FailedConsole Output

Started by an SCM change
Building on master in workspace /home/tomcat/.jenkins/jobs/oxAuth/workspace
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/GluuFederation/oxAuth # timeout=10
Fetching upstream changes from https://github.com/GluuFederation/oxAuth
 > git --version # timeout=10
 > git fetch --tags --progress https://github.com/GluuFederation/oxAuth +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision ae3d0aa97862d682fcd2f4c49bc708fd184aacfe (refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f ae3d0aa97862d682fcd2f4c49bc708fd184aacfe
Commit message: "Merge branch 'master' of https://github.com/GluuFederation/oxAuth"
 > git rev-list --no-walk bda08e901e4363b99d692e4be6f6ecef13fc7bea # timeout=10
[workspace] $ /bin/bash /opt/tomcat/temp/jenkins4684753511694162506.sh
Cloning into 'oxHudsonProfiles'...
[workspace] $ /home/tomcat/.jenkins/tools/hudson.tasks.Maven_MavenInstallation/maven_3.3.9/bin/mvn -DVERSION_NAME=master -DPROFILE_NAME=ce-dev4 -DDEVELOPMENT_BUILD=true -DMAVEN_SKIP_TESTS=false -Dpython.import.site=false -DPYTHON_HOME=/opt/jython -Dcfg=ce-dev4 -Dmaven.test.skip=false -Ddevelopment-build=true clean compile install findbugs:findbugs javadoc:javadoc site
[INFO] Scanning for projects...
[WARNING] 
[WARNING] Some problems were encountered while building the effective model for org.xdi:oxauth-rp:war:4.0.0-SNAPSHOT
[WARNING] 'build.plugins.plugin.version' for org.mortbay.jetty:jetty-maven-plugin is missing. @ org.xdi:oxauth-rp:[unknown-version], /home/tomcat/.jenkins/jobs/oxAuth/workspace/RP/pom.xml, line 74, column 12
[WARNING] 
[WARNING] It is highly recommended to fix these problems because they threaten the stability of your build.
[WARNING] 
[WARNING] For this reason, future Maven versions might no longer support building such malformed projects.
[WARNING] 
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO] 
[INFO] oxAuth
[INFO] oxAuth Model
[INFO] oxAuth Client
[INFO] oxauth-static
[INFO] oxAuth RP
[INFO] oxAuth RP Demo
[INFO] oxAuth Server
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth 4.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/target
[INFO] 
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth ---
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/pom.xml to /var/www/html/maven/org/xdi/oxauth/4.0.0-SNAPSHOT/oxauth-4.0.0-SNAPSHOT.pom
[INFO] 
[INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth ---
[INFO] 
[INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth >>>
[INFO] 
[INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth <<<
[INFO] 
[INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth ---
[INFO] 
[INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth ---
Downloading: http://repository.jboss.org/nexus/content/groups/public-jboss/org/apache/maven/skins/maven-default-skin/maven-metadata.xml
Downloading: http://repo1.maven.org/maven2/org/apache/maven/skins/maven-default-skin/maven-metadata.xml
Downloading: http://repo2.maven.org/maven2/org/bouncycastle/org/apache/maven/skins/maven-default-skin/maven-metadata.xml
Downloading: http://ox.gluu.org/maven/org/apache/maven/skins/maven-default-skin/maven-metadata.xml

Downloading: https://repo.maven.apache.org/maven2/org/apache/maven/skins/maven-default-skin/maven-metadata.xml
399/399 B   
            
Downloaded: http://repo1.maven.org/maven2/org/apache/maven/skins/maven-default-skin/maven-metadata.xml (399 B at 2.0 KB/sec)
            
399/399 B   
            
Downloaded: http://repository.jboss.org/nexus/content/groups/public-jboss/org/apache/maven/skins/maven-default-skin/maven-metadata.xml (399 B at 0.9 KB/sec)
399/399 B   
            
Downloaded: https://repo.maven.apache.org/maven2/org/apache/maven/skins/maven-default-skin/maven-metadata.xml (399 B at 1.0 KB/sec)
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth Model 4.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-model ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model ---
[INFO] Compiling 156 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/classes
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[144,36] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model ---
[INFO] Nothing to compile - all classes are up to date
[INFO] 
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 4 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-model ---
[INFO] Compiling 5 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/test-classes
[INFO] 
[INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-model ---

-------------------------------------------------------
 T E S T S
-------------------------------------------------------
Running TestSuite
CodeVerifier{codeVerifier='Cgts78c_mU0H3LHP44oip.i4UiDjfDwK~BByOqJ3oG8Og3DRn0q5fSbWcwHBVg.2xd0qVUKH~N1UFolQAl0m~vwuw3WMgBtjc.Wxp.tF_gWQxBFNKlDZW5zwO~-yQYkJ', codeChallenge='Cgts78c_mU0H3LHP44oip.i4UiDjfDwK~BByOqJ3oG8Og3DRn0q5fSbWcwHBVg.2xd0qVUKH~N1UFolQAl0m~vwuw3WMgBtjc.Wxp.tF_gWQxBFNKlDZW5zwO~-yQYkJ', transformationType=PLAIN}
CodeVerifier{codeVerifier='bleTjr-Hm_dtUH8JY11X8kPtcDkwtEA8v436ahWVt4w_MN8V36EXVMzIiEgm3ookCeoNsCFE.kxGyXmiU0Mq2xRwAkY0Ta1cJFe0oGBqgz0XRI3pAIa9fe0SEy3gkj-Y', codeChallenge='8Iqi2C0DhXJg-wNUwRZ11bhPl0BVUP1pHoj5pxwnef0', transformationType=S256}
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging.
Hi there from Javascript, 
Tests run: 7, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 2.465 sec - in TestSuite

Results :

Tests run: 7, Failures: 0, Errors: 0, Skipped: 0

[INFO] 
[INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ oxauth-model ---
[INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar
[INFO] 
[INFO] --- maven-jar-plugin:2.4:test-jar (default) @ oxauth-model ---
[INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar
[INFO] 
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth-model ---
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar to /var/www/html/maven/org/xdi/oxauth-model/4.0.0-SNAPSHOT/oxauth-model-4.0.0-SNAPSHOT.jar
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/pom.xml to /var/www/html/maven/org/xdi/oxauth-model/4.0.0-SNAPSHOT/oxauth-model-4.0.0-SNAPSHOT.pom
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar to /var/www/html/maven/org/xdi/oxauth-model/4.0.0-SNAPSHOT/oxauth-model-4.0.0-SNAPSHOT-tests.jar
[INFO] 
[INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth-model ---
[INFO] Fork Value is true
     [java] Warnings generated: 53
[INFO] Done FindBugs Analysis....
[INFO] 
[INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth-model >>>
[INFO] 
[INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth-model <<<
[INFO] 
[INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth-model ---
[INFO] 
Loading source files for package org.xdi.oxauth.model.uma...
Loading source files for package org.xdi.oxauth.model.uma.wrapper...
Loading source files for package org.xdi.oxauth.model.uma.persistence...
Loading source files for package org.xdi.oxauth.model.jwt...
Loading source files for package org.xdi.oxauth.model.common...
Loading source files for package org.xdi.oxauth.model.jwk...
Loading source files for package org.xdi.oxauth.model.exception...
Loading source files for package org.xdi.oxauth.model.session...
Loading source files for package org.xdi.oxauth.model.fido.u2f...
Loading source files for package org.xdi.oxauth.model.fido.u2f.message...
Loading source files for package org.xdi.oxauth.model.fido.u2f.exception...
Loading source files for package org.xdi.oxauth.model.fido.u2f.protocol...
Loading source files for package org.xdi.oxauth.model.gluu...
Loading source files for package org.xdi.oxauth.model.register...
Loading source files for package org.xdi.oxauth.model.discovery...
Loading source files for package org.xdi.oxauth.model.jwe...
Loading source files for package org.xdi.oxauth.model.userinfo...
Loading source files for package org.xdi.oxauth.model.util...
Loading source files for package org.xdi.oxauth.model.authorize...
Loading source files for package org.xdi.oxauth.model.configuration...
Loading source files for package org.xdi.oxauth.model.error...
Loading source files for package org.xdi.oxauth.model.jws...
Loading source files for package org.xdi.oxauth.model.token...
Loading source files for package org.xdi.oxauth.model.crypto...
Loading source files for package org.xdi.oxauth.model.crypto.signature...
Loading source files for package org.xdi.oxauth.model.crypto.encryption...
Constructing Javadoc information...
Standard Doclet version 1.8.0_121
Building tree for all the packages and classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/ClaimTokenFormatType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogic.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNodeParser.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/PermissionTicket.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptIntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptProfiles.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RPTResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaMetadata.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermissionList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceWithId.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaTokenResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/Token.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/Jwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaims.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimSet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeader.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeaderName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtStateClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtSubClaimObject.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/PureJwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthenticationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthorizationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Display.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/GrantType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/HasParamName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Holder.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Id.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/JSONable.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/PairwiseIdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ProgrammingLanguage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Prompt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseMode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/SubjectType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/TokenType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/WebKeyStorage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKeySet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JWKParameter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/KeyType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/Use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidClaimException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJweException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJwtException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidParameterException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/SignatureException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/DeviceRegistrationStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawRegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/BadInputException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/RegistrationNotAllowed.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/ClientData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/DeviceData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/ApplicationType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/OAuth2Discovery.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerLink.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/Jwe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/KeyDerivationFunction.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/Schema.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/UserInfoErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Base64Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/JwtUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/LocaleUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Pair.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SecurityProviderUtility.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/StringUtils.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SubjectIdentifierGenerator.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/URLPatternList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.CodeChallengeMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AppConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/BaseFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ClientAuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/Configuration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ConfigurationResponseClaim.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/CorsConfigurationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/IErrorType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/AbstractJwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/ECDSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/HMACSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/JwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/PlainTextSignature.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/RSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/ClientAssertionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/JsonWebResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/TokenErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Certificate.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/CryptoProviderFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Key.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/KeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxAuthCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxElevenCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/AbstractSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECEllipticCurve.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithmFamily.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/Signer.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/BlockEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/KeyEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/constant-values.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/serialized-form.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogic.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNodeParser.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptIntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/PermissionTicket.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/ClaimTokenFormatType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceWithId.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptProfiles.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaTokenResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaMetadata.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaNeedInfoResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermissionList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RPTResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/class-use/Token.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/Jwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeader.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/PureJwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtStateClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimSet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtSubClaimObject.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaims.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeaderName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ProgrammingLanguage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/HasParamName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/GrantType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthorizationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/PairwiseIdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Holder.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/JSONable.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/TokenType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Id.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Prompt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseMode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/WebKeyStorage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Display.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/SubjectType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthenticationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKeySet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JWKParameter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/Use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/KeyType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidParameterException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/SignatureException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJwtException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJweException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidClaimException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/DeviceRegistrationStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawAuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawRegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/RegistrationNotAllowed.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/BadInputException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/DeviceData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/ClientData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/ApplicationType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/OAuth2Discovery.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerLink.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/KeyDerivationFunction.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/Jwe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/UserInfoErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/Schema.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/URLPatternList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Base64Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SecurityProviderUtility.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/LocaleUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/StringUtils.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SubjectIdentifierGenerator.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/JwtUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Pair.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.CodeChallengeMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/Configuration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/BaseFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AppConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/CorsConfigurationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ConfigurationResponseClaim.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ClientAuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/class-use/IErrorType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/RSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/HMACSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/AbstractJwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/PlainTextSignature.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/ECDSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/JwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/JsonWebResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/TokenErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/ClientAssertionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxElevenCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxAuthCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/AbstractCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Key.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/CryptoProviderFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Certificate.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/KeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithmFamily.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/Signer.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/AbstractSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECEllipticCurve.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/BlockEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/KeyEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-use.html...
Building index for all the packages and classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index-all.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/deprecated-list.html...
Building index for all classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-noframe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/help-doc.html...
12 warnings
[WARNING] Javadoc Warnings
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for clientId
[WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for claimsRedirectUri
[WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:44: warning: no @return
[WARNING] public JwtHeader setType(JwtType type) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:63: warning: no @return
[WARNING] public JwtHeader setAlgorithm(SignatureAlgorithm algorithm) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:77: warning: no @return
[WARNING] public JwtHeader setAlgorithm(KeyEncryptionAlgorithm algorithm) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:96: warning: no @return
[WARNING] public JwtHeader setKeyId(String keyId) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/common/ScopeType.java:30: warning: empty <p> tag
[WARNING] * <p>
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:37: warning: no @return
[WARNING] public byte getUserPresence() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:45: warning: no @return
[WARNING] public long getCounter() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:52: warning: no @return
[WARNING] public byte[] getSignature() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:210: warning: no description for @return
[WARNING] * @return
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:212: warning: no @throws for org.codehaus.jettison.json.JSONException
[WARNING] public static Map<String, String> jsonObjectArrayStringAsMap(String jsonString) throws JSONException {
[WARNING] ^
[INFO] 
[INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth-model ---
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth Client 4.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-client ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client ---
[INFO] Compiling 59 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/classes
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client ---
[INFO] Nothing to compile - all classes are up to date
[INFO] 
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 17 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-client ---
[INFO] Compiling 145 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/test-classes
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[47,35] X509CertImpl is internal proprietary API and may be removed in a future release
[INFO] 
[INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-client ---

-------------------------------------------------------
 T E S T S
-------------------------------------------------------
Running TestSuite
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging.
Invoked init test suite method 

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:33:42 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:42 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: applicationTypeNativeSubjectTypePairwise
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1344
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FC8B.93C9.3CC9.711E",
    "client_secret": "e3194f51-8a0e-45a3-a5f0-26dab62aea8d",
    "registration_access_token": "40c57832-7bc1-44c4-b362-eeb1b0f5c598",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FC8B.93C9.3CC9.711E",
    "client_id_issued_at": 1530862422,
    "client_secret_expires_at": 1530948822,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 40c57832-7bc1-44c4-b362-eeb1b0f5c598

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1344
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FC8B.93C9.3CC9.711E",
    "client_secret": "e3194f51-8a0e-45a3-a5f0-26dab62aea8d",
    "registration_access_token": "40c57832-7bc1-44c4-b362-eeb1b0f5c598",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FC8B.93C9.3CC9.711E",
    "client_id_issued_at": 1530862422,
    "client_secret_expires_at": 1530948822,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FC8B.93C9.3CC9.711E&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=05baa76c-e361-49eb-9d9d-1f755798e57f&nonce=8941aa56-a234-4379-921e-bb54d4d3539e
03:34:06.439 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:2d0ee7e3-9d47-4552-a274-d83ca4186a27
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FC8B.93C9.3CC9.711E&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=05baa76c-e361-49eb-9d9d-1f755798e57f&nonce=8941aa56-a234-4379-921e-bb54d4d3539e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=c5064eb5-5c1e-43f9-b127-cd82249833f1&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGQzhCLjkzQzkuM0NDOS43MTFFIiwiZXhwIjoxNTMwODY2MDI3LCJpYXQiOjE1MzA4NjI0MjcsIm5vbmNlIjoiODk0MWFhNTYtYTIzNC00Mzc5LTkyMWUtYmI1NGQ0ZDM1MzllIiwiYXV0aF90aW1lIjoxNTMwODYyNDI2LCJjX2hhc2giOiJLUC0yMGVjb0VPS2t1b3dLdjJKbXdRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiSVJHSnNpcmxsQVZjVzdqLU90R2Fqd3lsYkxGREFhU2k5UlZaNEdyb1VHMCJ9.YD1l_efr-BlcgMXarLKN43-mPSmhDOhu1Ce9L3JzqKRizIxjl2juj_zDPXNmZ1N3nh2mGfOrZiMdOMnBi8DrPvGxVs4XI2juY-pKTaapRvlpgWn3bFpIR_hCAf-zfECHmT7wGHUF6qWjkub-DcTf6N0p0FK7G2SI50Wghx0Gb5zZBGjWMonluI7vIarIZfTm6MnTOln5QnFa1eE2QQLcrrFIFJteJtNZxnZbpnAGfd4L7X6qIHzmqZxx6I4iF6bPEnsDoW6N1r3OCGg0hTdUrZZAfu0KqRx3T_4koXoqMFENbtkMGn8W3P_rz0MURbTY4eBL_rqYTM7TGbhuTjBJsg&session_id=cb86fc8b-9675-4fd9-9abc-85fd89867d8e&state=05baa76c-e361-49eb-9d9d-1f755798e57f&session_state=2d0ee7e3-9d47-4552-a274-d83ca4186a27

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRkM4Qi45M0M5LjNDQzkuNzExRTplMzE5NGY1MS04YTBlLTQ1YTMtYTVmMC0yNmRhYjYyYWVhOGQ=

grant_type=authorization_code&code=c5064eb5-5c1e-43f9-b127-cd82249833f1&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"dda69de5-3029-478c-85be-8bce2b3444bf","token_type":"bearer","expires_in":299,"refresh_token":"437fa5d4-b78b-4562-a35e-e43d9cedd523","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGQzhCLjkzQzkuM0NDOS43MTFFIiwiZXhwIjoxNTMwODY2MDI3LCJpYXQiOjE1MzA4NjI0MjcsIm5vbmNlIjoiODk0MWFhNTYtYTIzNC00Mzc5LTkyMWUtYmI1NGQ0ZDM1MzllIiwiYXV0aF90aW1lIjoxNTMwODYyNDI2LCJhdF9oYXNoIjoiektpQmd4N2FPd1Y0QWIweXA0WmJKUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IklSR0pzaXJsbEFWY1c3ai1PdEdhand5bGJMRkRBYVNpOVJWWjRHcm9VRzAifQ.kOdASiVKKWcZbHzSP8gM9eVyS4mgIboqjs752TFz9W0EM2wKeUutH2baiip4sUb958rZS1GhRm-ddmVGQksaocEGzMYZGJZ4D2jEqfGzwbZ2YdZ7ceS1DU5fcGzItYxnHkgM-946NT2TQLoSi_Wh7pj0I9SbUBY_1d9pmsLL2ObiATa1CQXZGLdAs8xejEl5Aknfl6LeZK5aTWCN7XzgmMGGImF9CvSAqN2YCJR1RQMkcVf9ZufHdwTuJKz54sBcZG2vKmnpY-QZKDxRybyou7zy_VuR8SdZfvSrLX3YOXWXcmnXFegELUL0zD3iJEwJ417q-3KfiKFht4614pJPmQ"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRkM4Qi45M0M5LjNDQzkuNzExRTplMzE5NGY1MS04YTBlLTQ1YTMtYTVmMC0yNmRhYjYyYWVhOGQ=

grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=437fa5d4-b78b-4562-a35e-e43d9cedd523

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"326604af-5abf-4807-ad31-d26e14679a5e","token_type":"bearer","expires_in":299,"refresh_token":"c9ed628b-4b4e-4f15-ab0a-3bb72f8e8510","scope":"address openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 326604af-5abf-4807-ad31-d26e14679a5e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:33:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"IRGJsirllAVcW7j-OtGajwylbLFDAaSi9RVZ4GroUG0","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: applicationTypeNativeSubjectTypePublic
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1209
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!04F9.8066.BA10.C70D",
    "client_secret": "7ff20022-ac87-47d5-a3ab-9d2cef2180c3",
    "registration_access_token": "9e41aa06-01da-4859-ad78-b193ce689bf1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!04F9.8066.BA10.C70D",
    "client_id_issued_at": 1530862428,
    "client_secret_expires_at": 1530948828,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 9e41aa06-01da-4859-ad78-b193ce689bf1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1209
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!04F9.8066.BA10.C70D",
    "client_secret": "7ff20022-ac87-47d5-a3ab-9d2cef2180c3",
    "registration_access_token": "9e41aa06-01da-4859-ad78-b193ce689bf1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!04F9.8066.BA10.C70D",
    "client_id_issued_at": 1530862428,
    "client_secret_expires_at": 1530948828,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2104F9.8066.BA10.C70D&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8f62ef06-022d-4ef5-b848-08756f721dc3&nonce=2cd5d387-6a67-4ed1-b8f3-e745508f1cb0
03:34:10.594 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e74a2212-7f3d-4758-bba4-78a77085e242
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2104F9.8066.BA10.C70D&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8f62ef06-022d-4ef5-b848-08756f721dc3&nonce=2cd5d387-6a67-4ed1-b8f3-e745508f1cb0

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=f094098f-13de-4296-9efb-2224f2db6c38&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwNEY5LjgwNjYuQkExMC5DNzBEIiwiZXhwIjoxNTMwODY2MDMwLCJpYXQiOjE1MzA4NjI0MzAsIm5vbmNlIjoiMmNkNWQzODctNmE2Ny00ZWQxLWI4ZjMtZTc0NTUwOGYxY2IwIiwiYXV0aF90aW1lIjoxNTMwODYyNDI5LCJjX2hhc2giOiJLWEtZc3Z3ZlpIcEh5U01iNDZvOTJ3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDAhQjFGMy5BRUFFLkI3OTgifQ.EoWSeuNjP3lDeb4Qt-mLpNvvf8DpqqC9lRFwTcyANQamgms0f1iuEVV6qAX3hxEgHn23BlPpWiXyRuPCe3AXumQJ1tgqUgxVk7RfBDG8P6xRlBhafYvvhlFrXqGMHNtKUHj13WvjVkGV328zlcMj7Zp-dgQcdWL7JTVpJWriFv34WHCCUWe8W88MHpfEVNgVXiSZ1NYzsZVAt8DHKcnSYFTrXwknhZXIif9f9FayjIY_X-GksKuJowJIrJa1ZzuqN0gVBtgGFHdUY1IFEkRdgZ-_OTsbHBS_G39nhmb_1yFOuKwwXqRplwL-NnGUTah_fNxtHESzuEV5gqDiBQvPyQ&session_id=80d908f9-0196-4ec2-9871-f856f2e0e905&state=8f62ef06-022d-4ef5-b848-08756f721dc3&session_state=e74a2212-7f3d-4758-bba4-78a77085e242

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMDRGOS44MDY2LkJBMTAuQzcwRDo3ZmYyMDAyMi1hYzg3LTQ3ZDUtYTNhYi05ZDJjZWYyMTgwYzM=

grant_type=authorization_code&code=f094098f-13de-4296-9efb-2224f2db6c38&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1074
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"8784b3e8-50e6-4c80-b32e-eb1ac32894cf","token_type":"bearer","expires_in":299,"refresh_token":"1a7ab90b-ec78-4e52-98d6-873d658816ee","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwNEY5LjgwNjYuQkExMC5DNzBEIiwiZXhwIjoxNTMwODY2MDMwLCJpYXQiOjE1MzA4NjI0MzAsIm5vbmNlIjoiMmNkNWQzODctNmE2Ny00ZWQxLWI4ZjMtZTc0NTUwOGYxY2IwIiwiYXV0aF90aW1lIjoxNTMwODYyNDI5LCJhdF9oYXNoIjoiN3pXbTdGR3d2bUNIQmQzTGNQd0M4USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkAhMzhENC40MTBDLjFENDMuODkzMiEwMDAxITM3RjIuQjc0NCEwMDAwIUIxRjMuQUVBRS5CNzk4In0.oR41KUJBPQR8XPbRD1rYkvMOJFa0YXg1Gc8U5_FMuM7ABHL-kWMle-v7gTCunxKbdHQN1n3mjXgTO_By9MZzBEndaUjsFI1CBC9-tA4clp_a2H03o0PPENwUzpVrtTnJrTkrtLbpOddVi-fzhNjt60UnJl_SE4lfLeaE9UdNk702AKanWXt8nYn3i_ndvXDCzYumDpdkaUSHzPunj0KtN0hMTWqaiQyvfat2njfalHmLnTTYxc6fNjZXXNuyMrFWkPhL5Fr7YtKfNH5b7x53CAzbPOFljH9AKfAtN7UX_yyyE8ZsMbXRctHAlYSvkKk0EYyv93OQ9bPTok_nxbBwtA"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMDRGOS44MDY2LkJBMTAuQzcwRDo3ZmYyMDAyMi1hYzg3LTQ3ZDUtYTNhYi05ZDJjZWYyMTgwYzM=

grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=1a7ab90b-ec78-4e52-98d6-873d658816ee

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"ada7117b-309f-445d-9a01-f195975c0329","token_type":"bearer","expires_in":299,"refresh_token":"adc17d06-ae23-493d-bbd4-80ec9b82c40d","scope":"address openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer ada7117b-309f-445d-9a01-f195975c0329

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 647
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:33:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"@!38D4.410C.1D43.8932!0001!37F2.B744!0000!B1F3.AEAE.B798","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: applicationTypeWeb
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!763E.5D6F.9E76.0E21",
    "client_secret": "d95b3557-f6f5-4e08-92d2-3534a89389da",
    "registration_access_token": "fa6e6bff-612b-4c59-9241-6f40e695460f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!763E.5D6F.9E76.0E21",
    "client_id_issued_at": 1530862430,
    "client_secret_expires_at": 1530948830,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer fa6e6bff-612b-4c59-9241-6f40e695460f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!763E.5D6F.9E76.0E21",
    "client_secret": "d95b3557-f6f5-4e08-92d2-3534a89389da",
    "registration_access_token": "fa6e6bff-612b-4c59-9241-6f40e695460f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!763E.5D6F.9E76.0E21",
    "client_id_issued_at": 1530862430,
    "client_secret_expires_at": 1530948830,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

#######################################################
TEST: applicationTypeWebFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": ["http://client.example.com/cb"],
    "application_type": "web",
    "client_name": "oxAuth test app"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 101
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:50 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_redirect_uri","error_description":"Value of one or more redirect_uris is invalid."}

#######################################################
TEST: omittedApplicationType
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A451.0D1D.78BA.51B1",
    "client_secret": "aa6eac4e-dae0-46b2-a19c-d2d9c4341344",
    "registration_access_token": "523277d9-73cf-4f74-8d3e-c32dee7fc779",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A451.0D1D.78BA.51B1",
    "client_id_issued_at": 1530862430,
    "client_secret_expires_at": 1530948830,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 523277d9-73cf-4f74-8d3e-c32dee7fc779

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A451.0D1D.78BA.51B1",
    "client_secret": "aa6eac4e-dae0-46b2-a19c-d2d9c4341344",
    "registration_access_token": "523277d9-73cf-4f74-8d3e-c32dee7fc779",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A451.0D1D.78BA.51B1",
    "client_id_issued_at": 1530862430,
    "client_secret_expires_at": 1530948830,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:33:50 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:51 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: authorizationCodeDynamicScopeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name org_name work_phone"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1361
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8B8A.D1FA.7278.A8B0",
    "client_secret": "558e16c8-341e-48a9-a916-41314de9334a",
    "registration_access_token": "856dcbaf-6b55-40ae-ad55-f5c1b95b62aa",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8B8A.D1FA.7278.A8B0",
    "client_id_issued_at": 1530862431,
    "client_secret_expires_at": 1530948831,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name org_name work_phone",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218B8A.D1FA.7278.A8B0&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=965dbf3e-6838-41ff-89cd-dce52a413399&nonce=e32bc9e3-81a7-4459-9341-e558e7e7e324
03:34:13.363 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:de9be676-9b5d-4237-ad1f-58675c8fa8b9
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218B8A.D1FA.7278.A8B0&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=965dbf3e-6838-41ff-89cd-dce52a413399&nonce=e32bc9e3-81a7-4459-9341-e558e7e7e324

