Started by an SCM change Building on master in workspace /home/tomcat/.jenkins/jobs/oxAuth/workspace > git rev-parse --is-inside-work-tree # timeout=10 Fetching changes from the remote Git repository > git config remote.origin.url https://github.com/GluuFederation/oxAuth # timeout=10 Fetching upstream changes from https://github.com/GluuFederation/oxAuth > git --version # timeout=10 > git fetch --tags --progress https://github.com/GluuFederation/oxAuth +refs/heads/*:refs/remotes/origin/* > git rev-parse refs/remotes/origin/master^{commit} # timeout=10 > git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10 Checking out Revision 59f794ae8b6b2c03e81a80ee2c4b103a2e2fec17 (refs/remotes/origin/master) > git config core.sparsecheckout # timeout=10 > git checkout -f 59f794ae8b6b2c03e81a80ee2c4b103a2e2fec17 Commit message: "Merge from 3.1.4" > git rev-list --no-walk e52f8ae3e6933813b06a5b869e72c88ffdee757d # timeout=10 [workspace] $ /bin/bash /opt/tomcat/temp/jenkins1539476253504881466.sh Cloning into 'oxHudsonProfiles'... [workspace] $ /home/tomcat/.jenkins/tools/hudson.tasks.Maven_MavenInstallation/maven_3.3.9/bin/mvn -DVERSION_NAME=master -DPROFILE_NAME=ce-dev4 -DDEVELOPMENT_BUILD=true -DMAVEN_SKIP_TESTS=false -Dpython.import.site=false -DPYTHON_HOME=/opt/jython -Dcfg=ce-dev4 -Dmaven.test.skip=false -Ddevelopment-build=true clean compile install findbugs:findbugs javadoc:javadoc site [INFO] Scanning for projects... [WARNING] [WARNING] Some problems were encountered while building the effective model for org.xdi:oxauth-rp:war:4.0.0-SNAPSHOT [WARNING] 'build.plugins.plugin.version' for org.mortbay.jetty:jetty-maven-plugin is missing. @ org.xdi:oxauth-rp:[unknown-version], /home/tomcat/.jenkins/jobs/oxAuth/workspace/RP/pom.xml, line 74, column 12 [WARNING] [WARNING] It is highly recommended to fix these problems because they threaten the stability of your build. [WARNING] [WARNING] For this reason, future Maven versions might no longer support building such malformed projects. [WARNING] [INFO] ------------------------------------------------------------------------ [INFO] Reactor Build Order: [INFO] [INFO] oxAuth [INFO] oxAuth Model [INFO] oxAuth Client [INFO] oxauth-static [INFO] oxAuth RP [INFO] oxAuth RP Demo [INFO] oxAuth Server [INFO] [INFO] ------------------------------------------------------------------------ [INFO] Building oxAuth 4.0.0-SNAPSHOT [INFO] ------------------------------------------------------------------------ [INFO] [INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth --- [INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/target [INFO] [INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth --- [INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/pom.xml to /var/www/html/maven/org/xdi/oxauth/4.0.0-SNAPSHOT/oxauth-4.0.0-SNAPSHOT.pom [INFO] [INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth --- [INFO] [INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth >>> [INFO] [INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth <<< [INFO] [INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth --- [INFO] [INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth --- [INFO] [INFO] ------------------------------------------------------------------------ [INFO] Building oxAuth Model 4.0.0-SNAPSHOT [INFO] ------------------------------------------------------------------------ [INFO] [INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-model --- [INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target [INFO] [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] Copying 1 resource [INFO] [INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model --- [INFO] Compiling 156 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/classes [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[21,23] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.java:[144,36] RSAPublicKeyImpl is internal proprietary API and may be removed in a future release [INFO] [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-model --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] Copying 1 resource [INFO] [INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-model --- [INFO] Nothing to compile - all classes are up to date [INFO] [INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-model --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] Copying 4 resources [INFO] [INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-model --- [INFO] Compiling 5 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/test-classes [INFO] [INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-model --- ------------------------------------------------------- T E S T S ------------------------------------------------------- Running TestSuite CodeVerifier{codeVerifier='yg0DyPKcOEBqJfq-2aetOE5pu_o-YgQQDOyYOweTvTjt4VCnbjDXGDj5~E_Y6sxZn07X2FTvWlGHmQZ5WT25~LwdqxX4qwKNwBuDN-pRgwIR~gDtuz93GAm7v1tB4~WH', codeChallenge='yg0DyPKcOEBqJfq-2aetOE5pu_o-YgQQDOyYOweTvTjt4VCnbjDXGDj5~E_Y6sxZn07X2FTvWlGHmQZ5WT25~LwdqxX4qwKNwBuDN-pRgwIR~gDtuz93GAm7v1tB4~WH', transformationType=PLAIN} CodeVerifier{codeVerifier='n5yI-X6yXGuCm-KRrkzYuM.28wvJB0CkDKiAqwrK1379Gwjj..q1zAQGfl7MLgv5-D.D.WH4QfPflB6rcEzvKPfd5nLImjQw2ZTZP4-hv3aRBJVXcd2ncjTw9jlaKNUj', codeChallenge='zqEgHBgJWcYv5ecLPjEgdjgIl4LhjYdku2-pUU68apc', transformationType=S256} ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging. Hi there from Javascript, Tests run: 7, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 3.923 sec - in TestSuite Results : Tests run: 7, Failures: 0, Errors: 0, Skipped: 0 [INFO] [INFO] --- maven-jar-plugin:2.4:jar (default-jar) @ oxauth-model --- [INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar [INFO] [INFO] --- maven-jar-plugin:2.4:test-jar (default) @ oxauth-model --- [INFO] Building jar: /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar [INFO] [INFO] --- maven-install-plugin:2.3.1:install (default-install) @ oxauth-model --- [INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model.jar to /var/www/html/maven/org/xdi/oxauth-model/4.0.0-SNAPSHOT/oxauth-model-4.0.0-SNAPSHOT.jar [INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/pom.xml to /var/www/html/maven/org/xdi/oxauth-model/4.0.0-SNAPSHOT/oxauth-model-4.0.0-SNAPSHOT.pom [INFO] Installing /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/oxauth-model-tests.jar to /var/www/html/maven/org/xdi/oxauth-model/4.0.0-SNAPSHOT/oxauth-model-4.0.0-SNAPSHOT-tests.jar [INFO] [INFO] --- findbugs-maven-plugin:3.0.4:findbugs (default-cli) @ oxauth-model --- [INFO] Fork Value is true [java] Warnings generated: 53 [INFO] Done FindBugs Analysis.... [INFO] [INFO] >>> maven-javadoc-plugin:2.10.4:javadoc (default-cli) > generate-sources @ oxauth-model >>> [INFO] [INFO] <<< maven-javadoc-plugin:2.10.4:javadoc (default-cli) < generate-sources @ oxauth-model <<< [INFO] [INFO] --- maven-javadoc-plugin:2.10.4:javadoc (default-cli) @ oxauth-model --- [INFO] Loading source files for package org.xdi.oxauth.model.uma... Loading source files for package org.xdi.oxauth.model.uma.wrapper... Loading source files for package org.xdi.oxauth.model.uma.persistence... Loading source files for package org.xdi.oxauth.model.jwt... Loading source files for package org.xdi.oxauth.model.common... Loading source files for package org.xdi.oxauth.model.jwk... Loading source files for package org.xdi.oxauth.model.exception... Loading source files for package org.xdi.oxauth.model.session... Loading source files for package org.xdi.oxauth.model.fido.u2f... Loading source files for package org.xdi.oxauth.model.fido.u2f.message... Loading source files for package org.xdi.oxauth.model.fido.u2f.exception... Loading source files for package org.xdi.oxauth.model.fido.u2f.protocol... Loading source files for package org.xdi.oxauth.model.gluu... Loading source files for package org.xdi.oxauth.model.register... Loading source files for package org.xdi.oxauth.model.discovery... Loading source files for package org.xdi.oxauth.model.jwe... Loading source files for package org.xdi.oxauth.model.userinfo... Loading source files for package org.xdi.oxauth.model.util... Loading source files for package org.xdi.oxauth.model.authorize... Loading source files for package org.xdi.oxauth.model.configuration... Loading source files for package org.xdi.oxauth.model.error... Loading source files for package org.xdi.oxauth.model.jws... Loading source files for package org.xdi.oxauth.model.token... Loading source files for package org.xdi.oxauth.model.crypto... Loading source files for package org.xdi.oxauth.model.crypto.signature... Loading source files for package org.xdi.oxauth.model.crypto.encryption... Constructing Javadoc information... Standard Doclet version 1.8.0_121 Building tree for all the packages and classes... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/ClaimTokenFormatType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogic.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNode.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/JsonLogicNodeParser.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/PermissionTicket.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptIntrospectionResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RptProfiles.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/RPTResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaConstants.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaMetadata.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermission.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaPermissionList.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResource.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaResourceWithId.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeDescription.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaScopeType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/UmaTokenResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/Token.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaPermission.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaResource.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/UmaScopeDescription.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/Jwt.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimName.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaims.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtClaimSet.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeader.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtHeaderName.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtStateClaimName.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtSubClaimObject.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/JwtType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/PureJwt.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthenticationMethod.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/AuthorizationMethod.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Display.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/GrantType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/HasParamName.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Holder.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Id.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IdType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/IntrospectionResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/JSONable.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/PairwiseIdType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ProgrammingLanguage.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/Prompt.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseMode.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/ScopeType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/SubjectType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/TokenType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/WebKeyStorage.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JSONWebKeySet.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/JWKParameter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/KeyType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/Use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidClaimException.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJweException.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidJwtException.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/InvalidParameterException.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/SignatureException.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionRequestParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/EndSessionResponseParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/DeviceRegistrationStatus.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConfiguration.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fConstants.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/U2fErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/RawRegisterResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/BadInputException.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/RegistrationNotAllowed.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequest.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateRequestMessage.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/AuthenticateStatus.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/ClientData.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/DeviceData.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequest.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterRequestMessage.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/RegisterStatus.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuConfiguration.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/GluuErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/ApplicationType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterRequestParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/RegisterResponseParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/OAuth2Discovery.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerLink.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/WebFingerParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweDecrypter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/AbstractJweEncrypter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/Jwe.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweDecrypterImpl.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/JweEncrypterImpl.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/KeyDerivationFunction.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/Schema.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/UserInfoErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Base64Util.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/JwtUtil.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/LocaleUtil.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Pair.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SecurityProviderUtility.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/StringUtils.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/SubjectIdentifierGenerator.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/URLPatternList.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/Util.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeRequestParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/AuthorizeResponseParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/CodeVerifier.CodeChallengeMethod.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AppConfiguration.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/AuthenticationFilter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/BaseFilter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ClientAuthenticationFilter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/Configuration.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/ConfigurationResponseClaim.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/CorsConfigurationFilter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/IErrorType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/AbstractJwsSigner.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/ECDSASigner.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/HMACSigner.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/JwsSigner.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/PlainTextSignature.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/RSASigner.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/ClientAssertionType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/JsonWebResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/TokenErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/AbstractCryptoProvider.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Certificate.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/CryptoProviderFactory.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/Key.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/KeyFactory.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxAuthCryptoProvider.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/OxElevenCryptoProvider.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PrivateKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/PublicKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/AbstractSigner.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAKeyFactory.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPrivateKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECDSAPublicKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/ECEllipticCurve.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAKeyFactory.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPrivateKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/RSAPublicKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithm.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/SignatureAlgorithmFamily.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/Signer.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/BlockEncryptionAlgorithm.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/KeyEncryptionAlgorithm.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/constant-values.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/serialized-form.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogic.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeDescription.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNodeParser.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermission.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptIntrospectionResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaConstants.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaErrorResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaScopeType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/PermissionTicket.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/ClaimTokenFormatType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResourceWithId.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaResource.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/JsonLogicNode.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RptProfiles.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaTokenResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaMetadata.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaNeedInfoResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/UmaPermissionList.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/class-use/RPTResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/class-use/Token.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaScopeDescription.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaPermission.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/class-use/UmaResource.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/Jwt.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeader.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/PureJwt.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtStateClaimName.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimSet.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtSubClaimObject.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaims.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtClaimName.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/class-use/JwtHeaderName.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ProgrammingLanguage.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IntrospectionResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/HasParamName.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/IdType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/GrantType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthorizationMethod.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/PairwiseIdType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Holder.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/JSONable.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/TokenType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Id.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Prompt.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ResponseMode.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/WebKeyStorage.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/ScopeType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/Display.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/SubjectType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/class-use/AuthenticationMethod.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKeySet.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JWKParameter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/Use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/KeyType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/class-use/JSONWebKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidParameterException.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/SignatureException.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJwtException.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidJweException.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/class-use/InvalidClaimException.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionRequestParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/class-use/EndSessionResponseParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConstants.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fConfiguration.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/DeviceRegistrationStatus.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/class-use/U2fErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawAuthenticateResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/class-use/RawRegisterResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/RegistrationNotAllowed.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/class-use/BadInputException.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequestMessage.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/DeviceData.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateRequest.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterStatus.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/ClientData.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/AuthenticateStatus.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequestMessage.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/class-use/RegisterRequest.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuConfiguration.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/class-use/GluuErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterRequestParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/ApplicationType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/class-use/RegisterResponseParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/OAuth2Discovery.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/class-use/WebFingerLink.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweEncrypter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypterImpl.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweEncrypter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/KeyDerivationFunction.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/JweDecrypterImpl.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/Jwe.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/class-use/AbstractJweDecrypter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/UserInfoErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/class-use/Schema.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/URLPatternList.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Base64Util.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SecurityProviderUtility.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/LocaleUtil.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Util.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/StringUtils.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/SubjectIdentifierGenerator.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/JwtUtil.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/class-use/Pair.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeResponseParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/CodeVerifier.CodeChallengeMethod.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/class-use/AuthorizeRequestParam.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AuthenticationFilter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/Configuration.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/BaseFilter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/AppConfiguration.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/CorsConfigurationFilter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ConfigurationResponseClaim.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/class-use/ClientAuthenticationFilter.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/class-use/IErrorType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/RSASigner.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/HMACSigner.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/AbstractJwsSigner.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/PlainTextSignature.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/ECDSASigner.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/class-use/JwsSigner.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/JsonWebResponse.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/TokenErrorResponseType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/class-use/ClientAssertionType.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxElevenCryptoProvider.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/OxAuthCryptoProvider.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PrivateKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/AbstractCryptoProvider.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Key.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/PublicKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/CryptoProviderFactory.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/Certificate.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/class-use/KeyFactory.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAKeyFactory.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPrivateKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAPublicKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECDSAKeyFactory.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithm.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/SignatureAlgorithmFamily.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPrivateKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/Signer.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/RSAPublicKey.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/AbstractSigner.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/class-use/ECEllipticCurve.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/BlockEncryptionAlgorithm.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/class-use/KeyEncryptionAlgorithm.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/authorize/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/common/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/configuration/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/encryption/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/crypto/signature/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/discovery/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/error/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/exception/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/exception/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/message/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/fido/u2f/protocol/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/gluu/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwe/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwk/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jws/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/jwt/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/register/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/session/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/token/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/persistence/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/uma/wrapper/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/userinfo/package-use.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/org/xdi/oxauth/model/util/package-use.html... Building index for all the packages and classes... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-tree.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index-all.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/deprecated-list.html... Building index for all classes... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-frame.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/allclasses-noframe.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/index.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/overview-summary.html... Generating /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/target/site/apidocs/help-doc.html... 12 warnings [WARNING] Javadoc Warnings [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for clientId [WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) { [WARNING] ^ [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/uma/UmaNeedInfoResponse.java:65: warning: no @param for claimsRedirectUri [WARNING] public String buildClaimsGatheringUrl(String clientId, String claimsRedirectUri) { [WARNING] ^ [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:44: warning: no @return [WARNING] public JwtHeader setType(JwtType type) { [WARNING] ^ [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:63: warning: no @return [WARNING] public JwtHeader setAlgorithm(SignatureAlgorithm algorithm) { [WARNING] ^ [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:77: warning: no @return [WARNING] public JwtHeader setAlgorithm(KeyEncryptionAlgorithm algorithm) { [WARNING] ^ [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/jwt/JwtHeader.java:96: warning: no @return [WARNING] public JwtHeader setKeyId(String keyId) { [WARNING] ^ [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/common/ScopeType.java:30: warning: empty

tag [WARNING] *

[WARNING] ^ [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:37: warning: no @return [WARNING] public byte getUserPresence() { [WARNING] ^ [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:45: warning: no @return [WARNING] public long getCounter() { [WARNING] ^ [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/fido/u2f/message/RawAuthenticateResponse.java:52: warning: no @return [WARNING] public byte[] getSignature() { [WARNING] ^ [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:210: warning: no description for @return [WARNING] * @return [WARNING] ^ [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Model/src/main/java/org/xdi/oxauth/model/util/Util.java:212: warning: no @throws for org.codehaus.jettison.json.JSONException [WARNING] public static Map jsonObjectArrayStringAsMap(String jsonString) throws JSONException { [WARNING] ^ [INFO] [INFO] --- maven-site-plugin:2.1.1:site (default-site) @ oxauth-model --- [INFO] [INFO] ------------------------------------------------------------------------ [INFO] Building oxAuth Client 4.0.0-SNAPSHOT [INFO] ------------------------------------------------------------------------ [INFO] [INFO] --- maven-clean-plugin:2.5:clean (default-clean) @ oxauth-client --- [INFO] Deleting /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target [INFO] [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources [INFO] [INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client --- [INFO] Compiling 59 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/classes [INFO] [INFO] --- maven-resources-plugin:2.6:resources (default-resources) @ oxauth-client --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] skip non existing resourceDirectory /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/main/resources [INFO] [INFO] --- maven-compiler-plugin:2.3.2:compile (default-compile) @ oxauth-client --- [INFO] Nothing to compile - all classes are up to date [INFO] [INFO] --- maven-resources-plugin:2.6:testResources (default-testResources) @ oxauth-client --- [INFO] Using 'UTF-8' encoding to copy filtered resources. [INFO] Copying 17 resources [INFO] [INFO] --- maven-compiler-plugin:2.3.2:testCompile (default-testCompile) @ oxauth-client --- [INFO] Compiling 145 source files to /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/target/test-classes [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[14,24] X509CertImpl is internal proprietary API and may be removed in a future release [WARNING] /home/tomcat/.jenkins/jobs/oxAuth/workspace/Client/src/test/java/org/xdi/oxauth/ws/rs/WebKeysTest.java:[47,35] X509CertImpl is internal proprietary API and may be removed in a future release [INFO] [INFO] --- maven-surefire-plugin:2.19.1:test (default-test) @ oxauth-client --- ------------------------------------------------------- T E S T S ------------------------------------------------------- Running TestSuite ERROR StatusLogger No log4j2 configuration file found. Using default configuration: logging only errors to the console. Set system property 'org.apache.logging.log4j.simplelog.StatusLogger.level' to TRACE to show Log4j2 internal initialization logging. Invoked init test suite method ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:50:13 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:13 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: applicationTypeNativeSubjectTypePairwise ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "native", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "scope": "openid profile address email user_name" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1344 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:13 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3B69.E4B5.5D34.DACC", "client_secret": "d68fe9ee-62f6-4148-9250-0d486de4e727", "registration_access_token": "c891983f-38f3-4302-8684-15c3290cde5f", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3B69.E4B5.5D34.DACC", "client_id_issued_at": 1531227013, "client_secret_expires_at": 1531313413, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "native", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "openid profile address email user_name", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer c891983f-38f3-4302-8684-15c3290cde5f ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1344 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:13 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3B69.E4B5.5D34.DACC", "client_secret": "d68fe9ee-62f6-4148-9250-0d486de4e727", "registration_access_token": "c891983f-38f3-4302-8684-15c3290cde5f", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3B69.E4B5.5D34.DACC", "client_id_issued_at": 1531227013, "client_secret_expires_at": 1531313413, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "native", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "openid profile address email user_name", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213B69.E4B5.5D34.DACC&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0cd0ba4f-aab3-42c8-a1a8-b8d9f88ef4f5&nonce=0e6c0a74-d1b9-4c43-8b66-e3c1878d44ec 08:50:44.391 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:26574852-d781-48c5-8ea0-b6c8c6c39b60 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213B69.E4B5.5D34.DACC&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0cd0ba4f-aab3-42c8-a1a8-b8d9f88ef4f5&nonce=0e6c0a74-d1b9-4c43-8b66-e3c1878d44ec ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=3a168c7c-6591-4f1c-8ed4-8904f999f0e3&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzQjY5LkU0QjUuNUQzNC5EQUNDIiwiZXhwIjoxNTMxMjMwNjIxLCJpYXQiOjE1MzEyMjcwMjEsIm5vbmNlIjoiMGU2YzBhNzQtZDFiOS00YzQzLThiNjYtZTNjMTg3OGQ0NGVjIiwiYXV0aF90aW1lIjoxNTMxMjI3MDIwLCJjX2hhc2giOiJmVXBKUl8xR1ptREZ6WFFUOF9FVllRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiTHdOTjdTNFB3WHlBVkNnMUV1Q1FYNC1sSnZHZFZuMTczSzRSNHRtSE1mQSJ9.IP5tEO0V1SwBDMz35OKLTbvxDkKAd7yonsTsYdsWbeYl0yQbVzJe8N7nZqkeGH5KOixAiTqrjeyFsnGjlCwlNX7zdM-TDOV0gRAET-95AkaIxyvOC4MjEcNNpyFSlO67caF3uIaetavvqO0nDtGAqIu09R45i8jYeP3FCKtLdiEBZv0GncAvkD-wLB2F2zjwRP4a9tj-s-pwuq_P7v2MjRLFhKehPfwktPaP5ASO4t-kU7csv36W-Z5Uwgr7ccoTyiiWSE3j6KPa0urYERTwrjkWf98ihU2YXmbYOPlo1FdXvWQzqKSfiumejvsoHn5QMZNKYc7SNCHG4wM3PAD5xA&session_id=56999ac9-c819-4bfb-be23-62d9ce74c09a&state=0cd0ba4f-aab3-42c8-a1a8-b8d9f88ef4f5&session_state=26574852-d781-48c5-8ea0-b6c8c6c39b60 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxM0I2OS5FNEI1LjVEMzQuREFDQzpkNjhmZTllZS02MmY2LTQxNDgtOTI1MC0wZDQ4NmRlNGU3Mjc= grant_type=authorization_code&code=3a168c7c-6591-4f1c-8ed4-8904f999f0e3&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"529c9cc9-8678-4ec6-8700-b60317647897","token_type":"bearer","expires_in":299,"refresh_token":"370e25ae-066a-44e5-8538-e31f75be77a4","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzQjY5LkU0QjUuNUQzNC5EQUNDIiwiZXhwIjoxNTMxMjMwNjIxLCJpYXQiOjE1MzEyMjcwMjEsIm5vbmNlIjoiMGU2YzBhNzQtZDFiOS00YzQzLThiNjYtZTNjMTg3OGQ0NGVjIiwiYXV0aF90aW1lIjoxNTMxMjI3MDIwLCJhdF9oYXNoIjoiUUpicDY2U2diS1dSZWNwdmI3cWw3QSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ikx3Tk43UzRQd1h5QVZDZzFFdUNRWDQtbEp2R2RWbjE3M0s0UjR0bUhNZkEifQ.EJyFJmbCVmh_x6UWqnmLgqpnogmKZg1IZF_Jh8V-j54YKoDCPdhnWl1w1BwYSrWPrdtuWOT3Yo7klOk1RQoSPCs87cblFAvu0JkcP4f0M_D1qLlN71ugJvBlpsZH9kC7zgn2takv41qwWggswbWnDNfIVhDMbLfEAlWSSOcRbFoIzQP0RPX9_fFl0cxsih83PitdsX6jYUyKY-2HPH6ovCkdt83ob9wAFc7hpfeRT1qFfP5sFmrazNu7sHcvDubXqT1gI0cpTJAMLj5su5EDUo4KbCKKGfeALp5K2P1Tuq0vcjyj0pNnY1bBcr8nk3X1Eg6Ld3nzMhPQqFJD_WsWlQ"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxM0I2OS5FNEI1LjVEMzQuREFDQzpkNjhmZTllZS02MmY2LTQxNDgtOTI1MC0wZDQ4NmRlNGU3Mjc= grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=370e25ae-066a-44e5-8538-e31f75be77a4 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 198 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"236a0926-44bb-474f-bfd5-bcfc45c3eb7f","token_type":"bearer","expires_in":299,"refresh_token":"7bccef32-980a-4eff-b0bc-405aa8ec2b87","scope":"address openid user_name profile email"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 236a0926-44bb-474f-bfd5-bcfc45c3eb7f ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 634 Content-Type: application/json;charset=utf-8 Date: Tue, 10 Jul 2018 12:50:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"LwNN7S4PwXyAVCg1EuCQX4-lJvGdVn173K4R4tmHMfA","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"} ####################################################### TEST: applicationTypeNativeSubjectTypePublic ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "native", "client_name": "oxAuth test app", "subject_type": "public", "scope": "openid profile address email user_name" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1209 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B06.8171.AAC7.89CC", "client_secret": "767999c4-1026-4902-a2ee-7c643c3e0810", "registration_access_token": "159b582e-df88-4a74-8f71-f935f6c11cae", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B06.8171.AAC7.89CC", "client_id_issued_at": 1531227022, "client_secret_expires_at": 1531313422, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "native", "client_name": "oxAuth test app", "subject_type": "public", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "openid profile address email user_name", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 159b582e-df88-4a74-8f71-f935f6c11cae ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1209 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B06.8171.AAC7.89CC", "client_secret": "767999c4-1026-4902-a2ee-7c643c3e0810", "registration_access_token": "159b582e-df88-4a74-8f71-f935f6c11cae", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B06.8171.AAC7.89CC", "client_id_issued_at": 1531227022, "client_secret_expires_at": 1531313422, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "native", "client_name": "oxAuth test app", "subject_type": "public", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "openid profile address email user_name", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217B06.8171.AAC7.89CC&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7c604927-8740-4c98-8c7a-39363bc3b988&nonce=2c6c0273-4957-459e-9af3-e2d7f3e24086 08:50:50.333 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:b4407c6b-03a1-432d-8164-c1b093a34c07 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217B06.8171.AAC7.89CC&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7c604927-8740-4c98-8c7a-39363bc3b988&nonce=2c6c0273-4957-459e-9af3-e2d7f3e24086 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=af7b95d4-0376-4ef3-abca-13af6ada4cf3&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3QjA2LjgxNzEuQUFDNy44OUNDIiwiZXhwIjoxNTMxMjMwNjI1LCJpYXQiOjE1MzEyMjcwMjUsIm5vbmNlIjoiMmM2YzAyNzMtNDk1Ny00NTllLTlhZjMtZTJkN2YzZTI0MDg2IiwiYXV0aF90aW1lIjoxNTMxMjI3MDI1LCJjX2hhc2giOiJkczh2ZDZZZ1ZPcEx1WHdqVS1LMjhBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDAhQjFGMy5BRUFFLkI3OTgifQ.OqReb0OsMvjOgkY3au62HIvnbUxJ_ZOr0V4H-9NSEqttqlraGaO58vQnP4yDamQXU_4YEqrioC1Gk0Nu2WfPl2mdxSaDr3UGOEVpc2k-UXD4WwjGacqkk0pLSdEaoZn65nASFrkCHdPqcwACqDFzwvoxIG_yun1KAeEOCVivg3Y0XVvMWwhmXyXO2fSRienh9UZQ5eqFzQDmIsLMpG5UlqX_EYvNwlBeL5GyMAwOtbuX1Zh7hgxNtYc75FT-Lo0TlSWz4K0cf3q3G48YyvsP3vJtWT6DQZspNNvVtFA8Cc6VJScin_Malp47_bGWvw3wFNbTbV9-0u45dvHd1U7Gcw&session_id=a7acbeaf-3f18-4fa9-808c-dbb14537f4fc&state=7c604927-8740-4c98-8c7a-39363bc3b988&session_state=b4407c6b-03a1-432d-8164-c1b093a34c07 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxN0IwNi44MTcxLkFBQzcuODlDQzo3Njc5OTljNC0xMDI2LTQ5MDItYTJlZS03YzY0M2MzZTA4MTA= grant_type=authorization_code&code=af7b95d4-0376-4ef3-abca-13af6ada4cf3&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1074 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"3de3b3d1-75db-4680-86c2-313bd738add9","token_type":"bearer","expires_in":299,"refresh_token":"92c79907-fdd3-4b7a-9ab3-1bac769ef306","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3QjA2LjgxNzEuQUFDNy44OUNDIiwiZXhwIjoxNTMxMjMwNjI1LCJpYXQiOjE1MzEyMjcwMjUsIm5vbmNlIjoiMmM2YzAyNzMtNDk1Ny00NTllLTlhZjMtZTJkN2YzZTI0MDg2IiwiYXV0aF90aW1lIjoxNTMxMjI3MDI1LCJhdF9oYXNoIjoibUNqNFdtaEtBQXlSNnpQY3kyTWNHdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkAhMzhENC40MTBDLjFENDMuODkzMiEwMDAxITM3RjIuQjc0NCEwMDAwIUIxRjMuQUVBRS5CNzk4In0.lTdUfv7gcaIU2yfMt8-kn-F9ZQofM64Hzyqi6YKD9vzrsoWyuHfNLz7NrmOPsh6UDpG6Cw4J20TQoG1mH9kP1-eifHxg3wjDd8CEtH6zc7dYSO12gAkDXYrW1yvgbAc_E6gHIsVJ6PxMCR5S9p0MmnG8FdNCW_U1suDKhfUBYZjPGjrOHcQvI0G009bCbufH4RVfRfgzwkkTZboZmTFkQLou22wKH5oh4OF2wcA8xtLw4mxV1XcjG0gTcGFZpNYHEbefeSbvsC2WoEW-sC8yU9sGFwwPf_HTdhL-j70b4wLkpi0UMVYu3JSrO38TB4agjk5ys20GSj_vYTLzF9N7HQ"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxN0IwNi44MTcxLkFBQzcuODlDQzo3Njc5OTljNC0xMDI2LTQ5MDItYTJlZS03YzY0M2MzZTA4MTA= grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=92c79907-fdd3-4b7a-9ab3-1bac769ef306 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 198 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"729c0a4c-2faf-458e-a1b4-5fde6d72bcc6","token_type":"bearer","expires_in":299,"refresh_token":"fae2a610-1b1c-4213-9665-f208c55ae44b","scope":"address openid user_name profile email"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 729c0a4c-2faf-458e-a1b4-5fde6d72bcc6 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 647 Content-Type: application/json;charset=utf-8 Date: Tue, 10 Jul 2018 12:50:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"@!38D4.410C.1D43.8932!0001!37F2.B744!0000!B1F3.AEAE.B798","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"} ####################################################### TEST: applicationTypeWeb ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3E4A.28A2.2C5C.0809", "client_secret": "b8ec4079-d4e8-4feb-98f8-7393ee97c1ca", "registration_access_token": "a2ba7a0d-5eed-4e71-81b5-a7305e807367", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3E4A.28A2.2C5C.0809", "client_id_issued_at": 1531227025, "client_secret_expires_at": 1531313425, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer a2ba7a0d-5eed-4e71-81b5-a7305e807367 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3E4A.28A2.2C5C.0809", "client_secret": "b8ec4079-d4e8-4feb-98f8-7393ee97c1ca", "registration_access_token": "a2ba7a0d-5eed-4e71-81b5-a7305e807367", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3E4A.28A2.2C5C.0809", "client_id_issued_at": 1531227025, "client_secret_expires_at": 1531313425, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ####################################################### TEST: applicationTypeWebFail1 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": ["http://client.example.com/cb"], "application_type": "web", "client_name": "oxAuth test app" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Cache-Control: no-store Connection: close Content-Length: 101 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:26 GMT Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_redirect_uri","error_description":"Value of one or more redirect_uris is invalid."