FailedConsole Output

Started by an SCM change
Building on master in workspace /home/tomcat/.jenkins/jobs/oxAuth/workspace
 > git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
 > git config remote.origin.url https://github.com/GluuFederation/oxAuth # timeout=10
Fetching upstream changes from https://github.com/GluuFederation/oxAuth
 > git --version # timeout=10
 > git fetch --tags --progress https://github.com/GluuFederation/oxAuth +refs/heads/*:refs/remotes/origin/*
 > git rev-parse refs/remotes/origin/master^{commit} # timeout=10
 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision e1f2a283c7c2e8bcd7ad02db344167ac203142a6 (refs/remotes/origin/master)
 > git config core.sparsecheckout # timeout=10
 > git checkout -f e1f2a283c7c2e8bcd7ad02db344167ac203142a6
Commit message: "Use Ldap persistence layer if there is gluu.properties"
 > git rev-list --no-walk ae3d0aa97862d682fcd2f4c49bc708fd184aacfe # timeout=10
[workspace] $ /bin/bash /opt/tomcat/temp/jenkins6834923609409592179.sh
Cloning into 'oxHudsonProfiles'...
[workspace] $ /home/tomcat/.jenkins/tools/hudson.tasks.Maven_MavenInstallation/maven_3.3.9/bin/mvn -DVERSION_NAME=master -DPROFILE_NAME=ce-dev4 -DDEVELOPMENT_BUILD=true -DMAVEN_SKIP_TESTS=false -Dpython.import.site=false -DPYTHON_HOME=/opt/jython -Dcfg=ce-dev4 -Dmaven.test.skip=false -Ddevelopment-build=true clean compile install findbugs:findbugs javadoc:javadoc site
[INFO] Scanning for projects...
[WARNING] 
[WARNING] Some problems were encountered while building the effective model for org.xdi:oxauth-rp:war:4.0.0-SNAPSHOT
[WARNING] 'build.plugins.plugin.version' for org.mortbay.jetty:jetty-maven-plugin is missing. @ org.xdi:oxauth-rp:[unknown-version], /home/tomcat/.jenkins/jobs/oxAuth/workspace/RP/pom.xml, line 74, column 12
[WARNING] 
[WARNING] It is highly recommended to fix these problems because they threaten the stability of your build.
[WARNING] 
[WARNING] For this reason, future Maven versions might no longer support building such malformed projects.
[WARNING] 
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO] 
[INFO] oxAuth
[INFO] oxAuth Model
[INFO] oxAuth Client
[INFO] oxauth-static
[INFO] oxAuth RP
[INFO] oxAuth RP Demo
[INFO] oxAuth Server
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth 4.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/target
[INFO] 
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth ---
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/pom.xml to /var/www/html/maven/org/xdi/oxauth/4.0.0-SNAPSHOT/oxauth-4.0.0-SNAPSHOT.pom
[INFO] 
[INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth ---
[INFO] 
[INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth >>>
[INFO] 
[INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth <<<
[INFO] 
[INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth ---
[INFO] 
[INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth ---
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth Model 4.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-model ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model ---
[INFO] Compiling 156 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/classes
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[144,36] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 1 resource
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model ---
[INFO] Nothing to compile - all classes are up to date
[INFO] 
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-model ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 4 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-model ---
[INFO] Compiling 5 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/test-classes
[INFO] 
[INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-model ---

-------------------------------------------------------
 T E S T S
-------------------------------------------------------
Running TestSuite
CodeVerifier{codeVerifier='AXRaQ8vaq7RQuqgIcXtOc7Od6OTKR1WcW3C6vW4SvcTDeBfxvcdYOy5hdrJu1QC9Wo3weNFJL~MH6LNvOJ3XJE.GG6sCNUvbTFtA_l-5MlWHg7vcdNWx7F2deG-ZagAJ', codeChallenge='AXRaQ8vaq7RQuqgIcXtOc7Od6OTKR1WcW3C6vW4SvcTDeBfxvcdYOy5hdrJu1QC9Wo3weNFJL~MH6LNvOJ3XJE.GG6sCNUvbTFtA_l-5MlWHg7vcdNWx7F2deG-ZagAJ', transformationType=PLAIN}
CodeVerifier{codeVerifier='C5cCMY1EASe3tca5p85rr57wJ1cTyj8aL649J1H0h8dxvAw~.236whc4u368UuK-ol~_vgXmcTIXjYIVqbwKYUj~Afk_RlFFpNcQs25Ht19Pz6Pcx16OLa1QIbueui9R', codeChallenge='7QZ2tgw3jpyZRnQiA6K9BFj7n8_RsIwoevSdBGJcbk0', transformationType=S256}
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging.
Hi there from Javascript, 
Tests run: 7, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 4.263 sec - in TestSuite

Results :

Tests run: 7, Failures: 0, Errors: 0, Skipped: 0

[INFO] 
[INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ oxauth-model ---
[INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar
[INFO] 
[INFO] --- maven-jar-plugin:2.4:test-jar (default) @ oxauth-model ---
[INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar
[INFO] 
[INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth-model ---
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar to /var/www/html/maven/org/xdi/oxauth-model/4.0.0-SNAPSHOT/oxauth-model-4.0.0-SNAPSHOT.jar
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/pom.xml to /var/www/html/maven/org/xdi/oxauth-model/4.0.0-SNAPSHOT/oxauth-model-4.0.0-SNAPSHOT.pom
[INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar to /var/www/html/maven/org/xdi/oxauth-model/4.0.0-SNAPSHOT/oxauth-model-4.0.0-SNAPSHOT-tests.jar
[INFO] 
[INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth-model ---
[INFO] Fork Value is true
     [java] Warnings generated: 53
[INFO] Done FindBugs Analysis....
[INFO] 
[INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth-model >>>
[INFO] 
[INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth-model <<<
[INFO] 
[INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth-model ---
[INFO] 
Loading source files for package org.xdi.oxauth.model.uma...
Loading source files for package org.xdi.oxauth.model.uma.wrapper...
Loading source files for package org.xdi.oxauth.model.uma.persistence...
Loading source files for package org.xdi.oxauth.model.jwt...
Loading source files for package org.xdi.oxauth.model.common...
Loading source files for package org.xdi.oxauth.model.jwk...
Loading source files for package org.xdi.oxauth.model.exception...
Loading source files for package org.xdi.oxauth.model.session...
Loading source files for package org.xdi.oxauth.model.fido.u2f...
Loading source files for package org.xdi.oxauth.model.fido.u2f.message...
Loading source files for package org.xdi.oxauth.model.fido.u2f.exception...
Loading source files for package org.xdi.oxauth.model.fido.u2f.protocol...
Loading source files for package org.xdi.oxauth.model.gluu...
Loading source files for package org.xdi.oxauth.model.register...
Loading source files for package org.xdi.oxauth.model.discovery...
Loading source files for package org.xdi.oxauth.model.jwe...
Loading source files for package org.xdi.oxauth.model.userinfo...
Loading source files for package org.xdi.oxauth.model.util...
Loading source files for package org.xdi.oxauth.model.authorize...
Loading source files for package org.xdi.oxauth.model.configuration...
Loading source files for package org.xdi.oxauth.model.error...
Loading source files for package org.xdi.oxauth.model.jws...
Loading source files for package org.xdi.oxauth.model.token...
Loading source files for package org.xdi.oxauth.model.crypto...
Loading source files for package org.xdi.oxauth.model.crypto.signature...
Loading source files for package org.xdi.oxauth.model.crypto.encryption...
Constructing Javadoc information...
Standard Doclet version 1.8.0_121
Building tree for all the packages and classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/ClaimTokenFormatType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogic.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNodeParser.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/PermissionTicket.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptIntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptProfiles.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RPTResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaMetadata.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermissionList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceWithId.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaTokenResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/Token.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/Jwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaims.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimSet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeader.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeaderName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtStateClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtSubClaimObject.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/PureJwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthenticationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthorizationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Display.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/GrantType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/HasParamName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Holder.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Id.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/JSONable.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/PairwiseIdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ProgrammingLanguage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Prompt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseMode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/SubjectType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/TokenType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/WebKeyStorage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKeySet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JWKParameter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/KeyType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/Use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidClaimException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJweException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJwtException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidParameterException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/SignatureException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/DeviceRegistrationStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawRegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/BadInputException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/RegistrationNotAllowed.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/ClientData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/DeviceData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/ApplicationType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/OAuth2Discovery.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerLink.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/Jwe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/KeyDerivationFunction.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/Schema.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/UserInfoErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Base64Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/JwtUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/LocaleUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Pair.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SecurityProviderUtility.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/StringUtils.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SubjectIdentifierGenerator.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/URLPatternList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.CodeChallengeMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AppConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/BaseFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ClientAuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/Configuration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ConfigurationResponseClaim.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/CorsConfigurationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/IErrorType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/AbstractJwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/ECDSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/HMACSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/JwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/PlainTextSignature.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/RSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/ClientAssertionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/JsonWebResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/TokenErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Certificate.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/CryptoProviderFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Key.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/KeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxAuthCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxElevenCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/AbstractSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECEllipticCurve.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithmFamily.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/Signer.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/BlockEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/KeyEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/constant-values.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/serialized-form.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogic.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNodeParser.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptIntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/PermissionTicket.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/ClaimTokenFormatType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceWithId.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptProfiles.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaTokenResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaMetadata.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaNeedInfoResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermissionList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RPTResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/class-use/Token.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaScopeDescription.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaPermission.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaResource.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/Jwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeader.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/PureJwt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtStateClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimSet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtSubClaimObject.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaims.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeaderName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ProgrammingLanguage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IntrospectionResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/HasParamName.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/GrantType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthorizationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/PairwiseIdType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Holder.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/JSONable.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/TokenType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Id.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Prompt.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseMode.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/WebKeyStorage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ScopeType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Display.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/SubjectType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthenticationMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKeySet.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JWKParameter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/Use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/KeyType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidParameterException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/SignatureException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJwtException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJweException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidClaimException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConstants.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/DeviceRegistrationStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawAuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawRegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/RegistrationNotAllowed.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/BadInputException.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/DeviceData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/ClientData.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateStatus.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequestMessage.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequest.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/ApplicationType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/OAuth2Discovery.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerLink.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/KeyDerivationFunction.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypterImpl.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/Jwe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweDecrypter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/UserInfoErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/Schema.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/URLPatternList.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Base64Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SecurityProviderUtility.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/LocaleUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Util.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/StringUtils.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SubjectIdentifierGenerator.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/JwtUtil.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Pair.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeResponseParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.CodeChallengeMethod.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeRequestParam.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/Configuration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/BaseFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AppConfiguration.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/CorsConfigurationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ConfigurationResponseClaim.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ClientAuthenticationFilter.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/class-use/IErrorType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/RSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/HMACSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/AbstractJwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/PlainTextSignature.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/ECDSASigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/JwsSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/JsonWebResponse.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/TokenErrorResponseType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/ClientAssertionType.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxElevenCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxAuthCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/AbstractCryptoProvider.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Key.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/CryptoProviderFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Certificate.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/KeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAKeyFactory.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithmFamily.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPrivateKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/Signer.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPublicKey.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/AbstractSigner.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECEllipticCurve.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/BlockEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/KeyEncryptionAlgorithm.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-use.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-use.html...
Building index for all the packages and classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-tree.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index-all.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/deprecated-list.html...
Building index for all classes...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-frame.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-noframe.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-summary.html...
Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/help-doc.html...
12 warnings
[WARNING] Javadoc Warnings
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for clientId
[WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for claimsRedirectUri
[WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:44: warning: no @return
[WARNING] public JwtHeader setType(JwtType type) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:63: warning: no @return
[WARNING] public JwtHeader setAlgorithm(SignatureAlgorithm algorithm) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:77: warning: no @return
[WARNING] public JwtHeader setAlgorithm(KeyEncryptionAlgorithm algorithm) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:96: warning: no @return
[WARNING] public JwtHeader setKeyId(String keyId) {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/common/ScopeType.java:30: warning: empty <p> tag
[WARNING] * <p>
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:37: warning: no @return
[WARNING] public byte getUserPresence() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:45: warning: no @return
[WARNING] public long getCounter() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:52: warning: no @return
[WARNING] public byte[] getSignature() {
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:210: warning: no description for @return
[WARNING] * @return
[WARNING] ^
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:212: warning: no @throws for org.codehaus.jettison.json.JSONException
[WARNING] public static Map<String, String> jsonObjectArrayStringAsMap(String jsonString) throws JSONException {
[WARNING] ^
[INFO] 
[INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth-model ---
[INFO]                                                                         
[INFO] ------------------------------------------------------------------------
[INFO] Building oxAuth Client 4.0.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-client ---
[INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client ---
[INFO] Compiling 59 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/classes
[INFO] 
[INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client ---
[INFO] Nothing to compile - all classes are up to date
[INFO] 
[INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-client ---
[INFO] Using 'UTF-8' encoding to copy filtered resources.
[INFO] Copying 17 resources
[INFO] 
[INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-client ---
[INFO] Compiling 145 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/test-classes
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release
[WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[47,35] X509CertImpl is internal proprietary API and may be removed in a future release
[INFO] 
[INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-client ---

-------------------------------------------------------
 T E S T S
-------------------------------------------------------
Running TestSuite
ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging.
Invoked init test suite method 

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:56:28 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:28 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: applicationTypeNativeSubjectTypePairwise
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1344
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FAC5.4E8C.4639.17A4",
    "client_secret": "650c427d-4fe7-4621-9956-50ad9bb416ab",
    "registration_access_token": "69f17c02-9c68-4f40-b03e-39d86dfe466c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FAC5.4E8C.4639.17A4",
    "client_id_issued_at": 1530863789,
    "client_secret_expires_at": 1530950189,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 69f17c02-9c68-4f40-b03e-39d86dfe466c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1344
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FAC5.4E8C.4639.17A4",
    "client_secret": "650c427d-4fe7-4621-9956-50ad9bb416ab",
    "registration_access_token": "69f17c02-9c68-4f40-b03e-39d86dfe466c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FAC5.4E8C.4639.17A4",
    "client_id_issued_at": 1530863789,
    "client_secret_expires_at": 1530950189,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FAC5.4E8C.4639.17A4&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b6878cd9-dfb2-456f-9ff5-61cbe0921835&nonce=42b717e7-ab3c-4a92-9afe-a6e7a7d7b99b
03:56:54.851 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:0934a719-4034-4fc4-b1ee-a5ed378adc4a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FAC5.4E8C.4639.17A4&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b6878cd9-dfb2-456f-9ff5-61cbe0921835&nonce=42b717e7-ab3c-4a92-9afe-a6e7a7d7b99b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=1789c9f9-adc6-4227-a9d0-30dbb8e45211&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGQUM1LjRFOEMuNDYzOS4xN0E0IiwiZXhwIjoxNTMwODY3Mzk3LCJpYXQiOjE1MzA4NjM3OTcsIm5vbmNlIjoiNDJiNzE3ZTctYWIzYy00YTkyLTlhZmUtYTZlN2E3ZDdiOTliIiwiYXV0aF90aW1lIjoxNTMwODYzNzk3LCJjX2hhc2giOiI2cDdWeWI3b2VJX0FYbXFKWUYxZDR3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiM1hyeFhoN2lhclFDX3dQT2VMVWlrdXE4VHRRR3hUSWNZU1BrOUU5QkFQWSJ9.qkfSgAV9kKBvojyewciRqMcgD3YUq7b8pGLR0wRTibvQn3iWWzk2-_OrNITv57n-ZArpGXxzVwtAavzkZtujoA_BbW-Cj3sTHAlcGprWrAqVzVUCGgOo7LiabR0tf7zapkJRmXUQg6gzfNEesCtkLMlXYU-l95223VXKhHWtN_HRrTbEmnUAFcMu_WmnXZqTMnjgbCSf5BmoVeRFHyNzSF2-hddBrDqoCq8M9Mq3QbNKhqHGqblibyvhVRN_4xaqpnTNOCZtOf7ssIfbv2cP8h_0FpexqdYM4cNFyvuzr2jhcMTToQ8WsLLuASOcHAdYd5gfcA8WOkaQnzWqzLkOtw&session_id=0d11884c-ba46-4be4-9b7d-190a6f3c9417&state=b6878cd9-dfb2-456f-9ff5-61cbe0921835&session_state=0934a719-4034-4fc4-b1ee-a5ed378adc4a

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRkFDNS40RThDLjQ2MzkuMTdBNDo2NTBjNDI3ZC00ZmU3LTQ2MjEtOTk1Ni01MGFkOWJiNDE2YWI=

grant_type=authorization_code&code=1789c9f9-adc6-4227-a9d0-30dbb8e45211&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"0f86e6ce-e5d8-435d-88bf-aa623192cc65","token_type":"bearer","expires_in":299,"refresh_token":"4cc0bc2e-b7d4-4949-816b-06ffcc0edc79","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGQUM1LjRFOEMuNDYzOS4xN0E0IiwiZXhwIjoxNTMwODY3Mzk3LCJpYXQiOjE1MzA4NjM3OTcsIm5vbmNlIjoiNDJiNzE3ZTctYWIzYy00YTkyLTlhZmUtYTZlN2E3ZDdiOTliIiwiYXV0aF90aW1lIjoxNTMwODYzNzk3LCJhdF9oYXNoIjoicjQ0aW5JWXktSjkwSXEyTWxGTUozdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjNYcnhYaDdpYXJRQ193UE9lTFVpa3VxOFR0UUd4VEljWVNQazlFOUJBUFkifQ.pnIKid5SM325gwThXCLFM0_vYKkNbtkpHkDX2fLL-32Mm8qm65dlAlB0uoEVH6WPeYz6wkQsrSMTAdk8xr2veP_2r-msUA7T9lDfpvnE0laubmiCPvfUw1fRCga3dp4upCJ7V8_cqesaaovTuO436tE1YS9OlBdowyWUQ-GF8vbcKs9g5AfF1zm-a6Ym-zHxeBkGZru3MGtYnL8HWe3U_o7bmbBM0H-9SmBWMKvLIMAzx5dqbYTdws4S710SoiBeV3XcFnEUQQRyYlfXwBq_isVU5_CItkADm27XQIiGQe57s5y_HXcIY_-97KN25ft1hZrni5-QyvpPpvJplN1Ppg"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRkFDNS40RThDLjQ2MzkuMTdBNDo2NTBjNDI3ZC00ZmU3LTQ2MjEtOTk1Ni01MGFkOWJiNDE2YWI=

grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=4cc0bc2e-b7d4-4949-816b-06ffcc0edc79

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:40 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"1aceb59a-cd43-4bbe-8d74-d53a5c0aa598","token_type":"bearer","expires_in":299,"refresh_token":"07b7df46-66c9-4bff-82d9-49ea121172af","scope":"address openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 1aceb59a-cd43-4bbe-8d74-d53a5c0aa598

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:56:40 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"3XrxXh7iarQC_wPOeLUikuq8TtQGxTIcYSPk9E9BAPY","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: applicationTypeNativeSubjectTypePublic
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1209
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:40 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DD64.FBB5.F083.C4C2",
    "client_secret": "3f974645-a2e2-4483-b1d8-8f73a1b018e1",
    "registration_access_token": "074dccf3-1a23-4306-bd16-6dedff56a893",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DD64.FBB5.F083.C4C2",
    "client_id_issued_at": 1530863800,
    "client_secret_expires_at": 1530950200,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 074dccf3-1a23-4306-bd16-6dedff56a893

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1209
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:40 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DD64.FBB5.F083.C4C2",
    "client_secret": "3f974645-a2e2-4483-b1d8-8f73a1b018e1",
    "registration_access_token": "074dccf3-1a23-4306-bd16-6dedff56a893",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DD64.FBB5.F083.C4C2",
    "client_id_issued_at": 1530863800,
    "client_secret_expires_at": 1530950200,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "native",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DD64.FBB5.F083.C4C2&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b2ed57fb-9f62-4a27-886e-c7c73b96a5de&nonce=3b752057-d901-40f0-acc8-c329f644beb4
03:57:02.881 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:40d1e266-47cd-4cc3-a13c-9b8ab568108e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DD64.FBB5.F083.C4C2&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b2ed57fb-9f62-4a27-886e-c7c73b96a5de&nonce=3b752057-d901-40f0-acc8-c329f644beb4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=38617363-49ea-402d-a2bd-588983865dc6&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFERDY0LkZCQjUuRjA4My5DNEMyIiwiZXhwIjoxNTMwODY3NDA0LCJpYXQiOjE1MzA4NjM4MDQsIm5vbmNlIjoiM2I3NTIwNTctZDkwMS00MGYwLWFjYzgtYzMyOWY2NDRiZWI0IiwiYXV0aF90aW1lIjoxNTMwODYzODAzLCJjX2hhc2giOiJ6amxlb0JsR1UwTmd5bjNkeEs3S2lRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDAhQjFGMy5BRUFFLkI3OTgifQ.qEWrzuf_rIh2Al5SVuxn9SeA5FPwKRNQB-8Ft4BJIHzwCXnyHbhE1_n7vnUhpGyhpth9U7q0Se-9WFVUTFO4jCZYI0kFKvIKh_S18a3pLp4aLz8Jsvc0q1BR6xE-Wv1hkVDhTFtWNoENg6xQQH5lYM5yg-uC1gIG7wKoWVKJ1foXE56fPAZlWWPpgo0zcjXebUg4g3ParyGfVQ5BVQbKE_TInZdSIYrcTjiweOp3Q6My_8pMYYmCFsKgNcJMZHbaguR5srlEjgZgtVIuKsV5uKQpvNXPmRp_GO2rkbbbrBZQBM9InGwB_9o-WJJs5sa4KKzJFQm2BeUQYeKrcPvDBw&session_id=6ea19f2e-1a35-4333-ba1c-24d1426a325f&state=b2ed57fb-9f62-4a27-886e-c7c73b96a5de&session_state=40d1e266-47cd-4cc3-a13c-9b8ab568108e

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxREQ2NC5GQkI1LkYwODMuQzRDMjozZjk3NDY0NS1hMmUyLTQ0ODMtYjFkOC04ZjczYTFiMDE4ZTE=

grant_type=authorization_code&code=38617363-49ea-402d-a2bd-588983865dc6&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1074
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"d8339db4-698d-4e12-8c90-a71f5bf25085","token_type":"bearer","expires_in":299,"refresh_token":"61ed5aa6-5e3b-4677-861f-2b3768900c55","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFERDY0LkZCQjUuRjA4My5DNEMyIiwiZXhwIjoxNTMwODY3NDA0LCJpYXQiOjE1MzA4NjM4MDQsIm5vbmNlIjoiM2I3NTIwNTctZDkwMS00MGYwLWFjYzgtYzMyOWY2NDRiZWI0IiwiYXV0aF90aW1lIjoxNTMwODYzODAzLCJhdF9oYXNoIjoiRklLYjQxUURLSk5WSkpvQVZYaG1WUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkAhMzhENC40MTBDLjFENDMuODkzMiEwMDAxITM3RjIuQjc0NCEwMDAwIUIxRjMuQUVBRS5CNzk4In0.O9wZ2vwQc2ss2tgMns9uoQlOFZ2nFPGNVefG_Z-2u1KvoW0wMfReaN2R8x6gxEE0Vf9StVeUyleKZgxgO2gnlZxb605dXT0-lJ0rgE39-ku9Fykg5q69AhajN8HPG7JqtbkGc2m04itpolsfz2af5uIOVX8yoGgZxlQVTGGcVGiTeQqc1exmibMQGNvP9wzl1wELW4FpEEK-qL6Xw31Krft58cv1xciraZtXEICCq49avRoh2P34aFGISDnTbWCLxnjZERsMMAz9yVGcah1pO_UiupklvHI1QaPtPQ2Ry93wPjhN9nHgTj-AqPgI0rntP1KoVC6SY-55WctA_oG-_Q"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxREQ2NC5GQkI1LkYwODMuQzRDMjozZjk3NDY0NS1hMmUyLTQ0ODMtYjFkOC04ZjczYTFiMDE4ZTE=

grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=61ed5aa6-5e3b-4677-861f-2b3768900c55

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"08246d75-5961-4f80-a3b5-dd121c700fd7","token_type":"bearer","expires_in":299,"refresh_token":"251b68b5-a364-4af1-b75a-06d788e38648","scope":"address openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 08246d75-5961-4f80-a3b5-dd121c700fd7

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 647
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:56:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"@!38D4.410C.1D43.8932!0001!37F2.B744!0000!B1F3.AEAE.B798","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: applicationTypeWeb
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!020E.2BD1.7AB1.F735",
    "client_secret": "8c7610b5-f705-4a51-b2bf-a1f7f350cb81",
    "registration_access_token": "8f53c821-d7c3-4719-8f5c-a9c234b48fc1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!020E.2BD1.7AB1.F735",
    "client_id_issued_at": 1530863804,
    "client_secret_expires_at": 1530950204,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8f53c821-d7c3-4719-8f5c-a9c234b48fc1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!020E.2BD1.7AB1.F735",
    "client_secret": "8c7610b5-f705-4a51-b2bf-a1f7f350cb81",
    "registration_access_token": "8f53c821-d7c3-4719-8f5c-a9c234b48fc1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!020E.2BD1.7AB1.F735",
    "client_id_issued_at": 1530863804,
    "client_secret_expires_at": 1530950204,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

#######################################################
TEST: applicationTypeWebFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": ["http://client.example.com/cb"],
    "application_type": "web",
    "client_name": "oxAuth test app"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 101
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:45 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_redirect_uri","error_description":"Value of one or more redirect_uris is invalid."}

#######################################################
TEST: omittedApplicationType
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FC76.13D3.4A1F.0E79",
    "client_secret": "7dcabd74-a5e4-4fe9-add5-c0870fdb12f4",
    "registration_access_token": "bb013af4-92e1-4895-ae0b-51b4e1e66052",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FC76.13D3.4A1F.0E79",
    "client_id_issued_at": 1530863805,
    "client_secret_expires_at": 1530950205,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer bb013af4-92e1-4895-ae0b-51b4e1e66052

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FC76.13D3.4A1F.0E79",
    "client_secret": "7dcabd74-a5e4-4fe9-add5-c0870fdb12f4",
    "registration_access_token": "bb013af4-92e1-4895-ae0b-51b4e1e66052",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FC76.13D3.4A1F.0E79",
    "client_id_issued_at": 1530863805,
    "client_secret_expires_at": 1530950205,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:56:45 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:45 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: authorizationCodeDynamicScopeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name org_name work_phone"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1361
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DC54.EFA8.E836.8A8D",
    "client_secret": "4d6ad741-0a25-42cc-b6e5-22c141535af8",
    "registration_access_token": "1d4215cd-ea4b-41b7-a0a4-78129b5f5e07",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DC54.EFA8.E836.8A8D",
    "client_id_issued_at": 1530863805,
    "client_secret_expires_at": 1530950205,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name org_name work_phone",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DC54.EFA8.E836.8A8D&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=883c2756-9ea6-49ea-b002-5323df771884&nonce=12552871-93cd-4ad7-8377-4a1fb2f30296
03:57:07.882 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:dbf9fb33-7d33-4f37-bb8b-949388050d11
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DC54.EFA8.E836.8A8D&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=883c2756-9ea6-49ea-b002-5323df771884&nonce=12552871-93cd-4ad7-8377-4a1fb2f30296

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=e4e85dcc-9bf1-44f2-9a90-8002a727a978&scope=address+openid+user_name+profile+work_phone+org_name+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQzU0LkVGQTguRTgzNi44QThEIiwiZXhwIjoxNTMwODY3NDA3LCJpYXQiOjE1MzA4NjM4MDcsIm5vbmNlIjoiMTI1NTI4NzEtOTNjZC00YWQ3LTgzNzctNGExZmIyZjMwMjk2IiwiYXV0aF90aW1lIjoxNTMwODYzODA3LCJjX2hhc2giOiJpQWZWbl9FQ2xrUm5UMVpTZ1ZGYUt3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiVExlcERjaVl0NHdlRVNGTnpuYU5neHp0SWhocTRQbTN3ZllKYXNUY2pvVSJ9.RBRxYFptqLfGu_T7hrGdMo0GRbmDTgB8GxZYgDeUST9Sfci1DfDfNySsoxXI6d6IV3VzrmgaussIotwYmfWcG2HLEaerAiUjPgmI5INOZXAMQ1GQA4Ddu7psT7PJJrzVnaq_ZEAlYe8JaofRHvtNyEyaftO_ji77LYGgARjHKEJMqu3D4HrkYPYKk-ZcbXAckHNjVud660LQZUpk28KqZ0DgeZ86wVvBnQW2iZ32e5rjWXCCmsvxr_Ic4fvaWQ2ouPNTd8v5dzckijSgIb8dmOGL2Y6Zl6xGVZGfkb-pp53c0a2kJTLr13ZappKqH0s-V5CJhfWwE-oD9-ybk2q23Q&session_id=0964ba45-3c1a-47f9-a520-361ced2db54d&state=883c2756-9ea6-49ea-b002-5323df771884&session_state=dbf9fb33-7d33-4f37-bb8b-949388050d11