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=8abb2f6e-f7ae-48bf-b7b7-ad7d22ebd4c6&scope=address+openid+user_name+profile+work_phone+org_name+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4QjhBLkQxRkEuNzI3OC5BOEIwIiwiZXhwIjoxNTMwODY2MDMyLCJpYXQiOjE1MzA4NjI0MzIsIm5vbmNlIjoiZTMyYmM5ZTMtODFhNy00NDU5LTkzNDEtZTU1OGU3ZTdlMzI0IiwiYXV0aF90aW1lIjoxNTMwODYyNDMyLCJjX2hhc2giOiJkR19QUFlYMkdTUURNSGZib2lWZFB3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMGwwUHdEN0N3Y2ZNN19VRHlka3VOdDR0dHhoaV9aWXR5dUxRcjJCUkVjcyJ9.YD0eKfy2rOBzMBx0id2NE53adYm720nOeSECD5JE-sebzMvk0aXZynAylShhzKs6iB-YZA4csz-zw1qzrgvoPoiabOCBkwQQIhVJ2u7B1JB0npy1SzWd97OOUSUFijpyOyc6DQyi8MqNDZLubcHcGMkFAa-VoSyeK-M0-9TYauGIE84EaTIFG-FYE_1661rWVg-qF-irErt2aPcZ4M47LdM3o2rBhsWFC4ZFzzNceQr3o5y8DeB14VEpW8Rn3QBtdHLjgRW8bm7EO86610na0ndQpHO0GDEdJk5ixlSr8DIyp7rRey6zHRBylZ59vCfEr0wiSe7HOkjin0J1XRgFkw&session_id=d6f656f0-6e20-45ef-96f1-fed578dc8e8c&state=965dbf3e-6838-41ff-89cd-dce52a413399&session_state=de9be676-9b5d-4237-ad1f-58675c8fa8b9

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxOEI4QS5EMUZBLjcyNzguQThCMDo1NThlMTZjOC0zNDFlLTQ4YTktYTkxNi00MTMxNGRlOTMzNGE=

grant_type=authorization_code&code=8abb2f6e-f7ae-48bf-b7b7-ad7d22ebd4c6&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"0f792548-22f3-43a6-af40-16a0baa2f72c","token_type":"bearer","expires_in":299,"refresh_token":"a50409ee-53f9-4669-916e-2a87f0c1ded0","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4QjhBLkQxRkEuNzI3OC5BOEIwIiwiZXhwIjoxNTMwODY2MDMzLCJpYXQiOjE1MzA4NjI0MzMsIm5vbmNlIjoiZTMyYmM5ZTMtODFhNy00NDU5LTkzNDEtZTU1OGU3ZTdlMzI0IiwiYXV0aF90aW1lIjoxNTMwODYyNDMyLCJhdF9oYXNoIjoieGFtVmpZT2xreEtZY3lFUVlmdi1BQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjBsMFB3RDdDd2NmTTdfVUR5ZGt1TnQ0dHR4aGlfWll0eXVMUXIyQlJFY3MifQ.WBUhCRemPsASimi5OoXQOVE_RBqWKB0DiI36SXJh3iMtKkCLxXs-GvRQQbgCWvdd5GnueO5CUUUaSz5bsW3iQkEmBbHo_-Sqw-DP0r-3C01YPgaC8oOGScqiR5A2bQvgj1CZvR_Rdxpga667uPV8wVTY4tU5bdWyeGJy9KN7KaZm0LPQgEMfJMZioV5rOHGzmeBLa7n92Hhshk-Zd0h8WXEeVSepKMOyW0hw9P7XvriA7eKRXMBalJtyHoqRnIY5laplZvPJhIzUhihjYhJrNtHJFdNlPwMwFMnA5fJeQR3_xsC3KQ7vhoYroeI6Fu3g3KOBcJwB8k0KtNjvhOiMIQ"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 0f792548-22f3-43a6-af40-16a0baa2f72c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 690
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:33:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"0l0PwD7CwcfM7_UDydkuNt4ttxhi_ZYtyuLQr2BREcs","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org","org_name":"Gluu, Inc.","work_phone":["(512) 516-2413"]}

#######################################################
TEST: authorizationCodeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email phone user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1347
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E20C.CDED.915B.1B32",
    "client_secret": "e2de228e-62d6-4806-b7b6-45face9e670e",
    "registration_access_token": "28772133-1008-4914-8047-f956a7e17e98",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E20C.CDED.915B.1B32",
    "client_id_issued_at": 1530862433,
    "client_secret_expires_at": 1530948833,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email phone user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E20C.CDED.915B.1B32&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dd4177a4-7c4b-42bf-8680-b61848e44dcd&nonce=a0724b9b-acee-4430-a78c-4abe285af848
03:34:15.364 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:799640a9-896b-4023-9b2f-62ec947b4e77
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E20C.CDED.915B.1B32&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dd4177a4-7c4b-42bf-8680-b61848e44dcd&nonce=a0724b9b-acee-4430-a78c-4abe285af848

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=ca42ade9-832a-4657-a8dc-5cf7bfe16dce&scope=address+phone+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMjBDLkNERUQuOTE1Qi4xQjMyIiwiZXhwIjoxNTMwODY2MDM0LCJpYXQiOjE1MzA4NjI0MzQsIm5vbmNlIjoiYTA3MjRiOWItYWNlZS00NDMwLWE3OGMtNGFiZTI4NWFmODQ4IiwiYXV0aF90aW1lIjoxNTMwODYyNDM0LCJjX2hhc2giOiJfRkRNV2o0ZHp1d29yX3M0Rks3b1VBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiYk9qeEtnZnhZR3NlZXRPQ2hvd3JZSWh4dkNJa2xaXzM5WFJaVWRvNEtRWSJ9.fYJwUikwCqNuk6gmH0jhsiLGfGagMHyFkEVuNe4vpnT2d-CMMwsSm1KUfaybt5VWjo8wwZkSdDRlF79D609Ovu_vtggc4aDGrEpKVxP1_EhUTA9Unqb7f6c_nUHYyyGtmVIK5Czk8jResor0GetQDttGAq-G2DFPEz3cL4HNmNNfH3dZ8qi_3AJSqJ8U04QjRqhRGi_9EF-I7A6uYOmnjy_wITGMcKGBAlIG9YRbv5o9y5yLmn9jtfMpNhDMRHfezpofbDooZyOd1HjMCFmpLm7d1r4iKCzKFZ5gK-VDRibhXLnIIH3K731bLXQtaQQ01S2ES5FEadcPhLkNPpmkcA&session_id=4088ae41-f60f-44be-99f3-43b8813b115e&state=dd4177a4-7c4b-42bf-8680-b61848e44dcd&session_state=799640a9-896b-4023-9b2f-62ec947b4e77

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRTIwQy5DREVELjkxNUIuMUIzMjplMmRlMjI4ZS02MmQ2LTQ4MDYtYjdiNi00NWZhY2U5ZTY3MGU=

grant_type=authorization_code&code=ca42ade9-832a-4657-a8dc-5cf7bfe16dce&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"b3e6c1bc-0f74-4b48-8dae-cccc3de36537","token_type":"bearer","expires_in":299,"refresh_token":"a58e7d0d-d790-4f3d-9402-bd53d016097d","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMjBDLkNERUQuOTE1Qi4xQjMyIiwiZXhwIjoxNTMwODY2MDM0LCJpYXQiOjE1MzA4NjI0MzQsIm5vbmNlIjoiYTA3MjRiOWItYWNlZS00NDMwLWE3OGMtNGFiZTI4NWFmODQ4IiwiYXV0aF90aW1lIjoxNTMwODYyNDM0LCJhdF9oYXNoIjoiNHVYSGNkSDMtXzRTQXQ5YlR6VHpyZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImJPanhLZ2Z4WUdzZWV0T0Nob3dyWUloeHZDSWtsWl8zOVhSWlVkbzRLUVkifQ.CbGr-5QedTHB29OXdpyhysase81GfnLQTdUHA_SRAtF-2qwqfy462QVYH8j4P4MCAqrUKNKILzquumeWtkgEh2caRj8MseIdPRY7wJjsR1dND0wRDahlm24YqYrnx58WDoB4n7_3ZuFEIZDvquyN-Zr1kXMpTfHrqJArF7RBA2KbsCLnEkcU2rYBtiHp7ldm9IMFC3Jjfv_E5NQ9__DYRfVa5w3XeVwiiet8SshTB_BLjYfKn9h1PhcK-mPaNu4lGLSUudb1_PbBfyZw1W0FxZHPB16pIwtt-z4iexcNNGd2qKO0ynwZjQ6ezzwcwvbBtKBwY-aLUcnwVv6cRpzMRA"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRTIwQy5DREVELjkxNUIuMUIzMjplMmRlMjI4ZS02MmQ2LTQ4MDYtYjdiNi00NWZhY2U5ZTY3MGU=

grant_type=refresh_token&scope=address+phone+openid+user_name+profile+email&refresh_token=a58e7d0d-d790-4f3d-9402-bd53d016097d

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 204
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"65d401c6-1780-4ab1-9537-f7240cc24092","token_type":"bearer","expires_in":299,"refresh_token":"0ead1946-fcd2-49de-a8c8-16394089f8d9","scope":"address phone openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 65d401c6-1780-4ab1-9537-f7240cc24092

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 695
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:33:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"bOjxKgfxYGseetOChowrYIhxvCIklZ_39XRZUdo4KQY","phone_number_verified":true,"phone_number":"(512) 516-2413","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: authorizationCodeFlowLoginHint
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1341
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1D35.0F3F.808A.77E5",
    "client_secret": "9acae360-e8ac-43fc-90e0-181327aee3cc",
    "registration_access_token": "49f08962-3c54-427d-8440-d792418b0953",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1D35.0F3F.808A.77E5",
    "client_id_issued_at": 1530862434,
    "client_secret_expires_at": 1530948834,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211D35.0F3F.808A.77E5&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=506a59f1-834d-49d4-be79-4cb6b0a0418b&nonce=b1ce4c16-a8f7-4b84-9991-ba93d56a1cae&login_hint=test_user
03:34:17.092 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:61d65760-45f2-428f-8f42-dc57df534f2d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211D35.0F3F.808A.77E5&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=506a59f1-834d-49d4-be79-4cb6b0a0418b&nonce=b1ce4c16-a8f7-4b84-9991-ba93d56a1cae&login_hint=test_user

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=06524a16-59b3-4131-8574-989fec5adc7e&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExRDM1LjBGM0YuODA4QS43N0U1IiwiZXhwIjoxNTMwODY2MDM2LCJpYXQiOjE1MzA4NjI0MzYsIm5vbmNlIjoiYjFjZTRjMTYtYThmNy00Yjg0LTk5OTEtYmE5M2Q1NmExY2FlIiwiYXV0aF90aW1lIjoxNTMwODYyNDM1LCJjX2hhc2giOiJBZHJMY1YzOGxkNjk0MzNhY2h0bG93Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiYWNHTkI0aXhwN1hCZFc0NkhOMFlvanZXVy10VWhEeTlNMzliY0JjbU9LYyJ9.KnKtGG075GTABQu0Yb9yoy_roJeqKUnIlDhQ5exHKmNfhaMXk6rvcQ25hpc8UckBn-hKvx_OSgguBWhsAvPg5GrgLhgs0s1LLB18iOw7zc0GdqJKQSw34FUEpV_fQKyEnu5eUjhM7Zsi0utxiyY7ObO0rgHi4XZNa_nkCCB59y62sxvsxB7nVbRT2_rH0xyQ2dxZpCS442J5u-eHtapcdqh7-aobnyxOYQYdj4DiSXYZGxY9mYmk4IwKlEEhrqF7n82hl3YsfmpGJkyAFIaccXRP196Y0Mr2evn7C_lldF1S7YbLZsxqbwmi8m4mT5SglDTCrou0V0qf3SDinYfSWw&session_id=f34d2288-af75-426b-a54b-2b32187ad830&state=506a59f1-834d-49d4-be79-4cb6b0a0418b&session_state=61d65760-45f2-428f-8f42-dc57df534f2d

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMUQzNS4wRjNGLjgwOEEuNzdFNTo5YWNhZTM2MC1lOGFjLTQzZmMtOTBlMC0xODEzMjdhZWUzY2M=

grant_type=authorization_code&code=06524a16-59b3-4131-8574-989fec5adc7e&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"6e917929-5ab7-4f0d-acc7-e25449d8b978","token_type":"bearer","expires_in":299,"refresh_token":"d18aa6f9-e782-4e04-9228-be9f4611306c","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExRDM1LjBGM0YuODA4QS43N0U1IiwiZXhwIjoxNTMwODY2MDM2LCJpYXQiOjE1MzA4NjI0MzYsIm5vbmNlIjoiYjFjZTRjMTYtYThmNy00Yjg0LTk5OTEtYmE5M2Q1NmExY2FlIiwiYXV0aF90aW1lIjoxNTMwODYyNDM1LCJhdF9oYXNoIjoiOVdWVmV3SVo2bV96OUNtQTlCbmJ5QSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImFjR05CNGl4cDdYQmRXNDZITjBZb2p2V1ctdFVoRHk5TTM5YmNCY21PS2MifQ.bWSnLdfWkMrpo_FPZtHMz4He6Ea0ItzVdo4IU8PYRLZFH3fNS8xggnggA-gXpNRPKsB1ATP8gEw2aYuy7MAUSXoyCRzTY9DmQ2to5pIhRqe8iSvmvE0AJBukgg_HlJ9OGY-Wnqjc-4eJY9bmuo5GBvUBSLOwEYuXsSuZ7JWXpUPoGVo6MrGlTOfolUuZBO3iqjzGbruAokdIGmqEqB3sQVKSntHL1PBfpcILyVn3MEA066A81YzO3lD9vpOyIjdGL08TCeU7fxDh1DuPMtCvYJv_fNiLDFnbiYdAKaihd-nZ01rG_OdadWTl_Kz0pVXH2InnQTScaedDoXfinfttJg"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMUQzNS4wRjNGLjgwOEEuNzdFNTo5YWNhZTM2MC1lOGFjLTQzZmMtOTBlMC0xODEzMjdhZWUzY2M=

grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=d18aa6f9-e782-4e04-9228-be9f4611306c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"22e10f86-ae7a-4a62-b7ef-2745ee355916","token_type":"bearer","expires_in":299,"refresh_token":"78488e3c-13ff-4bf6-b4d3-7d36bd257a2c","scope":"address openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 22e10f86-ae7a-4a62-b7ef-2745ee355916

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:33:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"acGNB4ixp7XBdW46HN0YojvWW-tUhDy9M39bcBcmOKc","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: authorizationCodeFlowNegativeTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1309
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C202.AF17.8F31.5F60",
    "client_secret": "8a861f64-09e5-45c8-a3fc-11e08abed31a",
    "registration_access_token": "7d609c3a-2e58-4339-ac8f-447539ba05ec",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C202.AF17.8F31.5F60",
    "client_id_issued_at": 1530862436,
    "client_secret_expires_at": 1530948836,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C202.AF17.8F31.5F60&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7e781f79-5d03-429f-b647-6c2cd940e0d6&nonce=e8dcde4b-3c8e-4c8a-86f2-15bbc435a38a
03:34:18.558 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d89abd6b-6bc6-4010-be59-a54d89f257df
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C202.AF17.8F31.5F60&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7e781f79-5d03-429f-b647-6c2cd940e0d6&nonce=e8dcde4b-3c8e-4c8a-86f2-15bbc435a38a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=e40688bf-4081-4cba-b274-2eadee9c7ed1&scope=openid&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDMjAyLkFGMTcuOEYzMS41RjYwIiwiZXhwIjoxNTMwODY2MDM3LCJpYXQiOjE1MzA4NjI0MzcsIm5vbmNlIjoiZThkY2RlNGItM2M4ZS00YzhhLTg2ZjItMTViYmM0MzVhMzhhIiwiYXV0aF90aW1lIjoxNTMwODYyNDM3LCJjX2hhc2giOiJlQnQ5QXVfdHM5TjVsNEsyNzE4blVnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoibHpkbTc0ZDlqdUlXclBfWjA4ckxtWmFKVVdaT19nc0lpYzJPb3dOdV9PTSJ9.Lb8LWcEHQ2c8nk0CU9Or04Iwmn99-2y9vjgKMcGvqyj1oX0II1g8zrmglDSagturQ7oYtbPJXIRsF7_5slojEWm4CpFrLRI3A7k4Sp8wUZCyIqovTPttoZuiYxx6ipaFbJkXlCDPVmtyHF6FG0Q_SYlHh_3tMNr9M7xiMnMt1y393VkPa702OrlFBoTJI6iu2dpS89OcFhlhIOkzl0BWzyCU76NcArVreGrf0l6FWarXeqedfMYTymvhlkE5LFKbYr_qAgYbrQ7wP8JwL3_v3vXRyommpBDAbb0CXxg55DhSCYEmwmzOldHhsc8GCRI_AE9YO5YehM5nEF-9j1O2FQ&session_id=7c84dab3-c2f2-44d0-a49e-ed98368fa36a&state=7e781f79-5d03-429f-b647-6c2cd940e0d6&session_state=d89abd6b-6bc6-4010-be59-a54d89f257df

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQzIwMi5BRjE3LjhGMzEuNUY2MDo4YTg2MWY2NC0wOWU1LTQ1YzgtYTNmYy0xMWUwOGFiZWQzMWE=

grant_type=authorization_code&code=e40688bf-4081-4cba-b274-2eadee9c7ed1&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"66f755fd-ca18-4c55-9ff5-db86c893a344","token_type":"bearer","expires_in":299,"refresh_token":"5e117f3b-1644-4971-a1d5-0bb849cc81bf","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDMjAyLkFGMTcuOEYzMS41RjYwIiwiZXhwIjoxNTMwODY2MDM3LCJpYXQiOjE1MzA4NjI0MzcsIm5vbmNlIjoiZThkY2RlNGItM2M4ZS00YzhhLTg2ZjItMTViYmM0MzVhMzhhIiwiYXV0aF90aW1lIjoxNTMwODYyNDM3LCJhdF9oYXNoIjoiemZ6dGhkQVQtWDJnWVduSnVTbWVNdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Imx6ZG03NGQ5anVJV3JQX1owOHJMbVphSlVXWk9fZ3NJaWMyT293TnVfT00ifQ.KnKfKy7ji_26Z5_xV5f1ixFELRPb-KK4EU4xBkvUu6ZcoUOze8MPRsWJBI_trBpeu8668GHLPCH5b4R1n3_9qw6BQQHeNaCFD3ujMUtzUt5oqnzSKrdqelFQ9WcoAtYOp--S1LXWVpQJ60Vh4d0f8de6CMNQcjolkIuyxOwjo1pFO6UfeAUuArADHE-Iuldkp4JlGfgcyujjCRZouz0Q5wMVfAmMV6TwSQO1F0xssCSCy2enIqDDP9EMN0mqu1UwYUOIzwkRQ28TZfS_q0wSWVzE4hKJbMDf3t8NI47kdVgMxClt7sXODz6wxbHnJaxAzYXcf-uCdPzSTmERv7afsw"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQzIwMi5BRjE3LjhGMzEuNUY2MDo4YTg2MWY2NC0wOWU1LTQ1YzgtYTNmYy0xMWUwOGFiZWQzMWE=

grant_type=refresh_token&scope=openid&refresh_token=5e117f3b-1644-4971-a1d5-0bb849cc81bf

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 166
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"b1e4e6cd-90aa-4095-839b-58b6c54bfbd9","token_type":"bearer","expires_in":299,"refresh_token":"b54bd874-961f-4ee6-8728-efe27f48e1d6","scope":"openid"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b1e4e6cd-90aa-4095-839b-58b6c54bfbd9

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 53
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:33:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"sub":"lzdm74d9juIWrP_Z08rLmZaJUWZO_gsIic2OowNu_OM"}

#######################################################
TEST: authorizationCodeFlowWithOptionalNonce
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CDB7.3936.CF5C.1795",
    "client_secret": "1b0ab25c-ceef-4752-92a3-a0d11683e1ea",
    "registration_access_token": "af5d90d2-03a1-4952-85ad-cae9d921188f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CDB7.3936.CF5C.1795",
    "client_id_issued_at": 1530862437,
    "client_secret_expires_at": 1530948837,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CDB7.3936.CF5C.1795&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3585c2ed-ca0f-4d56-9ed8-4a36039b8fb2&nonce=4b44addf-c738-4085-b35a-d48bd1d646fa
03:34:20.110 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:5b8dd5af-0b4d-474d-92ae-dd9475ac2947
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CDB7.3936.CF5C.1795&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3585c2ed-ca0f-4d56-9ed8-4a36039b8fb2&nonce=4b44addf-c738-4085-b35a-d48bd1d646fa

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=938dde24-4c39-4d6d-8f33-74865a915849&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDREI3LjM5MzYuQ0Y1Qy4xNzk1IiwiZXhwIjoxNTMwODY2MDM5LCJpYXQiOjE1MzA4NjI0MzksIm5vbmNlIjoiNGI0NGFkZGYtYzczOC00MDg1LWIzNWEtZDQ4YmQxZDY0NmZhIiwiYXV0aF90aW1lIjoxNTMwODYyNDM4LCJjX2hhc2giOiI4emJlUFB1YVY4QVR4NVZ2SVowbkF3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoicy1jempSdG1HOWhtSWQwVkVuandKclNnU1FjbWxFS05XZDFaNUtQWFpSNCJ9.H1QXjnTrC7I-Dyev-yYeFv0bBP0ORqp-UFKL4xm6Htg_WgnfPz7iMYFhTJlEMkhVXvZ26AaeS8qVOSpyG_wn4aSujP14bTHmsgOZAhv669Ok7xFg-lDuAO13M6Bu6agCxah41AXmO4a3b7EowA0sfLbZyCWOkjRebgP63RRQ56srFN5Fu5ke1A8Hq5hYvA1hufnjGT12fi3iuaeejaehyswV772hZOnYw4fCSkLMKBIQT1dOHjq_8DzL1T1eCd78j_e_qziPtv1YOLLrotqoon6Qrp0otLvkZd4I62Lgvp_pOMg1eFMPOzkxNMoo_ahIawyhs9lLRk-nY5yK-fR-9Q&session_id=4ce6efd0-808e-423d-96d1-9f24ba5872d4&state=3585c2ed-ca0f-4d56-9ed8-4a36039b8fb2&session_state=5b8dd5af-0b4d-474d-92ae-dd9475ac2947

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQ0RCNy4zOTM2LkNGNUMuMTc5NToxYjBhYjI1Yy1jZWVmLTQ3NTItOTJhMy1hMGQxMTY4M2UxZWE=

grant_type=authorization_code&code=938dde24-4c39-4d6d-8f33-74865a915849&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"734b4ad6-89b4-4fdc-80db-449a5e9ab3d4","token_type":"bearer","expires_in":299,"refresh_token":"527e4b36-cc21-4420-98ed-c87f0c5caf13","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDREI3LjM5MzYuQ0Y1Qy4xNzk1IiwiZXhwIjoxNTMwODY2MDM5LCJpYXQiOjE1MzA4NjI0MzksIm5vbmNlIjoiNGI0NGFkZGYtYzczOC00MDg1LWIzNWEtZDQ4YmQxZDY0NmZhIiwiYXV0aF90aW1lIjoxNTMwODYyNDM4LCJhdF9oYXNoIjoic3hIMHl6dHNrdHIzLXVNNllpVmhxZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InMtY3pqUnRtRzlobUlkMFZFbmp3SnJTZ1NRY21sRUtOV2QxWjVLUFhaUjQifQ.sz76gB61lkAXMVHVvvD0Y1IKpaDVWpvjBgu0ggC1_ixtqOpuTJTBwhY-zpo6qLRSX-qCxIRv2_HCbYqi29owLH0vPAlLqBb3QSCLtMwczuvSg-kpPiudo2xeizSvdoA2KKMGSR0knsJdqPjxL8yO99IH8R5Elp6T1SvpeXcrtjiO5F0q3FI9nciwnlrhw0KlVQwQ2pqZS4vIFLPaSFacry-isuTcPlLV9GzYX8TTFSaNTkM8HMoMosZYASxQm_drKKu8MXK9U5KBWsYjDgFpva17a-v93cnRU0BstcoDcM_Gg-2mmAyjS-WEqZbjzAnpMU8-ZYvhZcYlRP-oGSmPcg"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQ0RCNy4zOTM2LkNGNUMuMTc5NToxYjBhYjI1Yy1jZWVmLTQ3NTItOTJhMy1hMGQxMTY4M2UxZWE=

grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=527e4b36-cc21-4420-98ed-c87f0c5caf13

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 188
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"20aa7560-bd96-410c-b5e1-b2870396db05","token_type":"bearer","expires_in":299,"refresh_token":"80fb9ad3-12b2-4b6b-965f-e98f682153e9","scope":"address openid profile email"}

#######################################################
TEST: authorizationCodeWithNotAllowedScopeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1341
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:33:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!31E3.A848.460C.5674",
    "client_secret": "58d91e8c-6a47-413d-870a-c49e78203e93",
    "registration_access_token": "1b863350-94fb-4cfd-8410-8dc1c9c7edff",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!31E3.A848.460C.5674",
    "client_id_issued_at": 1530862439,
    "client_secret_expires_at": 1530948839,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2131E3.A848.460C.5674&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=29a9b420-e07c-4553-835b-394ca60254b0&nonce=386cb4a2-61da-487e-ab96-044739cc0969
03:34:21.611 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:71e0f3c0-71eb-4704-b4f2-777637736867
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2131E3.A848.460C.5674&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=29a9b420-e07c-4553-835b-394ca60254b0&nonce=386cb4a2-61da-487e-ab96-044739cc0969

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=d6d13ef0-158b-4399-9040-9a68ac707ee2&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzMUUzLkE4NDguNDYwQy41Njc0IiwiZXhwIjoxNTMwODY2MDQwLCJpYXQiOjE1MzA4NjI0NDAsIm5vbmNlIjoiMzg2Y2I0YTItNjFkYS00ODdlLWFiOTYtMDQ0NzM5Y2MwOTY5IiwiYXV0aF90aW1lIjoxNTMwODYyNDQwLCJjX2hhc2giOiJRbm1yV0xhbjdlZWFSTTNtdGJWQ2x3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiSTh0SHVUNTYtcWZZSFpWOXg0bXllWUl1YWFsQ0lHcndMeE1JNGpqLUlhOCJ9.fiuZnHGREY7QdBsUNkU32xGtgphtdJ31BNplV2sHE-1bRpuKk9klPH12b6-agLvnwhSoW4hFEECBtOvBV-_hoE5MSgVffN1yumAP-dzjYTU7Z1xuVod4uroJ_wGXoUM_wvX2yYOUTv3g-U7AKCs_yJ1gi_Hs1DMPUOAe521wzUD_fZhZTpU7pRTMWk-1vz66_0fEk_8_X4_xizyAFRInbswCx8TFyhiuxPnpRv2vvSnjPoDZBGgmuxDyCAnU5Xlak4J5YXgFAwLwjFYH8ujrbwwsIPMqiSf6_kg28Y2pg9qVEhDNCf9bZ8HWkJ_aZePu9o059VcNJPHt_kYC-shcHA&session_id=32578bc8-54ae-4620-84c3-d4b84862fbf3&state=29a9b420-e07c-4553-835b-394ca60254b0&session_state=71e0f3c0-71eb-4704-b4f2-777637736867