} ####################################################### TEST: omittedApplicationType ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!18D7.F14B.A1A8.B444", "client_secret": "f558f556-1110-4667-bebd-be6168d8e80f", "registration_access_token": "3134ec6d-ab4e-4359-a993-134cef80acef", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!18D7.F14B.A1A8.B444", "client_id_issued_at": 1531227026, "client_secret_expires_at": 1531313426, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 3134ec6d-ab4e-4359-a993-134cef80acef ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!18D7.F14B.A1A8.B444", "client_secret": "f558f556-1110-4667-bebd-be6168d8e80f", "registration_access_token": "3134ec6d-ab4e-4359-a993-134cef80acef", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!18D7.F14B.A1A8.B444", "client_id_issued_at": 1531227026, "client_secret_expires_at": 1531313426, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:50:26 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:26 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: authorizationCodeDynamicScopeFlow ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "scope": "openid profile address email user_name org_name work_phone" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1361 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6794.32A3.D14C.316D", "client_secret": "00da6a01-9d74-4e10-9cd1-19d850b73a61", "registration_access_token": "62a42041-b8cf-44a3-a567-3ede98a0ed92", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6794.32A3.D14C.316D", "client_id_issued_at": 1531227026, "client_secret_expires_at": 1531313426, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "openid profile address email user_name org_name work_phone", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216794.32A3.D14C.316D&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=44fbcd2b-e3b2-4770-ba81-362452b4010b&nonce=2d1b7ed6-a699-4d13-a0a6-5f57eab2718b 08:50:54.370 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:6050acaa-2174-4b20-94f8-3bf83bd3d538 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216794.32A3.D14C.316D&scope=openid+profile+address+email+user_name+org_name+work_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=44fbcd2b-e3b2-4770-ba81-362452b4010b&nonce=2d1b7ed6-a699-4d13-a0a6-5f57eab2718b ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=8367c995-b78f-4ac6-8cb9-c3b637f0aaa9&scope=address+openid+user_name+profile+work_phone+org_name+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2Nzk0LjMyQTMuRDE0Qy4zMTZEIiwiZXhwIjoxNTMxMjMwNjI4LCJpYXQiOjE1MzEyMjcwMjgsIm5vbmNlIjoiMmQxYjdlZDYtYTY5OS00ZDEzLWEwYTYtNWY1N2VhYjI3MThiIiwiYXV0aF90aW1lIjoxNTMxMjI3MDI4LCJjX2hhc2giOiI0Y0syNURDUXlZYVhBOW1mZ3FDbEtnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoib1NIaFRxZnlkLWRQVzNrNnkzYk15ZUM1elJDU05vcGdyLUJnNl9qLURLMCJ9.WrLShybWlhXQpKjGkfRpIj-ED2geMsddhm6L9oWmU22chYc8WBCo04UqW1pCaGg7ZHPPPYO53_BgsBijbwDe9iRHUwz_yPg-iKOOkcj-IXsCSszMm3Nk56PlXjo0MNi8x47aoJUxBFxGh5-tk89_H2YXhJKMHPL02k9YgortbmQ9RrjyzbilbPOX64Cg_5lg-U9JB44M0-k8cmUsz2qd6DfCXV0YE0ZaMEiyJuz0Au_hFOuj5rlbtDfyGTdEnmK_UASJ-UtQaxb8__Q-2xVcFS6_-yoRUhjlHlrgvHM-7m-q_jan_NMBzSVBt8sqje18CabJWGNpWTcTk9aD98yewg&session_id=f077dab5-1120-4560-ae6b-1949ecc1229f&state=44fbcd2b-e3b2-4770-ba81-362452b4010b&session_state=6050acaa-2174-4b20-94f8-3bf83bd3d538 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNjc5NC4zMkEzLkQxNEMuMzE2RDowMGRhNmEwMS05ZDc0LTRlMTAtOWNkMS0xOWQ4NTBiNzNhNjE= grant_type=authorization_code&code=8367c995-b78f-4ac6-8cb9-c3b637f0aaa9&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:28 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"46470059-90b5-4227-987e-ae9f48600cad","token_type":"bearer","expires_in":299,"refresh_token":"e006fdc7-5860-4fb3-a6f1-1d51c547baf7","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2Nzk0LjMyQTMuRDE0Qy4zMTZEIiwiZXhwIjoxNTMxMjMwNjI4LCJpYXQiOjE1MzEyMjcwMjgsIm5vbmNlIjoiMmQxYjdlZDYtYTY5OS00ZDEzLWEwYTYtNWY1N2VhYjI3MThiIiwiYXV0aF90aW1lIjoxNTMxMjI3MDI4LCJhdF9oYXNoIjoiSnVCNEZhYy1TX0VRaTRwdjZmX1BzUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Im9TSGhUcWZ5ZC1kUFczazZ5M2JNeWVDNXpSQ1NOb3Bnci1CZzZfai1ESzAifQ.lGmxl0nivuqRDWM7yeh59XVD93ZxrNNKv__tjBVwQYnakNbinbwHzX_1K5D1mF_jNnZEXFPzCF2Fbr7eksDfCOAPVWh8ThdTcXID6zBtSl30vK6ybfHuktQW4WMR2U_aENhuRsVmVSO_3PzT5VcX9pPuHI5rGAxpTnod2-HAfujhwYA43u7hZ8Z_iwz0tO18IxtjNkhDJCpHlb4xF8dxpd7GLf2yeVcsdowfC0Q__0LjMmJshYgF6QgP1Dn_Nlxft_iJwULhPykaT3Spib2YFtJLD493oY5em_9dV8xNLa77WhGXv-EJI3AxNzxR4Um84QfS852XTctPsqbQxm0Dgg"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 46470059-90b5-4227-987e-ae9f48600cad ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 690 Content-Type: application/json;charset=utf-8 Date: Tue, 10 Jul 2018 12:50:29 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"oSHhTqfyd-dPW3k6y3bMyeC5zRCSNopgr-Bg6_j-DK0","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org","org_name":"Gluu, Inc.","work_phone":["(512) 516-2413"]} ####################################################### TEST: authorizationCodeFlow ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "scope": "openid profile address email phone user_name" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1347 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:29 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8962.5D1A.4D59.9509", "client_secret": "f7092371-1e8e-4f6e-911a-1d339d330b2b", "registration_access_token": "456338d4-21a0-410f-b528-9a4d07b4de77", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8962.5D1A.4D59.9509", "client_id_issued_at": 1531227029, "client_secret_expires_at": 1531313429, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "openid profile address email phone user_name", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218962.5D1A.4D59.9509&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eba9b592-c330-4642-8835-15598387a86f&nonce=c75b4847-bacc-46d6-9b36-bd944bc01d7c 08:50:56.998 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:060d6943-a44b-443b-b6f0-f26104e29b2f ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218962.5D1A.4D59.9509&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eba9b592-c330-4642-8835-15598387a86f&nonce=c75b4847-bacc-46d6-9b36-bd944bc01d7c ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=ab62a43f-af5e-4594-bb6a-2ec81579869a&scope=address+phone+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4OTYyLjVEMUEuNEQ1OS45NTA5IiwiZXhwIjoxNTMxMjMwNjMxLCJpYXQiOjE1MzEyMjcwMzEsIm5vbmNlIjoiYzc1YjQ4NDctYmFjYy00NmQ2LTliMzYtYmQ5NDRiYzAxZDdjIiwiYXV0aF90aW1lIjoxNTMxMjI3MDMxLCJjX2hhc2giOiJlbS1OQjRPRThNMnFLVjdRTmhrRGlBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiV1hzemJLREd5Q3RYdXV5bHZUY3NlaXFocWhSOV9VTHBzNW5FekYwNFdCVSJ9.n7Nh3M_Se5oEg0Yzqm12hvDqYnU2ShAq-nFKD_dxxaEr2IeL_l8fv_esn-V8n7euodcd9bJE6cIh2pkbc0Bb4fQk0g9z-52-YlJ7b1oqR3Zlb9L6OncZXfPjwNNLOZzgGPV7QvD6Pihh5TaEfZLX_6F5MmTZqxExZN19TFbrdLe8L0ceIA7YmmJHF783Ud4WVdKrGxHH7M8GrposDMt9vsx29d3hR9Xym-6xBFf6aHN4o5Fji25r8abPNUqGMSq1SXZTNDdEbGw_yMeNylPG8tDBNH0Sy6rqUtNh1haUel8FNm39fZi86wW7ZCIRCwQ91kc4GMBUzDmUAo2lFAbL6Q&session_id=88865d34-e546-4d54-9f22-5172f51ba256&state=eba9b592-c330-4642-8835-15598387a86f&session_state=060d6943-a44b-443b-b6f0-f26104e29b2f ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxODk2Mi41RDFBLjRENTkuOTUwOTpmNzA5MjM3MS0xZThlLTRmNmUtOTExYS0xZDMzOWQzMzBiMmI= grant_type=authorization_code&code=ab62a43f-af5e-4594-bb6a-2ec81579869a&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:31 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"d938ae8b-c59c-4df9-904e-e7b7b523d721","token_type":"bearer","expires_in":299,"refresh_token":"28744d31-026e-4b11-ad2d-6db9ad261332","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4OTYyLjVEMUEuNEQ1OS45NTA5IiwiZXhwIjoxNTMxMjMwNjMxLCJpYXQiOjE1MzEyMjcwMzEsIm5vbmNlIjoiYzc1YjQ4NDctYmFjYy00NmQ2LTliMzYtYmQ5NDRiYzAxZDdjIiwiYXV0aF90aW1lIjoxNTMxMjI3MDMxLCJhdF9oYXNoIjoiUEtZOFdjd2YwbHpXVUtxVURlVXFzUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IldYc3piS0RHeUN0WHV1eWx2VGNzZWlxaHFoUjlfVUxwczVuRXpGMDRXQlUifQ.Rwx-tH5PM8Fug9t1Aj0T62kiRy7iNCmJOQ6G1uEO1uILdJxV0NuEJyQtXg3C_ZoDwiVhMoNVAu4alUufyC8pVoe5aMWf24-oFeD3QWJZTMbKH1zuStj1twNzCt2jdAp63LCLK9TxAQSx4w_TUVGqb2AGUIte8F-wgE_RyxvEja_VYLgOZpcKodqpzQVzFAK3T0y6qDxn2Jqc8bmk1-nSjHmv3Qnqdqdyrk_ECjnA2wze7Fk0Wf8DAqP1SfBOVDvxnus5tKBznr2NsKGhQBVWGl4VutaKwKu3aMGABKai_7KZhROEqU59iUXS7lPnjG2S0Mp9dY8lmPu3gX7__Lc2-g"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxODk2Mi41RDFBLjRENTkuOTUwOTpmNzA5MjM3MS0xZThlLTRmNmUtOTExYS0xZDMzOWQzMzBiMmI= grant_type=refresh_token&scope=address+phone+openid+user_name+profile+email&refresh_token=28744d31-026e-4b11-ad2d-6db9ad261332 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 204 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:31 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"b2045d72-3ec1-4e05-9a26-7ad46e49e07f","token_type":"bearer","expires_in":299,"refresh_token":"a24e0987-95e1-406c-ae63-b86337e9cb30","scope":"address phone openid user_name profile email"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer b2045d72-3ec1-4e05-9a26-7ad46e49e07f ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 695 Content-Type: application/json;charset=utf-8 Date: Tue, 10 Jul 2018 12:50:31 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"WXszbKDGyCtXuuylvTcseiqhqhR9_ULps5nEzF04WBU","phone_number_verified":true,"phone_number":"(512) 516-2413","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"} ####################################################### TEST: authorizationCodeFlowLoginHint ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "scope": "openid profile address email user_name" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1341 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:31 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A0E5.F320.7544.CE81", "client_secret": "7ef0d790-3b38-494a-a1aa-277388847ed9", "registration_access_token": "ba397e1a-2e7a-4036-95c5-329badcf22a3", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A0E5.F320.7544.CE81", "client_id_issued_at": 1531227032, "client_secret_expires_at": 1531313432, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "openid profile address email user_name", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A0E5.F320.7544.CE81&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9500e05a-80a8-44fd-986e-9589299be2b6&nonce=3508fcc6-1d42-4dd1-8d13-2948fd740658&login_hint=test_user 08:50:59.857 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:6bef249d-3245-40e6-822b-9c3b2f5aadbd ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A0E5.F320.7544.CE81&scope=openid+profile+address+email+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9500e05a-80a8-44fd-986e-9589299be2b6&nonce=3508fcc6-1d42-4dd1-8d13-2948fd740658&login_hint=test_user ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=60d5b931-f617-4452-8954-653151943a54&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMEU1LkYzMjAuNzU0NC5DRTgxIiwiZXhwIjoxNTMxMjMwNjM0LCJpYXQiOjE1MzEyMjcwMzQsIm5vbmNlIjoiMzUwOGZjYzYtMWQ0Mi00ZGQxLThkMTMtMjk0OGZkNzQwNjU4IiwiYXV0aF90aW1lIjoxNTMxMjI3MDMzLCJjX2hhc2giOiJDSDVqVmhGeE5oUzZubVprNjBrZUJ3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiN2dqMEJEdjNnRGszb253UkRWclFlOG5sWFZsdGJSbzNySnItdmpqYkt2VSJ9.Dw_YFlqgQWzO2GeQib6r_OBF4Bg2udSZ1U-5zCqzZX1MZdhXt1u1nWcQ9iP76eg9OEHXUSkkISi279Bvx1NtTRqUYxpER8VbcIJZIPIQOxbI_9F6ETUOBPg5BfebQ35zbBF-r3ih9wnjwzq9joa47MTXsyE6PD-CeSOyoMiY7Cv7mbqTmbMiSUsYwPmAPIsGOswnTgiDfiAhPUfLul6QjQlzyISpFVLTdMx9qjOvniHdLMKAzdAtUHunJMAv30CUBdMCwO_ARdJmGkcoZJVpTuBmmHYAYiqscGNikqusYNBtACiNcnlrV6NGnsWh1bOVl_cr0IjYUNV_VeKvpM6Ysg&session_id=c8081861-9aeb-4a8b-af5e-065e1f45ee4e&state=9500e05a-80a8-44fd-986e-9589299be2b6&session_state=6bef249d-3245-40e6-822b-9c3b2f5aadbd ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQTBFNS5GMzIwLjc1NDQuQ0U4MTo3ZWYwZDc5MC0zYjM4LTQ5NGEtYTFhYS0yNzczODg4NDdlZDk= grant_type=authorization_code&code=60d5b931-f617-4452-8954-653151943a54&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"d81645a5-16dd-4c7e-9ebb-72b3b9ef50b3","token_type":"bearer","expires_in":299,"refresh_token":"86e4ee18-7371-4c3e-b594-613899c21ff1","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMEU1LkYzMjAuNzU0NC5DRTgxIiwiZXhwIjoxNTMxMjMwNjM0LCJpYXQiOjE1MzEyMjcwMzQsIm5vbmNlIjoiMzUwOGZjYzYtMWQ0Mi00ZGQxLThkMTMtMjk0OGZkNzQwNjU4IiwiYXV0aF90aW1lIjoxNTMxMjI3MDMzLCJhdF9oYXNoIjoiNEpnQnA4ZF9GdVZaclVZMEo3Y3hodyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjdnajBCRHYzZ0RrM29ud1JEVnJRZThubFhWbHRiUm8zckpyLXZqamJLdlUifQ.Qh43_Daoz61HxJHzG7j1spwwVLsFSXOl9gAU-Pa_VnWXNHdIQVXt4kJH1PCRB5HML1VMz9pr6f_0KX7aZTiBHmC_YXnHUbZG3kvUTcZprORWMbRN2lIe2l3Pg7iZ-KGDQp5HS9XmxSgw1TN6f15mT48j8nLst_y4OIjOn8vCbTuPvE0rIsmE6Gvq2o0W4bpAONSke7-G2se7cmB5F4WAjIYYpsTQD825nunKMkwlPeKR_ZHXHk-NRZZM4nlWWHlcu0UQSd0-r6aC75q6rVb3iz1MauQAGwc7lQ2-LWQlUNq_Opeuzz5xTeC_lQpeoEteS5AxwaU6EbqYGIBISmAiKw"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQTBFNS5GMzIwLjc1NDQuQ0U4MTo3ZWYwZDc5MC0zYjM4LTQ5NGEtYTFhYS0yNzczODg4NDdlZDk= grant_type=refresh_token&scope=address+openid+user_name+profile+email&refresh_token=86e4ee18-7371-4c3e-b594-613899c21ff1 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 198 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"52f35df9-c578-4381-bd3e-a1ebbe6be69a","token_type":"bearer","expires_in":299,"refresh_token":"dfc590ac-d71c-4fbc-b924-2207d7e34c47","scope":"address openid user_name profile email"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 52f35df9-c578-4381-bd3e-a1ebbe6be69a ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 634 Content-Type: application/json;charset=utf-8 Date: Tue, 10 Jul 2018 12:50:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"7gj0BDv3gDk3onwRDVrQe8nlXVltbRo3rJr-vjjbKvU","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"} ####################################################### TEST: authorizationCodeFlowNegativeTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "scope": "openid" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1309 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!157A.8C40.D40B.D23E", "client_secret": "9dc0cdc1-bcb5-4c6e-9e1d-cc0cef4ca419", "registration_access_token": "6613050a-dcd7-4fe7-9fd0-8875198077c1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!157A.8C40.D40B.D23E", "client_id_issued_at": 1531227034, "client_secret_expires_at": 1531313434, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "openid", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21157A.8C40.D40B.D23E&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=024057a8-010e-4e7e-b6ff-8200edd5479e&nonce=18207c7c-0e15-482d-878e-565ab44a853e 08:51:02.720 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:5d81b861-ab4a-4cd2-ae4a-c8ac1b6f4816 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21157A.8C40.D40B.D23E&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=024057a8-010e-4e7e-b6ff-8200edd5479e&nonce=18207c7c-0e15-482d-878e-565ab44a853e ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=9c48b3e1-4eae-453e-a580-916fa0f9c2e5&scope=openid&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExNTdBLjhDNDAuRDQwQi5EMjNFIiwiZXhwIjoxNTMxMjMwNjM4LCJpYXQiOjE1MzEyMjcwMzgsIm5vbmNlIjoiMTgyMDdjN2MtMGUxNS00ODJkLTg3OGUtNTY1YWI0NGE4NTNlIiwiYXV0aF90aW1lIjoxNTMxMjI3MDM4LCJjX2hhc2giOiJCU1JrMVNBOUlqTzB1U1V0YzNHVUNBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiVzlBTUlkN2pucEhUUlNZeDY0VGpzLWw1aXgwUVVLS1kteDdHXzBkRGxUOCJ9.hbC_Y2JesMpWtMf_4xGNYy3JHaf9fWnY0jT-0kvg8wcP1PwEJUyH9wcsJba4-kkmlpilLBadOhWdOjRFa0jdhbsnlgUSTUGeeq_Nf-TpvtNS0ywWgJlUIwz_UjXCL2Th82tAq32m3N533rP92QNdmE2B-vjw2pc3QyxqrTSf8Lc8Y_0AjsYQ2c0tF8ldLmXxzNgqZnkgocNfpSx7Qb4U932XBC4SJZyNxZkVyAnewQL4JzxJ2SA7AEK9wh9PJUx6Me96bnApVBV0jCNKHiyQoW3VJOFaoQw9BwnoQdSLK713qpVpLNMhl3V0iG5Yq9G0H7qpiyTlXTUlmIbNV7SmlA&session_id=8e242501-14cf-406f-b05c-1467e4b12c0a&state=024057a8-010e-4e7e-b6ff-8200edd5479e&session_state=5d81b861-ab4a-4cd2-ae4a-c8ac1b6f4816 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMTU3QS44QzQwLkQ0MEIuRDIzRTo5ZGMwY2RjMS1iY2I1LTRjNmUtOWUxZC1jYzBjZWY0Y2E0MTk= grant_type=authorization_code&code=9c48b3e1-4eae-453e-a580-916fa0f9c2e5&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:38 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"a9dbcf93-c89c-462c-a521-9926cc722bdb","token_type":"bearer","expires_in":299,"refresh_token":"02c033de-695c-4102-b8d6-17738d699eca","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExNTdBLjhDNDAuRDQwQi5EMjNFIiwiZXhwIjoxNTMxMjMwNjM4LCJpYXQiOjE1MzEyMjcwMzgsIm5vbmNlIjoiMTgyMDdjN2MtMGUxNS00ODJkLTg3OGUtNTY1YWI0NGE4NTNlIiwiYXV0aF90aW1lIjoxNTMxMjI3MDM4LCJhdF9oYXNoIjoiSzlucXF0Z0pONUZwT1hOM0I3ZVR2USIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ilc5QU1JZDdqbnBIVFJTWXg2NFRqcy1sNWl4MFFVS0tZLXg3R18wZERsVDgifQ.h-NMEYKJKW6GXCRHsuYqLae__i0Neqj5ZjSuM38IBBDSwOb_eVbblpKRzbg2pX2cb4Evt5D4ANHpt6BcfDhN2Yxbu90bjAsrRk8ycKePI90kfhOcohkLZWpcQqHzqM3KtzDEK-vMnXZ7vlqRy4rjX0EMP4hEfaIRN1I9wUKFRLN1giY-mnBIyxgQNFgFcYeLjjgIIchoIrVkQkuOXix3WJwhtxRFrX3A0w-vHwWTi46hqSoyPO_YmmjPJziymxO3wDexUitoSKKn06xaZ3ab1Hyql36xCe0vEy2WozRPdpe4dLSYfjK_-0gQBgd2UXNeqiDYBRUWpLDst3BkwSHV3A"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMTU3QS44QzQwLkQ0MEIuRDIzRTo5ZGMwY2RjMS1iY2I1LTRjNmUtOWUxZC1jYzBjZWY0Y2E0MTk= grant_type=refresh_token&scope=openid&refresh_token=02c033de-695c-4102-b8d6-17738d699eca ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 166 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:38 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"71596f99-48f3-4c23-9774-035956bc3866","token_type":"bearer","expires_in":299,"refresh_token":"d842d194-a443-4df2-9eb2-36c076312d49","scope":"openid"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 71596f99-48f3-4c23-9774-035956bc3866 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 53 Content-Type: application/json;charset=utf-8 Date: Tue, 10 Jul 2018 12:50:38 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"sub":"W9AMId7jnpHTRSYx64Tjs-l5ix0QUKKY-x7G_0dDlT8"} ####################################################### TEST: authorizationCodeFlowWithOptionalNonce ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:38 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A8A1.EA30.B3DB.38D6", "client_secret": "3350ee85-270e-467c-a525-1df7e21ee087", "registration_access_token": "bdf26c25-d8cc-4e60-8124-f770c4ac7864", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A8A1.EA30.B3DB.38D6", "client_id_issued_at": 1531227039, "client_secret_expires_at": 1531313439, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A8A1.EA30.B3DB.38D6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f877751c-43fc-4333-994b-1dfa48c46997&nonce=fdab2700-83bd-43ee-807d-92ae9a6468ea 08:51:06.820 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:68fc1ac9-0654-4632-bd4f-be4ce4c27520 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A8A1.EA30.B3DB.38D6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f877751c-43fc-4333-994b-1dfa48c46997&nonce=fdab2700-83bd-43ee-807d-92ae9a6468ea ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=a5b8624e-f125-48bb-8ceb-51d17a305670&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBOEExLkVBMzAuQjNEQi4zOEQ2IiwiZXhwIjoxNTMxMjMwNjQwLCJpYXQiOjE1MzEyMjcwNDAsIm5vbmNlIjoiZmRhYjI3MDAtODNiZC00M2VlLTgwN2QtOTJhZTlhNjQ2OGVhIiwiYXV0aF90aW1lIjoxNTMxMjI3MDQwLCJjX2hhc2giOiJ5V3lUX0dSTDBqUzd4VTBUaDk5Y29nIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiUnM5S3NuZUdIWDQ4UFF6RFZyU2ZheGp4Qk1aWWVpNFlaUVF3RGpFU0k4WSJ9.B-flwanENCj6V50R7u3kFsIyGLO0zsXgzaQ74oPz0_MxIz9HinMCToMOqoCzOmiHm5Kmy_20OMrmikUQNDNZlG0-3Sie7TxGirTJlGWhGXMJ6nelrgBPkpI8BkjG5bJnYX7sL12ae1JOiEa1WndnyjWkk6Db6dBWTao6nX1gkCNoBKsWDgF6X9iawXEUUrJd2KVPfNSlqRCVNzrYnwtlkRm4reJk9dtG4EgVHlBUx8EzDnfecrRHF1rDJMEWKHW9UrGk8yA5MXkC31_xMVMUyECkyX51MZuXyVoH4ETgs33L3m3997ADA-EY36uWaL2NMY1soeUNAaTUlOV91huwHw&session_id=7f7fb2a7-c708-438a-874e-034e9dbbe0bc&state=f877751c-43fc-4333-994b-1dfa48c46997&session_state=68fc1ac9-0654-4632-bd4f-be4ce4c27520 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQThBMS5FQTMwLkIzREIuMzhENjozMzUwZWU4NS0yNzBlLTQ2N2MtYTUyNS0xZGY3ZTIxZWUwODc= grant_type=authorization_code&code=a5b8624e-f125-48bb-8ceb-51d17a305670&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:41 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"9afaf709-d36d-4f98-ad20-01e71f959dd2","token_type":"bearer","expires_in":299,"refresh_token":"cf10ed9d-863c-4e54-8f30-d62fd5790fc4","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBOEExLkVBMzAuQjNEQi4zOEQ2IiwiZXhwIjoxNTMxMjMwNjQxLCJpYXQiOjE1MzEyMjcwNDEsIm5vbmNlIjoiZmRhYjI3MDAtODNiZC00M2VlLTgwN2QtOTJhZTlhNjQ2OGVhIiwiYXV0aF90aW1lIjoxNTMxMjI3MDQwLCJhdF9oYXNoIjoiaVpBczVVWVZIbTVmMl82VjdIOGRPZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlJzOUtzbmVHSFg0OFBRekRWclNmYXhqeEJNWlllaTRZWlFRd0RqRVNJOFkifQ.lVGDkkVPvXwI6Shqv5HLQYScI1QXGgdKLftAHJscPkkXbvYnd7v9l5CFLUE-5giG4uqMHxW-kiHQAXIPvVHYaIUlDBiGtvUwq5CVS5-K3ZglATOOGrM8FTn3If2QaJI6wmrr_6nlCThwuH_GwHl-nUeCAfkY4NeLe0bpY63_6ZVvF7RaAeqlSHi65rueMRDX0B_ov9a6erkHfoiHVbUloWXexG8DjAdhhhRMcKJAb2vhq9hf_jzWdA1yCngVUUPaO-f4UU8ojr7Rfi0WLPSIKxqLMoe0dEuUzOEYSonHOs-foVC17XOMcmX_x1i0pTLK75g7jifwA8bmQcU1Qy_3tA"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQThBMS5FQTMwLkIzREIuMzhENjozMzUwZWU4NS0yNzBlLTQ2N2MtYTUyNS0xZGY3ZTIxZWUwODc= grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=cf10ed9d-863c-4e54-8f30-d62fd5790fc4 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 188 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:41 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"442a36eb-639b-4fe0-b14d-4b44ac6aa68c","token_type":"bearer","expires_in":299,"refresh_token":"589b4caf-2475-4492-a460-932297e1a471","scope":"address openid profile email"} ####################################################### TEST: authorizationCodeWithNotAllowedScopeFlow ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "scope": "openid profile address email user_name" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1341 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:41 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F1B1.1725.B09E.8829", "client_secret": "625fe36b-0705-43f7-b007-670522c9c9b9", "registration_access_token": "69e8918e-44c5-4f1e-891d-0f7e464aec43", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F1B1.1725.B09E.8829", "client_id_issued_at": 1531227041, "client_secret_expires_at": 1531313441, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "openid profile address email user_name", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F1B1.1725.B09E.8829&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5271e578-b76f-4edf-a974-d790235406ce&nonce=1db6d754-020c-4640-aa98-1be37201c544 08:51:09.140 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:a19b29dd-efa5-4548-87cc-e914f51b6fb8 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F1B1.1725.B09E.8829&scope=openid+profile+address+email+user_name+mobile_phone&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=5271e578-b76f-4edf-a974-d790235406ce&nonce=1db6d754-020c-4640-aa98-1be37201c544 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=f9d5ce7c-fe06-4872-985a-816801a82e23&scope=address+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGMUIxLjE3MjUuQjA5RS44ODI5IiwiZXhwIjoxNTMxMjMwNjQzLCJpYXQiOjE1MzEyMjcwNDMsIm5vbmNlIjoiMWRiNmQ3NTQtMDIwYy00NjQwLWFhOTgtMWJlMzcyMDFjNTQ0IiwiYXV0aF90aW1lIjoxNTMxMjI3MDQyLCJjX2hhc2giOiIxNUdpZ29CcUhmRllMVzk3R0pUeGVBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiNnVNZEd6ZUhVWkhZZzVQdmd0ejBQa28zWExGdTFfeWx4MWRqV1lzWHM4YyJ9.NvEly-Kl39AsB6KT_X-4WtIyHCAZsA0E7MW0gCCYTTsqEwI64kDmJAEoPvb63j1XSmfv3sFc8Ke79m92Kl2yNxGv32dRQ9Fj6bjBKcQjLGei0z3yhmiUKgRD3u0BTvkVRo11L67F7KnODWjKEjA-nd-QdhG5-i3wdEfwdCkqdXQ_fog9YvHGTtHpFsrvwoYjph3LkHu_QJ9EA4b0KJpXjvQAH7H5DswV7fnHNcT6_7YLTw1VL4pJZYK0LeZ0qQ_EmLhnkVsFfa0EANEKR8Q_oQqr3KOtdZDI0xfedxYxnv__-nWY5zZ8u67rYq0oMHeCYOag8XRXRPojPnv7vhY0pw&session_id=d40e7af1-660a-4575-8f21-f34721420d28&state=5271e578-b76f-4edf-a974-d790235406ce&session_state=a19b29dd-efa5-4548-87cc-e914f51b6fb8 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRjFCMS4xNzI1LkIwOUUuODgyOTo2MjVmZTM2Yi0wNzA1LTQzZjctYjAwNy02NzA1MjJjOWM5Yjk= grant_type=authorization_code&code=f9d5ce7c-fe06-4872-985a-816801a82e23&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:43 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"9f2cd2a3-beeb-4a70-a8a5-8454d2d2d3ce","token_type":"bearer","expires_in":299,"refresh_token":"346d77fa-25c4-4f90-9bbb-94abfdb957d3","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGMUIxLjE3MjUuQjA5RS44ODI5IiwiZXhwIjoxNTMxMjMwNjQzLCJpYXQiOjE1MzEyMjcwNDMsIm5vbmNlIjoiMWRiNmQ3NTQtMDIwYy00NjQwLWFhOTgtMWJlMzcyMDFjNTQ0IiwiYXV0aF90aW1lIjoxNTMxMjI3MDQyLCJhdF9oYXNoIjoiV0RPQzg4czJwdmpieWxrelViWm03ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjZ1TWRHemVIVVpIWWc1UHZndHowUGtvM1hMRnUxX3lseDFkaldZc1hzOGMifQ.m9ClhXocB1eCJhNJwYsEFcp49SKQ5M3aAzvACtFcOgamZpRpHvYOJcsurYDiySnoxKBEzfLLukmcIOsqyA25v7KHWAFynZQCZ_m4j2JpXkxDGARlbAb4Xzra5QpRzRkLjJY-CTLdrNX2zmcaIEhUNYK__g_Js922m5MTouEKHmP-oxeZg7JYxV5TZv9TrUjrDwBmvjvuoK6w6EHNYdnsGm06KvneeMi04Zqkt_uHTtHVoY85IJZ46a6fhZUmvB-tztykzgzGU24Ma5fCHYd8z6IwkvSYx54vyJ5z3yOIABF5M9_aI9SMpOi3NQLI6ghGoXs_XS_8l8BAsvoJiqp2yw"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 9f2cd2a3-beeb-4a70-a8a5-8454d2d2d3ce ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 634 Content-Type: application/json;charset=utf-8 Date: Tue, 10 Jul 2018 12:50:43 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"6uMdGzeHUZHYg5Pvgtz0Pko3XLFu1_ylx1djWYsXs8c","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"} ####################################################### TEST: revokeTokens ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:43 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9AC7.EF92.8EA2.7A25", "client_secret": "2e079dff-c03a-46b8-9966-c0bfa32cfc66", "registration_access_token": "ea63979f-2f03-4d38-8924-977edb0fad75", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9AC7.EF92.8EA2.7A25", "client_id_issued_at": 1531227043, "client_secret_expires_at": 1531313443, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer ea63979f-2f03-4d38-8924-977edb0fad75 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:43 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9AC7.EF92.8EA2.7A25", "client_secret": "2e079dff-c03a-46b8-9966-c0bfa32cfc66", "registration_access_token": "ea63979f-2f03-4d38-8924-977edb0fad75", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9AC7.EF92.8EA2.7A25", "client_id_issued_at": 1531227043, "client_secret_expires_at": 1531313443, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219AC7.EF92.8EA2.7A25&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=64dd69f6-0fef-4701-919a-4e4c9e1dab77&nonce=a81a6b6c-64eb-4b1a-9e2c-4075b1f70619 08:51:11.451 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:601c161a-bbb1-49f1-8fee-dd254a04154b ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219AC7.EF92.8EA2.7A25&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=64dd69f6-0fef-4701-919a-4e4c9e1dab77&nonce=a81a6b6c-64eb-4b1a-9e2c-4075b1f70619 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=1c57446e-bcdf-4d5a-8724-2569216f2080&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5QUM3LkVGOTIuOEVBMi43QTI1IiwiZXhwIjoxNTMxMjMwNjQ1LCJpYXQiOjE1MzEyMjcwNDUsIm5vbmNlIjoiYTgxYTZiNmMtNjRlYi00YjFhLTllMmMtNDA3NWIxZjcwNjE5IiwiYXV0aF90aW1lIjoxNTMxMjI3MDQ1LCJjX2hhc2giOiJ4S3NCYXc5bW9uMXBEeTdwbmlncU5nIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoid19NamU1eGEzZGdxSGdZV1AxSmhRd1o0U3BUeHpkc0tHV0l6UVhHUEp4SSJ9.Swl8RbVQIN6_NJ7mBqnRdZWPvwYzgcPFF1EQA9Ef9wY3AuS1ftf1OM0JZ5h7zMe5d_NefL6sz9YE_VkYE19p-Gcbhr3nmhJxeebX1_qa6xjO40uwhewX41fMsijKQcYXLFu1n6GjPV76tlR6BnZ3N5kORJHMaf5r_FPvSTa81z19z0O16EEoR2EVxae-Gb7vMcPK9EBCcHj8ExP5Un4Usg9M2K24W1EfThXjCs7yPh6HHZOgz4Pq8XkXIHzUoHexHkqe0Ufgm509Q3Fa2_pzbyOm82_zFVobOKKM4ZVwJFUlB1HSn3zIGAOrHCVIRo0sRGeIeuoaDAC2mQ4oy5LAvg&session_id=4eaf1dc1-f917-487e-b299-38c2412040ae&state=64dd69f6-0fef-4701-919a-4e4c9e1dab77&session_state=601c161a-bbb1-49f1-8fee-dd254a04154b ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxOUFDNy5FRjkyLjhFQTIuN0EyNToyZTA3OWRmZi1jMDNhLTQ2YjgtOTk2Ni1jMGJmYTMyY2ZjNjY= grant_type=authorization_code&code=1c57446e-bcdf-4d5a-8724-2569216f2080&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:45 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"8cfa0d78-9c5b-4f86-88d9-4d301ee10340","token_type":"bearer","expires_in":299,"refresh_token":"5ee17c47-65a2-4169-924e-93cd31486a36","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5QUM3LkVGOTIuOEVBMi43QTI1IiwiZXhwIjoxNTMxMjMwNjQ1LCJpYXQiOjE1MzEyMjcwNDUsIm5vbmNlIjoiYTgxYTZiNmMtNjRlYi00YjFhLTllMmMtNDA3NWIxZjcwNjE5IiwiYXV0aF90aW1lIjoxNTMxMjI3MDQ1LCJhdF9oYXNoIjoiQVlUSmF0Qm1kekpaUVdzWkplWHF5dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IndfTWplNXhhM2RncUhnWVdQMUpoUXdaNFNwVHh6ZHNLR1dJelFYR1BKeEkifQ.PDgI-nssa1GP41iVgG5WLq7WQmFQyYN2VurjkyxYsaaVG3S0sjsZjkAFGVc2HruSh6BlS4CG6eUhC9czsyqxSQL1aYOuOX7eRJmumIl57klFSKzniDzuVZxUhD5lj8CnfmWxmsXxanl71iPDTiKU7T8PvaSK97eCq9vHJX1ZwPRp_b2x48sPGZihsIyfvgdZTqL-156nV4N7QX30D18ULIU0EngZTpA91iQjSZ33_DuuKfU4OMbRvwHs_rzlIH50yX-Ys6TADZs9L3eciuqyl1DySTY0NuV3GFbD429AWvzsemkT89c6xW_rQ8VfC_eJmU4mHqSJHJhINkRGmBQ6Yw"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxOUFDNy5FRjkyLjhFQTIuN0EyNToyZTA3OWRmZi1jMDNhLTQ2YjgtOTk2Ni1jMGJmYTMyY2ZjNjY= grant_type=authorization_code&code=1c57446e-bcdf-4d5a-8724-2569216f2080&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Cache-Control: no-store Connection: close Content-Length: 213 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:45 GMT Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxOUFDNy5FRjkyLjhFQTIuN0EyNToyZTA3OWRmZi1jMDNhLTQ2YjgtOTk2Ni1jMGJmYTMyY2ZjNjY= grant_type=refresh_token&scope=address+openid+profile+email&refresh_token=5ee17c47-65a2-4169-924e-93cd31486a36 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Cache-Control: no-store Connection: Keep-Alive Content-Length: 213 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:45 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 8cfa0d78-9c5b-4f86-88d9-4d301ee10340 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 203 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:45 GMT Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."} ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:50:46 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:46 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:46 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8A80.C6E5.DDFD.6C3A", "client_secret": "83bf8954-bdbb-4210-85ee-335dc65b1a21", "registration_access_token": "af7ec6e6-2497-43d1-b7ba-4a78669ec62a", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8A80.C6E5.DDFD.6C3A", "client_id_issued_at": 1531227046, "client_secret_expires_at": 1531313446, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218A80.C6E5.DDFD.6C3A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=abecb89a-c3e9-4f19-8d8d-5eec2e322084&nonce=cd13d301-75fc-48f9-98d2-3180535003a4&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Tue, 10 Jul 2018 12:50:46 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=b66bc4d1-c5c8-43e8-9067-fa1f29e143b4&scope=address+openid+profile+email&session_id=4041d1bc-608e-4046-bdc4-ac0d57031541&state=abecb89a-c3e9-4f19-8d8d-5eec2e322084&session_state=8cf52603-256e-4f50-ae2e-77c4a8ec2265 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1306 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:46 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4B35.7DF4.68E8.4BE6", "client_secret": "0422d4d1-85d2-4a41-993f-bc1481a71abc", "registration_access_token": "66811042-2840-41b8-acb4-50ec8e44fc07", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4B35.7DF4.68E8.4BE6", "client_id_issued_at": 1531227046, "client_secret_expires_at": 1531313446, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214B35.7DF4.68E8.4BE6&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=831ee017-1ca7-4c88-bc81-6a6e0d5d8b8e&nonce=30252078-3615-43f6-bb61-aba32a1080fe&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Tue, 10 Jul 2018 12:50:46 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=9b4e1ec0-2212-4615-b4d3-8ee4fc591b07&scope=address+openid+profile+email&session_id=ef46dc76-ab78-4c96-8d62-37e32c4e2926&state=831ee017-1ca7-4c88-bc81-6a6e0d5d8b8e&token_type=bearer&session_state=fb6c418b-ca03-45b2-b60d-4cafe9d6f6c2&expires_in=299 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:46 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FDA7.624B.083C.4697", "client_secret": "55226643-3130-4f34-839f-7ebd9719e28f", "registration_access_token": "159e2052-8a9d-4448-82e8-02118fe71644", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FDA7.624B.083C.4697", "client_id_issued_at": 1531227046, "client_secret_expires_at": 1531313446, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FDA7.624B.083C.4697&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1ef834ae-c292-473d-8ece-7e79ae4c3f3b&nonce=391dbb3f-79bd-4c8d-84dc-6a97dd6f21bc&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Tue, 10 Jul 2018 12:50:46 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGREE3LjYyNEIuMDgzQy40Njk3IiwiZXhwIjoxNTMxMjMwNjQ2LCJpYXQiOjE1MzEyMjcwNDYsIm5vbmNlIjoiMzkxZGJiM2YtNzliZC00YzhkLTg0ZGMtNmE5N2RkNmYyMWJjIiwiYXV0aF90aW1lIjoxNTMxMjI3MDQ2LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIxUzZKd01Jd01HUDNZVTRoZVJzS0c1My1DM0Jkc0k3d2hNMjhPLWtOX0NjIn0.FFwXXM6dTzlqOgK8v83coYq_x-3JzwspcT53UI1owzaGuOq16vXQsX1ISomZjaorbQcUcZS7J85GppZ_aJBQDLUMIhn7-zZWDS2U9o8cpJwpTxONT1dtJdih_v7pl-pMl3tSJ5fcvnGcZZW0vT09d3xdHJ1djc6JS9ymXRCHDg9917lGNb2Ctxy6xUrmR98ExESFgASB3lY_UdlTCJpl8rRMznMstifxGdB87vUfYkQqA2bvoUdYFlask3iWYMILHiRPSg1Thsaj58ilDayJefi8exr_6xFhTV5fFLEw940YqOQkYDIp-hmt5G5T_TDRy0QbnhMyy414YyxpGrueDQ&session_id=27af546a-0764-4557-a24f-34a30a4ab5bd&state=1ef834ae-c292-473d-8ece-7e79ae4c3f3b&session_state=51fa6200-3ac6-45be-86eb-cb84997d0260 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1405 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:46 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!13A7.DFE8.A9BF.E936", "client_secret": "c6d69ae9-7cb6-4654-b99b-5dc613302928", "registration_access_token": "e6ec6b7c-545d-487f-8992-61f9f42c532d", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!13A7.DFE8.A9BF.E936", "client_id_issued_at": 1531227046, "client_secret_expires_at": 1531313446, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2113A7.DFE8.A9BF.E936&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e4e45e16-9f32-4a56-83b3-f066a69a9f7d&nonce=3950622d-d8d8-47c7-a15b-e50f762655d9&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Tue, 10 Jul 2018 12:50:47 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=2b8d20a5-655f-4c9a-842b-b66d7eba4348&code=ce858676-5a2f-4771-8b6b-9045934f21f0&scope=address+openid+profile+email&session_id=cfb20d94-5d9d-44a3-8f68-616618a7d73e&state=e4e45e16-9f32-4a56-83b3-f066a69a9f7d&token_type=bearer&session_state=4d42b64d-89b8-47d3-8b06-88ca7f07a85f&expires_in=299 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:47 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8741.4DF7.4D7D.2149", "client_secret": "f37401ab-9721-4c03-b538-78b010de2e40", "registration_access_token": "43db59d5-6922-4951-a8d8-2fde59afd63b", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8741.4DF7.4D7D.2149", "client_id_issued_at": 1531227047, "client_secret_expires_at": 1531313447, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218741.4DF7.4D7D.2149&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=79e2cfd2-3b5e-4ca1-a68c-9a914e5c35de&nonce=2c56c12e-acf2-4c4b-96bf-a502f1c9220b&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Tue, 10 Jul 2018 12:50:47 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=ed1161f7-6c7c-4d73-9d19-46908387373f&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4NzQxLjRERjcuNEQ3RC4yMTQ5IiwiZXhwIjoxNTMxMjMwNjQ3LCJpYXQiOjE1MzEyMjcwNDcsIm5vbmNlIjoiMmM1NmMxMmUtYWNmMi00YzRiLTk2YmYtYTUwMmYxYzkyMjBiIiwiYXV0aF90aW1lIjoxNTMxMjI3MDQ3LCJjX2hhc2giOiJCczhUQ1FHUlFEdUdjX2dDQjlVbmtBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiLTY4UmpEZlV3QlZaamNlWi1TdEVqV2R2dVVtYkRmMVQ2NjRTZVFHeTVlVSJ9.iAPad_-OhuKi12qyD2CXULXvoO3pt8A0LSCVv5gwjbrqvS8JNaviu7JGZTVaZZxL5wnR-jdP1-_j4lrBxxTRIJpMg7upCvy_CtFRdPudTlpXjZeo29R38A30kJdOPirNivMD0p8SNhldpDJfi8dycRXjsmQdZyPetRPpdmPKpfJ84CH4x6ApsMMx9tQa-LjzdKnTSpw1Gq_cqV_zZQ-wSHKat9_hI-bgnTFzfUMRCoByeluMVbGOQrVx25dhHaK2WVvfp3Zqg08RiEp2x0MXd52Wy-JDkt5UAm48JPIqit1Oqv0d9zoc1Zz5H1AgOPomT4f021cJMsNNWzZan14buA&session_id=ad94c1cb-946e-4bb2-9588-22f445911359&state=79e2cfd2-3b5e-4ca1-a68c-9a914e5c35de&session_state=557bfc1b-a732-4e96-af48-e804ac40bf9c Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:47 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1858.41F5.00A9.B820", "client_secret": "96dc26a2-3797-45f2-89cd-405154baafa1", "registration_access_token": "28784368-5e16-4ccd-95cc-6b59d01c0c4f", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1858.41F5.00A9.B820", "client_id_issued_at": 1531227047, "client_secret_expires_at": 1531313447, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211858.41F5.00A9.B820&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6fcd59b3-21c2-4731-b94e-dd4c2edd688c&nonce=1f45576c-66ea-4b19-9525-4035bd7b27b7&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Tue, 10 Jul 2018 12:50:47 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=0583be4c-d31c-42be-99fc-2ba5ce4ef2a6&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExODU4LjQxRjUuMDBBOS5CODIwIiwiZXhwIjoxNTMxMjMwNjQ3LCJpYXQiOjE1MzEyMjcwNDcsIm5vbmNlIjoiMWY0NTU3NmMtNjZlYS00YjE5LTk1MjUtNDAzNWJkN2IyN2I3IiwiYXV0aF90aW1lIjoxNTMxMjI3MDQ3LCJhdF9oYXNoIjoiZEpTWUZHMWhiOGpIaGRsZUl4MmZvQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ii1Vd3NXQVAtNnZ5STE5S1BfNVBmcFl3RWZLQkYxTzVRLXpoSlFNS202YlEifQ.W35pgOa3YtC36UzqnCGQkkGeH1N--Wg2TpP54D8dWEm4YjRfCQLRsJppIGwclPf4LSztTaDmPJtNUnCJX7nMyZisXpAAln7V4OJtLlcdhh1Ubqy6J-nRaLwe1sDsXqv3S81vxRvl9aMLdx7dm0l33k4nisA8tar0BXGBc1VE42gZ1TtnT2k5cx-l81kNL-aoGf7-8sOcx6or51gmFp8yhlwpomZQjKJVcDr9Jt1y1-S_JWxBy3XsrKAYxXqf0lmU2CDI3FtQ34fx-teWtJepVIgiN79y3bVQlQslqVcr-kuQvfYqYLxajTfQhDGKBdhYNxMj3bZ6GJIaNnZzGPSL2A&session_id=e9375238-8131-459a-8507-92d5e7aaff5f&state=6fcd59b3-21c2-4731-b94e-dd4c2edd688c&token_type=bearer&session_state=1dc38986-f40e-4a70-a89c-fb8d206299b2&expires_in=299 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: AuthorizationResponseCustomHeaderTest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:47 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B529.9E59.6FBF.F624", "client_secret": "83e257e7-efb4-4a28-85f8-312c8cf73503", "registration_access_token": "2b7627c7-f2db-4b73-9002-c4353c08a838", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B529.9E59.6FBF.F624", "client_id_issued_at": 1531227047, "client_secret_expires_at": 1531313447, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code+token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B529.9E59.6FBF.F624&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e9081795-8aa8-41ec-96a0-de8a00ba9582&nonce=1d8aba1c-9721-421e-9acf-b7eaf2c21983&prompt=none&custom_response_headers=%5B%7B%22CustomHeader1%22%3A%22custom_header_value_1%22%7D%2C%7B%22CustomHeader3%22%3A%22custom_header_value_3%22%7D%2C%7B%22CustomHeader2%22%3A%22custom_header_value_2%22%7D%5D ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 CustomHeader1: custom_header_value_1 CustomHeader2: custom_header_value_2 CustomHeader3: custom_header_value_3 Date: Tue, 10 Jul 2018 12:50:47 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=8649ba58-457d-4cbe-b75c-9c15a3aaf7f9&code=6ee83c28-ebdd-4a56-9b2a-9dbaecb3d2a2&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCNTI5LjlFNTkuNkZCRi5GNjI0IiwiZXhwIjoxNTMxMjMwNjQ3LCJpYXQiOjE1MzEyMjcwNDcsIm5vbmNlIjoiMWQ4YWJhMWMtOTcyMS00MjFlLTlhY2YtYjdlYWYyYzIxOTgzIiwiYXV0aF90aW1lIjoxNTMxMjI3MDQ3LCJjX2hhc2giOiJwbVQ4RnZsRldFQ0NValppd0RERWpnIiwiYXRfaGFzaCI6Iko0bFhrWFZMNE9oVGxEeldheWd6MWciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiIwMXZBek44N0Y1YUpCTEUxSU45Rm5vYWZVR0V2MXVjLWctbzUxVXo1RU5VIn0.po2eIf04FJtSduFfnTkMfH7IoGNuyrcBzzWK9UmnHDtpkvjHwYEdovz431nuq_NOMZd7yCtY-4S9mFws29S6xiiYMddM5tRW262AxZDoUMvefj2vBTPe5UtptoOHHgo6NuW4EnY_ht2wzHzlZgvQt2mqwLdrMYe1I-rV-VLAX51Ioo7K71n5GEUy50ZuEd54SGsRcqL5bXjYVilPN4M7o2NHfx3qzlb1CvAzmCvakLsGn59srfi-WsOQ36qXFIlpQKo8mKpwPyfVd-hYkDDlMxze1CddljCPe9UWDdRCaZv_taboT1u-PNRvmiQARiGEPhkGT0_Bw4GpeTjBHjbcTw&session_id=b87e8168-0ccc-4f1b-b869-077328bdc765&state=e9081795-8aa8-41ec-96a0-de8a00ba9582&token_type=bearer&session_state=d2130942-8519-4200-b2fb-02aed4e9c664&expires_in=299 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:50:48 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:48 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: defaultResponseModeBasicCode ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:48 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!43F8.2433.24CB.CA73", "client_secret": "e5f36c01-b8a7-4f26-922d-dc1ce09c019e", "registration_access_token": "def30369-bace-455d-ab7e-708587ba77ed", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!43F8.2433.24CB.CA73", "client_id_issued_at": 1531227048, "client_secret_expires_at": 1531313448, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2143F8.2433.24CB.CA73&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b2446300-46d4-4ef3-b857-f35c0bb71aaf 08:51:15.993 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:cf6f1da1-74a8-4d77-97da-feb5bb1ab4a0 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2143F8.2433.24CB.CA73&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b2446300-46d4-4ef3-b857-f35c0bb71aaf ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=fa1e4f9d-3ddc-4352-8876-abd8f3412e73&scope=address+openid+profile+email&session_id=a87760d5-2f92-4817-bbf4-96fbd0c3b8ef&state=b2446300-46d4-4ef3-b857-f35c0bb71aaf&session_state=cf6f1da1-74a8-4d77-97da-feb5bb1ab4a0 ####################################################### TEST: defaultResponseModeHybridCodeIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:50 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!85FE.BB18.8B76.5163", "client_secret": "1492f766-633e-4829-912c-4bca0df8bbf1", "registration_access_token": "b1443053-158d-4a2c-909b-5714b55a9365", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!85FE.BB18.8B76.5163", "client_id_issued_at": 1531227050, "client_secret_expires_at": 1531313450, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2185FE.BB18.8B76.5163&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0b2c3ce5-3268-4a6f-9930-d0a835f84f37&nonce=ebd0a3c2-d20b-4e00-9f22-6096415e6bd8 08:51:17.828 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:129b690a-5e49-4e6a-9ac5-c330b4227c62 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2185FE.BB18.8B76.5163&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0b2c3ce5-3268-4a6f-9930-d0a835f84f37&nonce=ebd0a3c2-d20b-4e00-9f22-6096415e6bd8 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=1bbc7608-a196-4eb9-a1db-e3f0c409b6c0&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4NUZFLkJCMTguOEI3Ni41MTYzIiwiZXhwIjoxNTMxMjMwNjUxLCJpYXQiOjE1MzEyMjcwNTEsIm5vbmNlIjoiZWJkMGEzYzItZDIwYi00ZTAwLTlmMjItNjA5NjQxNWU2YmQ4IiwiYXV0aF90aW1lIjoxNTMxMjI3MDUxLCJjX2hhc2giOiJITjllVW9FWXVrbi1xbmFpNUxLcElnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoia0o2YTg1cWJuZkNzRTFuUHBoOXJKQlBOWUxZRFNTZmlRMzZUbWVYUHBYcyJ9.Jg1a30HAOWsb77x7ta12WMOXM1MH1SfPTOS4oGHeN5_Ko9EMoP2VzlKUVzS1LjV8bsL3W6r7iFdY9wt3Wb7bJSMTBFCALGZ3ZBxMXAVonI8b5luLsphjNC40hjv5GRhJhCF6c17c-tcXUYlE_lTLOLq17tkR6CKEeCpvUp4fpX2aNXVjX0F8DvHbud2pkWUjzxSW-9uPLT18xPsrZzxVhQYpf95U2vDFKkQr542BBDL9uMDiPzdmNy5qga-jNr_oxoT-FB-_tqvBSR1Qy0aBvZrGhe9dkgrcYwZGfqyaooaxpgrbhodluZU0tqOv3uL30bc3-z4sGJhH7WA6b3aj-w&session_id=b8ff2d1b-0001-47ab-b769-0a2ccb65e711&state=0b2c3ce5-3268-4a6f-9930-d0a835f84f37&session_state=129b690a-5e49-4e6a-9ac5-c330b4227c62 ####################################################### TEST: defaultResponseModeHybridCodeIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:51 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5DAF.F220.6986.B707", "client_secret": "7f562594-12ce-459d-b667-b6e343972957", "registration_access_token": "ab0cbd7e-0219-42fe-b8db-9572250a4aea", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5DAF.F220.6986.B707", "client_id_issued_at": 1531227051, "client_secret_expires_at": 1531313451, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215DAF.F220.6986.B707&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=10d362bb-5995-4272-b1bc-d7af99b1f24f&nonce=311cb51c-06e9-42b8-aaf7-f6844c0e70cc 08:51:19.763 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:025a91e0-6f71-4ba6-89f1-7f166e36a7d2 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215DAF.F220.6986.B707&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=10d362bb-5995-4272-b1bc-d7af99b1f24f&nonce=311cb51c-06e9-42b8-aaf7-f6844c0e70cc ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=d8c23b8e-f9a4-428e-b920-4c0ecde2a68a&code=ea72382c-a4ab-4f20-9794-a46e720db70a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1REFGLkYyMjAuNjk4Ni5CNzA3IiwiZXhwIjoxNTMxMjMwNjUzLCJpYXQiOjE1MzEyMjcwNTMsIm5vbmNlIjoiMzExY2I1MWMtMDZlOS00MmI4LWFhZjctZjY4NDRjMGU3MGNjIiwiYXV0aF90aW1lIjoxNTMxMjI3MDUzLCJjX2hhc2giOiJCQl9IU1R6c3VhWU5qU0dRdXVaZWd3IiwiYXRfaGFzaCI6Ilg4NlBlSjRuMEVPUXZLOUozNGUzeEEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJsUmdjVEtvNjMyNGlJc2RwTTdYdUJHSlpwNHNuVHFEUWYwSmwyNFpJVk44In0.dLw1qyrH9xadRL8mcmOxT10BcLqc5IfrC7q_EOhEgGk0jvw_XTNBzaAfQo9i1Z9JM9BjvYVxJb803ldcxiz6tSh6BCrI_A7dZrIrplWfbrcDaBROclxWBOq-smNeRmm8rzXaKnivUMYcI2REJFovmX6XilS5Lb89F5SXCIPCXLcjbvSSKcNCbUXL-7oWbkkhjEj8Z6mpU2ChClSD8zQi9g5AzSmGr-rFqO45dreI7NOuOiRYtLgbEaYhAclevWh9SDx-trgc3TvX_aB3f6aKJ9GutZwKQVIATO40ranVGGPMU2q7VvDeBNp2s_Y3R6GHhtealukFZnJVMCMIOfxpsg&session_id=70574ca5-7942-4871-9fb5-181ea6e45ac7&state=10d362bb-5995-4272-b1bc-d7af99b1f24f&token_type=bearer&session_state=025a91e0-6f71-4ba6-89f1-7f166e36a7d2&expires_in=299 ####################################################### TEST: defaultResponseModeHybridCodeToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1405 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:53 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5187.5182.3396.4D5D", "client_secret": "c0c64d28-cb45-4af9-88c5-a85de4934d77", "registration_access_token": "e9ce058c-bba3-443b-b696-ebbc23b6d336", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5187.5182.3396.4D5D", "client_id_issued_at": 1531227053, "client_secret_expires_at": 1531313453, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215187.5182.3396.4D5D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=10f5c12f-03f4-4efa-a808-c146a7fd2243&nonce=533d0d26-3973-4163-8b65-6d56f50ba78f 08:51:21.705 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:a26fc031-b1f3-4b58-9d12-cebc0237edf2 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215187.5182.3396.4D5D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=10f5c12f-03f4-4efa-a808-c146a7fd2243&nonce=533d0d26-3973-4163-8b65-6d56f50ba78f ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=8e04a9d9-1517-4095-a991-1cbb4b93571e&code=4bf66fec-b99b-4059-937e-23d2f00b3f77&scope=address+openid+profile+email&session_id=1abb651f-9594-4ef3-88eb-931fce46f4c4&state=10f5c12f-03f4-4efa-a808-c146a7fd2243&token_type=bearer&session_state=a26fc031-b1f3-4b58-9d12-cebc0237edf2&expires_in=299 ####################################################### TEST: defaultResponseModeImplicitIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:55 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E2F7.A74F.7C0A.C0E1", "client_secret": "82f47f2c-c8a4-4c7c-8137-0dd9a73e3e91", "registration_access_token": "72ba9167-e369-411d-a7a9-202949ebe787", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E2F7.A74F.7C0A.C0E1", "client_id_issued_at": 1531227055, "client_secret_expires_at": 1531313455, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E2F7.A74F.7C0A.C0E1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b2c41b53-4215-4d1b-8610-7eb7fde07677&nonce=3e72d60f-d208-44b3-9c25-9bb01f99adcc 08:51:23.443 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:56bb208c-938d-403a-9c38-52634f10a1c2 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E2F7.A74F.7C0A.C0E1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b2c41b53-4215-4d1b-8610-7eb7fde07677&nonce=3e72d60f-d208-44b3-9c25-9bb01f99adcc ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMkY3LkE3NEYuN0MwQS5DMEUxIiwiZXhwIjoxNTMxMjMwNjU3LCJpYXQiOjE1MzEyMjcwNTcsIm5vbmNlIjoiM2U3MmQ2MGYtZDIwOC00NGIzLTljMjUtOWJiMDFmOTlhZGNjIiwiYXV0aF90aW1lIjoxNTMxMjI3MDU3LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJ0LTdnVUdDVDhtSmVONkk1di1Jejh3Vnl4OGxYSGxBZ0FWUkJsc05RaGU0In0.qiS0Hl9qYo3Imjz8JNDal81nV2894BuLNXj0H-fN_c8pI9QEtwt8MfXQndYb77Jv65bG1cSf95UGWEj_bvOJ2dEK-v5j22RXeiTSlGJ2KDiTJ3_72WkUtom2pZ9FjBzIkYoNnmdGPcJgcIFNeeUB7ePT1gB7qhNOwg7fQJ0GljKGnDu4d2ZPdcc1e_dYuVB8KQ3EMrLLv-QPhY5Q-jOMbNd8CM3FQqNDbD-TVkKMtU0AyM1eRh9VXUTvdcplUheJ_iSY83qxPkMcYjTGpGP7sJcURFWm0ZW5P35fR8XhKyOLFheiJSJqwb5rL9ys-GQIvIZ5NQ2AK7iB1zVC4UUJfw&session_id=c2ad446a-29bf-4640-9191-cc536dd2049b&state=b2c41b53-4215-4d1b-8610-7eb7fde07677&session_state=56bb208c-938d-403a-9c38-52634f10a1c2 ####################################################### TEST: defaultResponseModeImplicitIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:57 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9B07.5E59.59D9.583B", "client_secret": "0050e59b-b9bf-4f7e-9569-892f42c7c8ea", "registration_access_token": "979ec826-9155-4484-a05e-ff83811a79f9", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9B07.5E59.59D9.583B", "client_id_issued_at": 1531227057, "client_secret_expires_at": 1531313457, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219B07.5E59.59D9.583B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b3bedbaa-e26d-4efb-80a9-2bfca094efa5&nonce=16c15005-aa81-4656-a94d-bbfbe696abaf 08:51:25.133 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:b258a9e3-488c-433e-be5f-d215b7f5c5a8 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219B07.5E59.59D9.583B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b3bedbaa-e26d-4efb-80a9-2bfca094efa5&nonce=16c15005-aa81-4656-a94d-bbfbe696abaf ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=ab251fca-b7e8-4107-8112-f68fc44f5eac&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5QjA3LjVFNTkuNTlEOS41ODNCIiwiZXhwIjoxNTMxMjMwNjU4LCJpYXQiOjE1MzEyMjcwNTgsIm5vbmNlIjoiMTZjMTUwMDUtYWE4MS00NjU2LWE5NGQtYmJmYmU2OTZhYmFmIiwiYXV0aF90aW1lIjoxNTMxMjI3MDU4LCJhdF9oYXNoIjoiYldEdUNYZ1VxZWdMMnpGOHE1TGNtUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Im9FcEUzaHJaLXUySWd5RHU0b2NqeFFFZEZtYTB0WTRFTkJkLTF1cjd1d0UifQ.jqHwvdfKMZbFyt8nt2TaUpkXGiyeATYA33shx-iUYf4Pn3CKemGOoKT1H_29L85nGiRG5llOwfK-sThgBqef38pvqq0xd34hq_BFOIc5GaufLsRSjlk4Tif9_4A2RZqsllt2XODb-Ry_kzSjFzOjYrGQ3lhBsOodLFF48n6jBVFu7ivUMgl8OPwCRBO1VzIV2CLdCIgAauw0VTwxwTbOgt1oPZ9YGEbXJEBe3ZV9H3l6Un6XZ8aV7w7uMwU46XJWotycCicWPjB9aMH0XeHr0LsWAwnXtLFWVGmnokdu9atVnpqiJjyba_pfXs84t5Us7uQ5ftF1hACgGxgeOVsGmA&session_id=cb46a54c-807b-4f88-99df-ae344ea427ef&state=b3bedbaa-e26d-4efb-80a9-2bfca094efa5&token_type=bearer&session_state=b258a9e3-488c-433e-be5f-d215b7f5c5a8&expires_in=299 ####################################################### TEST: formPostResponseModeBasicCode ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:50:59 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!47E2.5375.61C8.3D90", "client_secret": "b80deafd-5dbd-4a1b-aa77-cc57733cb356", "registration_access_token": "d239848b-d304-4b19-87b1-694f7b1fe719", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!47E2.5375.61C8.3D90", "client_id_issued_at": 1531227059, "client_secret_expires_at": 1531313459, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2147E2.5375.61C8.3D90&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bf603b9b-ca40-4771-a055-12012d5851f6&response_mode=form_post 08:51:26.931 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:8fd34d4c-7e5a-487d-a678-01e3e7bec6b0 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2147E2.5375.61C8.3D90&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bf603b9b-ca40-4771-a055-12012d5851f6&response_mode=form_post ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm ####################################################### TEST: formPostResponseModeHybridCodeIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:01 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4239.D22F.5BCE.E487", "client_secret": "5feea826-c178-4df3-a842-37daa1491372", "registration_access_token": "ea1551d7-1a3a-4a79-a276-507a2b43df10", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4239.D22F.5BCE.E487", "client_id_issued_at": 1531227061, "client_secret_expires_at": 1531313461, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214239.D22F.5BCE.E487&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=77878041-82fd-4893-9bb8-b8f7bf9494e6&response_mode=form_post&nonce=84540c18-f904-45a9-91b2-b4178a1a82cd 08:51:28.887 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:3954875c-913a-42bf-84ec-4d362b61f729 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214239.D22F.5BCE.E487&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=77878041-82fd-4893-9bb8-b8f7bf9494e6&response_mode=form_post&nonce=84540c18-f904-45a9-91b2-b4178a1a82cd ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm ####################################################### TEST: formPostResponseModeHybridCodeIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:02 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B668.10A0.8FE0.C1F4", "client_secret": "ba54c99d-3592-4e5e-a6a0-0eece427ef7b", "registration_access_token": "d24e2e0a-c8d4-4683-93ed-2e716f3dddea", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B668.10A0.8FE0.C1F4", "client_id_issued_at": 1531227062, "client_secret_expires_at": 1531313462, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B668.10A0.8FE0.C1F4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=935e4e03-fc1e-477d-9c7b-e46664c092ad&response_mode=form_post&nonce=488591a4-5d77-4897-8940-87c9506ae4b7 08:51:30.603 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:bd8b64c4-ab3e-4072-ae31-3cf4012124d4 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B668.10A0.8FE0.C1F4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=935e4e03-fc1e-477d-9c7b-e46664c092ad&response_mode=form_post&nonce=488591a4-5d77-4897-8940-87c9506ae4b7 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm ####################################################### TEST: formPostResponseModeHybridCodeToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1405 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:04 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7D9D.BCC7.97EF.3CB4", "client_secret": "416126c9-7157-4c6d-b90b-b5dc1dbe774b", "registration_access_token": "5d9a7a2b-cf6d-46e7-b04b-d968f834c586", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7D9D.BCC7.97EF.3CB4", "client_id_issued_at": 1531227064, "client_secret_expires_at": 1531313464, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217D9D.BCC7.97EF.3CB4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ab161add-ecb7-4f6b-a3be-b68c046c6c64&response_mode=form_post&nonce=fccbd400-8960-49bc-ac64-8b6f1cb64ceb 08:51:32.310 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:a2e2d424-c7b1-48ca-9e46-35f4727c764e ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217D9D.BCC7.97EF.3CB4&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ab161add-ecb7-4f6b-a3be-b68c046c6c64&response_mode=form_post&nonce=fccbd400-8960-49bc-ac64-8b6f1cb64ceb ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm ####################################################### TEST: formPostResponseModeImplicitIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:06 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9B61.2A91.4D8A.9ADD", "client_secret": "78057f2b-f250-4e31-849b-ba1b71b80f8d", "registration_access_token": "81249c72-21a8-40ed-8b92-48d05b28c260", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9B61.2A91.4D8A.9ADD", "client_id_issued_at": 1531227066, "client_secret_expires_at": 1531313466, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219B61.2A91.4D8A.9ADD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3314f408-7f64-4abe-9cf5-6e1e68b25abf&response_mode=form_post&nonce=fdffac33-bf31-4e27-969f-7cec748c90ed 08:51:34.165 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:28b05bb7-ccf6-46cf-9a8a-038b38f23f79 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219B61.2A91.4D8A.9ADD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3314f408-7f64-4abe-9cf5-6e1e68b25abf&response_mode=form_post&nonce=fdffac33-bf31-4e27-969f-7cec748c90ed ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm ####################################################### TEST: formPostResponseModeImplicitIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:08 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C9D3.36AB.1CD5.F693", "client_secret": "7cd6f3a7-0969-4690-bd88-63db21f6aaaa", "registration_access_token": "93fab09e-2f08-4b9b-9e88-0736020ccb4d", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C9D3.36AB.1CD5.F693", "client_id_issued_at": 1531227068, "client_secret_expires_at": 1531313468, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C9D3.36AB.1CD5.F693&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6ba17abe-16cd-4818-afe9-33f0f1f00a56&response_mode=form_post&nonce=bc56de02-0ecc-4b2b-94b9-ae2a0213512f 08:51:35.950 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:b4f46603-90d7-460d-87a7-8d20775c72be ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C9D3.36AB.1CD5.F693&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6ba17abe-16cd-4818-afe9-33f0f1f00a56&response_mode=form_post&nonce=bc56de02-0ecc-4b2b-94b9-ae2a0213512f ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm ####################################################### TEST: fragmentResponseModeBasicCode ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:09 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5934.A1C2.C944.2FF8", "client_secret": "f7a3c92d-9d79-4649-8199-f32b07ad0718", "registration_access_token": "e26d3565-fbb6-422e-a177-7c0fac07ec24", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5934.A1C2.C944.2FF8", "client_id_issued_at": 1531227069, "client_secret_expires_at": 1531313469, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215934.A1C2.C944.2FF8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ef60f82f-31d8-4689-8b97-57a44e21ed0e&response_mode=fragment 08:51:37.689 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:1505e00b-e079-4fe1-90a8-6a4c654321d7 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215934.A1C2.C944.2FF8&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ef60f82f-31d8-4689-8b97-57a44e21ed0e&response_mode=fragment ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=a4217b4e-a9f2-42b3-9833-366d49d9a9e7&scope=address+openid+profile+email&session_id=a4c2037f-4f66-4739-a72f-1ffae1061da1&state=ef60f82f-31d8-4689-8b97-57a44e21ed0e&session_state=1505e00b-e079-4fe1-90a8-6a4c654321d7 ####################################################### TEST: fragmentResponseModeHybridCodeIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:11 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62A4.5ED8.103B.5BBB", "client_secret": "c5cf152c-c9dc-4b35-a4ed-b47921f1b1ec", "registration_access_token": "b5c8fd58-85c8-4b7a-a109-31fadefa1d91", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!62A4.5ED8.103B.5BBB", "client_id_issued_at": 1531227071, "client_secret_expires_at": 1531313471, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2162A4.5ED8.103B.5BBB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=13325fb7-9387-4cab-b1d7-2767dbb0a51a&response_mode=fragment&nonce=11c370ec-5ade-48d7-b2a3-977783f362d9 08:51:39.358 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:c28ff7da-f254-418c-bdff-e2fc1fc8c730 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2162A4.5ED8.103B.5BBB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=13325fb7-9387-4cab-b1d7-2767dbb0a51a&response_mode=fragment&nonce=11c370ec-5ade-48d7-b2a3-977783f362d9 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=01abe663-57e0-4b4a-9bcf-ded2e44c8c3c&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MkE0LjVFRDguMTAzQi41QkJCIiwiZXhwIjoxNTMxMjMwNjczLCJpYXQiOjE1MzEyMjcwNzMsIm5vbmNlIjoiMTFjMzcwZWMtNWFkZS00OGQ3LWIyYTMtOTc3NzgzZjM2MmQ5IiwiYXV0aF90aW1lIjoxNTMxMjI3MDczLCJjX2hhc2giOiJkaEhwS1kxcHNNNFJUeko2U0tidU9BIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoib3M2MVpCUWpuRS1TdXJnd2U1YTBEZV9LUkhnc0t2azFlVU9ha0dzSEk0dyJ9.nNVB-QECpCNyH6w8Hl0CitQYvaXm-oIU13R96CLxyAflJrIQyKsbnenFsIsufy_SvZwh3BDV-3HrZPH1wOpmh0m-0Y8J0Qi2R_-d7LKziBp6Izp15yGXA9X2CmFugLfKsu-mU63o-F7dVHw1lHMnhmmNyC2oCncjjFxYqluiyfftd8r40usYtpzn-0Z56PPXlsP1GD0xrMmWBmwEEJW9Ad1oqGzR49tmyvWymVKEs7ID3q5hoNlzNh6R17gnLiIvPoVzYDBNnAzfreOsZU9CQAU_a-9R4iz7ulw3APLfmAXxKLgLtKhQXh1fADZ0N-Rjs_14MnUsIahVFyQIiH08kQ&session_id=a5f9ba18-a99d-4d40-8d3f-8ad559ee226d&state=13325fb7-9387-4cab-b1d7-2767dbb0a51a&session_state=c28ff7da-f254-418c-bdff-e2fc1fc8c730 ####################################################### TEST: fragmentResponseModeHybridCodeIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:13 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4619.32B2.B25E.C652", "client_secret": "806b6312-b45e-46a0-912e-21e478be888f", "registration_access_token": "273fc89b-c9ad-4401-811f-0e0002f2764b", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4619.32B2.B25E.C652", "client_id_issued_at": 1531227073, "client_secret_expires_at": 1531313473, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214619.32B2.B25E.C652&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=df296643-bb72-4f9c-8e79-5a66693fb054&response_mode=fragment&nonce=ddf2e8e0-f0de-453c-9384-2921e7885461 08:51:41.172 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:6a8e160e-9a0c-4cfd-8b5a-a940b6764321 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214619.32B2.B25E.C652&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=df296643-bb72-4f9c-8e79-5a66693fb054&response_mode=fragment&nonce=ddf2e8e0-f0de-453c-9384-2921e7885461 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=9d243b82-15aa-4ec8-b925-3a280973604a&code=75e32f56-8db3-49fc-83b0-7b1013bef417&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0NjE5LjMyQjIuQjI1RS5DNjUyIiwiZXhwIjoxNTMxMjMwNjc0LCJpYXQiOjE1MzEyMjcwNzQsIm5vbmNlIjoiZGRmMmU4ZTAtZjBkZS00NTNjLTkzODQtMjkyMWU3ODg1NDYxIiwiYXV0aF90aW1lIjoxNTMxMjI3MDc0LCJjX2hhc2giOiJRVEJXdFgxZGd6dGk2YkkxOXlXS3B3IiwiYXRfaGFzaCI6IkFuS3BKNVFvS2lJSC0wcTdPNU1QdkEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiI4M2pNbEVWamhaaC1Qb3RaczZPXzN6ZzU0bWk2SGVlWE5EWTR1Q21TUFhVIn0.bz_WXfBHn9CCsmcBLv87r9J8tmG_B4iBjBqhvo1_6-pEhfupxB0mfM89fd6aqXwpdVtzLQcUTyoYyCbMQVh-0XWMG_A9-x6Ap0gLYHIg406XqzOT8syIw8WhCNEQEBcmUZKAdu7HsXa23732Lto46HRarUISZyDCspLkGjohbmkOGK0nyy4hZfQXg6vrTMfQKOPrB6M0UtzbYbuVsesskj-5z74lyQ72CQcq4JTHGbVfJE7uXxpO0qY9LLIwCutPrBYdnTkGw3tDYn51_SiIWPJCN7lupvU1ZE6CeclP4v5fcX0q0PEsQJLGH6Ic_rfcOubC2iozK95BmbL9zGGIQA&session_id=c6a5140f-ea05-4415-8b8d-4edea9b4bb07&state=df296643-bb72-4f9c-8e79-5a66693fb054&token_type=bearer&session_state=6a8e160e-9a0c-4cfd-8b5a-a940b6764321&expires_in=299 ####################################################### TEST: fragmentResponseModeHybridCodeToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1405 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:15 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5D74.8888.288E.3A9A", "client_secret": "13e0d38c-2c3a-4aad-b6e3-01d9729c8e83", "registration_access_token": "87e3ccf1-c0ba-466e-a04c-6265f6bdf0c0", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5D74.8888.288E.3A9A", "client_id_issued_at": 1531227075, "client_secret_expires_at": 1531313475, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215D74.8888.288E.3A9A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=78538581-238b-456a-8f8f-7376ab447035&response_mode=fragment&nonce=bb55cf65-e71e-4777-85f8-509e32487c40 08:51:42.886 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:e78ddde8-f1d1-47c3-84b3-c55be6763e63 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215D74.8888.288E.3A9A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=78538581-238b-456a-8f8f-7376ab447035&response_mode=fragment&nonce=bb55cf65-e71e-4777-85f8-509e32487c40 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=362dc543-52da-468f-bf6d-9493e161ed7e&code=22e40861-431c-44d7-9325-415543deaac6&scope=address+openid+profile+email&session_id=697a3aa6-0f4c-4fee-8a22-c3559e0a4823&state=78538581-238b-456a-8f8f-7376ab447035&token_type=bearer&session_state=e78ddde8-f1d1-47c3-84b3-c55be6763e63&expires_in=299 ####################################################### TEST: fragmentResponseModeImplicitIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:16 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0397.BF8C.8C28.DA8C", "client_secret": "39b2b261-5829-409d-a026-78f414e28831", "registration_access_token": "6509f877-1daa-493f-9027-2ef5d95525b7", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0397.BF8C.8C28.DA8C", "client_id_issued_at": 1531227076, "client_secret_expires_at": 1531313476, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210397.BF8C.8C28.DA8C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=34fe9ae7-51ab-4894-a8f1-1b8cb622c198&response_mode=fragment&nonce=2a10559c-cc26-4f73-8fce-9fbc8acd4e41 08:51:44.462 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:b578fb8d-ed2d-4a59-a86c-25adbc23b800 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210397.BF8C.8C28.DA8C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=34fe9ae7-51ab-4894-a8f1-1b8cb622c198&response_mode=fragment&nonce=2a10559c-cc26-4f73-8fce-9fbc8acd4e41 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwMzk3LkJGOEMuOEMyOC5EQThDIiwiZXhwIjoxNTMxMjMwNjc4LCJpYXQiOjE1MzEyMjcwNzgsIm5vbmNlIjoiMmExMDU1OWMtY2MyNi00ZjczLThmY2UtOWZiYzhhY2Q0ZTQxIiwiYXV0aF90aW1lIjoxNTMxMjI3MDc3LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJGeHlLRVBqbjVHS3d6YzIwbDI0R0kyRjlmR2RieDJnMHBST2dXZm1zRG1JIn0.WWIPcxO9Nah1kmN9w2kYQo1zU718m-dexUTBLbpNGL7ROuHe6nlY4f-t_pryZySw6np9sliE9cs_rRjE2fr7O2yts3fde_TJ2EEP3cyNjZv-YbqpUUGW1MGWCe9V1Te1H17kOTcXvRiVCOinsF7LNjSd6eXYYlTSX-IxnQRFxN3OLRGQQzQ1qt2-kMYvICSx4mMR_HBySTueoNBMlkNNnvIZjFqviLJq0dAxgTb4Ab4ltgP-gPWPWLq6IX3nweaUshDDMZEj8BgM55_XEgxtqpv1XU5SrNkNOHcrE45VKFrW2tdaJTv2qCthkIQdBCDI1AxLemfF0Gjon1c9RTLfNw&session_id=46e56575-5a95-4b3c-8537-bc5aede5d8e0&state=34fe9ae7-51ab-4894-a8f1-1b8cb622c198&session_state=b578fb8d-ed2d-4a59-a86c-25adbc23b800 ####################################################### TEST: fragmentResponseModeImplicitIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:18 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9A3B.2A37.1664.7035", "client_secret": "25b76795-c64a-4d26-a1d6-c08649410cfb", "registration_access_token": "b286b9f6-1fa8-4f74-b9cf-3793839c9b0c", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9A3B.2A37.1664.7035", "client_id_issued_at": 1531227078, "client_secret_expires_at": 1531313478, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219A3B.2A37.1664.7035&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9aa9c5f0-1c24-401d-a58c-cac42ec1eb6d&response_mode=fragment&nonce=0c58c633-d396-4246-9b59-297408f454cd 08:51:46.019 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:444faa1b-3bfc-43c7-8706-8ed574b293de ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219A3B.2A37.1664.7035&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9aa9c5f0-1c24-401d-a58c-cac42ec1eb6d&response_mode=fragment&nonce=0c58c633-d396-4246-9b59-297408f454cd ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=c3d14415-47f2-44f6-8dcf-c725c198873a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5QTNCLjJBMzcuMTY2NC43MDM1IiwiZXhwIjoxNTMxMjMwNjc5LCJpYXQiOjE1MzEyMjcwNzksIm5vbmNlIjoiMGM1OGM2MzMtZDM5Ni00MjQ2LTliNTktMjk3NDA4ZjQ1NGNkIiwiYXV0aF90aW1lIjoxNTMxMjI3MDc5LCJhdF9oYXNoIjoiU1JNbFphc0Exa01PV3pvbjZEYkJudyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InRYVEZpQ0l3OG9NZEx3U2N6bDlZeFM5WFJDQVlJcURTejN5elZHTU91RHMifQ.r23R2k20tYudxeNC4LBFCOvBFJtzbpBwx7nDPMPP3N4gpVD1KTwq1A6gaYzqfUZ6Jg_h8mOZmunqR1QxnVslf5y0UwioTwj7CRmMmYZW3nmx58aMnGDKKW7pRUIZkEw79eBU1H5QmLPl67MNrjbDeUf4AtjBsE47rSHiw0cscgpzFcWViBBUfSHXGG4ZculZTpDn0Fq07TB3yW74OSxmOHZdZ-a4s-8fBgfR72S-cNRcSztNwxt4ETq9oqC78G22FZ3GqsIGXJdp0onrxIYPF1vQKY4FPcxnQrVhWJ0SZwk28hdJnBHYTu0MGyw-U_iRambqi0vmfYDQUb1byRL-Pg&session_id=43f6ac40-da61-4a77-84d7-aa4e2e00aa1a&state=9aa9c5f0-1c24-401d-a58c-cac42ec1eb6d&token_type=bearer&session_state=444faa1b-3bfc-43c7-8706-8ed574b293de&expires_in=299 ####################################################### TEST: queryResponseModeBasicCode ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:20 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FF67.4371.88E3.C6CB", "client_secret": "9662c4c4-237a-499d-b9e5-a9dfba351e4a", "registration_access_token": "5ac60f5d-b9a6-4873-8e61-ead8660186c1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FF67.4371.88E3.C6CB", "client_id_issued_at": 1531227080, "client_secret_expires_at": 1531313480, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FF67.4371.88E3.C6CB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ba0b468e-b8e9-4f87-91dd-355f92a15d4f&response_mode=query 08:51:47.847 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:a7aaeea2-ca60-4cd3-9820-2dd0196e2607 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FF67.4371.88E3.C6CB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=ba0b468e-b8e9-4f87-91dd-355f92a15d4f&response_mode=query ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=221488d4-e076-4a01-a535-9851bdc4bd19&scope=address+openid+profile+email&session_id=09c24022-80a3-4c79-a72d-e42572bcc56d&state=ba0b468e-b8e9-4f87-91dd-355f92a15d4f&session_state=a7aaeea2-ca60-4cd3-9820-2dd0196e2607 ####################################################### TEST: queryResponseModeHybridCodeIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A9B5.10D7.4F1D.22FD", "client_secret": "8c359ff0-d627-4b2d-9022-e67e260403ba", "registration_access_token": "cb542405-834f-4a85-8f73-f3c5bd4716b8", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A9B5.10D7.4F1D.22FD", "client_id_issued_at": 1531227081, "client_secret_expires_at": 1531313481, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A9B5.10D7.4F1D.22FD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8dcda2b3-09be-41eb-9d8e-9b1751eb62ac&response_mode=query&nonce=499b9c6a-5f1b-4956-98e3-117c3242128f 08:51:49.583 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:95a2422c-4c0d-4666-a4af-98934936e97f ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21A9B5.10D7.4F1D.22FD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8dcda2b3-09be-41eb-9d8e-9b1751eb62ac&response_mode=query&nonce=499b9c6a-5f1b-4956-98e3-117c3242128f ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=8e87f2f2-6d40-4893-a58b-8f15833cf143&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBOUI1LjEwRDcuNEYxRC4yMkZEIiwiZXhwIjoxNTMxMjMwNjgzLCJpYXQiOjE1MzEyMjcwODMsIm5vbmNlIjoiNDk5YjljNmEtNWYxYi00OTU2LTk4ZTMtMTE3YzMyNDIxMjhmIiwiYXV0aF90aW1lIjoxNTMxMjI3MDgzLCJjX2hhc2giOiJxYkdTSERnZ3k3VzgzQTZoVjR2c213Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiNTJfSHpSUVVsMlBqQnlEOVpHRWNQTGlaSnNzNHFHWktKdUlibDM3anFrZyJ9.MuasD_bHYC4TnVPCVKVzSIyQ_BRxH6jsToc7gUSqtOOtAYyy4t7dq3K4zG7X1pruUI289DVITKQoH9_mJ3cX3yb6JYmxhjO9lvA67Z4q7iKo0SEy-XI8ovjGUxuEGSFjU7CG7IjPiaMg_858FsNzLtgig3n6fijYhDylL3CcvhsXDrXzZNnt4dRCp7ESoJrwSA5Gf3lX-llZbP_1BGu3rmKMxkZrwA6V6UxNfZ1RkAqACzBVgm4NHRg-0YE6_1MMg-W5HxwlMlTxzdjmxSWYHh3wTI-Bgwf55HseK--FDGVtqtNYJn61CWC8Me4gWQRq-t7uZ5_Smovf-KxrQapgzw&session_id=80f10373-0d10-4569-8cd4-7d96bf315695&state=8dcda2b3-09be-41eb-9d8e-9b1751eb62ac&session_state=95a2422c-4c0d-4666-a4af-98934936e97f ####################################################### TEST: queryResponseModeHybridCodeIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:23 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!51F1.26ED.A6C1.06A5", "client_secret": "6aff9f5b-cdf1-4469-bdb4-7ae6c68d65f8", "registration_access_token": "a45e9614-d3f7-4c06-856f-f7189ea9fec8", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!51F1.26ED.A6C1.06A5", "client_id_issued_at": 1531227083, "client_secret_expires_at": 1531313483, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2151F1.26ED.A6C1.06A5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7bc14d86-d2e4-406a-9059-29c9ef20e41b&response_mode=query&nonce=5a38109e-06fb-4c36-82a0-3d4a86ba8036 08:51:51.139 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:63e981ad-ba9e-4f7e-b1ba-b67ba460327a ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2151F1.26ED.A6C1.06A5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=7bc14d86-d2e4-406a-9059-29c9ef20e41b&response_mode=query&nonce=5a38109e-06fb-4c36-82a0-3d4a86ba8036 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=68d5f1bf-6b73-4fb6-b571-f00498f09217&code=7333f4d0-2a26-413f-a0c3-643ab243f6ec&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1MUYxLjI2RUQuQTZDMS4wNkE1IiwiZXhwIjoxNTMxMjMwNjg0LCJpYXQiOjE1MzEyMjcwODQsIm5vbmNlIjoiNWEzODEwOWUtMDZmYi00YzM2LTgyYTAtM2Q0YTg2YmE4MDM2IiwiYXV0aF90aW1lIjoxNTMxMjI3MDg0LCJjX2hhc2giOiJER3ZEZWtjNk4zbDZ2QW5GdThuaVZBIiwiYXRfaGFzaCI6IjZzMmNuVkpHY2M5bEhuMEVHQ254NGciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJ6bi1TYi1FbkJYeEVTYm9LYVVkRUVjcGxWN0pUUEdCeFAxQ2tlTWJuX3NRIn0.UZWsRa3jc1XbUxa8JYq9_-DcLopw13rolMptN_gDLlY51KHy8qqZZMTR7ot9d1BLUl4AE3mQzXEWjSrcUuX_whegGu6kXIGwYc_g5c__DkVTU1RK2c8NuxH6dquzbunArxXAS44wzhsz5m3GHbnJlqBhvYp2pj-SJkfnoS8rf3vJ_lyIbyOvEI9wJ4uxYf4OG5RNh43FWGdFrhVNDswqIkYRqQWAgtu7tVcU4gw9BLRVLdk8lW_FzOxrZtBI1LHDqxuOhBLYG9XHcUcJBkkn4txS7p99ysrBUC1nFUa2PtJXJIjrSzTE3D5C7rLIrfQ7e1cZJR1hw0DgXE1TXjVOBw&session_id=016a00b6-7a08-46fd-a096-3f19a4465a58&state=7bc14d86-d2e4-406a-9059-29c9ef20e41b&token_type=bearer&session_state=63e981ad-ba9e-4f7e-b1ba-b67ba460327a&expires_in=299 ####################################################### TEST: queryResponseModeHybridCodeToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1405 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:24 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B229.7BDA.55AE.71E2", "client_secret": "43651cf1-f779-4255-b725-56997aac3d24", "registration_access_token": "84f1f8cf-f366-4811-bc29-025651717f80", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B229.7BDA.55AE.71E2", "client_id_issued_at": 1531227084, "client_secret_expires_at": 1531313484, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B229.7BDA.55AE.71E2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=631c4b6c-c82b-4c05-9e54-931cef27239d&response_mode=query&nonce=73ef3d6e-a7a1-4622-b4aa-b3ae4e2db4a5 08:51:52.721 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:ef92513c-c861-4664-9d54-2dfeb45087ab ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B229.7BDA.55AE.71E2&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=631c4b6c-c82b-4c05-9e54-931cef27239d&response_mode=query&nonce=73ef3d6e-a7a1-4622-b4aa-b3ae4e2db4a5 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=1dda57e1-7503-4fc8-a9c3-d07574072555&code=859200b3-e71b-48e3-8b4f-19e0f417a596&scope=address+openid+profile+email&session_id=25de0562-7b65-4c24-bb2d-ad7e9f0e109a&state=631c4b6c-c82b-4c05-9e54-931cef27239d&token_type=bearer&session_state=ef92513c-c861-4664-9d54-2dfeb45087ab&expires_in=299 ####################################################### TEST: queryResponseModeImplicitIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3E1A.2DA6.5886.2317", "client_secret": "b454731e-0758-4661-9ad8-d1b46afbdb0c", "registration_access_token": "fe7b9c58-59b0-4aac-b79d-4e1242bf5537", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3E1A.2DA6.5886.2317", "client_id_issued_at": 1531227086, "client_secret_expires_at": 1531313486, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213E1A.2DA6.5886.2317&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=45dcc454-e401-4126-b297-f04a87600304&response_mode=query&nonce=415bf430-dae3-41fd-ab75-ccf2af591f19 08:51:54.270 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:7e6bf2f5-7a3e-49eb-949d-e75e3e65fd3d ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213E1A.2DA6.5886.2317&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=45dcc454-e401-4126-b297-f04a87600304&response_mode=query&nonce=415bf430-dae3-41fd-ab75-ccf2af591f19 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzRTFBLjJEQTYuNTg4Ni4yMzE3IiwiZXhwIjoxNTMxMjMwNjg3LCJpYXQiOjE1MzEyMjcwODcsIm5vbmNlIjoiNDE1YmY0MzAtZGFlMy00MWZkLWFiNzUtY2NmMmFmNTkxZjE5IiwiYXV0aF90aW1lIjoxNTMxMjI3MDg3LCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJQU1hzUUZnWThSNjBQZFRQbE5zLUJxaVZaRy1pLUlMMUZPS01qNHVtdWdZIn0.Hrg_aTNprOF3vxCZUaNVFAcdDxD3VkTrurIgjBWCRHqMRd4XxhPM2EP-bX19HovsTYS-C3x9Co7BuIbWGwzV023ExR432_MoDYb5JV6PYN87Q7t3Zx9KTMm0aAN8N4VAaSOS-LK9iPnXQLA7qs72s6xydCj6QX-pPbi1qUf9BDaEcJA5RymREi0Q-a9XRXP2zxiqPjW1d21Vk-AnVt90ASE1sJOBhUDeinAirVP43JaRQ1sjtMfiVokJYnSOKCfS5xwtqGphkQ95HixjAa1QNia8CVAFT_F0Qsv56yMM0rh9kFkW1L57zw58RuWCE17kw6QoRDeopIBJjoPb9BElRQ&session_id=2cb4de6c-c176-4fca-8fa9-6b786e5a6ab6&state=45dcc454-e401-4126-b297-f04a87600304&session_state=7e6bf2f5-7a3e-49eb-949d-e75e3e65fd3d ####################################################### TEST: queryResponseModeImplicitIdTokenToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "id_token", "token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:28 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!27E4.4BE3.6F61.48EA", "client_secret": "5a0c9066-7a7d-447f-af59-d2f1cd9b5be0", "registration_access_token": "611225c3-7bfb-4793-9dd6-8bec598b7365", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!27E4.4BE3.6F61.48EA", "client_id_issued_at": 1531227088, "client_secret_expires_at": 1531313488, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2127E4.4BE3.6F61.48EA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=08e1598f-8292-4e16-af05-e3dc08b0816e&response_mode=query&nonce=ec2ea19d-d4da-496f-9fe4-28801dbf015f 08:51:55.815 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:8a34513e-c41d-43f3-901a-473abdb47ac1 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token+token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2127E4.4BE3.6F61.48EA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=08e1598f-8292-4e16-af05-e3dc08b0816e&response_mode=query&nonce=ec2ea19d-d4da-496f-9fe4-28801dbf015f ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?access_token=340eeed0-89c7-4b60-bb6e-ad952a6e5ac5&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyN0U0LjRCRTMuNkY2MS40OEVBIiwiZXhwIjoxNTMxMjMwNjg5LCJpYXQiOjE1MzEyMjcwODksIm5vbmNlIjoiZWMyZWExOWQtZDRkYS00OTZmLTlmZTQtMjg4MDFkYmYwMTVmIiwiYXV0aF90aW1lIjoxNTMxMjI3MDg5LCJhdF9oYXNoIjoiUU13ajdJVWk3c0tqVDk1NGZva21LQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjBSRWpNNVhmVTYxbkQ2RElfR2s0RUtiWEhWcWQxT2loYjJaSi1Ib3YyZEkifQ.rJ8Ng8fAU8ohIGJZTEDUilFtfpixsRJd13B6xWFkA-b11yyLwcHI3q3PIYhjpRg7UHnHUyeL9AC7GE6HTn6TJ3wamM50e0mfyANciYTJwGpEKbE8fEZ01NvRKsYUzBAscZF_LtRFjxo_uKmutlTJmSAwPw06UK9F1VHZxNz0tXzjqbg1-jw6qI3FbNZXbkpNO02S75hLFReSkqWbWaY4qlWr0K8mwmV5pyCUtNper0zrym38NDfLOFW1FuWGSqmV4X84AZ33kVhkh5hB1kYT7tIcRkmnkMfKeGlY1XoZ95rxupFPrv49drrF42yDhof8S4q6bJ3KC2ddrD7jUNsxQQ&session_id=b2f228ca-64b5-47f2-842c-ed2f73440735&state=08e1598f-8292-4e16-af05-e3dc08b0816e&token_type=bearer&session_state=8a34513e-c41d-43f3-901a-473abdb47ac1&expires_in=299 ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:51:29 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:29 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: requestAuthorizationAccessToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:29 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C0E.6AE0.739A.85B1", "client_secret": "12b98e32-272e-42c6-a26c-8f1df80e2448", "registration_access_token": "555f6ff9-f8b7-41e8-8a05-669e23b5412e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C0E.6AE0.739A.85B1", "client_id_issued_at": 1531227089, "client_secret_expires_at": 1531313489, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 555f6ff9-f8b7-41e8-8a05-669e23b5412e ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:29 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C0E.6AE0.739A.85B1", "client_secret": "12b98e32-272e-42c6-a26c-8f1df80e2448", "registration_access_token": "555f6ff9-f8b7-41e8-8a05-669e23b5412e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1C0E.6AE0.739A.85B1", "client_id_issued_at": 1531227089, "client_secret_expires_at": 1531313489, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211C0E.6AE0.739A.85B1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4b790b62-9802-48e8-8635-251d0315b443&nonce=81780508-b7cf-4a79-b926-27dfd1264f52 08:51:57.715 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:a65238d0-8bef-49e9-9db9-0ec8a82ac7e6 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211C0E.6AE0.739A.85B1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4b790b62-9802-48e8-8635-251d0315b443&nonce=81780508-b7cf-4a79-b926-27dfd1264f52 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=41bcfaf4-20c8-4830-968e-e25b9b4e729a&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQzBFLjZBRTAuNzM5QS44NUIxIiwiZXhwIjoxNTMxMjMwNjkxLCJpYXQiOjE1MzEyMjcwOTEsIm5vbmNlIjoiODE3ODA1MDgtYjdjZi00YTc5LWI5MjYtMjdkZmQxMjY0ZjUyIiwiYXV0aF90aW1lIjoxNTMxMjI3MDkxLCJhdF9oYXNoIjoiTW8yS0NEb1RFLWVLMWhiNkI1S2hJUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InNweDZwX29FRXVRdldiRy1yQTN2REE5anR2M3RSbVZEbVlqOGhMczVDWW8ifQ.RHIASwUzMXdSqitKLQw_6IxTyUwTQZA5wWBZXeKERc97Q44ypYhiCOk-vZdpQF4LnEco90dfjii4_Mayj1wSiB8OVM3LZ611n5eYhd5T0a0X6R0u745NGDfj8p0laZxHyWuHNpHgwWB4XKNIB88fSHFKxq8TdxWxBQX3b8nP5goHWpGVgzbBukCiFC4WA6GDwtzHbhYUSUHjKM8kbvLCWkgr_X-w-hh2_84d68Ze9vVKCjxtTG4UP2k9L2I8mjByGR9HQfuRmKUlOV51SSSvzBWOdvGDvUiKpYw4ICNjoYgBd_O9aJXWB_HlRU7zafqHGLjPox0gBk8JA7uo_tE4DA&session_id=a4a72f0b-d8e2-40f9-84be-8c72cbc71871&state=4b790b62-9802-48e8-8635-251d0315b443&token_type=bearer&session_state=a65238d0-8bef-49e9-9db9-0ec8a82ac7e6&expires_in=299 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211C0E.6AE0.739A.85B1&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9bf0c517-9c43-42b2-a9f2-d7564048e227&nonce=ac8e0cb2-8923-4813-ac95-158f481017d0&prompt=none&access_token=41bcfaf4-20c8-4830-968e-e25b9b4e729a ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Tue, 10 Jul 