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxREM1NC5FRkE4LkU4MzYuOEE4RDo0ZDZhZDc0MS0wYTI1LTQyY2MtYjZlNS0yMmMxNDE1MzVhZjg=

grant_type=authorization_code&code=e4e85dcc-9bf1-44f2-9a90-8002a727a978&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"b7d46f46-5a12-4894-a723-60f986ab746f","token_type":"bearer","expires_in":299,"refresh_token":"d2dfde8b-cf57-45fa-867f-d5dd0d3aaaca","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQzU0LkVGQTguRTgzNi44QThEIiwiZXhwIjoxNTMwODY3NDA4LCJpYXQiOjE1MzA4NjM4MDgsIm5vbmNlIjoiMTI1NTI4NzEtOTNjZC00YWQ3LTgzNzctNGExZmIyZjMwMjk2IiwiYXV0aF90aW1lIjoxNTMwODYzODA3LCJhdF9oYXNoIjoiQVpObWNKVTA4VUpRV0YtWG1JSE1fUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlRMZXBEY2lZdDR3ZUVTRk56bmFOZ3h6dEloaHE0UG0zd2ZZSmFzVGNqb1UifQ.BHx1UlR1wzqnwr1uVkjrbLqPJsC-JGAhPDGVRFNgTmic9j07OvNF7jqZ6jjeMJ_tGXvZpP7SkH94vvrX--TvSTawJKTl0z-C-D3-AioyfvnhsEaAB2ZOMHu4xhFNt_ZW2iJi4ubUBiB8WFw4OVwv1HsfzShkuiRIY85FhkbaLNYzUScqZs62lSJKRn7ICqG4DpyRFcUFeIXya-kzcizC4uC0ICksWBwhADVUV8HWeoCW1rm85drKyAfihIJFZ_yO5m-cL-w1ye-DF3mBMm0vXWzekv57KoVLAH9uzagR0MY535o6h57fbxWI-if_aTN4s2g8e7_fC42XgAb6h43fOA"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b7d46f46-5a12-4894-a723-60f986ab746f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 690
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:56:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"TLepDciYt4weESFNznaNgxztIhhq4Pm3wfYJasTcjoU","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org","org_name":"Gluu, Inc.","work_phone":["(512) 516-2413"]}

#######################################################
TEST: authorizationCodeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email phone user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1347
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1943.83B4.D4B1.B766",
    "client_secret": "fadd1fe2-afdd-4fcf-b52d-86776d7feeed",
    "registration_access_token": "9613bfe2-a8b2-4a66-a6af-443d8568cbef",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1943.83B4.D4B1.B766",
    "client_id_issued_at": 1530863808,
    "client_secret_expires_at": 1530950208,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email phone user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211943.83B4.D4B1.B766&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8d3e5e2f-f0ed-4bad-a224-8369e1ace3c0&nonce=2b861ae9-35db-4000-b340-c394fbb7ffab
03:57:10.496 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f2962b00-1002-40ca-8546-422508b3ea8e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211943.83B4.D4B1.B766&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8d3e5e2f-f0ed-4bad-a224-8369e1ace3c0&nonce=2b861ae9-35db-4000-b340-c394fbb7ffab

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=63a1545d-a0a8-4f53-a7b3-e671780ea9e9&scope=address+phone+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExOTQzLjgzQjQuRDRCMS5CNzY2IiwiZXhwIjoxNTMwODY3NDEwLCJpYXQiOjE1MzA4NjM4MTAsIm5vbmNlIjoiMmI4NjFhZTktMzVkYi00MDAwLWIzNDAtYzM5NGZiYjdmZmFiIiwiYXV0aF90aW1lIjoxNTMwODYzODEwLCJjX2hhc2giOiJ4NXU4RE42QnpMdlNUWTYyaUdyWldnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiWFRDUXhOTUQyNlBnQTRaeXlfWWdJald3M2ZVRU1CbjM4N2RRUjNnNmh1ayJ9.fJEOy3BMIPDqZYn14e89aVYrueLb6QJnrnbnO24MWSTI54BS-BvO-42_n1lXQippwiknfxpJh0yMxV6J9IYwcs0GtXMCIzt39v6wO3OZRzITkT0-PD57mfhy-i1RkosvJce91B_96idk_rBsjEBKI6Ca-coho28g9k4fmw2LVsubMdfYjKifmHj5cbR64j3yPi9CdoiERbOz78wDFcAFEnR2sRuTNWYcHF6e1hOzOOYlCQV1eFUQJ5jCMVNHP_d6v55lAj4ghw0qVXdPFPeNjdpyU5ZSH7cfj4ZgfbWtk8wocdHcdjdPfFfWdsudP1-oOtcy7ySDWIJtyYCUSbqZvg&session_id=60e12d77-f12a-45d3-8eaa-ece2f5c4764c&state=8d3e5e2f-f0ed-4bad-a224-8369e1ace3c0&session_state=f2962b00-1002-40ca-8546-422508b3ea8e

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMTk0My44M0I0LkQ0QjEuQjc2NjpmYWRkMWZlMi1hZmRkLTRmY2YtYjUyZC04Njc3NmQ3ZmVlZWQ=

grant_type=authorization_code&code=63a1545d-a0a8-4f53-a7b3-e671780ea9e9&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"5f91f823-5226-4b9c-ad76-90cde63070a0","token_type":"bearer","expires_in":299,"refresh_token":"36d4eee0-82c0-4826-b0ab-caaeaad90e70","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExOTQzLjgzQjQuRDRCMS5CNzY2IiwiZXhwIjoxNTMwODY3NDEwLCJpYXQiOjE1MzA4NjM4MTAsIm5vbmNlIjoiMmI4NjFhZTktMzVkYi00MDAwLWIzNDAtYzM5NGZiYjdmZmFiIiwiYXV0aF90aW1lIjoxNTMwODYzODEwLCJhdF9oYXNoIjoiSHZrSy1YeDdJdVQxNDJoeEE5OHVNQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlhUQ1F4Tk1EMjZQZ0E0Wnl5X1lnSWpXdzNmVUVNQm4zODdkUVIzZzZodWsifQ.TdNUOWuTAfoL_yqsXHD9i93hlFQcIXrLK_i_xJdfZRcMkPz9iDWSkIselN78F51wH4z-bamAC-AP9ZkerTjA26--a60a5tc3_I0Ji65MZ_685bZALeuWs8LL7U0NyjibztAd5VfZd24ZpCP0z5EFFJo_-vMzew1FLP6zLM_I1JMeh3gLB89zk_I9L-2jNQx65lIIhOrVzYgj-_MnqLcjWatJRIvvIhp4AI_hrOleebADIWAmVfLkdsudscC5KDiMprGYzBrGu_YMZUcZGKuOOjIDAnk_aAgYr00ZS-_UQchPJ7UKf7-zaajI-T1OXD-mjG0QDDmvjhLd62NXffQYiA"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMTk0My44M0I0LkQ0QjEuQjc2NjpmYWRkMWZlMi1hZmRkLTRmY2YtYjUyZC04Njc3NmQ3ZmVlZWQ=

grant_type=refresh_token&scope=address+phone+openid+user_name+profile+email&refresh_token=36d4eee0-82c0-4826-b0ab-caaeaad90e70

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 204
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"3cc08eff-d326-4837-9834-d854eb4489e0","token_type":"bearer","expires_in":299,"refresh_token":"60d04fb4-60f4-4e6d-8b28-1657d29dbc6f","scope":"address phone openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 3cc08eff-d326-4837-9834-d854eb4489e0

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 695
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:56:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"XTCQxNMD26PgA4Zyy_YgIjWw3fUEMBn387dQR3g6huk","phone_number_verified":true,"phone_number":"(512) 516-2413","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: authorizationCodeFlowLoginHint
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1341
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4C34.B50A.1524.CBA8",
    "client_secret": "797edfeb-ffa0-4154-a72d-fcd07d068a30",
    "registration_access_token": "af0a6708-e091-46de-b090-5b806413ced3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4C34.B50A.1524.CBA8",
    "client_id_issued_at": 1530863811,
    "client_secret_expires_at": 1530950211,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214C34.B50A.1524.CBA8&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d088179c-1bb3-4bce-b9ab-6a2b587ad04c&nonce=503f9ea3-713f-45d3-830c-1611f2d436ed&login_hint=test_user
03:57:13.360 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:333427a9-cff1-4477-a186-dc38a7798e28
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214C34.B50A.1524.CBA8&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d088179c-1bb3-4bce-b9ab-6a2b587ad04c&nonce=503f9ea3-713f-45d3-830c-1611f2d436ed&login_hint=test_user

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=1788c15e-8988-40a9-ae0e-2a7297284e58&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0QzM0LkI1MEEuMTUyNC5DQkE4IiwiZXhwIjoxNTMwODY3NDEzLCJpYXQiOjE1MzA4NjM4MTMsIm5vbmNlIjoiNTAzZjllYTMtNzEzZi00NWQzLTgzMGMtMTYxMWYyZDQzNmVkIiwiYXV0aF90aW1lIjoxNTMwODYzODEyLCJjX2hhc2giOiJyUW9hYkVXbzJQR1dwM1phaDNjS2NBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiVGZQZUNsbnlKTzVBT0dvTTcyLVQtYnQyLU8zeks2WVhpTWwyYm1FTFZiZyJ9.PItMlhJvSNNnhp3fcgT9786Wp1LLeObC8sdUUSxE6HKibAYkZBKuwd7cEC8TkrMT4CB7ZWCpSFMVkBUxWnaEuL338x86xEjXYhfAED0li5yEqUomUOgGChiEcIzLtJxUToAm2uMYHjYOaripHAPqiHXfxZJYO5yNddNoUOHY-14kH86VxX2bAYbG-RT0JsCgCVG5SoPUgIhjPQrL__ROdYl11PLIIbnB9A2vUm2PNbpNg1WHmJ-mOmOxmKbU4dnu6nlcQL4SJ-QZ6vOdEaFR0l9gXj102wWrHKvJ-3AbBnlfgKZWhxHglzoPev1jhMIDwZ40HW2jO_fWVB5tNw1Jcw&session_id=9dcc1a35-cd31-42b9-a2aa-bf9d044599c4&state=d088179c-1bb3-4bce-b9ab-6a2b587ad04c&session_state=333427a9-cff1-4477-a186-dc38a7798e28

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNEMzNC5CNTBBLjE1MjQuQ0JBODo3OTdlZGZlYi1mZmEwLTQxNTQtYTcyZC1mY2QwN2QwNjhhMzA=

grant_type=authorization_code&code=1788c15e-8988-40a9-ae0e-2a7297284e58&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"864601ed-4def-4623-835e-0c949925aa8b","token_type":"bearer","expires_in":299,"refresh_token":"4b4e1728-3297-4f9d-bb46-17b4b1d5c4fa","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0QzM0LkI1MEEuMTUyNC5DQkE4IiwiZXhwIjoxNTMwODY3NDEzLCJpYXQiOjE1MzA4NjM4MTMsIm5vbmNlIjoiNTAzZjllYTMtNzEzZi00NWQzLTgzMGMtMTYxMWYyZDQzNmVkIiwiYXV0aF90aW1lIjoxNTMwODYzODEyLCJhdF9oYXNoIjoiR1p4bWlmTGZ2R05ITUxJUG1HMV9oQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlRmUGVDbG55Sk81QU9Hb003Mi1ULWJ0Mi1PM3pLNllYaU1sMmJtRUxWYmcifQ.f_K6U8SoVhUHgC-7-eT2gh9EnL4BwQcJo5SIy4DRTovxgnIhdiyaJN-SNm5Vh-zU6bffUYle9LxIE7P08Glucyv-b8L1ZqE45KJZGLztAPykFzpYqXNA528pD0TU-Ic5GTn5sNlzAkoGM5GX3HREuPLMeT1IwFywPIiWh9mJNJph9_dvctaQ8Fzbp2OZkWsfSGfHdGtKBXBtif2iFRou6MBxn9OSRHNacofpNLFJNUyPMCyCKkjlUjlKt3w1jTH_V0AgH2_8b3wBcf6ikIIFjh2OofzpGfhUU5AVJaaKT8IFpeKdAORsNqu9GcD_-QXTitz5SeTCGRu-A5bbG7h9Lw"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNEMzNC5CNTBBLjE1MjQuQ0JBODo3OTdlZGZlYi1mZmEwLTQxNTQtYTcyZC1mY2QwN2QwNjhhMzA=

grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=4b4e1728-3297-4f9d-bb46-17b4b1d5c4fa

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 198
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"d75161a7-7da5-4ceb-be6d-ec22396df570","token_type":"bearer","expires_in":299,"refresh_token":"1b427a8c-bc2c-4e90-8e6e-c8543321966e","scope":"address openid user_name profile email"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer d75161a7-7da5-4ceb-be6d-ec22396df570

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:56:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"TfPeClnyJO5AOGoM72-T-bt2-O3zK6YXiMl2bmELVbg","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: authorizationCodeFlowNegativeTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1309
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6132.914C.F9E5.8864",
    "client_secret": "63ba0d16-d645-4ef5-8562-bf870ca42ca7",
    "registration_access_token": "472687ea-953b-4a4a-a1cb-bae08d47ae5e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6132.914C.F9E5.8864",
    "client_id_issued_at": 1530863813,
    "client_secret_expires_at": 1530950213,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216132.914C.F9E5.8864&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b438a60e-db8b-4426-9ba8-f588bf167427&nonce=bfc27466-5416-46f4-b153-62cee8bc0b81
03:57:15.745 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:e5d0a4cf-26fb-4f0a-bf24-756d68735a45
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216132.914C.F9E5.8864&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b438a60e-db8b-4426-9ba8-f588bf167427&nonce=bfc27466-5416-46f4-b153-62cee8bc0b81

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=d927fe8a-6e2f-445e-928a-d54ff2292895&scope=openid&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MTMyLjkxNEMuRjlFNS44ODY0IiwiZXhwIjoxNTMwODY3NDE1LCJpYXQiOjE1MzA4NjM4MTUsIm5vbmNlIjoiYmZjMjc0NjYtNTQxNi00NmY0LWIxNTMtNjJjZWU4YmMwYjgxIiwiYXV0aF90aW1lIjoxNTMwODYzODE1LCJjX2hhc2giOiJLZ0F6WE5MUHhJUzFQWWdaaHNTUFhBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoicl9Eb3ExS3ktdkt1Ukc3RS02bGxXVEZJaHR0UFdmUEhwQWNsRlFOZG1JTSJ9.ZTceyLrOQszG6e4UQtwrd_RuY7b2ZVjHtv44cmMQbqTIiJcIw6LmtQ9jLPB250xF-WtBpaih5pQ4Ns9mNv4FgEE6hhfzK29RdlKHOgCHLR2DrxMTnpckgzlII5Tjf8JwpY1VhbgfSg7d1RS_vuC51wTzXQVRgWuACo6R7wmSYbVCmEO53Cw5qUOsoyQuyZKZsSYYL6vh1fuxbPbBZsfn_YnxFdO1K0L7ZLuRVxhIihBJKP8Tyundh531LzMr4lG8puR-FYwEV8hy34008EG3NOmKN4cdFCqx3ipxECxk2q2DnSYFqcw0kJGpqw-DVrLvqvr1UV6QeTge8qhnktU9Nw&session_id=efdc09b6-0a9c-4bc2-ac05-6f9ebc5af338&state=b438a60e-db8b-4426-9ba8-f588bf167427&session_state=e5d0a4cf-26fb-4f0a-bf24-756d68735a45

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNjEzMi45MTRDLkY5RTUuODg2NDo2M2JhMGQxNi1kNjQ1LTRlZjUtODU2Mi1iZjg3MGNhNDJjYTc=

grant_type=authorization_code&code=d927fe8a-6e2f-445e-928a-d54ff2292895&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"11e4f8aa-6160-47cf-b6bf-476d68a69344","token_type":"bearer","expires_in":299,"refresh_token":"0164aa0b-e0a3-4807-a941-8c5fc8eeac6e","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MTMyLjkxNEMuRjlFNS44ODY0IiwiZXhwIjoxNTMwODY3NDE2LCJpYXQiOjE1MzA4NjM4MTYsIm5vbmNlIjoiYmZjMjc0NjYtNTQxNi00NmY0LWIxNTMtNjJjZWU4YmMwYjgxIiwiYXV0aF90aW1lIjoxNTMwODYzODE1LCJhdF9oYXNoIjoiTlJIaE9oQWZTRXN1ZUszZzIxZ0l0dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InJfRG9xMUt5LXZLdVJHN0UtNmxsV1RGSWh0dFBXZlBIcEFjbEZRTmRtSU0ifQ.avpi_0r_sfQ-YHjTvtGDf_VEjc44YrYLAYFB_0Ws6Z2HEC4jk2XyptUd6G54UpQy54796xhj_1lTKrzYBTld5qslKEnFQBn89QckmaJmOv_fAa22As4tA8n9IBe8Ulmg-PTW1wGlwrWZnNQnmwYzO10Cru3zlojy_d2Apuxhj3NWcMkrClk5-3DN6bAmLHgQW5tV_li0m1mDBDWEkHjVNEfrBS-lNsS52D3o722T9f_af_Fy5IF2ySbMzLwqqYqro8UAH7xd5Nx1aav3-JzHw68ASjndJTid-ATxGUbfDzzt-0LeCK12WiL82WUk-7YHx39-yrPCBeuJkuir7OqQuQ"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNjEzMi45MTRDLkY5RTUuODg2NDo2M2JhMGQxNi1kNjQ1LTRlZjUtODU2Mi1iZjg3MGNhNDJjYTc=

grant_type=refresh_token&scope=openid&refresh_token=0164aa0b-e0a3-4807-a941-8c5fc8eeac6e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 166
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"fc8450e1-d8ab-4451-8421-3ae896819ba7","token_type":"bearer","expires_in":299,"refresh_token":"13ec4152-2921-42af-a4e6-b7c533b7f311","scope":"openid"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer fc8450e1-d8ab-4451-8421-3ae896819ba7

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 53
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:56:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"sub":"r_Doq1Ky-vKuRG7E-6llWTFIhttPWfPHpAclFQNdmIM"}

#######################################################
TEST: authorizationCodeFlowWithOptionalNonce
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!431D.CA32.384A.B46D",
    "client_secret": "9fbcf958-d93d-482f-9d9c-acc4345cd16b",
    "registration_access_token": "ecab1cc1-9320-4c27-acb3-8e9f4fee4b34",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!431D.CA32.384A.B46D",
    "client_id_issued_at": 1530863816,
    "client_secret_expires_at": 1530950216,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21431D.CA32.384A.B46D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2619888a-bf38-4773-a5bd-0e1d2f0967d9&nonce=29ca45bd-da83-44bf-90b3-c80fae32cc9f
03:57:18.731 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:bda646a0-94c7-4a98-9df0-4a39595b0547
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21431D.CA32.384A.B46D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2619888a-bf38-4773-a5bd-0e1d2f0967d9&nonce=29ca45bd-da83-44bf-90b3-c80fae32cc9f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=bf41d301-a8aa-4103-a1c0-ea2ddfadb497&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0MzFELkNBMzIuMzg0QS5CNDZEIiwiZXhwIjoxNTMwODY3NDE4LCJpYXQiOjE1MzA4NjM4MTgsIm5vbmNlIjoiMjljYTQ1YmQtZGE4My00NGJmLTkwYjMtYzgwZmFlMzJjYzlmIiwiYXV0aF90aW1lIjoxNTMwODYzODE4LCJjX2hhc2giOiJSOGt1dzZnWkFUQTk2OHhNNU9pMXJ3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMFpmcGU4WVF0T0pPNDVPUmVxTXphSjBLc2NyU2xiRmYwSzE2SE03YktjbyJ9.aPs8sgqnGB6kUMl1KdiThqif3uYg1qh6tCi0wiDih_AQO7pE8e4bOa4ghhUk1qNl4ZwexFam6c1A6ameRmRSUuduxoJlmJhC8lpj144vCsmYNHugXNKx7u8Dp09ISHd5i19f8ZAQMcEAo3OE4CHCbYI3EX-7sECFTx7TUKNb7H6r-wen33SQnhsKgt-_kbURM6Q4VBSK-xJb0UVkpKMBR8xsdpmL_zgKMi-VtpDT8c4ViYJ6AYJXIGHRfqF0OfOLVRVns0ViCD4iG-aWxs2O5ne5kySLAYo9YT5ylzSdm1j6uiUzSYbytVRKjpYytPzKf13nc7vSEBUcbzy_Y9As4w&session_id=1e3faaeb-eb75-4e65-83c8-343eb62e7d6a&state=2619888a-bf38-4773-a5bd-0e1d2f0967d9&session_state=bda646a0-94c7-4a98-9df0-4a39595b0547

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNDMxRC5DQTMyLjM4NEEuQjQ2RDo5ZmJjZjk1OC1kOTNkLTQ4MmYtOWQ5Yy1hY2M0MzQ1Y2QxNmI=

grant_type=authorization_code&code=bf41d301-a8aa-4103-a1c0-ea2ddfadb497&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"18e718ad-c1f1-456f-9511-5b83ada96bd4","token_type":"bearer","expires_in":299,"refresh_token":"2403f32c-9c8c-4284-af6c-52fe18048d07","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0MzFELkNBMzIuMzg0QS5CNDZEIiwiZXhwIjoxNTMwODY3NDE4LCJpYXQiOjE1MzA4NjM4MTgsIm5vbmNlIjoiMjljYTQ1YmQtZGE4My00NGJmLTkwYjMtYzgwZmFlMzJjYzlmIiwiYXV0aF90aW1lIjoxNTMwODYzODE4LCJhdF9oYXNoIjoiaThFcDI1WllzZXpUYks2Sm5YR0tDZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjBaZnBlOFlRdE9KTzQ1T1JlcU16YUowS3NjclNsYkZmMEsxNkhNN2JLY28ifQ.g_Iq9LDK3BPLWALXN82Z4KoRNQWL0LbT9OfJedngOVL94tj-9wINL8CIiAGt6WyJXDuSda99084uUyiL81L-FzY6OJ6GEw3v4JIqy-RtcRJlMyTJP9VfscUVJq-KnRFhgygJwB5AqJMfGTqgN2LJiykcahPxGd247vi2SJtVy78Y5BvaF68ITLHO5R-mfpAhXHinQXPwCyR2e9-xTKhh3NT-Y_PHgeqycwgJ1mQjY7R7BzZQftYIypW49sbHs8_0LxH8bZrDodQuB_0oAmjhd89fzLI_Lxk1NngLO3QicYw2n-iWM2gF9ekZmLnQagH_taSRT5u5zpDUStDEOZd5-w"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNDMxRC5DQTMyLjM4NEEuQjQ2RDo5ZmJjZjk1OC1kOTNkLTQ4MmYtOWQ5Yy1hY2M0MzQ1Y2QxNmI=

grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=2403f32c-9c8c-4284-af6c-52fe18048d07

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 188
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"5557c1ef-dbfd-4078-a56b-70564f2fe3d3","token_type":"bearer","expires_in":299,"refresh_token":"335839a1-0e0c-4352-a9d2-fa265008027d","scope":"address openid profile email"}

#######################################################
TEST: authorizationCodeWithNotAllowedScopeFlow
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "scope": "openid profile address email user_name"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1341
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:56:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!41DD.4BEB.F055.2AAD",
    "client_secret": "83fcbc6b-e11e-453e-973f-f5bcf7d8ad83",
    "registration_access_token": "cc5eda78-e930-42d3-9369-207b60b366ba",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!41DD.4BEB.F055.2AAD",
    "client_id_issued_at": 1530863818,
    "client_secret_expires_at": 1530950218,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email user_name",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2141DD.4BEB.F055.2AAD&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2dd31729-f8e3-4b33-b0e7-919aab09a2cc&nonce=03d4e355-e770-4343-b977-2d54c46c6a50
03:57:21.058 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ca53c7d8-dfa6-4ab6-9438-da2f6fb1f67b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2141DD.4BEB.F055.2AAD&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2dd31729-f8e3-4b33-b0e7-919aab09a2cc&nonce=03d4e355-e770-4343-b977-2d54c46c6a50

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=b69f7ef0-763f-4df8-97c0-5b83404e2ba3&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0MURELjRCRUIuRjA1NS4yQUFEIiwiZXhwIjoxNTMwODY3NDIwLCJpYXQiOjE1MzA4NjM4MjAsIm5vbmNlIjoiMDNkNGUzNTUtZTc3MC00MzQzLWI5NzctMmQ1NGM0NmM2YTUwIiwiYXV0aF90aW1lIjoxNTMwODYzODIwLCJjX2hhc2giOiJGNHZsUHdnVF92dkkwM1ExcUxHb0RnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiVXNPREU5VlVJMEdWSkJxNjZtS2tJWmw0ZmFMd3FIemNLVmtnRGFwX0JLVSJ9.fGYZhRsjIk6BfQw2VIZ9mXqFj5fx_b6414xwYtzzb0zA__TXMgJWiU0xUfk3pJyIYKHZuEaGALa5M1iZM2nWTewaRlWa9vEH0G5SdkbhYX9WJte1pvNTkqlEh3djenPi5ewmW_VDF58LeqJRNlhxeBFacCV1ZzNfA20HUIniOT9HA8XrBuMl_XI6vxq9FeHTx_3JQBnAp0zgc4M7GUPCjEfXLbkisHZ2k3bL91gtFcM-bn6Mb_In0-SITO9OVTpm2p7ctnKoZGEb7Q2_eWf0TkeHYuJD0wI6-AJ9gnD_CldYfM1BQX0hq1daS1jw_Fjdhr0ujWB5Nw4oAJwGNIipfg&session_id=311046a7-9dd8-46da-8b92-fbc3b20e2f80&state=2dd31729-f8e3-4b33-b0e7-919aab09a2cc&session_state=ca53c7d8-dfa6-4ab6-9438-da2f6fb1f67b

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNDFERC40QkVCLkYwNTUuMkFBRDo4M2ZjYmM2Yi1lMTFlLTQ1M2UtOTczZi1mNWJjZjdkOGFkODM=

grant_type=authorization_code&code=b69f7ef0-763f-4df8-97c0-5b83404e2ba3&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"ff57cbc1-c219-47a6-a405-0886fc6e9917","token_type":"bearer","expires_in":299,"refresh_token":"c320e659-40eb-48a1-aeb2-bbfc0afdb260","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0MURELjRCRUIuRjA1NS4yQUFEIiwiZXhwIjoxNTMwODY3NDIxLCJpYXQiOjE1MzA4NjM4MjEsIm5vbmNlIjoiMDNkNGUzNTUtZTc3MC00MzQzLWI5NzctMmQ1NGM0NmM2YTUwIiwiYXV0aF90aW1lIjoxNTMwODYzODIwLCJhdF9oYXNoIjoiTDlpeklVd0hyRjRjdldYN0NBZ1pLdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlVzT0RFOVZVSTBHVkpCcTY2bUtrSVpsNGZhTHdxSHpjS1ZrZ0RhcF9CS1UifQ.kshFXSAakCwT6ayQyGd8OsjSIHaq03ZrMkCIunWCJ0KwChkC8yD63pSR7m_UuHjL5yk10V0Pn5GCqsm_cgvXE6eUjIWiZlEBetT9sKyPtOszCyCQUHFVY8-uxC06bPrvCtEeI29-Qo_2FUDmBstzucomvG4pz1ld9SqxsUa1UbOvHP7Rzvu_pmo3wZu_Bjy5zuV6lQf8WZo_BY8zYZH-uuCpmKY5GrqsD6xbmTEyZp4S9tTsFCoZ37iwm_yE1bngL-lHoUZiFhFqR-yonpUenQhXQV74SkUTmTguDRcoMX0W-3C92AXGp8PkVnysFftOjIVE6V4SLJEazkUJ_1VXKg"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer ff57cbc1-c219-47a6-a405-0886fc6e9917

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 634
Content-Type: application/json;charset=utf-8
Date: Fri, 06 Jul 2018 07:57:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"UsODE9VUI0GVJBq66mKkIZl4faLwqHzcKVkgDap_BKU","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"}

#######################################################
TEST: revokeTokens
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F53A.A7A4.FA53.9A38",
    "client_secret": "392ebfc9-593c-47f8-9021-31ac5a2d550a",
    "registration_access_token": "e785b9ef-27a2-445b-bcfa-c65ed912f083",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F53A.A7A4.FA53.9A38",
    "client_id_issued_at": 1530863821,
    "client_secret_expires_at": 1530950221,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer e785b9ef-27a2-445b-bcfa-c65ed912f083

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:01 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F53A.A7A4.FA53.9A38",
    "client_secret": "392ebfc9-593c-47f8-9021-31ac5a2d550a",
    "registration_access_token": "e785b9ef-27a2-445b-bcfa-c65ed912f083",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F53A.A7A4.FA53.9A38",
    "client_id_issued_at": 1530863821,
    "client_secret_expires_at": 1530950221,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F53A.A7A4.FA53.9A38&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8a983ef4-b773-4b84-a78e-d642e77076f2&nonce=66d8e814-eb5e-4230-839f-45cd83ca0240
03:57:23.567 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:59ca8a94-b034-477b-977d-60754618461d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F53A.A7A4.FA53.9A38&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8a983ef4-b773-4b84-a78e-d642e77076f2&nonce=66d8e814-eb5e-4230-839f-45cd83ca0240