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMzFFMy5BODQ4LjQ2MEMuNTY3NDo1OGQ5MWU4Yy02YTQ3LTQxM2QtODcwYS1jNDllNzgyMDNlOTM=

grant_type=authorization_code&code=d6d13ef0-158b-4399-9040-9a68ac707ee2&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"b3ba8d13-9f61-4fb0-9e4f-ffdc0ecb0af1","token_type":"bearer","expires_in":299,"refresh_token":"ab21835f-e64c-42b9-ad95-69c9aa748984","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzMUUzLkE4NDguNDYwQy41Njc0IiwiZXhwIjoxNTMwODY2MDQwLCJpYXQiOjE1MzA4NjI0NDAsIm5vbmNlIjoiMzg2Y2I0YTItNjFkYS00ODdlLWFiOTYtMDQ0NzM5Y2MwOTY5IiwiYXV0aF90aW1lIjoxNTMwODYyNDQwLCJhdF9oYXNoIjoiNUItcGhxakRtcHYwTldicDl6R1lpUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ikk4dEh1VDU2LXFmWUhaVjl4NG15ZVlJdWFhbENJR3J3THhNSTRqai1JYTgifQ.kwywOfnqbMMKZQT2_ol2T8Kvi9EY0JHjlGZX-6tCsJUCqOgtTUd59R41ze75zDX64fASl3v1FnWBzjvW4kDa3vW5JJ3nTNFVyC5ylRpZXE9qJw3zUJjf4QInTPINebg931AGNfPVSoXUPtWqqpqDnwhBirSiEx4aSwx0Vjt7JvJjmNEJ9nlCeBxwpiYn40E2Te1CGiyRBcovDY3LYM0TJUD_pdIyu3lWcmgYqnCBDuI7lYplI1j3F0YO5kTaPUR_qA-eeihO0p3Y8wZ-QiNnWe2xpryQVwtrEf9n4Z5oG07Z8gTBvY0de6Qk7O0R1aoa6C8UEkEmkFUNyZJSmWH4tw"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b3ba8d13-9f61-4fb0-9e4f-ffdc0ecb0af1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:34:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"I8tHuT56-qfYHZV9x4myeYIuaalCIGrwLxMI4jj-Ia8","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: revokeTokens
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3FE6.4BEC.3828.AF4C",
    "client_secret": "8c9b9c98-f3dc-4e9d-b1fd-cc3eb46073a2",
    "registration_access_token": "bd805f36-a755-4901-9ec9-ffc42831694c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3FE6.4BEC.3828.AF4C",
    "client_id_issued_at": 1530862440,
    "client_secret_expires_at": 1530948840,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer bd805f36-a755-4901-9ec9-ffc42831694c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3FE6.4BEC.3828.AF4C",
    "client_secret": "8c9b9c98-f3dc-4e9d-b1fd-cc3eb46073a2",
    "registration_access_token": "bd805f36-a755-4901-9ec9-ffc42831694c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3FE6.4BEC.3828.AF4C",
    "client_id_issued_at": 1530862440,
    "client_secret_expires_at": 1530948840,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213FE6.4BEC.3828.AF4C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bd2e689f-14bb-4973-b00b-5735575ac95b&nonce=83dd19d4-6ef3-4911-b518-0fe18c68bad1
03:34:23.107 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:832042c7-e459-4bbc-b4c6-4f38fd8537d7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213FE6.4BEC.3828.AF4C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bd2e689f-14bb-4973-b00b-5735575ac95b&nonce=83dd19d4-6ef3-4911-b518-0fe18c68bad1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=c2e83989-576f-4ce3-98c9-ed85b716dd59&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzRkU2LjRCRUMuMzgyOC5BRjRDIiwiZXhwIjoxNTMwODY2MDQyLCJpYXQiOjE1MzA4NjI0NDIsIm5vbmNlIjoiODNkZDE5ZDQtNmVmMy00OTExLWI1MTgtMGZlMThjNjhiYWQxIiwiYXV0aF90aW1lIjoxNTMwODYyNDQxLCJjX2hhc2giOiJ6M0xuTU1LMG01V294cWdFemtyMjJnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoidnFvR25EQ1EyU25WanJ0a1pqWkwtRjQzX2JHVWNVMDB5QXNKc0JMbWVucyJ9.bx9L-fsv_gqOBR3xOSV_p11ra7WZHisNS1s1vw7eHcKy4B4gVgrdVbjDhLhhHJAUkHOQ6LACzsw4uJ3-vutvOy6c9cRh51sgph0p0XWroCJsNtup1XTnB5_2HQ-2Usiu3AwaO1nBTF87aU6nVRsKgutcwgOe0aGCcFlmHRj0HwOPO4kZXV7ouEfB2gokLrwF6JYzlfkO_TM5and3fObnLcfU4b3Yfnev4923xtGqqYGW47oC262qAoRc-m5rIk_JT92T-zoI60d33UDp81FlmAh0mRj7ifQ9KabTkm0QidJblEjzmY_ltxMqEB9vVgZrVO7uja4RFMEowSd5CwvXWw&session_id=ec537708-5072-4c01-9476-f556b70c6bc3&state=bd2e689f-14bb-4973-b00b-5735575ac95b&session_state=832042c7-e459-4bbc-b4c6-4f38fd8537d7

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxM0ZFNi40QkVDLjM4MjguQUY0Qzo4YzliOWM5OC1mM2RjLTRlOWQtYjFmZC1jYzNlYjQ2MDczYTI=

grant_type=authorization_code&code=c2e83989-576f-4ce3-98c9-ed85b716dd59&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"b52028a2-60bf-4836-9ff5-9e064f5a072b","token_type":"bearer","expires_in":299,"refresh_token":"741b1643-87f6-47a3-8139-6b9f4653a04f","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzRkU2LjRCRUMuMzgyOC5BRjRDIiwiZXhwIjoxNTMwODY2MDQyLCJpYXQiOjE1MzA4NjI0NDIsIm5vbmNlIjoiODNkZDE5ZDQtNmVmMy00OTExLWI1MTgtMGZlMThjNjhiYWQxIiwiYXV0aF90aW1lIjoxNTMwODYyNDQxLCJhdF9oYXNoIjoiY2hWd2VYYXRzNHc2TEtiRjlONzdqUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InZxb0duRENRMlNuVmpydGtaalpMLUY0M19iR1VjVTAweUFzSnNCTG1lbnMifQ.Sff53ub-I7lpeO276OObJ6vHKlEbXbYmnvlDp_TGLVu_FELgJQ9jnYdabzQz64auECcIDwGxvrxCH1fi-pK0az_hN1pE1URZsQwMvVG06yLWUVJ5ZFLDsCqEQr55-eCHzKNVJ1xeR8Euy2PBpDzXt6Pl0KD8PxeFF4RGZF2zcLLrkM1srF7LTHYjUz9jHEKpmDO0584DJ8yRpu_pAcLqSFwN2komB_m0bdTH4rNjizOHf41X_ft5xvFaALqx_HBc2nSaxJavmed85ZnNXd6gO6ZLxzKzNVEOyeVexDsAYqOZkCuDhbJG88-CtOlchrfzWzYE8bpfckzhc-HxA3Hf9w"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxM0ZFNi40QkVDLjM4MjguQUY0Qzo4YzliOWM5OC1mM2RjLTRlOWQtYjFmZC1jYzNlYjQ2MDczYTI=

grant_type=authorization_code&code=c2e83989-576f-4ce3-98c9-ed85b716dd59&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 213
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:02 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxM0ZFNi40QkVDLjM4MjguQUY0Qzo4YzliOWM5OC1mM2RjLTRlOWQtYjFmZC1jYzNlYjQ2MDczYTI=

grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=741b1643-87f6-47a3-8139-6b9f4653a04f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 213
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b52028a2-60bf-4836-9ff5-9e064f5a072b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 203
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:02 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:34:02 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:02 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E765.8178.BA64.4B4D",
    "client_secret": "cb07dfb0-0e0a-48fc-9b3b-0037483bacb2",
    "registration_access_token": "974a3f65-e9a8-4d5e-b516-e199ed3c4eea",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E765.8178.BA64.4B4D",
    "client_id_issued_at": 1530862442,
    "client_secret_expires_at": 1530948842,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E765.8178.BA64.4B4D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4e60c762-6de5-4ecd-aaa5-4e80159458f9&nonce=b8f05887-31db-43b5-8ee2-e17d9dc7e79e&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:34:02 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=3c925d10-d499-4031-ab5c-c662fb2e2f71&scope=address+openid+profile+email&session_id=9e00ddf8-3989-43f5-9f95-00d81dfcb50a&state=4e60c762-6de5-4ecd-aaa5-4e80159458f9&session_state=c43a2a8d-3a85-4a25-bded-e98d16c5c533
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!38E7.C2C0.9CBD.5277",
    "client_secret": "719300e7-fe2e-47ab-8e99-1c2f9facddbe",
    "registration_access_token": "6dc7ce28-0948-4740-be15-81166af9e9ad",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!38E7.C2C0.9CBD.5277",
    "client_id_issued_at": 1530862442,
    "client_secret_expires_at": 1530948842,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2138E7.C2C0.9CBD.5277&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bbd37ea1-b89e-4d7c-a633-7ebe7f11e9b2&nonce=2e4449c9-0b7b-480f-80f4-d2121d525004&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:34:03 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=b0f5fde5-e8eb-40f7-8d54-99b488e5c1d3&scope=address+openid+profile+email&session_id=eb155bd1-cd2a-450a-8d03-ab741b996917&state=bbd37ea1-b89e-4d7c-a633-7ebe7f11e9b2&token_type=bearer&session_state=3dbd2000-db91-4465-827b-fc8a3ca263f4&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9779.F531.13B7.FAE3",
    "client_secret": "1a7add62-5514-4b0f-a7cd-85caa64b4d3a",
    "registration_access_token": "3004567a-8111-4898-9999-f4eb5f504c0d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9779.F531.13B7.FAE3",
    "client_id_issued_at": 1530862443,
    "client_secret_expires_at": 1530948843,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219779.F531.13B7.FAE3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=90b67819-bd21-44f0-bc2d-4bc04e99a225&nonce=e82a2c37-0d3e-4e3e-baa9-9861976e067f&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:34:03 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5Nzc5LkY1MzEuMTNCNy5GQUUzIiwiZXhwIjoxNTMwODY2MDQzLCJpYXQiOjE1MzA4NjI0NDMsIm5vbmNlIjoiZTgyYTJjMzctMGQzZS00ZTNlLWJhYTktOTg2MTk3NmUwNjdmIiwiYXV0aF90aW1lIjoxNTMwODYyNDQzLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJERFJFU3prZjF3QWNPV0tpcWJLODRWM05KVEpFNW5TQXhJR0h2NFp2X0dJIn0.nh5vP-3vnPzHtwgeoq-DR4kGW0HIswUS5NYJ_2yofNB27s3bXxXdARkVylcwcxQzaBkf0SNkJg9grBimTAToZ0G9zWYvCIRGqH_HFXb5aXjI7VIqs-BS2eFWRZkMbZWmgebsKTaP4t8Mm8lEOX0JsrLUmiJG4Cw4VlIuaHKXIifYzxYrl3jzwPLOKcrtokCr8tq5gW_sKVzLa2VfCM5f-7DPwYoPc0FQNCOKuuVoZ5fXNY05NIDMN8Qhjxr8UMjDb0BUysVrkbKRC24K3NoyWCK2bYF56RjkbBcU4kx0FhGHSOyA_zw3977wVO1hs7tdSckLSjB1Kt5mcKksgX0auA&session_id=3fb6209c-c4dc-4ad9-85f2-40cc23af7d08&state=90b67819-bd21-44f0-bc2d-4bc04e99a225&session_state=22106986-d861-4999-b56e-a237bbc8fbf6
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!562C.2647.A98F.BC13",
    "client_secret": "b8cddfa4-bcd1-4b0c-bcbc-44aef158accb",
    "registration_access_token": "038f7881-443e-47a0-862a-94c6f1b7e9c9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!562C.2647.A98F.BC13",
    "client_id_issued_at": 1530862443,
    "client_secret_expires_at": 1530948843,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21562C.2647.A98F.BC13&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bc518080-a496-46b6-9900-5cf5ec2990b5&nonce=d2e565ac-aaae-4cd5-92c0-38baa8c58c78&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:34:03 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=abc0e39d-6bb6-4efd-a2cf-c1f2a6574922&code=8ba60515-c5af-444c-bd6b-3a9779479e01&scope=address+openid+profile+email&session_id=e6bf5be4-2315-4f8a-8626-94e027db78a2&state=bc518080-a496-46b6-9900-5cf5ec2990b5&token_type=bearer&session_state=f98303d7-7f02-4fc7-accb-0e2cd8e00eb9&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B6F.7C84.A3F6.CD69",
    "client_secret": "5ae7f651-db3c-4761-94e1-4851bfc347dd",
    "registration_access_token": "1450e7f6-74c2-4457-bec5-660495ce157a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B6F.7C84.A3F6.CD69",
    "client_id_issued_at": 1530862443,
    "client_secret_expires_at": 1530948843,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217B6F.7C84.A3F6.CD69&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c33426e5-c743-4276-8822-11f29a0f305e&nonce=71f4ee4f-b117-4967-972e-1ee441b42bb4&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:34:03 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=b29fe1e8-d840-4bf9-9d72-7973ac5b3387&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3QjZGLjdDODQuQTNGNi5DRDY5IiwiZXhwIjoxNTMwODY2MDQzLCJpYXQiOjE1MzA4NjI0NDMsIm5vbmNlIjoiNzFmNGVlNGYtYjExNy00OTY3LTk3MmUtMWVlNDQxYjQyYmI0IiwiYXV0aF90aW1lIjoxNTMwODYyNDQzLCJjX2hhc2giOiIteF94U3lBSTN6MjVSbHQyTTdVcnZBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoicENrYWM4cGRiNHRPZl9NalZ2eDNkYVgxbGtQbWJzb08xR0RJbEY5V3UxYyJ9.Wnrh2mcuAH_SjWTQu3fNBfM9PbFr6c6dsMULa2VAUEKtt5cJRCBiz2Zv2WVLX_3zZNNkiGQ9XeE-1dNZKhOJ7GsdhhUd3bPP9eGaKIxuIJVUmmJHpxExgHaPt1kMyDFVrCTgxRstN4Ros29nWLNPZUQe2Dc0b-UHSpTew4n66YrBKZLTVw3F8EZMVO-on8HifErprUm9Xs-BuzAEyAPPv9b2IzPvZNRS9lqxOrXJwrscewfmzLFE-CrnWUGDzjCDr2xnBT-gErNUAahkhfzgFwEGgqA1cyEImtiVbVyxzKPNY6JRyty-N_xXuIzqFFL9ipmyBqW7B7egaebRyA9Bmg&session_id=4ceabc1f-4146-40d9-ac6d-60a52376b81e&state=c33426e5-c743-4276-8822-11f29a0f305e&session_state=efb19806-a704-4838-a8db-71984efffc4a
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F3FD.F5F5.66E8.422E",
    "client_secret": "a982bd11-0215-404b-836a-2bb9873ce9de",
    "registration_access_token": "67f8ad2f-d7d2-449d-bc9c-bb6c709ef8a3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F3FD.F5F5.66E8.422E",
    "client_id_issued_at": 1530862443,
    "client_secret_expires_at": 1530948843,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F3FD.F5F5.66E8.422E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3e9d4595-bc4c-4809-9d20-e3e28822518d&nonce=76b36432-e90d-44f5-85b0-db85b96aead5&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:34:04 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=4aa08a3f-a2d8-4b3e-93b3-525e911269f4&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGM0ZELkY1RjUuNjZFOC40MjJFIiwiZXhwIjoxNTMwODY2MDQ0LCJpYXQiOjE1MzA4NjI0NDQsIm5vbmNlIjoiNzZiMzY0MzItZTkwZC00NGY1LTg1YjAtZGI4NWI5NmFlYWQ1IiwiYXV0aF90aW1lIjoxNTMwODYyNDQ0LCJhdF9oYXNoIjoiWGNpRTN6LWliV01oMHdDODRlNFFwUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Iko4LWRCQ2N4WWxiNWlZbVRudXU3emFpcXZCUTB6ZkQ0Uy1VM2k3YjRteGsifQ.gffayWNQYenBdNpJb5NX5mmPczqh-7VFNQ_fby_21cJ9agjmnWfovIJUXrF6G7osrGuOr-XRNjx0HpGXbeFUL60woeQY1pab9X2QbN5VZKVQsKvYRGxeTFXZ7TJlXoOoPXXJ1Kj2D3eeQSmCDc_W0Z_b8ddJotZdayZUzRlcf-hhkOsiCGmMZ0iaQD7dFRy38-GlcCWPDrCqo-ojbg3L_TAh-AV-dy7BlVvbqv0MHZCfZYwqgsMHrXzOojL7-ioJHBtP-5RcoXhgMCgdBPfFeqmhUWKRhHaNLbloFcdFsTKpLHyrD7LDGU1d3GmTIz9UMr-YIJeR-XaQ3AEL2zDwAg&session_id=9e840b4e-94fd-44a2-ad18-ebc42cdf776e&state=3e9d4595-bc4c-4809-9d20-e3e28822518d&token_type=bearer&session_state=dd6cf33e-4978-429e-a6ff-5f08dca32d9f&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4470.600A.8F3F.BDC7",
    "client_secret": "57bcb48d-2664-42f5-95c6-41af90bad075",
    "registration_access_token": "4b6a74e6-773b-46c6-b3cc-05da4d0488af",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4470.600A.8F3F.BDC7",
    "client_id_issued_at": 1530862444,
    "client_secret_expires_at": 1530948844,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214470.600A.8F3F.BDC7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0dfcf598-1397-465f-ba8f-6e0bdcbc7a88&nonce=0418f3d5-f841-4ef7-910e-9160e1462176&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:34:04 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=ebb3a195-bffd-415f-bffb-e85f281f9f15&code=467dca20-e634-4bb7-a541-6653f37926d5&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0NDcwLjYwMEEuOEYzRi5CREM3IiwiZXhwIjoxNTMwODY2MDQ0LCJpYXQiOjE1MzA4NjI0NDQsIm5vbmNlIjoiMDQxOGYzZDUtZjg0MS00ZWY3LTkxMGUtOTE2MGUxNDYyMTc2IiwiYXV0aF90aW1lIjoxNTMwODYyNDQ0LCJjX2hhc2giOiJvTDJzM3pBaXY4VFNDUzRoVlc1NF9RIiwiYXRfaGFzaCI6IjkyRTlPdW5hYUR1VXk2QzRiOXJmSlEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJSMmRxRVFFVC1CVU43cmVNNzlYd2xJYUJ6WmxJTzVGc2tTTjhtTzhMT0RVIn0.dPDu3cz1YNbgB2JcCWMBDOuNVeNVvu_x7iGmftTZgW2iodpQA5VcJWVN7FFOGLo_uWAgbQdppfLWvVQ4dNs8nA8EAz7dqtlJEuaASgdREjAz2bNTVWTBsDsWrY44yx83_9Y3gpI7AEeSMejsQzC-VdH4us26uXCBRI3aJ8UjDiehWmqixIDlq_haTz9DXeCkrOg4fx8RU1oluHskROmH-E-1FYvC3_jfwr0VPqGRs4b4ya-1ZryQuFd01JIZ3fPpgX-Tfex12fSnmOY_4ZRcyROVtcam516XdjhkU2bBOvW8bfCv1BdTHjo5Mg3v86UIo45O2VKH0IAObkx3JdiCSA&session_id=1ac2ac7c-668c-4b7e-b4ca-99ef4191045d&state=0dfcf598-1397-465f-ba8f-6e0bdcbc7a88&token_type=bearer&session_state=629a83ab-caa5-40da-8f8c-0aebcba3fb30&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:34:04 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:04 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: defaultResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2DE6.6328.B7B9.E527",
    "client_secret": "90b23f99-d6c2-4b78-866c-790a61250e77",
    "registration_access_token": "7cce6f2d-9ae1-4925-bce7-3998fb1808b9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2DE6.6328.B7B9.E527",
    "client_id_issued_at": 1530862444,
    "client_secret_expires_at": 1530948844,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212DE6.6328.B7B9.E527&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5c123e3e-6305-4376-b724-e213adc7a6a6
03:34:26.766 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e4acd05a-c0dc-4bc9-a2c1-5574e673ff85
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212DE6.6328.B7B9.E527&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5c123e3e-6305-4376-b724-e213adc7a6a6

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=065a2bc8-ebfb-4352-8ecd-e05a981f3dfe&scope=address+openid+profile+email&session_id=b334d5e3-f08b-4074-838b-6b50627f9531&state=5c123e3e-6305-4376-b724-e213adc7a6a6&session_state=e4acd05a-c0dc-4bc9-a2c1-5574e673ff85

#######################################################
TEST: defaultResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!519C.EED4.8F15.D890",
    "client_secret": "06d2b45a-2fc7-42f2-99a8-c5c1ba97a436",
    "registration_access_token": "9bfbb5a7-cded-4da2-8d09-fa6fc3abddc3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!519C.EED4.8F15.D890",
    "client_id_issued_at": 1530862445,
    "client_secret_expires_at": 1530948845,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21519C.EED4.8F15.D890&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fb4cd241-81c7-40cc-9542-596ba6421805&nonce=6c6641f2-609d-4169-8273-ec494f164354
03:34:27.986 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e01a8103-f7ee-439a-8723-614a63a63866
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21519C.EED4.8F15.D890&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fb4cd241-81c7-40cc-9542-596ba6421805&nonce=6c6641f2-609d-4169-8273-ec494f164354

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=f58d8b2c-c4fb-48e2-abf0-16f792ded0b7&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1MTlDLkVFRDQuOEYxNS5EODkwIiwiZXhwIjoxNTMwODY2MDQ3LCJpYXQiOjE1MzA4NjI0NDcsIm5vbmNlIjoiNmM2NjQxZjItNjA5ZC00MTY5LTgyNzMtZWM0OTRmMTY0MzU0IiwiYXV0aF90aW1lIjoxNTMwODYyNDQ2LCJjX2hhc2giOiJPMDdtcjhVcmI1bDFxcXNFWjJweU1nIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiQ3FkaVhoWmlZeU9TSUY1ckZsZ1QyaWI4SFN5U0V6YU1tUVpHTERYb0dGWSJ9.ds8x2axoZ-U9nIyGg5rz5IeUfRFsVyFBjnzyuNk-6XX56trtUTQD1C16995DthuBfxMBPrXhxsfIZEtMIK_EscOLAykdXLtJnBHAEoo4MSIaqdorRR7-NJSWZDbzZjgU1H11qq5x0H-u1AQpVCZcfbf1UAtnm88eZAdpHrKhJdSeIBV6MLX8IOVl0TnPA2lywswtI3mcWB8IT46TNydrQxVW1k1U6R1ltpSkp4RYwUfOAbxtz_1u_YND3lF7Og_0SjzRerIh61-iq4NdXLaSPw6NjVVgGr7sI19kVKzq3GDhjAxFMc3otKEgS-GA8fNNO2Sx9N6UIMyzJw4fFwdDUg&session_id=2993cc4e-bd2b-48d3-be86-553e05685387&state=fb4cd241-81c7-40cc-9542-596ba6421805&session_state=e01a8103-f7ee-439a-8723-614a63a63866

#######################################################
TEST: defaultResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61C3.D2AD.6CFC.1FA5",
    "client_secret": "1daa351d-e426-4d09-8c80-0893b1070722",
    "registration_access_token": "a0f27cd4-b9b8-4ba9-ac2c-4d77907cf6b5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61C3.D2AD.6CFC.1FA5",
    "client_id_issued_at": 1530862447,
    "client_secret_expires_at": 1530948847,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2161C3.D2AD.6CFC.1FA5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a867444a-73d5-4670-b5ce-8c2461c5186e&nonce=ec2922c4-4eb0-46e5-ac17-7f9253c8e823
03:34:29.268 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:716ab53c-956c-441c-86d1-4466ec0c7271
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2161C3.D2AD.6CFC.1FA5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a867444a-73d5-4670-b5ce-8c2461c5186e&nonce=ec2922c4-4eb0-46e5-ac17-7f9253c8e823

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=5f054ca5-9080-4e9e-b7c3-741c205a95bf&code=bca2726d-0051-489d-b348-f35292675f47&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MUMzLkQyQUQuNkNGQy4xRkE1IiwiZXhwIjoxNTMwODY2MDQ4LCJpYXQiOjE1MzA4NjI0NDgsIm5vbmNlIjoiZWMyOTIyYzQtNGViMC00NmU1LWFjMTctN2Y5MjUzYzhlODIzIiwiYXV0aF90aW1lIjoxNTMwODYyNDQ4LCJjX2hhc2giOiI5T0ozbnY5RG14Mjc4bmZ4Q1ZkZ25nIiwiYXRfaGFzaCI6ImVIM2R6Mk9sbjRqZTVXaXRLZjJ3VVEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJ3cWxhMTdjSnJnMGRTREtzQ0ZRQVVHWXNJRUI0dmlzeTNNWnVzQnBORUxBIn0.gBQfxhyTBVKCNnquQB_SGvGqCVAXSVwa8lzeOGDTVOWiX2PSgPJTCbI-MXsGnlIIq2b-4UUfLfwDOH58JdDrqxL3_ceQoVAKmSWV0TpYZdlrz_6KBPImgTGR7b0ZEU8oKclsgLNRU5FXFfW63IszXVNwV9LqnvkXiVVQsufwr-ungdB9T8J3T8cw-gC0s0FdP4GlcuoFzWuLgdTVbGUT_UaMMPkdPWmNQ1P8bSPJDXTwwO_IeihdErjB5KZX7rUMMouby4OTuOp4EpKahI9k2cla6kORw_MbHvVeGveWtaHnsdJYQomROokCHTsQjh4f1zAnysbFP1Kn87NoSGJd7g&session_id=2a0af27a-d73c-4c27-813c-44c8c4d6d2d6&state=a867444a-73d5-4670-b5ce-8c2461c5186e&token_type=bearer&session_state=716ab53c-956c-441c-86d1-4466ec0c7271&expires_in=299

#######################################################
TEST: defaultResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:08 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C404.56A1.9603.9B8A",
    "client_secret": "28b09972-7153-49bd-b9e9-921c27b06dd4",
    "registration_access_token": "a9a465ec-fb28-464c-a19c-36bf931c5941",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C404.56A1.9603.9B8A",
    "client_id_issued_at": 1530862448,
    "client_secret_expires_at": 1530948848,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C404.56A1.9603.9B8A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=40b58913-d9ad-49a7-8ce2-3f4b66d22804&nonce=7ea70480-5d67-47a6-9ec1-0baabdb815d4
03:34:30.447 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:1c8c379e-ac42-408f-987c-ff47c6c7de00
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C404.56A1.9603.9B8A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=40b58913-d9ad-49a7-8ce2-3f4b66d22804&nonce=7ea70480-5d67-47a6-9ec1-0baabdb815d4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=73d3b85c-6b3b-4334-a357-0dd6c4173a9d&code=d1d0c73a-88cf-4397-8865-b244ca838da3&scope=address+openid+profile+email&session_id=2e834106-7ee6-4ffa-a001-36c5fb9c51b4&state=40b58913-d9ad-49a7-8ce2-3f4b66d22804&token_type=bearer&session_state=1c8c379e-ac42-408f-987c-ff47c6c7de00&expires_in=299

#######################################################
TEST: defaultResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6605.6FE6.38CB.AC0B",
    "client_secret": "0e6ac5bd-c22b-43ad-851b-8842aed54bf2",
    "registration_access_token": "3d48a871-5556-4778-ad40-f9298a1aa93f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6605.6FE6.38CB.AC0B",
    "client_id_issued_at": 1530862449,
    "client_secret_expires_at": 1530948849,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216605.6FE6.38CB.AC0B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=074474b3-b272-48eb-abaa-a195ba67ddc5&nonce=257b726b-0e7c-43ac-a170-342e449b8969
03:34:31.613 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4271b3ad-a56a-4340-9f9f-14e00d7b3ca3
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216605.6FE6.38CB.AC0B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=074474b3-b272-48eb-abaa-a195ba67ddc5&nonce=257b726b-0e7c-43ac-a170-342e449b8969

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2NjA1LjZGRTYuMzhDQi5BQzBCIiwiZXhwIjoxNTMwODY2MDUwLCJpYXQiOjE1MzA4NjI0NTAsIm5vbmNlIjoiMjU3YjcyNmItMGU3Yy00M2FjLWExNzAtMzQyZTQ0OWI4OTY5IiwiYXV0aF90aW1lIjoxNTMwODYyNDUwLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiI2d3lsN3djLU5tVUlESWQ3OFROVUdycFBkRTVjOEFaQ083QkFhY3dLNVBvIn0.hFaDInQZ_oVOEwoJGhtj9uW7Vu4rdqiYnajUK5X8coP5_UESb1HbgnwhKvX9-yaLDOmspl73yjGWpKPBvN1G7G3xf85KdA939yt72YWNY1LUp41TGmpz8y-DMGl6oa4c1T4YS1SZQ1Gr6Gtvppy5rPbGdTxMzzQx1UguoZx2wUZ9HCwtcqWPV5IKyNK6uryLlE1i09oRjpVevDGBOw1xtWqZQmljXz8JstS5dM9oq5no6DSxYw50LQv2ZMo6EfYS8qw2_1FG-ZslzdXUFFwyy2d0DoRc8m01TAjo9YlflYLfsNlehWO7nRPvWYFWnfYWJlUlDSCxTxg5N4ZaUcQ0-g&session_id=7a5a753a-a359-4aa3-9770-cda8b19cb23f&state=074474b3-b272-48eb-abaa-a195ba67ddc5&session_state=4271b3ad-a56a-4340-9f9f-14e00d7b3ca3