2018 12:51:31 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=de6ed70a-9296-4b74-9410-923ec61cb9ea&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQzBFLjZBRTAuNzM5QS44NUIxIiwiZXhwIjoxNTMxMjMwNjkxLCJpYXQiOjE1MzEyMjcwOTEsIm5vbmNlIjoiYWM4ZTBjYjItODkyMy00ODEzLWFjOTUtMTU4ZjQ4MTAxN2QwIiwiYXV0aF90aW1lIjoxNTMxMjI3MDkxLCJjX2hhc2giOiJnWWEwZVhGejk3bjRULTRYY1JvMllnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoic3B4NnBfb0VFdVF2V2JHLXJBM3ZEQTlqdHYzdFJtVkRtWWo4aExzNUNZbyJ9.czgMD7mJaqphWIoGGPfhj7wqhMBu_6BTd-6Yu0f7HEApd1ylwSYXnRMPK4z9xJKXjbDfdrtKhm9ZKuxkR9KEsk208tVy0nNQY9jvgR1wGcWeOPcWo7bl4P7cUqjD_Q54ofTdjiyGOORHxzYC0REqbJKIzAK7J5HjU6JcNZpOn-GHe9sA_VlgQ7Q2UIrrFmKXBrzGg3MRLqjwotr0XmqqISmRhUummwjtlaMgRtVYnMaRfum8WYI9VWbILyVpQQwUp3v3d-thITS1hcfF7_Rx2LXnam3itRV4CAWYNytKuJ3tOE4bZjaoYpbxWsy-YoHIINdy3VhM8oKlqgG2inxjrg&session_id=0570a323-7986-45ed-919a-302681e38735&state=9bf0c517-9c43-42b2-a9f2-d7564048e227&session_state=babf1d83-e8c6-4469-8943-925fe41ad5e5 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMUMwRS42QUUwLjczOUEuODVCMToxMmI5OGUzMi0yNzJlLTQyYzYtYTI2Yy04ZjFkZjgwZTI0NDg= grant_type=authorization_code&code=de6ed70a-9296-4b74-9410-923ec61cb9ea&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:31 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"465860a4-6c6b-406a-8656-92209d8cbeca","token_type":"bearer","expires_in":299,"refresh_token":"f31faa91-dc7b-4c40-8c5b-75843b6c4b1c","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExQzBFLjZBRTAuNzM5QS44NUIxIiwiZXhwIjoxNTMxMjMwNjkxLCJpYXQiOjE1MzEyMjcwOTEsIm5vbmNlIjoiYWM4ZTBjYjItODkyMy00ODEzLWFjOTUtMTU4ZjQ4MTAxN2QwIiwiYXV0aF90aW1lIjoxNTMxMjI3MDkxLCJhdF9oYXNoIjoiX3l1anY0OGI2dXJzRXVQWmxQU1J4ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InNweDZwX29FRXVRdldiRy1yQTN2REE5anR2M3RSbVZEbVlqOGhMczVDWW8ifQ.CUjn0kwBGWQRAFNe3wqaMpSjfysTZGGAFOCFtmjW4XwTYLFDo82Hyvp3sS2axZu9k0wgZl66GF_AdoqGWx2UUgzeG4II5lAPrub6dwXJuD8uak9Qo-4dmMDp2VeKD3sv3fLqEdb6z3e7Ixpeqmqaww7fdUk6184bLBQyaON-GqzvK3KOPlwzLid0Bhy2mNaAc1XmMAzlyNDeXemmcI8f-qAFS0tyrxUTb5w7wZ7kqa6N3zry9d0SejpOakCncVIS7XuzsNdk8OY0b_Q6O2p2XsjbHUi6sLJDBGguM9JRgSfTaTVP5dx7pJh7omjbji7qEWFKDWXrVK9aQVJJPK9HZg"} ####################################################### TEST: requestAuthorizationAccessTokenFail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:31 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EEC7.1F21.380A.F67F", "client_secret": "93be267f-c0ec-4f03-84ec-a1a27dc9449e", "registration_access_token": "abb415b5-1104-4dc7-bf79-d65dca200a44", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EEC7.1F21.380A.F67F", "client_id_issued_at": 1531227091, "client_secret_expires_at": 1531313491, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer abb415b5-1104-4dc7-bf79-d65dca200a44 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:31 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EEC7.1F21.380A.F67F", "client_secret": "93be267f-c0ec-4f03-84ec-a1a27dc9449e", "registration_access_token": "abb415b5-1104-4dc7-bf79-d65dca200a44", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EEC7.1F21.380A.F67F", "client_id_issued_at": 1531227091, "client_secret_expires_at": 1531313491, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21EEC7.1F21.380A.F67F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9a197053-96ed-4681-bd45-d1ff9f6eae7e&prompt=none&access_token=INVALID_ACCESS_TOKEN ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Tue, 10 Jul 2018 12:51:31 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=9a197053-96ed-4681-bd45-d1ff9f6eae7e&error=invalid_request Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: requestAuthorizationAccessTokenUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:31 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F46F.456B.DBBE.F685", "client_secret": "aca6b00c-c4e8-4c81-87d5-d5286bb4c2a4", "registration_access_token": "e6c9edd2-16b4-4ebe-8f21-2dd1515361d3", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F46F.456B.DBBE.F685", "client_id_issued_at": 1531227091, "client_secret_expires_at": 1531313491, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer e6c9edd2-16b4-4ebe-8f21-2dd1515361d3 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:32 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F46F.456B.DBBE.F685", "client_secret": "aca6b00c-c4e8-4c81-87d5-d5286bb4c2a4", "registration_access_token": "e6c9edd2-16b4-4ebe-8f21-2dd1515361d3", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F46F.456B.DBBE.F685", "client_id_issued_at": 1531227091, "client_secret_expires_at": 1531313491, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F46F.456B.DBBE.F685&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3f5fcdce-49cd-4d19-a597-e32bb5f73056&nonce=db887c69-3274-46be-b081-85938387bd85 08:51:59.776 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:81161eb1-864c-4cb6-8597-08b4f590e32f ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F46F.456B.DBBE.F685&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3f5fcdce-49cd-4d19-a597-e32bb5f73056&nonce=db887c69-3274-46be-b081-85938387bd85 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=ef99c10a-fdd5-448c-9ec2-ebd819424395&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGNDZGLjQ1NkIuREJCRS5GNjg1IiwiZXhwIjoxNTMxMjMwNjkzLCJpYXQiOjE1MzEyMjcwOTMsIm5vbmNlIjoiZGI4ODdjNjktMzI3NC00NmJlLWIwODEtODU5MzgzODdiZDg1IiwiYXV0aF90aW1lIjoxNTMxMjI3MDkzLCJhdF9oYXNoIjoibE9VNmIxeWk4d3hua2pLZ0JFU25KUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlZUbWRtSXIweUttblFaTExiTXZlSjEwaGxYTTRGS0FfZ3JHX2RuZU5EaEkifQ.W1jCvuIMYT7kOLyLa5tjfcSN27-GlIXoNLXZtd2AeXhw1rcZa-d8heWdjnJ4bFfq20MCqN7wEkNv9cWcImp0Yhl7L53yzBrw3WoMWLM4j5K1-_C9ASq9hvX1G-KeWdI2M6CPQZs1a-pRszCcZFW0dmNw0TJ7NFv-ijlj8oKRczIr7g_T3XgsvPmJe9fGEiAWtB063qtPtiRbfTBR2Y2OR5LbPUaV1Z3Tk5ERc-AvSyobwC5DN7ewcVJ6TSCqdEJPNJpxklxJiS2Hv-18T725vA8aud5r-3ciBXGtt3ijuN-zBom4EtaLwRsgEhbqR9MRb-KKExyyCByCuaItkub1TA&session_id=c1c305dc-c95d-4631-ac3b-307b30243aba&state=3f5fcdce-49cd-4d19-a597-e32bb5f73056&token_type=bearer&session_state=81161eb1-864c-4cb6-8597-08b4f590e32f&expires_in=299 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F46F.456B.DBBE.F685&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dba9b936-faaf-4302-8e8d-99840ea058f9&nonce=03355863-f9fe-4547-a7bf-d9b43fb4e56e&prompt=none&access_token=ef99c10a-fdd5-448c-9ec2-ebd819424395 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Tue, 10 Jul 2018 12:51:33 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=e9056065-2f2b-4514-93e3-136d0dbf54f6&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGNDZGLjQ1NkIuREJCRS5GNjg1IiwiZXhwIjoxNTMxMjMwNjkzLCJpYXQiOjE1MzEyMjcwOTMsIm5vbmNlIjoiMDMzNTU4NjMtZjlmZS00NTQ3LWE3YmYtZDliNDNmYjRlNTZlIiwiYXV0aF90aW1lIjoxNTMxMjI3MDkzLCJjX2hhc2giOiIzeWdkTlN5eDB5aVB2UVhWeUJDWEZRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiVlRtZG1JcjB5S21uUVpMTGJNdmVKMTBobFhNNEZLQV9nckdfZG5lTkRoSSJ9.XZsnlWgPJprY1Kvb0N3MAwuCPfZY-2q3vPrQEGlRMdIuqAuXbEFGNDK3epdZVyoyEhzUWJSisqmMHc8u1nsALq1GUEK6Rq2X4gVWsItLshBJvMKL3uJTAdd9YJcU-XA7j6ybVGAVX3LY6H-7oaX9sO7zKqYwKKRqd5jFDgRpsgrhY9kgRZZc5CZpvGevROGzGi3QMUC0S9Oi_gKf0TsgdduSDcgXWRBLDfp4_sJfynSX5r3IwFxICwF7Kxo0fSfOEkaFQv1TG4swMOt-SVviz0hrhBVIjjxOadO3RsFjS-p62ft4lESBhJXntf1Lz5vuVAMnAKSIXGbO2E4nWFqBOw&session_id=02ef6b43-758a-4a51-8d78-80693bf48f41&state=dba9b936-faaf-4302-8e8d-99840ea058f9&session_state=89618eab-bb3a-4eba-b0ae-0aa4603bbc69 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRjQ2Ri40NTZCLkRCQkUuRjY4NTphY2E2YjAwYy1jNGU4LTRjODEtODdkNS1kNTI4NmJiNGMyYTQ= grant_type=authorization_code&code=e9056065-2f2b-4514-93e3-136d0dbf54f6&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:33 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"39feba75-bcb7-45bc-9f4c-588284c599f0","token_type":"bearer","expires_in":299,"refresh_token":"81cd7fa3-4645-4e1b-9b90-a8f1b3708699","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGNDZGLjQ1NkIuREJCRS5GNjg1IiwiZXhwIjoxNTMxMjMwNjkzLCJpYXQiOjE1MzEyMjcwOTMsIm5vbmNlIjoiMDMzNTU4NjMtZjlmZS00NTQ3LWE3YmYtZDliNDNmYjRlNTZlIiwiYXV0aF90aW1lIjoxNTMxMjI3MDkzLCJhdF9oYXNoIjoiaUp1RWZZUFFEeWZXZ1lfVGZrVzc2QSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlZUbWRtSXIweUttblFaTExiTXZlSjEwaGxYTTRGS0FfZ3JHX2RuZU5EaEkifQ.jGNDVCuDHz6EpOIJ-hUZB1RgFzLD0bTx3f--zklldKcwRgwmzxkK3fYBbGY_8X9GkWWLMoJeLWs0ENLUu0AeQFzyWTzjkZjZF45juveFjm_vGLTjicrvieCC5-uCzrt3eyKrWyuhwzBjFLE738l6SnR4kiF7cUH1D7nyvbWyWWkw5-DMOTM8ro18lDQ8ZEws7GKZl7LwgM7cFAYDT8AgLiwykf0LIhB01Wa9nfNVRjfuID4TmEYJm9OKLlq1Z_9JiaBCWTyRb_iKdFrYLV_QAk-KI2ViD8l-2Uib6zJUkQcicTcXA6Qp8ljjuDL3OJEZLy4GZK2P5MC-rnJDzEU71A"} ####################################################### TEST: requestAuthorizationCode ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!19A4.A03E.0FEC.F5A3", "client_secret": "08ff3023-9516-4ba8-a260-fcee20281966", "registration_access_token": "a090ef7e-818b-497c-a98c-ea50734e5408", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!19A4.A03E.0FEC.F5A3", "client_id_issued_at": 1531227094, "client_secret_expires_at": 1531313494, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer a090ef7e-818b-497c-a98c-ea50734e5408 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!19A4.A03E.0FEC.F5A3", "client_secret": "08ff3023-9516-4ba8-a260-fcee20281966", "registration_access_token": "a090ef7e-818b-497c-a98c-ea50734e5408", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!19A4.A03E.0FEC.F5A3", "client_id_issued_at": 1531227094, "client_secret_expires_at": 1531313494, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2119A4.A03E.0FEC.F5A3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f70c79d0-5570-48a4-b751-e6c29dfec27a 08:52:02.007 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:002a726d-0d8f-4c5f-8417-39726df524cf ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2119A4.A03E.0FEC.F5A3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f70c79d0-5570-48a4-b751-e6c29dfec27a ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=526b382b-e94b-4add-9477-8cfb55d3b93b&scope=address+openid+profile+email&session_id=79f6f962-96a9-4706-9bc4-d4a9493f83ce&state=f70c79d0-5570-48a4-b751-e6c29dfec27a&session_state=002a726d-0d8f-4c5f-8417-39726df524cf ####################################################### TEST: requestAuthorizationCodeFail1 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 175 Content-Type: text/plain Date: Tue, 10 Jul 2018 12:51:36 GMT Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed."} ####################################################### TEST: requestAuthorizationCodeFail2 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:36 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA0E.55F7.07C2.70F3", "client_secret": "e496f75d-8454-4559-b2e2-cd57c87bc79d", "registration_access_token": "13aeb070-5bf0-4bb7-abf8-e4ae0fecfad1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA0E.55F7.07C2.70F3", "client_id_issued_at": 1531227096, "client_secret_expires_at": 1531313496, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 13aeb070-5bf0-4bb7-abf8-e4ae0fecfad1 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:36 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA0E.55F7.07C2.70F3", "client_secret": "e496f75d-8454-4559-b2e2-cd57c87bc79d", "registration_access_token": "13aeb070-5bf0-4bb7-abf8-e4ae0fecfad1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DA0E.55F7.07C2.70F3", "client_id_issued_at": 1531227096, "client_secret_expires_at": 1531313496, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DA0E.55F7.07C2.70F3&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2FINVALID_REDIRECT_URI&state=59617794-433c-4880-9b02-27b40f43735a&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 220 Content-Type: text/plain Date: Tue, 10 Jul 2018 12:51:36 GMT Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"59617794-433c-4880-9b02-27b40f43735a"} ####################################################### TEST: requestAuthorizationCodeFail3 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org response_type=code&client_id=%40%211111%210008%21INVALID_VALUE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=4db3bf9e-cf42-494c-8857-a5af2800e05b ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 175 Content-Type: text/plain Date: Tue, 10 Jul 2018 12:51:36 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"unauthorized_client","error_description":"The client is not authorized to request an access token using this method.","state":"4db3bf9e-cf42-494c-8857-a5af2800e05b"} ####################################################### TEST: requestAuthorizationCodeIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:36 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8826.F8A2.952C.4A47", "client_secret": "22ed8824-75b6-49ef-8449-8dfbaf83e083", "registration_access_token": "24c26bd8-b349-4bdb-9ea1-ceba69a083a4", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8826.F8A2.952C.4A47", "client_id_issued_at": 1531227096, "client_secret_expires_at": 1531313496, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 24c26bd8-b349-4bdb-9ea1-ceba69a083a4 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:36 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8826.F8A2.952C.4A47", "client_secret": "22ed8824-75b6-49ef-8449-8dfbaf83e083", "registration_access_token": "24c26bd8-b349-4bdb-9ea1-ceba69a083a4", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8826.F8A2.952C.4A47", "client_id_issued_at": 1531227096, "client_secret_expires_at": 1531313496, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218826.F8A2.952C.4A47&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cda0b5a7-c7f3-46ab-a8e1-2eaa7bd7d3a5&nonce=9f661c59-a606-4ce6-a59e-3bd8445c405e 08:52:04.620 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:0954d43b-ea01-4fde-adcd-95d2e7dd4d3c ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218826.F8A2.952C.4A47&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cda0b5a7-c7f3-46ab-a8e1-2eaa7bd7d3a5&nonce=9f661c59-a606-4ce6-a59e-3bd8445c405e ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=9ef4ed93-6d5d-4473-925e-4e1dbde3485f&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4ODI2LkY4QTIuOTUyQy40QTQ3IiwiZXhwIjoxNTMxMjMwNjk4LCJpYXQiOjE1MzEyMjcwOTgsIm5vbmNlIjoiOWY2NjFjNTktYTYwNi00Y2U2LWE1OWUtM2JkODQ0NWM0MDVlIiwiYXV0aF90aW1lIjoxNTMxMjI3MDk4LCJjX2hhc2giOiJSbnM4czZ4ZDU2SUZfVHFVT2RhRzN3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiVUY4akNyUm5XOUR0ejYxYlJWZlhKV1NQODJXeGdVVmFEdUNqOHgwSXZscyJ9.cEfKFzxF_B1eV6b4bhlAEfXrBRcFyV-1uIvGmP3zsJPHK9pzgqZYm5eh31XdOtrxdxQi8yyXJLSZrJHbtek1ogtgEokD1KSe8YX3N0Gor-k1fcfDvPHxIWmcE5F8KRcrkVLwHBTTzBpQJ0XFcm6U8yuJqYO_FSm-7W5KhhLH9QcBOB6DA2qMFOOkZyIy4wWrUzzZOQfPTBXF4sbxUuCYkm-8LZg78LHdh0nvtOVmZrd_fJqGPjERfLZgxx-kYskBo1TWG7dN1VUE7KP4lUbpObFBVXSrRcARXWUzVD5pdqTDmomlRDu9bw9TfZSVsSk03cemRk2vQlaaRaFqqtwduQ&session_id=001081a1-34e7-4f6a-95b6-3ae08e17e86f&state=cda0b5a7-c7f3-46ab-a8e1-2eaa7bd7d3a5&session_state=0954d43b-ea01-4fde-adcd-95d2e7dd4d3c ####################################################### TEST: requestAuthorizationCodeIdTokenUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:38 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BE56.5A70.B985.C66C", "client_secret": "2ae045da-65e9-4f53-93f6-b83a88051ff6", "registration_access_token": "a767de8b-c837-4b69-9702-a59c65e597fa", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BE56.5A70.B985.C66C", "client_id_issued_at": 1531227098, "client_secret_expires_at": 1531313498, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer a767de8b-c837-4b69-9702-a59c65e597fa ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:38 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BE56.5A70.B985.C66C", "client_secret": "2ae045da-65e9-4f53-93f6-b83a88051ff6", "registration_access_token": "a767de8b-c837-4b69-9702-a59c65e597fa", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!BE56.5A70.B985.C66C", "client_id_issued_at": 1531227098, "client_secret_expires_at": 1531313498, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BE56.5A70.B985.C66C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2b021338-e367-4d1a-811b-c86b9293892e&nonce=378ff92a-44ae-44ea-b8ea-2f5af1c0e582 08:52:06.274 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:3c04af82-6b27-4265-a25b-4d527434f604 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21BE56.5A70.B985.C66C&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=2b021338-e367-4d1a-811b-c86b9293892e&nonce=378ff92a-44ae-44ea-b8ea-2f5af1c0e582 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=db141ced-04df-466f-a2a5-d8b3278a7ce2&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCRTU2LjVBNzAuQjk4NS5DNjZDIiwiZXhwIjoxNTMxMjMwNjk5LCJpYXQiOjE1MzEyMjcwOTksIm5vbmNlIjoiMzc4ZmY5MmEtNDRhZS00NGVhLWI4ZWEtMmY1YWYxYzBlNTgyIiwiYXV0aF90aW1lIjoxNTMxMjI3MDk5LCJjX2hhc2giOiJ0RnVOVUM5Z09KMVFUdVVYRHFZLWxBIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiZy1UeDNlcGNQOFhIWmNHWmFYN21PUDJGVnAwX3poeVhNb3ZEQUc4WkxTUSJ9.PqCvyrYEkmqh4cM5PsEgxpA0wl7S_2JtUt3bG63lRu8F7M9zFC82gN6Di3ZDLJJv3R7xbfzkHD00HVQlomQZBWpMRDQLIzdakRi4GBkntIfBH-Tk8EqpcNd3eHkCczC3S0iegriKRypzhb58Jy6Mo88eaoJ_dDeeLHqcIdIhgfYTJEvtkXqDzFAkIZT9CmRfh1R9hUNBsflZHSL0sJoUAaONTSQAwCrrDlMR3DHRR24h-VCpZc1d-Y3TwVQ4ZTCA2iZkOs3KXIKRinzznKJhRfOt6LfxfSakmRHZik8HvNv85tKTItyIRGRv2IyzqZhgyh0dvkAA77awR2JGqh_aNA&session_id=e8763ffd-7b08-4179-8117-27edddc82f8a&state=2b021338-e367-4d1a-811b-c86b9293892e&session_state=3c04af82-6b27-4265-a25b-4d527434f604 ####################################################### TEST: requestAuthorizationCodeNoRedirection ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:40 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5B34.B078.CAF0.558B", "client_secret": "330288ee-2377-447b-977a-c184dbcdbf91", "registration_access_token": "c75ff63a-6807-47d6-a1a0-86f1ae479bc8", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5B34.B078.CAF0.558B", "client_id_issued_at": 1531227100, "client_secret_expires_at": 1531313500, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer c75ff63a-6807-47d6-a1a0-86f1ae479bc8 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:40 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5B34.B078.CAF0.558B", "client_secret": "330288ee-2377-447b-977a-c184dbcdbf91", "registration_access_token": "c75ff63a-6807-47d6-a1a0-86f1ae479bc8", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5B34.B078.CAF0.558B", "client_id_issued_at": 1531227100, "client_secret_expires_at": 1531313500, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215B34.B078.CAF0.558B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=92d8439f-c426-4b7a-adb2-785c497031ef 08:52:07.957 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:0b86f780-2635-4240-9fc8-b740952ae7fa ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215B34.B078.CAF0.558B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=92d8439f-c426-4b7a-adb2-785c497031ef ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=bafa55a2-d796-4612-be55-ef383a5dc356&scope=address+openid+profile+email&session_id=029fac5b-c7f8-4a16-9dfc-8e9d29c764eb&state=92d8439f-c426-4b7a-adb2-785c497031ef&session_state=0b86f780-2635-4240-9fc8-b740952ae7fa ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org X-Gluu-NoRedirect: true response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215B34.B078.CAF0.558B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=92d8439f-c426-4b7a-adb2-785c497031ef ------------------------------------------------------- RESPONSE: ------------------------------------------------------- ####################################################### TEST: requestAuthorizationCodeUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:41 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E823.BF36.5BE5.8FCA", "client_secret": "492cdfb9-f510-4d96-ac7a-387db09ba536", "registration_access_token": "8c2827d5-438c-47f0-9ed0-0f544363a877", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E823.BF36.5BE5.8FCA", "client_id_issued_at": 1531227101, "client_secret_expires_at": 1531313501, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 8c2827d5-438c-47f0-9ed0-0f544363a877 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:41 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E823.BF36.5BE5.8FCA", "client_secret": "492cdfb9-f510-4d96-ac7a-387db09ba536", "registration_access_token": "8c2827d5-438c-47f0-9ed0-0f544363a877", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E823.BF36.5BE5.8FCA", "client_id_issued_at": 1531227101, "client_secret_expires_at": 1531313501, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E823.BF36.5BE5.8FCA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f21974de-a891-4794-bd41-b2a6b02e5569 08:52:09.596 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:1f95beaf-f8ec-49c8-9a4d-e55dadcb5dec ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E823.BF36.5BE5.8FCA&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f21974de-a891-4794-bd41-b2a6b02e5569 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=7e07d6bd-e9cc-47ef-b927-8bb3d2c9cf16&scope=address+openid+profile+email&session_id=bb526bd3-4f05-4c91-a671-2c79146af334&state=f21974de-a891-4794-bd41-b2a6b02e5569&session_state=1f95beaf-f8ec-49c8-9a4d-e55dadcb5dec ####################################################### TEST: requestAuthorizationCodeWithoutRedirectUri ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"], "application_type": "web", "client_name": "oxAuth test app" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1082 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:43 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AF3A.45B8.C95F.6857", "client_secret": "fd758fbc-6613-4af0-aaaf-53622dd7a706", "registration_access_token": "0b2377df-746a-452e-a5e2-e8dd7c30a43e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AF3A.45B8.C95F.6857", "client_id_issued_at": 1531227103, "client_secret_expires_at": 1531313503, "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AF3A.45B8.C95F.6857&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e26a6221-dbfe-4e05-b0fb-cb8f5411ae13 08:52:11.056 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:8a4c28c0-cebf-4102-8887-cb6e1b0ad59a ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AF3A.45B8.C95F.6857&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e26a6221-dbfe-4e05-b0fb-cb8f5411ae13 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=08900b44-57ff-4639-868a-46ccfc13ba68&scope=address+openid+profile+email&session_id=dff9a1a8-7c12-4548-9a36-612dc866b090&state=e26a6221-dbfe-4e05-b0fb-cb8f5411ae13&session_state=8a4c28c0-cebf-4102-8887-cb6e1b0ad59a ####################################################### TEST: requestAuthorizationCodeWithoutRedirectUriFail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:44 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!627C.5AC9.757D.19CC", "client_secret": "cace42c8-4589-4353-a0bb-610b00d9e56d", "registration_access_token": "7b99621e-9623-4fa2-82ad-cee29698404f", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!627C.5AC9.757D.19CC", "client_id_issued_at": 1531227104, "client_secret_expires_at": 1531313504, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21627C.5AC9.757D.19CC&scope=openid+profile+address+email&state=440072e8-428a-477d-bac4-e597cf5ae019&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 220 Content-Type: text/plain Date: Tue, 10 Jul 2018 12:51:44 GMT Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_request_redirect_uri","error_description":"The redirect_uri in the Authorization Request does not match any of the Client's pre-registered redirect_uris.","state":"440072e8-428a-477d-bac4-e597cf5ae019"} ####################################################### TEST: requestAuthorizationCodeWithoutRedirectUriUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"], "application_type": "web", "client_name": "oxAuth test app", "subject_type": "public", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1080 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:44 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6407.9F14.3F81.69D3", "client_secret": "60902086-3c3c-44d1-8ed8-1d599fb15651", "registration_access_token": "2672d360-a8cf-48a5-aa7d-a0d5b4565eca", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6407.9F14.3F81.69D3", "client_id_issued_at": 1531227104, "client_secret_expires_at": 1531313504, "redirect_uris": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "subject_type": "public", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216407.9F14.3F81.69D3&scope=openid+profile+address+email&state=a4d54ab0-55c9-4025-95ce-515f6033a670&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Tue, 10 Jul 2018 12:51:45 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=48d1950c-bc5c-4628-8635-5e28dee7d05b&scope=address+openid+profile+email&session_id=e11764e0-cb92-43a0-9f7c-3168d4897696&state=a4d54ab0-55c9-4025-95ce-515f6033a670&session_state=8fa22b58-bd7c-4d21-872e-7d7334b43238 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: requestAuthorizationDenyAccessThenGrantAccess ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:45 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B358.A120.2DC6.6A59", "client_secret": "d879b0b9-b205-4e11-94de-a293c23dc143", "registration_access_token": "af2a5deb-bd44-426d-b0a8-e5176633b782", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B358.A120.2DC6.6A59", "client_id_issued_at": 1531227105, "client_secret_expires_at": 1531313505, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B358.A120.2DC6.6A59&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c5d4f233-2a20-415d-8f33-a952e01de28d 08:52:12.853 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndDenyAccess: sessionId:56493240-44c4-4be8-b4ba-185000cb4c5d ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B358.A120.2DC6.6A59&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=c5d4f233-2a20-415d-8f33-a952e01de28d ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=c5d4f233-2a20-415d-8f33-a952e01de28d authorizationRequestAndDenyAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B358.A120.2DC6.6A59&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=15d19ad2-af5c-4fe2-a850-68566e97bc09&session_id=56493240-44c4-4be8-b4ba-185000cb4c5d authorizationRequestAndDenyAccess: sessionState:null ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B358.A120.2DC6.6A59&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=15d19ad2-af5c-4fe2-a850-68566e97bc09&session_id=56493240-44c4-4be8-b4ba-185000cb4c5d ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request.&state=15d19ad2-af5c-4fe2-a850-68566e97bc09 authorizationRequestAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B358.A120.2DC6.6A59&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e6bbbb13-5a7f-4f3a-acba-80d87d6e99c5&session_id=56493240-44c4-4be8-b4ba-185000cb4c5d authorizationRequestAndGrantAccess: sessionState:6d7013f5-1c5b-43d5-9627-11e8df1a879b ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21B358.A120.2DC6.6A59&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e6bbbb13-5a7f-4f3a-acba-80d87d6e99c5&session_id=56493240-44c4-4be8-b4ba-185000cb4c5d ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=06bd0434-f0d6-4ac6-bce7-35a1861359c8&scope=address+openid+profile+email&session_id=56493240-44c4-4be8-b4ba-185000cb4c5d&state=e6bbbb13-5a7f-4f3a-acba-80d87d6e99c5&session_state=6d7013f5-1c5b-43d5-9627-11e8df1a879b ####################################################### TEST: requestAuthorizationForOpenIdScopeAndPairwiseId ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:47 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DD6D.0852.6BA3.387B", "client_secret": "36bf57e3-3e9a-4261-ad40-fcb76bfc693d", "registration_access_token": "745fe46b-ef19-494b-9bb0-b32167dc1cc0", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DD6D.0852.6BA3.387B", "client_id_issued_at": 1531227107, "client_secret_expires_at": 1531313507, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 745fe46b-ef19-494b-9bb0-b32167dc1cc0 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:47 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DD6D.0852.6BA3.387B", "client_secret": "36bf57e3-3e9a-4261-ad40-fcb76bfc693d", "registration_access_token": "745fe46b-ef19-494b-9bb0-b32167dc1cc0", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DD6D.0852.6BA3.387B", "client_id_issued_at": 1531227107, "client_secret_expires_at": 1531313507, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwner: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DD6D.0852.6BA3.387B&scope=openid&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=542d132c-70f9-4175-9839-f8c5c26dd50a 08:52:15.462 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwner: sessionState:a39f3981-4f8c-438c-96ec-d07422338c08 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DD6D.0852.6BA3.387B&scope=openid&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=542d132c-70f9-4175-9839-f8c5c26dd50a ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth/authorize?scope=openid&response_type=code&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=542d132c-70f9-4175-9839-f8c5c26dd50a&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DD6D.0852.6BA3.387B ####################################################### TEST: requestAuthorizationIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:49 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FD95.9044.157D.023E", "client_secret": "4bef1d57-2196-4603-a3f4-5f969cb8fe28", "registration_access_token": "5ca1e789-a5a7-4996-a083-37746aa3c507", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FD95.9044.157D.023E", "client_id_issued_at": 1531227109, "client_secret_expires_at": 1531313509, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 5ca1e789-a5a7-4996-a083-37746aa3c507 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:49 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FD95.9044.157D.023E", "client_secret": "4bef1d57-2196-4603-a3f4-5f969cb8fe28", "registration_access_token": "5ca1e789-a5a7-4996-a083-37746aa3c507", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FD95.9044.157D.023E", "client_id_issued_at": 1531227109, "client_secret_expires_at": 1531313509, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FD95.9044.157D.023E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=462fb1f9-2c12-4630-9392-da5506bc9a23&nonce=17afd54c-323f-4fc2-ad9f-cc764863d9c2 08:52:17.100 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:eebaa0a5-bdde-4b10-8d30-6ab75e52ea4b ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FD95.9044.157D.023E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=462fb1f9-2c12-4630-9392-da5506bc9a23&nonce=17afd54c-323f-4fc2-ad9f-cc764863d9c2 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGRDk1LjkwNDQuMTU3RC4wMjNFIiwiZXhwIjoxNTMxMjMwNzEwLCJpYXQiOjE1MzEyMjcxMTAsIm5vbmNlIjoiMTdhZmQ1NGMtMzIzZi00ZmMyLWFkOWYtY2M3NjQ4NjNkOWMyIiwiYXV0aF90aW1lIjoxNTMxMjI3MTEwLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiI3dk0taDVPOTI0b1Z1MXZwZVFZOFk1YWhfMTR1ZlZvV2NiT2VyQ0ZRTEVFIn0.DFdKzrHHI6tedcikRLCYv-taL7569rMTqObvr4ICiufGSmF2VTcfKmCnNdJayQ7fC9uhgUo487xvWbDb8UKVVCdS_e4NixR-vzk6l6nfG8lEZyTrGrjHTr4A11xau1Rg1RaMVUpIfJ0aKybGCrBDTuaaSkbePD3VZ9_pqurY3QTwXrGCcQMHKVmmu5V28wj59EPA8FsRX7Ei3FQWLK7fRfKFcklGALzb7d0Z4SAlQaiFP-EI-DZY8VrGaOL4lW_YXe0TZRD-Vm5_5X-0AGKhMg5HDr52ty-fdXbQEDdJSaYl2vGqP4E6Be_JX5fFLwnBo09uoQdHq3F4ZsBLxCQBWg&session_id=34e6c052-f7e7-475c-a641-62fdee9ae6c8&state=462fb1f9-2c12-4630-9392-da5506bc9a23&session_state=eebaa0a5-bdde-4b10-8d30-6ab75e52ea4b ####################################################### TEST: requestAuthorizationIdTokenUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["id_token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:50 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8032.01D7.16FD.7373", "client_secret": "0d49d653-eea5-4d03-b28e-3d8c7aaaa821", "registration_access_token": "2fe40ccc-0d10-4478-ba36-0f36b16a978e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8032.01D7.16FD.7373", "client_id_issued_at": 1531227110, "client_secret_expires_at": 1531313510, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 2fe40ccc-0d10-4478-ba36-0f36b16a978e ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:51 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8032.01D7.16FD.7373", "client_secret": "0d49d653-eea5-4d03-b28e-3d8c7aaaa821", "registration_access_token": "2fe40ccc-0d10-4478-ba36-0f36b16a978e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!8032.01D7.16FD.7373", "client_id_issued_at": 1531227110, "client_secret_expires_at": 1531313510, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218032.01D7.16FD.7373&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0facddec-ede7-451d-b4fe-0165ed0e5adb&nonce=309c925c-dc82-41e2-9700-fcb0c189805c 08:52:18.739 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:ef2adf4b-5124-42ea-9640-57b4d728a355 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%218032.01D7.16FD.7373&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=0facddec-ede7-451d-b4fe-0165ed0e5adb&nonce=309c925c-dc82-41e2-9700-fcb0c189805c ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4MDMyLjAxRDcuMTZGRC43MzczIiwiZXhwIjoxNTMxMjMwNzEyLCJpYXQiOjE1MzEyMjcxMTIsIm5vbmNlIjoiMzA5YzkyNWMtZGM4Mi00MWUyLTk3MDAtZmNiMGMxODk4MDVjIiwiYXV0aF90aW1lIjoxNTMxMjI3MTEyLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJVYWkyTmdXbjVuRjE0d0lTSFNpVVFKTmp5SmhFWWpQVHRUVFBHRWdpV3o4In0.Uq7Ov9KV3R2Or4FJL-rY3uiGpPnltgBikqAc1uuQqfJu-HQtZda565zePQw2eIhSetLUZwyrJsZuc9qcEJjw4iWWz9MDRsMAW2hfAlGEUJFE8ztIOr9X7eCx55vUz6NL1KxNBxeGdLs7vEqk9Uq7hE6y35PflX15UkgamBi82kOvXdqc8YC2ohiZRniIyr7MSDLUpfHJz25nckX1_SPqjRsbwsEIBSES7CW1lIft6jBhVvkthEWweeRQw33MdSIUmH_hZCydAlBiOKGQmeSRWpO1fYWbwxUvREsb1dkgV_h2cMXJJg66JXL0jYJQHQCNJ8aLHljQpKtbq_vVtn1m2g&session_id=e957529f-712f-4650-a769-5120afbbf685&state=0facddec-ede7-451d-b4fe-0165ed0e5adb&session_state=ef2adf4b-5124-42ea-9640-57b4d728a355 ####################################################### TEST: requestAuthorizationPromptConsent ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:52 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!604E.BAF5.D7D0.C2A7", "client_secret": "fce27e90-ca3b-43ad-82ff-fdaa75b8cd58", "registration_access_token": "f38785b4-f1c1-4e8c-8132-5337362ebd51", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!604E.BAF5.D7D0.C2A7", "client_id_issued_at": 1531227112, "client_secret_expires_at": 1531313512, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer f38785b4-f1c1-4e8c-8132-5337362ebd51 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:52 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!604E.BAF5.D7D0.C2A7", "client_secret": "fce27e90-ca3b-43ad-82ff-fdaa75b8cd58", "registration_access_token": "f38785b4-f1c1-4e8c-8132-5337362ebd51", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!604E.BAF5.D7D0.C2A7", "client_id_issued_at": 1531227112, "client_secret_expires_at": 1531313512, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21604E.BAF5.D7D0.C2A7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dc32235c-98bf-4e9b-917b-f2708ccce14a&prompt=consent 08:52:20.400 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:cf1ff7d4-7a0e-413f-ab89-601350b40317 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21604E.BAF5.D7D0.C2A7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=dc32235c-98bf-4e9b-917b-f2708ccce14a&prompt=consent ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=7fdb6b8c-c006-43bf-891a-715593235265&scope=address+openid+profile+email&session_id=94e34392-aaa9-4064-b18a-2607fc087189&state=dc32235c-98bf-4e9b-917b-f2708ccce14a&session_state=cf1ff7d4-7a0e-413f-ab89-601350b40317 ####################################################### TEST: requestAuthorizationPromptConsentTrustedClient ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:54 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6086.840A.E09E.34BB", "client_secret": "e0d9369a-6a56-411f-95c6-4df5a7d9aaef", "registration_access_token": "47e0823e-197c-4301-bf71-bc2d7377551e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6086.840A.E09E.34BB", "client_id_issued_at": 1531227114, "client_secret_expires_at": 1531313514, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 47e0823e-197c-4301-bf71-bc2d7377551e ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:54 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6086.840A.E09E.34BB", "client_secret": "e0d9369a-6a56-411f-95c6-4df5a7d9aaef", "registration_access_token": "47e0823e-197c-4301-bf71-bc2d7377551e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6086.840A.E09E.34BB", "client_id_issued_at": 1531227114, "client_secret_expires_at": 1531313514, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216086.840A.E09E.34BB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=96ceaa84-28df-49b4-83ac-ea4db52c6dc8&prompt=consent 08:52:22.060 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:c72e5346-6ca9-4762-84ec-b9c07aed7964 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216086.840A.E09E.34BB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=96ceaa84-28df-49b4-83ac-ea4db52c6dc8&prompt=consent ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=73e502b7-d532-4dc2-a480-ab80c5c02ce3&scope=address+openid+profile+email&session_id=c5fd22cf-0377-48c8-9b75-d6b7186049ef&state=96ceaa84-28df-49b4-83ac-ea4db52c6dc8&session_state=c72e5346-6ca9-4762-84ec-b9c07aed7964 ####################################################### TEST: requestAuthorizationPromptLogin ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:55 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E44E.7B4C.2266.166E", "client_secret": "292bbc53-aa44-4200-9c48-29f403220f78", "registration_access_token": "8d5761be-0f4d-4406-ab06-be0963ed063e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E44E.7B4C.2266.166E", "client_id_issued_at": 1531227115, "client_secret_expires_at": 1531313515, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 8d5761be-0f4d-4406-ab06-be0963ed063e ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:55 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E44E.7B4C.2266.166E", "client_secret": "292bbc53-aa44-4200-9c48-29f403220f78", "registration_access_token": "8d5761be-0f4d-4406-ab06-be0963ed063e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E44E.7B4C.2266.166E", "client_id_issued_at": 1531227115, "client_secret_expires_at": 1531313515, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E44E.7B4C.2266.166E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8a074f92-bcbb-46bc-9777-686017740d36&prompt=login 08:52:23.682 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:1d9a9a6e-9913-43bd-a969-9c4daba2e3d2 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E44E.7B4C.2266.166E&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8a074f92-bcbb-46bc-9777-686017740d36&prompt=login ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=5efc7ec3-d03a-4265-bef2-112321dcf53c&scope=address+openid+profile+email&session_id=81d911b9-c551-4fac-b61a-d9b62c270d75&state=8a074f92-bcbb-46bc-9777-686017740d36&session_state=1d9a9a6e-9913-43bd-a969-9c4daba2e3d2 ####################################################### TEST: requestAuthorizationPromptLoginConsent ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:57 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4AAC.A7AF.8740.0C0B", "client_secret": "c2961298-9e77-46bb-b19b-a1037d505f79", "registration_access_token": "6d2a194c-3a42-417b-b368-0932e7597573", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4AAC.A7AF.8740.0C0B", "client_id_issued_at": 1531227117, "client_secret_expires_at": 1531313517, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 6d2a194c-3a42-417b-b368-0932e7597573 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:57 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4AAC.A7AF.8740.0C0B", "client_secret": "c2961298-9e77-46bb-b19b-a1037d505f79", "registration_access_token": "6d2a194c-3a42-417b-b368-0932e7597573", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4AAC.A7AF.8740.0C0B", "client_id_issued_at": 1531227117, "client_secret_expires_at": 1531313517, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214AAC.A7AF.8740.0C0B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9821a5ab-03ec-4211-8e48-14f74e2efd72&prompt=login+consent 08:52:25.333 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:7e3f87ba-ca45-4c11-9cce-66b01ef7723a ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%214AAC.A7AF.8740.0C0B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=9821a5ab-03ec-4211-8e48-14f74e2efd72&prompt=login+consent ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=e9f3dd8a-2b0c-4650-a6f4-537e77405ae5&scope=address+openid+profile+email&session_id=ca81f32f-2366-4b15-8bb9-d076eb029a39&state=9821a5ab-03ec-4211-8e48-14f74e2efd72&session_state=7e3f87ba-ca45-4c11-9cce-66b01ef7723a ####################################################### TEST: requestAuthorizationPromptLoginConsentTrustedClient ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:59 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!37C1.A54D.9614.FFE9", "client_secret": "1d6b050a-3e3a-47fd-be1e-29438ca78fdc", "registration_access_token": "dba227b5-a538-44b8-9fc0-4e42a6c6db32", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!37C1.A54D.9614.FFE9", "client_id_issued_at": 1531227119, "client_secret_expires_at": 1531313519, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer dba227b5-a538-44b8-9fc0-4e42a6c6db32 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:51:59 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!37C1.A54D.9614.FFE9", "client_secret": "1d6b050a-3e3a-47fd-be1e-29438ca78fdc", "registration_access_token": "dba227b5-a538-44b8-9fc0-4e42a6c6db32", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!37C1.A54D.9614.FFE9", "client_id_issued_at": 1531227119, "client_secret_expires_at": 1531313519, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2137C1.A54D.9614.FFE9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e13abe04-e1c5-4635-9f6a-f9e930fbf0d7&prompt=login+consent 08:52:26.840 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:c5a9a458-e71e-4b4e-841a-7c207c962948 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2137C1.A54D.9614.FFE9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e13abe04-e1c5-4635-9f6a-f9e930fbf0d7&prompt=login+consent ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=95c450b5-1bcb-4673-920d-d007e2192d27&scope=address+openid+profile+email&session_id=e6a98b6e-c3b3-41da-ab26-01e94e28d67a&state=e13abe04-e1c5-4635-9f6a-f9e930fbf0d7&session_state=c5a9a458-e71e-4b4e-841a-7c207c962948 ####################################################### TEST: requestAuthorizationPromptNoneFail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:00 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1CE6.629E.9A9C.0948", "client_secret": "d1f20445-985c-4951-ada8-d4bff3a786de", "registration_access_token": "7cd1fb9b-4ab0-4f0f-ba6e-c7fa94ab14c5", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1CE6.629E.9A9C.0948", "client_id_issued_at": 1531227120, "client_secret_expires_at": 1531313520, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 7cd1fb9b-4ab0-4f0f-ba6e-c7fa94ab14c5 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:00 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1CE6.629E.9A9C.0948", "client_secret": "d1f20445-985c-4951-ada8-d4bff3a786de", "registration_access_token": "7cd1fb9b-4ab0-4f0f-ba6e-c7fa94ab14c5", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1CE6.629E.9A9C.0948", "client_id_issued_at": 1531227120, "client_secret_expires_at": 1531313520, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211CE6.629E.9A9C.0948&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=aee5d558-60f2-4543-a347-bd1a45d5bb0f&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Tue, 10 Jul 2018 12:52:00 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+Authorization+Server+requires+End-User+authentication.