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=95c64373-b8f9-42aa-8594-26259ff154c1&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGNTNBLkE3QTQuRkE1My45QTM4IiwiZXhwIjoxNTMwODY3NDIyLCJpYXQiOjE1MzA4NjM4MjIsIm5vbmNlIjoiNjZkOGU4MTQtZWI1ZS00MjMwLTgzOWYtNDVjZDgzY2EwMjQwIiwiYXV0aF90aW1lIjoxNTMwODYzODIyLCJjX2hhc2giOiJpZ3RET1c3TXZhSnBxNGVaOU1mLWRBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoibGpFcGRpMzdTT3BjeUhKMUMwTWs4ZVVVMVpyTGJEM1pXRmRSTGFjaTJScyJ9.Db-pSEXg74AmvGmOughDxNOcT53UjkRTgmnp9u68Tdx0EUWt7vmgc6Y4Cac_7A7nbDm0OOOu3uTxBxXGlzyvc7gSkChSIjOEx4kxjawUHxcIg5C5EEE1mDTf-6nHzt2tZhM2xEoApAu2HCSEqISTCaw17PBJVejfyA-eoZDSDUYtfEfR6LzvZpn4u59GNRpWef_A3TujfvC6Utc_tUoqUMj9yyMTasU1puhMWHnAWl5vVfyEUfTu5CRiZu2UORU0CVW5wH_AeANSwUC_OaZN8urSpP3ByVIxc7LJKCtApHC8DblrbwSFsQM4FDQpW2R1J-FD1hPVZtdCykpR_HNbZA&session_id=1d428efb-91d9-4776-82ac-756a2e96126c&state=8a983ef4-b773-4b84-a78e-d642e77076f2&session_state=59ca8a94-b034-477b-977d-60754618461d

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRjUzQS5BN0E0LkZBNTMuOUEzODozOTJlYmZjOS01OTNjLTQ3ZjgtOTAyMS0zMWFjNWEyZDU1MGE=

grant_type=authorization_code&code=95c64373-b8f9-42aa-8594-26259ff154c1&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"7a05efd3-8c3e-4ea8-9d07-45a13004a8ea","token_type":"bearer","expires_in":299,"refresh_token":"7cd58451-eba5-41dc-b67f-bcd502a26133","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGNTNBLkE3QTQuRkE1My45QTM4IiwiZXhwIjoxNTMwODY3NDIyLCJpYXQiOjE1MzA4NjM4MjIsIm5vbmNlIjoiNjZkOGU4MTQtZWI1ZS00MjMwLTgzOWYtNDVjZDgzY2EwMjQwIiwiYXV0aF90aW1lIjoxNTMwODYzODIyLCJhdF9oYXNoIjoiNER3aTBSNTdmalpFaFNZcUVxNmM4ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImxqRXBkaTM3U09wY3lISjFDME1rOGVVVTFackxiRDNaV0ZkUkxhY2kyUnMifQ.gdyrRccbG6KHLW_OP8JlZohYGRa25spDUmNcVRF9Jc38u4C9V6p_g3Cni7zwcJfno10sapnVOPVNMTmADgSDYZ4VTlJ7wd-WOcs3dujdH3wXDjuu3vxlibbjPSliPsM4BnGKAN-g2KOzpUHK3PD1mX3ld8GxszYTgT6p9h2t0mJ20oxt_EaIFnUjKJYARaRXIEhGoaEjhiEzlhNabPchS5mjoUvAv0uVZUo9SkBgt1bkq8sP2uEMoz4s8yIpsq2SdnmrahsWHug__oJGQxXFcnoXsZ6DdxLTZ9EE6Mx0_2LvV9NOMybdjQRAtYZ0_5pmAa0XZB7HTkfWpaw5jeJ6JQ"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRjUzQS5BN0E0LkZBNTMuOUEzODozOTJlYmZjOS01OTNjLTQ3ZjgtOTAyMS0zMWFjNWEyZDU1MGE=

grant_type=authorization_code&code=95c64373-b8f9-42aa-8594-26259ff154c1&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Cache-Control: no-store
Connection: close
Content-Length: 213
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:03 GMT
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRjUzQS5BN0E0LkZBNTMuOUEzODozOTJlYmZjOS01OTNjLTQ3ZjgtOTAyMS0zMWFjNWEyZDU1MGE=

grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=7cd58451-eba5-41dc-b67f-bcd502a26133

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 213
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 7a05efd3-8c3e-4ea8-9d07-45a13004a8ea

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 203
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:03 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:57:03 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:03 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!92F3.8D7B.E603.4166",
    "client_secret": "2d689310-1e12-41d0-8617-41a6b8315f43",
    "registration_access_token": "fbf1f54e-d56d-413d-82f3-eac92b86fd11",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!92F3.8D7B.E603.4166",
    "client_id_issued_at": 1530863823,
    "client_secret_expires_at": 1530950223,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2192F3.8D7B.E603.4166&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=db259fd5-87c7-469f-88f8-4446ea92c4a0&nonce=71af188c-73ee-4aa3-9bfd-04a8fae7c559&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:57:03 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=219e0323-00e5-4e0f-b4d2-f03d9bb62b1f&scope=address+openid+profile+email&session_id=d65678e7-45a0-4539-bc2d-b4cdf3f57056&state=db259fd5-87c7-469f-88f8-4446ea92c4a0&session_state=fa0bb57b-8841-4345-8c18-3ae3ac340d24
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!555D.0B92.D724.68F4",
    "client_secret": "f810d51b-e68f-4fd6-aa18-908c80484d5f",
    "registration_access_token": "ccdeb464-6b73-4fab-b62c-100267ba97d1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!555D.0B92.D724.68F4",
    "client_id_issued_at": 1530863823,
    "client_secret_expires_at": 1530950223,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21555D.0B92.D724.68F4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4e2475a6-c1ce-4db8-88e4-d92dee55a0ea&nonce=1398ebd9-1de9-48f2-a029-09339a125d55&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:57:03 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=711c3158-3888-4818-b67b-ae929418ebed&scope=address+openid+profile+email&session_id=9d2e3afe-0140-4391-b93e-bc66ad765fa0&state=4e2475a6-c1ce-4db8-88e4-d92dee55a0ea&token_type=bearer&session_state=c46fb677-241e-4cfb-b961-60d89b1b53c1&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3588.D7BE.AB26.187A",
    "client_secret": "f9f3984e-046a-4445-b491-9808b5200923",
    "registration_access_token": "c4e5dcef-09eb-42d9-a785-4f2a13182f5c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3588.D7BE.AB26.187A",
    "client_id_issued_at": 1530863823,
    "client_secret_expires_at": 1530950223,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213588.D7BE.AB26.187A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=03f15368-488d-49af-9c3a-519a01147df3&nonce=3bebc0f7-426f-49cc-99fd-5d7abac6c8ce&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:57:03 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNTg4LkQ3QkUuQUIyNi4xODdBIiwiZXhwIjoxNTMwODY3NDI0LCJpYXQiOjE1MzA4NjM4MjQsIm5vbmNlIjoiM2JlYmMwZjctNDI2Zi00OWNjLTk5ZmQtNWQ3YWJhYzZjOGNlIiwiYXV0aF90aW1lIjoxNTMwODYzODI0LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJLQVZKcUcxdGpucS1TV0Iyd2VwWDVJREpuNDZCMXVFbVRTek52M3JYRnI4In0.bSvX-PR5Qhvc2mZyADBtXIvLhoHbx8THK4_bl7l61ZgUkGGwu_eASzJxJ9a2jGq7qpnf4hnkbiNjON9pCUHVrUyvq0oMCrwVMjnBJxK1JX8-s17JQN_OwcBYiumkEw60AXjmOr7dXTH-okzkvQU2ZrYTlHOxscXa4sDXFcSfSblnGgQCht6gcELd4w1SRwLytH8SFpum7f84vbzx3B7CFZotw45Pc06vPyJEN6Xdd3nRPDdY4Yt3ybc_B-Gm0oU_tgWnzdT8TysmIfodpzEoAj_-WdTA1ishKFPuv0Fl7vGFfm6Drmzicii0Xtt5J8-dxarSy_w0_9J1VaD_8A9wFA&session_id=10814392-0045-4867-85c7-cce47f4cc72d&state=03f15368-488d-49af-9c3a-519a01147df3&session_state=3e5eaa96-6a3f-487f-a7dd-d9f603b41a94
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!82CB.ED24.DFAF.7DFD",
    "client_secret": "ec88d2d5-f919-4a0c-8754-7e59cac4064e",
    "registration_access_token": "f52fa37a-74c4-44b0-a80f-b84ec2e607b5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!82CB.ED24.DFAF.7DFD",
    "client_id_issued_at": 1530863824,
    "client_secret_expires_at": 1530950224,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2182CB.ED24.DFAF.7DFD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=899be8fc-aa32-4442-8dce-c1a4cc94883b&nonce=941fa34e-ba72-4a49-814b-0bf0af95540b&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:57:04 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=ef89e388-4cd1-4504-a46a-11d0102abfe3&code=d25aa1cf-48a9-40ec-b316-b21226b9a526&scope=address+openid+profile+email&session_id=dd308b1d-8787-40bb-825b-c7bdea71395a&state=899be8fc-aa32-4442-8dce-c1a4cc94883b&token_type=bearer&session_state=077e3070-cc98-4a24-929f-adef09e60836&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7611.6AD0.0EDF.4D81",
    "client_secret": "5317b48f-cd9a-4970-9a86-e105a9d604c3",
    "registration_access_token": "430107b4-1f73-47a5-b88a-26f23126e5e6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7611.6AD0.0EDF.4D81",
    "client_id_issued_at": 1530863824,
    "client_secret_expires_at": 1530950224,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217611.6AD0.0EDF.4D81&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3963b23d-5f94-46b5-ace7-595169535453&nonce=33afb097-6028-4c01-8c48-070acb44fcb0&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:57:04 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=59c04feb-268c-4c2d-bd7e-554884736026&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3NjExLjZBRDAuMEVERi40RDgxIiwiZXhwIjoxNTMwODY3NDI0LCJpYXQiOjE1MzA4NjM4MjQsIm5vbmNlIjoiMzNhZmIwOTctNjAyOC00YzAxLThjNDgtMDcwYWNiNDRmY2IwIiwiYXV0aF90aW1lIjoxNTMwODYzODI0LCJjX2hhc2giOiJDcElYTWVVNzA5NzVGZXl6VzYwbzBBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiLUhaNThhSEd2a21JU0t2U3Y5OWZMZ080YUg3SXJVNmNFOTFqVmdBYnBtbyJ9.ZzJ4Ia0OfOqA-khasmIgoroXMzauIIctFByxwxZu42ZTOP7Nfw-ZcQPgrJGWORz0Kwff-_q0sM057grrfSVr1dWaHtKw3N1M9yXln2Fq2ygPzgo36oUU3wupvwCzCZw1SGxqmHF95CZL6OD4vfY1RxSrvPbR7VNY3CKhG2uQQAxehExvWQ4rXUqCvIOwpXbxIInYqY70R5dBG5Kwu8XzDsIeqzyLeLTSK7ycbkVKxPTL0AvkXf4fZmSpoiQbbbwbU56NtVYgZCnj5ULVQPxvD1zLtVsfew4ci3pvcbu2bPP72hYh9tguckdXpqRzz3AuR4o2OuflT21OZaXQ7O_-3Q&session_id=2aaa9269-8060-4ba4-b67f-8d1baae1667c&state=3963b23d-5f94-46b5-ace7-595169535453&session_state=7e2ec9ef-1fd1-4dc1-9f52-60f654ca9736
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61F8.438C.435C.03AC",
    "client_secret": "154cf880-ce86-4670-b732-b8d43f363d04",
    "registration_access_token": "c645e5cb-bbce-401e-934e-b4e8971c145d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!61F8.438C.435C.03AC",
    "client_id_issued_at": 1530863824,
    "client_secret_expires_at": 1530950224,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2161F8.438C.435C.03AC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=88dca86f-af74-4f92-b8b6-94a3d94aff0a&nonce=14fd10e0-3852-409c-889d-36e9475ba335&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:57:04 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=451df384-b69d-4c62-8566-eb6198ca967f&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MUY4LjQzOEMuNDM1Qy4wM0FDIiwiZXhwIjoxNTMwODY3NDI0LCJpYXQiOjE1MzA4NjM4MjQsIm5vbmNlIjoiMTRmZDEwZTAtMzg1Mi00MDljLTg4OWQtMzZlOTQ3NWJhMzM1IiwiYXV0aF90aW1lIjoxNTMwODYzODI0LCJhdF9oYXNoIjoidzVDakNyOXAyTXVUQ2Q4SnQzX01IdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjdOSVZnTS1Zck5kQUNHYWxuTm5HZEhMUXhfcEQxZ2RYRmRYdVBuTzUta2sifQ.jDcjzjbWUKCUklITZuVxWFtMjtaiHpsje3adJsmia8_j0q_ToH89O1sYYJGPJz6tImqQ9ykHeaQPHeHBqqYbRn7D5RFZYh9fNAGDR0fPzGVlh9UI6whF84eZKlVx1QAx2nEYvUEdkk-AigMtc_sOn3J8naF5XoQDRbWW2XXGTwRJ2vK_SOFo4ZASzd5sdZrI5tUBgEo4LhJJLpQl-TENIbkVT7T6TtPPdKjglLRMHXT-S9XrJr6Xn3uMFWnkTXYgcx90ycUKPAJiE0-FtbqDGR6NCcIgdwnTv_5NaBlv4oQgqK2nGwfJkixCq1kbFOm0YaR6fWynSGw57keTD0SDEQ&session_id=a2f30ab6-4b64-4453-b2aa-ad4d6a120fda&state=88dca86f-af74-4f92-b8b6-94a3d94aff0a&token_type=bearer&session_state=4a4d799e-9677-48d8-b480-ae258a461315&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: AuthorizationResponseCustomHeaderTest
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!84C8.91FF.56F4.7FD7",
    "client_secret": "9daf3370-86b4-460e-80c8-d15714286825",
    "registration_access_token": "f60fd9ed-65a3-4845-a786-5d0405214857",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!84C8.91FF.56F4.7FD7",
    "client_id_issued_at": 1530863824,
    "client_secret_expires_at": 1530950224,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2184C8.91FF.56F4.7FD7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c08db4da-1292-4a13-860d-8c49cc5163f7&nonce=d829a1b4-3d5a-4725-a820-234489d8dd24&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
CustomHeader1: custom_header_value_1
CustomHeader2: custom_header_value_2
CustomHeader3: custom_header_value_3
Date: Fri, 06 Jul 2018 07:57:04 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=8c92a581-5eeb-4e00-a0cd-5235e0b65cc5&code=de379b4b-daad-4c5e-8bc1-81d4aa8648bc&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4NEM4LjkxRkYuNTZGNC43RkQ3IiwiZXhwIjoxNTMwODY3NDI1LCJpYXQiOjE1MzA4NjM4MjUsIm5vbmNlIjoiZDgyOWExYjQtM2Q1YS00NzI1LWE4MjAtMjM0NDg5ZDhkZDI0IiwiYXV0aF90aW1lIjoxNTMwODYzODI1LCJjX2hhc2giOiJzWU9Dd0s0YjlZR1BUQ2J2YzVCVV93IiwiYXRfaGFzaCI6Im9XaU9MQ05qb3JvU1hCU2VZWXlIamciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJxYXRSYnY0SGp1V1otUmx4bHF3ZXRqSm1rTndTVzRCYXZkejE4R1FlZ0RvIn0.h8ncIyn4GmooqQYmgROi3QOK72NW4ApfjRZPoxeCjnash6Dzp1wYlAKeZg4_wPebIjzOl_aS3ooKOhkfu5-HBgH5qyXFWmUqx93sMh3z0MRTIUqmeLeDggWkYWH2qXGwoCcY9WmGidGnKWKsubjOI-0Npci3z6EzoUZaWTZo4bM_x4ZhEqFT3OlsP7thxyjt4ZgsuMkdAmY4lTy04w5jRYdkmPZ2c3KQ2HIqWLUkckIg2ivkYNhEQo0xk2d_72CizxqJ92urYtEjBuG7LRLWAv0rCgkhZlVX0th2jpT4cv8j2FKtDJTiWEFGRKGIQ0-1py90UCcTdRIJqXcnLdMjxg&session_id=e4ce1ae6-9451-4fa9-9426-5573bca928b1&state=c08db4da-1292-4a13-860d-8c49cc5163f7&token_type=bearer&session_state=b8330df4-88d3-45cd-894a-3d6b6af359f3&expires_in=299
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:57:05 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:05 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: defaultResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9DC7.0FFD.B10D.FCED",
    "client_secret": "1b463d73-26c4-490a-89ed-e65b0d260985",
    "registration_access_token": "678b62f2-be19-495b-9714-4fa137f7c783",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9DC7.0FFD.B10D.FCED",
    "client_id_issued_at": 1530863825,
    "client_secret_expires_at": 1530950225,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219DC7.0FFD.B10D.FCED&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2bcc0896-33e4-484f-9a8a-1478f6a926dd
03:57:27.462 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b05527b5-b6df-433e-944a-1a2fa1dbfc34
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219DC7.0FFD.B10D.FCED&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2bcc0896-33e4-484f-9a8a-1478f6a926dd

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=fd399e0c-e512-4d91-8c7b-6e63212a938b&scope=address+openid+profile+email&session_id=1b3b92f7-cc03-49e1-99c3-226400ad2150&state=2bcc0896-33e4-484f-9a8a-1478f6a926dd&session_state=b05527b5-b6df-433e-944a-1a2fa1dbfc34

#######################################################
TEST: defaultResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4220.89E5.902B.3552",
    "client_secret": "0d398248-0255-4b81-8549-01c4b8ef95b5",
    "registration_access_token": "9dede972-6844-4308-b6a2-78e51e4cf27f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4220.89E5.902B.3552",
    "client_id_issued_at": 1530863826,
    "client_secret_expires_at": 1530950226,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214220.89E5.902B.3552&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=500416b4-848a-41bc-89ef-b9289e58d7a9&nonce=db7bacdc-1ebd-4d0c-a418-135c119671f7
03:57:28.819 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:7c20b72a-d039-4f55-80a1-0c885b71ceff
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214220.89E5.902B.3552&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=500416b4-848a-41bc-89ef-b9289e58d7a9&nonce=db7bacdc-1ebd-4d0c-a418-135c119671f7

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=fd43260a-31ff-4046-93e4-eea19b56d5e4&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0MjIwLjg5RTUuOTAyQi4zNTUyIiwiZXhwIjoxNTMwODY3NDI3LCJpYXQiOjE1MzA4NjM4MjcsIm5vbmNlIjoiZGI3YmFjZGMtMWViZC00ZDBjLWE0MTgtMTM1YzExOTY3MWY3IiwiYXV0aF90aW1lIjoxNTMwODYzODI3LCJjX2hhc2giOiJ6cGpYNlpaYkhoUTAwLUR4cmhJQ3RBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoienFneDg4a2ltSDJiVGc4SmJzNzB2TDczRWF5dTNUTnVPdFpOSmhsdlFERSJ9.K6jg5KYj0ySnBiU4nIt3u-oYVcZUgPf3hLUvGKxhCpgbKgfXthXNOmYbatH31pfU41GUWJRkg13dkaIlvmXJ-ynnqVO7DN73PFJH0VPeBU89A3CaPVFCFtokJb0mmYHvtrQjOI998UBD4P2Qj_uvyCWwQ4v8NO8Z9FQJoXYwd8Swvdh5Uz_N0ZQM9cTuAqqZMXeMfcB4Peljmxt7Xch-waK1Z7JGAUPz3zIE_SVzPfLuVxErDPZ66Ps6awNgM-xRt3MtIJscaLBN_selHYkiDhELnSqWGwAwABH9S5Ljjj1wtnSAaB5qOZxvYvCvaPmWgcIaL22vDDzitR2dayZrGQ&session_id=b876f1f5-f4bb-4af7-b7e5-cd275b7a226f&state=500416b4-848a-41bc-89ef-b9289e58d7a9&session_state=7c20b72a-d039-4f55-80a1-0c885b71ceff

#######################################################
TEST: defaultResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!617E.E181.9E82.AB81",
    "client_secret": "dfa71e94-e1f5-4045-a716-3a7e603c0ec9",
    "registration_access_token": "7981940f-497a-46b2-bb48-1b70e6a806bc",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!617E.E181.9E82.AB81",
    "client_id_issued_at": 1530863827,
    "client_secret_expires_at": 1530950227,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21617E.E181.9E82.AB81&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=083200cc-4f0d-4373-8b7a-58b146abebb1&nonce=b8eb24f2-eee5-410c-8143-67cad335d1fc
03:57:30.118 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:96fa79ad-c86e-4642-967b-fd25017df885
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21617E.E181.9E82.AB81&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=083200cc-4f0d-4373-8b7a-58b146abebb1&nonce=b8eb24f2-eee5-410c-8143-67cad335d1fc

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=afece7fd-95d0-43fb-a3ce-3190bb490a6f&code=3e7c4b2f-2c66-4a7c-bfff-6d395ccad040&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MTdFLkUxODEuOUU4Mi5BQjgxIiwiZXhwIjoxNTMwODY3NDI5LCJpYXQiOjE1MzA4NjM4MjksIm5vbmNlIjoiYjhlYjI0ZjItZWVlNS00MTBjLTgxNDMtNjdjYWQzMzVkMWZjIiwiYXV0aF90aW1lIjoxNTMwODYzODI4LCJjX2hhc2giOiI4WWN6b3pyVElEcUpxUEx3bUhQbkdRIiwiYXRfaGFzaCI6IkJwYVVhY0V4eTY2cGVaTUdrUlZPZUEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJxbGpWVVd4TmMydzEwblRuUk9nYWo4dWJWMVRORjNHSzhnS2dHcXB2blRVIn0.J9YGHSEIdGF79NdZurLcADTB1-t-FyKh7A5OMrwbgojmM6PBUR7G1dfGUFmCiU_LjoQX7hzyHg2wFLGv5XWR8kx_2RZ_1qhr4uRCxFUiaYQCp_4e3oTjDzT_CMVq7tILcPdeSaWpb4WczZknifbqHQ12j-oAFDDc20LnPRno4D_tCIwv6dA0ZKf1dbeK_YMqvKieZS-kq2MRvLrlMdJLq0qTOYmoksZX6r-DbqIzlYeC39PT4jS2orZ7LL1-ys-WG9GUA1YSof2XK_jL4Z5Qs-G5PHferMTco9TQtajvbL9sbrQl5KpcOt0cE8Gib-LxsenNG-H1cbcDOfskNLPTnw&session_id=233e056b-167d-45ef-8946-f30c28c75a3d&state=083200cc-4f0d-4373-8b7a-58b146abebb1&token_type=bearer&session_state=96fa79ad-c86e-4642-967b-fd25017df885&expires_in=299

#######################################################
TEST: defaultResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ABC1.995B.AC31.6BD2",
    "client_secret": "c3c0e993-36c5-4c49-a0d9-0286b30f6f83",
    "registration_access_token": "dad1562c-2794-4002-a13a-f69979f8c3dd",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!ABC1.995B.AC31.6BD2",
    "client_id_issued_at": 1530863829,
    "client_secret_expires_at": 1530950229,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ABC1.995B.AC31.6BD2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dfcaa062-b9f8-44c2-ac8e-7038345c5c7e&nonce=80752ab1-1a86-4cf7-a06b-507f19b535ba
03:57:31.387 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:9d50b449-a1ab-4103-8a0f-0fe3ea40625a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21ABC1.995B.AC31.6BD2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dfcaa062-b9f8-44c2-ac8e-7038345c5c7e&nonce=80752ab1-1a86-4cf7-a06b-507f19b535ba

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=ee9295e9-8ca4-46fa-8db1-27fb39f0e7e9&code=e84fa542-f837-439e-966a-d949a2b42f52&scope=address+openid+profile+email&session_id=e544f492-4424-4c1a-b764-afad859cf91d&state=dfcaa062-b9f8-44c2-ac8e-7038345c5c7e&token_type=bearer&session_state=9d50b449-a1ab-4103-8a0f-0fe3ea40625a&expires_in=299

#######################################################
TEST: defaultResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6FE0.E030.C197.9EA5",
    "client_secret": "ad77d64d-49c9-4554-aebb-332efffe0cfa",
    "registration_access_token": "f81e1af3-54ca-4322-97b2-3644f9c9b723",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6FE0.E030.C197.9EA5",
    "client_id_issued_at": 1530863830,
    "client_secret_expires_at": 1530950230,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216FE0.E030.C197.9EA5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=016c6903-ae6b-40e1-aaeb-4dc51da4d93d&nonce=fe236b41-ca3b-402b-8730-da86196d535a
03:57:32.729 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:db891bb4-4c20-46a2-8fa3-6da3525ad913
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216FE0.E030.C197.9EA5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=016c6903-ae6b-40e1-aaeb-4dc51da4d93d&nonce=fe236b41-ca3b-402b-8730-da86196d535a

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2RkUwLkUwMzAuQzE5Ny45RUE1IiwiZXhwIjoxNTMwODY3NDMxLCJpYXQiOjE1MzA4NjM4MzEsIm5vbmNlIjoiZmUyMzZiNDEtY2EzYi00MDJiLTg3MzAtZGE4NjE5NmQ1MzVhIiwiYXV0aF90aW1lIjoxNTMwODYzODMxLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJOZFlqdnZWSDYtSFV5OFRHZWUwTERYR1JDcnluZmNva3pzZ2tDZWMwR0pZIn0.MVaSXQ_3P2DtrgUrAv2rHUMLP3JYioEL4idxptxevn6GAgtuYEVvZ3i1cAbsAXK2n21Fq_cyvGv0Euztq4iFHh-D2FW1BPoATMkk_d2y528jSQBOxZxnHvGSZ3PumDBCtcKYU2h_1E2l0I4UGm-CpRLrmFs1mwRETvWiQv_M7ztTE0ARIJtZhj7QhmU_2qZh1jljm8ygx96WOVLCRu0M_Tn2EOrbKUu4bf41p41l15ze7jBzv0I6YAqPdjAVYxJJxUYXdrUHO_X-s8eKi-yvwZdWmG2q2Y488QhLVF-YQdrrcpx1wPvB2NPpwlhsG1Uaq_wL6aUhGQ-rKHWsw2FW2Q&session_id=e7eb2b31-c4b1-4dc9-8595-f40e581f9429&state=016c6903-ae6b-40e1-aaeb-4dc51da4d93d&session_state=db891bb4-4c20-46a2-8fa3-6da3525ad913

#######################################################
TEST: defaultResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7D0C.A667.A0EC.4E71",
    "client_secret": "c2ceb4b0-5b02-407f-8ac0-276a800041c2",
    "registration_access_token": "ee7e0bf6-5c77-4c63-bce6-370ac8476b53",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7D0C.A667.A0EC.4E71",
    "client_id_issued_at": 1530863831,
    "client_secret_expires_at": 1530950231,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217D0C.A667.A0EC.4E71&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cfaea368-1581-4deb-9350-3337fefccb18&nonce=baba09b9-43e4-46b0-a207-eaccacb035f4
03:57:33.986 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:da984068-0675-4b5c-8424-bf33f470a15a
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217D0C.A667.A0EC.4E71&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cfaea368-1581-4deb-9350-3337fefccb18&nonce=baba09b9-43e4-46b0-a207-eaccacb035f4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=a4fd3d64-a8d1-498c-88ae-db99b47b1e8d&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3RDBDLkE2NjcuQTBFQy40RTcxIiwiZXhwIjoxNTMwODY3NDMyLCJpYXQiOjE1MzA4NjM4MzIsIm5vbmNlIjoiYmFiYTA5YjktNDNlNC00NmIwLWEyMDctZWFjY2FjYjAzNWY0IiwiYXV0aF90aW1lIjoxNTMwODYzODMyLCJhdF9oYXNoIjoiYThsLTJzNFViMWJscERGRnNLOVc1ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjlQSWY1MEk3RzljUDZjbnlXc1VnaUlmYjJ1cWFPcWlJSkJSNzlUYmpGZEEifQ.MDFPVBx9yXKbTkYJhW4qhqyTOA305ofxH98jExigRvympinlFJ074jfxunpbOh75IaPYbSUoZYm8UwHjk3IW1m2zBhu8uThLgpXwEgXT7f3MEB3MPY2AEF0F26iny5yWBhxXmQf9fu2pYIYRi_rkVtKDRF_WwXLI-rVvIPaxO2AgjzYDPd_J_M048TrEsJ_7pNiy6i1khYvt3cFayYAcV77GH9E7q0jTT1kW-7dYVSLKOoN4GhvqW1m-5T6gP44SqwewTyLBpMnIsX3QLHbfOqqiVKbUcRe7sdVXIyU5IAcQPAyq-GoVaPfB5HBXSaQe4LKbV9YHJqFgwTQO0y-Zwg&session_id=e3a45a22-d2c7-48dd-a5a8-a196bb9e3b25&state=cfaea368-1581-4deb-9350-3337fefccb18&token_type=bearer&session_state=da984068-0675-4b5c-8424-bf33f470a15a&expires_in=299