#######################################################
TEST: defaultResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EC74.2782.E9BF.2D15",
    "client_secret": "8eb16be5-d743-4187-998f-ad7b7fe0e825",
    "registration_access_token": "b33acb36-29f0-40fe-8fa9-3bfde24b3bdd",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EC74.2782.E9BF.2D15",
    "client_id_issued_at": 1530862450,
    "client_secret_expires_at": 1530948850,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EC74.2782.E9BF.2D15&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d4fa9758-34b3-42c9-932a-9ecc3c6a06bd&nonce=4493a26b-552f-4997-b6a3-1b906309786f
03:34:32.811 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:6887b732-3e9a-46bb-a246-47b1c38d1675
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EC74.2782.E9BF.2D15&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d4fa9758-34b3-42c9-932a-9ecc3c6a06bd&nonce=4493a26b-552f-4997-b6a3-1b906309786f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=cfc04c02-73f5-49f8-aa3d-e69567ee26c0&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFQzc0LjI3ODIuRTlCRi4yRDE1IiwiZXhwIjoxNTMwODY2MDUxLCJpYXQiOjE1MzA4NjI0NTEsIm5vbmNlIjoiNDQ5M2EyNmItNTUyZi00OTk3LWI2YTMtMWI5MDYzMDk3ODZmIiwiYXV0aF90aW1lIjoxNTMwODYyNDUxLCJhdF9oYXNoIjoiUWpnb3lQYUFrODkzRUEzYmRIMUNIQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Inp4eEljUmRBb05NZ2tlNlJEV0pHVUZWUW1VN01rcTNlUE94UXNMenNGVUEifQ.PEIU-5qJHByo-7usnHsUFEucILsGgbWsOQT5n09mR-hzGFAkc9mts1I2Itt1hWtuhYFw-JNHTby9aR6vCRlRxC7H0U3WDdkz2bwG_ay0YXrw4T9IXW79_novqvFgUmvAF9CWDm5V9FdkHV1bZhEoBitQJVjIokmkvEKGr4UQVMxAcV5_nyAGE2hkrEzqyU2AUk67jI3PKdPEsKohcnF4jJojg2LuJ2qJ35D0CiZuhAMwBWRQcZD35sV6x_EEp_IJtdTpdrFkiZUdygkzISpi4JIdGhM9I-1izKD1nD0JR--relEH24WoLhLXawb2W9GoihbvT32lWdYL6UhMad9ARA&session_id=6f6ee54b-f8b0-486e-831f-992a14ba8c8c&state=d4fa9758-34b3-42c9-932a-9ecc3c6a06bd&token_type=bearer&session_state=6887b732-3e9a-46bb-a246-47b1c38d1675&expires_in=299

#######################################################
TEST: formPostResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0AB2.DD0A.34A0.74B3",
    "client_secret": "9d710c93-8050-4d43-81f1-37702993dba8",
    "registration_access_token": "598f4e52-5979-4bdd-aa35-5815a65226d0",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0AB2.DD0A.34A0.74B3",
    "client_id_issued_at": 1530862451,
    "client_secret_expires_at": 1530948851,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210AB2.DD0A.34A0.74B3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=67470d72-0e7b-4825-a286-9df242f5b4f9&response_mode=form_post
03:34:34.137 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:a0040568-b0f4-4039-8bc2-558830a2579d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210AB2.DD0A.34A0.74B3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=67470d72-0e7b-4825-a286-9df242f5b4f9&response_mode=form_post

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6A3E.D200.7166.9115",
    "client_secret": "ff8d2f4b-c992-4d5f-ba5d-99afcea773d3",
    "registration_access_token": "8ba75ced-7cfd-4de3-a46c-73be182a2435",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6A3E.D200.7166.9115",
    "client_id_issued_at": 1530862453,
    "client_secret_expires_at": 1530948853,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216A3E.D200.7166.9115&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=89794054-d212-4948-ac14-16c8a971ed9f&response_mode=form_post&nonce=a036a0b5-4406-4136-9cfd-86748fb48c7c
03:34:35.353 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:aaba563f-24f4-4760-b114-1171e7229327
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216A3E.D200.7166.9115&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=89794054-d212-4948-ac14-16c8a971ed9f&response_mode=form_post&nonce=a036a0b5-4406-4136-9cfd-86748fb48c7c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C036.6B84.A3A0.DE47",
    "client_secret": "11aff821-e92d-4414-8e3f-c4ff522dd404",
    "registration_access_token": "0a564e3e-6a65-4b72-889c-694883e35379",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C036.6B84.A3A0.DE47",
    "client_id_issued_at": 1530862454,
    "client_secret_expires_at": 1530948854,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C036.6B84.A3A0.DE47&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fc263e20-8a7b-44af-8431-5ea2fabc3e6a&response_mode=form_post&nonce=6d0b7544-7f47-4083-8b35-6c7df1ae9d8e
03:34:36.568 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:c8e3ddcb-ad58-4e46-a3bf-ce5557029d9e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C036.6B84.A3A0.DE47&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fc263e20-8a7b-44af-8431-5ea2fabc3e6a&response_mode=form_post&nonce=6d0b7544-7f47-4083-8b35-6c7df1ae9d8e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A940.7ED5.D03A.98CE",
    "client_secret": "1e2ade0f-40e8-4144-9447-3e37f85f651e",
    "registration_access_token": "e436f8f6-30a4-4f57-9132-e6da0230432a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A940.7ED5.D03A.98CE",
    "client_id_issued_at": 1530862455,
    "client_secret_expires_at": 1530948855,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A940.7ED5.D03A.98CE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3e04ec23-6e0d-49b1-a164-4bef99c9244a&response_mode=form_post&nonce=1a2f7d0b-9c82-439a-9f31-f2a3d845dc0d
03:34:37.832 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:58ef63e5-fd82-4a47-94c4-de72ba0efc41
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A940.7ED5.D03A.98CE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3e04ec23-6e0d-49b1-a164-4bef99c9244a&response_mode=form_post&nonce=1a2f7d0b-9c82-439a-9f31-f2a3d845dc0d

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!876C.BDD2.BFFC.BF7D",
    "client_secret": "9fbc4988-647a-4166-a24b-5c6cacf59bcf",
    "registration_access_token": "fded4ae4-a7f8-4640-b5ba-7e27ebc54fa3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!876C.BDD2.BFFC.BF7D",
    "client_id_issued_at": 1530862457,
    "client_secret_expires_at": 1530948857,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21876C.BDD2.BFFC.BF7D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fecd18a4-68ad-4b55-b195-384560c23b25&response_mode=form_post&nonce=7f693fbc-0f53-4aad-8bc9-d706d5c13ee7
03:34:39.169 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d1eaac8d-4ad3-4e24-a697-1172554d0c72
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21876C.BDD2.BFFC.BF7D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fecd18a4-68ad-4b55-b195-384560c23b25&response_mode=form_post&nonce=7f693fbc-0f53-4aad-8bc9-d706d5c13ee7

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4630.EDF7.1C29.08B9",
    "client_secret": "08fa79ac-565e-4896-980b-49ab4205f2e2",
    "registration_access_token": "aca20a5b-8105-431d-b14a-ac847cd6a0be",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4630.EDF7.1C29.08B9",
    "client_id_issued_at": 1530862458,
    "client_secret_expires_at": 1530948858,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214630.EDF7.1C29.08B9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8358098b-d879-4dd4-997f-0c3c2f10a475&response_mode=form_post&nonce=0e6bf3ad-30c5-4522-be09-618ef2b1d3b5
03:34:40.555 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:9a26309a-c2de-4281-8604-394c34997ec9
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214630.EDF7.1C29.08B9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8358098b-d879-4dd4-997f-0c3c2f10a475&response_mode=form_post&nonce=0e6bf3ad-30c5-4522-be09-618ef2b1d3b5

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: fragmentResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7478.206B.CEC0.5EA8",
    "client_secret": "4dd36039-65c2-45e5-b472-2965fabca1b2",
    "registration_access_token": "a50f63da-a3cf-492e-9bcb-bab60d886c6d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7478.206B.CEC0.5EA8",
    "client_id_issued_at": 1530862459,
    "client_secret_expires_at": 1530948859,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217478.206B.CEC0.5EA8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f209c8e5-f22e-4899-9c23-5f2ea0ff2dd8&response_mode=fragment
03:34:41.804 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b4a7f7fc-c773-42c4-89bb-b30e443ee4f7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217478.206B.CEC0.5EA8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f209c8e5-f22e-4899-9c23-5f2ea0ff2dd8&response_mode=fragment

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=ce200da8-09c6-4faf-830e-a68a43bd8eb7&scope=address+openid+profile+email&session_id=6516299f-c181-4ebb-8b09-b724d4203935&state=f209c8e5-f22e-4899-9c23-5f2ea0ff2dd8&session_state=b4a7f7fc-c773-42c4-89bb-b30e443ee4f7

#######################################################
TEST: fragmentResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6C78.6F9E.99B1.2ABA",
    "client_secret": "7c9484e6-ca70-4c3d-894f-14bf80e5256a",
    "registration_access_token": "ca5e2b8e-e168-411d-b550-cb55fde8f766",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6C78.6F9E.99B1.2ABA",
    "client_id_issued_at": 1530862460,
    "client_secret_expires_at": 1530948860,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216C78.6F9E.99B1.2ABA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4eb96aca-0b09-4b8b-abae-66962dfc92f2&response_mode=fragment&nonce=8b256e08-819c-463f-a82f-b78641b826b7
03:34:43.057 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:6ae8faea-282f-4afe-876c-ac6f81dc8b51
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216C78.6F9E.99B1.2ABA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4eb96aca-0b09-4b8b-abae-66962dfc92f2&response_mode=fragment&nonce=8b256e08-819c-463f-a82f-b78641b826b7

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=3e211231-f215-4978-9b26-90e23e117219&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2Qzc4LjZGOUUuOTlCMS4yQUJBIiwiZXhwIjoxNTMwODY2MDYxLCJpYXQiOjE1MzA4NjI0NjEsIm5vbmNlIjoiOGIyNTZlMDgtODE5Yy00NjNmLWE4MmYtYjc4NjQxYjgyNmI3IiwiYXV0aF90aW1lIjoxNTMwODYyNDYxLCJjX2hhc2giOiJBUFhQUlNTRGtUWTRqUEYxTE5nbVVBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiNE5Fb05WZkhmTGJvSkxLWHQxQ0s2enBXeFl5Zk1VS3BNZDVMMEF4a04yRSJ9.dRbIiVZqrafAGX25sAC8VFr6Nzs98yh_nIpM6n5Gq9ryVIWbEgs0oEjT_W8yJnmS3pma9GkC9w-dSzNAIx7silYVbR3BfKlmTqkxwmWC-J2TH4FY3KF7Q7AXEDoV2SkbnKr86jDjcsq0ZDdCbWB7DDIoELduj6o91nwBVXuifnGjEqO-Dmm0VI0g5ax4Rf8CobvbHxo4aQdshQ9RLt-xM3OEI0gAmSTiSfux89llKfDr2GZpaDc6jXd61ffWllp8O63oqL4mm6V8DbCu2bvh4tp7JG8f2RkOWGErvS4hT6nMa9rvpJfUBzZJyMJe46QbFeYh1x-IB2xDIyxlTS6Q6Q&session_id=b5d147cf-2676-4daa-bba4-ab5682f3fd4a&state=4eb96aca-0b09-4b8b-abae-66962dfc92f2&session_state=6ae8faea-282f-4afe-876c-ac6f81dc8b51

#######################################################
TEST: fragmentResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:22 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5034.C9A7.C844.C897",
    "client_secret": "39130111-519f-4f6e-8d3e-1ba2b933ff00",
    "registration_access_token": "3adf3d00-ee93-4a49-b994-be077b42663a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5034.C9A7.C844.C897",
    "client_id_issued_at": 1530862462,
    "client_secret_expires_at": 1530948862,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215034.C9A7.C844.C897&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d4c6fc27-f240-42c7-b350-e6b3fc33c735&response_mode=fragment&nonce=008407e0-41be-46b5-a1d0-a3caed701c16
03:34:44.206 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:679e583e-3564-48aa-aa0d-abfba7695e03
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215034.C9A7.C844.C897&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d4c6fc27-f240-42c7-b350-e6b3fc33c735&response_mode=fragment&nonce=008407e0-41be-46b5-a1d0-a3caed701c16

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=4fc06ab4-5fea-4c89-bbbb-69712f076b34&code=a7005b1d-c207-4075-b7e5-ffbe00d6c283&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1MDM0LkM5QTcuQzg0NC5DODk3IiwiZXhwIjoxNTMwODY2MDYzLCJpYXQiOjE1MzA4NjI0NjMsIm5vbmNlIjoiMDA4NDA3ZTAtNDFiZS00NmI1LWExZDAtYTNjYWVkNzAxYzE2IiwiYXV0aF90aW1lIjoxNTMwODYyNDYyLCJjX2hhc2giOiJJUnJMWjI3V091dXZNZUJ1ZDhpc0xBIiwiYXRfaGFzaCI6ImFSSk91dXY0RzJJYXJUbVlkREJfQXciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJkVTNFdHgzaEJIM0xSQm9jLVJPRXE1dGY4UU90ZXBmOE5lMTV3SjNaSnVVIn0.QfuQqiuKfchgIwxVyTsHffLILrvFttasy9TQK7qvKN5W6BuS7PscocvkQgAbqcbftH_SgXj4THrB9ZY-DntZ_iWCJ7p8gOgAsPEU9u9WeDhimGY_dLuvRNFtacLLD9NrsBLLvKqs-LOUAR2-5GduNf1QFC2XRdcfJMMRZtIgnHSunkdQjG1WrceESNuYp_klopz8MhovTwZIyjzzGTKEWkDiUoT2p070RcIE5FoGtii-4SF7yecuM-fWsetiGV_TifEx1uxxo6opagYUdtzfHEkq4JngvwjrUd01K2mCvaMJGYyaXIDuYm404RZ-moaSE6geKvgQ_1vX8YaeU-8WUQ&session_id=f7be0a3e-6b4e-42de-a9ee-ce8595bc9630&state=d4c6fc27-f240-42c7-b350-e6b3fc33c735&token_type=bearer&session_state=679e583e-3564-48aa-aa0d-abfba7695e03&expires_in=299

#######################################################
TEST: fragmentResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7A3D.ED85.A765.E53D",
    "client_secret": "dae2ae08-f189-462b-b664-e7e393ad1729",
    "registration_access_token": "186d5044-7c40-474b-ba67-5cfcf094a42b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7A3D.ED85.A765.E53D",
    "client_id_issued_at": 1530862463,
    "client_secret_expires_at": 1530948863,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217A3D.ED85.A765.E53D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=67e41c9f-df89-40bd-ac4f-00ad6004a403&response_mode=fragment&nonce=df5122a3-2106-4d05-b83a-bae4a508bba1
03:34:45.401 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:98b551a4-874b-48ca-a98a-ca097199b346
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217A3D.ED85.A765.E53D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=67e41c9f-df89-40bd-ac4f-00ad6004a403&response_mode=fragment&nonce=df5122a3-2106-4d05-b83a-bae4a508bba1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=2430c679-10d8-4bd4-9113-3c0449452dfb&code=14983197-5bc6-402b-9d1e-d57372007ef6&scope=address+openid+profile+email&session_id=ae4514d3-8cfe-413d-9899-6c4463f3a881&state=67e41c9f-df89-40bd-ac4f-00ad6004a403&token_type=bearer&session_state=98b551a4-874b-48ca-a98a-ca097199b346&expires_in=299

#######################################################
TEST: fragmentResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!393D.D4AA.1BBF.9A06",
    "client_secret": "92382ea0-d7ef-40eb-b709-773d131e5be1",
    "registration_access_token": "4513b4ab-a131-4d2f-9620-63f141a0d5bb",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!393D.D4AA.1BBF.9A06",
    "client_id_issued_at": 1530862464,
    "client_secret_expires_at": 1530948864,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21393D.D4AA.1BBF.9A06&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f6cb41d5-dd0a-4b65-9472-4cb72b29a3fb&response_mode=fragment&nonce=e953e5c6-2e41-4f35-9180-8acd0551ce9c
03:34:46.481 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:05e92d71-41af-4709-a90e-bdeb5c56e7c8
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21393D.D4AA.1BBF.9A06&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f6cb41d5-dd0a-4b65-9472-4cb72b29a3fb&response_mode=fragment&nonce=e953e5c6-2e41-4f35-9180-8acd0551ce9c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzOTNELkQ0QUEuMUJCRi45QTA2IiwiZXhwIjoxNTMwODY2MDY1LCJpYXQiOjE1MzA4NjI0NjUsIm5vbmNlIjoiZTk1M2U1YzYtMmU0MS00ZjM1LTkxODAtOGFjZDA1NTFjZTljIiwiYXV0aF90aW1lIjoxNTMwODYyNDY1LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJPU2F2NEdma2hWSFlVWV82My10UlR0RzEtY1ZOTkFwWkkxcUdiNHo2T1dNIn0.Mwy4GsIrMu3SZU3eo5im9IskYPlT7GC9tZXkdoUhjpSsOBfPgC7SlulnxwdbXeNSh44xWbZuNF_IMS7M6FAXbkBNdZ0bpM39ipaB-YACqO3j-w14m3tXEmeYH0lppYSnU8mSzRwWP7UvBxMTP3SkYl3DyfQ7bCQuju3fV_K0sNSzoaFdn0YS1nMx-1S9E5FRtxxTjJ9nO10EtUWGoASMlq4Tvwje1LvpPtgFk93DU7zY3vzNYbgBFhSQ_gMdr6cpkY6JRgT8eE49CNJFOHpXnj2H6IQ_HnQ66vuY35bfgsmS-gv6gD2H4kaHRI_CYxtIZ2q1k8vpf5tMuvuNKCw7Lw&session_id=8d83c864-4e9f-4af5-8301-9b5fb39c9d01&state=f6cb41d5-dd0a-4b65-9472-4cb72b29a3fb&session_state=05e92d71-41af-4709-a90e-bdeb5c56e7c8

#######################################################
TEST: fragmentResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:25 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!617F.6256.437F.F071",
    "client_secret": "d90226e9-0e11-4a92-afad-e21774a88ff4",
    "registration_access_token": "2c93a212-e5b5-4744-a33b-be066705337e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!617F.6256.437F.F071",
    "client_id_issued_at": 1530862465,
    "client_secret_expires_at": 1530948865,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21617F.6256.437F.F071&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=835e2f6f-3365-4845-928f-b7620555b7e7&response_mode=fragment&nonce=568d22ba-b85e-4b63-b5d9-891e09696a83
03:34:47.656 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:cf05bc4b-4fdc-4063-952b-f75e22c3013e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21617F.6256.437F.F071&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=835e2f6f-3365-4845-928f-b7620555b7e7&response_mode=fragment&nonce=568d22ba-b85e-4b63-b5d9-891e09696a83

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=aab1a29e-3668-42de-8702-e58cdccd407e&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MTdGLjYyNTYuNDM3Ri5GMDcxIiwiZXhwIjoxNTMwODY2MDY2LCJpYXQiOjE1MzA4NjI0NjYsIm5vbmNlIjoiNTY4ZDIyYmEtYjg1ZS00YjYzLWI1ZDktODkxZTA5Njk2YTgzIiwiYXV0aF90aW1lIjoxNTMwODYyNDY2LCJhdF9oYXNoIjoiNHE3ZTBvQkU0aV96d21MeFc1OGVIQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkFuLWxxRTh3WGphcHYyYlZVYXViUmZ5aVlPRWtVdWIwN1dOeExCWDRGTU0ifQ.jDB0sbuJ9nRB34_3ORJKT1AP61m0ZYS3XnqX79rmXfUAByH_BDCBElqtZ4EkFP7Z9_114mJZrwm-J37NGt6Vr4hg38JVrMUEJaQddbq7DldpxtoqjaRS_EStV3D6foGJvNQVon_FnRD6BGi4ONWrVwi4HSf5XOqKRjToa6niF_CtKebfS8LV9bsI885-yie9xL8AJTLrSHIyI-S1f8ZvDbseIZUOMkwf87eR9iXDAiFylWADsxkMBoTFMiOajFp3aZkDMs3cHc8lyIhjLNGWbJYNWpHq3sTPPdCfpkGKcXH11fuKhEy6PWwBMzKV3rrhcYip4KtUmdYWfxyWZGIdaw&session_id=e0a95bff-6a65-4d4e-b004-b11b0eec0964&state=835e2f6f-3365-4845-928f-b7620555b7e7&token_type=bearer&session_state=cf05bc4b-4fdc-4063-952b-f75e22c3013e&expires_in=299

#######################################################
TEST: queryResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C0F.4768.5FA9.8C7A",
    "client_secret": "271fe8b1-13f9-4c1a-9703-b13434d00531",
    "registration_access_token": "3f59c3f1-8ba2-4b09-aab1-be20be9ed594",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C0F.4768.5FA9.8C7A",
    "client_id_issued_at": 1530862466,
    "client_secret_expires_at": 1530948866,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211C0F.4768.5FA9.8C7A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c37300d7-8833-4d46-a2c6-27bc464103f9&response_mode=query
03:34:48.851 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:457c2b45-8969-47dd-97b7-ac24843823e1
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211C0F.4768.5FA9.8C7A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c37300d7-8833-4d46-a2c6-27bc464103f9&response_mode=query

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=a402f348-f1bc-4496-91cb-ca8d23585466&scope=address+openid+profile+email&session_id=1057f3f6-a233-49ca-b0f6-8670771de13d&state=c37300d7-8833-4d46-a2c6-27bc464103f9&session_state=457c2b45-8969-47dd-97b7-ac24843823e1

#######################################################
TEST: queryResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7A32.B538.9B84.6CAD",
    "client_secret": "049aab5b-8992-4123-817e-a2abe90861bb",
    "registration_access_token": "ceb13e5b-acbf-45c1-8546-03b31d2283eb",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7A32.B538.9B84.6CAD",
    "client_id_issued_at": 1530862467,
    "client_secret_expires_at": 1530948867,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217A32.B538.9B84.6CAD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eedd70df-0b5b-4b6e-8348-3f53b60ea28d&response_mode=query&nonce=c1c5097e-c0a6-492c-95c7-305a94d51efb
03:34:50.008 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:9ce7aae4-ec05-4373-a3ba-4fc029fedb08
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217A32.B538.9B84.6CAD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eedd70df-0b5b-4b6e-8348-3f53b60ea28d&response_mode=query&nonce=c1c5097e-c0a6-492c-95c7-305a94d51efb

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=b8761e43-2c4e-43b3-ab25-dd5d631cfac1&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3QTMyLkI1MzguOUI4NC42Q0FEIiwiZXhwIjoxNTMwODY2MDY4LCJpYXQiOjE1MzA4NjI0NjgsIm5vbmNlIjoiYzFjNTA5N2UtYzBhNi00OTJjLTk1YzctMzA1YTk0ZDUxZWZiIiwiYXV0aF90aW1lIjoxNTMwODYyNDY4LCJjX2hhc2giOiJjMHdrQVRXYlhQODRfcVBGQVJlVVpnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMmNLbGtDTVlfbG5KdEN4Rlo4Qk5mc3h0S1BZSEJqS00wakJUelJHaF9DRSJ9.sIU5hehYjZh29iDlnr4-swr8xbOQhKAn7MXBVf7rF4xX1Sd9gKJKD0roFlyCSwx8b8HnvLyqTKnMoXIGjGmx3Nu_G-unXH9_Ps3ptu3IO2cujEye2tX20XjHbUSu54P_wBRKwtrrq92c1s6xCEWO-aO0qb0p68ZpjADP6-4Gw7_bZ23NUrUbNjn4aZs8-IazNs8cDZuCssZVipj9vXAYE0MOuJ9ahIWex50fkBqIRCzSyt3vXSQ_Me-clrrP_qSqcnbCKk7OoNttHfUJSYRJZa50b-1EJfDIPb8ZHgv3C47oyBG6zNsRC4n1XSibB0HLLcjjA9SarRJVZgL17Kr6EA&session_id=48c702d9-de2b-4b49-978e-45b3cb7cd7f5&state=eedd70df-0b5b-4b6e-8348-3f53b60ea28d&session_state=9ce7aae4-ec05-4373-a3ba-4fc029fedb08

#######################################################
TEST: queryResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!71BC.1EE3.B601.A9DD",
    "client_secret": "573be103-de9e-49a7-9f88-4abbd9beab4f",
    "registration_access_token": "4c0a6bcb-ffd6-472f-995e-0eb0c525e347",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!71BC.1EE3.B601.A9DD",
    "client_id_issued_at": 1530862469,
    "client_secret_expires_at": 1530948869,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2171BC.1EE3.B601.A9DD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=644241c3-2941-42cd-9537-4797fd955d79&response_mode=query&nonce=f3373d90-515b-428f-8cdb-97224d35a526
03:34:51.116 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:9b3fe5a7-f2f0-40af-bf76-1c958a6b2196
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2171BC.1EE3.B601.A9DD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=644241c3-2941-42cd-9537-4797fd955d79&response_mode=query&nonce=f3373d90-515b-428f-8cdb-97224d35a526

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=70403c20-b208-49ba-85f3-8b8c347f90fb&code=7edc6ffd-77d2-484c-a4d6-64fc4680ffb3&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3MUJDLjFFRTMuQjYwMS5BOUREIiwiZXhwIjoxNTMwODY2MDY5LCJpYXQiOjE1MzA4NjI0NjksIm5vbmNlIjoiZjMzNzNkOTAtNTE1Yi00MjhmLThjZGItOTcyMjRkMzVhNTI2IiwiYXV0aF90aW1lIjoxNTMwODYyNDY5LCJjX2hhc2giOiJoV0RnUkd6UU1sMXRxVE1VZ05iM2FBIiwiYXRfaGFzaCI6ImJsdzNMeHpEcHNTcWZ1VGZTam9HS3ciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJlVjhoOEx5d1JmVktTeXRRMHJNNmVOZEk5QW1ma3NzMjROSVd3OXlBMjV3In0.CafCIOAaPOJCEtY-WtkTTtJ9wgcYXiPll_UAnyuOLrJ2GiYAUpecx2djylgTiHzeiPRQbE-mDb00RSp4hqf7sy__IrtUb6VCXcVkuja_XK5ZUYMbHnQjfunaXNf0b5tu9EnbxnzJOlDpdAKTWGMavsbrCCjIQxMuNxasASVSkpAaRf8yFxipwzE-Cp_-eAeNfb8uCF33mwDJu6DsLZHYnwNcgNr9b3y1Hkn7wD0VC8OxESI9hf_qaUQKT5jKY_A3Z39w8UZ3gpyq_tUkQKPV410OI-iIgo1wv1g2Y-3RG0UZTkkOIZpiKVGHveGOWCzozEuOIpKqym8xIm3NtXfpPQ&session_id=7b4c0087-8711-45e2-b3f1-62e1536d504a&state=644241c3-2941-42cd-9537-4797fd955d79&token_type=bearer&session_state=9b3fe5a7-f2f0-40af-bf76-1c958a6b2196&expires_in=299