+This+error+MAY+be+returned+when+the+prompt+parameter+in+the+Authorization+Request+is+set+to+none+to+request+that+the+Authorization+Server+should+not+display+any+user+interfaces+to+the+End-User%2C+but+the+Authorization+Request+cannot+be+completed+without+displaying+a+user+interface+for+user+authentication.&state=aee5d558-60f2-4543-a347-bd1a45d5bb0f&error=login_required Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: requestAuthorizationPromptLoginConsent ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:00 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0C9E.EC34.FC23.3C52", "client_secret": "f26a6e16-595e-4c10-aba4-524ec60c44c3", "registration_access_token": "ac49ccd0-d04a-4b8b-ace4-f9eca4d4f4d1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0C9E.EC34.FC23.3C52", "client_id_issued_at": 1531227120, "client_secret_expires_at": 1531313520, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer ac49ccd0-d04a-4b8b-ace4-f9eca4d4f4d1 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:00 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0C9E.EC34.FC23.3C52", "client_secret": "f26a6e16-595e-4c10-aba4-524ec60c44c3", "registration_access_token": "ac49ccd0-d04a-4b8b-ace4-f9eca4d4f4d1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0C9E.EC34.FC23.3C52", "client_id_issued_at": 1531227120, "client_secret_expires_at": 1531313520, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210C9E.EC34.FC23.3C52&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cce93e55-6c8c-4c1a-872c-fb28fffffe04&prompt=none+login+consent ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Tue, 10 Jul 2018 12:52:01 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=cce93e55-6c8c-4c1a-872c-fb28fffffe04&error=invalid_request Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: requestAuthorizationPromptNoneTrustedClient ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:01 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FB33.8602.C749.3A17", "client_secret": "b8be4671-f336-4eac-ac20-1f1017c665b9", "registration_access_token": "82e5c29d-91b3-4321-87d8-0bdd53cd4db3", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FB33.8602.C749.3A17", "client_id_issued_at": 1531227121, "client_secret_expires_at": 1531313521, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 82e5c29d-91b3-4321-87d8-0bdd53cd4db3 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:01 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FB33.8602.C749.3A17", "client_secret": "b8be4671-f336-4eac-ac20-1f1017c665b9", "registration_access_token": "82e5c29d-91b3-4321-87d8-0bdd53cd4db3", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!FB33.8602.C749.3A17", "client_id_issued_at": 1531227121, "client_secret_expires_at": 1531313521, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21FB33.8602.C749.3A17&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=cfb43b53-323e-4098-9060-b93a4d3bcf77&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Tue, 10 Jul 2018 12:52:01 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=4f8a51d4-b809-448d-84bb-3a4bce24a2e5&scope=address+openid+profile+email&session_id=50d123d8-35e3-428c-9b20-3eaeb29a6b00&state=cfb43b53-323e-4098-9060-b93a4d3bcf77&session_state=35cda767-e05b-455e-ac19-98664adaafd2 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: requestAuthorizationToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1306 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:01 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F43D.1CE0.C964.9260", "client_secret": "e5bb759a-4920-4618-ae13-a4a21fe1f23b", "registration_access_token": "c5811d26-5331-45ed-baa0-359fdd97c159", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F43D.1CE0.C964.9260", "client_id_issued_at": 1531227121, "client_secret_expires_at": 1531313521, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer c5811d26-5331-45ed-baa0-359fdd97c159 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1306 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:01 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F43D.1CE0.C964.9260", "client_secret": "e5bb759a-4920-4618-ae13-a4a21fe1f23b", "registration_access_token": "c5811d26-5331-45ed-baa0-359fdd97c159", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F43D.1CE0.C964.9260", "client_id_issued_at": 1531227121, "client_secret_expires_at": 1531313521, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F43D.1CE0.C964.9260&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3acac0e2-387e-4f19-8d5b-509f954b86aa&nonce=e4a03396-74f6-4771-bfba-1767f02da0e3 08:52:29.395 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:392b85a3-da4e-4ab0-8f54-65fa5a3380ff ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21F43D.1CE0.C964.9260&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=3acac0e2-387e-4f19-8d5b-509f954b86aa&nonce=e4a03396-74f6-4771-bfba-1767f02da0e3 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=365e8c76-6ad2-445c-b18c-99a711542f52&scope=address+openid+profile+email&session_id=706ee44a-c130-43fe-8141-0d676293dd6c&state=3acac0e2-387e-4f19-8d5b-509f954b86aa&token_type=bearer&session_state=392b85a3-da4e-4ab0-8f54-65fa5a3380ff&expires_in=299 ####################################################### TEST: requestAuthorizationTokenCode ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1405 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:03 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0674.A58B.A039.F7DC", "client_secret": "6146e736-ff89-4fc5-b300-daf8c7f7dff1", "registration_access_token": "2458a5cf-697d-4c6f-8e7c-b875dd443bcb", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0674.A58B.A039.F7DC", "client_id_issued_at": 1531227123, "client_secret_expires_at": 1531313523, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 2458a5cf-697d-4c6f-8e7c-b875dd443bcb ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1405 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:03 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0674.A58B.A039.F7DC", "client_secret": "6146e736-ff89-4fc5-b300-daf8c7f7dff1", "registration_access_token": "2458a5cf-697d-4c6f-8e7c-b875dd443bcb", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0674.A58B.A039.F7DC", "client_id_issued_at": 1531227123, "client_secret_expires_at": 1531313523, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210674.A58B.A039.F7DC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=047e7f2b-429c-49be-8451-e861b78ef0b8&nonce=f0123daf-9322-4eb8-90e4-567314db4407 08:52:31.130 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:97d9e303-82df-4b20-b3ea-12e0fe1735d7 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210674.A58B.A039.F7DC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=047e7f2b-429c-49be-8451-e861b78ef0b8&nonce=f0123daf-9322-4eb8-90e4-567314db4407 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=34bc5598-d056-4a52-b018-c64a75bad960&code=1c42db6d-8a69-4e6a-a778-1f4df7bf619a&scope=address+openid+profile+email&session_id=a898b50d-0843-4ab6-8353-a7951eb54012&state=047e7f2b-429c-49be-8451-e861b78ef0b8&token_type=bearer&session_state=97d9e303-82df-4b20-b3ea-12e0fe1735d7&expires_in=299 ####################################################### TEST: requestAuthorizationTokenCodeIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:04 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E573.52FA.5D00.752D", "client_secret": "a0a924a7-842e-48cf-8b27-ea26e2d9e9c2", "registration_access_token": "dad06294-f798-48c6-8cdc-ffade431c00a", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E573.52FA.5D00.752D", "client_id_issued_at": 1531227124, "client_secret_expires_at": 1531313524, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer dad06294-f798-48c6-8cdc-ffade431c00a ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:05 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E573.52FA.5D00.752D", "client_secret": "a0a924a7-842e-48cf-8b27-ea26e2d9e9c2", "registration_access_token": "dad06294-f798-48c6-8cdc-ffade431c00a", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E573.52FA.5D00.752D", "client_id_issued_at": 1531227124, "client_secret_expires_at": 1531313524, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E573.52FA.5D00.752D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a2bfeb04-b95c-4f1a-87f9-d59e80580c0a&nonce=e8ea068d-646a-43b9-987f-8c277ce9aa4e 08:52:32.772 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:01bb956c-44d8-4ef7-a7d3-39f7a9281319 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E573.52FA.5D00.752D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a2bfeb04-b95c-4f1a-87f9-d59e80580c0a&nonce=e8ea068d-646a-43b9-987f-8c277ce9aa4e ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=93240efd-fe01-4d3c-9c60-b17c66644a0f&code=6664c9d7-a255-4e3c-8363-13ed54e38052&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFNTczLjUyRkEuNUQwMC43NTJEIiwiZXhwIjoxNTMxMjMwNzI2LCJpYXQiOjE1MzEyMjcxMjYsIm5vbmNlIjoiZThlYTA2OGQtNjQ2YS00M2I5LTk4N2YtOGMyNzdjZTlhYTRlIiwiYXV0aF90aW1lIjoxNTMxMjI3MTI2LCJjX2hhc2giOiJ4bHFCTUY2WEVpOWp4SEQzQ2FyWGtBIiwiYXRfaGFzaCI6IkpIUHgzZ3VtWWI1WDg4eUhpVmV1b3ciLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiI4Uksxc0F3SE1YRHdEZEwxc19UbUpuZzhtZHRXYkNQZXFrekhyTWFjV2lrIn0.p_9gOZyztbqFalamZwooCIyNNMW-rjsCRy-yZDhxRwghw7jzTmAjSuQ6So4Et_fm5r2VQI6x1HorMlTNyyK5QY0H_zQdURhE6oGDXhZKhYKzG7gPGpou9GBVRUadEAJymqfW_x0kjnTW9dbI-zNN9ETq2HeKrBIdR54cE8sWw1ETqYPDqoZ9rBTlD6lABwzXH-R3nOk-kSMW_nhZ-zksr0Qb0iQXNcalXSV1q_TT1l7dvM7iUghStCx-I5b0KgHKB5vRTIomyMG4TkeOLVFi4UjhdP_S-DpWq2B66fgM1meQO2hvD4t64Gijh15ZjABc1Ff-nOk_pkGfI61NBQMAkA&session_id=8a93cb59-970b-4b85-a995-4c495617f348&state=a2bfeb04-b95c-4f1a-87f9-d59e80580c0a&token_type=bearer&session_state=01bb956c-44d8-4ef7-a7d3-39f7a9281319&expires_in=299 ####################################################### TEST: requestAuthorizationTokenCodeIdTokenUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:06 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DF19.ECFA.D434.91C5", "client_secret": "a5b98392-d331-4174-b70c-bbbc73e882ad", "registration_access_token": "e9d0ba3e-a0de-4d8f-99cb-4152b6f703a2", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DF19.ECFA.D434.91C5", "client_id_issued_at": 1531227126, "client_secret_expires_at": 1531313526, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer e9d0ba3e-a0de-4d8f-99cb-4152b6f703a2 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:06 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DF19.ECFA.D434.91C5", "client_secret": "a5b98392-d331-4174-b70c-bbbc73e882ad", "registration_access_token": "e9d0ba3e-a0de-4d8f-99cb-4152b6f703a2", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DF19.ECFA.D434.91C5", "client_id_issued_at": 1531227126, "client_secret_expires_at": 1531313526, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DF19.ECFA.D434.91C5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b5801f7d-c357-4fe0-af39-ab4c0f78f3a4&nonce=ec2f4fd2-b2ff-47fc-aeca-f977c6ba80dd 08:52:34.457 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:579ce030-9658-460f-bcb5-1c1c9b602d75 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DF19.ECFA.D434.91C5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=b5801f7d-c357-4fe0-af39-ab4c0f78f3a4&nonce=ec2f4fd2-b2ff-47fc-aeca-f977c6ba80dd ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=78a840b4-86e0-4ed8-ad8a-ba51997cc226&code=a20c7e07-1cb2-4bf0-b4a6-a658341e7e68&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFERjE5LkVDRkEuRDQzNC45MUM1IiwiZXhwIjoxNTMxMjMwNzI4LCJpYXQiOjE1MzEyMjcxMjgsIm5vbmNlIjoiZWMyZjRmZDItYjJmZi00N2ZjLWFlY2EtZjk3N2M2YmE4MGRkIiwiYXV0aF90aW1lIjoxNTMxMjI3MTI3LCJjX2hhc2giOiJFbVFmNnpucnBySGYwbmdXYURTYnVnIiwiYXRfaGFzaCI6IkFQMWlZOTNNeFd2QUo2bHV0UUZoSVEiLCJveE9wZW5JRENvbm5lY3RWZXJzaW9uIjoib3BlbmlkY29ubmVjdC0xLjAiLCJzdWIiOiJZQ3lnVk9EbDdUYU05T1lyXzk2WGxwXzFCckR6X3pyMTVRVFhxS05IeTBzIn0.cdO5gZ8g4YoJ6TO8vMNd0sSbqe5tOXcv-91aKWOC_Zg2O5YJuZoVXSmh3iBzi8qvKdqs6D6209mzVpwat98w2A3CJ887alROFTIYSbJNmM3_P9ZcX6CybWKS3RbQSAMkQS49FBPn9Er4qp4qPrYo-PSS8tLk7JiTKwk3RjklULeh01lwHgndJggl2rLOGlgvW3YndUgK_YOWAr1N46B5qyYkh16euG8dWBp05qdm9XJz9bkIc2u6wsAnZiggr3M-xyilrcHOqFUgHToh9CCgOypkN4kGrRQ_0EghBbzv0cXaWywuoBfg8lCyHmMCChp_LcqOiyfHudJBKdUUjSwc3Q&session_id=cc58cc27-1f07-40aa-bb5d-9ccec9d00820&state=b5801f7d-c357-4fe0-af39-ab4c0f78f3a4&token_type=bearer&session_state=579ce030-9658-460f-bcb5-1c1c9b602d75&expires_in=299 ####################################################### TEST: requestAuthorizationTokenCodeUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1405 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:08 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CC27.B0A1.80FB.8C1A", "client_secret": "05e5c676-016b-4c68-be33-1fe86b14584e", "registration_access_token": "263c7da9-6c13-47bb-ac7c-9d6f649ef296", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CC27.B0A1.80FB.8C1A", "client_id_issued_at": 1531227128, "client_secret_expires_at": 1531313528, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 263c7da9-6c13-47bb-ac7c-9d6f649ef296 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1405 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:08 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CC27.B0A1.80FB.8C1A", "client_secret": "05e5c676-016b-4c68-be33-1fe86b14584e", "registration_access_token": "263c7da9-6c13-47bb-ac7c-9d6f649ef296", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CC27.B0A1.80FB.8C1A", "client_id_issued_at": 1531227128, "client_secret_expires_at": 1531313528, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CC27.B0A1.80FB.8C1A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bf44eb96-563c-4518-b9a2-0c3e34bf053d&nonce=6bf9130d-cf7a-451d-87da-692d9e191e4e 08:52:36.081 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:59e6eec7-8cdb-4900-8cef-f6b03db51489 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CC27.B0A1.80FB.8C1A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=bf44eb96-563c-4518-b9a2-0c3e34bf053d&nonce=6bf9130d-cf7a-451d-87da-692d9e191e4e ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=d5e2622e-4483-4950-9d4f-1ad5a570c514&code=7e1a6824-080d-4ac5-9859-79a2333fa883&scope=address+openid+profile+email&session_id=12b20d70-aee1-4efc-b883-880d382bb716&state=bf44eb96-563c-4518-b9a2-0c3e34bf053d&token_type=bearer&session_state=59e6eec7-8cdb-4900-8cef-f6b03db51489&expires_in=299 ####################################################### TEST: requestAuthorizationTokenFail1 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=token&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a0bdf200-227e-4a14-94da-84942492beb6 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 222 Content-Type: text/plain Date: Tue, 10 Jul 2018 12:52:09 GMT Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, or is otherwise malformed.","state":"a0bdf200-227e-4a14-94da-84942492beb6"} ####################################################### TEST: requestAuthorizationTokenFail2 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1306 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:09 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5EA4.01A5.F44D.CD7A", "client_secret": "5919e2e2-72e9-4e9a-b947-baad574a0567", "registration_access_token": "ab8c1adf-99eb-4c4d-9a40-b3984ed59591", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5EA4.01A5.F44D.CD7A", "client_id_issued_at": 1531227130, "client_secret_expires_at": 1531313530, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer ab8c1adf-99eb-4c4d-9a40-b3984ed59591 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1306 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:10 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5EA4.01A5.F44D.CD7A", "client_secret": "5919e2e2-72e9-4e9a-b947-baad574a0567", "registration_access_token": "ab8c1adf-99eb-4c4d-9a40-b3984ed59591", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5EA4.01A5.F44D.CD7A", "client_id_issued_at": 1531227130, "client_secret_expires_at": 1531313530, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215EA4.01A5.F44D.CD7A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6e8cd477-220b-45c2-ba5f-0b19d08e7a35&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Tue, 10 Jul 2018 12:52:10 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#error_description=The+request+is+missing+a+required+parameter%2C+includes+an+unsupported+parameter+or+parameter+value%2C+or+is+otherwise+malformed.&state=6e8cd477-220b-45c2-ba5f-0b19d08e7a35&error=invalid_request Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ####################################################### TEST: requestAuthorizationTokenIdToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:10 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C419.1D01.1A3F.2D5F", "client_secret": "b1328f00-bd43-4352-9e1c-7bdd29c637d9", "registration_access_token": "52376387-1c51-4e04-96c8-8e81232388a4", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C419.1D01.1A3F.2D5F", "client_id_issued_at": 1531227130, "client_secret_expires_at": 1531313530, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 52376387-1c51-4e04-96c8-8e81232388a4 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:10 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C419.1D01.1A3F.2D5F", "client_secret": "b1328f00-bd43-4352-9e1c-7bdd29c637d9", "registration_access_token": "52376387-1c51-4e04-96c8-8e81232388a4", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C419.1D01.1A3F.2D5F", "client_id_issued_at": 1531227130, "client_secret_expires_at": 1531313530, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C419.1D01.1A3F.2D5F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8689183f-f0dd-4f35-b1b2-53e45ca9609c&nonce=4e2c2272-4e6b-4d2e-8757-a2516f2b6a87 08:52:38.110 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:36faad1f-25b7-42d5-adfa-fb4fb863ee24 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21C419.1D01.1A3F.2D5F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=8689183f-f0dd-4f35-b1b2-53e45ca9609c&nonce=4e2c2272-4e6b-4d2e-8757-a2516f2b6a87 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=3c1f93bf-c6c7-45f1-a13c-44c5159a4d81&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDNDE5LjFEMDEuMUEzRi4yRDVGIiwiZXhwIjoxNTMxMjMwNzMxLCJpYXQiOjE1MzEyMjcxMzEsIm5vbmNlIjoiNGUyYzIyNzItNGU2Yi00ZDJlLTg3NTctYTI1MTZmMmI2YTg3IiwiYXV0aF90aW1lIjoxNTMxMjI3MTMxLCJhdF9oYXNoIjoiTkxtUU5sTTYzSTYxZHBiR2tneVJYZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjZVckVYc1NrYjlDb3BkM0YtWFFQUjh4UTlSTmtPSVYza2szVmtvZDh4QzQifQ.gpF6QkpytDwWBJKzF9thwovfrYRLEig5rQbYDP0dJRu_7EK4bmXAj5Gp-z59jxyBMwMTdR16FrUyqXN9qV_Cy3FYETL-rI03DQWvRst7N3SJ_OL5qyEiWnBQ1KB4Ru8MWcV_XbE4E0ALOOfgqe-LTmMoIoBYjp8pnzp_kNcMa8CgVtFCn13Go2J76MPnuzZMYOXibSpb4Q3ahVjPOY9LblypVLmcnHbhcY8_KM5I5U-8RfF3DOeDE3qZGIqp5rrZlJoC4T478BmU-haSG-kxl-s_u0Oe46npcuhcsCMbU0XausJ_QadGpOivruSj2hernhTeN2EzVUjum5i2DDqONw&session_id=b5c82183-560a-406b-83b8-39ad99472435&state=8689183f-f0dd-4f35-b1b2-53e45ca9609c&token_type=bearer&session_state=36faad1f-25b7-42d5-adfa-fb4fb863ee24&expires_in=299 ####################################################### TEST: requestAuthorizationTokenIdTokenUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:11 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3C8A.5D4B.B1C8.0E84", "client_secret": "c5facf09-6ae5-4636-8a5f-b9352b6bd829", "registration_access_token": "43333d9d-f7a2-4987-9f4f-a354e8e590ec", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3C8A.5D4B.B1C8.0E84", "client_id_issued_at": 1531227132, "client_secret_expires_at": 1531313532, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 43333d9d-f7a2-4987-9f4f-a354e8e590ec ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:12 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3C8A.5D4B.B1C8.0E84", "client_secret": "c5facf09-6ae5-4636-8a5f-b9352b6bd829", "registration_access_token": "43333d9d-f7a2-4987-9f4f-a354e8e590ec", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3C8A.5D4B.B1C8.0E84", "client_id_issued_at": 1531227132, "client_secret_expires_at": 1531313532, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213C8A.5D4B.B1C8.0E84&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d27be93a-2012-43e7-8210-a4df5a21669e&nonce=5ee4b58d-afbd-4547-bf23-c5e2f432392e 08:52:39.768 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:1518e8ee-04ef-4774-9028-69f5cdeb03fb ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213C8A.5D4B.B1C8.0E84&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=d27be93a-2012-43e7-8210-a4df5a21669e&nonce=5ee4b58d-afbd-4547-bf23-c5e2f432392e ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=694eb036-a88d-42c0-8249-de17a0d3ae77&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzQzhBLjVENEIuQjFDOC4wRTg0IiwiZXhwIjoxNTMxMjMwNzMzLCJpYXQiOjE1MzEyMjcxMzMsIm5vbmNlIjoiNWVlNGI1OGQtYWZiZC00NTQ3LWJmMjMtYzVlMmY0MzIzOTJlIiwiYXV0aF90aW1lIjoxNTMxMjI3MTMzLCJhdF9oYXNoIjoiV19uUFhmRlpCUGxSX1ptZDNYdTRrdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImxJVmx2ZDNhTkd6MlNQNXZTNFBTVEdVUTdrSG0xRjNvMGVPNV9hU005M1UifQ.iARZc51Eeaks9cWJ3kz3ESf1DzUWzLQoThtN62tWkvtEvgmg2mwtROWKHQwHLBFuG_56xK226GahX7D5vdgmBcuYtPNw-LHNy1gP2OxdJD7debAMKv9kmOzFWec0lJO7fzQ6GxkL26uQMOI4RCoGN9-h-nd0_IpAzTzDKtWrNiMIf_zahJcjQRBV4jnE-ehUFb62jiQsY9BwM12lXp-W0E5TsYT-uwpaCh6msUktnOzkfaDyfMMLA1oz8KnY9sDSGkGJcc9WmgWgy7aEq0D2bdvAEySq2THZvZVGPQAkwo3NxaSiSjGLEC146_KrSUzt44mTZweNkcvvYgVOmR-Oig&session_id=23534fdc-8278-4155-8aa9-27834f586382&state=d27be93a-2012-43e7-8210-a4df5a21669e&token_type=bearer&session_state=1518e8ee-04ef-4774-9028-69f5cdeb03fb&expires_in=299 ####################################################### TEST: requestAuthorizationTokenUserBasicAuth ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["token"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1306 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:13 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!369A.76E2.D19C.31E5", "client_secret": "b536ab85-ad50-44be-9833-41c44a4176fe", "registration_access_token": "0bfd965a-cf7b-4dd5-b199-293df1af07a1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!369A.76E2.D19C.31E5", "client_id_issued_at": 1531227133, "client_secret_expires_at": 1531313533, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 0bfd965a-cf7b-4dd5-b199-293df1af07a1 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1306 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:13 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!369A.76E2.D19C.31E5", "client_secret": "b536ab85-ad50-44be-9833-41c44a4176fe", "registration_access_token": "0bfd965a-cf7b-4dd5-b199-293df1af07a1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!369A.76E2.D19C.31E5", "client_id_issued_at": 1531227133, "client_secret_expires_at": 1531313533, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["token"], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21369A.76E2.D19C.31E5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=67ab934f-0d21-4087-8cdc-99358315f6d7&nonce=f5d85441-cbf6-4693-9cc8-bfd96536e047 08:52:41.390 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:93beb04f-a05e-421b-8e2d-b5e904648522 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21369A.76E2.D19C.31E5&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=67ab934f-0d21-4087-8cdc-99358315f6d7&nonce=f5d85441-cbf6-4693-9cc8-bfd96536e047 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=70e24157-47dd-4e30-828b-4ac2ccd5f969&scope=address+openid+profile+email&session_id=38cdc801-c1c1-430d-b2f0-9a3fda199c05&state=67ab934f-0d21-4087-8cdc-99358315f6d7&token_type=bearer&session_state=93beb04f-a05e-421b-8e2d-b5e904648522&expires_in=299 ####################################################### TEST: requestAuthorizationWithoutScope ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:15 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07D9.DD93.B859.7992", "client_secret": "b0aa64c7-20f8-4536-b0c7-af5d9c6e0813", "registration_access_token": "58111ea4-563c-4c29-9708-e878b79d10a4", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07D9.DD93.B859.7992", "client_id_issued_at": 1531227135, "client_secret_expires_at": 1531313535, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 58111ea4-563c-4c29-9708-e878b79d10a4 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1425 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:15 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07D9.DD93.B859.7992", "client_secret": "b0aa64c7-20f8-4536-b0c7-af5d9c6e0813", "registration_access_token": "58111ea4-563c-4c29-9708-e878b79d10a4", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07D9.DD93.B859.7992", "client_id_issued_at": 1531227135, "client_secret_expires_at": 1531313535, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2107D9.DD93.B859.7992&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fc2cebc9-4454-49aa-80e4-1618bbec8641&nonce=e6cc2154-5919-4cd3-92ae-b0b20b325b95 08:52:42.872 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:b4be2935-eeca-4c19-bd70-cb0ff9548de7 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2107D9.DD93.B859.7992&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=fc2cebc9-4454-49aa-80e4-1618bbec8641&nonce=e6cc2154-5919-4cd3-92ae-b0b20b325b95 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=da05b5c7-a021-4706-ad42-d1075151c76b&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwN0Q5LkREOTMuQjg1OS43OTkyIiwiZXhwIjoxNTMxMjMwNzM2LCJpYXQiOjE1MzEyMjcxMzYsIm5vbmNlIjoiZTZjYzIxNTQtNTkxOS00Y2QzLTkyYWUtYjBiMjBiMzI1Yjk1IiwiYXV0aF90aW1lIjoxNTMxMjI3MTM2LCJjX2hhc2giOiJTQ2VhbE55b1BieURHcEdIeDRfOVVRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiMFdOWFE4WWlsck5VaDJIQ2o3enN2TDFScEJkUUs4d0ptcFZrNWl4ekFzdyJ9.aYhXtiliQ4Pb1N3LYef4qKA1qMLkPikOW7VBe1NmLRCV4knSh8O6xRhhh-e2sr7yZdpb7mucwSTzl8EVxHR087vxGtGX6LQvsRHDpWCBgGAfgHz97G0fBxNd6aIb7Ywm3VTytCu7kfqg4LWFkkbLS4Z1W6KCKi9KJM8OYBstRkDIsl9vGjhGFAbbbzQcj3LgAgOcG1IhY9hJcFkJJvPqz2mfS1g5A9r5tKA1ceIvBgiTC3HmLLRK574wHjY0u8KgfTAv8KRgSr5yT_jsgHHUXwNtXjMWbA502zqx8Xy81tlLs1gGanoGoQtRl3bHCka1uSaW_HACE0x2TAx9hS_rzA&session_id=487c2c09-dd16-4a05-8596-34e0a2f740da&state=fc2cebc9-4454-49aa-80e4-1618bbec8641&session_state=b4be2935-eeca-4c19-bd70-cb0ff9548de7 ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:16 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:16 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: requestSessionIdAuthorizationCode1 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:16 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AE5D.C73E.7E8F.1BAF", "client_secret": "e63a5975-afad-41f6-8df6-b81a86c37e0e", "registration_access_token": "f745cb88-2604-4892-b89b-3ae8a84df3c8", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AE5D.C73E.7E8F.1BAF", "client_id_issued_at": 1531227136, "client_secret_expires_at": 1531313536, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer f745cb88-2604-4892-b89b-3ae8a84df3c8 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:16 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AE5D.C73E.7E8F.1BAF", "client_secret": "e63a5975-afad-41f6-8df6-b81a86c37e0e", "registration_access_token": "f745cb88-2604-4892-b89b-3ae8a84df3c8", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!AE5D.C73E.7E8F.1BAF", "client_id_issued_at": 1531227136, "client_secret_expires_at": 1531313536, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AE5D.C73E.7E8F.1BAF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=16025ca1-893a-41d3-b635-0c013910daea 08:52:44.477 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] waitForResourceOwnerAndGrantLoginForm: sessionState:bd3490b3-963a-4bd1-b4c4-347f35e0d2c3 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AE5D.C73E.7E8F.1BAF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=16025ca1-893a-41d3-b635-0c013910daea authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AE5D.C73E.7E8F.1BAF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=35017b03-e044-463f-bbd9-07f952710131 08:52:44.707 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:4f4b4a7e-d43b-472e-a621-d5e5e5f82872 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21AE5D.C73E.7E8F.1BAF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=35017b03-e044-463f-bbd9-07f952710131 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=84a80458-c303-415b-9523-69f8d35e737e&scope=address+openid+profile+email&session_id=8f72532c-1273-4442-a4f1-c277a9ca3c45&state=35017b03-e044-463f-bbd9-07f952710131&session_state=4f4b4a7e-d43b-472e-a621-d5e5e5f82872 ####################################################### TEST: requestSessionIdAuthorizationCode2 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": ["code"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:18 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DDD3.C2D8.E616.C073", "client_secret": "7820bff4-dc68-4f86-bc29-b132dc059e1b", "registration_access_token": "68d0084f-0114-40fc-beb0-f83007d05784", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DDD3.C2D8.E616.C073", "client_id_issued_at": 1531227138, "client_secret_expires_at": 1531313538, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/register?{} HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 68d0084f-0114-40fc-beb0-f83007d05784 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:18 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DDD3.C2D8.E616.C073", "client_secret": "7820bff4-dc68-4f86-bc29-b132dc059e1b", "registration_access_token": "68d0084f-0114-40fc-beb0-f83007d05784", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DDD3.C2D8.E616.C073", "client_id_issued_at": 1531227138, "client_secret_expires_at": 1531313538, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } waitForResourceOwnerAndGrantLoginForm: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DDD3.C2D8.E616.C073&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f9cb7844-8da5-4b9b-82d5-be112a53626c 08:52:46.208 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] waitForResourceOwnerAndGrantLoginForm: sessionState:b65ab60d-bfda-418b-8ab6-da60fa6abe04 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DDD3.C2D8.E616.C073&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=f9cb7844-8da5-4b9b-82d5-be112a53626c authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DDD3.C2D8.E616.C073&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=667ffbcc-8175-4c6c-92da-4de0a9f91566 08:52:46.487 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:40ce2753-6dd7-4fbb-8b48-8133b7527ff3 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21DDD3.C2D8.E616.C073&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=667ffbcc-8175-4c6c-92da-4de0a9f91566 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm?code=3be9f500-a350-4af2-b2ac-3afed2a9a91e&scope=address+openid+profile+email&session_id=b0974c4a-55a9-4a85-bc0e-10638ee1577c&state=667ffbcc-8175-4c6c-92da-4de0a9f91566&session_state=40ce2753-6dd7-4fbb-8b48-8133b7527ff3 ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:20 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:20 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: requestClientRegistrationWithCustomAttributes ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "token", "id_token" ], "grant_types": ["password"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "oxAuthTrustedClient": "true", "myCustomAttr1": "1a9a41d3-a00e-4695-803c-6747fa73ea3f" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1445 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:20 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!681F.6A2D.A536.0CC7", "client_secret": "f5870492-1010-4df9-9252-342c51522f71", "registration_access_token": "dd491b51-ceff-4c8b-a367-f2c431af0554", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!681F.6A2D.A536.0CC7", "client_id_issued_at": 1531227140, "client_secret_expires_at": 1531313540, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "password", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ####################################################### TEST: requestAccessTokenCustomClientAuth1 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/authorize HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Basic dGVzdF91c2VyOnRlc3RfdXNlcl9wYXNzd29yZA== response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21681F.6A2D.A536.0CC7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a6d1ad4d-6481-40c2-9c9c-82c980690fdd&nonce=5b73c720-87ae-4a6f-aacf-d04ebd3ffe22&prompt=none ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Connection: Keep-Alive Content-Length: 0 Date: Tue, 10 Jul 2018 12:52:20 GMT Keep-Alive: timeout=5, max=100 Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=9799b048-af6c-4c6d-bbca-f78475b2c187&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2ODFGLjZBMkQuQTUzNi4wQ0M3IiwiZXhwIjoxNTMxMjMwNzQwLCJpYXQiOjE1MzEyMjcxNDAsIm5vbmNlIjoiNWI3M2M3MjAtODdhZS00YTZmLWFhY2YtZDA0ZWJkM2ZmZTIyIiwiYXV0aF90aW1lIjoxNTMxMjI3MTQwLCJjX2hhc2giOiJRMkZoeE9FMzZyZGNSTmNyUnY1cnR3Iiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiV0xrRDlBQlQxVlhBZndIRmVmWXJSSkVUYTVlQzBXTkNDUWkxeE5JQWJZWSJ9.kZh7DzKiMGNRQmmMTD2hGe1cGGFWb9wy0KLutvv1sFIHwV-jKeNW4eT8siMK6YmdDlOiTz2_nvfU2D6xqJ85ZdXk_z8OacHnXZalaTg8v7nAxobS0_V9v-axMiHHpYGX-AIUgM1itzsOUxTSN7OTB0HBA4piUO8m9KdqRub5ou2V7nYclnM1WnRVLIdA7IBVzf5awPSR5x-WSI_gmxHrDI90CI3NYKUr3oclX7QnsCkA-AzhjV6VFNCczrR9prjm8x1aO_5SwY99GwRamLcDDcP1WqItcPnm9qNPzW4y1n22LHkQb17R05DjKkb8GJtCtX75APP9vhnXMPl89uCmKw&session_id=bce97c70-407b-4da3-a1a2-798548942494&state=a6d1ad4d-6481-40c2-9c9c-82c980690fdd&session_state=46a77936-1baf-46b9-a218-f6af1550e194 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=authorization_code&code=9799b048-af6c-4c6d-bbca-f78475b2c187&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&myCustomAttr1=1a9a41d3-a00e-4695-803c-6747fa73ea3f ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:20 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"7e4368ad-f4b1-478b-be71-76e85aa034db","token_type":"bearer","expires_in":299,"refresh_token":"81c6ae59-f4c5-4907-8200-29544d42e97a","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2ODFGLjZBMkQuQTUzNi4wQ0M3IiwiZXhwIjoxNTMxMjMwNzQwLCJpYXQiOjE1MzEyMjcxNDAsIm5vbmNlIjoiNWI3M2M3MjAtODdhZS00YTZmLWFhY2YtZDA0ZWJkM2ZmZTIyIiwiYXV0aF90aW1lIjoxNTMxMjI3MTQwLCJhdF9oYXNoIjoiQ3Z1UHZVeXpYNDJIYlJCMDdzdDRjdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IldMa0Q5QUJUMVZYQWZ3SEZlZllyUkpFVGE1ZUMwV05DQ1FpMXhOSUFiWVkifQ.FwXYZjn9B1anJrwN5IEqdVWW1sZCMhsLXgAQXijhoJbvNCNnS5AFi_SoyzP8cgcF_PV2hZsmcP64Q5YHKCCmAqxaFjZMuf_s8cIqcxoohJntT5_RW1cVxOwwbEHYy42Atr7wPiIDT6bDgffdx969CVj6aQtqMxVS2opDP4v15XyvkOqSRDIj7JwjD6Mx5bgUBrqdCLKoHTVFrcWW4-Zp6wlbXiOr9IGmc6CJAyJFTCWWQzTDpV9xYItz3wRhL5ay2t_QFMaKlgY0RGSPjAZNMGf8PcMFY3gOgHo0UanM-q0QYSDUIP5Bn1THvPWHOE8LhgQ9PDuBZiBDmpPDfVYxiA"} ####################################################### TEST: requestAccessTokenCustomClientAuth2 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=password&scope=openid&username=test_user&password=test_user_password&myCustomAttr1=1a9a41d3-a00e-4695-803c-6747fa73ea3f ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 934 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:20 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"e037121b-47d9-42de-ae62-aecca4946ff6","token_type":"bearer","expires_in":299,"refresh_token":"952f8934-738a-4de2-ba59-79dc54228c8c","scope":"openid","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2ODFGLjZBMkQuQTUzNi4wQ0M3IiwiZXhwIjoxNTMxMjMwNzQwLCJpYXQiOjE1MzEyMjcxNDAsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IldMa0Q5QUJUMVZYQWZ3SEZlZllyUkpFVGE1ZUMwV05DQ1FpMXhOSUFiWVkifQ.DrivXKJvt3HQ_jRb375n9WHrUtLfVspCupAivq-6UAdnFEF4GKOBQFrbDAIPGVLBcD3riYGkPpE2kX3cnntoEhhZkKvltzLXJmc0qm-S5oEGJi2Flo8uSAM7yKF9AxQ__u6_jzzBcF3wxIcrRmh4smc-o7HTAdsShIIQld8qnXYgzR9a3LEcAXlai3TjY5xzU2zQvNzpzACkLNzxyISyaMccOPFXx0Q7EECTxSiiu63A1nbGbNG7IhD_MwvnlfUTTs43QFdAkfXvCGIZKGC6SevgLYmtMZiPmzi4HWRr1en2eNRprKFPPM_OaoKQeY7A2gZKgl9jDmQrvj3ykHeV_Q"} ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:20 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:20 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: clientSecretBasicAuthenticationMethod ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_basic", "scope": "openid profile address email clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1226 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:20 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!23D9.9341.276E.12ED", "client_secret": "4731609a-9ff9-4148-8bf6-ec577adc7e4b", "registration_access_token": "5f019ed9-a369-4630-9a8f-a5f3838e59a3", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!23D9.9341.276E.12ED", "client_id_issued_at": 1531227141, "client_secret_expires_at": 1531313541, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "openid profile address email clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMjNEOS45MzQxLjI3NkUuMTJFRDo0NzMxNjA5YS05ZmY5LTQxNDgtOGJmNi1lYzU3N2FkYzdlNGI= grant_type=client_credentials&scope=clientinfo ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"e35309e2-1454-43c5-b8fa-e68242ac0a38","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 412 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!23D9.9341.276E.12ED","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["openid","profile","address","email","clientinfo"]} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer e35309e2-1454-43c5-b8fa-e68242ac0a38 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 403 Connection: Keep-Alive Content-Length: 126 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:21 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"insufficient_scope","error_description":"The request requires higher privileges than provided by the access token."