#######################################################
TEST: formPostResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2CA0.1135.4B5C.827E",
    "client_secret": "2af51c9a-f33d-4c93-8c56-88245d251f51",
    "registration_access_token": "0cb22d57-2a7b-4073-9e34-9d805df4ec00",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2CA0.1135.4B5C.827E",
    "client_id_issued_at": 1530863833,
    "client_secret_expires_at": 1530950233,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212CA0.1135.4B5C.827E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a1f4712e-a5f2-4409-84e1-6461e33cb36e&response_mode=form_post
03:57:35.179 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3b42e6c8-9a42-4f21-912f-e27fc0a0e1b1
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212CA0.1135.4B5C.827E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a1f4712e-a5f2-4409-84e1-6461e33cb36e&response_mode=form_post

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2612.FE65.9AD2.BDD5",
    "client_secret": "d93bf254-ca46-4bcc-b71d-5e2502974ffc",
    "registration_access_token": "4b82b21d-5492-4910-a0e7-799486c3af6f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2612.FE65.9AD2.BDD5",
    "client_id_issued_at": 1530863834,
    "client_secret_expires_at": 1530950234,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212612.FE65.9AD2.BDD5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=029396b4-18c8-4db1-9e78-4c960e7e303c&response_mode=form_post&nonce=f77455ef-0afa-4375-9595-15041bb659d5
03:57:36.569 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d2220565-ad14-47e2-9de8-b41c90b449a5
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212612.FE65.9AD2.BDD5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=029396b4-18c8-4db1-9e78-4c960e7e303c&response_mode=form_post&nonce=f77455ef-0afa-4375-9595-15041bb659d5

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!79C7.A4E4.8E88.464C",
    "client_secret": "2f1f7fb8-f13f-43a7-8727-cdb2adf00198",
    "registration_access_token": "ca6d1c3b-061c-42df-8464-58ecd3134a38",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!79C7.A4E4.8E88.464C",
    "client_id_issued_at": 1530863835,
    "client_secret_expires_at": 1530950235,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2179C7.A4E4.8E88.464C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bad48135-4702-49e2-937e-8b7aecf26939&response_mode=form_post&nonce=493cee9d-f363-41ad-8af6-ea97940dc611
03:57:37.851 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ad4fab67-c902-4aba-bb2d-87d3b509aca0
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2179C7.A4E4.8E88.464C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bad48135-4702-49e2-937e-8b7aecf26939&response_mode=form_post&nonce=493cee9d-f363-41ad-8af6-ea97940dc611

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!748D.A397.FE92.54C9",
    "client_secret": "d338a076-b571-4b83-b92d-04ab36589c57",
    "registration_access_token": "fa7052cd-6d25-4bbf-9b9c-d7e8636a4193",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!748D.A397.FE92.54C9",
    "client_id_issued_at": 1530863836,
    "client_secret_expires_at": 1530950236,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21748D.A397.FE92.54C9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e57718de-9ea1-4f40-af28-f8ae24b96435&response_mode=form_post&nonce=ff8b1df7-7cdb-4633-a21b-3b9ce66cb333
03:57:39.130 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d8be3669-b846-49e6-ad20-d5b1ec501b51
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21748D.A397.FE92.54C9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e57718de-9ea1-4f40-af28-f8ae24b96435&response_mode=form_post&nonce=ff8b1df7-7cdb-4633-a21b-3b9ce66cb333

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5679.9503.C03D.E79F",
    "client_secret": "c2e25fdc-2c83-4e5e-a8b5-942502544286",
    "registration_access_token": "2bef8afb-006c-4539-ad40-814388e4320e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5679.9503.C03D.E79F",
    "client_id_issued_at": 1530863838,
    "client_secret_expires_at": 1530950238,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215679.9503.C03D.E79F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f0de698d-5c8e-4529-b824-5b41b6864d44&response_mode=form_post&nonce=1623d114-b52a-42fa-b4e3-caddd656189b
03:57:40.411 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:cd78c3cb-6d22-4067-a88f-4fa0e9365c34
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215679.9503.C03D.E79F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f0de698d-5c8e-4529-b824-5b41b6864d44&response_mode=form_post&nonce=1623d114-b52a-42fa-b4e3-caddd656189b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: formPostResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!54DD.054C.D5B1.CCCC",
    "client_secret": "a3ebeb95-3a56-4c89-81b8-6e2d05d80fb1",
    "registration_access_token": "a73cceb5-3662-45e4-9009-eb2d95c126ee",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!54DD.054C.D5B1.CCCC",
    "client_id_issued_at": 1530863839,
    "client_secret_expires_at": 1530950239,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2154DD.054C.D5B1.CCCC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6b90199d-a459-438b-86fc-e8f5a825c647&response_mode=form_post&nonce=e13b8555-555b-4f91-bbd9-9d4b6e3640f9
03:57:41.750 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ef5ed304-5fed-4b07-8e8f-e9a10f668f44
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2154DD.054C.D5B1.CCCC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6b90199d-a459-438b-86fc-e8f5a825c647&response_mode=form_post&nonce=e13b8555-555b-4f91-bbd9-9d4b6e3640f9

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm

#######################################################
TEST: fragmentResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4366.1D4E.A0B4.A11F",
    "client_secret": "74e3e4e7-4033-4b65-85ae-f260997ad1a7",
    "registration_access_token": "51e8cece-c247-4fa9-ace7-e20e58af118b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4366.1D4E.A0B4.A11F",
    "client_id_issued_at": 1530863840,
    "client_secret_expires_at": 1530950240,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214366.1D4E.A0B4.A11F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=99310ebc-19d6-4773-a37d-3bbf14662573&response_mode=fragment
03:57:43.057 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:bd7b1d79-ed07-479b-85c1-13f509d5f1bd
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214366.1D4E.A0B4.A11F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=99310ebc-19d6-4773-a37d-3bbf14662573&response_mode=fragment

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=feef9573-43f9-4d2c-84e8-27aaf4798d6d&scope=address+openid+profile+email&session_id=46feb7fd-d00d-4dd5-970e-461085823a2f&state=99310ebc-19d6-4773-a37d-3bbf14662573&session_state=bd7b1d79-ed07-479b-85c1-13f509d5f1bd

#######################################################
TEST: fragmentResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:22 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0E7.B4EB.0306.8F94",
    "client_secret": "1fa04a50-f8f2-40ea-99da-591526f0532e",
    "registration_access_token": "9086e200-b3d2-4acc-adaa-0cd71f18f7cd",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0E7.B4EB.0306.8F94",
    "client_id_issued_at": 1530863842,
    "client_secret_expires_at": 1530950242,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D0E7.B4EB.0306.8F94&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bac4189c-71df-4bb6-9070-3dc692f2ed24&response_mode=fragment&nonce=18c4b9bc-787d-4d04-a9eb-3942204e097b
03:57:44.401 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b8e55f22-a191-4599-a8d6-689d2abb0e26
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D0E7.B4EB.0306.8F94&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bac4189c-71df-4bb6-9070-3dc692f2ed24&response_mode=fragment&nonce=18c4b9bc-787d-4d04-a9eb-3942204e097b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=51956be5-e38b-4b18-998b-d9d630f1efb2&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMEU3LkI0RUIuMDMwNi44Rjk0IiwiZXhwIjoxNTMwODY3NDQzLCJpYXQiOjE1MzA4NjM4NDMsIm5vbmNlIjoiMThjNGI5YmMtNzg3ZC00ZDA0LWE5ZWItMzk0MjIwNGUwOTdiIiwiYXV0aF90aW1lIjoxNTMwODYzODQzLCJjX2hhc2giOiJYSHJ5bnRnWXducFdnSDE1VE1kbDdRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiSU9aVTI1cHp2dFBYTDNUb1JodVVZRE5SSjdENjVXSlRwVFQwV0dPNFdoTSJ9.BHtq-epCSZ8_L08tHgjgJqCvFJumHFd3MahUxl6zQHyiRikw0RX61No9wYRkiB35plwZojLC8DBHLzUIOZztyiQ8XGJcmTWLNhiaO8WBiPMdQ-MuwmK-8MuLzsHjXg3dA7yFZAXNQnoaJysW-SpQ3Lby0-YCeCedMSCH00Rlyd57aE1hnJzLzWZ9NiUpqZSeLEmeRbXt6mPgYKsW7I1DeWlNuqQaN12CXJhhe7vsbFnv6X4Vb1zse4A9SILrCITiF1nGzOQZXXMzwLVx5YhawdHvA_5InLfPEG72VKg4u4XX4baI45LZjmgv_70h5836vN3p8UW_lD6pZiyASejxxg&session_id=e79ea470-f116-4a0d-b940-56b0aca57a64&state=bac4189c-71df-4bb6-9070-3dc692f2ed24&session_state=b8e55f22-a191-4599-a8d6-689d2abb0e26

#######################################################
TEST: fragmentResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:23 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7CAD.7450.3B81.82B4",
    "client_secret": "37fa6c9f-b214-47cf-bedc-80495accb220",
    "registration_access_token": "e118e089-1220-4e2a-81df-3892e51c82ee",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7CAD.7450.3B81.82B4",
    "client_id_issued_at": 1530863843,
    "client_secret_expires_at": 1530950243,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217CAD.7450.3B81.82B4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=95c78350-d5bc-43f3-8eca-45c4ba419e85&response_mode=fragment&nonce=4c23afb1-b9fc-4870-8686-8d57f6988842
03:57:45.623 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:dbaf7c0f-7cd9-4fc6-832b-52acb99f34e2
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217CAD.7450.3B81.82B4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=95c78350-d5bc-43f3-8eca-45c4ba419e85&response_mode=fragment&nonce=4c23afb1-b9fc-4870-8686-8d57f6988842

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=22c88400-e678-45ff-9f54-f4a721633235&code=a8449550-5b12-4cb5-a654-b66f084651fe&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3Q0FELjc0NTAuM0I4MS44MkI0IiwiZXhwIjoxNTMwODY3NDQ0LCJpYXQiOjE1MzA4NjM4NDQsIm5vbmNlIjoiNGMyM2FmYjEtYjlmYy00ODcwLTg2ODYtOGQ1N2Y2OTg4ODQyIiwiYXV0aF90aW1lIjoxNTMwODYzODQ0LCJjX2hhc2giOiJzaV9XbHJDZVZtbnZXaUtlT2pkWU1BIiwiYXRfaGFzaCI6InA0TFVoYm1mWEpuZnlSX2ZiLS0wdnciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJBMzZNYjVRcW1QRnBiTzRIZFR5SnJmcWxaYXJ6RnBsQWtwbWNpSWpqclU4In0.l8XH_WEXnvVwYAFjrU0ltzOkNrnqIxgwLZvpH5ShgnY1B_WLgtL0dnLMfHsOH8XLGCDTCTs1T-ObqHVoytZOcSjLSKpmnf7WsLPhRlQSytayoYzrWd2v78xda8f867nAqgphNxdwoAywfi3wSWfptZMqvcXyFVjuX2KKsNxRmGTVVQ5_CKAVAgHfGyvgB4kzOhowNu-JQQR0_5jatFGWN-1JmuUqnFBgkIBCaPOymKqLRLStjRscxUIw7wpSyXHOG8IbbBXeovb9sANwvfaxbAQ86A8D_WWQ9fELBeujuBbXCNBar8-hiNNHigFPq4q_mUVt6n8y8NnV81my5GTW0g&session_id=ab365315-b0c4-412a-94a8-385bbf7e47b6&state=95c78350-d5bc-43f3-8eca-45c4ba419e85&token_type=bearer&session_state=dbaf7c0f-7cd9-4fc6-832b-52acb99f34e2&expires_in=299

#######################################################
TEST: fragmentResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:24 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0307.0A47.EE0A.936A",
    "client_secret": "cff6c5f0-a910-4abf-8819-a65328c7736e",
    "registration_access_token": "86f3bbf9-942d-400b-bba0-9b33c2e5acb7",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0307.0A47.EE0A.936A",
    "client_id_issued_at": 1530863844,
    "client_secret_expires_at": 1530950244,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210307.0A47.EE0A.936A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2df87b02-d0f5-4e52-9047-57d0dd5542a6&response_mode=fragment&nonce=9475c47a-6e12-480b-aa4d-4dce7c46fe11
03:57:46.906 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:00b18ca5-49d6-4bad-850d-e3a4dcb0bd29
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210307.0A47.EE0A.936A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2df87b02-d0f5-4e52-9047-57d0dd5542a6&response_mode=fragment&nonce=9475c47a-6e12-480b-aa4d-4dce7c46fe11

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=4d85ff42-4fd3-41b9-9817-be4f529131c7&code=97f10eb8-9fbc-402d-93d5-a610d3647554&scope=address+openid+profile+email&session_id=43f853f5-208b-4dfd-a11e-f8dcf1807315&state=2df87b02-d0f5-4e52-9047-57d0dd5542a6&token_type=bearer&session_state=00b18ca5-49d6-4bad-850d-e3a4dcb0bd29&expires_in=299

#######################################################
TEST: fragmentResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:26 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D1E0.DB34.189E.10D1",
    "client_secret": "3d1dc2ce-3978-4537-8afa-281a69cb2b3f",
    "registration_access_token": "6245b0f9-6cfd-42cc-9af8-3714c29fa312",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D1E0.DB34.189E.10D1",
    "client_id_issued_at": 1530863846,
    "client_secret_expires_at": 1530950246,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D1E0.DB34.189E.10D1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ee9efbd3-aff0-4a52-993a-ae7534b4adac&response_mode=fragment&nonce=d71e8dd5-bc89-414b-985d-f256b2f58ac5
03:57:48.203 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:41cfa407-9931-42ae-97be-6da687ca1d13
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D1E0.DB34.189E.10D1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ee9efbd3-aff0-4a52-993a-ae7534b4adac&response_mode=fragment&nonce=d71e8dd5-bc89-414b-985d-f256b2f58ac5

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMUUwLkRCMzQuMTg5RS4xMEQxIiwiZXhwIjoxNTMwODY3NDQ3LCJpYXQiOjE1MzA4NjM4NDcsIm5vbmNlIjoiZDcxZThkZDUtYmM4OS00MTRiLTk4NWQtZjI1NmIyZjU4YWM1IiwiYXV0aF90aW1lIjoxNTMwODYzODQ2LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiI4blg1a0Z2ZFd6UDFET29WWUp0SVhEaUVQVWlobnI1dm9rSk9rQm9WUzlZIn0.TwWleDVwSmkTR9Pc5rH_8XMAe4A1oDPhB2V93cGAtBBDzCwYubtzIq5fK7-82WXDzJSJjIWQNo7I5qKigJrow6MW9vZo-SFz4t98o6Ooe0guJokMFWRLBZMVGUlsSF6k_60DWVIDyWvYt-0f7_OTW07Os34KqirpzaZfDnG7wUvpAcWzPlZ5bn8lwFx3QA-jg8k-DVcUo32aMWqpIPrxKCDZWoXqWBzke3GyrxuXrmnLz8t6KY4RUZCnRsLRtXaM7SFNCsOZYgo9mcEJF4Bpj9suCn4EW-t8_UCn2FoVVKR9AKe6b7O2-85tBrWpBuMv7dtqildwDWh7-LpjLiPHIQ&session_id=98419e36-d713-4259-bf11-1e77e5660b57&state=ee9efbd3-aff0-4a52-993a-ae7534b4adac&session_state=41cfa407-9931-42ae-97be-6da687ca1d13

#######################################################
TEST: fragmentResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:27 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F3F9.7F0C.73AF.D26D",
    "client_secret": "d2712b77-7278-4d14-b3bc-b339cc90dc64",
    "registration_access_token": "83244c6d-cda1-454e-8bef-90f78f39f9c2",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F3F9.7F0C.73AF.D26D",
    "client_id_issued_at": 1530863847,
    "client_secret_expires_at": 1530950247,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F3F9.7F0C.73AF.D26D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9b3a469e-3732-42b1-8ab3-547129c6d525&response_mode=fragment&nonce=e384adcd-7d0b-450e-b0f6-8c6a0eb9a3b3
03:57:49.376 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:9f1b2321-1488-43eb-9553-8259416dd263
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F3F9.7F0C.73AF.D26D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9b3a469e-3732-42b1-8ab3-547129c6d525&response_mode=fragment&nonce=e384adcd-7d0b-450e-b0f6-8c6a0eb9a3b3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=29d4f4a0-5b61-4f79-841f-89d2679c4da2&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGM0Y5LjdGMEMuNzNBRi5EMjZEIiwiZXhwIjoxNTMwODY3NDQ4LCJpYXQiOjE1MzA4NjM4NDgsIm5vbmNlIjoiZTM4NGFkY2QtN2QwYi00NTBlLWIwZjYtOGM2YTBlYjlhM2IzIiwiYXV0aF90aW1lIjoxNTMwODYzODQ4LCJhdF9oYXNoIjoiWFJsZDRvN291SVAzamUzR0ZvanU2QSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImJsclZzbnFFY0VpN2RVQ0J3THJweWZOcEdYNTdPTU85RWRXYkhQbTZIdkUifQ.dRPmA67bX91UVPfPfCUMRy6ObLMbARAInl1YAhecQ-S7mmdIY9lUUbN4a-IMy_xd02wobkm6WLcIOfgoEn53jPBKxzJ1Br5tDttLqesWaQLGeBqk7E9cB8Jo5x0Vnv3dJ1iYeJlLfU70ulPWpQCDic9_61FKvNC1zrX32HDWz4wb2wxiNENMndTQIKJ047msQzI9-CHSC9rj83wLY2GuXcHjeyGutQWyqkrmMG1ldsAbIipsURYIey7oMvEBnEEUcdyafsle8QiG6Nr87Ll5NPkLSYAsA4uzj9e0-kGAxEuWVhl34K8nycFZaMQExUzH0Daf88w7uS3gpbHL1LSuBA&session_id=d1840f5d-f8fa-43c6-b684-83495392db95&state=9b3a469e-3732-42b1-8ab3-547129c6d525&token_type=bearer&session_state=9f1b2321-1488-43eb-9553-8259416dd263&expires_in=299

#######################################################
TEST: queryResponseModeBasicCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:28 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F07D.3A64.B9F4.114D",
    "client_secret": "c76df741-24a4-4457-9c94-af43e5251be4",
    "registration_access_token": "c9f19cff-d88d-4926-bfb4-763cb87b260b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F07D.3A64.B9F4.114D",
    "client_id_issued_at": 1530863848,
    "client_secret_expires_at": 1530950248,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F07D.3A64.B9F4.114D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d52b3057-c1cf-41b8-8fdd-eb555b795ef4&response_mode=query
03:57:50.670 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:372243f8-1e62-4560-a449-38478c207d05
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F07D.3A64.B9F4.114D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d52b3057-c1cf-41b8-8fdd-eb555b795ef4&response_mode=query

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=7e7a9019-8b89-40f3-8733-bfe6a878352c&scope=address+openid+profile+email&session_id=86173c33-975b-4152-b9c8-807ca5d4c742&state=d52b3057-c1cf-41b8-8fdd-eb555b795ef4&session_state=372243f8-1e62-4560-a449-38478c207d05

#######################################################
TEST: queryResponseModeHybridCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:29 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AAEC.1C1B.7A1D.FBE4",
    "client_secret": "781025b7-d9f6-46dd-8370-847cb8d576a9",
    "registration_access_token": "03b1aa2c-cc47-47f0-bfdb-0574b8d3d550",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AAEC.1C1B.7A1D.FBE4",
    "client_id_issued_at": 1530863849,
    "client_secret_expires_at": 1530950249,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AAEC.1C1B.7A1D.FBE4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=76f9d30b-f09f-4fc6-b49e-f13f0d6550ef&response_mode=query&nonce=5fe6a82b-a4f6-422e-a2e8-b077ac7e2697
03:57:51.935 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:2dac548d-8664-4790-9ff2-46281d8a6178
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AAEC.1C1B.7A1D.FBE4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=76f9d30b-f09f-4fc6-b49e-f13f0d6550ef&response_mode=query&nonce=5fe6a82b-a4f6-422e-a2e8-b077ac7e2697

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=c2918834-c376-48d5-8fb4-6d8b86a38b20&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBQUVDLjFDMUIuN0ExRC5GQkU0IiwiZXhwIjoxNTMwODY3NDUwLCJpYXQiOjE1MzA4NjM4NTAsIm5vbmNlIjoiNWZlNmE4MmItYTRmNi00MjJlLWEyZTgtYjA3N2FjN2UyNjk3IiwiYXV0aF90aW1lIjoxNTMwODYzODUwLCJjX2hhc2giOiJ5YjljZWpWNUJJajBZYTVKZzZDZ1pBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiQkgxdHB2QVlSOUxpMDhkRmhYVTRzWHk5OTVSYjg5MWJaM2dpdWl4ZmRKTSJ9.A1lv1mXfgtOlITnS5ftmaqiF_Jl5wVFyrpXDlyw0FsmNUu-WW5xOjRev9SDBrR6aY4DJW_HQiqfRN9wInyXQ0gIEQzab3ij0oR4Mqmbv6XBZdWJ963NvPtc2bvYrEDkdUIPMB102w7MW06n53zB7Px0LyU4YDIVu97DLVMqFxWQhWd58kDtJytf26wjGh-UXz7RQA8iZlQLGW6NZSrA4omz7p2Muo8tQlJGJNfAkRiofVAPHWXoIoiO9ZeJBkA7fIEZBIvmWEDmQhoaW4ZZURds2y67-rtcOCkko21IWi0gATSXjbwKdm6gj29FkcD0_GUkwMPMS5rzeV3cRGhs9lw&session_id=6adb569c-3c72-46bb-a49c-85fcb908e2ec&state=76f9d30b-f09f-4fc6-b49e-f13f0d6550ef&session_state=2dac548d-8664-4790-9ff2-46281d8a6178

#######################################################
TEST: queryResponseModeHybridCodeIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:30 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8416.5779.5D38.D38C",
    "client_secret": "f0c9f6f9-0125-40fe-a4ae-a33e85ffa7f1",
    "registration_access_token": "7ff6727b-799b-48b1-b2a7-af5e78d6d590",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8416.5779.5D38.D38C",
    "client_id_issued_at": 1530863851,
    "client_secret_expires_at": 1530950251,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218416.5779.5D38.D38C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=04be581e-df42-4105-95af-5a40b387b096&response_mode=query&nonce=ff6111f7-fbf3-4554-bca1-ea045c99763c
03:57:53.154 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:cccb5028-8590-4370-b712-f8fd184378ee
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218416.5779.5D38.D38C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=04be581e-df42-4105-95af-5a40b387b096&response_mode=query&nonce=ff6111f7-fbf3-4554-bca1-ea045c99763c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=11cf9e7a-bb40-4217-8ea6-5194d4756590&code=0afb2d99-fb6d-4c7b-8603-c2cd7e25719a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4NDE2LjU3NzkuNUQzOC5EMzhDIiwiZXhwIjoxNTMwODY3NDUyLCJpYXQiOjE1MzA4NjM4NTIsIm5vbmNlIjoiZmY2MTExZjctZmJmMy00NTU0LWJjYTEtZWEwNDVjOTk3NjNjIiwiYXV0aF90aW1lIjoxNTMwODYzODUxLCJjX2hhc2giOiIxbFdBNHRoX3g5UXVqeTdzbmM2REJnIiwiYXRfaGFzaCI6IjNqWHpVRktnVmdUSnZDWWR0bGhBMWciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJwTW94VktPalozN3lFczRZRU9HNkY2bHkxOEJiMEJqc05HeE42d3JHaDA0In0.MOEeVxmXUoLKa4_wz8isWuLMazJY4pWwxByQgQxdT-DaO1QINmwxDhQLqNXKRRDThix3DOmvghBB2gbPKolXQZomdYXPfjEzCaOBViSGiGj7AHgVsfSNqIitFAg0w-G3nunS0hrP9pB3VmZv2A5_52DsE_hQt8wEWtrY2re4QBRdfr8Y4Nep2gKNeeYnDhbC466MEOeT0DixyXtrEZRLAa65A-vr3kVO3ry6v28dyQMT2SBvYyNvuJhVQnmQK__0r7eCDn8BpDZeHF7RP7i2sXMetkgboDrvmzmxQhdVLwjziGHcHtbniQgpkzgyEbz5X9ANKDTiqI0G6RrsYoKqxw&session_id=734f0458-51ec-40d0-aa55-5cca5111b91b&state=04be581e-df42-4105-95af-5a40b387b096&token_type=bearer&session_state=cccb5028-8590-4370-b712-f8fd184378ee&expires_in=299

#######################################################
TEST: queryResponseModeHybridCodeToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:32 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6324.8EA6.BBC1.D671",
    "client_secret": "89e90b27-0c3d-4b7c-ac1e-7258b219e693",
    "registration_access_token": "5c57a7af-8165-4f72-a305-371194cdd8c9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6324.8EA6.BBC1.D671",
    "client_id_issued_at": 1530863852,
    "client_secret_expires_at": 1530950252,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216324.8EA6.BBC1.D671&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9d0a9155-d0e9-46a8-b1c7-d50f1bf395fc&response_mode=query&nonce=eefded1f-16dd-4e08-a9cf-eee6fd276cce
03:57:54.359 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b57e8bed-f506-4c5e-93ba-34a361332161
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216324.8EA6.BBC1.D671&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9d0a9155-d0e9-46a8-b1c7-d50f1bf395fc&response_mode=query&nonce=eefded1f-16dd-4e08-a9cf-eee6fd276cce

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=74fc76fb-aa73-4143-9c2a-5248865d5d5a&code=9f134761-c76a-491f-a1c7-d4af0f589465&scope=address+openid+profile+email&session_id=f6fa069c-d4d7-45c3-be49-5374428a4671&state=9d0a9155-d0e9-46a8-b1c7-d50f1bf395fc&token_type=bearer&session_state=b57e8bed-f506-4c5e-93ba-34a361332161&expires_in=299

#######################################################
TEST: queryResponseModeImplicitIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:33 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E7E8.2B25.E766.BBA3",
    "client_secret": "ccb62b8f-4308-4237-9051-b16091d60869",
    "registration_access_token": "90e6f9bd-09cb-4212-9527-8bb36ccc16f4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E7E8.2B25.E766.BBA3",
    "client_id_issued_at": 1530863853,
    "client_secret_expires_at": 1530950253,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E7E8.2B25.E766.BBA3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b7a01b03-30ff-4e94-bb28-8845a9732e89&response_mode=query&nonce=66efd73a-a2f6-40cc-be3b-3b879cbb40c2
03:57:55.631 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:329986e5-9c08-4b5e-a065-6fa4777e01d0
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E7E8.2B25.E766.BBA3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b7a01b03-30ff-4e94-bb28-8845a9732e89&response_mode=query&nonce=66efd73a-a2f6-40cc-be3b-3b879cbb40c2

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFN0U4LjJCMjUuRTc2Ni5CQkEzIiwiZXhwIjoxNTMwODY3NDU0LCJpYXQiOjE1MzA4NjM4NTQsIm5vbmNlIjoiNjZlZmQ3M2EtYTJmNi00MGNjLWJlM2ItM2I4NzljYmI0MGMyIiwiYXV0aF90aW1lIjoxNTMwODYzODU0LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJsYVBGQ3FZcUs3Vkw0RWdUSHVESXpNSW9vQVdPai1wa3B3anlvNEpaaVZrIn0.sL-SMcxG7RE1MXUYZ183NPJmUBq7hINzEah3m00G2jO0qWqrg3zIYn-SsoYjYbQfSWW0r9O3G2XPLxJQyW92x_6o7oouesyfUfZ6rXpjSiIhZdhZsT30X5j_AwZ_D_NE7JVms3NuOPxnNhDEAR3CluW5t11Ml9BNAdns2u0e2aTOaLiWOLL4ePACefOpwosAk-nnLlBHEeBJtgsKT1bQSTQ1aAk84RdJtbGjHMp_mdjKGNMe3X-GJ95rhC1udc-MFNmPKuNrux724A4giRncpp23EEDy-4uMYhdg0Jq0Kezf6AvvlVlMt0WkwoEXyZJuKIuT393GUI_IkFWagDK0Xg&session_id=2a027920-deb5-468f-a7ef-36ad3c5f5162&state=b7a01b03-30ff-4e94-bb28-8845a9732e89&session_state=329986e5-9c08-4b5e-a065-6fa4777e01d0