#######################################################
TEST: queryResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!15A7.C58F.C4D8.87D4",
    "client_secret": "9c64d483-49e9-4857-80cd-a38f5058f17a",
    "registration_access_token": "0ecdc3de-f026-4f1a-aa40-cf194c2d91c8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!15A7.C58F.C4D8.87D4",
    "client_id_issued_at": 1530862470,
    "client_secret_expires_at": 1530948870,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2115A7.C58F.C4D8.87D4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1292de0f-a4a2-4433-b113-246ae726cd43&response_mode=query&nonce=79308fd5-6b27-43e8-b7da-5cc465929d0d
03:34:52.226 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:7866de97-dc1e-4272-b71f-74eafcc8512d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2115A7.C58F.C4D8.87D4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1292de0f-a4a2-4433-b113-246ae726cd43&response_mode=query&nonce=79308fd5-6b27-43e8-b7da-5cc465929d0d

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=5e6c39d4-78d5-49c2-9200-a0d21aa5a2a1&code=df870b91-0f4b-4799-8cf4-112a3c205cfb&scope=address+openid+profile+email&session_id=efba1126-4bef-4bf2-9000-f7c18eeee791&state=1292de0f-a4a2-4433-b113-246ae726cd43&token_type=bearer&session_state=7866de97-dc1e-4272-b71f-74eafcc8512d&expires_in=299

#######################################################
TEST: queryResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:31 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8BFA.3250.5E61.7082",
    "client_secret": "707cd8ee-0619-428b-aa6f-a9d6b6adf99d",
    "registration_access_token": "a4a0de81-5a98-4cd7-9a73-b55827480e9f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8BFA.3250.5E61.7082",
    "client_id_issued_at": 1530862471,
    "client_secret_expires_at": 1530948871,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218BFA.3250.5E61.7082&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e53595cd-4602-42c4-903d-4fe037c0713e&response_mode=query&nonce=b22feb13-20f6-417f-8161-9ece30881ef0
03:34:53.359 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:49235d22-f8af-4e43-8e59-0483c865ca6f
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218BFA.3250.5E61.7082&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e53595cd-4602-42c4-903d-4fe037c0713e&response_mode=query&nonce=b22feb13-20f6-417f-8161-9ece30881ef0

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4QkZBLjMyNTAuNUU2MS43MDgyIiwiZXhwIjoxNTMwODY2MDcyLCJpYXQiOjE1MzA4NjI0NzIsIm5vbmNlIjoiYjIyZmViMTMtMjBmNi00MTdmLTgxNjEtOWVjZTMwODgxZWYwIiwiYXV0aF90aW1lIjoxNTMwODYyNDcyLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiItWDhkQ1FGaWlXTU8wWkJPdlN1azVtZEc3dmQxZWNscGItTXpDM0Vjdm9rIn0.Tf9OZ9TDK6bYJfTmYfm4GfRRZBdaLmc0oGlzCIP7RJ3lK0g6qSOCOWId5HNQzk-b138jpNr1AcDGxSUxYVCtpqY6UrLlbLz0t_WYNmmChvn4gRi1_C5l1dE90bei_0TcQgDwp9doLIxJjlU9vDi4yMouBM4HYAg3L7BLo3j72pO4iKRgZW445xpJXHkW12KuFapBaqEqiDqBvkSlo0HlrDUGVztPFd3JpJncSRPsIqF6jT-Z_v1JUOO1HqWpL3d4FveFP6PGRJAStLIYfMDktTxRhX1lDFx32OmbN5xUYRuN6I3NCDYhOOz0_RfnOzfTbHtQUc-aNK6-5j061_-gsw&session_id=08c066e1-107d-4403-a59d-30786921780c&state=e53595cd-4602-42c4-903d-4fe037c0713e&session_state=49235d22-f8af-4e43-8e59-0483c865ca6f

#######################################################
TEST: queryResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:32 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0572.28A2.8EFE.3C3B",
    "client_secret": "6f44ba8d-f2c8-42ce-9ae6-f6e755b3b75b",
    "registration_access_token": "e1e37848-a741-4913-b49c-454f68c15650",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0572.28A2.8EFE.3C3B",
    "client_id_issued_at": 1530862472,
    "client_secret_expires_at": 1530948872,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210572.28A2.8EFE.3C3B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=70505ae3-1e70-417a-bd7e-6f1c24348d61&response_mode=query&nonce=1e1b3dbb-163b-4bba-a759-8557882c4e78
03:34:54.496 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ddc19b5b-94c4-4372-bd83-69cbc7de81ba
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210572.28A2.8EFE.3C3B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=70505ae3-1e70-417a-bd7e-6f1c24348d61&response_mode=query&nonce=1e1b3dbb-163b-4bba-a759-8557882c4e78

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=054f1046-fdde-44a6-8c73-39b55fe5076a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwNTcyLjI4QTIuOEVGRS4zQzNCIiwiZXhwIjoxNTMwODY2MDczLCJpYXQiOjE1MzA4NjI0NzMsIm5vbmNlIjoiMWUxYjNkYmItMTYzYi00YmJhLWE3NTktODU1Nzg4MmM0ZTc4IiwiYXV0aF90aW1lIjoxNTMwODYyNDczLCJhdF9oYXNoIjoiNExDWkR3c1Q2RF9lQVJqMmRZVlkxZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Imo2M2F2VTdwX0pJNkdheUxwTTU5TzJwX0Y2bG1BR01GcjNJZlVNVlZfTzQifQ.V5RSLv7x_Dl4l1wACw-4vLfPshC4QhxrtRbNU_2mlca7_KUHkNHo4__kK8OFrO1OqCfQlvxm0M8EG8x_gy1_dfx6Va5L5M69E92Mliti0Qdr4gHek_DyLk3YVLebP23UslTQFxBaFAiquQ7JxMnZD_fBvqbAP6WgLfgymgB2YYnnRl5jlYArFHT8nRfy-0wDLwREpRdgBlCmXyX4-dQhVnrGH49Qxav1WEaoC8GWdW5O5dDiL4rgHxP8kbdshBIanPPb5OUazGCTxhE88Lc-hiuQhrAQM5g4pQUx_Wg6mEFHSiPQ65qCsC5s5COOMjOWxTSwPqxPdWLdOTEfuCs_Fg&session_id=7559c723-15ac-4f98-9fa9-054212102393&state=70505ae3-1e70-417a-bd7e-6f1c24348d61&token_type=bearer&session_state=ddc19b5b-94c4-4372-bd83-69cbc7de81ba&expires_in=299

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:34:33 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:33 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: requestAuthorizationAccessToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C36.4701.3C62.AAA8",
    "client_secret": "3f21bec8-937c-4a57-8f58-985087a123b4",
    "registration_access_token": "4ae7b967-7376-44ff-a163-d833fba4cfc6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C36.4701.3C62.AAA8",
    "client_id_issued_at": 1530862473,
    "client_secret_expires_at": 1530948873,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 4ae7b967-7376-44ff-a163-d833fba4cfc6

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C36.4701.3C62.AAA8",
    "client_secret": "3f21bec8-937c-4a57-8f58-985087a123b4",
    "registration_access_token": "4ae7b967-7376-44ff-a163-d833fba4cfc6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C36.4701.3C62.AAA8",
    "client_id_issued_at": 1530862473,
    "client_secret_expires_at": 1530948873,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211C36.4701.3C62.AAA8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1738f241-1ba6-4a70-9af5-50cb0b807453&nonce=b1f3f4d8-2923-48fc-89df-77792316ace4
03:34:55.787 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d1da1898-4964-4f96-b962-c6d72294d030
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211C36.4701.3C62.AAA8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1738f241-1ba6-4a70-9af5-50cb0b807453&nonce=b1f3f4d8-2923-48fc-89df-77792316ace4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=2746d48a-940d-40ea-90a4-6b04e12d4cbe&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQzM2LjQ3MDEuM0M2Mi5BQUE4IiwiZXhwIjoxNTMwODY2MDc0LCJpYXQiOjE1MzA4NjI0NzQsIm5vbmNlIjoiYjFmM2Y0ZDgtMjkyMy00OGZjLTg5ZGYtNzc3OTIzMTZhY2U0IiwiYXV0aF90aW1lIjoxNTMwODYyNDc0LCJhdF9oYXNoIjoiU3JOX3FkaTN6b3JwckhCamIwVWduZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjNQYXZyaFdJOFd0NXVIN092cWlpenF5WTdOTnFuN3NHemROcm9zbzVvSXMifQ.MxF0P1hm4p2kk6eg-A8T0Xpz1ZDuR31B5IsC8CFOtVN5Vu2ts0FWjRWN2y2urSlZ47U9YKbZQqk1fBTueJK_Ux-RoFydllepIvJNwr3skk5Xo6ZuSTfxnI2y0a-xeQsz_q75_1p8pfNffTWxyjDJWfYUPKjO6BqHwpgFC42tgT_nCGIynPFezPsEMZ0Q490ypWNvzApoRRD1KDmz3EdLuPiivuZPs79VOthabEncTdvLtGpaF-lt6NexVPrYCaSMpJC7w51tDnw7bhYPp7aUWLTsibqXBBieRzSd9fFYv0LdVLOmm41Ep7QYTDiARfLPvtqgcBoFOQ9EulRVHRF6tA&session_id=4bfa50bd-3ec8-4c60-b094-b91143f86f9a&state=1738f241-1ba6-4a70-9af5-50cb0b807453&token_type=bearer&session_state=d1da1898-4964-4f96-b962-c6d72294d030&expires_in=299

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211C36.4701.3C62.AAA8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=25063d1d-fd49-4b86-b1a6-413f95089376&nonce=3e1ea6ce-d1d4-45c2-a2c2-b6e9c5d67c0d&prompt=none&access_token=2746d48a-940d-40ea-90a4-6b04e12d4cbe

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:34:34 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=d0fb6f1a-b18b-405a-a85a-27468f757f3a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQzM2LjQ3MDEuM0M2Mi5BQUE4IiwiZXhwIjoxNTMwODY2MDc0LCJpYXQiOjE1MzA4NjI0NzQsIm5vbmNlIjoiM2UxZWE2Y2UtZDFkNC00NWMyLWEyYzItYjZlOWM1ZDY3YzBkIiwiYXV0aF90aW1lIjoxNTMwODYyNDc0LCJjX2hhc2giOiJIU3ZmbjRQRndxcXJlaU4yMzlFdlJBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiM1BhdnJoV0k4V3Q1dUg3T3ZxaWl6cXlZN05OcW43c0d6ZE5yb3NvNW9JcyJ9.CKyk4ka2Awdh7PBGESY5WkB7TSHfatHquHaxHkwLS98byYm1uYXzmitkamIsQNLmhmUj-I_8VjIBO164RZvAyOhCa8jcbr8T067TkdbEJ7z3yFdZHxJAIZr3FA6uaKb1PCitDLOUBEeWH2FVYHwOh6rBtmlOL0Pyr4edr9NAd7lkxMZTq0pEiCOBf_H5BtMZnCHWk2S6KFLH_3rXSiQjmDyzzpbpzMBnep-XSMGn7yVJ-RdTMFRR8T7maDCv4RjxauZp8EfMFKogdOLjgXzOByAPXNuSoewLzc65qXWToddO6rpGq6k0g8-YoDpfaZ49AUNneA_ygaZTYMSfzqy0EA&session_id=87be6c19-6337-408d-ae61-2df65221279f&state=25063d1d-fd49-4b86-b1a6-413f95089376&session_state=a296111a-5ea7-4874-859b-51619be63f0a
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMUMzNi40NzAxLjNDNjIuQUFBODozZjIxYmVjOC05MzdjLTRhNTctOGY1OC05ODUwODdhMTIzYjQ=

grant_type=authorization_code&code=d0fb6f1a-b18b-405a-a85a-27468f757f3a&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"f4251191-8f12-47fc-942c-97ac9b838e64","token_type":"bearer","expires_in":299,"refresh_token":"43c7ff84-ef05-453e-8b40-9170d14f032d","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQzM2LjQ3MDEuM0M2Mi5BQUE4IiwiZXhwIjoxNTMwODY2MDc0LCJpYXQiOjE1MzA4NjI0NzQsIm5vbmNlIjoiM2UxZWE2Y2UtZDFkNC00NWMyLWEyYzItYjZlOWM1ZDY3YzBkIiwiYXV0aF90aW1lIjoxNTMwODYyNDc0LCJhdF9oYXNoIjoiNm5KbnpubDFfa2xxNjVaR3hZaHhwZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjNQYXZyaFdJOFd0NXVIN092cWlpenF5WTdOTnFuN3NHemROcm9zbzVvSXMifQ.b31yhEkCXreCrlH6ZelVL7tVaMFWU0bu2F_lrbmhQWd7A-zy-DFsSkX5tbPLvVZOssrjLl9pm0FL381kChR2t0za3qppuuiyTn_bNM7Ogzi12UrjMJhk2_vxXieycKPU24s5QhO6_q8_zpoiPMWSlFuwu9cdOrf4WDkIoLkKdYujlrrG8IG8iyqYcQQCi3mnNWLwqOQOzvDo_551P2OBo5i2tb7Tk3HAhUGwxSN-qawuFw2AY5hA_NamaYhravc2sFgG7ZsfGpG-dnuEM2URaSbFUKv_u1tvexs276h0O68596zbHNq-IAPxK04as60Ku__I5M-QWQ6yY_sfqa5RUA"}

#######################################################
TEST: requestAuthorizationAccessTokenFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CBFC.EBE8.E50F.34C6",
    "client_secret": "5a69680a-7fc6-4eb4-801d-dd23ce7fe66f",
    "registration_access_token": "822aaea2-0840-4eca-b842-0da88e1476e9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CBFC.EBE8.E50F.34C6",
    "client_id_issued_at": 1530862475,
    "client_secret_expires_at": 1530948875,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 822aaea2-0840-4eca-b842-0da88e1476e9

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CBFC.EBE8.E50F.34C6",
    "client_secret": "5a69680a-7fc6-4eb4-801d-dd23ce7fe66f",
    "registration_access_token": "822aaea2-0840-4eca-b842-0da88e1476e9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CBFC.EBE8.E50F.34C6",
    "client_id_issued_at": 1530862475,
    "client_secret_expires_at": 1530948875,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CBFC.EBE8.E50F.34C6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0278e2b1-0a86-4791-9d37-3353901ed881&prompt=none&access_token=INVALID_ACCESS_TOKEN

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:34:35 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=0278e2b1-0a86-4791-9d37-3353901ed881&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationAccessTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BE92.591D.00AA.A06B",
    "client_secret": "b033374b-bbaa-4b6e-ac49-7f1ad020412a",
    "registration_access_token": "9f4c1cd6-fe06-4a0a-84c9-b7c2382337ce",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BE92.591D.00AA.A06B",
    "client_id_issued_at": 1530862475,
    "client_secret_expires_at": 1530948875,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 9f4c1cd6-fe06-4a0a-84c9-b7c2382337ce

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:35 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BE92.591D.00AA.A06B",
    "client_secret": "b033374b-bbaa-4b6e-ac49-7f1ad020412a",
    "registration_access_token": "9f4c1cd6-fe06-4a0a-84c9-b7c2382337ce",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BE92.591D.00AA.A06B",
    "client_id_issued_at": 1530862475,
    "client_secret_expires_at": 1530948875,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BE92.591D.00AA.A06B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=320b8def-92be-46d8-9648-b16183993a33&nonce=09ee1061-792b-47a9-b90f-88c96a5079a2
03:34:57.469 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3858483c-d15e-4981-b83f-decf5368761d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BE92.591D.00AA.A06B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=320b8def-92be-46d8-9648-b16183993a33&nonce=09ee1061-792b-47a9-b90f-88c96a5079a2

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=9e6b6091-226e-48db-869c-f1c3e799d684&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCRTkyLjU5MUQuMDBBQS5BMDZCIiwiZXhwIjoxNTMwODY2MDc2LCJpYXQiOjE1MzA4NjI0NzYsIm5vbmNlIjoiMDllZTEwNjEtNzkyYi00N2E5LWI5MGYtODhjOTZhNTA3OWEyIiwiYXV0aF90aW1lIjoxNTMwODYyNDc2LCJhdF9oYXNoIjoiZ1VNWjdVUGFsRzRDVjZDMGYzZGlndyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjNOMDkyRGEtNFhha1A5bEoxaUd4TzN0RnJ1aVRmVmE1cG45OGE5QW82ZGMifQ.SP0KRLtKYRPhIDDSMvD0WaGZM2-ub5YdF3HMEF0fhSjJnoXr8XtQAqbQwV1vXxsjRYEIwKeUF3MN6JQ0Mj6hOIlX6_PTKTGPwszFVFEZYKKniK2SH96aMYj6TrCDSmuSw9bhpoePIJq89lYLuNvMFg-MX0vQRWZ0HnBtc5Np5oJoaPweoeYvC0C4FW6_S0Q9uVc_KSBIlgK-gTCK2p1JPq9ScTE4lsHRRMYkZ3R4prBzfvdzuT1evnv7t0MmtM5l6dZgqMGeU4vCEW2iInf6ss_mwXuv9Nr1e2aXb1_pgnCwFtM6S--MXkzaO-9lhcfoqxJq8Tl1c2C_NM6N3puxvw&session_id=014fe37b-b5e3-4937-abb3-08153abf5eca&state=320b8def-92be-46d8-9648-b16183993a33&token_type=bearer&session_state=3858483c-d15e-4981-b83f-decf5368761d&expires_in=299

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BE92.591D.00AA.A06B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5c207412-0bd1-4b28-b90c-a109542c7e04&nonce=199bf212-6fcc-43c5-94b2-36b4fe1cb51f&prompt=none&access_token=9e6b6091-226e-48db-869c-f1c3e799d684

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:34:36 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=22efef85-357d-4c0b-9b2f-969d72fbbaf7&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCRTkyLjU5MUQuMDBBQS5BMDZCIiwiZXhwIjoxNTMwODY2MDc2LCJpYXQiOjE1MzA4NjI0NzYsIm5vbmNlIjoiMTk5YmYyMTItNmZjYy00M2M1LTk0YjItMzZiNGZlMWNiNTFmIiwiYXV0aF90aW1lIjoxNTMwODYyNDc2LCJjX2hhc2giOiJEbjBySWFtUmhfMVZpSk9TMXZpTXR3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiM04wOTJEYS00WGFrUDlsSjFpR3hPM3RGcnVpVGZWYTVwbjk4YTlBbzZkYyJ9.XvXEYExpbBCWqV_9GF1A8esndyF_nX9Kt_hfHvePrx-n9yWqADHg9IHQ01OFxb_MFVW7ld--mqrlnVEtWTX8tvIE8NSBkzcvf9oZOoK9Ot9r8oHhKDrj6Fj72GoHAtzAQiVv-RFOYsoe1A9AT-r1ozt8tUWMZ8unf9PMQ59KAlLC5JlnuAnWPlxtNo9wdiYAahiaghJvbYwZRj-hLIJsl9uOLI86Mt4efrQoj4J5g6fGIlzbtDsuMBlEfbBfIkefpbl_bCZ1qaFbtGDzaBdf6LW_BotmYdxekA5EeN1XdwmAZRS-1fue49g9OijydcPcGEOiM9ZfG_gSLrwpY4yVgw&session_id=6516c445-ff79-47dc-8082-01a0b2db40c8&state=5c207412-0bd1-4b28-b90c-a109542c7e04&session_state=37a636d3-3538-4094-87e6-a22bb3513bd2
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQkU5Mi41OTFELjAwQUEuQTA2QjpiMDMzMzc0Yi1iYmFhLTRiNmUtYWM0OS03ZjFhZDAyMDQxMmE=

grant_type=authorization_code&code=22efef85-357d-4c0b-9b2f-969d72fbbaf7&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"04f91b03-52ad-4254-a759-021865643b20","token_type":"bearer","expires_in":299,"refresh_token":"1b55d208-31d7-46d2-a743-a87977479613","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCRTkyLjU5MUQuMDBBQS5BMDZCIiwiZXhwIjoxNTMwODY2MDc2LCJpYXQiOjE1MzA4NjI0NzYsIm5vbmNlIjoiMTk5YmYyMTItNmZjYy00M2M1LTk0YjItMzZiNGZlMWNiNTFmIiwiYXV0aF90aW1lIjoxNTMwODYyNDc2LCJhdF9oYXNoIjoiMEdORVFaWVVzTTBzbzNWOGNTdkNrdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjNOMDkyRGEtNFhha1A5bEoxaUd4TzN0RnJ1aVRmVmE1cG45OGE5QW82ZGMifQ.Cyk_xezpdA0-fwYuU9z66C0mfj5ID_br3mTKjMFnMLEDuyrQU4fo463TSe_um-cKi92SknbMzqxy7nUBnHCfJtxZMv_UykTaEfsJbMAbOVZUycNph8WyUxe0m-MMb3OMNgKXsvADFnMBEi2cVHixwYtTELZWB1mcVCrY2IG576a6lOYLpoR7samDLaN5w-joqLd2jv80lKEoUelc2dk-KwXgar1B1q3RMLMn7VTMw8TZQ0vV9Kudk3HR-6mttKncWlTjRqjqCsk4FuahaatJ3IcOUNj1tKyu8cQnLa_FH4pZiJjPtVWaLimg9MJk2QojJ9VjQsuGFd5jzVYc0XnLuA"}

#######################################################
TEST: requestAuthorizationCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C177.E2BF.C959.481E",
    "client_secret": "773d3211-5974-48a9-b0f8-164cfeee5658",
    "registration_access_token": "270af402-8ce4-4baa-8edf-fcbe808ec5b4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C177.E2BF.C959.481E",
    "client_id_issued_at": 1530862476,
    "client_secret_expires_at": 1530948876,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 270af402-8ce4-4baa-8edf-fcbe808ec5b4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C177.E2BF.C959.481E",
    "client_secret": "773d3211-5974-48a9-b0f8-164cfeee5658",
    "registration_access_token": "270af402-8ce4-4baa-8edf-fcbe808ec5b4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C177.E2BF.C959.481E",
    "client_id_issued_at": 1530862476,
    "client_secret_expires_at": 1530948876,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C177.E2BF.C959.481E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0a31891e-5c58-4f96-8eb0-2b3005f1b004
03:34:58.891 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f2b144c2-cd76-42b9-bed0-273572102fce
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C177.E2BF.C959.481E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0a31891e-5c58-4f96-8eb0-2b3005f1b004

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=e8c26977-3a17-495c-b811-4abf80b0d187&scope=address+openid+profile+email&session_id=287a9b2f-389b-410d-bbe2-e0a661fb663c&state=0a31891e-5c58-4f96-8eb0-2b3005f1b004&session_state=f2b144c2-cd76-42b9-bed0-273572102fce

#######################################################
TEST: requestAuthorizationCodeFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 175
Content-Type: text/plain
Date: Fri, 06 Jul 2018 07:34:37 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed."}

#######################################################
TEST: requestAuthorizationCodeFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F902.19AD.665C.D043",
    "client_secret": "cdea9f9e-0450-4e6b-8444-b5e906aed884",
    "registration_access_token": "e2cf0032-4ca1-4594-8e9a-2d291e48b333",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F902.19AD.665C.D043",
    "client_id_issued_at": 1530862478,
    "client_secret_expires_at": 1530948878,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer e2cf0032-4ca1-4594-8e9a-2d291e48b333

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F902.19AD.665C.D043",
    "client_secret": "cdea9f9e-0450-4e6b-8444-b5e906aed884",
    "registration_access_token": "e2cf0032-4ca1-4594-8e9a-2d291e48b333",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F902.19AD.665C.D043",
    "client_id_issued_at": 1530862478,
    "client_secret_expires_at": 1530948878,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F902.19AD.665C.D043&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2FINVALID_REDIRECT_URI&state=6861a84b-3fe5-4c8e-afd3-63cbc01286e1&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 220
Content-Type: text/plain
Date: Fri, 06 Jul 2018 07:34:38 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"6861a84b-3fe5-4c8e-afd3-63cbc01286e1"}

#######################################################
TEST: requestAuthorizationCodeFail3
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code&client_id=%40%211111%210008%21INVALID_VALUE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=edabea1a-9d9f-4234-8fe2-e3ea2b8bc403

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 175
Content-Type: text/plain
Date: Fri, 06 Jul 2018 07:34:38 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"unauthorized_client","error_description":"The client is not authorized to request an access token using this method.","state":"edabea1a-9d9f-4234-8fe2-e3ea2b8bc403"}

#######################################################
TEST: requestAuthorizationCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ED48.7AE8.046F.4892",
    "client_secret": "3da9564a-4656-485d-bb45-bc05bb197f7f",
    "registration_access_token": "e6b82bbc-add6-4a7a-862c-4f5c5bdd5adb",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ED48.7AE8.046F.4892",
    "client_id_issued_at": 1530862478,
    "client_secret_expires_at": 1530948878,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer e6b82bbc-add6-4a7a-862c-4f5c5bdd5adb

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:38 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ED48.7AE8.046F.4892",
    "client_secret": "3da9564a-4656-485d-bb45-bc05bb197f7f",
    "registration_access_token": "e6b82bbc-add6-4a7a-862c-4f5c5bdd5adb",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ED48.7AE8.046F.4892",
    "client_id_issued_at": 1530862478,
    "client_secret_expires_at": 1530948878,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ED48.7AE8.046F.4892&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=785d4620-0c4e-4584-858e-fd7262102420&nonce=ff79743f-8d27-462a-b436-0ce79edf9399
03:35:00.570 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:8a326caa-04f2-4e55-94c5-ba516d587a09
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ED48.7AE8.046F.4892&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=785d4620-0c4e-4584-858e-fd7262102420&nonce=ff79743f-8d27-462a-b436-0ce79edf9399

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=8481cf20-9588-4e27-913d-07a999df6c99&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFRDQ4LjdBRTguMDQ2Ri40ODkyIiwiZXhwIjoxNTMwODY2MDgwLCJpYXQiOjE1MzA4NjI0ODAsIm5vbmNlIjoiZmY3OTc0M2YtOGQyNy00NjJhLWI0MzYtMGNlNzllZGY5Mzk5IiwiYXV0aF90aW1lIjoxNTMwODYyNDc5LCJjX2hhc2giOiJkd3A0djc2ZjFRcGZLclYyRklvOWxBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiRGJSeWhXU0xVaWt3anY2TzhiVGxNUkhuVTFyVXVwNXVFNEc5UENJSWdIVSJ9.IK80uOFlAXNONSvEpQ8EzlLpetmguTb53xMzl_DYkoqBVozVxHvQTXiLub4fhlPMx7kWc4pylV0xWVa5EDEY2TFJjo_8qdOS2UW_jfFvSoUcXjqw0oFQKASW0PFjK7QDaWKoy5z4UQ4E9MJ77QEI9ECPoUsb27m9FIe1wWxGLroRoDq7G2qhRW6tGf_ehHcY-iflXK7ExDU-qTDlJn0Q9GG2Wujuc01ITugkbNV5RA40yj5l0-EBIywCqasIcN7U52wLzyCRR27c-TQYLakkfhJgKTjumfton2wWIb8jtNwdKYLEIeZBDuDa4vYPw9Gbp3V9yxt7-4K10kOHb8AolA&session_id=fb670bd4-6ccc-4cde-a3ef-abe09a0ae1ed&state=785d4620-0c4e-4584-858e-fd7262102420&session_state=8a326caa-04f2-4e55-94c5-ba516d587a09