} ####################################################### TEST: clientSecretBasicAuthenticationMethodFail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_basic", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1242 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07D3.BB50.ED98.8DC2", "client_secret": "e61fed98-8e9f-440b-b1ea-9d8f9a51ea3a", "registration_access_token": "eb1cf4ac-6916-4dcc-a4d9-da42fd822361", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!07D3.BB50.ED98.8DC2", "client_id_issued_at": 1531227141, "client_secret_expires_at": 1531313541, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMDdEMy5CQjUwLkVEOTguOERDMjpJTlZBTElEX0NMSUVOVF9TRUNSRVQ= grant_type=client_credentials&scope=clientinfo ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:21 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: clientSecretJwtAuthenticationMethodHS256 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1195 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1A7.3F2F.B004.2C12", "client_secret": "5af5524f-8fe5-4b19-ae2c-132ed2717b8e", "registration_access_token": "ad6341df-5ef7-465d-be68-c54d9eba71d9", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1A7.3F2F.B004.2C12", "client_id_issued_at": 1531227141, "client_secret_expires_at": 1531313541, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBMUE3LjNGMkYuQjAwNC4yQzEyIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTFBNy4zRjJGLkIwMDQuMkMxMiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYTc3MjQ1NTItMWRhOC00M2JiLWFhYjItYmQzNGM3YjE0YTBjIiwiZXhwIjoxNTMxMjI3NDY5LCJpYXQiOjE1MzEyMjcxNjl9.Vn9l_956N304VTzCRcrH-jHrjbylLU7If-Of03IZiGE ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"25892eba-6052-4270-8978-42fc6b7883ba","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A1A7.3F2F.B004.2C12","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: clientSecretJwtAuthenticationMethodHS256Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1240 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!915C.3F86.3F6A.4EF1", "client_secret": "95f8befc-d8af-4d7e-9730-86a10aeeeff5", "registration_access_token": "a2ddbadc-f9a4-4484-b198-5dc7d8827df1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!915C.3F86.3F6A.4EF1", "client_id_issued_at": 1531227141, "client_secret_expires_at": 1531313541, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5MTVDLjNGODYuM0Y2QS40RUYxIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOTE1Qy4zRjg2LjNGNkEuNEVGMSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiN2YyN2FmY2ItOGI4Ny00MjNiLTg0NGYtZDcwOWQ1ZGUxZWE1IiwiZXhwIjoxNTMxMjI3NDY5LCJpYXQiOjE1MzEyMjcxNjl9.JbFprO3moRrjPGXmdE8TZtzfzNEcgDaM1hRUDHazDQE ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:21 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: clientSecretJwtAuthenticationMethodHS384 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1195 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:21 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B9CF.7596.1502.DFFE", "client_secret": "235bdf8a-af27-4297-b76c-a66a4d74b4a6", "registration_access_token": "ad41c743-0e7f-4e27-a14a-90157871a926", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B9CF.7596.1502.DFFE", "client_id_issued_at": 1531227141, "client_secret_expires_at": 1531313541, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFCOUNGLjc1OTYuMTUwMi5ERkZFIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQjlDRi43NTk2LjE1MDIuREZGRSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiN2ZjZjU5NDQtNjJhNy00ZGY4LTgxNGQtNTRhMmRkZWVlNGUyIiwiZXhwIjoxNTMxMjI3NDY5LCJpYXQiOjE1MzEyMjcxNjl9.F4gLMxyHfN8K7tKN-Xkiwio46aj6URQCuuR6ByT1g24JzFW0vf5g2Qkpxj54ZCa1 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"e95df3bc-0bbd-4337-877f-15e3a0043c73","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!B9CF.7596.1502.DFFE","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: clientSecretJwtAuthenticationMethodHS384Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1240 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DEE8.678F.0D1E.BF3D", "client_secret": "457b3bd3-b5a6-4971-863c-95b0fe3137b0", "registration_access_token": "ac36278d-bd4e-4545-9d2f-f47f9fd742ea", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DEE8.678F.0D1E.BF3D", "client_id_issued_at": 1531227142, "client_secret_expires_at": 1531313542, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFERUU4LjY3OEYuMEQxRS5CRjNEIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghREVFOC42NzhGLjBEMUUuQkYzRCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNWMwMGQyNDktODQ0Mi00MzRmLWEyMTUtYWM1NzFhMjRiN2U2IiwiZXhwIjoxNTMxMjI3NDY5LCJpYXQiOjE1MzEyMjcxNjl9.A9nF3uobOc-lp9s2NTEMRSAZw5XnTPDGc64SEee4hUS4JJI4G-bAQy1GqkhfRihD ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:22 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: clientSecretJwtAuthenticationMethodHS512 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1195 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C234.599D.2211.BB8E", "client_secret": "d5245e93-805e-457b-8967-9e6600989f12", "registration_access_token": "a4f76121-afb6-4cab-9153-f785f046f6cc", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C234.599D.2211.BB8E", "client_id_issued_at": 1531227142, "client_secret_expires_at": 1531313542, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDMjM0LjU5OUQuMjIxMS5CQjhFIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQzIzNC41OTlELjIyMTEuQkI4RSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMTY2YTNiNzgtZDgxMS00NTZhLThmZDItMGVhOGVjYzU3NzQxIiwiZXhwIjoxNTMxMjI3NDY5LCJpYXQiOjE1MzEyMjcxNjl9.BMaqYi7QBi2YsW2nm4cHr_pMAyduJNlG9EQGenMrtwvKiCpEXNrNpjHMbyP6zNDCGa8e7eEw994Mgaz1EIbE6w ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"7e4638c8-37ac-4a06-aeff-7028c43c1944","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!C234.599D.2211.BB8E","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: clientSecretJwtAuthenticationMethodHS512Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1240 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EBD4.8F1F.B285.D109", "client_secret": "7520b77e-e7d7-4a34-a541-4de75ae15dbc", "registration_access_token": "569de979-0e1d-4497-9569-b73c9d7129fb", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!EBD4.8F1F.B285.D109", "client_id_issued_at": 1531227142, "client_secret_expires_at": 1531313542, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFQkQ0LjhGMUYuQjI4NS5EMTA5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRUJENC44RjFGLkIyODUuRDEwOSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZDU0MGRiZDYtODQ5NS00NGQ3LTk1MTMtNWMxOTQ0MmFhN2Q4IiwiZXhwIjoxNTMxMjI3NDcwLCJpYXQiOjE1MzEyMjcxNzB9.1cXrVEk9X282dny4JAlCRUn2QESxEkBCpV12Bsr0JLM76kJe7xkaEjLkdwrulG88-Byn7ISZWEehS5jfIjOY7w ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:22 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: clientSecretPostAuthenticationMethod ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_post", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1196 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E52C.598E.2E4F.381C", "client_secret": "21914f51-6ff7-456b-ba81-816f50f35383", "registration_access_token": "be9c0ce2-90cc-4ae1-b2b7-ed55fbdc0654", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E52C.598E.2E4F.381C", "client_id_issued_at": 1531227142, "client_secret_expires_at": 1531313542, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_post", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E52C.598E.2E4F.381C&client_secret=21914f51-6ff7-456b-ba81-816f50f35383 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"a1cd8ce8-43db-440f-b2d6-7620c9a46a4b","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E52C.598E.2E4F.381C","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: clientSecretPostAuthenticationMethodFail1 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_post", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1241 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:22 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0055.4E6D.3032.1EF5", "client_secret": "1f4a915d-0cea-488d-b22c-7c195a37ec10", "registration_access_token": "57967b20-4180-487c-9a56-dcfb876471f7", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0055.4E6D.3032.1EF5", "client_id_issued_at": 1531227142, "client_secret_expires_at": 1531313542, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_post", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210055.4E6D.3032.1EF5&client_secret=INVALID_CLIENT_SECRET ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:23 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: clientSecretPostAuthenticationMethodFail2 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_post", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1241 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:23 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9804.E036.36D6.0BBA", "client_secret": "9b520133-81fa-44ba-ae4c-6579579dab30", "registration_access_token": "18d2486f-00d1-43db-babe-0e3e4534c45b", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9804.E036.36D6.0BBA", "client_id_issued_at": 1531227143, "client_secret_expires_at": 1531313543, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_post", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%219804.E036.36D6.0BBA ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:23 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: clientSecretPostAuthenticationMethodFail3 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "client_secret_post", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1241 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:23 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3310.0F5A.518F.A5B1", "client_secret": "8f5096e9-6f31-434b-a986-69508d1250c2", "registration_access_token": "75692ba0-eca2-406d-8e57-b07a6f630b40", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3310.0F5A.518F.A5B1", "client_id_issued_at": 1531227143, "client_secret_expires_at": 1531313543, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_post", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:23 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: defaultAuthenticationMethod ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1197 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:23 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4743.C596.B1AD.B7DF", "client_secret": "0ba0eee5-41e6-4eb6-b5c4-d64a0a461688", "registration_access_token": "6ba332f1-772c-4777-901e-01c8c88dc6ea", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4743.C596.B1AD.B7DF", "client_id_issued_at": 1531227143, "client_secret_expires_at": 1531313543, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxNDc0My5DNTk2LkIxQUQuQjdERjowYmEwZWVlNS00MWU2LTRlYjYtYjVjNC1kNjRhMGE0NjE2ODg= grant_type=client_credentials&scope=clientinfo ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:23 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"7b0783cf-6783-4c46-9c00-31823728f9a4","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:23 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4743.C596.B1AD.B7DF","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: defaultAuthenticationMethodFail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1242 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:23 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!348B.7E90.A271.A5F8", "client_secret": "34a4c5f7-8ef1-4252-82fb-85d93593cc70", "registration_access_token": "12b37752-028b-4df1-b4df-ca4de219d345", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!348B.7E90.A271.A5F8", "client_id_issued_at": 1531227143, "client_secret_expires_at": 1531313543, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMzQ4Qi43RTkwLkEyNzEuQTVGODpJTlZBTElEX0NMSUVOVF9TRUNSRVQ= grant_type=client_credentials&scope=clientinfo ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:23 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: privateKeyJwtAuthenticationMethodES256 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1276 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:23 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!353B.526C.2646.C501", "client_secret": "2bdb8ef8-cde1-4ba7-94d1-2ff5eb91b655", "registration_access_token": "14c62666-0cdc-4bce-aab3-80a2d051266c", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!353B.526C.2646.C501", "client_id_issued_at": 1531227143, "client_secret_expires_at": 1531313543, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzNTNCLjUyNkMuMjY0Ni5DNTAxIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMzUzQi41MjZDLjI2NDYuQzUwMSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZjkyNTkyODUtMjJiOS00MDNiLWFmMTQtNTJiY2YxNDA3YmE0IiwiZXhwIjoxNTMxMjI3NDcxLCJpYXQiOjE1MzEyMjcxNzF9.MEQCIAsW_qG4fK48DPRy52Ufn1TqRDv94zwAV06ffYxAUh7-AiBGaKI8nWK01so9TcWiiXIHYviLJ7L8zbI7YsDuzmAOvw ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:24 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"7a4cb838-41b0-40a3-8196-4e1d3373daa8","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:24 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!353B.526C.2646.C501","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: privateKeyJwtAuthenticationMethodES256Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1321 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:24 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A685.6907.50DE.29E3", "client_secret": "bd4a477f-ed3b-45c7-9063-cf7974633fd8", "registration_access_token": "f780fe3a-e246-4c83-8f45-af7c790c1ba6", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!A685.6907.50DE.29E3", "client_id_issued_at": 1531227144, "client_secret_expires_at": 1531313544, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } 08:52:52.141 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1312) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:124) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:583) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:719) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:989) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:125) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.14.3.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:648) [testng-6.14.3.jar:?] at org.testng.TestRunner.run(TestRunner.java:505) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:455) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:450) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:415) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:364) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:84) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1208) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1137) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1049) [testng-6.14.3.jar:?] at org.testng.TestNG.run(TestNG.java:1017) [testng-6.14.3.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] ------------------------------------------------------- REQUEST: ------------------------------------------------------- 08:52:52.258 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?] at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?] at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?] at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:776) [test-classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES256Fail(ClientCredentialsGrantHttpTest.java:1314) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:124) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:583) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:719) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:989) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:125) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.14.3.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:648) [testng-6.14.3.jar:?] at org.testng.TestRunner.run(TestRunner.java:505) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:455) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:450) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:415) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:364) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:84) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1208) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1137) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1049) [testng-6.14.3.jar:?] at org.testng.TestNG.run(TestNG.java:1017) [testng-6.14.3.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IkVTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFBNjg1LjY5MDcuNTBERS4yOUUzIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQTY4NS42OTA3LjUwREUuMjlFMyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiODM0YmUxNTAtY2M1YS00NTIxLWIzNzEtYjNhNDgwMWEyNzY1IiwiZXhwIjoxNTMxMjI3NDcyLCJpYXQiOjE1MzEyMjcxNzJ9. ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:24 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: privateKeyJwtAuthenticationMethodES384 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1276 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:24 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!19AD.9EFD.C35B.6E77", "client_secret": "72a9d8b6-a75a-4aa0-be61-b94a7c182566", "registration_access_token": "fac3cfe3-caad-4649-aa0a-ccc0410d702e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!19AD.9EFD.C35B.6E77", "client_id_issued_at": 1531227144, "client_secret_expires_at": 1531313544, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExOUFELjlFRkQuQzM1Qi42RTc3Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMTlBRC45RUZELkMzNUIuNkU3NyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZDczZWNmYTMtNGRlNS00ZTliLThmMDMtOWZhOWU3OGQ5MDVjIiwiZXhwIjoxNTMxMjI3NDcyLCJpYXQiOjE1MzEyMjcxNzJ9.MGQCMH7brWYaifg8HRCets4iDXHAl2LGSh7C58bu23f0ThCVgmWfqP0EGIW5PF--bp4a7AIwS7SCgEqSN1jmn2vG4j6zYcc75GKCkNdNoYNcVQ-nIoLHCetZEp8gNMvu_QapDoAj ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:24 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"3d925fdc-a2e5-42ce-b5bd-c10206a4d75e","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!19AD.9EFD.C35B.6E77","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: privateKeyJwtAuthenticationMethodES384Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1321 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!47C8.5AD6.BFE6.DE99", "client_secret": "ddc379f1-1858-4e34-b052-2b9aed1ef936", "registration_access_token": "a73927e0-2cbb-445e-ac5c-79fcb0e3211d", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!47C8.5AD6.BFE6.DE99", "client_id_issued_at": 1531227145, "client_secret_expires_at": 1531313545, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } 08:52:52.780 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1437) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:124) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:583) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:719) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:989) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:125) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.14.3.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:648) [testng-6.14.3.jar:?] at org.testng.TestRunner.run(TestRunner.java:505) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:455) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:450) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:415) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:364) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:84) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1208) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1137) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1049) [testng-6.14.3.jar:?] at org.testng.TestNG.run(TestNG.java:1017) [testng-6.14.3.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] ------------------------------------------------------- REQUEST: ------------------------------------------------------- 08:52:52.895 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?] at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?] at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?] at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:776) [test-classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES384Fail(ClientCredentialsGrantHttpTest.java:1439) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:124) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:583) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:719) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:989) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:125) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.14.3.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:648) [testng-6.14.3.jar:?] at org.testng.TestRunner.run(TestRunner.java:505) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:455) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:450) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:415) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:364) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:84) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1208) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1137) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1049) [testng-6.14.3.jar:?] at org.testng.TestNG.run(TestNG.java:1017) [testng-6.14.3.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6IkVTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0N0M4LjVBRDYuQkZFNi5ERTk5Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNDdDOC41QUQ2LkJGRTYuREU5OSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNGZlMDdlZTYtN2ExZS00MjM4LThiM2EtMGUwMjAxOWI1ZTg1IiwiZXhwIjoxNTMxMjI3NDcyLCJpYXQiOjE1MzEyMjcxNzJ9. ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:25 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: privateKeyJwtAuthenticationMethodES512 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1276 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3921.0F2A.F835.4F16", "client_secret": "feaf5f9a-331a-4b77-a8de-095a2842f2ce", "registration_access_token": "e6f70c4a-a211-4101-a9b7-b09e1d5853bc", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3921.0F2A.F835.4F16", "client_id_issued_at": 1531227145, "client_secret_expires_at": 1531313545, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzOTIxLjBGMkEuRjgzNS40RjE2Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMzkyMS4wRjJBLkY4MzUuNEYxNiIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYTMwZjUwNmItYzY5MS00NjU3LWIwZGYtNTQxYzljY2JmMWRmIiwiZXhwIjoxNTMxMjI3NDczLCJpYXQiOjE1MzEyMjcxNzN9.MIGHAkIBqaS79Q4uWsSOCDg-eHkGAzw3pw-WEMELyNj3EVGmc_sXanGAf7CeRo_XYmEbKyo4lR5T5_a9eedIKh2QfQzCghgCQX2x27LPsLaDT4AMRrWdquf2kTwSYB6WlINNeDnEzG3mxN5cpYraV1qSBcjGLKLnDVVQWzZhfMBQ0ILMsq0TFhn9 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"5c3b1822-48bf-4c86-8b88-09c7336728a1","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3921.0F2A.F835.4F16","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: privateKeyJwtAuthenticationMethodES512Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1321 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:25 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0279.95C8.56AB.126A", "client_secret": "b1884443-f369-4895-ab9f-feab4d83dd46", "registration_access_token": "a2172757-5641-4365-8293-0d1ba04f2be3", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0279.95C8.56AB.126A", "client_id_issued_at": 1531227145, "client_secret_expires_at": 1531313545, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } 08:52:53.399 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1562) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:124) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:583) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:719) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:989) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:125) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.14.3.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:648) [testng-6.14.3.jar:?] at org.testng.TestRunner.run(TestRunner.java:505) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:455) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:450) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:415) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:364) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:84) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1208) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1137) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1049) [testng-6.14.3.jar:?] at org.testng.TestNG.run(TestNG.java:1017) [testng-6.14.3.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] ------------------------------------------------------- REQUEST: ------------------------------------------------------- 08:52:53.516 [main] ERROR org.xdi.oxauth.client.TokenRequest - cannot identify EC private key: java.lang.NullPointerException java.security.InvalidKeyException: cannot identify EC private key: java.lang.NullPointerException at org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil.generatePrivateKeyParameter(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at org.bouncycastle.jcajce.provider.asymmetric.ec.SignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?] at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?] at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?] at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:776) [test-classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodES512Fail(ClientCredentialsGrantHttpTest.java:1564) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:124) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:583) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:719) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:989) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:125) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.14.3.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:648) [testng-6.14.3.jar:?] at org.testng.TestRunner.run(TestRunner.java:505) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:455) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:450) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:415) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:364) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:84) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1208) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1137) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1049) [testng-6.14.3.jar:?] at org.testng.TestNG.run(TestNG.java:1017) [testng-6.14.3.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IkVTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwMjc5Ljk1QzguNTZBQi4xMjZBIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghMDI3OS45NUM4LjU2QUIuMTI2QSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNTUyZmNjY2UtZDdkMi00ZDkxLWJhZWUtNjQ1MGQ0NGQ3NjczIiwiZXhwIjoxNTMxMjI3NDczLCJpYXQiOjE1MzEyMjcxNzN9. ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:25 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: privateKeyJwtAuthenticationMethodRS256 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1276 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBC0.669C.1484.627A", "client_secret": "aadfddcd-16c7-4c12-88ab-b5b8cca92acc", "registration_access_token": "d548a31c-363f-4df7-8aff-a66eb61ec557", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBC0.669C.1484.627A", "client_id_issued_at": 1531227146, "client_secret_expires_at": 1531313546, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEQkMwLjY2OUMuMTQ4NC42MjdBIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghREJDMC42NjlDLjE0ODQuNjI3QSIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMWU2OTRjNjItNDQ3YS00N2E1LWFmNzYtMDI1M2E2ZmZlM2ZmIiwiZXhwIjoxNTMxMjI3NDczLCJpYXQiOjE1MzEyMjcxNzN9.mV39TTooW3unBqGi1MAkNn6FmzUO37bVbmJTdMT8o6FrfuvLLJOK6UG5YoCNS4FBV2vwKWqBbFK7Wm2RddU47wP2xEQ0GrBBkgbTh70dx-gVoeEyxxG8TWa4teIZGWI2HG9JOhfj6umnUUFnSM-04A441-4UnbFwd8nqcOdISBqv-3ICDrdLf7NbscGDL6Mj6KBrQFIK4PqGitqINMVR_sJ-6LTzq2jQxXT5Q-HsSicRHDlAbyazsHgyxCbQ83z_PhB1QXA0pfewcvoFEtvi1mZL9GW0WeCMnA9c1SUTbwrxNrZQ9g0FVNf5FaKl3PeMX-W8bX4ioEaEDIM8H_qDKg ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"247171e0-8e36-489a-be35-ec1607e92d58","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!DBC0.669C.1484.627A","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: privateKeyJwtAuthenticationMethodRS256Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1321 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F22F.6CEC.6529.A46D", "client_secret": "4dfc6bbf-2b72-4e11-a8b8-7f02bd4f6964", "registration_access_token": "04acc7f2-cb65-4548-902f-f7a8bc5b1542", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!F22F.6CEC.6529.A46D", "client_id_issued_at": 1531227146, "client_secret_expires_at": 1531313546, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } 08:52:53.971 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:937) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:124) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:583) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:719) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:989) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:125) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.14.3.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:648) [testng-6.14.3.jar:?] at org.testng.TestRunner.run(TestRunner.java:505) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:455) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:450) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:415) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:364) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:84) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1208) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1137) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1049) [testng-6.14.3.jar:?] at org.testng.TestNG.run(TestNG.java:1017) [testng-6.14.3.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] ------------------------------------------------------- REQUEST: ------------------------------------------------------- 08:52:54.088 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?] at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?] at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?] at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:776) [test-classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS256Fail(ClientCredentialsGrantHttpTest.java:939) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:124) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:583) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:719) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:989) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:125) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.14.3.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:648) [testng-6.14.3.jar:?] at org.testng.TestRunner.run(TestRunner.java:505) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:455) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:450) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:415) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:364) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:84) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1208) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1137) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1049) [testng-6.14.3.jar:?] at org.testng.TestNG.run(TestNG.java:1017) [testng-6.14.3.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IlJTMjU2U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFGMjJGLjZDRUMuNjUyOS5BNDZEIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghRjIyRi42Q0VDLjY1MjkuQTQ2RCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiYzAxOTAyMmYtZDQ0NC00ODE1LWI1NzQtYzk2NTQyODQyZmI5IiwiZXhwIjoxNTMxMjI3NDc0LCJpYXQiOjE1MzEyMjcxNzR9. ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:26 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: privateKeyJwtAuthenticationMethodRS384 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1276 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9164.7CA3.52C0.2EC3", "client_secret": "62d4198e-f87e-4214-82cb-885b46afed88", "registration_access_token": "646d0bf5-b706-439d-80de-9983f2d3cb89", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9164.7CA3.52C0.2EC3", "client_id_issued_at": 1531227146, "client_secret_expires_at": 1531313546, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE5MTY0LjdDQTMuNTJDMC4yRUMzIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghOTE2NC43Q0EzLjUyQzAuMkVDMyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiNzNkZmQ4YzQtZTZhOC00OGFmLWEwNGMtZWJjMWEzNGMwZjdjIiwiZXhwIjoxNTMxMjI3NDc0LCJpYXQiOjE1MzEyMjcxNzR9.p8jVisQ_EGitkO_SRMxuu8J7IoiJrAqf6B4_s6JSQdM-N_9pTfdbo_DIVNhUaUREe5bBYQ9xbD_-pMUj3lZYIgMc07G0aTmoqRVMhxCF56UeKCLYnf4aH9VuBBvMK8wsdrXsV-KS5iWojL1oBXAz5xMkbdmSKLRR30nHae5kDIPcIIf0coTVDfwto8Fbm4wnYery5HuAMCYiHvU1QmAfs4rNGmmZn3x6SMPG1KOyEx2caN8qXo40FdylrB9sY33RfhSrMvxeAo0FjiypPLuoHxL4gPo2QesB9vm77gdxe7LhtdT2HCFwm6eTBm5fgeGoM7U-zQ7rZxlL_Yo70WJ4dg ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"76edf1d0-dc37-4523-9c7c-aeb7440e5a09","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!9164.7CA3.52C0.2EC3","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: privateKeyJwtAuthenticationMethodRS384Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1321 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:26 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!588D.B2CB.4A01.29B4", "client_secret": "3e3d2232-9d81-4127-832e-89c6ec54167b", "registration_access_token": "f80b650f-f012-4007-8e06-c4cfae44b8e3", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!588D.B2CB.4A01.29B4", "client_id_issued_at": 1531227146, "client_secret_expires_at": 1531313546, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } 08:52:54.518 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1062) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:124) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:583) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:719) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:989) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:125) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.14.3.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:648) [testng-6.14.3.jar:?] at org.testng.TestRunner.run(TestRunner.java:505) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:455) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:450) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:415) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:364) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:84) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1208) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1137) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1049) [testng-6.14.3.jar:?] at org.testng.TestNG.run(TestNG.java:1017) [testng-6.14.3.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] ------------------------------------------------------- REQUEST: ------------------------------------------------------- 08:52:54.637 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?] at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?] at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?] at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:776) [test-classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS384Fail(ClientCredentialsGrantHttpTest.java:1064) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:124) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:583) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:719) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:989) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:125) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.14.3.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:648) [testng-6.14.3.jar:?] at org.testng.TestRunner.run(TestRunner.java:505) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:455) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:450) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:415) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:364) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:84) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1208) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1137) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1049) [testng-6.14.3.jar:?] at org.testng.TestNG.run(TestNG.java:1017) [testng-6.14.3.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6IlJTMzg0U0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1ODhELkIyQ0IuNEEwMS4yOUI0Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNTg4RC5CMkNCLjRBMDEuMjlCNCIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZGE2N2Q2YTItYTJhYi00MmFlLWExNmItMDZhOGEwMGE5YjVhIiwiZXhwIjoxNTMxMjI3NDc0LCJpYXQiOjE1MzEyMjcxNzR9. ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:27 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: privateKeyJwtAuthenticationMethodRS512 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1276 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:27 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4E78.8D1D.DD7C.A907", "client_secret": "2b4cd19c-1dd8-441a-9df8-b2a7a127af21", "registration_access_token": "2fca03fe-de67-4367-8b3c-8004d413a604", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4E78.8D1D.DD7C.A907", "client_id_issued_at": 1531227147, "client_secret_expires_at": 1531313547, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["client_credentials"], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0RTc4LjhEMUQuREQ3Qy5BOTA3Iiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghNEU3OC44RDFELkREN0MuQTkwNyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiZmJmZjI1ZGYtMTQ4YS00ZDlmLWIyMzgtMjlhYjMwY2M1ZTNhIiwiZXhwIjoxNTMxMjI3NDc0LCJpYXQiOjE1MzEyMjcxNzR9.nhIsgITHH66EYipyGT1Q0Ubb9oVBkLRBsfcvijeDFe6J5-fGWFcka3RHfSIJxLv6qJuCXELIm-XyXZNHJhHZYGy2WsIn1zDXEEmw1oK6e3E839cIG-mRAyoeLnKD3eAFCk788HOD6VLD0jsZEcUsmWi5Ho5kMsVsorGV0kREMxgJ5JpOyxGiihtiFCxbglRO0pFAFZ9wY_ij9bt5RRm3SMbMFrCFY9PBN-NgaEOgkOWGNo-BHhjsJCI_IjaEhf6Ejj8TdoJTLa6_-vK-MjHYT-J1RsbaKeVshQKN7EJPKzFxQ0aUKGZZy0Jh1YegZSR0zBu7Pa_reHj1Xr53v1yogA ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 115 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:27 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"da204502-97c3-4543-aa11-5505d37fd939","token_type":"bearer","expires_in":299,"scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 375 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:27 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!4E78.8D1D.DD7C.A907","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["clientinfo"]} ####################################################### TEST: privateKeyJwtAuthenticationMethodRS512Fail ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "token_endpoint_auth_method": "private_key_jwt", "scope": "clientinfo" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1321 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:27 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CC26.D3D7.0625.D80C", "client_secret": "c6f217f1-09cd-41ed-9991-49357f437958", "registration_access_token": "6e144acc-0a4d-4816-bee6-09633be4e31c", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CC26.D3D7.0625.D80C", "client_id_issued_at": 1531227147, "client_secret_expires_at": 1531313547, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "jwks_uri": "https://ce-dev4.gluu.org/oxauth-client/test/resources/jwks.json", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "private_key_jwt", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "clientinfo", "claims": "" } 08:52:55.084 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenClient.exec(TokenClient.java:265) [classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS512Fail(ClientCredentialsGrantHttpTest.java:1187) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:124) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:583) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:719) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:989) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:125) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.14.3.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:648) [testng-6.14.3.jar:?] at org.testng.TestRunner.run(TestRunner.java:505) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:455) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:450) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:415) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:364) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:84) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1208) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1137) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1049) [testng-6.14.3.jar:?] at org.testng.TestNG.run(TestNG.java:1017) [testng-6.14.3.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] ------------------------------------------------------- REQUEST: ------------------------------------------------------- 08:52:55.204 [main] ERROR org.xdi.oxauth.client.TokenRequest - Supplied key (null) is not a RSAPrivateKey instance java.security.InvalidKeyException: Supplied key (null) is not a RSAPrivateKey instance at org.bouncycastle.jcajce.provider.asymmetric.rsa.DigestSignatureSpi.engineInitSign(Unknown Source) ~[bcprov-jdk15on-1.59.jar:1.59.0] at java.security.Signature$Delegate.engineInitSign(Signature.java:1174) ~[?:1.8.0_121] at java.security.Signature.initSign(Signature.java:527) ~[?:1.8.0_121] at org.xdi.oxauth.model.crypto.OxAuthCryptoProvider.sign(OxAuthCryptoProvider.java:171) ~[oxauth-model.jar:?] at org.xdi.oxauth.client.TokenRequest.getClientAssertion(TokenRequest.java:338) [classes/:?] at org.xdi.oxauth.client.TokenRequest.getQueryString(TokenRequest.java:409) [classes/:?] at org.xdi.oxauth.client.BaseClient.getRequestAsString(BaseClient.java:158) [classes/:?] at org.xdi.oxauth.client.ClientUtils.showClient(ClientUtils.java:25) [classes/:?] at org.xdi.oxauth.BaseTest.showClient(BaseTest.java:776) [test-classes/:?] at org.xdi.oxauth.ws.rs.ClientCredentialsGrantHttpTest.privateKeyJwtAuthenticationMethodRS512Fail(ClientCredentialsGrantHttpTest.java:1189) [test-classes/:?] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_121] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_121] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_121] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_121] at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:124) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeMethod(Invoker.java:583) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:719) [testng-6.14.3.jar:?] at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:989) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:125) [testng-6.14.3.jar:?] at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109) [testng-6.14.3.jar:?] at org.testng.TestRunner.privateRun(TestRunner.java:648) [testng-6.14.3.jar:?] at org.testng.TestRunner.run(TestRunner.java:505) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runTest(SuiteRunner.java:455) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:450) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.privateRun(SuiteRunner.java:415) [testng-6.14.3.jar:?] at org.testng.SuiteRunner.run(SuiteRunner.java:364) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) [testng-6.14.3.jar:?] at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:84) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesSequentially(TestNG.java:1208) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuitesLocally(TestNG.java:1137) [testng-6.14.3.jar:?] at org.testng.TestNG.runSuites(TestNG.java:1049) [testng-6.14.3.jar:?] at org.testng.TestNG.run(TestNG.java:1017) [testng-6.14.3.jar:?] at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGExecutor.java:281) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(TestNGXmlTestSuite.java:75) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestNGProvider.java:121) [surefire-testng-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) [surefire-booter-2.19.1.jar:2.19.1] at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) [surefire-booter-2.19.1.jar:2.19.1] POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org grant_type=client_credentials&scope=clientinfo&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6IlJTNTEyU0lHX0lOVkFMSURfS0VZSUQifQ.eyJpc3MiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDQzI2LkQzRDcuMDYyNS5EODBDIiwic3ViIjoiQCEzOEQ0LjQxMEMuMUQ0My44OTMyITAwMDEhMzdGMi5CNzQ0ITAwMDghQ0MyNi5EM0Q3LjA2MjUuRDgwQyIsImF1ZCI6Imh0dHBzOi8vY2UtZGV2NC5nbHV1Lm9yZy9veGF1dGgvcmVzdHYxL3Rva2VuIiwianRpIjoiMmMwZjZjNTgtYWMxNS00YTJjLTg1MmYtMzRkODAwY2U1OTg3IiwiZXhwIjoxNTMxMjI3NDc1LCJpYXQiOjE1MzEyMjcxNzV9. ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 401 Connection: Keep-Alive Content-Length: 586 Content-Type: application/json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:27 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains WWW-Authenticate: Basic realm="oxAuth" X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client","error_description":"Client authentication failed (e.g. unknown client, no client authentication included, or unsupported authentication method). The authorization server MAY return an HTTP 401 (Unauthorized) status code to indicate which HTTP authentication schemes are supported. If the client attempted to authenticate via the Authorization request header field, the authorization server MUST respond with an HTTP 401 (Unauthorized) status code, and include the WWW-Authenticate response header field matching the authentication scheme used by the client."} ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:27 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:27 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: requestClientInfoImplicitFlow ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:27 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E01D.B588.C53E.169D", "client_secret": "d81932e9-b55e-46df-8a37-97113ddb716a", "registration_access_token": "9b00bcc9-f3d8-4dc0-943f-7ec13ad7e5ec", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E01D.B588.C53E.169D", "client_id_issued_at": 1531227147, "client_secret_expires_at": 1531313547, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E01D.B588.C53E.169D&scope=clientinfo&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e77b6f11-0ce9-44a5-9755-a4e73d1f2e4b&nonce=c0d77699-e6df-4c5b-8540-a29608d34f41 08:52:55.648 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:6c764e80-5a59-41a5-8369-cc941b8945cd ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E01D.B588.C53E.169D&scope=clientinfo&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=e77b6f11-0ce9-44a5-9755-a4e73d1f2e4b&nonce=c0d77699-e6df-4c5b-8540-a29608d34f41 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=98de37fb-bc87-451b-bbeb-d96627c38e74&scope=clientinfo&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFMDFELkI1ODguQzUzRS4xNjlEIiwiZXhwIjoxNTMxMjMwNzQ5LCJpYXQiOjE1MzEyMjcxNDksIm5vbmNlIjoiYzBkNzc2OTktZTZkZi00YzViLTg1NDAtYTI5NjA4ZDM0ZjQxIiwiYXV0aF90aW1lIjoxNTMxMjI3MTQ5LCJhdF9oYXNoIjoiMHR3WE8xNldqVG9ySVZ4UEg0UnBtQSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InRQNkYwbWNMSnhnRTZXdjk0S19ZVGtlLU5QRW4zTEd6OFlDUUJFTWlocTgifQ.LMs7jFotgqDwhTG4GHRWRaA9WQteS54_X8rf3izW-H7ARpoZpg0tq2NUZq6LWEwKw3ACsxXjoPxCrZLnXdUGLZX94zd43mCdRFApuTLK3XDVXHcUombH82OBll2TcSCBf9epLzed2dtCBuDzzL_yh0uUTcfITqm4A6OvXrJTJrO_oQfmWrwwTlSJZ9LjS91bO_GUKtoZQevNOgnLqZQMw79G3eI-pERaPPtVwK8i4nVHoHMeKvVW0A7aoRjtAsB6wsFlSr90os1H5LlYv8OAYKlY1xm_Nr3U2gQ8d-rJM7nG1N0iXdpI7TseuOdt9FjaARN10a_R1iZ_s5Q3pLGtGQ&session_id=01681261-f0a2-457e-8465-3e73ea0db7b2&state=e77b6f11-0ce9-44a5-9755-a4e73d1f2e4b&token_type=bearer&session_state=6c764e80-5a59-41a5-8369-cc941b8945cd&expires_in=299 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 513 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:29 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E01D.B588.C53E.169D","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["permission","uma_protection","clientinfo","email","user_name","sub","org_name","address","openid","test_scope1","work_phone","phone","profile","test"]} ####################################################### TEST: requestClientInfoInvalidRequest ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 260 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:29 GMT Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter or parameter value, repeats the same parameter, uses more than one method for including an access token, or is otherwise malformed."