#######################################################
TEST: queryResponseModeImplicitIdTokenToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:34 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9E55.4ACD.5637.365D",
    "client_secret": "c007ba31-f382-4a0f-90ec-cb827024ddee",
    "registration_access_token": "0b6a17e0-332e-4496-85aa-d59ceefe6c7e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9E55.4ACD.5637.365D",
    "client_id_issued_at": 1530863854,
    "client_secret_expires_at": 1530950254,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219E55.4ACD.5637.365D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1fdd3ca9-d2dc-4f57-a98e-98030099dfac&response_mode=query&nonce=227c6483-f9f1-4b04-bbf7-729d25c16b9f
03:57:56.827 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b66fa065-b72e-4c48-9b45-a0572f8f8e3b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219E55.4ACD.5637.365D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1fdd3ca9-d2dc-4f57-a98e-98030099dfac&response_mode=query&nonce=227c6483-f9f1-4b04-bbf7-729d25c16b9f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=85f43032-8210-4b9a-b8e4-47cfcad5e599&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5RTU1LjRBQ0QuNTYzNy4zNjVEIiwiZXhwIjoxNTMwODY3NDU1LCJpYXQiOjE1MzA4NjM4NTUsIm5vbmNlIjoiMjI3YzY0ODMtZjlmMS00YjA0LWJiZjctNzI5ZDI1YzE2YjlmIiwiYXV0aF90aW1lIjoxNTMwODYzODU1LCJhdF9oYXNoIjoiVldSa2lrbEhuZFQwbGl6T2VqVkk4dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Im9UNHVQTTRzVzlyOGdIV3JQcGNVZEJTc3oxOWJib21UV1V6UVJTcGxPVkkifQ.Aa0nWKZYKJYGigvWOCAhWw0RQ8SalfxMUuXrVLL1z6eicp9gFq_boSu3IbTBvYh1qCPaUVYBg4p5-Aw1udOzstuYcfm3j8-aqde-LDOPT7APaue2wUbRn7oZWIYnIv4FBOBqiFw1nEttLg9XRnPcWuSgeccwvwAE2g1Ew3FtiEcysqRnFVy7doJBgbxFLe9QbKo7QzfRot3tlIwkyVUQdwwOCZ7Gps8Awre9cOVw-0kAFnfrUSX5bH0uv175o6h6JbCRuKZH4S45GMaHR9D9rSUNE1v5Ty60Ryg1caRrmRiDWGG6U5Jy29eK25S09Ld7SIsz-aJTvx5oSWGGrZOBww&session_id=30d26421-d617-4481-b77e-bc6334e04dba&state=1fdd3ca9-d2dc-4f57-a98e-98030099dfac&token_type=bearer&session_state=b66fa065-b72e-4c48-9b45-a0572f8f8e3b&expires_in=299

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:57:35 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:35 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: requestAuthorizationAccessToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2A10.9738.DC50.71D8",
    "client_secret": "587094d3-4b37-4259-893a-d6f835bbbe93",
    "registration_access_token": "b9aa2a7a-9636-4b87-8ddc-7c5a653d14ab",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2A10.9738.DC50.71D8",
    "client_id_issued_at": 1530863856,
    "client_secret_expires_at": 1530950256,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b9aa2a7a-9636-4b87-8ddc-7c5a653d14ab

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:36 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2A10.9738.DC50.71D8",
    "client_secret": "587094d3-4b37-4259-893a-d6f835bbbe93",
    "registration_access_token": "b9aa2a7a-9636-4b87-8ddc-7c5a653d14ab",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2A10.9738.DC50.71D8",
    "client_id_issued_at": 1530863856,
    "client_secret_expires_at": 1530950256,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212A10.9738.DC50.71D8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6b2b8280-f954-401a-af60-3f6c841df339&nonce=5afd8e9d-1db0-4304-b4dc-0f097eac50e6
03:57:58.303 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:79cb5203-cd48-41cf-9d62-0294167a0913
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212A10.9738.DC50.71D8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6b2b8280-f954-401a-af60-3f6c841df339&nonce=5afd8e9d-1db0-4304-b4dc-0f097eac50e6

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=7e56b04a-7c91-42a8-9d3e-353015ae0adc&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyQTEwLjk3MzguREM1MC43MUQ4IiwiZXhwIjoxNTMwODY3NDU3LCJpYXQiOjE1MzA4NjM4NTcsIm5vbmNlIjoiNWFmZDhlOWQtMWRiMC00MzA0LWI0ZGMtMGYwOTdlYWM1MGU2IiwiYXV0aF90aW1lIjoxNTMwODYzODU3LCJhdF9oYXNoIjoiZlRtWUg3cm1tVmtGSGFSWl9RRmtRdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik9xZjFEd3BmTDhUYXhLaVVsVFBDVy14bWJ3RlNFQXg3QkVsRkdOakdYc1kifQ.a0UCNQE-TMTIzQmqyUEVlzUeIYxznx4wpQXuUfyJmU0nixa7t_cWmlYwwkCK98BdixdvUnSnfMX3tYsjCkmvnLGRa1dIZ2IWMvM54pJM0o8BxC0jmAasK2jJdZRDx3s_g0sBmqxHHWd-IFEYtUo5nzvi5IiYOsUF45TF2ELWc97wdzJwl0pEIpJZa7WqqkSw31_EeDpk66240h7xioz3bf_UnuCbFTAaQ1xkudxUj2EwzX1f7BNKWspjVKm9A1RVH9aOj7aP-C7_OnW1t2DfhNYTZNy1UwgM6cxv4RrRSCdUf9gu5keE7JmpDZR67GhyL7q4LTRij7VHKUxw33gvbQ&session_id=5913f3a6-33a5-4755-a9fb-98fb8b4122ba&state=6b2b8280-f954-401a-af60-3f6c841df339&token_type=bearer&session_state=79cb5203-cd48-41cf-9d62-0294167a0913&expires_in=299

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212A10.9738.DC50.71D8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fe540c5f-2e39-482f-aa23-459223f03ded&nonce=8744eec2-ab9e-4467-9b3a-06a4a86c00bc&prompt=none&access_token=7e56b04a-7c91-42a8-9d3e-353015ae0adc

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:57:37 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=20971e75-08c9-4832-83af-b048f21be3ba&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyQTEwLjk3MzguREM1MC43MUQ4IiwiZXhwIjoxNTMwODY3NDU3LCJpYXQiOjE1MzA4NjM4NTcsIm5vbmNlIjoiODc0NGVlYzItYWI5ZS00NDY3LTliM2EtMDZhNGE4NmMwMGJjIiwiYXV0aF90aW1lIjoxNTMwODYzODU3LCJjX2hhc2giOiJraXd2V2R3UzRiaTM4QlhNSXYyRWpnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiT3FmMUR3cGZMOFRheEtpVWxUUENXLXhtYndGU0VBeDdCRWxGR05qR1hzWSJ9.obca4wN9H2PEAOJZJqIwV1fWlvUXsi5JC1m2rKGaSMUA2uTTWQSLAD8Tn88ACMnArnvU2cYvAzlx16dn3PUpq6yWOcEtTN5utY4KJEs48hWWUiErp6gynYPTI08GxRzYaXtqzmnognui52ZMGV7m-HwErUcBJ3ZQ9XFNkMce5xpFVK82Ra4Fml7Yc9pLKAOSlDCDYlesKck1u5lLYfBLG1KqSLP8nZwa-Qbpd2k38y6WN8sjXpWwcEiYCNQ4x6NL4xE-TEQWiYxTTquHvQkXE2vF3oGpE5qqSei3JDGJYGuwyhKPfFY4riwds2I8xofkuOaqD0Hj8IBj8dA5ZERbSQ&session_id=672260e5-0eed-45f8-90a4-229ab758f2a7&state=fe540c5f-2e39-482f-aa23-459223f03ded&session_state=3034fee4-a05e-482d-9373-bd30b7245366
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMkExMC45NzM4LkRDNTAuNzFEODo1ODcwOTRkMy00YjM3LTQyNTktODkzYS1kNmY4MzViYmJlOTM=

grant_type=authorization_code&code=20971e75-08c9-4832-83af-b048f21be3ba&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"053b1cfa-e5a3-426e-8222-2f4992fdae90","token_type":"bearer","expires_in":299,"refresh_token":"b3ba7b83-fd89-4755-af02-1b767ddcd5f2","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyQTEwLjk3MzguREM1MC43MUQ4IiwiZXhwIjoxNTMwODY3NDU3LCJpYXQiOjE1MzA4NjM4NTcsIm5vbmNlIjoiODc0NGVlYzItYWI5ZS00NDY3LTliM2EtMDZhNGE4NmMwMGJjIiwiYXV0aF90aW1lIjoxNTMwODYzODU3LCJhdF9oYXNoIjoidjVOamZUN0p0U0w1WUN6SFJLa21aZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik9xZjFEd3BmTDhUYXhLaVVsVFBDVy14bWJ3RlNFQXg3QkVsRkdOakdYc1kifQ.NGAdCFheYYIZLJoHO9IQ2g--HJJsFlPtObbQz_vEUbeiZqDZcinisIz2nGXXT59HL28Mx8UywaSChJPA_u4w81w36NqQpMc8ojsOwTYZ1MxNVpX-Z6Hb8vOGKpkqKQyzWvE9lVYFLYA_fLUs0hNiK_9UaYgRU6RDZp7ofSMjAVqoA3iJFaRL0RrUDP6UGo_VJ2Nt84zSyzVhogMO4c44e7siJstkX2tD5JDk6bHSL7JJQkHILKAXtNfhWGwS6gWOIOPWKmOJtqHXPOKASVmaJPAP9Hgma9suWhoU7M4QfQLXys_lyNXVttHCtuUt5u4a2fdEm-i1KPcUwfUOvQAlgQ"}

#######################################################
TEST: requestAuthorizationAccessTokenFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2415.4784.B15E.362A",
    "client_secret": "506ca433-3746-48b6-817b-f26df5884d27",
    "registration_access_token": "a2c683cf-6ad4-428f-8f13-fa1578b19aae",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2415.4784.B15E.362A",
    "client_id_issued_at": 1530863857,
    "client_secret_expires_at": 1530950257,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer a2c683cf-6ad4-428f-8f13-fa1578b19aae

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2415.4784.B15E.362A",
    "client_secret": "506ca433-3746-48b6-817b-f26df5884d27",
    "registration_access_token": "a2c683cf-6ad4-428f-8f13-fa1578b19aae",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2415.4784.B15E.362A",
    "client_id_issued_at": 1530863857,
    "client_secret_expires_at": 1530950257,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212415.4784.B15E.362A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=597f0791-d4b8-4716-b2a9-6b3cc2e8ccd1&prompt=none&access_token=INVALID_ACCESS_TOKEN

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:57:37 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=597f0791-d4b8-4716-b2a9-6b3cc2e8ccd1&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationAccessTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!737C.C1BA.4DB8.504C",
    "client_secret": "dfe1eb0c-6b4c-4478-a469-6ee78b5d5990",
    "registration_access_token": "6f88c294-93fa-41d2-be0b-ffeb113851c1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!737C.C1BA.4DB8.504C",
    "client_id_issued_at": 1530863857,
    "client_secret_expires_at": 1530950257,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 6f88c294-93fa-41d2-be0b-ffeb113851c1

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:37 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!737C.C1BA.4DB8.504C",
    "client_secret": "dfe1eb0c-6b4c-4478-a469-6ee78b5d5990",
    "registration_access_token": "6f88c294-93fa-41d2-be0b-ffeb113851c1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!737C.C1BA.4DB8.504C",
    "client_id_issued_at": 1530863857,
    "client_secret_expires_at": 1530950257,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21737C.C1BA.4DB8.504C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f1e5933e-29d5-45d6-8992-222d50de33ff&nonce=bc312faf-d186-491b-91bd-d62efe614a13
03:58:00.025 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:eed95507-30a8-46d4-a028-733db8da675c
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21737C.C1BA.4DB8.504C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f1e5933e-29d5-45d6-8992-222d50de33ff&nonce=bc312faf-d186-491b-91bd-d62efe614a13

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=635cfd1e-04de-4ffe-8d17-b17d1acae7c5&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3MzdDLkMxQkEuNERCOC41MDRDIiwiZXhwIjoxNTMwODY3NDU5LCJpYXQiOjE1MzA4NjM4NTksIm5vbmNlIjoiYmMzMTJmYWYtZDE4Ni00OTFiLTkxYmQtZDYyZWZlNjE0YTEzIiwiYXV0aF90aW1lIjoxNTMwODYzODU5LCJhdF9oYXNoIjoiMmMzTVR4V3o5eDNzZTBWZmIxY081QSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IndIS3VsN0k5aXhJX0JJUDY1Q3pxNThSRFk3Y2pGNWlLODltMGlzN093MlkifQ.LV-gla4rF6FLQDF2R6kJlNSQWD06bh1Q4-YftCIlS1D6BE4-0QBAgaP0xuSrpL5bYTofpY-faARPutsMWLmeqmt8qpWCXWhXnLVYJILFJj3mtzcYtd8barTTf6edtioLhnQos7Ue545lXosd0qHFG7Y4p6rbe6YKJN8lKmAt8sQZUGb2qufWjVeKE9Q1zLF2vvRbLPuIAur4qO2mIbdsynD-rC-qv08KJB9vhmGroe-WV5VBLgyh1KnsmBUI9lAIkShnrm1gLLQMi4wyX_GvASK5igZHuOTTGXNhMx1L2vl0Mh-R-hbRLY_Djqcj4qcDFhb91LAbbMhX9gW924ahbg&session_id=e7147989-7b46-47d0-97af-cdc8505c7c5d&state=f1e5933e-29d5-45d6-8992-222d50de33ff&token_type=bearer&session_state=eed95507-30a8-46d4-a028-733db8da675c&expires_in=299

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21737C.C1BA.4DB8.504C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cccf8018-30c6-4b16-bc73-b96f607dd228&nonce=a6d0da3f-fd6b-49d8-8f7d-9e3bb450ee88&prompt=none&access_token=635cfd1e-04de-4ffe-8d17-b17d1acae7c5

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:57:39 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=9b5b4382-b2b9-480e-98ee-cf2cba0f9efb&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3MzdDLkMxQkEuNERCOC41MDRDIiwiZXhwIjoxNTMwODY3NDU5LCJpYXQiOjE1MzA4NjM4NTksIm5vbmNlIjoiYTZkMGRhM2YtZmQ2Yi00OWQ4LThmN2QtOWUzYmI0NTBlZTg4IiwiYXV0aF90aW1lIjoxNTMwODYzODU5LCJjX2hhc2giOiJ0UXFYN2pJelB3eUJFTFB0TEVUMld3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoid0hLdWw3STlpeElfQklQNjVDenE1OFJEWTdjakY1aUs4OW0waXM3T3cyWSJ9.Czv8NIy1DalbRb_WHE867RBVOYllDYae1XPZ-82bmFRdcy0GAXth5W576FZFKyC7zCmARasCiEeJiNWG3cBhV8zQXGdv61xy8YIVdz_jZCadV2imth4q7Hj29yfd4WbHzojaJIrP1XWkbo5e9hal-I0u7_ut2RytnMFLe74GSmUAtIqEbTkSVMQtgzzpZNJUYsNOlEMk5uwinTnf3GgHjYqlmJkN8HJIVtawFM9RjrtbWWf-pmaDzWs2mDAYsiuskVH54qwPAyz8PHIckZCTo5DUmlWmlGjHcCoZVS8lRB961mgCfrwT0jk10te_fUcTkg9ws-HVXK-CelhUGXJYFQ&session_id=a6fc0434-8830-43f9-b586-cafb82b4a818&state=cccf8018-30c6-4b16-bc73-b96f607dd228&session_state=715b17c6-4917-4170-9c1a-ffa885f8644c
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNzM3Qy5DMUJBLjREQjguNTA0QzpkZmUxZWIwYy02YjRjLTQ0NzgtYTQ2OS02ZWU3OGI1ZDU5OTA=

grant_type=authorization_code&code=9b5b4382-b2b9-480e-98ee-cf2cba0f9efb&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:39 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"19d00df6-4152-4b78-b4d5-b6d4c3782f78","token_type":"bearer","expires_in":299,"refresh_token":"b86c48d2-b6fd-43c8-8e4b-f034de2873dc","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3MzdDLkMxQkEuNERCOC41MDRDIiwiZXhwIjoxNTMwODY3NDU5LCJpYXQiOjE1MzA4NjM4NTksIm5vbmNlIjoiYTZkMGRhM2YtZmQ2Yi00OWQ4LThmN2QtOWUzYmI0NTBlZTg4IiwiYXV0aF90aW1lIjoxNTMwODYzODU5LCJhdF9oYXNoIjoiREJITFcyd3Fjd3d5NXZlMzFvVi0yUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IndIS3VsN0k5aXhJX0JJUDY1Q3pxNThSRFk3Y2pGNWlLODltMGlzN093MlkifQ.ThgeJ7vGJpvkBHElpBS0xEdmr20PHSFA1hMG97sjhk3b3HfbF-qHoV0yfS2ZVMlW6rz2rV9OCavLSEeAiaolMV5khtWpFms6SO4v333DViVvj4ixZvimQIcjoDIJAl-UBt2oVHPXddpnfezRH3YQvrM6kPAjKcY8VEFOlOHzQpcZz7EFeN5zxLGQxzAEb9C7Kh39KvugYpxv2fxA9ll31TMN8rdrcy5hHCSc4LmJ_Alrc3GYcx8p2fQdWVH_XWbEbDJvFDpWCqIxMjAJIkNLWBrlem5oL5e7aszhZ-UmjjZhuSnxfZcQVMIqpQoCF55lkxY33tx90xLlhsnJti2TWQ"}

#######################################################
TEST: requestAuthorizationCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:39 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A834.F6EB.33FF.F708",
    "client_secret": "3cf999a8-ec00-4384-b7e8-dd13ec75e1a8",
    "registration_access_token": "8a41417a-0814-4634-af13-88ffe338c37f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A834.F6EB.33FF.F708",
    "client_id_issued_at": 1530863859,
    "client_secret_expires_at": 1530950259,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8a41417a-0814-4634-af13-88ffe338c37f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:39 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A834.F6EB.33FF.F708",
    "client_secret": "3cf999a8-ec00-4384-b7e8-dd13ec75e1a8",
    "registration_access_token": "8a41417a-0814-4634-af13-88ffe338c37f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A834.F6EB.33FF.F708",
    "client_id_issued_at": 1530863859,
    "client_secret_expires_at": 1530950259,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A834.F6EB.33FF.F708&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=312ac21f-a73c-4422-9cf5-0e34e4be1dfd
03:58:01.953 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4d834798-7d84-4e8e-9ab5-3d824ae55ac7
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A834.F6EB.33FF.F708&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=312ac21f-a73c-4422-9cf5-0e34e4be1dfd

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=d16e12a6-f44f-42a4-a74e-5c0c8aed7271&scope=address+openid+profile+email&session_id=9c408c0a-cfdd-4401-9304-4aa200044b3d&state=312ac21f-a73c-4422-9cf5-0e34e4be1dfd&session_state=4d834798-7d84-4e8e-9ab5-3d824ae55ac7

#######################################################
TEST: requestAuthorizationCodeFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 175
Content-Type: text/plain
Date: Fri, 06 Jul 2018 07:57:41 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed."}

#######################################################
TEST: requestAuthorizationCodeFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:41 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7A36.8ADE.2E67.2E6A",
    "client_secret": "47606188-ff18-4d8f-858e-34c4e53bc5a4",
    "registration_access_token": "bab5efff-dfd6-4501-a88b-5d7f445658b8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7A36.8ADE.2E67.2E6A",
    "client_id_issued_at": 1530863861,
    "client_secret_expires_at": 1530950261,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer bab5efff-dfd6-4501-a88b-5d7f445658b8

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:41 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7A36.8ADE.2E67.2E6A",
    "client_secret": "47606188-ff18-4d8f-858e-34c4e53bc5a4",
    "registration_access_token": "bab5efff-dfd6-4501-a88b-5d7f445658b8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7A36.8ADE.2E67.2E6A",
    "client_id_issued_at": 1530863861,
    "client_secret_expires_at": 1530950261,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217A36.8ADE.2E67.2E6A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2FINVALID_REDIRECT_URI&state=d949d5a5-54d2-4861-97a5-deafaaccf577&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 220
Content-Type: text/plain
Date: Fri, 06 Jul 2018 07:57:41 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"d949d5a5-54d2-4861-97a5-deafaaccf577"}

#######################################################
TEST: requestAuthorizationCodeFail3
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code&client_id=%40%211111%210008%21INVALID_VALUE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3090c51b-f532-4b49-8ffe-1fd6937f8ee3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 175
Content-Type: text/plain
Date: Fri, 06 Jul 2018 07:57:41 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"unauthorized_client","error_description":"The client is not authorized to request an access token using this method.","state":"3090c51b-f532-4b49-8ffe-1fd6937f8ee3"}

#######################################################
TEST: requestAuthorizationCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:41 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AC5F.DB68.188D.FFE5",
    "client_secret": "81098c74-1f60-47cb-a2ab-50e45893385b",
    "registration_access_token": "be833898-998a-410d-92d9-ffa845f50318",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AC5F.DB68.188D.FFE5",
    "client_id_issued_at": 1530863861,
    "client_secret_expires_at": 1530950261,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer be833898-998a-410d-92d9-ffa845f50318

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:41 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AC5F.DB68.188D.FFE5",
    "client_secret": "81098c74-1f60-47cb-a2ab-50e45893385b",
    "registration_access_token": "be833898-998a-410d-92d9-ffa845f50318",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AC5F.DB68.188D.FFE5",
    "client_id_issued_at": 1530863861,
    "client_secret_expires_at": 1530950261,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AC5F.DB68.188D.FFE5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5b261443-b118-4801-997f-5debadbf2399&nonce=f6252de3-283b-47e3-969d-eec3e1c56b7f
03:58:03.798 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:3cbbde3a-4d56-4937-8a72-8f37794b2f2b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AC5F.DB68.188D.FFE5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5b261443-b118-4801-997f-5debadbf2399&nonce=f6252de3-283b-47e3-969d-eec3e1c56b7f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=fddb70ff-db2d-42e7-b221-45cb6a06270d&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBQzVGLkRCNjguMTg4RC5GRkU1IiwiZXhwIjoxNTMwODY3NDYyLCJpYXQiOjE1MzA4NjM4NjIsIm5vbmNlIjoiZjYyNTJkZTMtMjgzYi00N2UzLTk2OWQtZWVjM2UxYzU2YjdmIiwiYXV0aF90aW1lIjoxNTMwODYzODYyLCJjX2hhc2giOiI3Sk50RW4wVXdJeUpFQkRYY2hoZG13Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiUmhjWGFScFZucHRtWXpmNTRFNzZBZlNkM0VwaGVWSFRiY3lBMVFxZDlVRSJ9.PPB2m2IehbLaHFNeaef2f7sAo67MCXMzK7wUV7q06J0GodHHdHLyvidHGf-zgUqRGj0kNfASVj-n-MjLgSRIQqyj15voboXFKtZHvu0368skVVGLd2ke5tzAej0EisViLlZI__wZVUHTj3fq_dC2BYqXvKU7WIB-XDoscpskzRVuO8HNosHs0-VvyThJ-ua6idM4Nbex2AIDkGDlivSMjmEFeV7aU8jWs4ahhO0UxFbeeR9gFeCIWKanbLBjkQtP_oEFOsy48GG48iwqGv89xeuZZgucnsc6qCXmSBXLn7uujQ3CGPKmVz9Z861V5DkE2YDV3zsnye9efzqDeUUC7A&session_id=e5d35b66-c166-4276-8853-da7edc3db082&state=5b261443-b118-4801-997f-5debadbf2399&session_state=3cbbde3a-4d56-4937-8a72-8f37794b2f2b

#######################################################
TEST: requestAuthorizationCodeIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!525E.F14D.7BB7.AA4C",
    "client_secret": "1c11363c-92de-4f15-8cad-1978a9b27087",
    "registration_access_token": "1ced991b-b41e-4ae4-bcda-b8a001234d7b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!525E.F14D.7BB7.AA4C",
    "client_id_issued_at": 1530863862,
    "client_secret_expires_at": 1530950262,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 1ced991b-b41e-4ae4-bcda-b8a001234d7b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:42 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!525E.F14D.7BB7.AA4C",
    "client_secret": "1c11363c-92de-4f15-8cad-1978a9b27087",
    "registration_access_token": "1ced991b-b41e-4ae4-bcda-b8a001234d7b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!525E.F14D.7BB7.AA4C",
    "client_id_issued_at": 1530863862,
    "client_secret_expires_at": 1530950262,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21525E.F14D.7BB7.AA4C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=50839a12-db26-4148-a15e-7330edc8fb16&nonce=c72a61c1-b144-4cf8-b525-753daccb3108
03:58:05.086 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b00850e7-1246-45d0-b035-8c18c82d24ca
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21525E.F14D.7BB7.AA4C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=50839a12-db26-4148-a15e-7330edc8fb16&nonce=c72a61c1-b144-4cf8-b525-753daccb3108

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=7bcbae61-529d-4bb3-b4b9-1db3064bf733&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1MjVFLkYxNEQuN0JCNy5BQTRDIiwiZXhwIjoxNTMwODY3NDY0LCJpYXQiOjE1MzA4NjM4NjQsIm5vbmNlIjoiYzcyYTYxYzEtYjE0NC00Y2Y4LWI1MjUtNzUzZGFjY2IzMTA4IiwiYXV0aF90aW1lIjoxNTMwODYzODYzLCJjX2hhc2giOiI3Z0hWTXRsTzN1VzZQbGRBTGgwSTNnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiVzBfSW1mWThJWGQ2djVKeHZZTmVvRUhoTVU4RDlXOUlFdWZPN1BIbnRpYyJ9.C8zmaywrB7Svx9Qlqs4Fyx0d1leg1uYodbYzdqULSc4ceOXxC8njGbru-0ZZvxdTGlV3U4hUsfVBGYsZitHpeTTrFdgUspTNomaT6jwAzycrivORTUGJb4WraFPqSHIYaDg1ZKscp0tUxR0gIFwrAK6R0WYIFK2DqaYq14bJGynLd7KpChRok3z49FhdUhtx8zNVqpoRfGQH9hzXsu2uC1R8WZyAArbzsIRY1mO1Q1jbI4PxRJfMwIphAbFdxJ7xGJwm4NHRiBp2PPORCcx7-mbTMDFSnW0vzcfRu4eGegn1bFkVBnyWAk_WKdey9-3AdEh9lea4S2mCbPU2JGQYgw&session_id=dc29db26-6e58-4816-8aea-8efcb0b319f3&state=50839a12-db26-4148-a15e-7330edc8fb16&session_state=b00850e7-1246-45d0-b035-8c18c82d24ca

#######################################################
TEST: requestAuthorizationCodeNoRedirection
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F932.C86C.E093.EDC0",
    "client_secret": "c827599d-481a-4238-bbc4-6f7ada7a30c5",
    "registration_access_token": "8ccbb4d4-68ff-453f-8721-25b5ef1f2e5f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F932.C86C.E093.EDC0",
    "client_id_issued_at": 1530863864,
    "client_secret_expires_at": 1530950264,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8ccbb4d4-68ff-453f-8721-25b5ef1f2e5f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:44 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F932.C86C.E093.EDC0",
    "client_secret": "c827599d-481a-4238-bbc4-6f7ada7a30c5",
    "registration_access_token": "8ccbb4d4-68ff-453f-8721-25b5ef1f2e5f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F932.C86C.E093.EDC0",
    "client_id_issued_at": 1530863864,
    "client_secret_expires_at": 1530950264,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F932.C86C.E093.EDC0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=23daaf36-ef9a-4443-9b71-1d889def329e
03:58:06.448 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:5765eb2f-da03-442b-bf94-357b2b2032e5
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F932.C86C.E093.EDC0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=23daaf36-ef9a-4443-9b71-1d889def329e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=1342d244-1512-4684-857c-9ef917d458a4&scope=address+openid+profile+email&session_id=97f04230-1b0a-47c9-bc7b-64af4d64677b&state=23daaf36-ef9a-4443-9b71-1d889def329e&session_state=5765eb2f-da03-442b-bf94-357b2b2032e5

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
X-Gluu-NoRedirect: true

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F932.C86C.E093.EDC0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=23daaf36-ef9a-4443-9b71-1d889def329e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------


#######################################################
TEST: requestAuthorizationCodeUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C4E4.5367.54C9.F5CB",
    "client_secret": "f42679e4-4e39-4cea-8c44-42b98152a40b",
    "registration_access_token": "326bf42e-e77c-444f-8685-8cde54756d3f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C4E4.5367.54C9.F5CB",
    "client_id_issued_at": 1530863865,
    "client_secret_expires_at": 1530950265,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 326bf42e-e77c-444f-8685-8cde54756d3f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:45 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C4E4.5367.54C9.F5CB",
    "client_secret": "f42679e4-4e39-4cea-8c44-42b98152a40b",
    "registration_access_token": "326bf42e-e77c-444f-8685-8cde54756d3f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C4E4.5367.54C9.F5CB",
    "client_id_issued_at": 1530863865,
    "client_secret_expires_at": 1530950265,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C4E4.5367.54C9.F5CB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f9e9a27a-387c-42eb-8973-8820f19b217b
03:58:07.750 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:bc658a96-e78d-4b05-b7d9-0ecabc8ab6b3
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C4E4.5367.54C9.F5CB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f9e9a27a-387c-42eb-8973-8820f19b217b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=573fef13-e4a1-4aa0-984e-c45e3bc2fe79&scope=address+openid+profile+email&session_id=18d3f728-a2c0-4507-bd13-fa6d2d8eed50&state=f9e9a27a-387c-42eb-8973-8820f19b217b&session_state=bc658a96-e78d-4b05-b7d9-0ecabc8ab6b3

#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUri
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "application_type": "web",
    "client_name": "oxAuth test app"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1082
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:46 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4F0F.808E.98E1.040C",
    "client_secret": "fb92f83d-946c-49a1-ad12-87c51cc078b8",
    "registration_access_token": "60281085-e64d-49b0-87aa-4aee82f4568d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4F0F.808E.98E1.040C",
    "client_id_issued_at": 1530863866,
    "client_secret_expires_at": 1530950266,
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214F0F.808E.98E1.040C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=aac485ed-b1c8-4b1f-986e-8f0734ac511c
03:58:08.813 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:494da54c-44f4-4f3f-8898-7b0d474b0b04
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214F0F.808E.98E1.040C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=aac485ed-b1c8-4b1f-986e-8f0734ac511c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=94485e67-6a89-494b-99c7-802417148853&scope=address+openid+profile+email&session_id=3571f9e3-8950-4fbb-9ab6-aca1cf38bb79&state=aac485ed-b1c8-4b1f-986e-8f0734ac511c&session_state=494da54c-44f4-4f3f-8898-7b0d474b0b04