#######################################################
TEST: requestAuthorizationCodeIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:40 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!582D.03EF.BCDB.A773",
    "client_secret": "752c52dd-8ad3-4e19-89b1-4022010fd348",
    "registration_access_token": "21db3f8f-8b42-4b58-b364-66ac75f4c94b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!582D.03EF.BCDB.A773",
    "client_id_issued_at": 1530862480,
    "client_secret_expires_at": 1530948880,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 21db3f8f-8b42-4b58-b364-66ac75f4c94b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:40 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!582D.03EF.BCDB.A773",
    "client_secret": "752c52dd-8ad3-4e19-89b1-4022010fd348",
    "registration_access_token": "21db3f8f-8b42-4b58-b364-66ac75f4c94b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!582D.03EF.BCDB.A773",
    "client_id_issued_at": 1530862480,
    "client_secret_expires_at": 1530948880,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21582D.03EF.BCDB.A773&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b6f6489b-8a5a-4b18-95e8-bd1fad8b4275&nonce=357af3a9-cae0-4d22-b91e-693c89a74da1
03:35:02.458 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:5c970ddd-22d5-4171-a9fb-6695cf267bea
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21582D.03EF.BCDB.A773&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b6f6489b-8a5a-4b18-95e8-bd1fad8b4275&nonce=357af3a9-cae0-4d22-b91e-693c89a74da1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=6ff81dc8-c399-4306-b0c2-72f7b9f7c21e&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1ODJELjAzRUYuQkNEQi5BNzczIiwiZXhwIjoxNTMwODY2MDgxLCJpYXQiOjE1MzA4NjI0ODEsIm5vbmNlIjoiMzU3YWYzYTktY2FlMC00ZDIyLWI5MWUtNjkzYzg5YTc0ZGExIiwiYXV0aF90aW1lIjoxNTMwODYyNDgxLCJjX2hhc2giOiIxYXlhVWxta0ZJX0ZEajRsSzh6MXZ3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiUTc2LUlpeFFkRE1xMHh5bUdHVWlxc01UVWpER0Z3cVh0eFlzN0xIUkZnMCJ9.W09SBDa5xeewqXy_tg4XNjukg1zvemeV27klQkOVqD04PF_TpDQdtfPqHE0X3deSa6fQjgboA7z5zv61LNcHMMwbSYrHV0dHFVWU2Y73eyHPo1-dogNeoRe4AA26b2tQOXKtf476gpXqUAeocGa_npfInKHCjbRHVJUB7QKywqpztQLq0JUvavycTtsrlstcpCElZXgktAaTH2hHHaGaQjxa_cgKvvfNcn4Fi_PyVT7NFUe_22fU_w1rD204FPoI0JNiGAXgP2xGiU_T_1eJ1tXsbvwAKXGGkzrN3kxs2xPSqPNwJHOkwr7M3Nc2Gnseag4DKUYiqKfeMdOCQUnBYw&session_id=434b5b21-d3e7-4822-814d-dc72af5e898c&state=b6f6489b-8a5a-4b18-95e8-bd1fad8b4275&session_state=5c970ddd-22d5-4171-a9fb-6695cf267bea

#######################################################
TEST: requestAuthorizationCodeNoRedirection
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:41 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B92B.5021.8693.98C3",
    "client_secret": "2e2aa12f-45ae-4281-9788-407cdd991a4e",
    "registration_access_token": "d375f1fd-bcb1-489f-bd92-19fa8608a658",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B92B.5021.8693.98C3",
    "client_id_issued_at": 1530862481,
    "client_secret_expires_at": 1530948881,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer d375f1fd-bcb1-489f-bd92-19fa8608a658

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:41 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B92B.5021.8693.98C3",
    "client_secret": "2e2aa12f-45ae-4281-9788-407cdd991a4e",
    "registration_access_token": "d375f1fd-bcb1-489f-bd92-19fa8608a658",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B92B.5021.8693.98C3",
    "client_id_issued_at": 1530862481,
    "client_secret_expires_at": 1530948881,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B92B.5021.8693.98C3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=16242eac-7b5c-4333-b200-5d20ac23961a
03:35:04.036 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:dba8c8a6-f9ba-41a9-82cb-394f7394a606
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B92B.5021.8693.98C3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=16242eac-7b5c-4333-b200-5d20ac23961a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=b82fecea-8ded-47a9-b03d-015ecf9439db&scope=address+openid+profile+email&session_id=2c9217e0-09c3-4a23-be06-b37de455571f&state=16242eac-7b5c-4333-b200-5d20ac23961a&session_state=dba8c8a6-f9ba-41a9-82cb-394f7394a606

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
X-Gluu-NoRedirect: true

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B92B.5021.8693.98C3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=16242eac-7b5c-4333-b200-5d20ac23961a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------


#######################################################
TEST: requestAuthorizationCodeUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:43 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0097.8541.917A.E340",
    "client_secret": "180c5284-ed2b-425c-9ece-5c5458f3c717",
    "registration_access_token": "1dfe6f34-0ea3-4b0e-8f77-a3c8c1f7ca3a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0097.8541.917A.E340",
    "client_id_issued_at": 1530862483,
    "client_secret_expires_at": 1530948883,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 1dfe6f34-0ea3-4b0e-8f77-a3c8c1f7ca3a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:43 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0097.8541.917A.E340",
    "client_secret": "180c5284-ed2b-425c-9ece-5c5458f3c717",
    "registration_access_token": "1dfe6f34-0ea3-4b0e-8f77-a3c8c1f7ca3a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0097.8541.917A.E340",
    "client_id_issued_at": 1530862483,
    "client_secret_expires_at": 1530948883,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210097.8541.917A.E340&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cef54cdf-a181-4b92-8e01-9ce11c61b550
03:35:05.329 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b7c11cf4-78ff-4e20-ae84-e49219b0a143
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210097.8541.917A.E340&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cef54cdf-a181-4b92-8e01-9ce11c61b550

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=7effd3f2-82e6-4de8-a62f-6c916c5c6eb7&scope=address+openid+profile+email&session_id=cff922e2-4f91-4208-b4a8-6cd22d2eb2ea&state=cef54cdf-a181-4b92-8e01-9ce11c61b550&session_state=b7c11cf4-78ff-4e20-ae84-e49219b0a143

#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUri
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "application_type": "web",
    "client_name": "oxAuth test app"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1082
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0848.256A.BE0E.DC3D",
    "client_secret": "89554e03-eedc-44f8-bee0-53599bc22f0d",
    "registration_access_token": "093fc0e7-9bf6-478e-b1fe-a1bb223c0958",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0848.256A.BE0E.DC3D",
    "client_id_issued_at": 1530862484,
    "client_secret_expires_at": 1530948884,
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210848.256A.BE0E.DC3D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=732095c6-b2c3-4f0b-b072-e8ac29353d75
03:35:06.334 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ff043015-5a7c-4ab4-8bfe-37f06b162b1b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210848.256A.BE0E.DC3D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=732095c6-b2c3-4f0b-b072-e8ac29353d75

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=b0f965e5-7ade-40e3-87ab-d1b834c36a87&scope=address+openid+profile+email&session_id=9b2aead3-5b0e-40b8-8632-be0dfd799b7a&state=732095c6-b2c3-4f0b-b072-e8ac29353d75&session_state=ff043015-5a7c-4ab4-8bfe-37f06b162b1b

#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUriFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6D7E.455E.E382.0D62",
    "client_secret": "ecd13faf-1d4f-4c67-9386-188ee126cf5f",
    "registration_access_token": "e107fa5f-f2f1-4986-80db-c04f01517b95",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6D7E.455E.E382.0D62",
    "client_id_issued_at": 1530862485,
    "client_secret_expires_at": 1530948885,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216D7E.455E.E382.0D62&scope=openid+profile+address+email&state=5ebae322-6a05-4367-bcff-139b173030f2&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 220
Content-Type: text/plain
Date: Fri, 06 Jul 2018 07:34:45 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"5ebae322-6a05-4367-bcff-139b173030f2"}

#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUriUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1080
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!70AA.F6CD.8025.8DFA",
    "client_secret": "917d4a1a-697c-453e-bd46-963c37f84589",
    "registration_access_token": "e5a4dbed-c07f-4674-916a-94264ba48d7b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!70AA.F6CD.8025.8DFA",
    "client_id_issued_at": 1530862485,
    "client_secret_expires_at": 1530948885,
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2170AA.F6CD.8025.8DFA&scope=openid+profile+address+email&state=36bd5dd3-6b25-4488-87db-6f87e1aeaac2&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:34:45 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=682a8130-7000-47c3-9bee-658e228f4aab&scope=address+openid+profile+email&session_id=3e0e3ab8-f862-475c-a391-2584c78a3516&state=36bd5dd3-6b25-4488-87db-6f87e1aeaac2&session_state=16968046-bcc8-44cd-b4f0-eb4f43215d2a
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationDenyAccessThenGrantAccess
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8143.CC82.33A8.5540",
    "client_secret": "380a8218-664d-4223-9028-ccae3d904c97",
    "registration_access_token": "cedc034c-23b3-49fc-ba00-b1bd45c1cdba",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8143.CC82.33A8.5540",
    "client_id_issued_at": 1530862485,
    "client_secret_expires_at": 1530948885,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218143.CC82.33A8.5540&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=59e1c420-db4c-4fd3-b61b-328715e0746a
03:35:07.820 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndDenyAccess: sessionId:9468c083-5af9-40d0-98dc-5ea9455dd94e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218143.CC82.33A8.5540&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=59e1c420-db4c-4fd3-b61b-328715e0746a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=59e1c420-db4c-4fd3-b61b-328715e0746a

authorizationRequestAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218143.CC82.33A8.5540&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5f73b867-7930-4919-8bfa-3296caadbb52&session_id=9468c083-5af9-40d0-98dc-5ea9455dd94e
authorizationRequestAndDenyAccess: sessionState:null
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218143.CC82.33A8.5540&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5f73b867-7930-4919-8bfa-3296caadbb52&session_id=9468c083-5af9-40d0-98dc-5ea9455dd94e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=5f73b867-7930-4919-8bfa-3296caadbb52

authorizationRequestAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218143.CC82.33A8.5540&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=35599300-e2d9-4105-87dd-b3c97a729aec&session_id=9468c083-5af9-40d0-98dc-5ea9455dd94e
authorizationRequestAndGrantAccess: sessionState:cb21329d-f84e-49bb-b3a9-f23eacdc4311
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218143.CC82.33A8.5540&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=35599300-e2d9-4105-87dd-b3c97a729aec&session_id=9468c083-5af9-40d0-98dc-5ea9455dd94e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=8cea4c6a-813d-48cd-b9f3-fbded36f4a6f&scope=address+openid+profile+email&session_id=9468c083-5af9-40d0-98dc-5ea9455dd94e&state=35599300-e2d9-4105-87dd-b3c97a729aec&session_state=cb21329d-f84e-49bb-b3a9-f23eacdc4311

#######################################################
TEST: requestAuthorizationForOpenIdScopeAndPairwiseId
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EC5C.A312.B16E.DB31",
    "client_secret": "21b9f0e4-bea1-45c3-9243-acc52209d779",
    "registration_access_token": "697085ca-53c2-44a8-9841-d6701129a80b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EC5C.A312.B16E.DB31",
    "client_id_issued_at": 1530862487,
    "client_secret_expires_at": 1530948887,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 697085ca-53c2-44a8-9841-d6701129a80b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EC5C.A312.B16E.DB31",
    "client_secret": "21b9f0e4-bea1-45c3-9243-acc52209d779",
    "registration_access_token": "697085ca-53c2-44a8-9841-d6701129a80b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EC5C.A312.B16E.DB31",
    "client_id_issued_at": 1530862487,
    "client_secret_expires_at": 1530948887,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwner: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EC5C.A312.B16E.DB31&scope=openid&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=801ff5c6-c230-42cb-92ca-236c23ea32a2
03:35:09.866 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwner: sessionState:d2043188-d51b-4633-bc16-031798ec104a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EC5C.A312.B16E.DB31&scope=openid&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=801ff5c6-c230-42cb-92ca-236c23ea32a2

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth/authorize?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=801ff5c6-c230-42cb-92ca-236c23ea32a2&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EC5C.A312.B16E.DB31

#######################################################
TEST: requestAuthorizationIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1CC7.EC15.964D.D286",
    "client_secret": "ee0914ef-cdb1-4a15-a63d-3b43e36983c9",
    "registration_access_token": "c4f1c5d9-164d-4cc0-ad09-d687d57092d2",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1CC7.EC15.964D.D286",
    "client_id_issued_at": 1530862488,
    "client_secret_expires_at": 1530948888,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer c4f1c5d9-164d-4cc0-ad09-d687d57092d2

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:49 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1CC7.EC15.964D.D286",
    "client_secret": "ee0914ef-cdb1-4a15-a63d-3b43e36983c9",
    "registration_access_token": "c4f1c5d9-164d-4cc0-ad09-d687d57092d2",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1CC7.EC15.964D.D286",
    "client_id_issued_at": 1530862488,
    "client_secret_expires_at": 1530948888,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211CC7.EC15.964D.D286&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b7df8ce8-9031-4f43-8431-0dbf4b02cfa3&nonce=983e6324-379c-4f38-930c-3264251b88d3
03:35:11.155 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ff896925-648b-4ff2-af07-1cbae9b55733
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211CC7.EC15.964D.D286&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b7df8ce8-9031-4f43-8431-0dbf4b02cfa3&nonce=983e6324-379c-4f38-930c-3264251b88d3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQ0M3LkVDMTUuOTY0RC5EMjg2IiwiZXhwIjoxNTMwODY2MDkwLCJpYXQiOjE1MzA4NjI0OTAsIm5vbmNlIjoiOTgzZTYzMjQtMzc5Yy00ZjM4LTkzMGMtMzI2NDI1MWI4OGQzIiwiYXV0aF90aW1lIjoxNTMwODYyNDg5LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJqNWsxanZpS25ibk92UlpCRVZKMEM2VDFQVTBpZjZtd0UwT3VYQl9xcEs0In0.Y8Tvtk_VWbvJoBUAznY0bJf3UUKsPVD63iRXhBL25xx2CBbiykBnJVRG8p7nD83WNu_oL7iD6kyDLeUosov1e27G8IdYewNav3sUootMBpxMD6ALX7SQbAs_Rufu0tdD7idBDJQtZQ3gQtaytSOtW6U-RtTGcB9m8oJRtfOyxaNI6lqrgw4dTore-HNriK2dLgYltc5zuFns2eydFHkc4V83uY5sbuTj4op4zLacGVs-AO5ScHiZtSoZRJFLKJdoxDrYBzqyY64mLLKWn8JDS-EfuHFfYrBViUfzvQde6l6F017dGE8fgKUT_0LtqD0G5s7nSSEjnrZV5-wc6ewwvw&session_id=59b66484-174b-4066-963d-13ab4a0bdc53&state=b7df8ce8-9031-4f43-8431-0dbf4b02cfa3&session_state=ff896925-648b-4ff2-af07-1cbae9b55733

#######################################################
TEST: requestAuthorizationIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1D66.FD43.32EB.1BCE",
    "client_secret": "828e56c2-b528-4e17-a6c0-4d3fdd6d2124",
    "registration_access_token": "a6da1491-ae6b-4a01-b78b-b7c720ee57f5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1D66.FD43.32EB.1BCE",
    "client_id_issued_at": 1530862490,
    "client_secret_expires_at": 1530948890,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer a6da1491-ae6b-4a01-b78b-b7c720ee57f5

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1D66.FD43.32EB.1BCE",
    "client_secret": "828e56c2-b528-4e17-a6c0-4d3fdd6d2124",
    "registration_access_token": "a6da1491-ae6b-4a01-b78b-b7c720ee57f5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1D66.FD43.32EB.1BCE",
    "client_id_issued_at": 1530862490,
    "client_secret_expires_at": 1530948890,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211D66.FD43.32EB.1BCE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e0b703f7-3795-42cd-a174-fa7f78b4b0c0&nonce=ea54c776-0488-409b-a9d5-fc602ad02b59
03:35:12.385 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4da1a954-75e1-4f57-8414-51995808c6cc
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211D66.FD43.32EB.1BCE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e0b703f7-3795-42cd-a174-fa7f78b4b0c0&nonce=ea54c776-0488-409b-a9d5-fc602ad02b59

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExRDY2LkZENDMuMzJFQi4xQkNFIiwiZXhwIjoxNTMwODY2MDkxLCJpYXQiOjE1MzA4NjI0OTEsIm5vbmNlIjoiZWE1NGM3NzYtMDQ4OC00MDliLWE5ZDUtZmM2MDJhZDAyYjU5IiwiYXV0aF90aW1lIjoxNTMwODYyNDkxLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJlX0V6QXhYemxCLTBvX2tuRXY5LU9aelllaFZSOWlicTZ0Xy1sX1hXZ0E4In0.bSSUs5BjqhF60pWF3zQLc0IPPiG4seN07nj4muNciJX4wiyK6rMZkIh890SeIWbFgjZrrONPxjQNp6OxEIr2pG8-we9U8JSV-t_U6iZst0i1nBRKNWmnfaA_zmmVUfGeazz4hNxusDnJLI_tv2Peencagle0CD-tCiiBkHlsSX9syCjv7hhXaz5ODXSB_tdoPy3RIRYkHxsIQgPazRuhz-1v6EAYusdkyHGyRjXeBE_mrytqAv14W6mJ2Eb1sz2h43uGZa0qTxpU1A3ggNznj2vIdLSdUbLuq0SrAyeb00rnIUT0ABZhV72jX-euf9VSyAsfgUa_fFsl9L2fOh8Uuw&session_id=28827243-c26f-4c33-b34e-76f7d0f4e9dd&state=e0b703f7-3795-42cd-a174-fa7f78b4b0c0&session_state=4da1a954-75e1-4f57-8414-51995808c6cc

#######################################################
TEST: requestAuthorizationPromptConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8F7F.A887.BE2B.3C81",
    "client_secret": "39f33c74-194e-4778-aa97-e0a9e1827d8f",
    "registration_access_token": "f649db7f-4e1b-4588-9f06-aba0c4942796",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8F7F.A887.BE2B.3C81",
    "client_id_issued_at": 1530862491,
    "client_secret_expires_at": 1530948891,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f649db7f-4e1b-4588-9f06-aba0c4942796

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8F7F.A887.BE2B.3C81",
    "client_secret": "39f33c74-194e-4778-aa97-e0a9e1827d8f",
    "registration_access_token": "f649db7f-4e1b-4588-9f06-aba0c4942796",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8F7F.A887.BE2B.3C81",
    "client_id_issued_at": 1530862491,
    "client_secret_expires_at": 1530948891,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218F7F.A887.BE2B.3C81&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fb166119-ce45-43d7-aa29-2dfd8d998924&prompt=consent
03:35:13.642 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:51f8fdb5-9ae6-4a45-8ad7-f60dc46f4e93
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218F7F.A887.BE2B.3C81&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fb166119-ce45-43d7-aa29-2dfd8d998924&prompt=consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=52899c6a-5cb8-4c49-a25f-a045c8edf563&scope=address+openid+profile+email&session_id=8cea27ef-af51-4d68-9c96-698e2e19d732&state=fb166119-ce45-43d7-aa29-2dfd8d998924&session_state=51f8fdb5-9ae6-4a45-8ad7-f60dc46f4e93

#######################################################
TEST: requestAuthorizationPromptConsentTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9960.CF1B.4228.4D7E",
    "client_secret": "9bc59d4e-f198-4955-8a09-cde986994d68",
    "registration_access_token": "e266c966-28d6-4f8f-8579-fc442044732c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9960.CF1B.4228.4D7E",
    "client_id_issued_at": 1530862492,
    "client_secret_expires_at": 1530948892,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer e266c966-28d6-4f8f-8579-fc442044732c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9960.CF1B.4228.4D7E",
    "client_secret": "9bc59d4e-f198-4955-8a09-cde986994d68",
    "registration_access_token": "e266c966-28d6-4f8f-8579-fc442044732c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9960.CF1B.4228.4D7E",
    "client_id_issued_at": 1530862492,
    "client_secret_expires_at": 1530948892,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219960.CF1B.4228.4D7E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=40616e57-c986-4f60-9b8f-c72c806db4a9&prompt=consent
03:35:14.868 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:709645a5-8d48-4473-a9bf-9c1e25668d16
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219960.CF1B.4228.4D7E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=40616e57-c986-4f60-9b8f-c72c806db4a9&prompt=consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=35447c55-1a74-4c6e-9477-7d5ec1753a0f&scope=address+openid+profile+email&session_id=42da8e5c-dd32-4abc-80c2-447c87145e83&state=40616e57-c986-4f60-9b8f-c72c806db4a9&session_state=709645a5-8d48-4473-a9bf-9c1e25668d16

#######################################################
TEST: requestAuthorizationPromptLogin
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C6A2.DF14.894B.C6AF",
    "client_secret": "d8adb78d-713f-4ff9-a3fe-8cf173e46c89",
    "registration_access_token": "2a752b64-1cd6-47bd-8535-b52696192a74",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C6A2.DF14.894B.C6AF",
    "client_id_issued_at": 1530862493,
    "client_secret_expires_at": 1530948893,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 2a752b64-1cd6-47bd-8535-b52696192a74

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:54 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C6A2.DF14.894B.C6AF",
    "client_secret": "d8adb78d-713f-4ff9-a3fe-8cf173e46c89",
    "registration_access_token": "2a752b64-1cd6-47bd-8535-b52696192a74",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C6A2.DF14.894B.C6AF",
    "client_id_issued_at": 1530862493,
    "client_secret_expires_at": 1530948893,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C6A2.DF14.894B.C6AF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=18b00844-a8b4-42a9-ab76-420fdc881006&prompt=login
03:35:16.165 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:8d8c90a1-1a95-4cdc-8bf2-772fece2360f
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C6A2.DF14.894B.C6AF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=18b00844-a8b4-42a9-ab76-420fdc881006&prompt=login

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=97793095-6a8a-4b21-b32c-08075e9fe06e&scope=address+openid+profile+email&session_id=faae2620-7e2d-46c4-aaf6-878f6f625cbd&state=18b00844-a8b4-42a9-ab76-420fdc881006&session_state=8d8c90a1-1a95-4cdc-8bf2-772fece2360f

#######################################################
TEST: requestAuthorizationPromptLoginConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0FA5.CED1.CB48.D476",
    "client_secret": "6a86750a-3c05-4113-a0b4-633dafcfed41",
    "registration_access_token": "0d954fc4-b2b3-4c0a-9bd9-dc30277f9a7a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0FA5.CED1.CB48.D476",
    "client_id_issued_at": 1530862495,
    "client_secret_expires_at": 1530948895,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 0d954fc4-b2b3-4c0a-9bd9-dc30277f9a7a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0FA5.CED1.CB48.D476",
    "client_secret": "6a86750a-3c05-4113-a0b4-633dafcfed41",
    "registration_access_token": "0d954fc4-b2b3-4c0a-9bd9-dc30277f9a7a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0FA5.CED1.CB48.D476",
    "client_id_issued_at": 1530862495,
    "client_secret_expires_at": 1530948895,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210FA5.CED1.CB48.D476&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0a29bb6a-77cd-4d32-8d1c-74ad01799518&prompt=login+consent
03:35:17.371 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:7fba8013-753d-4023-9eeb-908df42238d8
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210FA5.CED1.CB48.D476&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0a29bb6a-77cd-4d32-8d1c-74ad01799518&prompt=login+consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=3cf9627e-f35a-4457-9167-08bf51b70e98&scope=address+openid+profile+email&session_id=544e9349-d9b5-4c52-ba86-08db462d6606&state=0a29bb6a-77cd-4d32-8d1c-74ad01799518&session_state=7fba8013-753d-4023-9eeb-908df42238d8

#######################################################
TEST: requestAuthorizationPromptLoginConsentTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BDEA.2371.BD0D.3CDB",
    "client_secret": "d303021d-c634-46fe-a012-9331c0adbcbd",
    "registration_access_token": "7bfa7851-f28a-4613-9c04-1542985a50dd",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BDEA.2371.BD0D.3CDB",
    "client_id_issued_at": 1530862496,
    "client_secret_expires_at": 1530948896,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 7bfa7851-f28a-4613-9c04-1542985a50dd

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BDEA.2371.BD0D.3CDB",
    "client_secret": "d303021d-c634-46fe-a012-9331c0adbcbd",
    "registration_access_token": "7bfa7851-f28a-4613-9c04-1542985a50dd",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BDEA.2371.BD0D.3CDB",
    "client_id_issued_at": 1530862496,
    "client_secret_expires_at": 1530948896,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BDEA.2371.BD0D.3CDB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5e0e0f57-aecc-4263-b7e9-514636b3d23d&prompt=login+consent
03:35:18.532 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:1ffc8f54-98c5-4bc1-ba14-5e5cfd6fd5e2
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BDEA.2371.BD0D.3CDB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5e0e0f57-aecc-4263-b7e9-514636b3d23d&prompt=login+consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=9b91b8d0-ff4f-4377-ac01-8bf73d7282ab&scope=address+openid+profile+email&session_id=a1eaa272-4a79-4550-8f1b-053105962f0d&state=5e0e0f57-aecc-4263-b7e9-514636b3d23d&session_state=1ffc8f54-98c5-4bc1-ba14-5e5cfd6fd5e2

#######################################################
TEST: requestAuthorizationPromptNoneFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!36D8.A65A.6BC4.4268",
    "client_secret": "97fcca21-b5bc-4922-a483-2c9f221e056a",
    "registration_access_token": "887f73e9-caaf-463b-88b7-07cc06067c26",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!36D8.A65A.6BC4.4268",
    "client_id_issued_at": 1530862497,
    "client_secret_expires_at": 1530948897,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 887f73e9-caaf-463b-88b7-07cc06067c26

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!36D8.A65A.6BC4.4268",
    "client_secret": "97fcca21-b5bc-4922-a483-2c9f221e056a",
    "registration_access_token": "887f73e9-caaf-463b-88b7-07cc06067c26",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!36D8.A65A.6BC4.4268",
    "client_id_issued_at": 1530862497,
    "client_secret_expires_at": 1530948897,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2136D8.A65A.6BC4.4268&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7262c2ed-353b-4fb8-b39d-edc9014c82bb&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:34:57 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+Authorization+Server+requires+End-User+authentication.+This+error+MAY+be+returned+when+the+prompt+parameter+in+the+Authorization+Request+is+set+to+none+to+request+that+the+Authorization+Server+should+not+display+any+user+interfaces+to+the+End-User%2C+but+the+Authorization+Request+cannot+be+completed+without+displaying+a+user+interface+for+user+authentication.&state=7262c2ed-353b-4fb8-b39d-edc9014c82bb&error=login_required
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationPromptLoginConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!929D.1ED8.9F71.DC03",
    "client_secret": "489504de-e40d-4ee1-a632-99c1f57eec29",
    "registration_access_token": "094350b1-ae91-4430-86e8-f56c6125a2b3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!929D.1ED8.9F71.DC03",
    "client_id_issued_at": 1530862497,
    "client_secret_expires_at": 1530948897,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 094350b1-ae91-4430-86e8-f56c6125a2b3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!929D.1ED8.9F71.DC03",
    "client_secret": "489504de-e40d-4ee1-a632-99c1f57eec29",
    "registration_access_token": "094350b1-ae91-4430-86e8-f56c6125a2b3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!929D.1ED8.9F71.DC03",
    "client_id_issued_at": 1530862497,
    "client_secret_expires_at": 1530948897,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21929D.1ED8.9F71.DC03&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8ba1b17e-4014-4137-ba56-c81ed077b033&prompt=none+login+consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:34:57 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=8ba1b17e-4014-4137-ba56-c81ed077b033&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationPromptNoneTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0435.4CD1.49C8.8738",
    "client_secret": "4f196c9d-f337-408f-9d63-34174aeb88eb",
    "registration_access_token": "b1fbd573-04ad-4712-9777-46eb2d1c8978",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0435.4CD1.49C8.8738",
    "client_id_issued_at": 1530862498,
    "client_secret_expires_at": 1530948898,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b1fbd573-04ad-4712-9777-46eb2d1c8978

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0435.4CD1.49C8.8738",
    "client_secret": "4f196c9d-f337-408f-9d63-34174aeb88eb",
    "registration_access_token": "b1fbd573-04ad-4712-9777-46eb2d1c8978",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0435.4CD1.49C8.8738",
    "client_id_issued_at": 1530862498,
    "client_secret_expires_at": 1530948898,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210435.4CD1.49C8.8738&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=138bbad7-e967-474a-9c7f-683a12e1c721&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:34:58 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=8ac73367-dfec-4115-aeb0-b751813ad510&scope=address+openid+profile+email&session_id=811ea81a-bbd3-4c97-b7c0-a1d6e1ff4767&state=138bbad7-e967-474a-9c7f-683a12e1c721&session_state=d48584d5-9e4e-43fb-a50b-a12c0c30c362
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3903.46FB.9AB6.E1B9",
    "client_secret": "5a2ab254-e413-468c-b3fe-b63a1f934d3d",
    "registration_access_token": "00877676-4558-4847-b5ee-2d7f15440077",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3903.46FB.9AB6.E1B9",
    "client_id_issued_at": 1530862498,
    "client_secret_expires_at": 1530948898,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 00877676-4558-4847-b5ee-2d7f15440077

