzcyLCJpYXQiOjE1MzA4MTY0NzJ9.k7Dpq4sjNc8Ab3svfCGJJv5H2l1BX6gh4EpyGNZiHBaxybZtgZJJ9Cr_yWOToGOriVamuvtUXo08OOHubUNqOs6sTZOvxjqA4OvUhistg9dtRv1Dyg7v4nQKm43dwQ5dj8YPSF-QDT9ElM7R38uwBw0-ZFUhbyVjcZ171evGdFs5KZLcjjhbefHYowJGIpsJYpo4FY8VQzUP2eM5O0ajcRv_mXjujLreEe2YAr444DcSxNVmZZUvhF3aBwW-q7uDd2mJunpr2exd1coDru9D-UYBR9Ezx-Xviea8ShEuIV2_Pwfr1itxdN3qiLSuVlWqZ7iIBWqUjdyEsXJDpO5GVA

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"ff0f816b-4a55-4078-8358-731612f05722","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8D80.6F1B.7E36.B151","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!040D.10BB.2DB0.1E58",
    "client_secret": "9216a13e-fcff-4b73-94e4-dde370432dcf",
    "registration_access_token": "f4533dc8-1168-4b4e-93aa-6d71db383fd7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!040D.10BB.2DB0.1E58",
    "client_id_issued_at": 1530816451,
    "client_secret_expires_at": 1530902851,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

14:47:52.630 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1062) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
14:47:52.735 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:761) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1064) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6IlJTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwNDBELjEwQkIuMkRCMC4xRTU4Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMDQwRC4xMEJCLjJEQjAuMUU1OCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMjZhZDcyNWItNWFkNi00Y2RiLTg0OWQtMDIwYjhjNGYyMjhiIiwiZXhwIjoxNTMwODE2NzcyLCJpYXQiOjE1MzA4MTY0NzJ9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:31 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!54C1.244D.9EA4.377F",
    "client_secret": "3966cb0c-99c9-424c-9dc2-387c0fb700b2",
    "registration_access_token": "b5821762-b632-4d6e-b65b-fd3974d44e12",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!54C1.244D.9EA4.377F",
    "client_id_issued_at": 1530816451,
    "client_secret_expires_at": 1530902851,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1NEMxLjI0NEQuOUVBNC4zNzdGIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNTRDMS4yNDRELjlFQTQuMzc3RiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNzZjZmM3YWMtNTQyNC00YmQ1LWJmM2EtZTI1YjQ2MTYxYzY3IiwiZXhwIjoxNTMwODE2NzcyLCJpYXQiOjE1MzA4MTY0NzJ9.YS8D_CcyL7VyFdAM6Gtk77yOSTNDETT4lEFc7lwHuFEZUDoVXfu0YxdYce3epJf0gmGuAS7c2O59fw3j7OMRFdc8qUnFpHO-Y0b2qgw6HobzCM6ynPX4i0iLkFTwMo99-98ZUsQk9Zw0t-aySrI5m0hk3REywaj4k_kWt7uxkYuHcgUxUBp53X1GYnGI9YSum8AqTkgmlSiTuYfqWIrbf2S0vhnRWXDnUKKzkTen39GswI8ipgLmVhZmdpv8LOV3ZapvZkHIdgVwVJP2EXZb0RoNwakJxcYf2CDncIk8TNS4tgYdDhOL3JuseFzkQsmYvxEWoPg3CTknLqLklxzBFA

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"6b37efac-2244-409f-a8d4-0053b740272a","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!54C1.244D.9EA4.377F","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A40B.044D.9586.8436",
    "client_secret": "cd299476-0e4d-464f-895d-227e2cbe9e7b",
    "registration_access_token": "f3141640-2ba9-4e00-8b39-6133712fe737",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A40B.044D.9586.8436",
    "client_id_issued_at": 1530816451,
    "client_secret_expires_at": 1530902851,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

14:47:53.162 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS512Fail(ClientCredentialsGrantHttpTest.java:1187) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
14:47:53.262 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.54.jar:1.54.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:761) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS512Fail(ClientCredentialsGrantHttpTest.java:1189) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6IlJTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBNDBCLjA0NEQuOTU4Ni44NDM2Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTQwQi4wNDRELjk1ODYuODQzNiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMmU1NzdjZDYtYzQ2Zi00YWI1LThjNzUtMTdjNmM3ODhhOWQ0IiwiZXhwIjoxNTMwODE2NzczLCJpYXQiOjE1MzA4MTY0NzN9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:31 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Thu, 05 Jul 2018 18:47:32 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:32 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: requestClientInfoImplicitFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Thu, 05 Jul 2018 18:47:32 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EB99.7644.F9E8.9451",
    "client_secret": "21d2be66-b5c2-4d4f-a8ce-b42e88d76480",
    "registration_access_token": "8cd56742-00b7-4265-b0f8-bc409046b5dd",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EB99.7644.F9E8.9451",
    "client_id_issued_at": 1530816452,
    "client_secret_expires_at": 1530902852,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EB99.7644.F9E8.9451&scope=clientinfo&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b4619016-36f1-42f0-bbfe-9fc43b03f651&nonce=481d5e11-f96d-4e54-bd60-98255d051f15
14:47:53.605 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[