#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUriFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A880.B195.19F3.A1A6",
    "client_secret": "db936435-2c35-4fa9-9b21-719b7158f96b",
    "registration_access_token": "33d2c554-d7ad-4d6e-94fa-997cd15eba39",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A880.B195.19F3.A1A6",
    "client_id_issued_at": 1530863867,
    "client_secret_expires_at": 1530950267,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A880.B195.19F3.A1A6&scope=openid+profile+address+email&state=7fcad7ec-9696-4516-8c71-599c06ee2154&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 220
Content-Type: text/plain
Date: Fri, 06 Jul 2018 07:57:47 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"7fcad7ec-9696-4516-8c71-599c06ee2154"}

#######################################################
TEST: requestAuthorizationCodeWithoutRedirectUriUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1080
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:47 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2F33.FE8F.3110.93FD",
    "client_secret": "9f466dd6-07f6-4f65-9762-3db2e73217e4",
    "registration_access_token": "81ae7a65-305d-431f-b886-bc84985f5f9d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2F33.FE8F.3110.93FD",
    "client_id_issued_at": 1530863867,
    "client_secret_expires_at": 1530950267,
    "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%212F33.FE8F.3110.93FD&scope=openid+profile+address+email&state=b6509e0c-d28b-4bce-8dbf-44698c016787&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:57:48 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=2a28407a-d29e-44dd-a2b5-483ddcef7203&scope=address+openid+profile+email&session_id=f45e96bc-de0f-4742-95a2-4ae11356afc8&state=b6509e0c-d28b-4bce-8dbf-44698c016787&session_state=953eecfd-5201-4653-9f2c-db20ea63f6be
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationDenyAccessThenGrantAccess
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:48 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AE9B.3441.1229.B815",
    "client_secret": "3fe19c44-3b4b-4af5-98ef-ee87d46dae7e",
    "registration_access_token": "fe9e1fad-07a6-4486-9861-653df079d2f8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AE9B.3441.1229.B815",
    "client_id_issued_at": 1530863868,
    "client_secret_expires_at": 1530950268,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AE9B.3441.1229.B815&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bee57ac3-fb36-43f3-aeb3-020b2855e351
03:58:10.269 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndDenyAccess: sessionId:926c0ae1-1cce-4ce8-b9d3-bb8b1a84bb05
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AE9B.3441.1229.B815&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bee57ac3-fb36-43f3-aeb3-020b2855e351

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=bee57ac3-fb36-43f3-aeb3-020b2855e351

authorizationRequestAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AE9B.3441.1229.B815&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=428649c1-cc81-4487-a996-35b9fa4c8e14&session_id=926c0ae1-1cce-4ce8-b9d3-bb8b1a84bb05
authorizationRequestAndDenyAccess: sessionState:null
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AE9B.3441.1229.B815&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=428649c1-cc81-4487-a996-35b9fa4c8e14&session_id=926c0ae1-1cce-4ce8-b9d3-bb8b1a84bb05

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=428649c1-cc81-4487-a996-35b9fa4c8e14

authorizationRequestAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AE9B.3441.1229.B815&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4169c1c6-2728-4bd3-8267-3fdbad93adac&session_id=926c0ae1-1cce-4ce8-b9d3-bb8b1a84bb05
authorizationRequestAndGrantAccess: sessionState:7fe0845f-deed-42a2-8c2a-e3c2e1f5cc50
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AE9B.3441.1229.B815&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4169c1c6-2728-4bd3-8267-3fdbad93adac&session_id=926c0ae1-1cce-4ce8-b9d3-bb8b1a84bb05

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=755ecc17-9420-41f9-860e-77fc32264747&scope=address+openid+profile+email&session_id=926c0ae1-1cce-4ce8-b9d3-bb8b1a84bb05&state=4169c1c6-2728-4bd3-8267-3fdbad93adac&session_state=7fe0845f-deed-42a2-8c2a-e3c2e1f5cc50

#######################################################
TEST: requestAuthorizationForOpenIdScopeAndPairwiseId
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FE8D.1B4B.7A0B.778F",
    "client_secret": "030b8d87-ffcf-421b-855c-8791ac749e4e",
    "registration_access_token": "36db7a69-9438-4386-bd2d-cb542b6e571c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FE8D.1B4B.7A0B.778F",
    "client_id_issued_at": 1530863870,
    "client_secret_expires_at": 1530950270,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 36db7a69-9438-4386-bd2d-cb542b6e571c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:50 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FE8D.1B4B.7A0B.778F",
    "client_secret": "030b8d87-ffcf-421b-855c-8791ac749e4e",
    "registration_access_token": "36db7a69-9438-4386-bd2d-cb542b6e571c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FE8D.1B4B.7A0B.778F",
    "client_id_issued_at": 1530863870,
    "client_secret_expires_at": 1530950270,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwner: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FE8D.1B4B.7A0B.778F&scope=openid&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=50e2718d-36f7-4b19-94ec-53eb23c5eea5
03:58:12.359 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwner: sessionState:24e0583e-62a3-40e9-aa4b-fed1234ca553
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FE8D.1B4B.7A0B.778F&scope=openid&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=50e2718d-36f7-4b19-94ec-53eb23c5eea5

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth/authorize?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=50e2718d-36f7-4b19-94ec-53eb23c5eea5&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FE8D.1B4B.7A0B.778F

#######################################################
TEST: requestAuthorizationIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9255.BD2E.7C31.96ED",
    "client_secret": "dbe97c18-dd1f-4aa7-8a76-2167b025402a",
    "registration_access_token": "ed2289a8-56e0-4ce7-8a55-0163cbb81f59",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9255.BD2E.7C31.96ED",
    "client_id_issued_at": 1530863871,
    "client_secret_expires_at": 1530950271,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer ed2289a8-56e0-4ce7-8a55-0163cbb81f59

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:51 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9255.BD2E.7C31.96ED",
    "client_secret": "dbe97c18-dd1f-4aa7-8a76-2167b025402a",
    "registration_access_token": "ed2289a8-56e0-4ce7-8a55-0163cbb81f59",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9255.BD2E.7C31.96ED",
    "client_id_issued_at": 1530863871,
    "client_secret_expires_at": 1530950271,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219255.BD2E.7C31.96ED&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=93473ec6-1154-4eec-94db-0d278f94e33b&nonce=b7f1d41c-111d-40c5-bcda-99d001c434cb
03:58:13.539 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:1efa077d-0681-476f-bfc9-af3d3ac14052
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219255.BD2E.7C31.96ED&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=93473ec6-1154-4eec-94db-0d278f94e33b&nonce=b7f1d41c-111d-40c5-bcda-99d001c434cb

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5MjU1LkJEMkUuN0MzMS45NkVEIiwiZXhwIjoxNTMwODY3NDcyLCJpYXQiOjE1MzA4NjM4NzIsIm5vbmNlIjoiYjdmMWQ0MWMtMTExZC00MGM1LWJjZGEtOTlkMDAxYzQzNGNiIiwiYXV0aF90aW1lIjoxNTMwODYzODcyLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJNRFMtemlqeXhndWpoS0hFM1Y0Z251SlhCN1dHSnZuS0pUaFZVMmlBTjN3In0.SO2yBMQnb-3PvmZwqo7mgULJjW72LNVL-LVRet8nedGTSHrOlLbh6UuRVJhqhud9rHZ9KmGOpkBhu43rv8rUtpoRIrKdge_R3zMXV02Qs6SgC7V-ZEx4dVDE0tO2JrIvnYnEALMrbIjabcHhsvaikIt7auh8O985SeURYbgKi7TTorl80lB90oubLKxQ7NDxd63WLJ2cbKYZ-6yP-8SN4OlVsDGh2wvfCrCLuq58JpFuAERqTO15Pk6tERil2pNK812INXW9RLmxIccRRPvWsBPOcs46sJw_cDn6bDkN-n9evT32gSZ0VmEURFtbA7VBjyenPF10RMDIHEjKxMXqCg&session_id=b5df1e39-a3c0-44ba-8742-52b84577e529&state=93473ec6-1154-4eec-94db-0d278f94e33b&session_state=1efa077d-0681-476f-bfc9-af3d3ac14052

#######################################################
TEST: requestAuthorizationIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["id_token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!404F.FE62.EF92.9CDA",
    "client_secret": "2683ed7d-6a7b-4b4f-a5db-d9bb124d6820",
    "registration_access_token": "4c0b14b1-88ae-472c-a4e6-d0e04d8bc170",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!404F.FE62.EF92.9CDA",
    "client_id_issued_at": 1530863872,
    "client_secret_expires_at": 1530950272,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 4c0b14b1-88ae-472c-a4e6-d0e04d8bc170

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:52 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!404F.FE62.EF92.9CDA",
    "client_secret": "2683ed7d-6a7b-4b4f-a5db-d9bb124d6820",
    "registration_access_token": "4c0b14b1-88ae-472c-a4e6-d0e04d8bc170",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!404F.FE62.EF92.9CDA",
    "client_id_issued_at": 1530863872,
    "client_secret_expires_at": 1530950272,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21404F.FE62.EF92.9CDA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a0a51207-bda2-4977-80b9-3a7b8d341cca&nonce=d92bd457-95a1-44bc-9a94-81cb7003dfa4
03:58:14.839 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:2a41d240-f1fa-4935-8317-20c36c3ede7b
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21404F.FE62.EF92.9CDA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a0a51207-bda2-4977-80b9-3a7b8d341cca&nonce=d92bd457-95a1-44bc-9a94-81cb7003dfa4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0MDRGLkZFNjIuRUY5Mi45Q0RBIiwiZXhwIjoxNTMwODY3NDczLCJpYXQiOjE1MzA4NjM4NzMsIm5vbmNlIjoiZDkyYmQ0NTctOTVhMS00NGJjLTlhOTQtODFjYjcwMDNkZmE0IiwiYXV0aF90aW1lIjoxNTMwODYzODczLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJOZWJyb1IxZ28wcWhBYWtieDY0LWJjd3RraDI2eFYxdU5XZlVldXJDekRJIn0.MCN1Alfy9yeIVavrK1Rwze2JBpy5c_xNv3CCsemy0EQXRiuAN4NkzlXDDB8j1Rk8bd4KYBm92UQPJbMu70BimzGxUlHYH1u43MiPjlwn0xh0Idd9JMWNVaBq3kM1yN0F8AJ0WHVujFkTxZyu9Z1Qz1OBW5F_xb38gFEBkEOGX4EhNZRyx_B19M8pPoFMgs0QO0u1uMqWuSAadzHyIIW0wMLT7SsAizONybdmhYyyK4CJdC8paHvQZK9pShpwA4NixvHkkbfErN8YhU1uLcoX5dy_BX5gFzlNM_hrU_b0eKf7lL5avkYrKupOc997tjn8G7pmbWGfFFYjuWXPZxYXhQ&session_id=f489eb74-196a-424a-898b-106f38f2c3e2&state=a0a51207-bda2-4977-80b9-3a7b8d341cca&session_state=2a41d240-f1fa-4935-8317-20c36c3ede7b

#######################################################
TEST: requestAuthorizationPromptConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!69DB.69A2.4EC3.44C0",
    "client_secret": "2f0356f4-a43e-48ae-8c26-f715d8fd68a5",
    "registration_access_token": "f1d38fcd-1509-469d-924d-c6572b953cee",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!69DB.69A2.4EC3.44C0",
    "client_id_issued_at": 1530863873,
    "client_secret_expires_at": 1530950273,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f1d38fcd-1509-469d-924d-c6572b953cee

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:53 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!69DB.69A2.4EC3.44C0",
    "client_secret": "2f0356f4-a43e-48ae-8c26-f715d8fd68a5",
    "registration_access_token": "f1d38fcd-1509-469d-924d-c6572b953cee",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!69DB.69A2.4EC3.44C0",
    "client_id_issued_at": 1530863873,
    "client_secret_expires_at": 1530950273,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2169DB.69A2.4EC3.44C0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b58feba7-f107-49db-b5e4-e9426092ea20&prompt=consent
03:58:16.092 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:9eb26b25-f188-467b-8b35-b8b65f0fd121
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2169DB.69A2.4EC3.44C0&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b58feba7-f107-49db-b5e4-e9426092ea20&prompt=consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=56dafa0b-1b13-4836-a588-ebdbfdad85d4&scope=address+openid+profile+email&session_id=89d4d792-8c9b-4dd6-8c17-f21b53c704e7&state=b58feba7-f107-49db-b5e4-e9426092ea20&session_state=9eb26b25-f188-467b-8b35-b8b65f0fd121

#######################################################
TEST: requestAuthorizationPromptConsentTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6B6D.A307.88C6.6402",
    "client_secret": "21a4432a-4b6f-453b-b354-a6e3f2131f18",
    "registration_access_token": "8c1f6e6e-7681-4363-90aa-7fa47f4bc1b4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6B6D.A307.88C6.6402",
    "client_id_issued_at": 1530863875,
    "client_secret_expires_at": 1530950275,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8c1f6e6e-7681-4363-90aa-7fa47f4bc1b4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:55 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6B6D.A307.88C6.6402",
    "client_secret": "21a4432a-4b6f-453b-b354-a6e3f2131f18",
    "registration_access_token": "8c1f6e6e-7681-4363-90aa-7fa47f4bc1b4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6B6D.A307.88C6.6402",
    "client_id_issued_at": 1530863875,
    "client_secret_expires_at": 1530950275,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216B6D.A307.88C6.6402&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ee30467a-aab3-4a49-9410-9ade1c76b059&prompt=consent
03:58:17.296 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:f0582203-3299-4ef1-a686-f51d9593993c
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216B6D.A307.88C6.6402&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ee30467a-aab3-4a49-9410-9ade1c76b059&prompt=consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=9a402fcd-17b4-4d8a-bcd1-671f709e6f00&scope=address+openid+profile+email&session_id=42c995e0-78ee-4afe-a712-d530387237b6&state=ee30467a-aab3-4a49-9410-9ade1c76b059&session_state=f0582203-3299-4ef1-a686-f51d9593993c

#######################################################
TEST: requestAuthorizationPromptLogin
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!235D.BD25.E259.90D1",
    "client_secret": "3a3d0568-73f8-46a8-b5c8-c1ca36c3fdc3",
    "registration_access_token": "6b029d59-49e1-47bc-885f-494049640c3c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!235D.BD25.E259.90D1",
    "client_id_issued_at": 1530863876,
    "client_secret_expires_at": 1530950276,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 6b029d59-49e1-47bc-885f-494049640c3c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:56 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!235D.BD25.E259.90D1",
    "client_secret": "3a3d0568-73f8-46a8-b5c8-c1ca36c3fdc3",
    "registration_access_token": "6b029d59-49e1-47bc-885f-494049640c3c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!235D.BD25.E259.90D1",
    "client_id_issued_at": 1530863876,
    "client_secret_expires_at": 1530950276,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21235D.BD25.E259.90D1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b289a718-19b0-4c54-8509-54477bb0fe15&prompt=login
03:58:18.532 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d50e2913-23d6-4862-a8ce-1de5abcc63d0
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21235D.BD25.E259.90D1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b289a718-19b0-4c54-8509-54477bb0fe15&prompt=login

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=f1fc7a33-0e71-43cd-9812-b205b679ec5f&scope=address+openid+profile+email&session_id=01f7f570-a050-4eb1-a1b1-848b8b8493cf&state=b289a718-19b0-4c54-8509-54477bb0fe15&session_state=d50e2913-23d6-4862-a8ce-1de5abcc63d0

#######################################################
TEST: requestAuthorizationPromptLoginConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E358.B84B.8A39.727F",
    "client_secret": "5621fb9b-d79a-4639-a880-4855608d87e5",
    "registration_access_token": "b460f9aa-b823-45d0-aa97-b9ce26814b13",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E358.B84B.8A39.727F",
    "client_id_issued_at": 1530863877,
    "client_secret_expires_at": 1530950277,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b460f9aa-b823-45d0-aa97-b9ce26814b13

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:57 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E358.B84B.8A39.727F",
    "client_secret": "5621fb9b-d79a-4639-a880-4855608d87e5",
    "registration_access_token": "b460f9aa-b823-45d0-aa97-b9ce26814b13",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E358.B84B.8A39.727F",
    "client_id_issued_at": 1530863877,
    "client_secret_expires_at": 1530950277,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E358.B84B.8A39.727F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c100bd3b-f940-47df-90d4-239058bdc515&prompt=login+consent
03:58:19.739 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b25c658f-4f36-4f00-b123-5882398ec18e
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E358.B84B.8A39.727F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c100bd3b-f940-47df-90d4-239058bdc515&prompt=login+consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=51eb89a5-870a-46ae-a599-a73453670cb6&scope=address+openid+profile+email&session_id=be00eb09-0785-4197-a411-88d1b508a19d&state=c100bd3b-f940-47df-90d4-239058bdc515&session_state=b25c658f-4f36-4f00-b123-5882398ec18e

#######################################################
TEST: requestAuthorizationPromptLoginConsentTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F19F.3072.C211.77B2",
    "client_secret": "e52b81b0-0f9d-4fc1-84c0-14c8f6bf047b",
    "registration_access_token": "8a99de47-b344-4497-ad85-3d3ef3c3ec9c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F19F.3072.C211.77B2",
    "client_id_issued_at": 1530863878,
    "client_secret_expires_at": 1530950278,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8a99de47-b344-4497-ad85-3d3ef3c3ec9c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:58 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F19F.3072.C211.77B2",
    "client_secret": "e52b81b0-0f9d-4fc1-84c0-14c8f6bf047b",
    "registration_access_token": "8a99de47-b344-4497-ad85-3d3ef3c3ec9c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F19F.3072.C211.77B2",
    "client_id_issued_at": 1530863878,
    "client_secret_expires_at": 1530950278,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F19F.3072.C211.77B2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d38e6b39-5c87-4499-9f6b-500f19c2f346&prompt=login+consent
03:58:20.961 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:6a6271e5-9b07-42b6-96c5-39af4fbe04a0
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F19F.3072.C211.77B2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d38e6b39-5c87-4499-9f6b-500f19c2f346&prompt=login+consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=fa79ded2-ea7b-41e0-a4bd-b18ea98b34bd&scope=address+openid+profile+email&session_id=7ea43c50-4f70-4d35-9268-8f539cb30608&state=d38e6b39-5c87-4499-9f6b-500f19c2f346&session_state=6a6271e5-9b07-42b6-96c5-39af4fbe04a0

#######################################################
TEST: requestAuthorizationPromptNoneFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:57:59 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B082.DE88.2163.9328",
    "client_secret": "60e76a27-a5f4-46f5-9cd9-9b1e0d20a0a1",
    "registration_access_token": "48c04418-c815-442b-bc95-3f6cab0768ea",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B082.DE88.2163.9328",
    "client_id_issued_at": 1530863880,
    "client_secret_expires_at": 1530950280,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 48c04418-c815-442b-bc95-3f6cab0768ea

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B082.DE88.2163.9328",
    "client_secret": "60e76a27-a5f4-46f5-9cd9-9b1e0d20a0a1",
    "registration_access_token": "48c04418-c815-442b-bc95-3f6cab0768ea",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B082.DE88.2163.9328",
    "client_id_issued_at": 1530863880,
    "client_secret_expires_at": 1530950280,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B082.DE88.2163.9328&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=62e7a2ae-4dd3-42d9-bc3c-0b134f421d6b&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:58:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+Authorization+Server+requires+End-User+authentication.+This+error+MAY+be+returned+when+the+prompt+parameter+in+the+Authorization+Request+is+set+to+none+to+request+that+the+Authorization+Server+should+not+display+any+user+interfaces+to+the+End-User%2C+but+the+Authorization+Request+cannot+be+completed+without+displaying+a+user+interface+for+user+authentication.&state=62e7a2ae-4dd3-42d9-bc3c-0b134f421d6b&error=login_required
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationPromptLoginConsent
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A11.935A.F986.2B0A",
    "client_secret": "af512570-4875-4703-838e-6c91af544c25",
    "registration_access_token": "d5d478b3-3a14-48b6-8da2-60b58b696076",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A11.935A.F986.2B0A",
    "client_id_issued_at": 1530863880,
    "client_secret_expires_at": 1530950280,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer d5d478b3-3a14-48b6-8da2-60b58b696076

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A11.935A.F986.2B0A",
    "client_secret": "af512570-4875-4703-838e-6c91af544c25",
    "registration_access_token": "d5d478b3-3a14-48b6-8da2-60b58b696076",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3A11.935A.F986.2B0A",
    "client_id_issued_at": 1530863880,
    "client_secret_expires_at": 1530950280,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213A11.935A.F986.2B0A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8772d174-87c5-40e3-9b06-cbc4f43a1efd&prompt=none+login+consent

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:58:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=8772d174-87c5-40e3-9b06-cbc4f43a1efd&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationPromptNoneTrustedClient
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!891E.3B54.CF20.A67C",
    "client_secret": "45860e62-5a0d-4ea5-9a88-7fb567b4a9a7",
    "registration_access_token": "c1d492dc-2dc5-4a63-9538-9d1bb191870b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!891E.3B54.CF20.A67C",
    "client_id_issued_at": 1530863880,
    "client_secret_expires_at": 1530950280,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer c1d492dc-2dc5-4a63-9538-9d1bb191870b

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!891E.3B54.CF20.A67C",
    "client_secret": "45860e62-5a0d-4ea5-9a88-7fb567b4a9a7",
    "registration_access_token": "c1d492dc-2dc5-4a63-9538-9d1bb191870b",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!891E.3B54.CF20.A67C",
    "client_id_issued_at": 1530863880,
    "client_secret_expires_at": 1530950280,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21891E.3B54.CF20.A67C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=589508fc-9852-4252-bd6c-ac6646c54b0b&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:58:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=1275c8f2-9ef4-4756-b85f-dfaccbdefe62&scope=address+openid+profile+email&session_id=095ca8cb-41e9-4d1d-abb7-fa339126832b&state=589508fc-9852-4252-bd6c-ac6646c54b0b&session_state=eea15f24-672f-4f9d-94ae-de09811bedbe
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!10EC.CB2D.962E.BC0F",
    "client_secret": "49fe1f23-aa5f-4ac3-9cb9-b992fc297bf6",
    "registration_access_token": "11a6af50-235c-49a4-94fd-40649fb06be6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!10EC.CB2D.962E.BC0F",
    "client_id_issued_at": 1530863880,
    "client_secret_expires_at": 1530950280,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 11a6af50-235c-49a4-94fd-40649fb06be6

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!10EC.CB2D.962E.BC0F",
    "client_secret": "49fe1f23-aa5f-4ac3-9cb9-b992fc297bf6",
    "registration_access_token": "11a6af50-235c-49a4-94fd-40649fb06be6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!10EC.CB2D.962E.BC0F",
    "client_id_issued_at": 1530863880,
    "client_secret_expires_at": 1530950280,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2110EC.CB2D.962E.BC0F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=589e096e-931f-4a40-b8ec-490e38920d3a&nonce=ba71d94c-e578-4c2e-bb3b-1939baa6abad
03:58:23.071 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:ca4bef5d-b980-4735-8579-7a983a5eeb69
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2110EC.CB2D.962E.BC0F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=589e096e-931f-4a40-b8ec-490e38920d3a&nonce=ba71d94c-e578-4c2e-bb3b-1939baa6abad

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=83e8e70c-dbd0-4774-9d8a-de0a7baa58a0&scope=address+openid+profile+email&session_id=f5fc8b59-9b0b-43c8-b720-335ccc6523db&state=589e096e-931f-4a40-b8ec-490e38920d3a&token_type=bearer&session_state=ca4bef5d-b980-4735-8579-7a983a5eeb69&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCode
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9CE9.D5D2.808C.DB14",
    "client_secret": "12c2627d-8ac2-482c-9d85-f49ee5d3e9d2",
    "registration_access_token": "4f7bb5cf-446c-4318-b337-0c87023d3c29",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9CE9.D5D2.808C.DB14",
    "client_id_issued_at": 1530863882,
    "client_secret_expires_at": 1530950282,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 4f7bb5cf-446c-4318-b337-0c87023d3c29

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:02 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9CE9.D5D2.808C.DB14",
    "client_secret": "12c2627d-8ac2-482c-9d85-f49ee5d3e9d2",
    "registration_access_token": "4f7bb5cf-446c-4318-b337-0c87023d3c29",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9CE9.D5D2.808C.DB14",
    "client_id_issued_at": 1530863882,
    "client_secret_expires_at": 1530950282,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219CE9.D5D2.808C.DB14&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9850d040-0dd1-4e8e-8e86-3e6c8dc4b05e&nonce=0b0380c9-d74f-42e2-b9f3-12d70ccdab28
03:58:24.345 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:82b4bcd2-7ccb-4d60-ae73-359e4496895c
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219CE9.D5D2.808C.DB14&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9850d040-0dd1-4e8e-8e86-3e6c8dc4b05e&nonce=0b0380c9-d74f-42e2-b9f3-12d70ccdab28

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=58330b6c-fd15-47b1-8c88-bc9230bcf43f&code=95936774-4b86-48c5-9e18-b2b62c3755de&scope=address+openid+profile+email&session_id=4268cd6f-d7a5-4dab-8ad1-16fd0e0d581a&state=9850d040-0dd1-4e8e-8e86-3e6c8dc4b05e&token_type=bearer&session_state=82b4bcd2-7ccb-4d60-ae73-359e4496895c&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCodeIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9EA8.3E2C.67D3.A298",
    "client_secret": "db8b8450-f4ba-49cd-9fe9-1e29a8181853",
    "registration_access_token": "ab64f8ee-e6ef-498e-9d7d-30da4a8bc7d3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9EA8.3E2C.67D3.A298",
    "client_id_issued_at": 1530863883,
    "client_secret_expires_at": 1530950283,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer ab64f8ee-e6ef-498e-9d7d-30da4a8bc7d3

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:03 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9EA8.3E2C.67D3.A298",
    "client_secret": "db8b8450-f4ba-49cd-9fe9-1e29a8181853",
    "registration_access_token": "ab64f8ee-e6ef-498e-9d7d-30da4a8bc7d3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9EA8.3E2C.67D3.A298",
    "client_id_issued_at": 1530863883,
    "client_secret_expires_at": 1530950283,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219EA8.3E2C.67D3.A298&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=51377f8c-3b37-4841-8893-fbfeb8d85f42&nonce=9f23f1cf-476b-42cf-bd19-f116a93874a5
03:58:25.596 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4ffc813b-85ed-424e-9244-33be0e4c9176
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219EA8.3E2C.67D3.A298&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=51377f8c-3b37-4841-8893-fbfeb8d85f42&nonce=9f23f1cf-476b-42cf-bd19-f116a93874a5

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=0c06bd95-8d97-43b5-b1a7-0a6765770902&code=e9e14d54-306d-457c-8e8b-ff13329d7161&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5RUE4LjNFMkMuNjdEMy5BMjk4IiwiZXhwIjoxNTMwODY3NDg0LCJpYXQiOjE1MzA4NjM4ODQsIm5vbmNlIjoiOWYyM2YxY2YtNDc2Yi00MmNmLWJkMTktZjExNmE5Mzg3NGE1IiwiYXV0aF90aW1lIjoxNTMwODYzODg0LCJjX2hhc2giOiJHSGM3UXpUYnp1VmxxR1dVYlZiQXl3IiwiYXRfaGFzaCI6Il9UNEc1TTdLZVItYm40Qi0ybG15YVEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJ5MVBLd2ZaWFh6bFd0bmRQcFVRcFNHU0RuWUgtQWNQUkl2aHNGd1pRdUVvIn0.E6iIJscdEqdj4Dh4cT0Lu51fWPe1NL5uc5QihSu04CBgozijAXjMf8dekFKlpAbTsWTJBtAREj5UgMGwumnWJS5k56syjbwdGVY7RA1biUDMqeQbe9iNDoWv18Y1-a55P_fb715KUxpjf-IEa0E_ilECEt14H26UhKmufelNOjXp2uuUGXGax8z9J2_2_Iqc-BqZD-iVNQTfvWHE07zbE_h9lQNI3-7qvwEwTodChrXaLF-OJqDHlrnCxlRue0Cmd1TqPhQM6RKJezodMWu1pLCblxvHnFcpHPTQ7UsWoX1f0rR0uLtFYxD9e7dPLradcjeqkq9NylEbUwtSMce7wg&session_id=cab3944c-9a70-4ce8-8785-a3c8db457782&state=51377f8c-3b37-4841-8893-fbfeb8d85f42&token_type=bearer&session_state=4ffc813b-85ed-424e-9244-33be0e4c9176&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCodeIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA01.7DDF.F069.1C3E",
    "client_secret": "437fbd49-9d1c-4e0b-8582-0f62e70a6eae",
    "registration_access_token": "8e3c6252-59ae-4e9d-bd47-83e3bc84ace4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA01.7DDF.F069.1C3E",
    "client_id_issued_at": 1530863884,
    "client_secret_expires_at": 1530950284,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 8e3c6252-59ae-4e9d-bd47-83e3bc84ace4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:04 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA01.7DDF.F069.1C3E",
    "client_secret": "437fbd49-9d1c-4e0b-8582-0f62e70a6eae",
    "registration_access_token": "8e3c6252-59ae-4e9d-bd47-83e3bc84ace4",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA01.7DDF.F069.1C3E",
    "client_id_issued_at": 1530863884,
    "client_secret_expires_at": 1530950284,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DA01.7DDF.F069.1C3E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5beaf7fe-089b-447c-a13c-e2f8a4b47d35&nonce=e132a18e-59ce-4e46-b337-f8d97d941910
03:58:26.932 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:48fbee3c-058e-4fb2-8c30-c3bf3a0610c4
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DA01.7DDF.F069.1C3E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5beaf7fe-089b-447c-a13c-e2f8a4b47d35&nonce=e132a18e-59ce-4e46-b337-f8d97d941910