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3903.46FB.9AB6.E1B9",
    "client_secret": "5a2ab254-e413-468c-b3fe-b63a1f934d3d",
    "registration_access_token": "00877676-4558-4847-b5ee-2d7f15440077",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3903.46FB.9AB6.E1B9",
    "client_id_issued_at": 1530862498,
    "client_secret_expires_at": 1530948898,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213903.46FB.9AB6.E1B9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=496df46b-5271-4d76-8f7c-f07aaf137f2d&nonce=4ddd03b4-955c-4c7c-8bc5-7810a631e9c3
03:35:20.453 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:5c323650-fc74-4cc0-a041-4c1431f26d8a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213903.46FB.9AB6.E1B9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=496df46b-5271-4d76-8f7c-f07aaf137f2d&nonce=4ddd03b4-955c-4c7c-8bc5-7810a631e9c3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=66c299ba-75e0-474f-8895-7e2deebd4c8d&scope=address+openid+profile+email&session_id=b7b7be54-63c2-4a3f-9ad4-65ed10377e8f&state=496df46b-5271-4d76-8f7c-f07aaf137f2d&token_type=bearer&session_state=5c323650-fc74-4cc0-a041-4c1431f26d8a&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EDDA.A172.B1AB.B67D",
    "client_secret": "a80c5440-3c77-4750-afa2-dd021928112e",
    "registration_access_token": "8346f6da-a8e7-44cd-9a84-0894a7a69d89",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EDDA.A172.B1AB.B67D",
    "client_id_issued_at": 1530862499,
    "client_secret_expires_at": 1530948899,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8346f6da-a8e7-44cd-9a84-0894a7a69d89

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:34:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EDDA.A172.B1AB.B67D",
    "client_secret": "a80c5440-3c77-4750-afa2-dd021928112e",
    "registration_access_token": "8346f6da-a8e7-44cd-9a84-0894a7a69d89",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EDDA.A172.B1AB.B67D",
    "client_id_issued_at": 1530862499,
    "client_secret_expires_at": 1530948899,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EDDA.A172.B1AB.B67D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=41300a04-112d-484d-87d0-8fb86ef8aa3e&nonce=75ab1935-08ac-41a9-ba87-ee88a9a8f658
03:35:21.617 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:0cc3d89d-be42-4acb-af37-563202fd3386
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EDDA.A172.B1AB.B67D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=41300a04-112d-484d-87d0-8fb86ef8aa3e&nonce=75ab1935-08ac-41a9-ba87-ee88a9a8f658

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=0379674d-9e91-46db-a570-97229a609792&code=1e1a5599-d496-4794-a35b-c398d76b502a&scope=address+openid+profile+email&session_id=f0dc9cd2-c4b5-4ee2-9602-5cb61c20ca19&state=41300a04-112d-484d-87d0-8fb86ef8aa3e&token_type=bearer&session_state=0cc3d89d-be42-4acb-af37-563202fd3386&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E889.7BD1.1DB3.2979",
    "client_secret": "d7c641c4-5a0d-4e37-b282-9c3f3c2308de",
    "registration_access_token": "eaa56e8b-6e93-4c46-be12-c0af865ff0b5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E889.7BD1.1DB3.2979",
    "client_id_issued_at": 1530862500,
    "client_secret_expires_at": 1530948900,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer eaa56e8b-6e93-4c46-be12-c0af865ff0b5

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E889.7BD1.1DB3.2979",
    "client_secret": "d7c641c4-5a0d-4e37-b282-9c3f3c2308de",
    "registration_access_token": "eaa56e8b-6e93-4c46-be12-c0af865ff0b5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E889.7BD1.1DB3.2979",
    "client_id_issued_at": 1530862500,
    "client_secret_expires_at": 1530948900,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E889.7BD1.1DB3.2979&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e5e48b10-f803-41da-8749-9711bd6a37bf&nonce=dc3504d0-0587-4aba-b047-b41b55af1410
03:35:22.779 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:891aa5a1-c8d1-4c70-a13b-6c3e159b108a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E889.7BD1.1DB3.2979&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e5e48b10-f803-41da-8749-9711bd6a37bf&nonce=dc3504d0-0587-4aba-b047-b41b55af1410

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=f81003f4-263f-41f8-97be-aa570ae835ab&code=434b07b9-889f-470e-aac2-4b2743f3640b&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFODg5LjdCRDEuMURCMy4yOTc5IiwiZXhwIjoxNTMwODY2MTAxLCJpYXQiOjE1MzA4NjI1MDEsIm5vbmNlIjoiZGMzNTA0ZDAtMDU4Ny00YWJhLWIwNDctYjQxYjU1YWYxNDEwIiwiYXV0aF90aW1lIjoxNTMwODYyNTAxLCJjX2hhc2giOiJuY0UwbS1ySk1XbGpfSmxMWjJYSW93IiwiYXRfaGFzaCI6InNSMC1JV0lHaEU3M1pUdzlpU3lWYUEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJ6aWRXWjItcHl4SGFsMWNYQmRBOXZWbEY0TmtLZFdhbXRNTmFpclBZdlhZIn0.ke-vWQjhwXWHXP_1DUeTDBhcIdYdZwKbbJDLWgTijmBRVYtbg6VrIYGPo_kfZW8gBkb5tGdjdUSoa5oRM2XGBxXbWID5HqMHrZpuf4GzDQexnP-rTwUzpZPN4JSPOmQNnqe1HZg20rrcjQWiZJz4eTuh0ka10Qj_H09_GPDTtvWT90FkTJMEfXeoqdG7Eyfo6P2QAXx40PV7h36R_sYqOP2eVwUmwB2ux26COLgFmJKRITvx6VoP8i1CjJWuw5z4h2ukuHBcQe6DtSnNsyZoyO81xfCBA4XnohE6C2wD1-IKw-C-dnJ13_YG19zucqmXGkY9SfdSfmsOURmUvaQfdg&session_id=5f53d477-29b9-4da3-ae33-ebbc2f9cc94c&state=e5e48b10-f803-41da-8749-9711bd6a37bf&token_type=bearer&session_state=891aa5a1-c8d1-4c70-a13b-6c3e159b108a&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCodeIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2968.F567.0A22.9703",
    "client_secret": "3d36da76-dee7-4958-b492-4411624fae49",
    "registration_access_token": "7d6620fc-577f-482a-9438-b48b0eca82a6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2968.F567.0A22.9703",
    "client_id_issued_at": 1530862501,
    "client_secret_expires_at": 1530948901,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 7d6620fc-577f-482a-9438-b48b0eca82a6

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2968.F567.0A22.9703",
    "client_secret": "3d36da76-dee7-4958-b492-4411624fae49",
    "registration_access_token": "7d6620fc-577f-482a-9438-b48b0eca82a6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2968.F567.0A22.9703",
    "client_id_issued_at": 1530862501,
    "client_secret_expires_at": 1530948901,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212968.F567.0A22.9703&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b74eb87b-435b-4067-8c91-1f4a85001d10&nonce=a2b31b67-f363-47b3-807a-15052f891f30
03:35:23.947 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4cdca0b6-94bb-4aa9-838d-8d19f00cd6b8
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212968.F567.0A22.9703&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b74eb87b-435b-4067-8c91-1f4a85001d10&nonce=a2b31b67-f363-47b3-807a-15052f891f30

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=f59eeff1-0ea4-448b-862c-e7d1e44a4e8c&code=981e5682-c354-4d99-8cca-66196a8e5bbf&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyOTY4LkY1NjcuMEEyMi45NzAzIiwiZXhwIjoxNTMwODY2MTAyLCJpYXQiOjE1MzA4NjI1MDIsIm5vbmNlIjoiYTJiMzFiNjctZjM2My00N2IzLTgwN2EtMTUwNTJmODkxZjMwIiwiYXV0aF90aW1lIjoxNTMwODYyNTAyLCJjX2hhc2giOiJyS1YyclctdFpxcGg0aklYYlBKMGVnIiwiYXRfaGFzaCI6IlotM3h5dGlTVGRsZ3NpWUlUUnRTdXciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIweXp1MG5EQXNwQk1jX2tKNUNEMk5sdjhXeEJPbGx0NURrYlpmN0h3UGdrIn0.OKtLCPwyYYY-6zh8mshHObCpLuH5CqWP9BX9ApYl2ydv04pH1yw8R-0wigIhgKGb1YIFVoEtXMuCVVbbxJIzGXnB22TREtnR-0DXoB8zEyA7I0wdF8-GG2cEt49WfP8_l2hnmk0KJCMSdUekBCJXc3yYN3aAycf0P3pTqEzRXv_uUp2kIKdH-2q4iFIMgo00iXXAWIuUZEHErS2IS68JKS0i3jCaNhRPPtx6u5ds9O5vbWlT4RkKj_daNRkZq_ntDW3iIHtNAXi02Y4-EVv5-yu1SFql1a60Dgt9gdZwlH6HqC0KJ67W3QDnpiNzVHBA38bpjXgOYyy07D9g2yPWbQ&session_id=9ee57ed8-d0b9-413b-a2b5-ac3aafcee18f&state=b74eb87b-435b-4067-8c91-1f4a85001d10&token_type=bearer&session_state=4cdca0b6-94bb-4aa9-838d-8d19f00cd6b8&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCodeUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3AD3.35E2.E437.F672",
    "client_secret": "f5fc72e4-6b0b-476b-8142-639dbc188872",
    "registration_access_token": "8275c6f2-78d1-4a59-a160-88aa77744100",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3AD3.35E2.E437.F672",
    "client_id_issued_at": 1530862503,
    "client_secret_expires_at": 1530948903,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8275c6f2-78d1-4a59-a160-88aa77744100

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3AD3.35E2.E437.F672",
    "client_secret": "f5fc72e4-6b0b-476b-8142-639dbc188872",
    "registration_access_token": "8275c6f2-78d1-4a59-a160-88aa77744100",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3AD3.35E2.E437.F672",
    "client_id_issued_at": 1530862503,
    "client_secret_expires_at": 1530948903,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213AD3.35E2.E437.F672&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=92e86363-8e45-4aa7-ac51-eac0e04ce8cd&nonce=421c41fa-e487-4c13-a43f-fc1b7d3953ff
03:35:25.191 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4ff90992-95c2-41a6-a6f5-d232f3a640bd
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213AD3.35E2.E437.F672&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=92e86363-8e45-4aa7-ac51-eac0e04ce8cd&nonce=421c41fa-e487-4c13-a43f-fc1b7d3953ff

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=9ee928b5-da12-4017-b42e-8203552b9087&code=42521dc7-c570-442e-a224-d4f3a13b6290&scope=address+openid+profile+email&session_id=fef78b79-2973-4594-9edd-1468bf008744&state=92e86363-8e45-4aa7-ac51-eac0e04ce8cd&token_type=bearer&session_state=4ff90992-95c2-41a6-a6f5-d232f3a640bd&expires_in=299

#######################################################
TEST: requestAuthorizationTokenFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=af39fc32-f263-4ddb-926d-07b7c00de292

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 222
Content-Type: text/plain
Date: Fri, 06 Jul 2018 07:35:04 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed.","state":"af39fc32-f263-4ddb-926d-07b7c00de292"}

#######################################################
TEST: requestAuthorizationTokenFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8628.1C8D.8F09.28E4",
    "client_secret": "9340a75e-a21f-4bc9-91d3-7a4919bcb100",
    "registration_access_token": "aa381f58-1c10-484a-9f55-958466edf830",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8628.1C8D.8F09.28E4",
    "client_id_issued_at": 1530862504,
    "client_secret_expires_at": 1530948904,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer aa381f58-1c10-484a-9f55-958466edf830

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8628.1C8D.8F09.28E4",
    "client_secret": "9340a75e-a21f-4bc9-91d3-7a4919bcb100",
    "registration_access_token": "aa381f58-1c10-484a-9f55-958466edf830",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8628.1C8D.8F09.28E4",
    "client_id_issued_at": 1530862504,
    "client_secret_expires_at": 1530948904,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218628.1C8D.8F09.28E4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7ca63004-1f52-46a7-93ab-babfeb31c04b&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:35:04 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=7ca63004-1f52-46a7-93ab-babfeb31c04b&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationTokenIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6EF1.02BC.A6A1.201D",
    "client_secret": "deeb5086-f8c6-44ad-8f82-771625c5d573",
    "registration_access_token": "45b9904a-fa72-4f35-b974-b7e55ebf757f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6EF1.02BC.A6A1.201D",
    "client_id_issued_at": 1530862504,
    "client_secret_expires_at": 1530948904,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 45b9904a-fa72-4f35-b974-b7e55ebf757f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6EF1.02BC.A6A1.201D",
    "client_secret": "deeb5086-f8c6-44ad-8f82-771625c5d573",
    "registration_access_token": "45b9904a-fa72-4f35-b974-b7e55ebf757f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6EF1.02BC.A6A1.201D",
    "client_id_issued_at": 1530862504,
    "client_secret_expires_at": 1530948904,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216EF1.02BC.A6A1.201D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f75100f9-abe8-4d7d-8533-f498ffcecb15&nonce=6983a391-4bc3-4008-9cbb-6f20304abe50
03:35:26.776 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:22cf3fd3-3049-4a8e-ab12-5caaf55e0b42
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216EF1.02BC.A6A1.201D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f75100f9-abe8-4d7d-8533-f498ffcecb15&nonce=6983a391-4bc3-4008-9cbb-6f20304abe50

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=1198769f-a915-4f51-8f3a-cc80d0557919&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2RUYxLjAyQkMuQTZBMS4yMDFEIiwiZXhwIjoxNTMwODY2MTA1LCJpYXQiOjE1MzA4NjI1MDUsIm5vbmNlIjoiNjk4M2EzOTEtNGJjMy00MDA4LTljYmItNmYyMDMwNGFiZTUwIiwiYXV0aF90aW1lIjoxNTMwODYyNTA1LCJhdF9oYXNoIjoiRlhKbUM2OG41dFRSWjJJS2Zub0YxZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImtiWXh6QXBaOFZsTDU2bHRIeFlDT0ZHLU1zV0dOem9mR2xST1Fqa01HUlUifQ.LVmKy3QWuz1U9pXsVb6jvTD0F_WtLrMo5B3tYSQpdSjEJN_dR2h8TG_zwA8afLn6sYQz_ImDBFxp63ORTzsfZ-tZfcfer3P2qHGs5L9kKG3SxToqFnCL9F8O-rJq0Gi1XUpovrzGYF189YcbtQXcYltdlNK5w1KgeGZjznCYHQMmgnipLQZHftNyxInfVp-7GmDdIMfZOkJ29no9w9MtNwZKTQqHSuC5b28Xe_DMgh8bep_Js9XJ7vfJJn6KIbg7urt7ViaCj71MDjneIcwQ8dSTxhXzeePQvPD8VQ6zmRLgYhZc6Wn8g0YNUvdYSvLqAxHoqQ0Ed69Mgwr4cwERXg&session_id=9b19cc50-a5c1-44ac-b5dd-9806e3db5a69&state=f75100f9-abe8-4d7d-8533-f498ffcecb15&token_type=bearer&session_state=22cf3fd3-3049-4a8e-ab12-5caaf55e0b42&expires_in=299

#######################################################
TEST: requestAuthorizationTokenIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C030.96F7.04FB.2249",
    "client_secret": "79923eae-4b71-4a37-8a46-5419c506e62f",
    "registration_access_token": "c20822ab-486a-4aee-8a3f-4abc2394de49",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C030.96F7.04FB.2249",
    "client_id_issued_at": 1530862505,
    "client_secret_expires_at": 1530948905,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer c20822ab-486a-4aee-8a3f-4abc2394de49

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C030.96F7.04FB.2249",
    "client_secret": "79923eae-4b71-4a37-8a46-5419c506e62f",
    "registration_access_token": "c20822ab-486a-4aee-8a3f-4abc2394de49",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C030.96F7.04FB.2249",
    "client_id_issued_at": 1530862505,
    "client_secret_expires_at": 1530948905,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C030.96F7.04FB.2249&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c942ef42-4a19-4d77-99d7-2d4768f949a9&nonce=6391bb9d-12d6-4f19-89b4-c95a1ea8d1ee
03:35:27.986 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:956113b8-e08e-4ae4-bda7-03c51a80a18d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C030.96F7.04FB.2249&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c942ef42-4a19-4d77-99d7-2d4768f949a9&nonce=6391bb9d-12d6-4f19-89b4-c95a1ea8d1ee

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=3c516b44-5723-471b-9fd2-f18047e4374f&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDMDMwLjk2RjcuMDRGQi4yMjQ5IiwiZXhwIjoxNTMwODY2MTA2LCJpYXQiOjE1MzA4NjI1MDYsIm5vbmNlIjoiNjM5MWJiOWQtMTJkNi00ZjE5LTg5YjQtYzk1YTFlYThkMWVlIiwiYXV0aF90aW1lIjoxNTMwODYyNTA2LCJhdF9oYXNoIjoiWk5JLVlGZ2pYQkRMZFRJTmMwd2hrdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjVxeHNwMEZWemllTnRmV2ZzeGd3Tlp4dm1MeUdKbGx6cnlfcXNLenF2RUkifQ.j7Zyfgbots-a6kZzNAI6kpHieLJd471bAs7koQY3yML-T9eotSB5eaiHW_TML_rS7V7jPAi1g05Qp3IFudIqG-XP6SiUqA30-DIgbgpkKnxf7FIH_tO96bhyq9pwVZ8HPdVZ8D5pmgwIt3dqJmf7G81y_r0GbkVmSIcwJpLYAkUt5A6GD5id6xItA3O29pIFFPE1n7LBODBAfJSQw2yGjAjsJw2TT2KMCRpP4XVBZMFif77rJ0xRsNWz3q7_Io_VjYjuR2XtAlkLIVOqfYBPxVM0Ef99folphvQPH8r6Bug51lWrMTrM_Merbp1UiBpBiajm6rem5WBGik4_62o1HQ&session_id=b5d0da0b-e711-48b1-b8be-000d1333bf92&state=c942ef42-4a19-4d77-99d7-2d4768f949a9&token_type=bearer&session_state=956113b8-e08e-4ae4-bda7-03c51a80a18d&expires_in=299

#######################################################
TEST: requestAuthorizationTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!01DD.7B11.55D9.6F60",
    "client_secret": "2c54237b-c8a5-4665-aa58-3c229363f83b",
    "registration_access_token": "d44d405d-35cd-4b3a-959e-28df3d37d473",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!01DD.7B11.55D9.6F60",
    "client_id_issued_at": 1530862507,
    "client_secret_expires_at": 1530948907,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer d44d405d-35cd-4b3a-959e-28df3d37d473

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!01DD.7B11.55D9.6F60",
    "client_secret": "2c54237b-c8a5-4665-aa58-3c229363f83b",
    "registration_access_token": "d44d405d-35cd-4b3a-959e-28df3d37d473",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!01DD.7B11.55D9.6F60",
    "client_id_issued_at": 1530862507,
    "client_secret_expires_at": 1530948907,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2101DD.7B11.55D9.6F60&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b16b26e4-6ab7-4678-8cab-c8e7868afc9a&nonce=279f1503-adee-47de-aa78-6fb3d0650939
03:35:29.252 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:947a4d1b-5c3d-466d-8779-14f8c89bd63e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2101DD.7B11.55D9.6F60&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b16b26e4-6ab7-4678-8cab-c8e7868afc9a&nonce=279f1503-adee-47de-aa78-6fb3d0650939

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=712e3dc7-f9c3-4289-96bf-1f1a8b3b7764&scope=address+openid+profile+email&session_id=532f3210-42ca-4f3a-99dd-84ec35cbdc35&state=b16b26e4-6ab7-4678-8cab-c8e7868afc9a&token_type=bearer&session_state=947a4d1b-5c3d-466d-8779-14f8c89bd63e&expires_in=299

#######################################################
TEST: requestAuthorizationWithoutScope
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:08 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!37A1.87FD.E506.9243",
    "client_secret": "c71be35c-53a9-4935-873c-bc06ded84d67",
    "registration_access_token": "3c92d5ec-90fd-4432-b4a8-24b13e73d572",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!37A1.87FD.E506.9243",
    "client_id_issued_at": 1530862508,
    "client_secret_expires_at": 1530948908,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 3c92d5ec-90fd-4432-b4a8-24b13e73d572

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:08 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!37A1.87FD.E506.9243",
    "client_secret": "c71be35c-53a9-4935-873c-bc06ded84d67",
    "registration_access_token": "3c92d5ec-90fd-4432-b4a8-24b13e73d572",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!37A1.87FD.E506.9243",
    "client_id_issued_at": 1530862508,
    "client_secret_expires_at": 1530948908,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2137A1.87FD.E506.9243&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=22382a0e-fffb-4d19-86f5-268d00c95bc6&nonce=0001bd06-1cdc-4331-908c-ba7c15e049ee
03:35:30.432 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:26cbb957-5a8c-4b7c-976b-3dc31838da55
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2137A1.87FD.E506.9243&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=22382a0e-fffb-4d19-86f5-268d00c95bc6&nonce=0001bd06-1cdc-4331-908c-ba7c15e049ee

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=41cdeef2-cae1-43c8-adb8-084ed4b47f8a&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzN0ExLjg3RkQuRTUwNi45MjQzIiwiZXhwIjoxNTMwODY2MTA5LCJpYXQiOjE1MzA4NjI1MDksIm5vbmNlIjoiMDAwMWJkMDYtMWNkYy00MzMxLTkwOGMtYmE3YzE1ZTA0OWVlIiwiYXV0aF90aW1lIjoxNTMwODYyNTA5LCJjX2hhc2giOiJjTWdnWGJVaXhaNnQ5Y2RwMS1uTDBRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiLWlUYjB0VXI5ZkltZW9zS0xGQWkxTllUZ21OUzU1VEVSYThOdzBuNUpydyJ9.lD4EPRGTmZQGk5XMv08E5s6HRWCEOJoV0gxmIiKwS8m4xzSr6XRWrayKsBx7-JSg_Ic8_ew2hpb3Ezi2sY4O1YdLuQeJm8IijmmkaCPeW1EvpOjnAkUyH4uXwsy9POyr0wFidvEQiuPm063Z91JRU3oHdb3l8e2G5iXIShBbY9kgklimt-VqKrS4eIgnVUxfXMULqAEK84UjYiIyTdX8-Q2ROzy-OaCW4V4skG3PW6yPR_PNn8A4yfD7dw18ziAZLT18jzu9RTCsrNiXcNpWsRyyHMKarJPIoQC8uayUIxig42GmtfD8cLuPULUPhGET6-xmNLl_fchlC1LA5X-GLA&session_id=0b730d38-8a6d-4f09-8547-087909e16994&state=22382a0e-fffb-4d19-86f5-268d00c95bc6&session_state=26cbb957-5a8c-4b7c-976b-3dc31838da55

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:09 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:09 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: requestSessionIdAuthorizationCode1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E0BE.5C3F.6A08.E6F4",
    "client_secret": "66d267b1-81ce-43e1-b27e-ecf53abc446a",
    "registration_access_token": "063b854c-130e-4c7d-9424-7c6672160741",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E0BE.5C3F.6A08.E6F4",
    "client_id_issued_at": 1530862509,
    "client_secret_expires_at": 1530948909,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 063b854c-130e-4c7d-9424-7c6672160741

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E0BE.5C3F.6A08.E6F4",
    "client_secret": "66d267b1-81ce-43e1-b27e-ecf53abc446a",
    "registration_access_token": "063b854c-130e-4c7d-9424-7c6672160741",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E0BE.5C3F.6A08.E6F4",
    "client_id_issued_at": 1530862509,
    "client_secret_expires_at": 1530948909,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E0BE.5C3F.6A08.E6F4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=239598f7-87cf-4824-9eb2-ab80bb762de5
03:35:31.810 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
waitForResourceOwnerAndGrantLoginForm: sessionState:306d30c4-edd9-4084-8cbb-d6411cb45e9e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E0BE.5C3F.6A08.E6F4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=239598f7-87cf-4824-9eb2-ab80bb762de5

authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E0BE.5C3F.6A08.E6F4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d03483ba-f8ca-46fd-a4c6-d366b556a3da
03:35:31.985 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:1ebc9117-8dd1-45ea-81fc-82f58001ec79
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E0BE.5C3F.6A08.E6F4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d03483ba-f8ca-46fd-a4c6-d366b556a3da

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=522f1d6c-258c-413e-a947-fa1f85225b41&scope=address+openid+profile+email&session_id=10ffaf7c-0921-4e70-b128-fe49a50f6c3d&state=d03483ba-f8ca-46fd-a4c6-d366b556a3da&session_state=1ebc9117-8dd1-45ea-81fc-82f58001ec79

#######################################################
TEST: requestSessionIdAuthorizationCode2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1FCE.B297.E4C0.4B10",
    "client_secret": "21eef538-da13-4ed0-b8e5-97ea56125b2b",
    "registration_access_token": "1da59e55-030e-46b3-9c1a-8f8b188fe9ea",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1FCE.B297.E4C0.4B10",
    "client_id_issued_at": 1530862511,
    "client_secret_expires_at": 1530948911,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 1da59e55-030e-46b3-9c1a-8f8b188fe9ea

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1FCE.B297.E4C0.4B10",
    "client_secret": "21eef538-da13-4ed0-b8e5-97ea56125b2b",
    "registration_access_token": "1da59e55-030e-46b3-9c1a-8f8b188fe9ea",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1FCE.B297.E4C0.4B10",
    "client_id_issued_at": 1530862511,
    "client_secret_expires_at": 1530948911,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211FCE.B297.E4C0.4B10&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=db6694ce-9a91-462e-8ca3-6b0489fd5450
03:35:33.116 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
waitForResourceOwnerAndGrantLoginForm: sessionState:c9c380d1-af57-4abe-8079-9c1cd2d351c6
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211FCE.B297.E4C0.4B10&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=db6694ce-9a91-462e-8ca3-6b0489fd5450

authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211FCE.B297.E4C0.4B10&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=52c61ca7-b49b-4663-a7c8-924615ff0aa0
03:35:33.312 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:aed188ef-4465-4dea-8897-9d40343bf7ec
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211FCE.B297.E4C0.4B10&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=52c61ca7-b49b-4663-a7c8-924615ff0aa0

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=9fc85e38-94a1-4c40-8751-f602ed7bebdc&scope=address+openid+profile+email&session_id=78b62e21-7c3f-4475-88d3-8cde1ef6c028&state=52c61ca7-b49b-4663-a7c8-924615ff0aa0&session_state=aed188ef-4465-4dea-8897-9d40343bf7ec

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:12 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:12 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: requestClientRegistrationWithCustomAttributes
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "grant_types": ["password"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true",
    "myCustomAttr1": "f2de7f47-1869-4b04-b727-26f27e495e3f"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1445
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3687.C9E8.251D.0719",
    "client_secret": "457e4a89-21c8-4628-8832-2e3f679c69ad",
    "registration_access_token": "21fcb38f-13d7-4897-b51f-6c8201f32503",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3687.C9E8.251D.0719",
    "client_id_issued_at": 1530862512,
    "client_secret_expires_at": 1530948912,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