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=08689a1e-7a42-4b2d-bb6a-89dcc0da14be&code=db1a2285-4160-4cc5-9a05-0f34f9b2e3ea&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQTAxLjdEREYuRjA2OS4xQzNFIiwiZXhwIjoxNTMwODY3NDg1LCJpYXQiOjE1MzA4NjM4ODUsIm5vbmNlIjoiZTEzMmExOGUtNTljZS00ZTQ2LWIzMzctZjhkOTdkOTQxOTEwIiwiYXV0aF90aW1lIjoxNTMwODYzODg1LCJjX2hhc2giOiJhM2xQNDBzdl92R1dIdE5WU1pENFRBIiwiYXRfaGFzaCI6IndoOFppZS1qUXdFazJ1REw0MkVOMWciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJISHNrUEJzV0g1akpnNkhyM290YWtEOEVDVGotOHdTalB5Zl9Lb0FBaENVIn0.e8ttJOrp4CMfq3_J7JDE_rB-ZKOFo98eKLBjpfpdhL-Vfdv6F5xJklG5b-wsqaXPrNXWVnX0g2Nke6kAV23QEwUFSe0ELUBUFqSdFtuTtIT5iZVoXkjDBqP_ik_IPyjMNIHLy68AjQ9zRyzT7bwbdpic63-2LsSTDdsRDVEg_sAqo8BUxkaSFZCHrZgfDeuSmNx6WS98sg3tcIUXRFyaKJ9M-ktkpCku8Udho1YXCVfhRmjxd4bi21N8a68eXPWPCuVqkS_tQ4Q5XXvVyzRx_i6tlIuDQOGKj6iis71kyxtxMOzf4bzuEnMeMcmZw7HgycN84rRigAcVaDUGqUjBwg&session_id=82a3ad73-df7b-4775-b9a3-ddf367fc3463&state=5beaf7fe-089b-447c-a13c-e2f8a4b47d35&token_type=bearer&session_state=48fbee3c-058e-4fb2-8c30-c3bf3a0610c4&expires_in=299

#######################################################
TEST: requestAuthorizationTokenCodeUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:05 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B5D6.6D9E.E32D.1C19",
    "client_secret": "46fcf2ca-cd20-4c88-9950-9e7e0f90a4ab",
    "registration_access_token": "a923ae02-7e9f-4986-be43-0ba5e852fd6e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B5D6.6D9E.E32D.1C19",
    "client_id_issued_at": 1530863886,
    "client_secret_expires_at": 1530950286,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer a923ae02-7e9f-4986-be43-0ba5e852fd6e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1405
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:06 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B5D6.6D9E.E32D.1C19",
    "client_secret": "46fcf2ca-cd20-4c88-9950-9e7e0f90a4ab",
    "registration_access_token": "a923ae02-7e9f-4986-be43-0ba5e852fd6e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B5D6.6D9E.E32D.1C19",
    "client_id_issued_at": 1530863886,
    "client_secret_expires_at": 1530950286,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B5D6.6D9E.E32D.1C19&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cbedbed6-5a76-4317-9d23-231c01dc2a92&nonce=3ad017a0-8766-4cc4-96e5-e9096b7d089e
03:58:28.188 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:d6c16cc0-78b5-4d4f-9a71-62aae4522d1c
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B5D6.6D9E.E32D.1C19&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cbedbed6-5a76-4317-9d23-231c01dc2a92&nonce=3ad017a0-8766-4cc4-96e5-e9096b7d089e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=5402bba9-4d98-46c2-a7c7-a026affae52b&code=eaca3338-531a-495a-ace5-a18f8b05658c&scope=address+openid+profile+email&session_id=a963c7c0-f5fb-4080-9c5d-8001cff409e2&state=cbedbed6-5a76-4317-9d23-231c01dc2a92&token_type=bearer&session_state=d6c16cc0-78b5-4d4f-9a71-62aae4522d1c&expires_in=299

#######################################################
TEST: requestAuthorizationTokenFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0402ecba-e74a-445c-bf86-810efe5ccdb2

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 400
Connection: close
Content-Length: 222
Content-Type: text/plain
Date: Fri, 06 Jul 2018 07:58:07 GMT
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed.","state":"0402ecba-e74a-445c-bf86-810efe5ccdb2"}

#######################################################
TEST: requestAuthorizationTokenFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62A6.EFA9.7C68.6A48",
    "client_secret": "6cb1cad8-7b56-4575-b468-15e76c4db6f2",
    "registration_access_token": "803a2b33-2bee-4ba4-91b0-375664831eee",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62A6.EFA9.7C68.6A48",
    "client_id_issued_at": 1530863887,
    "client_secret_expires_at": 1530950287,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 803a2b33-2bee-4ba4-91b0-375664831eee

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62A6.EFA9.7C68.6A48",
    "client_secret": "6cb1cad8-7b56-4575-b468-15e76c4db6f2",
    "registration_access_token": "803a2b33-2bee-4ba4-91b0-375664831eee",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62A6.EFA9.7C68.6A48",
    "client_id_issued_at": 1530863887,
    "client_secret_expires_at": 1530950287,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2162A6.EFA9.7C68.6A48&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cbdddfd1-fc55-44e7-942b-ec36aaf98290&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:58:07 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=cbdddfd1-fc55-44e7-942b-ec36aaf98290&error=invalid_request
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



#######################################################
TEST: requestAuthorizationTokenIdToken
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DFF9.F947.BA86.E08A",
    "client_secret": "fca99e6d-034b-4b9a-8263-cec4de18920a",
    "registration_access_token": "45be3c74-51ae-4b82-9190-1615a4cc89ad",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DFF9.F947.BA86.E08A",
    "client_id_issued_at": 1530863887,
    "client_secret_expires_at": 1530950287,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 45be3c74-51ae-4b82-9190-1615a4cc89ad

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:07 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DFF9.F947.BA86.E08A",
    "client_secret": "fca99e6d-034b-4b9a-8263-cec4de18920a",
    "registration_access_token": "45be3c74-51ae-4b82-9190-1615a4cc89ad",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DFF9.F947.BA86.E08A",
    "client_id_issued_at": 1530863887,
    "client_secret_expires_at": 1530950287,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DFF9.F947.BA86.E08A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b3492b41-23b9-4333-9f07-c13069bb75ea&nonce=1bee7f14-436f-45ee-bed7-144bec14e54f
03:58:29.862 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:50b04bd4-01d2-4ca9-afb8-98da23ed4a41
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DFF9.F947.BA86.E08A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b3492b41-23b9-4333-9f07-c13069bb75ea&nonce=1bee7f14-436f-45ee-bed7-144bec14e54f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=60ca05b9-4451-48fb-84da-992839443006&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFERkY5LkY5NDcuQkE4Ni5FMDhBIiwiZXhwIjoxNTMwODY3NDg4LCJpYXQiOjE1MzA4NjM4ODgsIm5vbmNlIjoiMWJlZTdmMTQtNDM2Zi00NWVlLWJlZDctMTQ0YmVjMTRlNTRmIiwiYXV0aF90aW1lIjoxNTMwODYzODg4LCJhdF9oYXNoIjoic0ZmejJiVC1icFFKODhCbzlkTHI5ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Inh6ODZkR2NuOHc3d2RsRVdhSmd0ekl3N21MZGNjNnBoZVpXLUM1SHJwTTQifQ.B6r3f82MWekXd3McPFmMtAOXbbbGRGZH1G1NbWGYfH6PVDC11b8rPd8hDijBQ_WNFOJ91A6kPyVjcxlSznOOla89fsV6dhy-uCD2RlJPiByXgnxDLqeXf5UpPg4ldxfr67EOK2r02IonR_jvgzj1PjCsHhY2a2Rf95g07LxZdalMO2obUrXZCkJNcI8sh3pZfsZVqWnaoL9udXFlL5dH00rttyCZ-iG8YN8OxN0EHUuE2UonnKkAjkNURM6KX39XTzJJYeR2rj3tvCe01tG-jAEv-DiBYNwbeaerIRTUkCyHjaePOGmkaNETKEWzb2dTgoLsynJ7CcfyZHsWnw9zSA&session_id=c21e53a5-57b0-4605-bda9-35bd5378ea1d&state=b3492b41-23b9-4333-9f07-c13069bb75ea&token_type=bearer&session_state=50b04bd4-01d2-4ca9-afb8-98da23ed4a41&expires_in=299

#######################################################
TEST: requestAuthorizationTokenIdTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "token",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:08 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F9B6.8D77.930C.7C74",
    "client_secret": "70f8e078-ad15-4670-b01b-fb8f568de9e3",
    "registration_access_token": "9dbdb101-d7a9-4fcf-8165-6ea5d781955e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F9B6.8D77.930C.7C74",
    "client_id_issued_at": 1530863889,
    "client_secret_expires_at": 1530950289,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 9dbdb101-d7a9-4fcf-8165-6ea5d781955e

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1340
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:09 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F9B6.8D77.930C.7C74",
    "client_secret": "70f8e078-ad15-4670-b01b-fb8f568de9e3",
    "registration_access_token": "9dbdb101-d7a9-4fcf-8165-6ea5d781955e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F9B6.8D77.930C.7C74",
    "client_id_issued_at": 1530863889,
    "client_secret_expires_at": 1530950289,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "id_token",
        "token"
    ],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F9B6.8D77.930C.7C74&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8df7b6ef-585b-4aea-b5c6-883f80fb1d9c&nonce=55999ef2-77ed-4b4d-852a-31dba6ff9bd9
03:58:31.212 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:972e421e-8434-4192-ad39-121468918c63
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F9B6.8D77.930C.7C74&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8df7b6ef-585b-4aea-b5c6-883f80fb1d9c&nonce=55999ef2-77ed-4b4d-852a-31dba6ff9bd9

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=bee24731-86f3-469b-8e54-3ae56df9051c&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGOUI2LjhENzcuOTMwQy43Qzc0IiwiZXhwIjoxNTMwODY3NDkwLCJpYXQiOjE1MzA4NjM4OTAsIm5vbmNlIjoiNTU5OTllZjItNzdlZC00YjRkLTg1MmEtMzFkYmE2ZmY5YmQ5IiwiYXV0aF90aW1lIjoxNTMwODYzODg5LCJhdF9oYXNoIjoiaHlMZEMzUGdtSVB5UDJjamdwRU9adyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InNTM2p3MkIyT0l1b084T3pWeUpQMDlQQ1psalpfd0tkM1JQSXdtOTFMQjAifQ.F-xIrC7HHTn74xJFPu4gQA937nr5jEpAWfUiwgJhlrXJcj5X3FMq1KW93cKfgprT28vLH0jP0eNQj7TOgAmGnk2hEgFMddUJiBK2F8i6ci1V6OwqwsrQRViYPLrVKoD2gro_M1hfKN5kGZZ0TNgCC6DgpWyIbFwIVNxHSpWWC17By5o7PZSr7SuNDBEZMP33-286G1ZBCTswzu2nOWZVe0mSdAwf7WvaHuYZOZ5qzjHsfXRDnZ_AaP9nOmCm2ITt1Cc_O1RBViasWSDmPXTQRoE3yTu3pfHvXarVTEqrlwEwLo8LpF2BVokm_QfwUWA6TEFSYssvxfyYvYR5wve4IQ&session_id=9e7d4639-d493-47f2-ad79-89f81f1bb9d7&state=8df7b6ef-585b-4aea-b5c6-883f80fb1d9c&token_type=bearer&session_state=972e421e-8434-4192-ad39-121468918c63&expires_in=299

#######################################################
TEST: requestAuthorizationTokenUserBasicAuth
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["token"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8CB9.C91E.EE70.FB27",
    "client_secret": "db33bf4e-5ec4-4ce6-8d89-c32329bae6f0",
    "registration_access_token": "f9846397-e7c1-43e3-b66a-2e1f39d80544",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8CB9.C91E.EE70.FB27",
    "client_id_issued_at": 1530863890,
    "client_secret_expires_at": 1530950290,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer f9846397-e7c1-43e3-b66a-2e1f39d80544

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1306
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:10 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8CB9.C91E.EE70.FB27",
    "client_secret": "db33bf4e-5ec4-4ce6-8d89-c32329bae6f0",
    "registration_access_token": "f9846397-e7c1-43e3-b66a-2e1f39d80544",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8CB9.C91E.EE70.FB27",
    "client_id_issued_at": 1530863890,
    "client_secret_expires_at": 1530950290,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["token"],
    "grant_types": ["implicit"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218CB9.C91E.EE70.FB27&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=162ceb65-75fe-4c26-93bc-04cdc624a945&nonce=4188b8d3-8fda-4d41-84f2-41d91b682cfb
03:58:32.503 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4620bfff-3ef8-43ee-81d4-553cbb77325d
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218CB9.C91E.EE70.FB27&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=162ceb65-75fe-4c26-93bc-04cdc624a945&nonce=4188b8d3-8fda-4d41-84f2-41d91b682cfb

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=867c9cbc-5b1e-42a8-9b42-c95bca31d0b3&scope=address+openid+profile+email&session_id=e30434b9-d303-4cf4-9c77-839365ab903c&state=162ceb65-75fe-4c26-93bc-04cdc624a945&token_type=bearer&session_state=4620bfff-3ef8-43ee-81d4-553cbb77325d&expires_in=299

#######################################################
TEST: requestAuthorizationWithoutScope
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "id_token"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5AC3.4259.30C7.B2D4",
    "client_secret": "83f72ba6-b6cd-4cc7-a5b7-abfa762fff78",
    "registration_access_token": "315f6e39-619b-42a0-9445-ce2f64c6e31f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5AC3.4259.30C7.B2D4",
    "client_id_issued_at": 1530863891,
    "client_secret_expires_at": 1530950291,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 315f6e39-619b-42a0-9445-ce2f64c6e31f

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1425
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:11 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5AC3.4259.30C7.B2D4",
    "client_secret": "83f72ba6-b6cd-4cc7-a5b7-abfa762fff78",
    "registration_access_token": "315f6e39-619b-42a0-9445-ce2f64c6e31f",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5AC3.4259.30C7.B2D4",
    "client_id_issued_at": 1530863891,
    "client_secret_expires_at": 1530950291,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

authenticateResourceOwnerAndGrantAccess: Cleaning cookies
authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215AC3.4259.30C7.B2D4&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=526a9204-8b84-4574-b451-532bd1ba5e83&nonce=a29180c0-32f2-462e-bc19-ece882a79e5c
03:58:33.744 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:4acc4394-81da-433e-99e3-039fc872bb30
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215AC3.4259.30C7.B2D4&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=526a9204-8b84-4574-b451-532bd1ba5e83&nonce=a29180c0-32f2-462e-bc19-ece882a79e5c

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=81ad3af8-60f0-4baf-907b-56975f8e67f0&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1QUMzLjQyNTkuMzBDNy5CMkQ0IiwiZXhwIjoxNTMwODY3NDkyLCJpYXQiOjE1MzA4NjM4OTIsIm5vbmNlIjoiYTI5MTgwYzAtMzJmMi00NjJlLWJjMTktZWNlODgyYTc5ZTVjIiwiYXV0aF90aW1lIjoxNTMwODYzODkyLCJjX2hhc2giOiJ2TzBnVG1haWIxLTVhNWNuT0l6UW13Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiUFZsUTVnOVpMcElLWW1seVZselFsekc0RUx3enZnbmJsWEdOUGpRNzdFMCJ9.e8T1DN-gNdQbEE74flPRlT4I_1BbSgosuBiPpnxsOYNn82xGMRUHHa-iKdotDIlcnEK_TUY3y99fNMBrwrr17JnylNZhPLfgK8QNQxvJroM6NP0o0vyo7fbPAme97OuWkQ0nLgeTLU8iXgpxrVfsbJV7sBs-wcpGGLD121RmjgEqCgwihBfEpG-_CMUCP_5pGOCn4ADh6hBr5o2dNExVu2XjpzTX_2_-ucqAJA6bDbUcpHRRIoDUVjZ3aSjtSAxBx4gHFIss-1eD6Q01OxZOoAte-9bpJK4PIJzgm5Mw67Tg0KrIrhxdWZWS0inu3Cg4Nch-eH04kakhSh9cwvtnUw&session_id=3be43220-13cb-4a0d-8fa0-09b9614a386c&state=526a9204-8b84-4574-b451-532bd1ba5e83&session_state=4acc4394-81da-433e-99e3-039fc872bb30

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:12 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:12 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: requestSessionIdAuthorizationCode1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:12 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BD9A.2C6C.B35A.4AD7",
    "client_secret": "5cae7add-99d0-45a9-a573-4591f8cf2656",
    "registration_access_token": "79d2d58c-2c3f-4171-bceb-f35e1de4e681",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BD9A.2C6C.B35A.4AD7",
    "client_id_issued_at": 1530863892,
    "client_secret_expires_at": 1530950292,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 79d2d58c-2c3f-4171-bceb-f35e1de4e681

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:13 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BD9A.2C6C.B35A.4AD7",
    "client_secret": "5cae7add-99d0-45a9-a573-4591f8cf2656",
    "registration_access_token": "79d2d58c-2c3f-4171-bceb-f35e1de4e681",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BD9A.2C6C.B35A.4AD7",
    "client_id_issued_at": 1530863892,
    "client_secret_expires_at": 1530950292,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BD9A.2C6C.B35A.4AD7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=99dede46-6776-42d5-a181-5f1ac95100d8
03:58:35.132 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
waitForResourceOwnerAndGrantLoginForm: sessionState:481e15b4-521a-4fac-9eef-fae3a18a6885
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BD9A.2C6C.B35A.4AD7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=99dede46-6776-42d5-a181-5f1ac95100d8

authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BD9A.2C6C.B35A.4AD7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cc1a2fcd-89d6-40e3-b4d4-c7becce685d8
03:58:35.301 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:fb38e6f6-341d-4be4-a055-537d7898610c
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BD9A.2C6C.B35A.4AD7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cc1a2fcd-89d6-40e3-b4d4-c7becce685d8

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=40446807-e9a5-4a33-9675-a4274016349b&scope=address+openid+profile+email&session_id=974bd933-8204-413c-8b84-4b0f29b7051a&state=cc1a2fcd-89d6-40e3-b4d4-c7becce685d8&session_state=fb38e6f6-341d-4be4-a055-537d7898610c

#######################################################
TEST: requestSessionIdAuthorizationCode2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0376.1051.6828.1ABA",
    "client_secret": "59378a20-a337-4009-b6f0-da54d39d7dee",
    "registration_access_token": "b29bb736-ebee-4322-8abb-eb5211ac5578",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0376.1051.6828.1ABA",
    "client_id_issued_at": 1530863894,
    "client_secret_expires_at": 1530950294,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/register?{} HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer b29bb736-ebee-4322-8abb-eb5211ac5578

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1354
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:14 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0376.1051.6828.1ABA",
    "client_secret": "59378a20-a337-4009-b6f0-da54d39d7dee",
    "registration_access_token": "b29bb736-ebee-4322-8abb-eb5211ac5578",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0376.1051.6828.1ABA",
    "client_id_issued_at": 1530863894,
    "client_secret_expires_at": 1530950294,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210376.1051.6828.1ABA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8a998510-be15-4391-ab33-d3b1b316a836
03:58:36.440 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
waitForResourceOwnerAndGrantLoginForm: sessionState:3554bcf2-8377-4e34-a38f-ccf344d5f016
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210376.1051.6828.1ABA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8a998510-be15-4391-ab33-d3b1b316a836

authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210376.1051.6828.1ABA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=099c1675-491a-4269-9c15-9926a52737ba
03:58:36.624 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0]
authenticateResourceOwnerAndGrantAccess: sessionState:b54ea73e-870a-40dd-bde9-8e1997abfd41
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210376.1051.6828.1ABA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=099c1675-491a-4269-9c15-9926a52737ba

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=f0da7fc9-f2aa-4bd1-acae-6cd9837d65b2&scope=address+openid+profile+email&session_id=b95a7233-d90c-440c-a121-d5eafa6535b3&state=099c1675-491a-4269-9c15-9926a52737ba&session_state=b54ea73e-870a-40dd-bde9-8e1997abfd41

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:15 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:15 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: requestClientRegistrationWithCustomAttributes
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "response_types": [
        "code",
        "token",
        "id_token"
    ],
    "grant_types": ["password"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "oxAuthTrustedClient": "true",
    "myCustomAttr1": "113b4e4a-6211-4773-a164-70c2808b42d2"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1445
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:15 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F231.2599.2111.69E4",
    "client_secret": "633c4c46-6db5-46a9-8c3a-7073d32a6af3",
    "registration_access_token": "8b4f1de4-b5e4-491e-8086-3416af6758aa",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F231.2599.2111.69E4",
    "client_id_issued_at": 1530863895,
    "client_secret_expires_at": 1530950295,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [
        "code",
        "id_token",
        "token"
    ],
    "grant_types": [
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test",
    "claims": ""
}

#######################################################
TEST: requestAccessTokenCustomClientAuth1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/authorize HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA==

response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F231.2599.2111.69E4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bd73e602-7b4b-491e-bd49-f52352ef5532&nonce=3009be3b-deb6-40af-a0dd-346a223c0d59&prompt=none

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302
Connection: Keep-Alive
Content-Length: 0
Date: Fri, 06 Jul 2018 07:58:15 GMT
Keep-Alive: timeout=5, max=100
Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=2d8ac414-1e3e-47d5-98ee-7bd8ce548198&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGMjMxLjI1OTkuMjExMS42OUU0IiwiZXhwIjoxNTMwODY3NDk1LCJpYXQiOjE1MzA4NjM4OTUsIm5vbmNlIjoiMzAwOWJlM2ItZGViNi00MGFmLWEwZGQtMzQ2YTIyM2MwZDU5IiwiYXV0aF90aW1lIjoxNTMwODYzODk1LCJjX2hhc2giOiJxU05IM3o0dkttT3VKc0J0QUM1elNRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiTUxueTlaYlRrMTAyaVFhOFdxZDAwenFxYlQ2amVXbDlMMWRQQnh3MDItTSJ9.Vdxlx0me9KWw5qrMNnM_MALl0SNsZJHooSo1vsAYilmAC4Sths4GICo98_JekTmxCfTaem59bIQeWEQPRcmn1_Ju52tMkY6Fg2pK4nLYJl4p_9ssdycnIvnIeuotvmNRp42_ZZlaDlV4oGsd_oC1PUnpeXn1ZZuHJfcquHfGpl1lPQBY17Pcuv8FejPmwyF6nAxLLr7nr43BysBJ2lZ3qskPOHc7hfsQpXb91kwc5KgWrgO2KNvmgPWH9RB-TsTSd5cu7ukY3S0AP6Ikt773fwdIQoNOCtlqHFWrbnhs0DiRBri9tclWdO0E62lLjPWFpDxodbJ3pFJ2MLEDnvzjgw&session_id=e74be782-86bb-4359-9207-eab9f8a590bd&state=bd73e602-7b4b-491e-bd49-f52352ef5532&session_state=6b860b87-e11e-44fb-ae5e-0844585aa69d
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block



-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=authorization_code&code=2d8ac414-1e3e-47d5-98ee-7bd8ce548198&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&myCustomAttr1=113b4e4a-6211-4773-a164-70c2808b42d2

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1057
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"8f648a80-61ac-4bb6-8d5e-a3bc2d80406d","token_type":"bearer","expires_in":299,"refresh_token":"97fa240d-5a4e-488b-8f29-c795634aac6e","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGMjMxLjI1OTkuMjExMS42OUU0IiwiZXhwIjoxNTMwODY3NDk2LCJpYXQiOjE1MzA4NjM4OTYsIm5vbmNlIjoiMzAwOWJlM2ItZGViNi00MGFmLWEwZGQtMzQ2YTIyM2MwZDU5IiwiYXV0aF90aW1lIjoxNTMwODYzODk1LCJhdF9oYXNoIjoiV3lxdUdlbkpzN0pVT0hwTTdhOVp1dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik1Mbnk5WmJUazEwMmlRYThXcWQwMHpxcWJUNmplV2w5TDFkUEJ4dzAyLU0ifQ.Fg1Z7Cfm8X1s5au-0PB7ymCUFBW1IUOlprtqvBFVkNZl-dfDZjpRIOwcrm3mI-ou1c9FsKPy9-2w3bngNyT0GkL1crOjNZwI2wSTI_9rliXYxdx_R_H5wrJMFslKcucE86jQKblGC3FrpXODK3MVwlnlq11xHDHpX0n8PU4GWBxvpsO-pb5B7YCMxYWasxMHCpkYRr-k5ZBREHP-NeYMgKc2RTrorpPfL1eV5nbwZJPsAqWvrTHcoSIzhAxikl6ZjjB_ZOokCD5P2YayQ85spc5a9DvQte1atDYWfL7aCbDUx5aY9ahW0A3L8TF8ycruN2DdDr-XWO4TBep-sLv6pw"}

#######################################################
TEST: requestAccessTokenCustomClientAuth2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=password&scope=openid&username=test_user&password=test_user_password&myCustomAttr1=113b4e4a-6211-4773-a164-70c2808b42d2

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 934
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"feaedd8f-6dfe-41b0-8d0e-08bba1c60590","token_type":"bearer","expires_in":299,"refresh_token":"bcb96fb0-60fb-4e09-b00d-708d3f42a621","scope":"openid","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGMjMxLjI1OTkuMjExMS42OUU0IiwiZXhwIjoxNTMwODY3NDk2LCJpYXQiOjE1MzA4NjM4OTYsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik1Mbnk5WmJUazEwMmlRYThXcWQwMHpxcWJUNmplV2w5TDFkUEJ4dzAyLU0ifQ.VH0BcaQteLjU_eT5kOQka1Ryyfi40x8dSGnec8Kfwm7h-HR2zefL3DSM53GmNMVPRYgN0b4Zu9io70g6CB6biwg_63ok-rDCvFGwyNNM8xOn3DjJ3FNrGREpv8wo15zcIOQkp1MXd58ZRix4z7e8iRRZs_ZuZV0_0sk43FFoFr7AXz-2IB5NkQvmE2EibE7k5MU6XT2mlKO-Ex0blDSSLTd3IG7Ww8khePbN0xXwskfh-hKAvfhQkJ2wHUO163hFvXigvrS8_i3OMbTsfUkjQy3pL-0tsIy06SnUMSq0RrALNjRIiyD7aSv6IveccIFgNwX7fZRj7-H2lFL4QTENmw"}

#######################################################
TEST: OpenID Connect Discovery
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 181
Content-Type: application/jrd+json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:16 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "subject": "acct:test_user@ce-dev4.gluu.org",
    "links": [{
        "rel": "http://openid.net/specs/connect/1.0/issuer",
        "href": "https://ce-dev4.gluu.org"
    }]
}


OpenID Connect Configuration
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /.well-known/openid-configuration HTTP/1.1
Host: ce-dev4.gluu.org

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Connection: Keep-Alive
Content-Length: 6342
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:16 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "issuer": "https://ce-dev4.gluu.org",
    "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize",
    "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token",
    "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo",
    "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo",
    "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe",
    "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks",
    "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register",
    "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id",
    "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection",
    "scopes_supported": [
        "permission",
        "clientinfo",
        "email",
        "user_name",
        "sub",
        "org_name",
        "address",
        "openid",
        "test_scope1",
        "work_phone",
        "phone",
        "profile",
        "mobile_phone",
        "test"
    ],
    "response_types_supported": [
        "code",
        "code id_token",
        "code id_token token",
        "id_token",
        "id_token token",
        "token",
        "code token"
    ],
    "grant_types_supported": [
        "urn:ietf:params:oauth:grant-type:uma-ticket",
        "client_credentials",
        "refresh_token",
        "implicit",
        "password",
        "authorization_code"
    ],
    "acr_values_supported": [
        "super_gluu",
        "u2f",
        "otp",
        "basic",
        "auth_ldap_server"
    ],
    "auth_level_mapping": {
        "-1": ["auth_ldap_server"],
        "50": ["otp"],
        "100": ["basic"],
        "10": ["u2f"],
        "15": ["super_gluu"]
    },
    "subject_types_supported": [
        "public",
        "pairwise"
    ],
    "userinfo_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "userinfo_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "userinfo_encryption_enc_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "id_token_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "id_token_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "request_object_signing_alg_values_supported": [
        "none",
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "request_object_encryption_alg_values_supported": [
        "RSA1_5",
        "RSA-OAEP",
        "A128KW",
        "A256KW"
    ],
    "request_object_encryption_enc_values_supported": [
        "A128CBC+HS256",
        "A256CBC+HS512",
        "A128GCM",
        "A256GCM"
    ],
    "token_endpoint_auth_methods_supported": [
        "client_secret_basic",
        "client_secret_post",
        "client_secret_jwt",
        "private_key_jwt"
    ],
    "token_endpoint_auth_signing_alg_values_supported": [
        "HS256",
        "HS384",
        "HS512",
        "RS256",
        "RS384",
        "RS512",
        "ES256",
        "ES384",
        "ES512"
    ],
    "display_values_supported": [
        "page",
        "popup"
    ],
    "claim_types_supported": ["normal"],
    "claims_supported": [
        "birthdate",
        "country",
        "name",
        "email",
        "email_verified",
        "given_name",
        "gender",
        "inum",
        "family_name",
        "updated_at",
        "locale",
        "member_of",
        "middle_name",
        "nickname",
        "oxAuthAppType",
        "oxAuthIdTokenSignedResponseAlg",
        "oxAuthRedirectURI",
        "oxAuthScope",
        "phone_number_verified",
        "picture",
        "preferred_username",
        "profile",
        "zoneinfo",
        "user_name",
        "website"
    ],
    "service_documentation": "http://gluu.org/docs",
    "claims_locales_supported": ["en"],
    "ui_locales_supported": [
        "en",
        "es"
    ],
    "scope_to_claims_mapping": [
        {"permission": []},
        {"uma_protection": []},
        {"clientinfo": [
            "name",
            "inum",
            "oxAuthAppType",
            "oxAuthIdTokenSignedResponseAlg",
            "oxAuthRedirectURI",
            "oxAuthScope"
        ]},
        {"email": [
            "email_verified",
            "email"
        ]},
        {"user_name": ["user_name"]},
        {"sub": []},
        {"org_name": []},
        {"address": [
            "formatted",
            "postal_code",
            "street_address",
            "locality",
            "country",
            "region"
        ]},
        {"openid": []},
        {"test_scope1": []},
        {"work_phone": []},
        {"phone": [
            "phone_number_verified",
            "phone_number"
        ]},
        {"profile": [
            "name",
            "family_name",
            "given_name",
            "middle_name",
            "nickname",
            "preferred_username",
            "profile",
            "picture",
            "website",
            "gender",
            "birthdate",
            "zoneinfo",
            "locale",
            "updated_at"
        ]},
        {"mobile_phone": ["phone_mobile_number"]},
        {"test": ["member_of"]}
    ],
    "claims_parameter_supported": true,
    "request_parameter_supported": true,
    "request_uri_parameter_supported": true,
    "require_request_uri_registration": false,
    "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy",
    "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos",
    "frontchannel_logout_supported": true,
    "frontchannel_logout_session_supported": true
}


#######################################################
TEST: clientSecretBasicAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_basic",
    "scope": "openid profile address email clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1226
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CEAA.4822.4A9B.0B4B",
    "client_secret": "8cf16489-6544-4f10-b821-3c559dcc3584",
    "registration_access_token": "aba649ff-d2a0-47d1-92b6-1722eee7d0c5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CEAA.4822.4A9B.0B4B",
    "client_id_issued_at": 1530863896,
    "client_secret_expires_at": 1530950296,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "openid profile address email clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQ0VBQS40ODIyLjRBOUIuMEI0Qjo4Y2YxNjQ4OS02NTQ0LTRmMTAtYjgyMS0zYzU1OWRjYzM1ODQ=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"35bbccf2-a2bf-4d8c-bddc-5fd30cd929de","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 412
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CEAA.4822.4A9B.0B4B","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["openid","profile","address","email","clientinfo"]}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
GET /oxauth/restv1/userinfo HTTP/1.1
Host: ce-dev4.gluu.org
Authorization: Bearer 35bbccf2-a2bf-4d8c-bddc-5fd30cd929de

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 403
Connection: Keep-Alive
Content-Length: 126
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:16 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"insufficient_scope","error_description":"The request requires higher privileges than provided by the access token."}

#######################################################
TEST: clientSecretBasicAuthenticationMethodFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_basic",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1242
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!58E9.0F1F.736E.E157",
    "client_secret": "22a4a9f3-3ac4-4d81-93b3-a06b41a7b036",
    "registration_access_token": "ed94bb10-06ac-4886-bf04-f99fac954a0a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!58E9.0F1F.736E.E157",
    "client_id_issued_at": 1530863896,
    "client_secret_expires_at": 1530950296,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNThFOS4wRjFGLjczNkUuRTE1NzpJTlZBTElEX0NMSUVOVF9TRUNSRVQ=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:16 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!11E8.0BB1.E885.1161",
    "client_secret": "5fb1f628-5328-4824-8ab4-18a5d1de73db",
    "registration_access_token": "e924b316-abda-4d84-8f37-352ba8db23a0",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!11E8.0BB1.E885.1161",
    "client_id_issued_at": 1530863896,
    "client_secret_expires_at": 1530950296,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExMUU4LjBCQjEuRTg4NS4xMTYxIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMTFFOC4wQkIxLkU4ODUuMTE2MSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZjg1NmJhZTktYTg4MC00YWUzLTgzY2MtZGYxNjQ4ZGU1ZDM0IiwiZXhwIjoxNTMwODY0MjE4LCJpYXQiOjE1MzA4NjM5MTh9.DMaGrT0j7cdFdQRp46vlga6k4qiD5BSu3sZ2GYkH0yA

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"51b5cdb2-7bf6-43c0-b466-ac69c8e076bc","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:16 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!11E8.0BB1.E885.1161","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2F42.AFAB.47BB.E475",
    "client_secret": "90479908-8487-4eb9-a837-3c4fa8dec524",
    "registration_access_token": "20c4e9a9-62b9-453d-a198-476925c64f02",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2F42.AFAB.47BB.E475",
    "client_id_issued_at": 1530863897,
    "client_secret_expires_at": 1530950297,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyRjQyLkFGQUIuNDdCQi5FNDc1Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMkY0Mi5BRkFCLjQ3QkIuRTQ3NSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiY2ZhYjQwMjctZWE5OC00YWQzLTg2OWQtMGVmOTY0OWExMjMxIiwiZXhwIjoxNTMwODY0MjE5LCJpYXQiOjE1MzA4NjM5MTl9.VtSqXvtpNtiZuj-8iqBzcK-P4bxH2C4bUATk-7kfyrI

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:17 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5E26.5377.4911.12B9",
    "client_secret": "014d947e-9edf-4e8b-8d61-3d27f18ee112",
    "registration_access_token": "a4efaa18-2cc5-4018-be85-36e7d873b3e5",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5E26.5377.4911.12B9",
    "client_id_issued_at": 1530863897,
    "client_secret_expires_at": 1530950297,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1RTI2LjUzNzcuNDkxMS4xMkI5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNUUyNi41Mzc3LjQ5MTEuMTJCOSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMmJjYzc4NjMtMDg2Yy00ZTU1LWFjMGMtNDU1YjY0YzdkOGFhIiwiZXhwIjoxNTMwODY0MjE5LCJpYXQiOjE1MzA4NjM5MTl9.diTDpha_VgdXTKo-DEiFfhstDl5IYahJrGtDNAFJiNBp7SRkz97w7SG9_GPtccz_

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"5b3aa401-a124-47da-a774-8b92f2c64405","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5E26.5377.4911.12B9","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B14.951A.5BE5.4689",
    "client_secret": "d67291e1-87a9-41a1-8d86-b969d3a6c4b7",
    "registration_access_token": "4c7069a7-2b77-4696-bf45-21c48966cd5a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B14.951A.5BE5.4689",
    "client_id_issued_at": 1530863897,
    "client_secret_expires_at": 1530950297,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3QjE0Ljk1MUEuNUJFNS40Njg5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghN0IxNC45NTFBLjVCRTUuNDY4OSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYmViZWQyNGMtMzFhYy00MTAxLTliZjMtNDM4NzhkZWMwMGYyIiwiZXhwIjoxNTMwODY0MjE5LCJpYXQiOjE1MzA4NjM5MTl9.5-ym2LwesAuFI5pnLiLpanfKunsJWfggDrx3OSRnjnR2KDwOvzJUpJpawLuNjkcl

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:17 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1195
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0098.39FF.143E.9E0C",
    "client_secret": "6893da27-bb6b-46ed-93a5-603d9d6243ae",
    "registration_access_token": "25a64312-3af3-488b-b95a-2bfc53356761",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0098.39FF.143E.9E0C",
    "client_id_issued_at": 1530863897,
    "client_secret_expires_at": 1530950297,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwMDk4LjM5RkYuMTQzRS45RTBDIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMDA5OC4zOUZGLjE0M0UuOUUwQyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZGU0ZGU1MTEtMDQ5Yy00ZmMzLTg5ODctNjgyMzMwMzQwNzE4IiwiZXhwIjoxNTMwODY0MjE5LCJpYXQiOjE1MzA4NjM5MTl9.oMt-CUb4vi9a4ieVjoYYq63JX_B2UZJzt6SjOEsn6BeSAda_7qnXgQCmGeYOuC8e2pEpzLL-6y5V379yeyWmvA

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"584f0fc9-dad5-4bab-9128-d0ae0210cb84","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0098.39FF.143E.9E0C","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretJwtAuthenticationMethodHS512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1240
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!85D3.39CA.6495.ED39",
    "client_secret": "9388de18-a35d-40d0-a92c-5748b4296645",
    "registration_access_token": "ab48f065-ff0d-4beb-b4a1-30fe9647b4bf",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!85D3.39CA.6495.ED39",
    "client_id_issued_at": 1530863897,
    "client_secret_expires_at": 1530950297,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4NUQzLjM5Q0EuNjQ5NS5FRDM5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghODVEMy4zOUNBLjY0OTUuRUQzOSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZGYxZWM2OGEtNzExNC00ZDRkLWI2M2ItOWQxYTBiNzlhN2YzIiwiZXhwIjoxNTMwODY0MjE5LCJpYXQiOjE1MzA4NjM5MTl9.PYxw7-NE9gc98mZ3361tjpkiO7itgtcOs2It_CPRaxUPr-9Gxw6H3JbyuJlTct9EcMY-tWYlwwKnnVZr3ilMTw

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:17 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretPostAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1196
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:17 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!078A.9F80.ED20.F820",
    "client_secret": "47e3d00a-7a0b-434a-8f53-eeeff69aed65",
    "registration_access_token": "7fa69d86-a874-495f-b86f-5199047ef54a",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!078A.9F80.ED20.F820",
    "client_id_issued_at": 1530863898,
    "client_secret_expires_at": 1530950298,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21078A.9F80.ED20.F820&client_secret=47e3d00a-7a0b-434a-8f53-eeeff69aed65

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"211f1efe-b5cc-4900-bde1-6464a629d2c3","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!078A.9F80.ED20.F820","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: clientSecretPostAuthenticationMethodFail1
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DCEA.58BC.B161.B776",
    "client_secret": "d7f4f6c1-ddb2-4f8f-b8cf-6be6f667dec3",
    "registration_access_token": "f36aeaed-dd52-4e79-bf8c-0ada6571cec8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DCEA.58BC.B161.B776",
    "client_id_issued_at": 1530863898,
    "client_secret_expires_at": 1530950298,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DCEA.58BC.B161.B776&client_secret=INVALID_CLIENT_SECRET

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:18 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretPostAuthenticationMethodFail2
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!02AF.EBE0.1285.158A",
    "client_secret": "8fe7dd35-9bfd-4b94-9fd1-b9646a943719",
    "registration_access_token": "3c5b91fa-dab5-4434-8f3f-a9103035c7d6",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!02AF.EBE0.1285.158A",
    "client_id_issued_at": 1530863898,
    "client_secret_expires_at": 1530950298,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2102AF.EBE0.1285.158A

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:18 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: clientSecretPostAuthenticationMethodFail3
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "client_secret_post",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1241
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!361E.59F4.AAC4.E9E2",
    "client_secret": "85d28086-815c-42c8-a246-66e04be761ea",
    "registration_access_token": "17bf15c1-4cde-437c-aef0-1df9f1662751",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!361E.59F4.AAC4.E9E2",
    "client_id_issued_at": 1530863898,
    "client_secret_expires_at": 1530950298,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_post",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:18 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: defaultAuthenticationMethod
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1197
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D259.C865.6AE6.49DA",
    "client_secret": "0de6c371-d9ad-4e1c-80c8-1fcf6b67560e",
    "registration_access_token": "22aab44f-3117-458a-a48f-bd8a3bf2ec80",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D259.C865.6AE6.49DA",
    "client_id_issued_at": 1530863898,
    "client_secret_expires_at": 1530950298,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRDI1OS5DODY1LjZBRTYuNDlEQTowZGU2YzM3MS1kOWFkLTRlMWMtODBjOC0xZmNmNmI2NzU2MGU=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"e4ca7528-d9cf-4563-9013-62ee7d5c6992","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D259.C865.6AE6.49DA","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: defaultAuthenticationMethodFail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1242
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:18 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3F48.5896.5D48.A696",
    "client_secret": "b34f6a9d-ee1c-43c1-90d5-5fc6ff97c880",
    "registration_access_token": "715dba37-24bc-448a-a8e2-073db1e102b2",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3F48.5896.5D48.A696",
    "client_id_issued_at": 1530863898,
    "client_secret_expires_at": 1530950298,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "client_secret_basic",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org
Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxM0Y0OC41ODk2LjVENDguQTY5NjpJTlZBTElEX0NMSUVOVF9TRUNSRVQ=

grant_type=client_credentials&scope=clientinfo

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:19 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F7FB.BA37.6D85.C80A",
    "client_secret": "d2d79d7b-5ef6-4eae-8d3b-c8e4ab07fedc",
    "registration_access_token": "93655054-e32d-45df-8fd6-03a0717c2d47",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F7FB.BA37.6D85.C80A",
    "client_id_issued_at": 1530863899,
    "client_secret_expires_at": 1530950299,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGN0ZCLkJBMzcuNkQ4NS5DODBBIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRjdGQi5CQTM3LjZEODUuQzgwQSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNjIzZTQyMjItYzhiZi00NWFkLWE4NTctMWEwNGI4MWNmOWMxIiwiZXhwIjoxNTMwODY0MjIxLCJpYXQiOjE1MzA4NjM5MjF9.MEUCICASEl725WD3Qh9PKEHCJYxuJDMHeSn5SaZuyYLr3JqRAiEAlojvhSJJQqt-WTH5N9GsQMv9Sg10r3GIOqEU7JMx5DM

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"61636dbc-cf9a-4e70-a423-01e6d042abde","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F7FB.BA37.6D85.C80A","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!23C6.67CD.02EE.FA9B",
    "client_secret": "f6b8f3c8-c23d-42d0-8713-4e5d21900df6",
    "registration_access_token": "e6d978c5-4c71-4d65-958f-36baa5754687",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!23C6.67CD.02EE.FA9B",
    "client_id_issued_at": 1530863899,
    "client_secret_expires_at": 1530950299,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

03:58:41.664 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1312) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
03:58:41.773 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1314) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IkVTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyM0M2LjY3Q0QuMDJFRS5GQTlCIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMjNDNi42N0NELjAyRUUuRkE5QiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiOGEyMGU1ZGUtNmMxNi00OGM0LWEzMmMtMDQxOTliNmMwOWU2IiwiZXhwIjoxNTMwODY0MjIxLCJpYXQiOjE1MzA4NjM5MjF9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:19 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1BB4.2A15.37D5.BF68",
    "client_secret": "576f62c3-067c-498d-a156-14372bc7d136",
    "registration_access_token": "1de0c6f4-2c11-4330-8a03-b4585c29456e",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1BB4.2A15.37D5.BF68",
    "client_id_issued_at": 1530863899,
    "client_secret_expires_at": 1530950299,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQkI0LjJBMTUuMzdENS5CRjY4Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMUJCNC4yQTE1LjM3RDUuQkY2OCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiODZlMTM1N2MtNWZmMS00Mzc1LTkzZDUtNDJhYmRhODg4MWI2IiwiZXhwIjoxNTMwODY0MjIyLCJpYXQiOjE1MzA4NjM5MjJ9.MGYCMQDNu0N-77EID11YzF585l85z6xHPlTzvWtHek2UXui6KCYFxVN9GlBkpXbogDiA2FACMQC1IDnDor3oYnwxj4Bh6L1schShLlX1pUEwDYsDK2F_V2vZP16i8-2t-MVw_FOVxv4

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:19 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"20111eaa-2e9d-49b1-a7c8-070ff35d96c8","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1BB4.2A15.37D5.BF68","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1355.92A4.5F39.A1C5",
    "client_secret": "ab7dd572-08fb-4ca0-bd83-ca38263db075",
    "registration_access_token": "8a0b95a0-75cc-4165-adf7-85a96f862ab9",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1355.92A4.5F39.A1C5",
    "client_id_issued_at": 1530863900,
    "client_secret_expires_at": 1530950300,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

03:58:42.224 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1437) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
03:58:42.325 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1439) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6IkVTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExMzU1LjkyQTQuNUYzOS5BMUM1Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMTM1NS45MkE0LjVGMzkuQTFDNSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZWU3Zjg0YzAtNzA4Yi00ZjUwLWFhZDctZmM4NmE4ZGM3ZTkwIiwiZXhwIjoxNTMwODY0MjIyLCJpYXQiOjE1MzA4NjM5MjJ9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:20 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!768E.CD4C.8025.ED90",
    "client_secret": "19df38f2-a565-42ac-b328-7c74091d4110",
    "registration_access_token": "2093d302-1691-4d80-a45a-08bce1082c87",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!768E.CD4C.8025.ED90",
    "client_id_issued_at": 1530863900,
    "client_secret_expires_at": 1530950300,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3NjhFLkNENEMuODAyNS5FRDkwIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNzY4RS5DRDRDLjgwMjUuRUQ5MCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZjAxZjBlMTEtMmFmYy00MjlhLTkwZmEtNGU5YWFjZjRjZmY5IiwiZXhwIjoxNTMwODY0MjIyLCJpYXQiOjE1MzA4NjM5MjJ9.MIGIAkIBfbQn-CGG8irW6elJ9Bf6Na-XCxxXkjd-rvoTE9jY2E2LlKe4c90QUxDBbUskgcmVxNUj4j2LF5sXyXbwsPt1llgCQgCnyglLx-HcSF9WQdmocgrxdnpInjUMXFzUDtq-M-yWw3mSug3wVsUuTJuU8pu1-yIHeCNtKANgIM1_zIT-3nQ2zQ

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"1b3eb998-a774-4bda-a16c-f5f11c3d46f6","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!768E.CD4C.8025.ED90","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodES512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0EDC.0B0E.0DB5.C6BF",
    "client_secret": "eacb1707-c643-40c8-bb84-23be59bf3888",
    "registration_access_token": "b2808f4d-df60-4ab3-a640-58cc9193fe62",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0EDC.0B0E.0DB5.C6BF",
    "client_id_issued_at": 1530863900,
    "client_secret_expires_at": 1530950300,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

03:58:42.784 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1562) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
03:58:42.896 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException
java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException
	at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1564) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IkVTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwRURDLjBCMEUuMERCNS5DNkJGIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMEVEQy4wQjBFLjBEQjUuQzZCRiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNTE1OWU2NzQtYzgwYi00YTFmLWFhZjUtYmViYmJlZDM4OTg2IiwiZXhwIjoxNTMwODY0MjIyLCJpYXQiOjE1MzA4NjM5MjJ9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:20 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS256
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:20 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C18A.BED8.9852.84BF",
    "client_secret": "078ce12c-b902-4d9a-89f2-18dfc37a89e1",
    "registration_access_token": "d7b2af8e-eb97-4de7-a4a6-eb543a4fcd57",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C18A.BED8.9852.84BF",
    "client_id_issued_at": 1530863900,
    "client_secret_expires_at": 1530950300,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDMThBLkJFRDguOTg1Mi44NEJGIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQzE4QS5CRUQ4Ljk4NTIuODRCRiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZjg3MDJhNTEtODIzMy00YzkzLWJlODAtYzlkMTM5ZmYzYzEwIiwiZXhwIjoxNTMwODY0MjIzLCJpYXQiOjE1MzA4NjM5MjN9.EhZyaI0fl5io_MIxBBg4Jb6d7JPRwSQv8g0Dq3QGnfm-xmpPSFRHd6PrMw-BWglVNZR6fLdwf8bOyxL6gLZETLN4dJRlcdBGrwWREiEg8KnGkxfdgRz0PEObi3_srMrn84baC2UOQ1xcg9Yc5cSCpXCdH54QVfkCAlIAE3LwQl07Vc0Fi091t1f7ZMo28xtsh22riVWmFxZ-9NPpuN8qHyk_z-Ijn5m6j86JW-ZZEEzNv6B3vVqUvh8tNypDnn4YLgu76ehEVQXNIpxu0h5yFD5KSax3cUgfNgfBbuGdQVmtI4iJhYcNCEKX_bGPI3AC6FidVemZR-yovR2ds6NCiA

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"91898f43-05b3-4f42-868d-46ffbe2393c1","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C18A.BED8.9852.84BF","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS256Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!09E6.B930.8639.02DB",
    "client_secret": "818f9262-b5ed-43ec-a2a8-a3f27eff9e2f",
    "registration_access_token": "71f6274b-6260-4b42-aec7-174e555b3b7c",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!09E6.B930.8639.02DB",
    "client_id_issued_at": 1530863901,
    "client_secret_expires_at": 1530950301,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

03:58:43.324 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:937) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
03:58:43.425 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:939) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IlJTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwOUU2LkI5MzAuODYzOS4wMkRCIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMDlFNi5COTMwLjg2MzkuMDJEQiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiODZjMzZmYjEtNWQ2Ny00Y2Q2LWI2NTctZTUyMmFjODgwNmE1IiwiZXhwIjoxNTMwODY0MjIzLCJpYXQiOjE1MzA4NjM5MjN9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:21 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS384
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B8D5.4E65.583C.C2DD",
    "client_secret": "cfb7fe0b-2093-45d9-bcbe-5232670c8de8",
    "registration_access_token": "feed6341-f7ba-4e2b-b6fb-13c7344622b8",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B8D5.4E65.583C.C2DD",
    "client_id_issued_at": 1530863901,
    "client_secret_expires_at": 1530950301,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCOEQ1LjRFNjUuNTgzQy5DMkREIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQjhENS40RTY1LjU4M0MuQzJERCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZDRlMjFkODQtNGUxNy00OTZiLWI1ZjQtZWMxMGI4ZGM3NzUyIiwiZXhwIjoxNTMwODY0MjIzLCJpYXQiOjE1MzA4NjM5MjN9.C23L2anYvqp4WxlafuOM14Q75WPEcibYpqJrBgWTakOkjqE7_8JxgZTB5yu6j61jN9ukzoUrfHQZNltAiBKShTolpbxYfTN6ryaz66ZWAAC0a5iDpYzfIIMnQFp6GU41zCZ7RlWPH9a3I7ko036agdQ4DSQKKZ74T2Iq1uvF9h_HLIhX2zqRj0lRzEvIOv1d4XGiiRbAKUb3Z1lAKqi5ZpLTfm18gUC8cIATx4miuHTY2_Hh7cf7qvOjINfZqJQlWBbX4jgf9qjBPryskM2jUa9WnThk2-RlhBrq8P6wMYLuy6xzan2qr5fTAat0kuSABz2SFKOw9gW9jJ7ZNj_x2Q

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"79592494-829f-474d-92b8-3cce5dc37b4c","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B8D5.4E65.583C.C2DD","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS384Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D44F.E297.B831.CCE2",
    "client_secret": "fdb45908-d50b-4bee-843a-3de5159f1de7",
    "registration_access_token": "691b1c83-76cc-47f5-9204-a7e2dd8a294d",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D44F.E297.B831.CCE2",
    "client_id_issued_at": 1530863901,
    "client_secret_expires_at": 1530950301,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

03:58:43.826 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1062) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
03:58:43.929 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?]
	at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?]
	at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?]
	at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:766) [test-classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1064) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:375) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.privateRun(SuiteRunner.java:340) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.run(SuiteRunner.java:289) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.11.jar:?]
	at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesSequentially(TestNG.java:1301) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuitesLocally(TestNG.java:1226) [testng-6.11.jar:?]
	at org.testng.TestNG.runSuites(TestNG.java:1144) [testng-6.11.jar:?]
	at org.testng.TestNG.run(TestNG.java:1115) [testng-6.11.jar:?]
	at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1]
	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1]
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6IlJTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFENDRGLkUyOTcuQjgzMS5DQ0UyIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRDQ0Ri5FMjk3LkI4MzEuQ0NFMiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMTU1NzY4MjEtZDQ4Ny00MjNiLTgwYTItZDQ4OTQwN2E4YjE2IiwiZXhwIjoxNTMwODY0MjIzLCJpYXQiOjE1MzA4NjM5MjN9.

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 401
Connection: Keep-Alive
Content-Length: 586
Content-Type: application/json;charset=iso-8859-1
Date: Fri, 06 Jul 2018 07:58:21 GMT
Keep-Alive: timeout=5, max=100
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
WWW-Authenticate: Basic realm="oxAuth"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS512
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1276
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:21 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!708D.DEE3.0CC1.AE2E",
    "client_secret": "65081847-dc8a-4d7e-9c8f-7495433068b3",
    "registration_access_token": "72ba99f7-ffb7-43d2-bf6c-39116bce98a1",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!708D.DEE3.0CC1.AE2E",
    "client_id_issued_at": 1530863902,
    "client_secret_expires_at": 1530950302,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": [],
    "grant_types": ["client_credentials"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ce-dev4.gluu.org

grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3MDhELkRFRTMuMENDMS5BRTJFIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNzA4RC5ERUUzLjBDQzEuQUUyRSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNWIwNTJkODUtYmI0YS00MjlkLThlMzEtNDU3YmM2MzRlZDViIiwiZXhwIjoxNTMwODY0MjI0LCJpYXQiOjE1MzA4NjM5MjR9.UW3nkqfHdYOBG6Ogvml8PncjCHHSZsWl6nubtJk34V_6NjyesKNeq2ipOdOvyxWWNxtgOD1EIwY4IhPfvXqYHJ9fWDd0vWnIgFbhDoCQd-J5RJaQXnoYcbXbdNV6qJW8yz0zMngmM92DHGnDEzSQvIfsrENAPT_vsv5WuQ0LNjYf5iYv6QxEBwDNIRZI5HWYeeA3phRE9jU94cjafgtHJ-q7bkooWOXiOgIjH3Ya7z-achkrIGYm-hRl649RBe6ZhS4oWOa3dRInboAbTBhESyA1qdxnY_AorcAM4DQL-rNgKhCe87zGjdh3nDhBGfdOYMvHNj6phvxh_NqyYOGolw

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 115
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:22 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"access_token":"d2e2fe2d-bbdb-4c94-9b5f-59e07a6d5b85","token_type":"bearer","expires_in":299,"scope":"clientinfo"}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/clientinfo HTTP/1.1
Host: ce-dev4.gluu.org



-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store, private
Connection: Keep-Alive
Content-Length: 375
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:22 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!708D.DEE3.0CC1.AE2E","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]}

#######################################################
TEST: privateKeyJwtAuthenticationMethodRS512Fail
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/restv1/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: ce-dev4.gluu.org

{
    "redirect_uris": [
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "token_endpoint_auth_method": "private_key_jwt",
    "scope": "clientinfo"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Cache-Control: no-store
Connection: Keep-Alive
Content-Length: 1321
Content-Type: application/json
Date: Fri, 06 Jul 2018 07:58:22 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Jetty(9.4.9.v20180320)
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

{
    "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5B85.61C5.821E.AC18",
    "client_secret": "ccd67a35-926e-468f-a1bf-4bad186cf399",
    "registration_access_token": "43daed07-49e1-4bd4-8877-b299310df5d3",
    "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5B85.61C5.821E.AC18",
    "client_id_issued_at": 1530863902,
    "client_secret_expires_at": 1530950302,
    "redirect_uris": [
        "https://client.example.com/cb2",
        "https://client.example.com/cb1",
        "https://client.example.com/cb",
        "https://ce-dev4.gluu.org/oxauth-rp/home.htm"
    ],
    "response_types": ["code"],
    "grant_types": [
        "refresh_token",
        "authorization_code"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD",
    "subject_type": "pairwise",
    "id_token_signed_response_alg": "RS256",
    "token_endpoint_auth_method": "private_key_jwt",
    "require_auth_time": false,
    "frontchannel_logout_session_required": false,
    "scope": "clientinfo",
    "claims": ""
}

03:58:44.325 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance
java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance
	at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0]
	at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121]
	at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121]
	at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?]
	at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?]
	at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?]
	at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS512Fail(ClientCredentialsGrantHttpTest.java:1187) [test-classes/:?]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121]
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121]
	at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121]
	at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:108) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeMethod(Invoker.java:661) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:869) [testng-6.11.jar:?]
	at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1193) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:126) [testng-6.11.jar:?]
	at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.11.jar:?]
	at org.testng.TestRunner.privateRun(TestRunner.java:744) [testng-6.11.jar:?]
	at org.testng.TestRunner.run(TestRunner.java:602) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runTest(SuiteRunner.java:380) [testng-6.11.jar:?]
	at org.testng.SuiteRunner.runSequentially(SuiteRunner.ja