#######################################################
TEST: requestAccessTokenCustomClientAuth1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213687.C9E8.251D.0719&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=94fba8c5-57aa-4e66-8c8b-f36a3c04cdb2&nonce=8fd8d44a-c456-4fea-b174-eea8d5028a55&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:35:12 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=9432b89b-5d09-43a3-8249-de7144b5d1aa&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNjg3LkM5RTguMjUxRC4wNzE5IiwiZXhwIjoxNTMwODY2MTEyLCJpYXQiOjE1MzA4NjI1MTIsIm5vbmNlIjoiOGZkOGQ0NGEtYzQ1Ni00ZmVhLWIxNzQtZWVhOGQ1MDI4YTU1IiwiYXV0aF90aW1lIjoxNTMwODYyNTEyLCJjX2hhc2giOiJ4XzlRbEdhcDQxZW1UNnJYR3BpS0tBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiajMyWWdadTZ3S0R6b0E2d01PWDhFX2cyTjBDMTJkOUlyaUd1d3F0MF94ayJ9.ZjOe7eRDT7yWY3UCCR3kgBItDPftK771zkmKic7oERuYcBPce4jPKvOIbHxXWSVCbno8mN1421D40aM32QIirwhXRcrlueQ2odbO9yn30_-N2Nm3MdHmtuVcTYtaSwughZwy8cVwht_iXhQiL5bLuY6iXGSJzG0RiSB7rU-DnWIRoOOIO8dpt8unhAoA47Z_svYBgrZ5L661YCV8EyLlLgu2mva-Y-tAgRiBj_gn_GlZiBjyuQxurqmx4Bt5N4fI_5k5nMR7q0oW1HpFg3Y0jrlvgCQ2QrKKD4PWpFsRvBlg9sX-ijOwrGJ_hbPaHq5b2pbKPHRQVLi_eySVWspT2g&session_id=0640955f-1f8b-437f-9fde-3be3aaeebebb&state=94fba8c5-57aa-4e66-8c8b-f36a3c04cdb2&session_state=3a15fbff-b5b4-4e51-b3ba-b73f937c934d
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=authorization_code&code=9432b89b-5d09-43a3-8249-de7144b5d1aa&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&myCustomAttr1=f2de7f47-1869-4b04-b727-26f27e495e3f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"04da7676-b7c1-49ae-94ba-d22f05a96a94","token_type":"bearer","expires_in":299,"refresh_token":"9ebd6d83-5f81-4e77-bbc8-fba9ca68e5a7","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNjg3LkM5RTguMjUxRC4wNzE5IiwiZXhwIjoxNTMwODY2MTEyLCJpYXQiOjE1MzA4NjI1MTIsIm5vbmNlIjoiOGZkOGQ0NGEtYzQ1Ni00ZmVhLWIxNzQtZWVhOGQ1MDI4YTU1IiwiYXV0aF90aW1lIjoxNTMwODYyNTEyLCJhdF9oYXNoIjoiT1lBcXNON1RDUXY2QmR3cDRHeFZRQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImozMllnWnU2d0tEem9BNndNT1g4RV9nMk4wQzEyZDlJcmlHdXdxdDBfeGsifQ.tQOv1dAO1vCIxvZLzc_X9HAcH0tntsM3UnmiqQzA0PXHC1bwRExkGy-TkAfAC42_Cwx8aYeSBhvy2ZnmEQP4YWdPa-OJlL9-iT99e7t-r5ITZaKmfvPB14j4EUKDp137SIwwMQBQsAXM-bv8yhdPSLjhUNK4ormP1cKVwm93OiG9ybaRyl3kBmIznnNng3xSAawc-lycQF6p8ZB_TbHys5T9Mc7Yi_Eoy93hAAb6pGvDKvKHSBGb1dabhbM9s8-n8VC3AJ7l0MkPqKtAW0aprmi45ALp4RTAn8GbGQhJhgPjbIydG_BUIQ_dmmw6cvWT2NymcXUUGc0c5UWtcezE3A"}

#######################################################
TEST: requestAccessTokenCustomClientAuth2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=password&scope=openid&username=test_user&password=test_user_password&myCustomAttr1=f2de7f47-1869-4b04-b727-26f27e495e3f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 934
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"19982afd-5e76-4708-9337-5a802bf653dd","token_type":"bearer","expires_in":299,"refresh_token":"d29cfd9a-d6ba-4994-aec0-51ec1421ad15","scope":"openid","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNjg3LkM5RTguMjUxRC4wNzE5IiwiZXhwIjoxNTMwODY2MTEyLCJpYXQiOjE1MzA4NjI1MTIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImozMllnWnU2d0tEem9BNndNT1g4RV9nMk4wQzEyZDlJcmlHdXdxdDBfeGsifQ.fsTks_kRr00RSzeWg37L2lsELdtoVjsT4hK9-tordLLhhAcIJlPaCwrDfuqk5O53Hmx4A1c98F5RIFmO2tItz1v-ESVYNIypK8teo-sf4CRtA0-LsoPp_qwaP8sV_0RyvBO5KpvwSFLAS1wh0Bo-iiymxWMTRigQlTMRZiZyuFO0pcJNqxDwtDy_0Qa5lhZPuAkQ_ihJaRrsLnQ76lI4T7_BbM4V9xUoPhkcYU9Yuhc5dP96hZkMaCc1tFYfRaNCie-WXKlzPHTHBmn7OJfUCmrGVECnhWaNZVLQEDfjJM3xxumKZaBLoIFFhXM6y55ghA3CiOEWYzstLHFCKrwljA"}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:12 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:12 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: clientSecretBasicAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_basic",
    "scope": "openid profile address email clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1226
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DE82.F225.07A1.3C57",
    "client_secret": "5d2f3875-8d0f-4b39-99f8-d7aeb896c963",
    "registration_access_token": "f725a93d-fbd1-4960-8cff-a95e9589f3cd",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DE82.F225.07A1.3C57",
    "client_id_issued_at": 1530862513,
    "client_secret_expires_at": 1530948913,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxREU4Mi5GMjI1LjA3QTEuM0M1Nzo1ZDJmMzg3NS04ZDBmLTRiMzktOTlmOC1kN2FlYjg5NmM5NjM=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"25d36960-43dd-4c7e-ac15-97d625d61170","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 412
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DE82.F225.07A1.3C57","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["openid","profile","address","email","clientinfo"]}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 25d36960-43dd-4c7e-ac15-97d625d61170

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 403
Connection: Keep-Alive
Content-Length: 126
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:13 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"insufficient_scope","error_description":"The request requires higher privileges than provided by the access token."}

#######################################################
TEST: clientSecretBasicAuthenticationMethodFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_basic",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1242
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0E96.3F61.F921.ACEB",
    "client_secret": "bd8b239e-c912-44c9-921d-b4b12b9b96c0",
    "registration_access_token": "837b869b-08f0-465a-9484-9aa07e9534c2",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0E96.3F61.F921.ACEB",
    "client_id_issued_at": 1530862513,
    "client_secret_expires_at": 1530948913,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMEU5Ni4zRjYxLkY5MjEuQUNFQjpJTlZBTElEX0NMSUVOVF9TRUNSRVQ=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:13 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1E1D.FC40.2386.3E36",
    "client_secret": "3c5c7ae8-5a62-4fa4-8e7f-ac9b44986da5",
    "registration_access_token": "708acc86-f8d5-48bb-914d-d084472805ef",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1E1D.FC40.2386.3E36",
    "client_id_issued_at": 1530862513,
    "client_secret_expires_at": 1530948913,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExRTFELkZDNDAuMjM4Ni4zRTM2Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMUUxRC5GQzQwLjIzODYuM0UzNiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNjZhMzM5ZTItNzU2OS00MDhmLWI1ODYtYzQwYTU2MDFmOGY0IiwiZXhwIjoxNTMwODYyODM1LCJpYXQiOjE1MzA4NjI1MzV9.sHTzLklhIEfX1hW2K1gwkf7Y6Scv4DbrqcE8R00YcPw

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"ecad6f29-8c1a-4cab-abfc-8453c1c82c22","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1E1D.FC40.2386.3E36","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4D6F.7146.20E8.2DDF",
    "client_secret": "a4ed111e-adc0-4418-8720-0f1e2b206ae9",
    "registration_access_token": "85bd46de-b160-4c36-9297-24c44b9b5740",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4D6F.7146.20E8.2DDF",
    "client_id_issued_at": 1530862513,
    "client_secret_expires_at": 1530948913,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0RDZGLjcxNDYuMjBFOC4yRERGIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNEQ2Ri43MTQ2LjIwRTguMkRERiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZTZkNzIxYWUtMWZhMS00ZTkyLThiYjUtZTg5NGExMjAwYjRiIiwiZXhwIjoxNTMwODYyODM1LCJpYXQiOjE1MzA4NjI1MzV9.a51fFSPeQHzhHSbdc1RKROK6uWWhMY4pOFmX0B41kd8

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:13 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07BF.A93A.6771.57D9",
    "client_secret": "8970a479-3297-43ab-8054-837462ef3da2",
    "registration_access_token": "971328bb-c883-4b09-955c-597b357ccb96",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07BF.A93A.6771.57D9",
    "client_id_issued_at": 1530862513,
    "client_secret_expires_at": 1530948913,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwN0JGLkE5M0EuNjc3MS41N0Q5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMDdCRi5BOTNBLjY3NzEuNTdEOSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiOGQ1ZjUxODYtYjhhOS00MTY2LWIxZGUtMmRlZDJhN2U5MGI3IiwiZXhwIjoxNTMwODYyODM1LCJpYXQiOjE1MzA4NjI1MzV9.OaDT8brLcsitLzwmOvpyymWe9WbPJNnndtF8Z2tOdMICiK3nkj8FK6WBs-ZTfv4y

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"c21c2bb5-7cc1-4f66-b5ed-670eda522fab","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07BF.A93A.6771.57D9","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BF1D.B658.49D4.0721",
    "client_secret": "4311dc24-1df3-4072-911b-e0b10476cd73",
    "registration_access_token": "ab3aeed7-c79a-428f-aa7c-b338650a02ab",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BF1D.B658.49D4.0721",
    "client_id_issued_at": 1530862514,
    "client_secret_expires_at": 1530948914,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCRjFELkI2NTguNDlENC4wNzIxIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQkYxRC5CNjU4LjQ5RDQuMDcyMSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYWNhMjI4MDctNzEzYi00ZGI0LTg3NzctMGZkMzY3MTYwMTU0IiwiZXhwIjoxNTMwODYyODM2LCJpYXQiOjE1MzA4NjI1MzZ9.JXEJ_YPq5yz1945Sbw5x7Ni6loBvDKzF9hIrkqgOW_1zkY9Rv4E8teSCIJOCIiK4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:14 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D7C1.4A5A.4019.3407",
    "client_secret": "03096e5d-6149-452e-aed7-283ef14ef1c1",
    "registration_access_token": "ff0e8c5a-e70f-4f37-81c9-e5998bc60744",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D7C1.4A5A.4019.3407",
    "client_id_issued_at": 1530862514,
    "client_secret_expires_at": 1530948914,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEN0MxLjRBNUEuNDAxOS4zNDA3Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDdDMS40QTVBLjQwMTkuMzQwNyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNWQyNTg3ZWMtMzYzZi00ZDg2LTk2ZjMtY2IxODViNDBlYzA4IiwiZXhwIjoxNTMwODYyODM2LCJpYXQiOjE1MzA4NjI1MzZ9.Y3FxYf--FJdlu5VadFKu5eGTPU3JjqKaAaqOpq-uVa1d_O06HNGFvxqvuaa2spP6xY61ftF5ZOiHNi63RGN81w

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"a3dca437-038f-48c2-b05e-ecfe3775ed65","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D7C1.4A5A.4019.3407","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4778.F4F9.BDF4.B1E9",
    "client_secret": "bb6ed21d-713c-4d01-a0bf-fd37667ae813",
    "registration_access_token": "cfdb3b03-d83b-47cf-8dfd-64342f716702",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4778.F4F9.BDF4.B1E9",
    "client_id_issued_at": 1530862514,
    "client_secret_expires_at": 1530948914,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0Nzc4LkY0RjkuQkRGNC5CMUU5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNDc3OC5GNEY5LkJERjQuQjFFOSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMTFlYTIyMzctMjU5Ni00NzA2LTlkN2EtNDM4ZTBjNjhiMzU1IiwiZXhwIjoxNTMwODYyODM2LCJpYXQiOjE1MzA4NjI1MzZ9.cq6eAVazlI-iGWMBIVrCehKGIjoon1iILDKOm3wTHTYYXty6XdbujkHbMf6nTsiIJCt7Lpzyk5VChfZ9q3Voog

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:14 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretPostAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1196
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EB6C.E913.4A36.DA84",
    "client_secret": "3849388d-7d0d-40f6-b3b9-dcf53c376fa6",
    "registration_access_token": "28ab25b5-804d-43b9-872b-96245f70006c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EB6C.E913.4A36.DA84",
    "client_id_issued_at": 1530862514,
    "client_secret_expires_at": 1530948914,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EB6C.E913.4A36.DA84&client_secret=3849388d-7d0d-40f6-b3b9-dcf53c376fa6

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"4b7b4084-a22a-4167-8a18-c330b3b7f00e","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EB6C.E913.4A36.DA84","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretPostAuthenticationMethodFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!08F5.790F.146C.9174",
    "client_secret": "358cc853-0207-4c8c-9865-4cf0c13a6554",
    "registration_access_token": "505a37f9-77ae-428f-b83b-a871117cc945",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!08F5.790F.146C.9174",
    "client_id_issued_at": 1530862514,
    "client_secret_expires_at": 1530948914,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2108F5.790F.146C.9174&client_secret=INVALID_CLIENT_SECRET

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:15 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretPostAuthenticationMethodFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7790.2953.6914.970B",
    "client_secret": "24574616-721e-4628-9c72-c5713120b0cc",
    "registration_access_token": "485dcc4b-63e5-4d03-8cbb-600b564ff679",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7790.2953.6914.970B",
    "client_id_issued_at": 1530862515,
    "client_secret_expires_at": 1530948915,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217790.2953.6914.970B

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:15 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretPostAuthenticationMethodFail3
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FC7F.0BF6.7B8B.2352",
    "client_secret": "e9861f79-f935-4ebe-906e-08b4a3902c46",
    "registration_access_token": "50895276-7a5f-447e-ae0b-52476e469a48",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FC7F.0BF6.7B8B.2352",
    "client_id_issued_at": 1530862515,
    "client_secret_expires_at": 1530948915,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:15 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: defaultAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1197
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B2B0.52AA.1CF2.D8F9",
    "client_secret": "7a2ec598-13c6-4702-bbe7-77f375ae65f7",
    "registration_access_token": "9c56d996-87d0-4255-ab0b-f2cfd10b84de",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B2B0.52AA.1CF2.D8F9",
    "client_id_issued_at": 1530862515,
    "client_secret_expires_at": 1530948915,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQjJCMC41MkFBLjFDRjIuRDhGOTo3YTJlYzU5OC0xM2M2LTQ3MDItYmJlNy03N2YzNzVhZTY1Zjc=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"9bafe722-1580-41e2-849b-68b70a3e7236","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B2B0.52AA.1CF2.D8F9","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: defaultAuthenticationMethodFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1242
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!769C.C066.72FB.9BF7",
    "client_secret": "b575754e-e9c6-433c-bbc3-80480577f4b9",
    "registration_access_token": "0b09e28f-fde7-4f43-84eb-826e8623095d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!769C.C066.72FB.9BF7",
    "client_id_issued_at": 1530862515,
    "client_secret_expires_at": 1530948915,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNzY5Qy5DMDY2LjcyRkIuOUJGNzpJTlZBTElEX0NMSUVOVF9TRUNSRVQ=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:15 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EDCA.D160.3D58.6325",
    "client_secret": "7573e315-dd29-42d9-a9a7-33e4c4f92345",
    "registration_access_token": "4de72d2d-b38c-4a10-91ad-c748c4716848",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EDCA.D160.3D58.6325",
    "client_id_issued_at": 1530862515,
    "client_secret_expires_at": 1530948915,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFRENBLkQxNjAuM0Q1OC42MzI1Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRURDQS5EMTYwLjNENTguNjMyNSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZGE4ZGQyZTktMGFjMS00NDFiLThmNDEtNjJiMmNkMjRiZGIzIiwiZXhwIjoxNTMwODYyODM4LCJpYXQiOjE1MzA4NjI1Mzh9.MEUCIQCS4pZWIYL5zVn1qgm5j11kkqrB5UKyNJX0ye31VjZ0BAIgdjbo-ut17b5zzjkXQWeFZSS3IdpOQw_ZZYNI2437eEY

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"68c85a4d-d15e-4f2d-91fe-b820fde0710d","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EDCA.D160.3D58.6325","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D6CA.1C2F.A520.7A67",
    "client_secret": "defdfcf3-20fc-41d9-ab99-d5d23e225d98",
    "registration_access_token": "62844016-f767-43ef-a66b-05f3f90a4af2",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D6CA.1C2F.A520.7A67",
    "client_id_issued_at": 1530862516,
    "client_secret_expires_at": 1530948916,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

03:35:38.348 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1312) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
03:35:38.456 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1314) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IkVTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFENkNBLjFDMkYuQTUyMC43QTY3Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDZDQS4xQzJGLkE1MjAuN0E2NyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNzM0Zjg1NjktNjVjYS00YTZmLWI2MDUtZDk3NjliY2E1YWZiIiwiZXhwIjoxNTMwODYyODM4LCJpYXQiOjE1MzA4NjI1Mzh9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:16 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!45F1.14AE.1C25.01FA",
    "client_secret": "fc5329b6-3c34-42f4-9ef4-84b3de026c4f",
    "registration_access_token": "e294208f-6b74-40b5-8bf7-829ebb3587cc",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!45F1.14AE.1C25.01FA",
    "client_id_issued_at": 1530862516,
    "client_secret_expires_at": 1530948916,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0NUYxLjE0QUUuMUMyNS4wMUZBIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNDVGMS4xNEFFLjFDMjUuMDFGQSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNmQ2NGVhNDAtODdlZi00MWRhLTljNzQtMGUyODBkZmU2ZWU2IiwiZXhwIjoxNTMwODYyODM4LCJpYXQiOjE1MzA4NjI1Mzh9.MGYCMQCNO_zPRyq6Uv4ZD5TJj6vO3cGipJIOOGFRtuYRp2BdZH8_oeUYRVUrtzYql8wAPIcCMQDLEV69kDcxgw_MuX4mx24gLjLDdonJLaLHxpAwXBqURoGWg94-rv0q8ali22ANVZM

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"d9941ab8-1614-452b-94c2-06ddd37c2c7b","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!45F1.14AE.1C25.01FA","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2D63.E283.64DE.A54F",
    "client_secret": "6dfcb015-77b2-4340-a52b-f177e48ad6a6",
    "registration_access_token": "0f04c3bf-26f2-47ab-87af-24dcf6e6f486",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2D63.E283.64DE.A54F",
    "client_id_issued_at": 1530862516,
    "client_secret_expires_at": 1530948916,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

03:35:38.939 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1437) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
03:35:39.043 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1439) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6IkVTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyRDYzLkUyODMuNjRERS5BNTRGIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMkQ2My5FMjgzLjY0REUuQTU0RiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMWMxOGEyZDUtNzY0Zi00NzJiLWIzMDgtMzdjOGFkZDA4ODI1IiwiZXhwIjoxNTMwODYyODM5LCJpYXQiOjE1MzA4NjI1Mzl9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:17 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3585.F4FF.0F7C.83B7",
    "client_secret": "513d1d27-4390-42a5-9039-6a2bc20e93b6",
    "registration_access_token": "c1b4d22e-e338-44b0-b729-f97c1a95e687",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3585.F4FF.0F7C.83B7",
    "client_id_issued_at": 1530862517,
    "client_secret_expires_at": 1530948917,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNTg1LkY0RkYuMEY3Qy44M0I3Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMzU4NS5GNEZGLjBGN0MuODNCNyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZGU2NWY5YzgtNWJjZS00NmU4LWI4NjEtOWJjYWY1M2FlOGQxIiwiZXhwIjoxNTMwODYyODM5LCJpYXQiOjE1MzA4NjI1Mzl9.MIGIAkIAseSc4GHoKMFgfnQM9PggKN_7WECRoAmdV_lfnGZsuEkjOVW5OcbbdyCOAc_x32o1mYxtjvFDImbUo8ziER36gBMCQgH8YLLtaeFSPskAvT5pUyE3ewoZMIg5XdbeTQCalWkIy-BQ4J-uo-mG7Nkh3gZog-KeHE9MkgvJWUY8rl8oOuKypg

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"10c77dfb-0c8e-4158-8e3b-d227d0867c8c","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3585.F4FF.0F7C.83B7","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D163.6A51.24FC.7061",
    "client_secret": "1a837872-3732-4711-aec9-2c3e0802acea",
    "registration_access_token": "34627b09-780a-4ab1-aa84-639ef155a8f8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D163.6A51.24FC.7061",
    "client_id_issued_at": 1530862517,
    "client_secret_expires_at": 1530948917,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

03:35:39.516 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1562) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
03:35:39.629 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1564) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IkVTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMTYzLjZBNTEuMjRGQy43MDYxIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDE2My42QTUxLjI0RkMuNzA2MSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMTUzY2UzZDQtYjg3YS00MzY5LWFiNzMtMGQ4MTRkNGQ4ODM1IiwiZXhwIjoxNTMwODYyODM5LCJpYXQiOjE1MzA4NjI1Mzl9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:17 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ACE5.CCC7.D62D.6276",
    "client_secret": "cb3b6060-986f-4945-9063-1b72bdd4f1d4",
    "registration_access_token": "1bb17bde-3efa-45ff-9739-0167114c0646",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ACE5.CCC7.D62D.6276",
    "client_id_issued_at": 1530862517,
    "client_secret_expires_at": 1530948917,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBQ0U1LkNDQzcuRDYyRC42Mjc2Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQUNFNS5DQ0M3LkQ2MkQuNjI3NiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMjMzZjNiNmItZmFjNy00MDExLTkwOTAtYjc5MGUyMGQzMmRkIiwiZXhwIjoxNTMwODYyODM5LCJpYXQiOjE1MzA4NjI1Mzl9.dwkvALqFLGCtKIjwVQF2a9qKUz8ZQSSxl0eOmsXSJtjtKVBDdgJ9uvXIz3VWnT3NEd25QL__7H5mQ4eOuj_JvbDLqHAEJfVn1rjiE9RgMv6T_Xg0kN08wudNaQEM4JnZsf3kXMq_MdrIxrXxcABlmuW5rlouofq52IWYTXTnFHlLr-pIqlttCLAiQiTC9xMye8HxxgKNCPCKnaw_1NejgAWaCQSyzkWpIUq-DP5Jy5k3ljCxTmbp6siq-XegnHTOIl0-2_eh7qdwKARWkox1JPIc3yrcuFmJoSucWnrDBYhFjjqM1XbANvJQcGEUZ4UwL5B38Zs3kQRzvWKd6xVMOA

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"b97ba175-cedd-4bab-abe8-e3f1ccca6bcb","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ACE5.CCC7.D62D.6276","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AA50.5FAD.0F98.4AB4",
    "client_secret": "7b854c06-adb5-40ae-a87d-14eafd259c86",
    "registration_access_token": "4886a31d-c104-44f2-a8cf-b475f1b71a71",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AA50.5FAD.0F98.4AB4",
    "client_id_issued_at": 1530862518,
    "client_secret_expires_at": 1530948918,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

03:35:40.067 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:937) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
03:35:40.171 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:939) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IlJTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBQTUwLjVGQUQuMEY5OC40QUI0Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQUE1MC41RkFELjBGOTguNEFCNCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZGVmNzdhMGEtNjhiZi00YjljLWIzNmItZGY5ODkwZDM2MjNmIiwiZXhwIjoxNTMwODYyODQwLCJpYXQiOjE1MzA4NjI1NDB9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:18 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E34F.0BD4.4F7E.E979",
    "client_secret": "afbf9800-cbe2-488e-88eb-93589dd4d7bf",
    "registration_access_token": "e325a197-c17c-416e-99ad-87c33e1652a9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E34F.0BD4.4F7E.E979",
    "client_id_issued_at": 1530862518,
    "client_secret_expires_at": 1530948918,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMzRGLjBCRDQuNEY3RS5FOTc5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRTM0Ri4wQkQ0LjRGN0UuRTk3OSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNzZiNWFhY2UtYmNkZi00OGMyLWFiZTctMzczYTM1ZTEwMDFlIiwiZXhwIjoxNTMwODYyODQwLCJpYXQiOjE1MzA4NjI1NDB9.SvXFAC4uen4q9dAZfnK1kWk355YEjqwOXFLysvHkqn0x6uFTVG1knmvmL_pcWL3Fkv5bdtOj9uLIYlOaNYihiDZrFyzGCWTO5CcYRHk02m_0tR2ggQRa1cmRCr73EpRcKIXYDwrv8ndoCh9-EL07GgOy94SXSHc4M2aFUwp-8LdDzFWBJW3byu1gTUWo3T0rT4XaGWaTCTyDjTCu_UXINed3a4mJ7E34c22xPtPcYaLuuryzmwmI4sQ95wItyGQcVwn6xeX1Rj_HJLne_393jJwZN8adaj0NaE1v-CqG828oR_zBv_Nf7510YSpzY6vlAfEUZ_tJBO7W1k2YuW1gdQ

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"2eed19bd-c1f0-49a7-97ea-471ea8f4d826","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E34F.0BD4.4F7E.E979","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F54A.E390.DB20.0837",
    "client_secret": "a458f35e-452e-4772-a7f5-f5e8feb746fe",
    "registration_access_token": "20456bbb-22b3-478e-8f2b-374d21bf2a81",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F54A.E390.DB20.0837",
    "client_id_issued_at": 1530862518,
    "client_secret_expires_at": 1530948918,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

03:35:40.578 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1062) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
03:35:40.683 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1064) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6IlJTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGNTRBLkUzOTAuREIyMC4wODM3Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRjU0QS5FMzkwLkRCMjAuMDgzNyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiOGM3N2YyMjMtNDVhYi00N2M5LWI4NzYtYjI2ZTI0OWMyOTMyIiwiZXhwIjoxNTMwODYyODQwLCJpYXQiOjE1MzA4NjI1NDB9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:35:18 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B53.017F.3DF9.CEFF",
    "client_secret": "6f53173c-3d3b-439f-93b4-4a2eadaae2fd",
    "registration_access_token": "a97c5ede-5052-40b4-9c51-f79c8bf2c458",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B53.017F.3DF9.CEFF",
    "client_id_issued_at": 1530862518,
    "client_secret_expires_at": 1530948918,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3QjUzLjAxN0YuM0RGOS5DRUZGIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghN0I1My4wMTdGLjNERjkuQ0VGRiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiM2EwNWEzZjUtOGE5ZC00ODhhLWEyZTQtYTAyOWM2MTUwODAyIiwiZXhwIjoxNTMwODYyODQwLCJpYXQiOjE1MzA4NjI1NDB9.OXUOWacJztuQQaEqDJdB2tdP1C9nSrKl52-ph4MMU6oeGjBZLESHRhFzoPPuly8GpN40DN9Zr0I34ZpStIZJqCH2107A9bI9PUSS0xoqx4fxrTd0R6KD1F9Uw8FoaanUoXAdIcWo9TOM2zYKebLM5dv2XZLk3iAo3OCMCSwqoBeAU1VzvkC1gwfmwRJuHoQUwK4OUTIioZM4Mh_vjWGtUh5wbqqTmHwe11TGhAQtqLGDMihpFVSLBALP2athsmgXjKFo2hk5e5zvGMccdjndD2bGctVjmNUtUlcifn6X8ME61UUXSdYWfDVIrf0WQ0CrJN_V9laBBT_kDDFwb3L1yA

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"86611603-b869-4bb7-bd40-677bef438be4","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B53.017F.3DF9.CEFF","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:35:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!98E2.975D.E5D8.3EBE",
    "client_secret": "f3b71be0-8c80-4b40-9565-f5218dbf05fc",
    "registration_access_token": "7b53a57e-d0ed-4e3b-a092-91b8dc81258c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!98E2.975D.E5D8.3EBE",
    "client_id_issued_at": 1530862519,
    "client_secret_expires_at": 1530948919,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

03:35:41.090 [main] ERROR org.xdi.oxauth.client.TokenRequest - Suppli