} ####################################################### TEST: requestClientInfoInvalidToken ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 203 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:29 GMT Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_token","error_description":"The access token provided is expired, revoked, malformed, or invalid for other reasons. Try to request a new access token and retry the protected resource."} ####################################################### TEST: requestClientInfoPasswordFlow ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "grant_types": ["password"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1299 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:29 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2ABA.62B3.FDE5.BC47", "client_secret": "8b30668c-a6d9-4cd6-b81b-67b5e86e1b55", "registration_access_token": "577bca93-6fea-4475-a09a-5e8830a24022", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2ABA.62B3.FDE5.BC47", "client_id_issued_at": 1531227149, "client_secret_expires_at": 1531313549, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [], "grant_types": ["password"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxMkFCQS42MkIzLkZERTUuQkM0Nzo4YjMwNjY4Yy1hNmQ5LTRjZDYtYjgxYi02N2I1ZTg2ZTFiNTU= grant_type=password&scope=clientinfo&username=test_user&password=test_user_password ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 170 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:29 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"332fc199-8288-4479-9d3f-6f372c8dc594","token_type":"bearer","expires_in":299,"refresh_token":"3c111f12-daf1-4cf3-90ca-a2a95b332bdb","scope":"clientinfo"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/clientinfo HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 513 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:29 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"displayName":"oxAuth test app","inum":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!2ABA.62B3.FDE5.BC47","oxAuthAppType":"web","oxAuthIdTokenSignedResponseAlg":"RS256","oxAuthRedirectURI":["https:\/\/client.example.com\/cb2","https:\/\/client.example.com\/cb1","https:\/\/client.example.com\/cb","https:\/\/ce-dev4.gluu.org\/oxauth-rp\/home.htm"],"oxAuthScope":["permission","uma_protection","clientinfo","email","user_name","sub","org_name","address","openid","test_scope1","work_phone","phone","profile","test"]} ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:29 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:30 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: authorizationCodeFlow ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "scope": "openid profile address email phone user_name" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1347 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:30 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D51D.2317.262E.FA1A", "client_secret": "f2d061e8-0f8a-4689-9d6a-ce3d695b2d6e", "registration_access_token": "bd1fd4a4-585f-49b3-8e58-492d60e0df18", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D51D.2317.262E.FA1A", "client_id_issued_at": 1531227150, "client_secret_expires_at": 1531313550, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "openid profile address email phone user_name", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D51D.2317.262E.FA1A&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a5652f61-3a96-44eb-bde1-583f4e1acd30&nonce=35b0fb53-48a6-4ced-ac58-4fc8ad9543e3 08:52:57.919 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:e92de297-f781-4686-9b90-c32b3332bbe8 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D51D.2317.262E.FA1A&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=a5652f61-3a96-44eb-bde1-583f4e1acd30&nonce=35b0fb53-48a6-4ced-ac58-4fc8ad9543e3 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=185e0926-4fcd-41a2-9167-ccebfb547a52&scope=address+phone+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFENTFELjIzMTcuMjYyRS5GQTFBIiwiZXhwIjoxNTMxMjMwNzUxLCJpYXQiOjE1MzEyMjcxNTEsIm5vbmNlIjoiMzViMGZiNTMtNDhhNi00Y2VkLWFjNTgtNGZjOGFkOTU0M2UzIiwiYXV0aF90aW1lIjoxNTMxMjI3MTUxLCJjX2hhc2giOiJUNnhTMk9FZ2FWS005YmJnb3ZnMVhRIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoiTG5heFJRVVR3TEhmS2hUNGMwN0huU2NxXzNSZzJRcDloOEtDUUpqM1IyWSJ9.OQUuLCnNct1r-f-R4TRSagGbnjXL9SrFHTL_wxx-Gzg6LzsB60wcjekVJ50JKOh0s__DIpGhhb8rGxvMRNJgOY2HLidvDz5tKuiyq1V5M_Und_pFopXXxFvkVm5386Kgt9h6i_cUeFEO726FbLePKssnzaAjI0cC671tcR7ogSy61uCyf5K4EOKKh0-ishj-kPE6AaP2WCXPQx0INAcIc9Zm1SHbOXoT3GjaX63PfeogqCJrkCR7f_27ZcnNFuzkOyjItxZtUeD-9Xlpl2Z18hZZv0zE6LA_Ua-irYdgXVrSgDuDXB-giKOe0thZjjSIOc4gqPAhXFjaLO1efLRZLA&session_id=0c0a551d-943a-43d0-8aa4-ce3c192bbae9&state=a5652f61-3a96-44eb-bde1-583f4e1acd30&session_state=e92de297-f781-4686-9b90-c32b3332bbe8 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRDUxRC4yMzE3LjI2MkUuRkExQTpmMmQwNjFlOC0wZjhhLTQ2ODktOWQ2YS1jZTNkNjk1YjJkNmU= grant_type=authorization_code&code=185e0926-4fcd-41a2-9167-ccebfb547a52&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:31 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"c1669f52-7e28-4b4b-a09a-94718ed67565","token_type":"bearer","expires_in":299,"refresh_token":"ca133523-732f-45a0-8c52-de83c081deba","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFENTFELjIzMTcuMjYyRS5GQTFBIiwiZXhwIjoxNTMxMjMwNzUxLCJpYXQiOjE1MzEyMjcxNTEsIm5vbmNlIjoiMzViMGZiNTMtNDhhNi00Y2VkLWFjNTgtNGZjOGFkOTU0M2UzIiwiYXV0aF90aW1lIjoxNTMxMjI3MTUxLCJhdF9oYXNoIjoiWWNHT0l5VmZQVGppZVdNUUw0WXcyUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkxuYXhSUVVUd0xIZktoVDRjMDdIblNjcV8zUmcyUXA5aDhLQ1FKajNSMlkifQ.GimDrPDdWwchL3q_eOE1B6P9QoG6c0UztXCKhMk2q6uxisIDchwuZitIRc0wPhoX_sNBuhDC_9qRHjp9Hw9y5qLWkws9PlhoAeFDfRXqWf76iBryNxSn2lseCrRDbFnhFJGT7joF78P-gOQmCOlH7Kwovrxe64-7YvI9XBtI5n3tgGjHRp6y5qwqMsCPeXDhldP1PilvRuA3yyZBAgoeUnioWjRKW8g7U8zAqP-yhAhp0sGJ5Wbs6Kc8RSIabjL_JpwpqhnmHp3GoP5RHP0Bf4lqDndliRuPW-c1sFI8ydpmJ1fX7L0Hty41e77DMPLgAdDQCqvWx3NXAWHJV7_aYQ"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxRDUxRC4yMzE3LjI2MkUuRkExQTpmMmQwNjFlOC0wZjhhLTQ2ODktOWQ2YS1jZTNkNjk1YjJkNmU= grant_type=refresh_token&scope=address+phone+openid+user_name+profile+email&refresh_token=ca133523-732f-45a0-8c52-de83c081deba ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 204 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:31 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"506d4565-5dc8-4706-a790-1db2609dfd63","token_type":"bearer","expires_in":299,"refresh_token":"7aca9a6f-a3a7-40ec-a41b-88b558071c81","scope":"address phone openid user_name profile email"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer 506d4565-5dc8-4706-a790-1db2609dfd63 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 695 Content-Type: application/json;charset=utf-8 Date: Tue, 10 Jul 2018 12:52:31 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"LnaxRQUTwLHfKhT4c07HnScq_3Rg2Qp9h8KCQJj3R2Y","phone_number_verified":true,"phone_number":"(512) 516-2413","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"} ####################################################### TEST: testEncode1 ####################################################### ####################################################### TEST: testEncode2 ####################################################### ####################################################### TEST: testEncode3 ####################################################### ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:31 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:31 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: requestClientAssociate ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1354 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:32 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0CF4.71E2.BFED.20AD", "client_secret": "394536d9-e1d2-4080-b53d-8056de2e5418", "registration_access_token": "52dcbae9-d32a-4c94-aba5-fb6c3cafa557", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0CF4.71E2.BFED.20AD", "client_id_issued_at": 1531227152, "client_secret_expires_at": 1531313552, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": ["code"], "grant_types": [ "refresh_token", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } ####################################################### TEST: requestClientAssociateInBlackList ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": ["https://www.attacker.com"], "application_type": "web", "client_name": "oxAuth test app" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Cache-Control: no-store Connection: close Content-Length: 101 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:32 GMT Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_redirect_uri","error_description":"Value of one or more redirect_uris is invalid."} ####################################################### TEST: testUrlPatterList ####################################################### ####################################################### TEST: requestClientUpdate ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 400 Connection: close Content-Length: 282 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:32 GMT Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"error":"invalid_client_metadata","error_description":"The value of one of the Client Metadata fields is invalid and the server has rejected this request. Note that an Authorization Server MAY choose to substitute a valid value for any requested parameter of a Client's Metadata."} ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:32 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:32 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:32 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } ####################################################### TEST: OpenID Connect Configuration ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:32 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:32 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:32 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: enableClientToRestrictJavascriptOrigin ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "code", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "authorized_origins": ["https://ce.gluu.info:8443"], "scope": "openid profile address email phone user_name" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1404 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:32 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CA0B.5739.DF3B.6B3A", "client_secret": "6d1e121e-2279-4e94-8aa4-8007fee0a781", "registration_access_token": "b171c386-8fd7-446e-b48a-9f75fc1b3fed", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CA0B.5739.DF3B.6B3A", "client_id_issued_at": 1531227152, "client_secret_expires_at": 1531313552, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "code", "id_token", "token" ], "grant_types": [ "refresh_token", "implicit", "authorization_code" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "authorized_origins": ["https://ce.gluu.info:8443"], "frontchannel_logout_session_required": false, "scope": "openid profile address email phone user_name", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CA0B.5739.DF3B.6B3A&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1b3a516a-7033-48db-9d01-296522e1e908&nonce=3be13236-744c-4c87-81b8-e4fb522d9493 08:53:00.487 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:b5c63269-4e31-48d4-9e9b-f3b12d9de424 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=code+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CA0B.5739.DF3B.6B3A&scope=openid+profile+address+email+phone+user_name&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=1b3a516a-7033-48db-9d01-296522e1e908&nonce=3be13236-744c-4c87-81b8-e4fb522d9493 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#code=423acb70-667b-448c-8c63-ec8dd356e6a1&scope=address+phone+openid+user_name+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDQTBCLjU3MzkuREYzQi42QjNBIiwiZXhwIjoxNTMxMjMwNzU0LCJpYXQiOjE1MzEyMjcxNTQsIm5vbmNlIjoiM2JlMTMyMzYtNzQ0Yy00Yzg3LTgxYjgtZTRmYjUyMmQ5NDkzIiwiYXV0aF90aW1lIjoxNTMxMjI3MTU0LCJjX2hhc2giOiI5clFPQV9YQk1fNzVxYzlMRXNTYlhnIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIiwic3ViIjoieGhfM2dvaDh6UHlvNmdzczBmUkZ0SXEwMUJDZG1NMGdZUE1mQWRzbVR6TSJ9.VJfr4xuoLnTatu09sEZlXlxrgw20hgPbF4Ze3a5pQ4IXDJQMQI8qZa7g9HZw6NLbfPgGFAcYLq9RtGbVh7T1nuckqndudfGdZsimgW1M5VvaDXlh-MRz5zSUVmvjElpJqdmbsCwA-a2tpTN0faAc9DbeHCzvMclSq7NeHFoW047WPQ4l5Ah5tK9pfke9aPLjfDhUjNkuqAIsIKCUnOiBen2oq2NqXA4V5iQBrTeYdG65iJbhzw_uSKbAAspbe_BXe_GqvxdZExiyuDHRS8LNPJoU-ZAArFCIOi-_JBooEWAcw1dOxCxqacvtTtpJ8WxPrbfGdNqW5gtPeYFdhb8LxA&session_id=37e1537d-8e02-49a6-93da-457dc73ae906&state=1b3a516a-7033-48db-9d01-296522e1e908&session_state=b5c63269-4e31-48d4-9e9b-f3b12d9de424 ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQ0EwQi41NzM5LkRGM0IuNkIzQTo2ZDFlMTIxZS0yMjc5LTRlOTQtOGFhNC04MDA3ZmVlMGE3ODE= grant_type=authorization_code&code=423acb70-667b-448c-8c63-ec8dd356e6a1&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1057 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"d492eb96-d47b-4eeb-8f64-8be3bbab1e96","token_type":"bearer","expires_in":299,"refresh_token":"015583d4-a84c-4c29-a52b-9f7fd84d6d85","id_token":"eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDQTBCLjU3MzkuREYzQi42QjNBIiwiZXhwIjoxNTMxMjMwNzU0LCJpYXQiOjE1MzEyMjcxNTQsIm5vbmNlIjoiM2JlMTMyMzYtNzQ0Yy00Yzg3LTgxYjgtZTRmYjUyMmQ5NDkzIiwiYXV0aF90aW1lIjoxNTMxMjI3MTU0LCJhdF9oYXNoIjoiTF9WR0ZoVEhvR20yV0YtX0plYzZodyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InhoXzNnb2g4elB5bzZnc3MwZlJGdElxMDFCQ2RtTTBnWVBNZkFkc21Uek0ifQ.HPM2JUJoYBFAF_fGBseRiSqzAwKoIiXnbluMUrQPmzQRKADhTF4ma41i0AOdsLcB9XocVeIV7bKf8OcJFuqYB-CotNxNXN2Qr2yx83CAhKAB6LR8sUwIJ6cWvsnd7BzG3y_STl1Flr3srG35bbuF2J8jc80nwkjqXBODbSVU6ts2E1yra48r4UOaVbseN9pWT3sR65g9MMgIlNS4AuIJl00mNE0AE0kLNNTJWbu0sUp4nqVY07PNr7QeKA_rcSKn7YlxClgow6GXDYHaLDdvRW6231xRo0pqcAsWvdLSf0lTc4eNQaFNelMhpMMXN0NdrPJX2yz3pi7nWv7kk0eC8w"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/token HTTP/1.1 Content-Type: application/x-www-form-urlencoded Host: ce-dev4.gluu.org Authorization: Basic JTQwJTIxMzhENC40MTBDLjFENDMuODkzMiUyMTAwMDElMjEzN0YyLkI3NDQlMjEwMDA4JTIxQ0EwQi41NzM5LkRGM0IuNkIzQTo2ZDFlMTIxZS0yMjc5LTRlOTQtOGFhNC04MDA3ZmVlMGE3ODE= grant_type=refresh_token&scope=address+phone+openid+user_name+profile+email&refresh_token=015583d4-a84c-4c29-a52b-9f7fd84d6d85 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 204 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"access_token":"a3cbef0b-682a-49e2-9d55-ba0413514464","token_type":"bearer","expires_in":299,"refresh_token":"9b0b93b8-0b77-490c-8feb-d1079d803541","scope":"address phone openid user_name profile email"} ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/userinfo HTTP/1.1 Host: ce-dev4.gluu.org Authorization: Bearer a3cbef0b-682a-49e2-9d55-ba0413514464 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store, private Connection: Keep-Alive Content-Length: 695 Content-Type: application/json;charset=utf-8 Date: Tue, 10 Jul 2018 12:52:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block {"address":{"street_address":"621 East 6th Street","country":"US","locality":"Austin","region":"Texas"},"sub":"xh_3goh8zPyo6gss0fRFtIq01BCdmM0gYPMfAdsmTzM","phone_number_verified":true,"phone_number":"(512) 516-2413","user_name":"test_user","website":"http://www.gluu.org","zoneinfo":"America/Chicago","birthdate":"19830106010101.253Z","gender":"Male","profile":"http://www.mywebsite.com/profile","preferred_username":"user","given_name":"Test","middle_name":"User","locale":"en-US","picture":"http://www.gluu.org/wp-content/uploads/2012/04/mike3.png","updated_at":1526659613066,"name":"oxAuth Test User","nickname":"user","family_name":"User","email_verified":true,"email":"test_user@test.org"} ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:34 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:34 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: encodeClaimsInStateParameterAlgA128KWEncA128GCM ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:34 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!80D5.461E.ADC0.04AC", "client_secret": "285d3492-a275-4ac0-8790-3ed173c51fd7", "registration_access_token": "c479f53f-6746-4cd0-8add-9afdd27b5cb5", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!80D5.461E.ADC0.04AC", "client_id_issued_at": 1531227154, "client_secret_expires_at": 1531313554, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2180D5.461E.ADC0.04AC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.q6JshulJiyvOXgQNHSsUnKOtjqnlBoJ1.bIgHC1UpTEYSCoDN.Aj92s9XxGgnPMA6is0xzC3Pw8pDZVYi_FaS4G0QexFpO97boG04BVyoWZOU0AvJaz4ygrni0WoUup20RVFra0tY3hdafKDInHOzJ497t1UCFp6tN3Bv12rHkldfDQAESKBXxe_VCMenjRCzGXn97ppcbMbjq8ZPlNXIspJJATESWUmUXUfA93NT29naOKYnUKdZxhosgt4Vo6gGj9679iI0xj7Hs7GJwLXV3yCFtrOWDB5xci4hztQN7BUR5G8jZqwkLtPeKdZk8dIhWOhWe4VckATf3agY9HROiQbKxGcLS94rIPRd-C1ANEBzHAF1tJF3IQGjbNg.dOWu6gMDueowZyu1MyRYSw&nonce=747fe711-7f7c-41ff-9d27-247eec535b75 08:53:02.847 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:c14c7ddf-0d6f-4294-8f5f-cebe1de14adb ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2180D5.461E.ADC0.04AC&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.q6JshulJiyvOXgQNHSsUnKOtjqnlBoJ1.bIgHC1UpTEYSCoDN.Aj92s9XxGgnPMA6is0xzC3Pw8pDZVYi_FaS4G0QexFpO97boG04BVyoWZOU0AvJaz4ygrni0WoUup20RVFra0tY3hdafKDInHOzJ497t1UCFp6tN3Bv12rHkldfDQAESKBXxe_VCMenjRCzGXn97ppcbMbjq8ZPlNXIspJJATESWUmUXUfA93NT29naOKYnUKdZxhosgt4Vo6gGj9679iI0xj7Hs7GJwLXV3yCFtrOWDB5xci4hztQN7BUR5G8jZqwkLtPeKdZk8dIhWOhWe4VckATf3agY9HROiQbKxGcLS94rIPRd-C1ANEBzHAF1tJF3IQGjbNg.dOWu6gMDueowZyu1MyRYSw&nonce=747fe711-7f7c-41ff-9d27-247eec535b75 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=531f9aa9-955b-454d-9420-01062a5c1f76&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE4MEQ1LjQ2MUUuQURDMC4wNEFDIiwiZXhwIjoxNTMxMjMwNzU2LCJpYXQiOjE1MzEyMjcxNTYsIm5vbmNlIjoiNzQ3ZmU3MTEtN2Y3Yy00MWZmLTlkMjctMjQ3ZWVjNTM1Yjc1IiwiYXV0aF90aW1lIjoxNTMxMjI3MTU2LCJhdF9oYXNoIjoiUmx0UHVTdTA3dUp0Y0pqcG5NTWVYdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlZHNW9VRzBQQm9Zc3BHZUh3ZFQ5TW95Y2d5bWJGRjJhU0FXanMweXEzMlEifQ.PZ1QPOzdftnPh5kVPplShHC0VonzrkBUyMX6lKOQ-V1r8UMI3hhIYEwHAL-hMGnv1s4lw_UsKABu87VnUCp2T8Ouls1qKS1ZTcob0Pnvnulk6jLYwXP2T9JejGEYI-QK6US-whsEtkzEuH1_c6BsDuXy08SASy0usikgZ7tQkd4dM42rqz7YKyfpE4A2UOwHFEo4X7DPLN4OYs9wFEDMKkVascifcK8GPRdcNLs7AFKXIGfi4JA0ouZtTte9sIXkOg6rmzvh3R--cqBJxYHBq1vL4QvNrDHGnTJQvLFEG_fqhMgYuNvnrnqMOO8KHzZ98LXREsGEZwiXxaJEOk16sA&session_id=79865dc1-0805-4dba-82d5-d0e400fed573&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.q6JshulJiyvOXgQNHSsUnKOtjqnlBoJ1.bIgHC1UpTEYSCoDN.Aj92s9XxGgnPMA6is0xzC3Pw8pDZVYi_FaS4G0QexFpO97boG04BVyoWZOU0AvJaz4ygrni0WoUup20RVFra0tY3hdafKDInHOzJ497t1UCFp6tN3Bv12rHkldfDQAESKBXxe_VCMenjRCzGXn97ppcbMbjq8ZPlNXIspJJATESWUmUXUfA93NT29naOKYnUKdZxhosgt4Vo6gGj9679iI0xj7Hs7GJwLXV3yCFtrOWDB5xci4hztQN7BUR5G8jZqwkLtPeKdZk8dIhWOhWe4VckATf3agY9HROiQbKxGcLS94rIPRd-C1ANEBzHAF1tJF3IQGjbNg.dOWu6gMDueowZyu1MyRYSw&token_type=bearer&session_state=c14c7ddf-0d6f-4294-8f5f-cebe1de14adb&expires_in=299 ####################################################### TEST: encodeClaimsInStateParameterAlgA256KWEncA256GCM ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:36 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3EEC.DAB5.22A1.6967", "client_secret": "575e7767-ee1c-47cb-9fa1-4415f0733e75", "registration_access_token": "284fb263-e1d7-44a3-b9b2-755edb0ab53f", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3EEC.DAB5.22A1.6967", "client_id_issued_at": 1531227157, "client_secret_expires_at": 1531313557, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213EEC.DAB5.22A1.6967&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.tkwMGQJ_PhtgAPlMXTS0zeeJfPJ7hoAEfV1hIpSQ5HCl6fgHDc3edA.3_hpuYHsQ3po4gQI.yeILgrNe6oHY2wkW_vL7hzK4w6RU-6xsu_xNvMI3Gvaidl72olTHxkwJFc1W6fBsCBm4Q44vd8Qn4etW25qix4ArDHE1tOZq5Ugqx7Dn_fP8yF9ofa01XF0Q0X-Q6qEO-WuU08icIUPs2xsw7w-LcmNQEF8jqqxzqUYdHZfaf3jw82vKvaIPQRZfc8QMDhr0T2f13Cd6vbWZCKLbeMfJKZHtlYqhg1Ou4LwgY0HR3jDxHRyqwpNZM4kHJfRqkZ8TWuBjUaQRE_BEJccWq_S6T2fijHhELUg3jn8uyJKQ327MDXVhAwfuIa3sC1EF3gtYUcUs17KX1Q.p4x0udT5nk2xcZz8VyUZ9w&nonce=eba51dba-45e0-4ec7-8ed3-5468d9829daa 08:53:04.788 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:fcde02a1-8231-4985-b403-ee4294d9cb5d ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213EEC.DAB5.22A1.6967&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.tkwMGQJ_PhtgAPlMXTS0zeeJfPJ7hoAEfV1hIpSQ5HCl6fgHDc3edA.3_hpuYHsQ3po4gQI.yeILgrNe6oHY2wkW_vL7hzK4w6RU-6xsu_xNvMI3Gvaidl72olTHxkwJFc1W6fBsCBm4Q44vd8Qn4etW25qix4ArDHE1tOZq5Ugqx7Dn_fP8yF9ofa01XF0Q0X-Q6qEO-WuU08icIUPs2xsw7w-LcmNQEF8jqqxzqUYdHZfaf3jw82vKvaIPQRZfc8QMDhr0T2f13Cd6vbWZCKLbeMfJKZHtlYqhg1Ou4LwgY0HR3jDxHRyqwpNZM4kHJfRqkZ8TWuBjUaQRE_BEJccWq_S6T2fijHhELUg3jn8uyJKQ327MDXVhAwfuIa3sC1EF3gtYUcUs17KX1Q.p4x0udT5nk2xcZz8VyUZ9w&nonce=eba51dba-45e0-4ec7-8ed3-5468d9829daa ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=3b946d9e-e5c0-4b14-bb4a-85735245beb3&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzRUVDLkRBQjUuMjJBMS42OTY3IiwiZXhwIjoxNTMxMjMwNzU4LCJpYXQiOjE1MzEyMjcxNTgsIm5vbmNlIjoiZWJhNTFkYmEtNDVlMC00ZWM3LThlZDMtNTQ2OGQ5ODI5ZGFhIiwiYXV0aF90aW1lIjoxNTMxMjI3MTU4LCJhdF9oYXNoIjoiUTQ5aTg2MlE2LUtCR0RpSVhFR1VXdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IjAyalRwcEJTblFPWmIxNTRFSUpyM3FtQnRmdGdJbEhudTBWU3hNM3Fpb00ifQ.jWx-XAZZKu2D_mSEYVACtrrSwffXZZFRWpSuw0k8jVQB7vROMQ7TjX-SytUpgM5197EdYLW6SvrTcWu06ktyOMnAl2v8f-hfnXHYTWcVBjQIsfmyK6f-OaIZSQi1SnXw9LSQFa72az7ZRhO23A_lUVxfwMQQ6p4CWa-p0Q5cQFiju51BCmADH-biUmQrUTjYtXEWKKevU_-YywRhksUJefohuQkkJlvbwfvfTS6eEmBbsibQH-Otg2fTg9QhR2LL6NwlPS87iu-YzCtPhoiv9y3jG9dg_nRm_PrHWTu9niznsl5N2XqNDYG6cx_WUW-4nTt_hiVBKnBiPXOQ_V6B6w&session_id=6b5ce04b-1cda-4261-b78c-62f8afa4d677&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.tkwMGQJ_PhtgAPlMXTS0zeeJfPJ7hoAEfV1hIpSQ5HCl6fgHDc3edA.3_hpuYHsQ3po4gQI.yeILgrNe6oHY2wkW_vL7hzK4w6RU-6xsu_xNvMI3Gvaidl72olTHxkwJFc1W6fBsCBm4Q44vd8Qn4etW25qix4ArDHE1tOZq5Ugqx7Dn_fP8yF9ofa01XF0Q0X-Q6qEO-WuU08icIUPs2xsw7w-LcmNQEF8jqqxzqUYdHZfaf3jw82vKvaIPQRZfc8QMDhr0T2f13Cd6vbWZCKLbeMfJKZHtlYqhg1Ou4LwgY0HR3jDxHRyqwpNZM4kHJfRqkZ8TWuBjUaQRE_BEJccWq_S6T2fijHhELUg3jn8uyJKQ327MDXVhAwfuIa3sC1EF3gtYUcUs17KX1Q.p4x0udT5nk2xcZz8VyUZ9w&token_type=bearer&session_state=fcde02a1-8231-4985-b403-ee4294d9cb5d&expires_in=299 ####################################################### TEST: encodeClaimsInStateParameterAlgRSA15EncA128CBCPLUSHS256 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:38 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5CB4.ECF5.F17D.F52D", "client_secret": "cca2d02b-669f-4236-989f-308ed6857daa", "registration_access_token": "cb1cc7a2-9cc9-42ea-ac57-463e8b717be8", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!5CB4.ECF5.F17D.F52D", "client_id_issued_at": 1531227158, "client_secret_expires_at": 1531313558, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215CB4.ECF5.F17D.F52D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDK0hTMjU2Iiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.frMBLnWIl52VjD_QHv0iQ1irqnoMaeJ-GGrdOBt4Gqb7ICzDvsDtp-TF7OvCJyL8L5xKlZEpym_3MisIj5BPAs_Dt3AWDVfT35TBvcDp32en2sJJs8BP4C1WIRh8VHkDFhzDTFZUTZB9bUrutWsdhtfX4yHx_bQOQ9YcTCb4Mc42WxsQKZSEjCQUWcKAkSXl6ABGzRNgOKq_y2vmwj9sxVa1RP1R2HFOBowcuBkRGvfrYqoaVH0ZQhmdpY9NYxcX2JrjMMqTdToecO9f7OEJ825EG3vMlwrKRNdUuTpUoWCOJu_sO8lAe_PWCucM4MJtoO887McgpBlHllndIu776g.gjb4uU6A_wwKdKpiE6I2pg.XjVfWPUKVBbgy_WOn4pRjR_iHmWp2_CL_yqwTl3piNloWwu33eEGhe7pBGBG_Xe-8ADaXOoBP7GclsVXUzA7zzKcv676-sT-EM8ufEOa5eQ9qJ02ZlbnELLdZWmvDVRAhAHWs4h5E6QUT96TcwFTCQHJKsEHl7fSddHyGWMPGzs_wlfNUJEZ5PVAh3n8UQxRsqv4WBqaCQFkTur1l5fx-PqvBj4agBDutjWMrh14nFT3XvCPhtWX4btGCMG4oSCNAiTS78XiCxB7PI56R6d0ZpwV-nIeEbWWnxQ65jB9NxoseClc7PX-Fg5CjHWCETqL6AjsLnPBkb2i5tJpG1greMEmlaYeH7iQuXhlQJUXdOl7IK-dIVNrvXe0Hp7W_FAyWSH6ezN6J8RIE5djcx67UwrBIyS_COa9KlWe3vZOmmY.C8zKvIaPoF3JPEGOgCglF9lLt-RYtm43x7J_jSdXplo&nonce=88f858ab-ec0f-442f-ade6-1d1fd0f02eb1 08:53:06.531 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:569a3431-ff02-4b59-a2a3-16c1fd304364 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%215CB4.ECF5.F17D.F52D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDK0hTMjU2Iiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.frMBLnWIl52VjD_QHv0iQ1irqnoMaeJ-GGrdOBt4Gqb7ICzDvsDtp-TF7OvCJyL8L5xKlZEpym_3MisIj5BPAs_Dt3AWDVfT35TBvcDp32en2sJJs8BP4C1WIRh8VHkDFhzDTFZUTZB9bUrutWsdhtfX4yHx_bQOQ9YcTCb4Mc42WxsQKZSEjCQUWcKAkSXl6ABGzRNgOKq_y2vmwj9sxVa1RP1R2HFOBowcuBkRGvfrYqoaVH0ZQhmdpY9NYxcX2JrjMMqTdToecO9f7OEJ825EG3vMlwrKRNdUuTpUoWCOJu_sO8lAe_PWCucM4MJtoO887McgpBlHllndIu776g.gjb4uU6A_wwKdKpiE6I2pg.XjVfWPUKVBbgy_WOn4pRjR_iHmWp2_CL_yqwTl3piNloWwu33eEGhe7pBGBG_Xe-8ADaXOoBP7GclsVXUzA7zzKcv676-sT-EM8ufEOa5eQ9qJ02ZlbnELLdZWmvDVRAhAHWs4h5E6QUT96TcwFTCQHJKsEHl7fSddHyGWMPGzs_wlfNUJEZ5PVAh3n8UQxRsqv4WBqaCQFkTur1l5fx-PqvBj4agBDutjWMrh14nFT3XvCPhtWX4btGCMG4oSCNAiTS78XiCxB7PI56R6d0ZpwV-nIeEbWWnxQ65jB9NxoseClc7PX-Fg5CjHWCETqL6AjsLnPBkb2i5tJpG1greMEmlaYeH7iQuXhlQJUXdOl7IK-dIVNrvXe0Hp7W_FAyWSH6ezN6J8RIE5djcx67UwrBIyS_COa9KlWe3vZOmmY.C8zKvIaPoF3JPEGOgCglF9lLt-RYtm43x7J_jSdXplo&nonce=88f858ab-ec0f-442f-ade6-1d1fd0f02eb1 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=203dfe3b-c798-4660-b8f7-ab4cf9138adc&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE1Q0I0LkVDRjUuRjE3RC5GNTJEIiwiZXhwIjoxNTMxMjMwNzYwLCJpYXQiOjE1MzEyMjcxNjAsIm5vbmNlIjoiODhmODU4YWItZWMwZi00NDJmLWFkZTYtMWQxZmQwZjAyZWIxIiwiYXV0aF90aW1lIjoxNTMxMjI3MTYwLCJhdF9oYXNoIjoiVVFQcGgzQXh1R0IxZnpNOFFxZm9pUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InlXcEpqeHBKMWlrSFRORngxVzRBdmZnTjRyQlhBNENnNkZTS0duSFctTzQifQ.s1JZOM61ivfq7nEIMxiptAruIadFvvDMENtOtAJ_bD755tZbr3JCJKzoHC3k4Ki5nApiwXlmxj8SQJWaukCw6-u6NbB3jPgMySZeAwlA8ROIeyRNvKjabgM8oZCdFACMYez-PmJlnmcUrnPhDtdMYZU6RO_Nt4A0weD_x5lN5pHsx889U_9hRX4r1wDklNn2L6-Wmcs8Yc_Mbaay76JlI8Fak-2Jtodf51PxXqf9PlVdpLlvwvEcVq9YqBMCEdrTrhDDUgoAtFeUS1b63zV2EpwSHokCbTWsEgPqRD46NCeGwNPh1zLBdmSG3zQdJpg3HgeCLWgh-pcisxvrtcNhyw&session_id=58ba97cf-1637-4e7a-8d1e-7c9bcdb3aba7&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDK0hTMjU2Iiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.frMBLnWIl52VjD_QHv0iQ1irqnoMaeJ-GGrdOBt4Gqb7ICzDvsDtp-TF7OvCJyL8L5xKlZEpym_3MisIj5BPAs_Dt3AWDVfT35TBvcDp32en2sJJs8BP4C1WIRh8VHkDFhzDTFZUTZB9bUrutWsdhtfX4yHx_bQOQ9YcTCb4Mc42WxsQKZSEjCQUWcKAkSXl6ABGzRNgOKq_y2vmwj9sxVa1RP1R2HFOBowcuBkRGvfrYqoaVH0ZQhmdpY9NYxcX2JrjMMqTdToecO9f7OEJ825EG3vMlwrKRNdUuTpUoWCOJu_sO8lAe_PWCucM4MJtoO887McgpBlHllndIu776g.gjb4uU6A_wwKdKpiE6I2pg.XjVfWPUKVBbgy_WOn4pRjR_iHmWp2_CL_yqwTl3piNloWwu33eEGhe7pBGBG_Xe-8ADaXOoBP7GclsVXUzA7zzKcv676-sT-EM8ufEOa5eQ9qJ02ZlbnELLdZWmvDVRAhAHWs4h5E6QUT96TcwFTCQHJKsEHl7fSddHyGWMPGzs_wlfNUJEZ5PVAh3n8UQxRsqv4WBqaCQFkTur1l5fx-PqvBj4agBDutjWMrh14nFT3XvCPhtWX4btGCMG4oSCNAiTS78XiCxB7PI56R6d0ZpwV-nIeEbWWnxQ65jB9NxoseClc7PX-Fg5CjHWCETqL6AjsLnPBkb2i5tJpG1greMEmlaYeH7iQuXhlQJUXdOl7IK-dIVNrvXe0Hp7W_FAyWSH6ezN6J8RIE5djcx67UwrBIyS_COa9KlWe3vZOmmY.C8zKvIaPoF3JPEGOgCglF9lLt-RYtm43x7J_jSdXplo&token_type=bearer&session_state=569a3431-ff02-4b59-a2a3-16c1fd304364&expires_in=299 ####################################################### TEST: encodeClaimsInStateParameterAlgRSA15EncA256CBCPLUSHS512 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:40 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!75DB.3ABA.E007.0B3F", "client_secret": "748243bf-aed2-4255-9331-306ea98e10e9", "registration_access_token": "76d5da90-3e9d-45fa-b7cf-50ee8cb13022", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!75DB.3ABA.E007.0B3F", "client_id_issued_at": 1531227160, "client_secret_expires_at": 1531313560, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2175DB.3ABA.E007.0B3F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDK0hTNTEyIiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.ShVv4CDiDft-hmswyouRPAblVGCe7ffR12f1ul95GdaOst9l6uPq7iD6Ms9ObbOF4EkgvFEOXksWbz2iSNPTvLy51Ve0HWf6O5sdHviwCkg8uSSCwIOBUXPTqnZuuov8oWxSnSwiHA_cv2CKXDs5DzeprDsp2hw_G-0yqLP_946XyhV1L0sInF5ZcTwpU9FfahBcsqMA7WcUbED_bg06kNfoB0586tBaUKfNCUVcusGVuAn2em2MG3q4J-fbCM1gYUuIRpgEQROpooAQ5zO-sViCy9Sh2w4tOh7eJjRiJex65-6KrjdgL_IOPwXkgLUqcWoE_qX-bdAL-KSroF2BbA.9nwD2zFhM0rGyN-UiDGWlw.tUEtuMqVJSPi0m52PAstBZ6ScBNTC8L9Tt7Q2LYZw5GuaUB9lN3Dt5HvGTXaxbaBqgYgj46vSdk5yJXZSGgN8MNexwRZupRcyWix4j2nX0vL-3U6WJ7Ft9ps1M06T8DRRxZAxkvKCrKxkvzjYAjIMzy5c4LkL-Nq7bZetMfNMb-D2ulxR-Puerk-h_eoknR13AxMuCGc3uJBXthjL2yg-5ubdDIIW5CFTPJC9xsQckSkjzDht_34uzE8OgcddUILh6PrfJvUqtBFHEzu-6eDbguoL9hZn98MV1SCS2MXhKtbLOvgZ_hWFTDD_1GDK2Q8gaYbeO1vWAmfkJeiEseFkCUWT70PyZmB9dK_l1saWg8iXgbjRmnKNkF1db6oYnQSO4sqmDLbnOAqCYN85UsYKJMiiitdZKLXxezXbnxOCnw.9X2-ohIWGA55lRxTYytAFDau7mlt9WZpzzF6HtGg9zZtLS7bctT8wWfUaL1L5_oTpaSp6DtjYJSmcp3532EFiw&nonce=37a15dda-de80-4b61-8843-c0c5e771c0f3 08:53:08.159 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:f701930e-d842-4819-9000-db42cd84b41f ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2175DB.3ABA.E007.0B3F&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDK0hTNTEyIiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.ShVv4CDiDft-hmswyouRPAblVGCe7ffR12f1ul95GdaOst9l6uPq7iD6Ms9ObbOF4EkgvFEOXksWbz2iSNPTvLy51Ve0HWf6O5sdHviwCkg8uSSCwIOBUXPTqnZuuov8oWxSnSwiHA_cv2CKXDs5DzeprDsp2hw_G-0yqLP_946XyhV1L0sInF5ZcTwpU9FfahBcsqMA7WcUbED_bg06kNfoB0586tBaUKfNCUVcusGVuAn2em2MG3q4J-fbCM1gYUuIRpgEQROpooAQ5zO-sViCy9Sh2w4tOh7eJjRiJex65-6KrjdgL_IOPwXkgLUqcWoE_qX-bdAL-KSroF2BbA.9nwD2zFhM0rGyN-UiDGWlw.tUEtuMqVJSPi0m52PAstBZ6ScBNTC8L9Tt7Q2LYZw5GuaUB9lN3Dt5HvGTXaxbaBqgYgj46vSdk5yJXZSGgN8MNexwRZupRcyWix4j2nX0vL-3U6WJ7Ft9ps1M06T8DRRxZAxkvKCrKxkvzjYAjIMzy5c4LkL-Nq7bZetMfNMb-D2ulxR-Puerk-h_eoknR13AxMuCGc3uJBXthjL2yg-5ubdDIIW5CFTPJC9xsQckSkjzDht_34uzE8OgcddUILh6PrfJvUqtBFHEzu-6eDbguoL9hZn98MV1SCS2MXhKtbLOvgZ_hWFTDD_1GDK2Q8gaYbeO1vWAmfkJeiEseFkCUWT70PyZmB9dK_l1saWg8iXgbjRmnKNkF1db6oYnQSO4sqmDLbnOAqCYN85UsYKJMiiitdZKLXxezXbnxOCnw.9X2-ohIWGA55lRxTYytAFDau7mlt9WZpzzF6HtGg9zZtLS7bctT8wWfUaL1L5_oTpaSp6DtjYJSmcp3532EFiw&nonce=37a15dda-de80-4b61-8843-c0c5e771c0f3 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=150ff689-a797-4a5d-8b0c-6b9d30e76394&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3NURCLjNBQkEuRTAwNy4wQjNGIiwiZXhwIjoxNTMxMjMwNzYxLCJpYXQiOjE1MzEyMjcxNjEsIm5vbmNlIjoiMzdhMTVkZGEtZGU4MC00YjYxLTg4NDMtYzBjNWU3NzFjMGYzIiwiYXV0aF90aW1lIjoxNTMxMjI3MTYxLCJhdF9oYXNoIjoiVXhtdjBZRTB6VXprbkdickNVbVJ0ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkNaREpqNWJ0SXc2UHAyVEV6ZmhGQ05LTk0tZGJPUklBRFVuTmFQQk9vZjAifQ.AEy_TMVV4PB_oIsIe2Wd62jcaV3xcNEd7q8vkYTM7wV3T-uXbfRy281FLSmfUhB3JRmTxY8XI5kYGMYIt7jc2K-vkONQoCrO8quQhJ6r9qbPomSEhpytu30CA8NV699LJs8efabdTIHJ8_6cjIAbFg7tJvD_rq-ATk-SgXvRRn24iN08Jg_3v0F0h_aqS29trmlrve4uA460vBErvZ_VLgcTq4ze_rM8_4C03Q8As2ExhnWP77RelvW4zjudq0-EpH7fodycObLz8zFoFZxZ9hmaxAIi1zw18p1vVt900-15z5V2qMmxbKUJTAU_HOcOuMp8N4f_5vzcEhDMBUxNoA&session_id=6012d6e3-ed72-4481-8c47-bc7bcf8786bb&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDK0hTNTEyIiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.ShVv4CDiDft-hmswyouRPAblVGCe7ffR12f1ul95GdaOst9l6uPq7iD6Ms9ObbOF4EkgvFEOXksWbz2iSNPTvLy51Ve0HWf6O5sdHviwCkg8uSSCwIOBUXPTqnZuuov8oWxSnSwiHA_cv2CKXDs5DzeprDsp2hw_G-0yqLP_946XyhV1L0sInF5ZcTwpU9FfahBcsqMA7WcUbED_bg06kNfoB0586tBaUKfNCUVcusGVuAn2em2MG3q4J-fbCM1gYUuIRpgEQROpooAQ5zO-sViCy9Sh2w4tOh7eJjRiJex65-6KrjdgL_IOPwXkgLUqcWoE_qX-bdAL-KSroF2BbA.9nwD2zFhM0rGyN-UiDGWlw.tUEtuMqVJSPi0m52PAstBZ6ScBNTC8L9Tt7Q2LYZw5GuaUB9lN3Dt5HvGTXaxbaBqgYgj46vSdk5yJXZSGgN8MNexwRZupRcyWix4j2nX0vL-3U6WJ7Ft9ps1M06T8DRRxZAxkvKCrKxkvzjYAjIMzy5c4LkL-Nq7bZetMfNMb-D2ulxR-Puerk-h_eoknR13AxMuCGc3uJBXthjL2yg-5ubdDIIW5CFTPJC9xsQckSkjzDht_34uzE8OgcddUILh6PrfJvUqtBFHEzu-6eDbguoL9hZn98MV1SCS2MXhKtbLOvgZ_hWFTDD_1GDK2Q8gaYbeO1vWAmfkJeiEseFkCUWT70PyZmB9dK_l1saWg8iXgbjRmnKNkF1db6oYnQSO4sqmDLbnOAqCYN85UsYKJMiiitdZKLXxezXbnxOCnw.9X2-ohIWGA55lRxTYytAFDau7mlt9WZpzzF6HtGg9zZtLS7bctT8wWfUaL1L5_oTpaSp6DtjYJSmcp3532EFiw&token_type=bearer&session_state=f701930e-d842-4819-9000-db42cd84b41f&expires_in=299 ####################################################### TEST: encodeClaimsInStateParameterAlgRSAOAEPEncA256GCM ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:41 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0D4.2DB3.F82E.0D67", "client_secret": "cac4a7de-20a0-46fa-992b-87096b73b545", "registration_access_token": "5fcfd374-60aa-4d9c-a5e0-fcce32271e2c", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!D0D4.2DB3.F82E.0D67", "client_id_issued_at": 1531227162, "client_secret_expires_at": 1531313562, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D0D4.2DB3.F82E.0D67&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkifQ.UZzO5g3vw6rtPSwItLZeo4146I-0DirMo-tlDhlpICQxdq_VgvvvJytabM4okFs6vJJzpBjXjw_ydk6fhh_vMhh5_PtwCNOi_5dRA5htmyKpsSvFR8dnMZd74YhOyYo5hO-AIPR9WOS1czRgTkHQD-m5L0Ngx9H4OCRNTdaKpcInyu_sSZ3NTB6aUv6x38jzHfAcgwhYQVYYIxgM31wg2MS6c779D0fQJR-RUK3ZaAJYaj73hFxOh3r-Ltb6beTTLe_ciqyz0-NZlSWheKFzwUkbkxIbqkW7ImCzfhBOc0TorNcdcZcyDZzEW7DZTLbuT5oBulIjkkzx0Z7RkRkTqA.O30BXU9TuiveY3qW.9d0RJ_Tkpr7ysnThXgopcAZr6GALfyqkU0vxhENthRkdqy4udbom3LqX-MOeNyn-kUwc78Lnt-CpzAFqn1eBW3dJ0YmdhbfNE4hSTanR4hxQbCDjVW_VhopG2DURsBU5GCheT61faXIhjI5LYtTu6g5yOoUOBjEOT3C0qQEfh9igdSIdhgaRdmlf8PAxb4bk3UD6eHyfAGJqthw_Zb8CL6tM0aQREuwoYqhEDtV8NEw0h9OtM32bnSTkjHmyTjpBMi_Ibj12V1XsvtAMekt42YVYVeKF8hFrA8FhLVK8U18_Bc1huM4okyuKrnkDFimQGjNKHR4D8i0iaGhxJ2TtEKVu-tlPLBuHNL_77JO_eCaE0Ysjn41tfXxTXhKenRm0Q3GUbGSOJgTHlIjyMO_S6U694A.4WH4tKNlwkIWikIvtMr0mg&nonce=73443e9f-1f7c-49b2-8b2d-f5fb86aee63b 08:53:09.825 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:1f7e8cff-fc13-4261-8ad1-ce0c41e37c13 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21D0D4.2DB3.F82E.0D67&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkifQ.UZzO5g3vw6rtPSwItLZeo4146I-0DirMo-tlDhlpICQxdq_VgvvvJytabM4okFs6vJJzpBjXjw_ydk6fhh_vMhh5_PtwCNOi_5dRA5htmyKpsSvFR8dnMZd74YhOyYo5hO-AIPR9WOS1czRgTkHQD-m5L0Ngx9H4OCRNTdaKpcInyu_sSZ3NTB6aUv6x38jzHfAcgwhYQVYYIxgM31wg2MS6c779D0fQJR-RUK3ZaAJYaj73hFxOh3r-Ltb6beTTLe_ciqyz0-NZlSWheKFzwUkbkxIbqkW7ImCzfhBOc0TorNcdcZcyDZzEW7DZTLbuT5oBulIjkkzx0Z7RkRkTqA.O30BXU9TuiveY3qW.9d0RJ_Tkpr7ysnThXgopcAZr6GALfyqkU0vxhENthRkdqy4udbom3LqX-MOeNyn-kUwc78Lnt-CpzAFqn1eBW3dJ0YmdhbfNE4hSTanR4hxQbCDjVW_VhopG2DURsBU5GCheT61faXIhjI5LYtTu6g5yOoUOBjEOT3C0qQEfh9igdSIdhgaRdmlf8PAxb4bk3UD6eHyfAGJqthw_Zb8CL6tM0aQREuwoYqhEDtV8NEw0h9OtM32bnSTkjHmyTjpBMi_Ibj12V1XsvtAMekt42YVYVeKF8hFrA8FhLVK8U18_Bc1huM4okyuKrnkDFimQGjNKHR4D8i0iaGhxJ2TtEKVu-tlPLBuHNL_77JO_eCaE0Ysjn41tfXxTXhKenRm0Q3GUbGSOJgTHlIjyMO_S6U694A.4WH4tKNlwkIWikIvtMr0mg&nonce=73443e9f-1f7c-49b2-8b2d-f5fb86aee63b ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=74941f02-382a-4a3a-99f1-a64a4186b53f&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFEMEQ0LjJEQjMuRjgyRS4wRDY3IiwiZXhwIjoxNTMxMjMwNzYzLCJpYXQiOjE1MzEyMjcxNjMsIm5vbmNlIjoiNzM0NDNlOWYtMWY3Yy00OWIyLThiMmQtZjVmYjg2YWVlNjNiIiwiYXV0aF90aW1lIjoxNTMxMjI3MTYzLCJhdF9oYXNoIjoiLWNMTmN1V0ozZTNMTlBRelVzdjZCUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Im1MZGRrY0ZlQjE1dFVraV8yUGd3aW1JVF9YaUtRVWlsZnNwR1JGemN3bjAifQ.aJYiUgq3ASnxOBIW25PgxiCrHowF7xMIvUBnKC2i5GX_UEUSK_uVcPqMN9kAaNKPKX1SI5tJCJpZsGqBUoW18HWk2-fSPTlwvhlOUlipCQMZgpfparR1_pkgCjUPjhzX4LWlynwVe8PdLxakiK7BXDKOSoTGAHDROALT5tF_QmiKkFbJcmT5B9w87jmpIEoT0IaCq0tOeFapDFfLvP2Djk9ikZQwedBUZjTZq-osUkWv206r2G7zNi2G5A0qXmFzJdICbOXob4QzWNm7qiutkBV2wY2rMrjXNohXxOBnSgNhNbf-nL0q0J-AegV1EvXXPCZ7W-S65crQwORje6Q5Wg&session_id=bf3f212c-4539-4967-86e0-15068ef173b7&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkifQ.UZzO5g3vw6rtPSwItLZeo4146I-0DirMo-tlDhlpICQxdq_VgvvvJytabM4okFs6vJJzpBjXjw_ydk6fhh_vMhh5_PtwCNOi_5dRA5htmyKpsSvFR8dnMZd74YhOyYo5hO-AIPR9WOS1czRgTkHQD-m5L0Ngx9H4OCRNTdaKpcInyu_sSZ3NTB6aUv6x38jzHfAcgwhYQVYYIxgM31wg2MS6c779D0fQJR-RUK3ZaAJYaj73hFxOh3r-Ltb6beTTLe_ciqyz0-NZlSWheKFzwUkbkxIbqkW7ImCzfhBOc0TorNcdcZcyDZzEW7DZTLbuT5oBulIjkkzx0Z7RkRkTqA.O30BXU9TuiveY3qW.9d0RJ_Tkpr7ysnThXgopcAZr6GALfyqkU0vxhENthRkdqy4udbom3LqX-MOeNyn-kUwc78Lnt-CpzAFqn1eBW3dJ0YmdhbfNE4hSTanR4hxQbCDjVW_VhopG2DURsBU5GCheT61faXIhjI5LYtTu6g5yOoUOBjEOT3C0qQEfh9igdSIdhgaRdmlf8PAxb4bk3UD6eHyfAGJqthw_Zb8CL6tM0aQREuwoYqhEDtV8NEw0h9OtM32bnSTkjHmyTjpBMi_Ibj12V1XsvtAMekt42YVYVeKF8hFrA8FhLVK8U18_Bc1huM4okyuKrnkDFimQGjNKHR4D8i0iaGhxJ2TtEKVu-tlPLBuHNL_77JO_eCaE0Ysjn41tfXxTXhKenRm0Q3GUbGSOJgTHlIjyMO_S6U694A.4WH4tKNlwkIWikIvtMr0mg&token_type=bearer&session_state=1f7e8cff-fc13-4261-8ad1-ce0c41e37c13&expires_in=299 ####################################################### TEST: encodeClaimsInStateParameterES256 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:43 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1748.BA46.4C90.BA38", "client_secret": "c190b68f-64f7-49e0-8b68-382476b24061", "registration_access_token": "72e3cadb-630a-4aae-9e3f-770722a4517f", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!1748.BA46.4C90.BA38", "client_id_issued_at": 1531227163, "client_secret_expires_at": 1531313563, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211748.BA46.4C90.BA38&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJyZnAiOiI1ZjI1YzIyMy02NDZkLTQ2YzgtODUyMS1jZDU0Y2I2ZGIyODUiLCJraWQiOiI1NDdiMjgzOC1hODQ4LTQ2NzEtOGE0Ny1kNTM2MTczOGYyYWUiLCJqdGkiOiI2Mzc1MTU1OC1mZGE5LTRkNzQtOWNkOC01ZWY2ZDgyZDJhNTgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MEUCIQDUCbapxPpRjag9NlGB-ytbnMkSZyxFpZI_kx4GSCXOpQIgG8786qx3TZGbHfxUMUuzahQsudmJCD-tnfg1uaZrgoM&nonce=582763ef-78af-49c1-a219-8f9d2c6ad537 08:53:11.431 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:b03588b7-f656-421e-94cd-18ba8d7a81cc ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%211748.BA46.4C90.BA38&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJyZnAiOiI1ZjI1YzIyMy02NDZkLTQ2YzgtODUyMS1jZDU0Y2I2ZGIyODUiLCJraWQiOiI1NDdiMjgzOC1hODQ4LTQ2NzEtOGE0Ny1kNTM2MTczOGYyYWUiLCJqdGkiOiI2Mzc1MTU1OC1mZGE5LTRkNzQtOWNkOC01ZWY2ZDgyZDJhNTgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MEUCIQDUCbapxPpRjag9NlGB-ytbnMkSZyxFpZI_kx4GSCXOpQIgG8786qx3TZGbHfxUMUuzahQsudmJCD-tnfg1uaZrgoM&nonce=582763ef-78af-49c1-a219-8f9d2c6ad537 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=f5b351bb-c18a-4bb4-a67d-8959cba92f2c&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCExNzQ4LkJBNDYuNEM5MC5CQTM4IiwiZXhwIjoxNTMxMjMwNzY1LCJpYXQiOjE1MzEyMjcxNjUsIm5vbmNlIjoiNTgyNzYzZWYtNzhhZi00OWMxLWEyMTktOGY5ZDJjNmFkNTM3IiwiYXV0aF90aW1lIjoxNTMxMjI3MTY0LCJhdF9oYXNoIjoiN3hDeUgtWTJ6ZUFDVTNzV0NwLXVrdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik8tal9ZQ1FvUHJmLVJqb3FlTGdaZXg4bWh3TmJLMndYQkhlbnNnT1B0bVkifQ.clFAA4tb75KT2CIJDwraibjlv0rLj-KBjdwyZ28xMbALCMzprrHL4GYIQD15hBIF5BUqSZ3uCx6bNnSdrhMhdffrxRGx2ADGjsJ19AtzKEC3VsrXZI8FdLwkaxwXY9-sg0CXBFhseR3yKyj9g1p7bOrmTIJiwImU75kNqjcigHDhn0YXCJ9CpMXoYDE5-lpeTANxs60u0SxXx-2_Cm5CG4FCFgSfqeJiuXsA80-R7pfOtgFiwTL6BY2Qe4maxv0bkRTB9SVw4_2bmYytdEIJyMCZwpCdh2QbwCVhUcPzL4Ugysp_EsFLsUxkTvgq8NdXhyYe7a211qKKg5YohoGCJA&session_id=5f593552-cb2e-46c2-9c4e-58e007640095&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJyZnAiOiI1ZjI1YzIyMy02NDZkLTQ2YzgtODUyMS1jZDU0Y2I2ZGIyODUiLCJraWQiOiI1NDdiMjgzOC1hODQ4LTQ2NzEtOGE0Ny1kNTM2MTczOGYyYWUiLCJqdGkiOiI2Mzc1MTU1OC1mZGE5LTRkNzQtOWNkOC01ZWY2ZDgyZDJhNTgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MEUCIQDUCbapxPpRjag9NlGB-ytbnMkSZyxFpZI_kx4GSCXOpQIgG8786qx3TZGbHfxUMUuzahQsudmJCD-tnfg1uaZrgoM&token_type=bearer&session_state=b03588b7-f656-421e-94cd-18ba8d7a81cc&expires_in=299 ####################################################### TEST: encodeClaimsInStateParameterES384 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:45 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0B71.45E3.E838.443D", "client_secret": "81433e50-2ab0-4d51-9965-da561a390b59", "registration_access_token": "6a10eb15-b81b-41b4-aea5-46ff63c6301c", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0B71.45E3.E838.443D", "client_id_issued_at": 1531227165, "client_secret_expires_at": 1531313565, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210B71.45E3.E838.443D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJyZnAiOiI2ODFhNGM3NC0zZmI3LTRhZGQtOWZkYS1kMGY5MmY1YTQ3MDciLCJraWQiOiJjNGZlNDExMC1lYjU2LTQxYzYtYmFjMy01MzE2ZjZiMTQ0M2QiLCJqdGkiOiI0MzliNDFiYy1kZGZiLTQyNmItODZlOC1mMDY4YmM1YzYwNWEiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MGUCMD_y8Ss-5_8iv-d07AoT1aMq7ze20vDfZl9FVE_KPYOa_pi1a6_vGz9cCoVNTT_fpwIxAPYXtsPn1T0LVIoUtjXrXaJ-U-KBEq-K8lm9HZZaYLc-GYwYV8PA65Dw6RLxaKq5Vg&nonce=54fa3953-1872-4bfb-810b-087920bd7928 08:53:13.080 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:fa3a49c8-aa5e-4e27-9e8b-af96114f2c36 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210B71.45E3.E838.443D&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJyZnAiOiI2ODFhNGM3NC0zZmI3LTRhZGQtOWZkYS1kMGY5MmY1YTQ3MDciLCJraWQiOiJjNGZlNDExMC1lYjU2LTQxYzYtYmFjMy01MzE2ZjZiMTQ0M2QiLCJqdGkiOiI0MzliNDFiYy1kZGZiLTQyNmItODZlOC1mMDY4YmM1YzYwNWEiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MGUCMD_y8Ss-5_8iv-d07AoT1aMq7ze20vDfZl9FVE_KPYOa_pi1a6_vGz9cCoVNTT_fpwIxAPYXtsPn1T0LVIoUtjXrXaJ-U-KBEq-K8lm9HZZaYLc-GYwYV8PA65Dw6RLxaKq5Vg&nonce=54fa3953-1872-4bfb-810b-087920bd7928 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=a6fc23c1-aa6b-49d3-a9d3-a7ce3e2d221c&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwQjcxLjQ1RTMuRTgzOC40NDNEIiwiZXhwIjoxNTMxMjMwNzY2LCJpYXQiOjE1MzEyMjcxNjYsIm5vbmNlIjoiNTRmYTM5NTMtMTg3Mi00YmZiLTgxMGItMDg3OTIwYmQ3OTI4IiwiYXV0aF90aW1lIjoxNTMxMjI3MTY2LCJhdF9oYXNoIjoiQUZkeWNhd2Jqejh1WXRmWWs5UXBfZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlRtWll1eTBocnh5YTFxVlhmOEZzOWxrNEJCdWJndnc3M3FvZnI3Ym10N1UifQ.kdmloXUcTo-z9r8KvUypywRNmucxvMUvx5VZkjRoIByYoZnbDGCeXyCyj9BKXSAkH_XlZaKQF3idqVHztTkXRZKD-rsLOZgsp_d8EfzAymNHd29gFs_ZTd5im-iNLJJYgkkm50TTrkR6bRQVSTDVucp9pmrCG-oMfLN-PUnXaHmfwKaCU5e5ZRq76pNuX2fZiFC8Wa6piVOSVSdFw4Yk9WtwHW2ozpNTCfUTTQvv_ek20z9JxJqsgCJomwQUK_33NzeuFFyT6T6JCOH_fx8Qc35FDK7zDfxEN3KYKO2lptJxNIBPhwpxj0rNy6U16ZVxewq0iUdU50jBO66x-keUNQ&session_id=b1294976-81d8-42e8-8ef0-a266eb740855&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJyZnAiOiI2ODFhNGM3NC0zZmI3LTRhZGQtOWZkYS1kMGY5MmY1YTQ3MDciLCJraWQiOiJjNGZlNDExMC1lYjU2LTQxYzYtYmFjMy01MzE2ZjZiMTQ0M2QiLCJqdGkiOiI0MzliNDFiYy1kZGZiLTQyNmItODZlOC1mMDY4YmM1YzYwNWEiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MGUCMD_y8Ss-5_8iv-d07AoT1aMq7ze20vDfZl9FVE_KPYOa_pi1a6_vGz9cCoVNTT_fpwIxAPYXtsPn1T0LVIoUtjXrXaJ-U-KBEq-K8lm9HZZaYLc-GYwYV8PA65Dw6RLxaKq5Vg&token_type=bearer&session_state=fa3a49c8-aa5e-4e27-9e8b-af96114f2c36&expires_in=299 ####################################################### TEST: encodeClaimsInStateParameterES512 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:46 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0A81.F249.CD46.7A30", "client_secret": "743ec6c4-28e9-4afb-8d5d-5253f45a4b9e", "registration_access_token": "77110f9b-a320-45df-9ec3-cdd22a88a724", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!0A81.F249.CD46.7A30", "client_id_issued_at": 1531227166, "client_secret_expires_at": 1531313566, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210A81.F249.CD46.7A30&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJyZnAiOiIyNzg0Njc5MC0yNDhlLTRlYzQtYjIwNy1iODNkZTI1ODVlZDciLCJraWQiOiIyNmY4MDQwYy1hZThiLTRkYWEtOGY3MS1hN2ZkZjE0ZGY2NDMiLCJqdGkiOiJjMTgyZjBmNy0zZjEwLTRlNzYtOTY4Mi1mN2Q1ODQ1NTAwMzAiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MIGIAkIBTsTXYN0GpMbi1J1r6jjmyD1-MK53ug0rN2HgvzszBCer9oyaPDUYW8sgVwCLujci186ZxquAiipqseUeTRPl-sMCQgDRj2lFdVVKs-e995w6iBidJRT2iqeVG-iLgKKJn6XZUOJW3NBvc22W8AU1EeZYWtOzYYBccg4a8Yt7II-trQcDhg&nonce=9b3af841-1264-4ed2-90f2-a4d364c1a0bc 08:53:14.753 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:864679bf-a951-43fb-aff9-e8a70ca1910c ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%210A81.F249.CD46.7A30&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJyZnAiOiIyNzg0Njc5MC0yNDhlLTRlYzQtYjIwNy1iODNkZTI1ODVlZDciLCJraWQiOiIyNmY4MDQwYy1hZThiLTRkYWEtOGY3MS1hN2ZkZjE0ZGY2NDMiLCJqdGkiOiJjMTgyZjBmNy0zZjEwLTRlNzYtOTY4Mi1mN2Q1ODQ1NTAwMzAiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MIGIAkIBTsTXYN0GpMbi1J1r6jjmyD1-MK53ug0rN2HgvzszBCer9oyaPDUYW8sgVwCLujci186ZxquAiipqseUeTRPl-sMCQgDRj2lFdVVKs-e995w6iBidJRT2iqeVG-iLgKKJn6XZUOJW3NBvc22W8AU1EeZYWtOzYYBccg4a8Yt7II-trQcDhg&nonce=9b3af841-1264-4ed2-90f2-a4d364c1a0bc ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=6fa71ef3-3494-43de-ba2b-c2da4e17fa80&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEwQTgxLkYyNDkuQ0Q0Ni43QTMwIiwiZXhwIjoxNTMxMjMwNzY4LCJpYXQiOjE1MzEyMjcxNjgsIm5vbmNlIjoiOWIzYWY4NDEtMTI2NC00ZWQyLTkwZjItYTRkMzY0YzFhMGJjIiwiYXV0aF90aW1lIjoxNTMxMjI3MTY4LCJhdF9oYXNoIjoiYkR1RVFOR3BVQVBQSU5fSGNQdmFxZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6ImpqTlRjOXdvbk04b1p3U0gxUFE1RV9vNU1EZTRRVGxsZE9nZXh3clg1UE0ifQ.jDzmjVzpj9RxyypOq_uuhBZtzbDPuIf57ISH6SKo-LhqNVW5GLL2RHd14xyYNNc1rPx777u9_CgUOd8wtKGTFf2uu_wbYhmF24FVdyomJPg8tuZxR26NRttJpdHKoyC5woo7b6Y5uKP2pnKxMl0lUmc9n3AAvBeof1f10fV5d3od-8tKyffgUyCy99LWM58tWcLtWKC23ZVyvryUsPX4Ah5uh1uxLZ_nR58qaloSMo2R6RKoNeVRnBXCH9KpkCatk6RMeqt7VyQm9bE8zv_HmjKtle0X01Ul5X4_kvLeTjaSLmPGfO7lN_MMIOoIALWpzy9j9EZfxPP4zFSfFqZ1Ew&session_id=e9d327c3-8e8e-4825-9fcf-bf802846a494&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJyZnAiOiIyNzg0Njc5MC0yNDhlLTRlYzQtYjIwNy1iODNkZTI1ODVlZDciLCJraWQiOiIyNmY4MDQwYy1hZThiLTRkYWEtOGY3MS1hN2ZkZjE0ZGY2NDMiLCJqdGkiOiJjMTgyZjBmNy0zZjEwLTRlNzYtOTY4Mi1mN2Q1ODQ1NTAwMzAiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MIGIAkIBTsTXYN0GpMbi1J1r6jjmyD1-MK53ug0rN2HgvzszBCer9oyaPDUYW8sgVwCLujci186ZxquAiipqseUeTRPl-sMCQgDRj2lFdVVKs-e995w6iBidJRT2iqeVG-iLgKKJn6XZUOJW3NBvc22W8AU1EeZYWtOzYYBccg4a8Yt7II-trQcDhg&token_type=bearer&session_state=864679bf-a951-43fb-aff9-e8a70ca1910c&expires_in=299 ####################################################### TEST: encodeClaimsInStateParameterHS256 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:48 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3BA9.8300.058F.36BD", "client_secret": "6223ac97-6c0c-43d6-bf41-084c5e811ed3", "registration_access_token": "7149ec36-3591-4fa5-b5dd-8f52216cdf04", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!3BA9.8300.058F.36BD", "client_id_issued_at": 1531227168, "client_secret_expires_at": 1531313568, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213BA9.8300.058F.36BD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZnAiOiIzOGFmNWFiNS0yZmMzLTRhYTMtODhiOC0yYzY1YjM2YjNjODAiLCJqdGkiOiJkNDI1Zjc4NC05MDA3LTRhZmUtYjRlMC0wN2Y5NTM5YjAxZjciLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.b7kx6hEINPItwRwjRziyYzz3i5-GCZXKac83sRfx6J0&nonce=a23ce689-d5d5-437a-8c09-053686d7e6f3 08:53:16.459 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:a4c338f2-8cab-4e41-95f4-30ac9167b58d ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%213BA9.8300.058F.36BD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZnAiOiIzOGFmNWFiNS0yZmMzLTRhYTMtODhiOC0yYzY1YjM2YjNjODAiLCJqdGkiOiJkNDI1Zjc4NC05MDA3LTRhZmUtYjRlMC0wN2Y5NTM5YjAxZjciLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.b7kx6hEINPItwRwjRziyYzz3i5-GCZXKac83sRfx6J0&nonce=a23ce689-d5d5-437a-8c09-053686d7e6f3 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=ae81fa18-2f94-4526-acc0-d494f0fc039c&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEzQkE5LjgzMDAuMDU4Ri4zNkJEIiwiZXhwIjoxNTMxMjMwNzcwLCJpYXQiOjE1MzEyMjcxNzAsIm5vbmNlIjoiYTIzY2U2ODktZDVkNS00MzdhLThjMDktMDUzNjg2ZDdlNmYzIiwiYXV0aF90aW1lIjoxNTMxMjI3MTY5LCJhdF9oYXNoIjoidWcwVi1MaHVhTUpyeExheDNCNU83dyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkFLVmlLTUJhWE9FUnhtdEoyVnRuSW1HOFlDd3RqM0FYQW5nTmdfeExKaUEifQ.MICKN8OnmKKlZegUs6AYt_Bc7Y5M6R1S34e0L9PpR0gueOzaUiD3Qo6vOGFNQ9PKoAlieYXQn3BLf4cbmbNgg23c9AD7zBXY2JCj-bWqeIDV5AUTq0C6SiCz0Jy99K0aWbC3SAAkKhLpgeslhosJYo0zBzsnVsDd72G_aZ40v7pMLD1RR6Q5-dGO1mwKVsnwhU_rujF-e5mW2okKF58goN-lNeVQNRoRUZjEppB8AeP4PZXOwtRmF_jBMzl5NIXi_lQqNFlbbHSi1yGbNXOT49QGH4zx0K6O_P304jzToTpz5OnDttpNN2y6XaorAT7H7h2wvge_YxX2L-PGFtiPEg&session_id=85e9de32-dcae-48ee-a364-f74c12d2fc8c&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZnAiOiIzOGFmNWFiNS0yZmMzLTRhYTMtODhiOC0yYzY1YjM2YjNjODAiLCJqdGkiOiJkNDI1Zjc4NC05MDA3LTRhZmUtYjRlMC0wN2Y5NTM5YjAxZjciLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.b7kx6hEINPItwRwjRziyYzz3i5-GCZXKac83sRfx6J0&token_type=bearer&session_state=a4c338f2-8cab-4e41-95f4-30ac9167b58d&expires_in=299 ####################################################### TEST: encodeClaimsInStateParameterHS384 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:50 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!406D.2D77.C803.27AF", "client_secret": "6d692dac-92c4-4835-83b2-ff0d965a213f", "registration_access_token": "11356bd2-a501-422c-859f-fcaed3799ea1", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!406D.2D77.C803.27AF", "client_id_issued_at": 1531227170, "client_secret_expires_at": 1531313570, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21406D.2D77.C803.27AF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJyZnAiOiJlZDQ4MTU0YS04ZTcwLTQ4MDgtODg5My0zYWNiZjIwODhhY2IiLCJqdGkiOiJiNzU3NTk1Ny1lZGI0LTRhYjYtYTI3ZC05YjkwZjZjMjhhZWYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.gsba-Bvt7JeHWwSq1XUjPRcebbUefsQyYdZRi-CqTyZ-G6UlYakolzkL8eFGkhy2&nonce=f85bef02-f83a-4fbf-877e-59cf7090618e 08:53:18.020 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:92a2812d-f5a8-47cd-a049-acd58de1055b ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21406D.2D77.C803.27AF&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJyZnAiOiJlZDQ4MTU0YS04ZTcwLTQ4MDgtODg5My0zYWNiZjIwODhhY2IiLCJqdGkiOiJiNzU3NTk1Ny1lZGI0LTRhYjYtYTI3ZC05YjkwZjZjMjhhZWYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.gsba-Bvt7JeHWwSq1XUjPRcebbUefsQyYdZRi-CqTyZ-G6UlYakolzkL8eFGkhy2&nonce=f85bef02-f83a-4fbf-877e-59cf7090618e ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=1cbe23e3-97bc-4d26-b0da-b125da9dd2cb&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE0MDZELjJENzcuQzgwMy4yN0FGIiwiZXhwIjoxNTMxMjMwNzcxLCJpYXQiOjE1MzEyMjcxNzEsIm5vbmNlIjoiZjg1YmVmMDItZjgzYS00ZmJmLTg3N2UtNTljZjcwOTA2MThlIiwiYXV0aF90aW1lIjoxNTMxMjI3MTcxLCJhdF9oYXNoIjoiV1pHcXF5c0VMX2lhajhjU1VTanQtdyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IlRUVXZsRjdXQ2xXOWVaVDJjYlJicGF3akJrd0ZzZlZqc0pxa2NMRk5wYWMifQ.CXYQVLDGDvKqcjnSlZw4LYsNG4Se5xJWjRrwCWGlg-x8be3IhJmG8fsY6mJrkGi5gAMcWO0FLFHP5xzu9WAdojqD_k_cRyZ9bYc4BRrtb_mTkEE5PjbeEduD_6eBvmHpN_ocauqvbOl_ARQaD3UOvxWQYwaxfnOW4yl93TzEuf4JGDJEaW3JRZ7lDhPmffIavN9JDhnmv3zgYjNQqbXY0dt06UbXYWFLclqgpWlt4qlVK65rICmQeh2b2RVJCqVoXz_ML_fJP_q67-cxNAjvlWUil5Ax5QkjKx0sRZO5844-fA2GhXVy1qvc00ChBsl5CRpZJ5USVXYAuvZtLpGINQ&session_id=a87b8b13-e785-4fcc-8cea-09028d68ba9f&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJyZnAiOiJlZDQ4MTU0YS04ZTcwLTQ4MDgtODg5My0zYWNiZjIwODhhY2IiLCJqdGkiOiJiNzU3NTk1Ny1lZGI0LTRhYjYtYTI3ZC05YjkwZjZjMjhhZWYiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.gsba-Bvt7JeHWwSq1XUjPRcebbUefsQyYdZRi-CqTyZ-G6UlYakolzkL8eFGkhy2&token_type=bearer&session_state=92a2812d-f5a8-47cd-a049-acd58de1055b&expires_in=299 ####################################################### TEST: encodeClaimsInStateParameterHS512 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:51 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6171.87DC.819E.8809", "client_secret": "a38506e2-0ce2-45a8-aa24-91c2ca48e509", "registration_access_token": "44c59024-f04b-4b09-8913-065ccb3c15e9", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!6171.87DC.819E.8809", "client_id_issued_at": 1531227171, "client_secret_expires_at": 1531313571, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216171.87DC.819E.8809&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJyZnAiOiJiZjUwOGM4OC1iZTc4LTQyYzYtODQ2OC0xZmNkYjI3MzczYmMiLCJqdGkiOiJkM2YzZmU3Yi1iOTA3LTQ0ZmItYjI0MS04ODExYzNjYjU2NTgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.sv1WJTX913Gml6EG56O2qThY_HulBviW9jICZKq7W4hYW9xn5bAQb_J-HA31TAuTvLPoPEkYgm4KlLU-zOqYNg&nonce=0606f78e-5224-4e50-8f0f-ff255506b5d0 08:53:19.533 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:40b81824-59b1-46d4-9361-53208c3fddc7 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%216171.87DC.819E.8809&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJyZnAiOiJiZjUwOGM4OC1iZTc4LTQyYzYtODQ2OC0xZmNkYjI3MzczYmMiLCJqdGkiOiJkM2YzZmU3Yi1iOTA3LTQ0ZmItYjI0MS04ODExYzNjYjU2NTgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.sv1WJTX913Gml6EG56O2qThY_HulBviW9jICZKq7W4hYW9xn5bAQb_J-HA31TAuTvLPoPEkYgm4KlLU-zOqYNg&nonce=0606f78e-5224-4e50-8f0f-ff255506b5d0 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=73e975bf-0279-4c43-8819-db4feba3e146&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE2MTcxLjg3REMuODE5RS44ODA5IiwiZXhwIjoxNTMxMjMwNzczLCJpYXQiOjE1MzEyMjcxNzMsIm5vbmNlIjoiMDYwNmY3OGUtNTIyNC00ZTUwLThmMGYtZmYyNTU1MDZiNWQwIiwiYXV0aF90aW1lIjoxNTMxMjI3MTczLCJhdF9oYXNoIjoiVGFXX3h3eGVLcmE3RGs5bVlGRUt3ZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6Ik5QUHh1N1VPaGtWS1hqMDEyajJ3NnBZRG9jOXlNRGVYWEUzU2lzc250b1EifQ.VHD8Fza66hyW3Fg73z1Bo9XaKITPVfPGtyjrm9LH0JOcqQQwZ_7L56SZwXm_bodDhWIY2Opzvmt2WEf6_PSdPi7MGkDGUGSz_yvUiKIgTHxPVznOAAGVVPhw_rvkqENcioWn2Y0lgQSY95Fzb9P41-wT99SF3egFMF50t0EYiq1yEt_EVLu3tfQfwdPyFG1iM9tjTqyGxSYtfcHv_5IF_F8vw_o9fowlLp2uu7bXimhe8H52_tXoYGQn6d4KW8SBYKUJe780yR5He2DlldU7-ZnPtFDsxB6gUz_Ul7M93bfFm4NsJa9k7ocdXXFHtDJm3J3wG2eXb7VZvYjKcWgoQA&session_id=f1bfdfc3-b2d0-4eda-bca8-3e927bb66ca1&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJyZnAiOiJiZjUwOGM4OC1iZTc4LTQyYzYtODQ2OC0xZmNkYjI3MzczYmMiLCJqdGkiOiJkM2YzZmU3Yi1iOTA3LTQ0ZmItYjI0MS04ODExYzNjYjU2NTgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.sv1WJTX913Gml6EG56O2qThY_HulBviW9jICZKq7W4hYW9xn5bAQb_J-HA31TAuTvLPoPEkYgm4KlLU-zOqYNg&token_type=bearer&session_state=40b81824-59b1-46d4-9361-53208c3fddc7&expires_in=299 ####################################################### TEST: encodeClaimsInStateParameterRS256 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:53 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!20D5.7FD7.05A5.8522", "client_secret": "5e5c5fcf-fa31-4506-bae2-ca691fcb11fc", "registration_access_token": "af004be1-d632-4130-a49d-46bee395f362", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!20D5.7FD7.05A5.8522", "client_id_issued_at": 1531227173, "client_secret_expires_at": 1531313573, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2120D5.7FD7.05A5.8522&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJyZnAiOiIzZGE3ZDc2Ny0yMWJjLTQ4ODktYmE2OS1mY2FjMTNhYjc1N2YiLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkiLCJqdGkiOiI3NmFlMDU1OS01YmRhLTQyYzktYWE5Yy1mZjU5OTI4NDJkNGIiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.Nm_jzz8PXciT-xOFFZ6GH4pfPdp4mf317leEHgY8pFQtwinZcAiMhcWhjlNTKI5IvtS6y1MZ_L4ZyGJi6cMMXtyibR7Oea06Vtdqk_oqwWMLkCx55dQF_eLoLwvN4sUs67ViEwXmmGBJv-y1-k5bvsZARybgbxYerg0QBX3dxL_IOxpYAIhq0COX-9UA5DexxF32JfVWOtften700sPSOAkP612F9SmTrSwVjGFh5YmTGfLCrEfNV1JD_ly07_GAq4xSBlvHEplV29RQUjasjHAG_CzcCHn41RJU3JCiXSqcbLdNnaAHrxrAOWUuzs7M5sOqHij9QeRVH9sgURGYsQ&nonce=b9c5afc6-a0b5-4594-965a-2a5ccf4f2655 08:53:21.116 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:a4b5bd29-a035-4d12-8886-b16b395f9127 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%2120D5.7FD7.05A5.8522&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJyZnAiOiIzZGE3ZDc2Ny0yMWJjLTQ4ODktYmE2OS1mY2FjMTNhYjc1N2YiLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkiLCJqdGkiOiI3NmFlMDU1OS01YmRhLTQyYzktYWE5Yy1mZjU5OTI4NDJkNGIiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.Nm_jzz8PXciT-xOFFZ6GH4pfPdp4mf317leEHgY8pFQtwinZcAiMhcWhjlNTKI5IvtS6y1MZ_L4ZyGJi6cMMXtyibR7Oea06Vtdqk_oqwWMLkCx55dQF_eLoLwvN4sUs67ViEwXmmGBJv-y1-k5bvsZARybgbxYerg0QBX3dxL_IOxpYAIhq0COX-9UA5DexxF32JfVWOtften700sPSOAkP612F9SmTrSwVjGFh5YmTGfLCrEfNV1JD_ly07_GAq4xSBlvHEplV29RQUjasjHAG_CzcCHn41RJU3JCiXSqcbLdNnaAHrxrAOWUuzs7M5sOqHij9QeRVH9sgURGYsQ&nonce=b9c5afc6-a0b5-4594-965a-2a5ccf4f2655 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=115d0bc4-6bb2-4c11-897d-cc5ef33d2e00&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCEyMEQ1LjdGRDcuMDVBNS44NTIyIiwiZXhwIjoxNTMxMjMwNzc0LCJpYXQiOjE1MzEyMjcxNzQsIm5vbmNlIjoiYjljNWFmYzYtYTBiNS00NTk0LTk2NWEtMmE1Y2NmNGYyNjU1IiwiYXV0aF90aW1lIjoxNTMxMjI3MTc0LCJhdF9oYXNoIjoiYWxQVFJQSHlxWHJfemdGMkpZOXRxUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkllNUpfYTZtWE4zcDlQZTFsWm1JRUV2dnp0RjE0TkJtNkZiMVpORFFvcWcifQ.SQp6KfKeboxOf-oO36CSZS9XXwIQ9f5-OnzOSEBfLpKk257G_6tnMQWliRSSqBNVCkHd62ovK_60e9EOY_vQ0xTImerASnImBKm2VSwBBQIhdXRi9gTN_2B0xElz9mxHGQ-wB7f6nD2Q1y-c4PaBM5onFweE65CyjycN3CbG6cIogXA6ECjSaVNa4KwXeGCdZ6BdXXmRziZlZraBJdeI7EA4ZPggn9fnYNas11C_RwDat2-pkFJ4hdM5AQoBeL3lv-3F2DE8qkCd_T_fMbKOHMRbOcbMT4CP83u4hgxoU4ObH_YVjy-eVIL7RWbZmIydtWZiD8-iZuxv7ZNBtMTdFw&session_id=9e3efc48-6915-48d6-bf99-3d0b8066723d&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJyZnAiOiIzZGE3ZDc2Ny0yMWJjLTQ4ODktYmE2OS1mY2FjMTNhYjc1N2YiLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkiLCJqdGkiOiI3NmFlMDU1OS01YmRhLTQyYzktYWE5Yy1mZjU5OTI4NDJkNGIiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.Nm_jzz8PXciT-xOFFZ6GH4pfPdp4mf317leEHgY8pFQtwinZcAiMhcWhjlNTKI5IvtS6y1MZ_L4ZyGJi6cMMXtyibR7Oea06Vtdqk_oqwWMLkCx55dQF_eLoLwvN4sUs67ViEwXmmGBJv-y1-k5bvsZARybgbxYerg0QBX3dxL_IOxpYAIhq0COX-9UA5DexxF32JfVWOtften700sPSOAkP612F9SmTrSwVjGFh5YmTGfLCrEfNV1JD_ly07_GAq4xSBlvHEplV29RQUjasjHAG_CzcCHn41RJU3JCiXSqcbLdNnaAHrxrAOWUuzs7M5sOqHij9QeRVH9sgURGYsQ&token_type=bearer&session_state=a4b5bd29-a035-4d12-8886-b16b395f9127&expires_in=299 ####################################################### TEST: encodeClaimsInStateParameterRS384 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:54 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CF2F.83B3.1694.1DC7", "client_secret": "e5dfe3c5-9377-4337-8e07-4e5c163cfb0d", "registration_access_token": "019fc6eb-5203-4554-bacd-4e972b44f17b", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!CF2F.83B3.1694.1DC7", "client_id_issued_at": 1531227175, "client_secret_expires_at": 1531313575, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CF2F.83B3.1694.1DC7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJyZnAiOiIyOWYzYmZkMS1hMWQ1LTQzZmMtODYwZi00OWQwNDc0ZTY0NzIiLCJraWQiOiJjNDYyMTQzZi1hMTk3LTRmN2EtYWY5OS0wYjEwODczNjg2MTYiLCJqdGkiOiJhYTc5ZjIwMS01NjFhLTQ4NTEtYWNkMC1mNjAxODVmYWE4YmUiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.dNd7leX_3ExxMA8bhwIosYF3GuJR_L7PD0p-7Ds9bxhQAAUJZRs060nlJYLVfBLq9yNYtHlmu72yWdRmn4U3-QOhLX4icU-ZYarNb8OWCuwRV6iRHJvrB_iDdkQzysQrCTjyFsZ3hc1N4qMc7GPbkohOsSzaVnJYV2BS0A5TSpdl2zn80nTMsIr9IBUqctfjSzfHsZ3YJUBmRuYkB1wND2R_i4jCgf8jC8H19lnE3XrIqSW0mzcFdH5XDCD5CdYpjsCC9v7cwqSrol5ZpzA2nXaN_php1bzkEUZ_HqnH3UAh7-W5mm5HhpoCPoJby0MGWckuj3xdWcH14G-YHEw2QA&nonce=40f00a8a-49d9-42e1-911b-ff8e53505680 08:53:22.743 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:53be9811-5401-417f-a340-375aee34744b ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21CF2F.83B3.1694.1DC7&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJyZnAiOiIyOWYzYmZkMS1hMWQ1LTQzZmMtODYwZi00OWQwNDc0ZTY0NzIiLCJraWQiOiJjNDYyMTQzZi1hMTk3LTRmN2EtYWY5OS0wYjEwODczNjg2MTYiLCJqdGkiOiJhYTc5ZjIwMS01NjFhLTQ4NTEtYWNkMC1mNjAxODVmYWE4YmUiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.dNd7leX_3ExxMA8bhwIosYF3GuJR_L7PD0p-7Ds9bxhQAAUJZRs060nlJYLVfBLq9yNYtHlmu72yWdRmn4U3-QOhLX4icU-ZYarNb8OWCuwRV6iRHJvrB_iDdkQzysQrCTjyFsZ3hc1N4qMc7GPbkohOsSzaVnJYV2BS0A5TSpdl2zn80nTMsIr9IBUqctfjSzfHsZ3YJUBmRuYkB1wND2R_i4jCgf8jC8H19lnE3XrIqSW0mzcFdH5XDCD5CdYpjsCC9v7cwqSrol5ZpzA2nXaN_php1bzkEUZ_HqnH3UAh7-W5mm5HhpoCPoJby0MGWckuj3xdWcH14G-YHEw2QA&nonce=40f00a8a-49d9-42e1-911b-ff8e53505680 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=8df8d804-4376-4985-805f-b2faac31ba0e&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFDRjJGLjgzQjMuMTY5NC4xREM3IiwiZXhwIjoxNTMxMjMwNzc2LCJpYXQiOjE1MzEyMjcxNzYsIm5vbmNlIjoiNDBmMDBhOGEtNDlkOS00MmUxLTkxMWItZmY4ZTUzNTA1NjgwIiwiYXV0aF90aW1lIjoxNTMxMjI3MTc2LCJhdF9oYXNoIjoiMEJkS1UxZUlreFJQZ3hpVHJ1RnFUUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkRjNVducmhsT0ZkV1JMdVlrY19PSXVWSWlhVzZFY3BfdXdhd3UtVS1oTUEifQ.sKWSLwYZY3a84xziGvR-MvoRDE3PiEX-q3ReZLJTWFFff-ozffoBzdVIOs1lSn2Ivw0WpMHE9QEjWdPt8H0G3E_zQoqUCr7112O8E6UV_vaq4qHEmvxsUJP5wtiYaJJaqGC1NN_Vc7FFGR694osPxeH_zZtfmEEkdiI98dWucbsqUZO5sVfEDjDAATG7W5xIjaF74M7xJx_GF9wne5FI9bTFdLMxR5PT0SdzYp-L_vToDEDU3b55nlmQGq_zx0f7ZY7my8stO2SmeklZOoN9-orXmRDqQVDfUXxd6AMtKDQtmVseEsb0kTi9CWXwzOgsZpJOwA-rm6GxUn786RgPAA&session_id=4a2fc315-6a77-4d61-8c50-796abeeab530&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJyZnAiOiIyOWYzYmZkMS1hMWQ1LTQzZmMtODYwZi00OWQwNDc0ZTY0NzIiLCJraWQiOiJjNDYyMTQzZi1hMTk3LTRmN2EtYWY5OS0wYjEwODczNjg2MTYiLCJqdGkiOiJhYTc5ZjIwMS01NjFhLTQ4NTEtYWNkMC1mNjAxODVmYWE4YmUiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.dNd7leX_3ExxMA8bhwIosYF3GuJR_L7PD0p-7Ds9bxhQAAUJZRs060nlJYLVfBLq9yNYtHlmu72yWdRmn4U3-QOhLX4icU-ZYarNb8OWCuwRV6iRHJvrB_iDdkQzysQrCTjyFsZ3hc1N4qMc7GPbkohOsSzaVnJYV2BS0A5TSpdl2zn80nTMsIr9IBUqctfjSzfHsZ3YJUBmRuYkB1wND2R_i4jCgf8jC8H19lnE3XrIqSW0mzcFdH5XDCD5CdYpjsCC9v7cwqSrol5ZpzA2nXaN_php1bzkEUZ_HqnH3UAh7-W5mm5HhpoCPoJby0MGWckuj3xdWcH14G-YHEw2QA&token_type=bearer&session_state=53be9811-5401-417f-a340-375aee34744b&expires_in=299 ####################################################### TEST: encodeClaimsInStateParameterRS512 ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD" } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1340 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:56 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E8E5.19A4.0C12.AADB", "client_secret": "d4500aaa-7c39-41a5-aec7-2b73950a76c1", "registration_access_token": "1f1da25a-2545-4448-ae04-abb5dac83e0a", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!E8E5.19A4.0C12.AADB", "client_id_issued_at": 1531227176, "client_secret_expires_at": 1531313576, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E8E5.19A4.0C12.AADB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJyZnAiOiIxNzM0ZmMyYS0zOGQ5LTRjNTUtYTUxNy1mMjdjMGQ5OTAwM2IiLCJraWQiOiI4NWIwODQ4My02ODkwLTQ4NDMtOWJhZi04MzdhMjRhM2M2ZDIiLCJqdGkiOiI5NmJjZTllNS1kNDgwLTQyMjYtYTQ3OC00NmE3YjZmMzU2NmUiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.b9VMBe-Jgc0GBSRisXoKw6t9T9hYC_rJbT0RMJcViEliRRQmSfrBEd3o2EbnxkLKvK2_nJXDZhPzk504v5SeqOrwMMA5HbgZMBeZkgVEAIqTNk5lPnXjUa5o79SuYA3Uhznbs4lkmQQSDsj862KPwFx5TTKmtm1ScA5_l606rNvq-COKlB32ZeMKCc2R5NZOb3uh2zgrBVBqYedqml173NzjAFbfz-6cIljr7YR5DiGZFck7yohiJipNi7ExBPsZt0m33Nt5ZSZawsXZpmnf1k3bzTtIBXA-MaZJd8Dh-pLyCMX-kXbgsGtJbH-E5iAVlQgz1Mp-nWOKaf5G-2ePrg&nonce=69db471b-8703-4f52-9413-9576fb1415e0 08:53:24.380 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:4ffbed3a-0558-4ce5-a5bc-4bb2a873d99f ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%21E8E5.19A4.0C12.AADB&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJyZnAiOiIxNzM0ZmMyYS0zOGQ5LTRjNTUtYTUxNy1mMjdjMGQ5OTAwM2IiLCJraWQiOiI4NWIwODQ4My02ODkwLTQ4NDMtOWJhZi04MzdhMjRhM2M2ZDIiLCJqdGkiOiI5NmJjZTllNS1kNDgwLTQyMjYtYTQ3OC00NmE3YjZmMzU2NmUiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.b9VMBe-Jgc0GBSRisXoKw6t9T9hYC_rJbT0RMJcViEliRRQmSfrBEd3o2EbnxkLKvK2_nJXDZhPzk504v5SeqOrwMMA5HbgZMBeZkgVEAIqTNk5lPnXjUa5o79SuYA3Uhznbs4lkmQQSDsj862KPwFx5TTKmtm1ScA5_l606rNvq-COKlB32ZeMKCc2R5NZOb3uh2zgrBVBqYedqml173NzjAFbfz-6cIljr7YR5DiGZFck7yohiJipNi7ExBPsZt0m33Nt5ZSZawsXZpmnf1k3bzTtIBXA-MaZJd8Dh-pLyCMX-kXbgsGtJbH-E5iAVlQgz1Mp-nWOKaf5G-2ePrg&nonce=69db471b-8703-4f52-9413-9576fb1415e0 ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=e4b57d77-c841-487d-8434-4b4eff140598&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCFFOEU1LjE5QTQuMEMxMi5BQURCIiwiZXhwIjoxNTMxMjMwNzc4LCJpYXQiOjE1MzEyMjcxNzgsIm5vbmNlIjoiNjlkYjQ3MWItODcwMy00ZjUyLTk0MTMtOTU3NmZiMTQxNWUwIiwiYXV0aF90aW1lIjoxNTMxMjI3MTc3LCJhdF9oYXNoIjoiSHJCd2hQN21jMUo3NTBLRFg2VXRiZyIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6InJ2NmwxcnlzUnk0TlpUX3d3RGxMcE9VREI2LVJmck5vU2ZycTN3em1qeVkifQ.oqNtEJwe3yQiNyPKwy-JvqdWXoUXR208u_s_V_txMoThhmst7I-aoRG0asG5hL1XlLfYfGcxA-Ah6jhEoxiESuHi65xpEo8cK48dYQ4QHVSpooxc86oLm4Jti8zxFkEhkjXQrh2aUY2JoQizTf1SyEyONKB4-Q1AG7MtwttMW1jF6_d30_4VQee45C2BbJuHvjNf4gmjvZxn6ZDYSn3p1sUP5dRKI0KihtEsnVbnibWz4Ihzj9cyWSYg7sPGfNuxPLPG9F0tt7-kuyaW2zPaQd9WPF5DyQVx8VlKmZcX4HJhstMmu7NiWYuYhtZVzlvNKZ-o27tdANM-QG0ZTvtk4A&session_id=f06bec9b-22cd-4ea7-b75b-571b4ced3cc9&state=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJyZnAiOiIxNzM0ZmMyYS0zOGQ5LTRjNTUtYTUxNy1mMjdjMGQ5OTAwM2IiLCJraWQiOiI4NWIwODQ4My02ODkwLTQ4NDMtOWJhZi04MzdhMjRhM2M2ZDIiLCJqdGkiOiI5NmJjZTllNS1kNDgwLTQyMjYtYTQ3OC00NmE3YjZmMzU2NmUiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.b9VMBe-Jgc0GBSRisXoKw6t9T9hYC_rJbT0RMJcViEliRRQmSfrBEd3o2EbnxkLKvK2_nJXDZhPzk504v5SeqOrwMMA5HbgZMBeZkgVEAIqTNk5lPnXjUa5o79SuYA3Uhznbs4lkmQQSDsj862KPwFx5TTKmtm1ScA5_l606rNvq-COKlB32ZeMKCc2R5NZOb3uh2zgrBVBqYedqml173NzjAFbfz-6cIljr7YR5DiGZFck7yohiJipNi7ExBPsZt0m33Nt5ZSZawsXZpmnf1k3bzTtIBXA-MaZJd8Dh-pLyCMX-kXbgsGtJbH-E5iAVlQgz1Mp-nWOKaf5G-2ePrg&token_type=bearer&session_state=4ffbed3a-0558-4ce5-a5bc-4bb2a873d99f&expires_in=299 ####################################################### TEST: jwtStateAlgA128KWEncA128GCMTest ####################################################### Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4R0NNIn0.5-6-5IaCMp4sD1gVNLevnqynITIf0Obu.BofMwoVsgkiSe02T.JCL7DV8HoJH7GkcD8y7JJKgKUPV34YIx4kIcl-o0wjagmLJpcFySRS-zsHu2UGTSCMjtjSarFh42h11P4eG-NjftKPihmLGFHhAeRRei6vQSSsL33m8YVbwRhsotYOnRe4xrOfVFsWwSz5iexDx1FxchDRDGC0xtQPxRMbRvjKGitALTFtut0F_p7qbg2VjY757EYRmmEHi6vcxUGD7pRUVK7acziPt80nOMbdaeiOygvS1fCMjT9T21Mh9gxWFDvZciBMl7z8BhVA-d_qQMXLabf6R9RTrac6Cnfk31IXF236XqID_jC6hXMgWbp9uGS3yM41IV9A.2jxVsEFYo7X2EPH8HSqHHw ####################################################### TEST: jwtStateAlgA256KWEncA256GCMTest ####################################################### Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.qn9pwwMOvO2NgXKe3-Wa9hHg722mnRBBVUJ2Thbd9EHi2RFPX8-fBQ.LcRd9arYD4vcz7cN.lsiuoxB2KDi61I28euIUlU3FBZINGIlXWdpfUpdSfgk7mnsv6SCV6t6RnDbzuQzOCGNYindLOGOJ_T9VOOCBqRSI-c6K6Hu9cAmlB54JQsQ9VZ68ynYhSoC53RhXFI0K-Jmu9FyDtXPiKdUVKuE1MzugMstSwWShjbBsZR2Zeh9pWCvl8FeGfxQ0v7ld8bXZDu1ZJ5HDUmhgOkSwOFAyvpqgKSRkzMcRJ1quc29QyQEPhIgM0Lx0IaM7JHYHsqYm71D0DskQOEeG8trks1pe7L9H4OLpijTVm0bM3ZIPFmd2MAZQuxxNzQucHWn3ja6EzNrEGzCNgA.WUA1zi9cWM3Ihgrrdv_LfA ####################################################### TEST: jwtStateAlgRSA15EncA128CBCPLUSHS256Test ####################################################### Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDK0hTMjU2Iiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.Zt0Hq7o71F-rr4hs6nicGJIaUqH5NCWvpyCJqZuFqDDC0YdamZt9h1zm3O-LQuH9Ra7v9mBv_fvAlSBfjwm5-2Q9aOVunPrGE3VjeFKekJVX4jCDSqD_15tw4P5ckB5S4HJjbLJ_5MUrBDoFjuNlYWTykEG6X2PAAxmiUemdjw1P4t5lEQ0kGnpho-8K_CSbrHGNTK-Lv4x67ZIUfQM0ugWShZHBaMIDupsQ8nN-ifA7ufJuZs6sM96Yx4XcBEFuvZBLMKXrImM3E5sPVhHpFHN31N0JABQ7vK1QbgXYIh-Gbf-N7uAarys90N9DRsPDsBGsMB0rLGFa-jIFEOiKEg.vePx57amttPe4wySq2T2GQ.zd6D78-JlW5c_jC5NGJUzwl6Q3zDHGCMFQZicNy2jf0H4KwSzmhZ8HU6Uf5LTVz1l-1STxB1aKRAoGtVYXR-x8cv5Sd6nV4IvL_Q3vuD4idxRMLbAfhNeDaobgRr0BIVX3LEtfZkO8TM2pxB3jDchN0s_UJf3qsdAxDmwwu8Jh0tySn647J9823f5RRXYgvgScI7AuZXzUdtsYb14eBTPSAxSmYmCY9J9cN8ZNPO9l85U88Pus_XOWjiI_hUuXbhAzbCNVMWkcE2Np9ehXXzbsv4o65mhAS8wgB9boXNntHUaq3IPnV92mUeF4imrfcmChlVQ6ecfjQXa27u6GTx8SnB4Laa4dDupp6UBHfoRkuwbbF_qBOTCwRQi5t2UEX_gSjfY9RdClRukxQPtObQ3Oo0Alj6tgXUuuKfz1dh-0Y.vytXvCL6Xw65pmxOkoMV2OAv-Scg4vPEaj6TPAvUDII ####################################################### TEST: jwtStateAlgRSA15EncA256CBCPLUSHS512Test ####################################################### Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMjU2Q0JDK0hTNTEyIiwia2lkIjoiNDhiZmE4YTQtYzhhNy00YTA5LWFlOTgtYmYzMjVkNzQ5MTE5In0.e9pfsOwSV2xMWQ2oaTjH1l_HgShmxlcUBhPUrZ2XQcBCIPdKZaohqyfy3UOhazu7USd5m1yU7hh49f94qrTi1otbNac9jia8IwLfA6QCISh2-kJHprX1c04OTf6jEUfiVqW9UYMXT0AsfqPZwcOUIUs35Go4BHy1JfnxXzYgrSTbDqh4J6fqzW7wyVDeBpHPh-kBvAo1CuaQexmGHXkg0UFEbzQHNENMULZ0XjALLot8dIWw32lnZe--OBJvFmZju2lyDjVH1gRsURwM2pVqIcDNAt-6urQV_M46CGw4GBP2YZDOpROUJ56tnY9Cxj82CGMsXqkmqlToX_7k5VZJFA.3_9eMiUd67EieoJdfopTNw.5ciAhatn8A6rkf9gCLqvm9ZR10fOqQo-TAVFVv8va5n5_U4uJz-DA6G72pU2NEG3fe_CcERTZFVyrER6Y95l1Xz_XQO5A4HCtJIkvLN0wdfJqa3mql3HJvqGwX_oclA9G8a18van3naq5YEVx18FczYUZ9enu8acDV8TmN1dBQhN2IEr7VPD4J5MClBXEqyiBUOHvUmAo7yVy93as_MgCHlLddj3hHNAkyi5h7S5HUaHhzU7AkfzkDNGV1nH1hshzNl0E5kwUQpZxHbuVP686OdpNvEKxx8cVhxmtdTOX3wjl-7nx_qj7s8PCraidBUCIdS309meJCJDrSbxVFu7jyitIkbbWTW14fl9_G9uFw6wYpq3R8-HoiQjpfsCakWm6ApPhOX-bvAuHHHXj_1F3ft9ILxaD4EOtweJ7X9kK8Y._wqMhaZAtajr5QTURW4gQ_ejcIr6Hy6K_bQtVoH_VNHCIVg45QBMSoGpRQcgCQ1N0XabBsyfSAHjq_476jhODg ####################################################### TEST: jwtStateAlgRSAOAEPEncA256GCMTest ####################################################### Encrypted JWE State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkifQ.LQ3XK-wx0Vr70gGPXkW0mgrh6EbxFL6vTocWI-teNg7YMPK5HgnB-dX0h7HuonR8uu0PuV2-qzg0yMXqPawslKga4dvMfoHxzQUOFelpduouBt0bdgtjZfDZ0vXaxnna9oeIqNWwlOWHrqi9SQCsBkU60rsT9GSoMQAKb5tJ3bgj1c-Onf8pNRx9EnQ9j0Ak3gGXsHJUBUWgxriGqaYqrA8Q1VnSWzK8yzX2uzfSm82liLxtDc8ifwZy-5Psq-secx6PtNQCv7CiaK7eG8pzL5yHSgF47izV7cN6dLm11GLgKYdFkFR2T7xl6uLorInGeFX-XeH9Ou5_TMMWTgANAQ.2mEtiNa1twdyD-ID.UMeAl_zU657q2q7lISezJ_X31g94c8plYQO1xqKPd8u_ay77biM6e9Dq7CZsgRxFdQE5meO3Tq9AHUHQZiDeW0a9w9vf9FOGaldmR6t9JT4ihj28NSZfLn-3vl_VoGLKHeFuou-CVmBYqAQybonEBrps7Zdt6xvreNHqF7VtQhxlXJYZHiQQQNUdD-J-RuYhj5AYCpVFE3CKC6X9CK46oQBgeN0Bzitbm3xfriBSYDcvRl1lmitQ6WH6lK2E0bYJCVfYleP7mxYMlXfEmRSXdO9HcPDnft6qqdvyFgenMHvugLTd5_ttYsJT2nZZLcg0W_-sn23ry5Z_ccycrIzbeOvq_BprH1sko1sGWGYKeZot597jHL-cWONyR6thqbTXWbf1lEkVPMInk7sNc20Lhc62yw.ymvl6pDNGAev_TlmSeZPnA ####################################################### TEST: jwtStateES256Test ####################################################### Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjU0N2IyODM4LWE4NDgtNDY3MS04YTQ3LWQ1MzYxNzM4ZjJhZSJ9.eyJyZnAiOiJjM2Q1OGU0Ni01ZmY0LTQ3OWUtYjYwNy01NDViMWRlNmZlMjQiLCJraWQiOiI1NDdiMjgzOC1hODQ4LTQ2NzEtOGE0Ny1kNTM2MTczOGYyYWUiLCJqdGkiOiJjMzU0MzYxNi0zY2Y1LTRkZDMtOWRmNy0xOTY5MTkwMmFlZjUiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MEQCIBSERHWbzJUxGHUQ1hGC-1T5YknZhIrs2m2_hWnSthF8AiBUmpeZ4C2fqomkuW3xF5mjbwpvHHJb6kAaa0ebcCUpTw ####################################################### TEST: jwtStateES384Test ####################################################### Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCIsImtpZCI6ImM0ZmU0MTEwLWViNTYtNDFjNi1iYWMzLTUzMTZmNmIxNDQzZCJ9.eyJyZnAiOiJjZmMxMmRkZi1hZTdhLTRmNTUtOWIyNy1mZDQ4NTAwZDk2NzkiLCJraWQiOiJjNGZlNDExMC1lYjU2LTQxYzYtYmFjMy01MzE2ZjZiMTQ0M2QiLCJqdGkiOiIxZDllOWM1ZC03NzI0LTRkYzEtOTBiNS03MmQ3MGMwNTJhNDMiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MGQCMHX3PTQkg_d0guqzjunWIdl40c47hDO1kFXSIEPf_RJNih45TefuPlbdrCKnB5RRLgIwMJhgM4RCZNaM9FgRL0b8s54yiYzid6ND25sQ9ImxPyUvYoE5f6QFKyXCnn5d4Z30 ####################################################### TEST: jwtStateES512Test ####################################################### Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiIsImtpZCI6IjI2ZjgwNDBjLWFlOGItNGRhYS04ZjcxLWE3ZmRmMTRkZjY0MyJ9.eyJyZnAiOiJiMzdhNmQyNC1mYmU3LTQ2YjUtYmQwNi04NmU1YTg0MmZiMzEiLCJraWQiOiIyNmY4MDQwYy1hZThiLTRkYWEtOGY3MS1hN2ZkZjE0ZGY2NDMiLCJqdGkiOiJkZDYwZDU1ZC00NTE0LTRhNjQtYTIxYS04NDgwMGU0NmM1YzQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MIGGAkFM9U9fdqviGaBRfcoiH3LrVelXEVtHEVJcE-wwHC97ysz72CJelJi68u5G5PSIuRPWPLgECAhMat66bGRTFBPSvwJBFbuHq5PuoSSoXw-GYxdn9i_q_fI09IFDBWuzl863dHmY_-enncKpDsXW75mverKNeNX1xwKx_xxwA5d3MKc-znw ####################################################### TEST: jwtStateHS256Test ####################################################### Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZnAiOiI1NzRhNDk4My1lNmEwLTRiYjktOTkyYy0wMDcyYmY4ZjhjYTkiLCJqdGkiOiI4OWUzZjBkZS02MGFjLTQ3ODAtYTc4Mi1iNDNhNGFhZjBjMWIiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.OT2I_6Uz2YYTXmpZYWJl_i777ZI8OytV-9e1aga2HoY ####################################################### TEST: jwtStateHS384Test ####################################################### Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzM4NCJ9.eyJyZnAiOiJlNjdjYTFhNC0zZDg2LTQ0YTktYTUyMC00YzEyZjkzM2M3YWYiLCJqdGkiOiI3MTE2Y2UwNC03YmM5LTRlNWQtOWVkZS0xNzJiNDA2OTI3ZmQiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.oxy3vZY_SMEWvApqtoLzPaWnifnOM2ZEIVBlNBiRNnYP9-f9cQc163Gd4yrSOHqb ####################################################### TEST: jwtStateHS512Test ####################################################### Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJyZnAiOiIyNTMzMGRjOC1lYTY1LTQ5NzMtOTIyYS05YjhhNmU5ZjFkNWEiLCJqdGkiOiJiOWMwYmU5NC0yNTQwLTRlZDQtOGYxZS1mNzg5YmIzZDk0ZmEiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.vTbAYmeg20zv9yYBDNyuCa3TBIjASPHvDWnmrdT1H-jABmX0FIUSgTsDgBiSs2Y3qudVaHN-gMhBkPuvd2SLsg ####################################################### TEST: jwtStateNONETest ####################################################### Encoded State: eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJyZnAiOiJiODJjNGRiNy05ZjRiLTRjY2UtOTczZC1hMDBhZGZkOGQxMmIiLCJqdGkiOiI5NjU2MzhiMy1hYWM3LTRiYmMtYTdlZS1kOWZmMTQxNmJmMDkiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0. ####################################################### TEST: jwtStateRS256Test ####################################################### Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjQ4YmZhOGE0LWM4YTctNGEwOS1hZTk4LWJmMzI1ZDc0OTExOSJ9.eyJyZnAiOiI0ZjY4OGU4Ni0wOWE1LTQ0NGEtYmUzMC0wY2M4ZGQwM2VjYmMiLCJraWQiOiI0OGJmYThhNC1jOGE3LTRhMDktYWU5OC1iZjMyNWQ3NDkxMTkiLCJqdGkiOiJlNWI4YjUzNC0yMmZhLTQxZDctYjk2ZC1hYjE5NzYxNzFjZTgiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.G-vzFMvkyErWOZLLCoX_6KYukbfFe_mR8iI7qZ7YexqJNSZHtJGkkQHBXIN_95MH0oZoBrYBCxJraX3B3w8fYo7k5T0ZhxtfRfPNYyW56q8TnkOtmZk1W34okWrWhA_kZwSatZUWhHU1BASI-HZe446KUIDYN2LfbuGNaSH5Dy6AkH_SlqGjC_8BSjF8vGUnMF9V0-KN3qPkqbFjzqwcT24747r4QYJtmo7MQBLtygLFyljvQoBTW9okVkuqS5Lwv4PrNOIo3kwkKH6-Z4srQDktlcXW5eSatkCL4gjvJkpEulTsjP4SVvYRHjL-8kyFMPSywtPqZu4Lt5S944qMwg ####################################################### TEST: jwtStateRS384Test ####################################################### Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCIsImtpZCI6ImM0NjIxNDNmLWExOTctNGY3YS1hZjk5LTBiMTA4NzM2ODYxNiJ9.eyJyZnAiOiIzOTI0NWUzYi0yNjkxLTQ5OGQtYjljYi03MTUwMjA4MDE3ZTciLCJraWQiOiJjNDYyMTQzZi1hMTk3LTRmN2EtYWY5OS0wYjEwODczNjg2MTYiLCJqdGkiOiJjZTc2OGRhZS1iNjUxLTQ4ODItODgzZC1iMzdhOWEwZDQ3MDMiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.Tp2eloBtXMVYj2f5NAk5coYW8S5-t8F1x-Pj50Llt471_qqtIRfVpMRtW7AaUYc6dA5r_oYB-azelxMl1pziXEKO7r6GU3IM0jWhp5nmOgQRS4urZ7yaaAvO90QV5KgSwpis_q_2EDffdcsV9qLV9dGs7n086l-5u3IkbGIbAHTClOGl0m-aPjuGeJxDHVuiK7g436nViYQgNiEJdNys7WimaBheJrfV9PUBbd5nuFeyS80y9YdPz-Apm5eKDgyuDYxLUDnzH-HI1CVamqzZFpxqiwo_fbZgAOH3-PDjiEHUL56wCZ7RuFISLS5squa7qkWGj_7rRQje0xbsfV07pg ####################################################### TEST: jwtStateRS512Test ####################################################### Signed JWS State: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiIsImtpZCI6Ijg1YjA4NDgzLTY4OTAtNDg0My05YmFmLTgzN2EyNGEzYzZkMiJ9.eyJyZnAiOiI1MGIxNmYyZS01OTlmLTRhZTktOGZkYS05MjA0M2RlMmU3ZTMiLCJraWQiOiI4NWIwODQ4My02ODkwLTQ4NDMtOWJhZi04MzdhMjRhM2M2ZDIiLCJqdGkiOiIwMTM1YjRjNi1kYTI2LTQ4NzYtYjI3Ni04NWRhMjZiOWZhM2MiLCJhZGRpdGlvbmFsX2NsYWltcyI6eyJmaXJzdF9uYW1lIjoiSmF2aWVyIiwibGFzdF9uYW1lIjoiUm9qYXMiLCJhZ2UiOjM0LCJtb3JlIjpbImZvbyIsImJhciJdfX0.MtJfsElQ8sEY5JziPDvutdWz5HZhLQyVK_9SUP_bASZkNbreLYisLLnP95ki0V-LbU0qdrsUEVnw7VFXxp0mWV5CjeetTL5ioV74B9uj-ETCakfNrMcEevGQuIPqyqZ7C7-mCZ8lKuyfvMIpzNMKcQqYa__q8cgbMaek8Z5wkqH8BdC4nBZJJKsiXdgPdDzOYmRbUXaVNlVS7SIpRdp1W4m9qhOjSw-r7Ho0PBB9GMlM6DgYbkDtJXPU5_1B5WzBFpKlw7T6BApEtC42SJnb9fKcX0zy_fGauyNQLQzF1P1zV0jHGQEBN4p33tVEhlnKFDKhHcQBDHNWTepFxA_e6A ####################################################### TEST: OpenID Connect Discovery ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/webfinger?resource=acct%3Atest_user%40ce-dev4.gluu.org&rel=http%3A%2F%2Fopenid.net%2Fspecs%2Fconnect%2F1.0%2Fissuer HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 181 Content-Type: application/jrd+json;charset=iso-8859-1 Date: Tue, 10 Jul 2018 12:52:58 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "subject": "acct:test_user@ce-dev4.gluu.org", "links": [{ "rel": "http://openid.net/specs/connect/1.0/issuer", "href": "https://ce-dev4.gluu.org" }] } OpenID Connect Configuration ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /.well-known/openid-configuration HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Connection: Keep-Alive Content-Length: 6342 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:58 GMT Keep-Alive: timeout=5, max=100 Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "issuer": "https://ce-dev4.gluu.org", "authorization_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/authorize", "token_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/token", "userinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/userinfo", "clientinfo_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/clientinfo", "check_session_iframe": "https://ce-dev4.gluu.org/oxauth/opiframe", "end_session_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/end_session", "jwks_uri": "https://ce-dev4.gluu.org/oxauth/restv1/jwks", "registration_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/register", "id_generation_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/id", "introspection_endpoint": "https://ce-dev4.gluu.org/oxauth/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "email", "user_name", "sub", "org_name", "address", "openid", "test_scope1", "work_phone", "phone", "profile", "mobile_phone", "test" ], "response_types_supported": [ "code", "code id_token", "code id_token token", "id_token", "id_token token", "token", "code token" ], "grant_types_supported": [ "urn:ietf:params:oauth:grant-type:uma-ticket", "client_credentials", "refresh_token", "implicit", "password", "authorization_code" ], "acr_values_supported": [ "super_gluu", "u2f", "otp", "basic", "auth_ldap_server" ], "auth_level_mapping": { "-1": ["auth_ldap_server"], "50": ["otp"], "100": ["basic"], "10": ["u2f"], "15": ["super_gluu"] }, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "member_of", "middle_name", "nickname", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"permission": []}, {"uma_protection": []}, {"clientinfo": [ "name", "inum", "oxAuthAppType", "oxAuthIdTokenSignedResponseAlg", "oxAuthRedirectURI", "oxAuthScope" ]}, {"email": [ "email_verified", "email" ]}, {"user_name": ["user_name"]}, {"sub": []}, {"org_name": []}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]}, {"openid": []}, {"test_scope1": []}, {"work_phone": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"test": ["member_of"]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": true, "frontchannel_logout_session_supported": true } ####################################################### TEST: requestEndSession by id_token ####################################################### ------------------------------------------------------- REQUEST: ------------------------------------------------------- POST /oxauth/restv1/register HTTP/1.1 Content-Type: application/json Accept: application/json Host: ce-dev4.gluu.org { "redirect_uris": [ "https://ce-dev4.gluu.org/oxauth-rp/home.htm", "https://client.example.com/cb", "https://client.example.com/cb1", "https://client.example.com/cb2" ], "response_types": [ "token", "id_token" ], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "post_logout_redirect_uris": ["https://client.example.com/pl"], "frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"] } ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-store Connection: Keep-Alive Content-Length: 1488 Content-Type: application/json Date: Tue, 10 Jul 2018 12:52:58 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block { "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B21.CED9.0DB2.55BD", "client_secret": "bb834a09-6b65-4da7-a9b2-ac3fa4e6639c", "registration_access_token": "5682f177-4f80-408e-8681-c74dcf0ff88e", "registration_client_uri": "https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!7B21.CED9.0DB2.55BD", "client_id_issued_at": 1531227178, "client_secret_expires_at": 1531313578, "redirect_uris": [ "https://client.example.com/cb2", "https://client.example.com/cb1", "https://client.example.com/cb", "https://ce-dev4.gluu.org/oxauth-rp/home.htm" ], "response_types": [ "id_token", "token" ], "grant_types": ["implicit"], "application_type": "web", "client_name": "oxAuth test app", "sector_identifier_uri": "https://ce-dev4.gluu.org/oxauth/sectoridentifier/@!38D4.410C.1D43.8932!0001!37F2.B744!0012!D426.70FD", "subject_type": "pairwise", "id_token_signed_response_alg": "RS256", "token_endpoint_auth_method": "client_secret_basic", "require_auth_time": false, "post_logout_redirect_uris": ["https://client.example.com/pl"], "frontchannel_logout_uri": ["https://ce-dev4.gluu.org/oxauth-rp/home.htm"], "frontchannel_logout_session_required": false, "scope": "permission uma_protection clientinfo email user_name sub org_name address openid test_scope1 work_phone phone profile test", "claims": "" } authenticateResourceOwnerAndGrantAccess: Cleaning cookies authenticateResourceOwnerAndGrantAccess: authorizationRequestUrl:https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217B21.CED9.0DB2.55BD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6d3c5833-3b7b-4760-9572-d164f1d92ee2&nonce=f651ad23-ab67-4826-8196-7c52fc6b554d 08:53:26.699 [main] ERROR com.gargoylesoftware.htmlunit.javascript.StrictErrorReporter - runtimeError: message=[An invalid or illegal selector was specified (selector: '*,:x' error: Invalid selector: :x).] sourceName=[https://ce-dev4.gluu.org/oxauth/js/jquery-1.12.4.min.js] line=[2] lineSource=[null] lineOffset=[0] authenticateResourceOwnerAndGrantAccess: sessionState:6e16125d-a67e-4018-bbec-617fdec16567 ------------------------------------------------------- REQUEST: ------------------------------------------------------- https://ce-dev4.gluu.org/oxauth/restv1/authorize?response_type=token+id_token&client_id=%40%2138D4.410C.1D43.8932%210001%2137F2.B744%210008%217B21.CED9.0DB2.55BD&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fce-dev4.gluu.org%2Foxauth-rp%2Fhome.htm&state=6d3c5833-3b7b-4760-9572-d164f1d92ee2&nonce=f651ad23-ab67-4826-8196-7c52fc6b554d ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 302 Found Location: https://ce-dev4.gluu.org/oxauth-rp/home.htm#access_token=a74d229d-67ff-48af-930c-b88c37704690&scope=address+openid+profile+email&id_token=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3QjIxLkNFRDkuMERCMi41NUJEIiwiZXhwIjoxNTMxMjMwNzgwLCJpYXQiOjE1MzEyMjcxODAsIm5vbmNlIjoiZjY1MWFkMjMtYWI2Ny00ODI2LTgxOTYtN2M1MmZjNmI1NTRkIiwiYXV0aF90aW1lIjoxNTMxMjI3MTgwLCJhdF9oYXNoIjoiT1ZkMkh0NHFDNlpaNjNpQkhzUmVVUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkZGeHVfdGhxV3hNTjdsdy11eU1HMHB2WmJHZTB6UmhUV3k1YWVDSzNoV0UifQ.Q7_pqe0ND7QbDdemx7w8Gk6aq9uPaRPua1derrDj494Tv150qmgwnvEIcXSeEbEHqnEiQ5ONkMWoSdUeZ3yNgIT0jg5WNkqoRKtRe8EBdHYig97zRV12j1U7pi0BiHo8vBStF4_FvNy_cQJ6UbRs5kgOBg5r_43ie0Kfpuy1Q80mO-t_vywbZ2SDJKUzlmHiTczf_QQ_FdQDQIES-k7_gmuvOVbASJqk_Ls-FeVilEVUj-e0ZM_iVq0E1gtQvct2TO4z3GNvRcIjchuPDxVVhIGInJXngwqhiwsDgGGrntCbF6M2aNlyl2TTYVQbuBsFTvYJ7LfWRduzpl40vE2jSA&session_id=3c8b0153-8dc6-49c6-aec4-31569ac9bf98&state=6d3c5833-3b7b-4760-9572-d164f1d92ee2&token_type=bearer&session_state=6e16125d-a67e-4018-bbec-617fdec16567&expires_in=299 ------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/end_session?id_token_hint=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3QjIxLkNFRDkuMERCMi41NUJEIiwiZXhwIjoxNTMxMjMwNzgwLCJpYXQiOjE1MzEyMjcxODAsIm5vbmNlIjoiZjY1MWFkMjMtYWI2Ny00ODI2LTgxOTYtN2M1MmZjNmI1NTRkIiwiYXV0aF90aW1lIjoxNTMxMjI3MTgwLCJhdF9oYXNoIjoiT1ZkMkh0NHFDNlpaNjNpQkhzUmVVUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkZGeHVfdGhxV3hNTjdsdy11eU1HMHB2WmJHZTB6UmhUV3k1YWVDSzNoV0UifQ.Q7_pqe0ND7QbDdemx7w8Gk6aq9uPaRPua1derrDj494Tv150qmgwnvEIcXSeEbEHqnEiQ5ONkMWoSdUeZ3yNgIT0jg5WNkqoRKtRe8EBdHYig97zRV12j1U7pi0BiHo8vBStF4_FvNy_cQJ6UbRs5kgOBg5r_43ie0Kfpuy1Q80mO-t_vywbZ2SDJKUzlmHiTczf_QQ_FdQDQIES-k7_gmuvOVbASJqk_Ls-FeVilEVUj-e0ZM_iVq0E1gtQvct2TO4z3GNvRcIjchuPDxVVhIGInJXngwqhiwsDgGGrntCbF6M2aNlyl2TTYVQbuBsFTvYJ7LfWRduzpl40vE2jSA&post_logout_redirect_uri=https%3A%2F%2Fclient.example.com%2Fpl&state=16f662c1-cc97-4d69-a8b7-4b04c61ad9a2&session_id=3c8b0153-8dc6-49c6-aec4-31569ac9bf98 HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1 200 Cache-Control: no-transform, no-store Connection: Keep-Alive Content-Length: 343 Content-Type: text/html Date: Tue, 10 Jul 2018 12:53:00 GMT Expires: Thu, 01 Jan 1970 00:00:00 GMT Keep-Alive: timeout=5, max=100 Pragma: no-cache Server: Jetty(9.4.9.v20180320) Set-Cookie: session_id=;Path=/;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;HttpOnly Strict-Transport-Security: max-age=31536000; includeSubDomains Vary: Accept-Encoding X-Content-Type-Options: nosniff X-Xss-Protection: 1; mode=block Gluu Generated logout pageLogout requests sent.
------------------------------------------------------- REQUEST: ------------------------------------------------------- GET /oxauth/restv1/end_session?id_token_hint=eyJraWQiOiI4NzE2OGJjMS1lNTU4LTQxNjktOGRkMS05ZmJkNDUxZGU1ZDciLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL2NlLWRldjQuZ2x1dS5vcmciLCJhdWQiOiJAITM4RDQuNDEwQy4xRDQzLjg5MzIhMDAwMSEzN0YyLkI3NDQhMDAwOCE3QjIxLkNFRDkuMERCMi41NUJEIiwiZXhwIjoxNTMxMjMwNzgwLCJpYXQiOjE1MzEyMjcxODAsIm5vbmNlIjoiZjY1MWFkMjMtYWI2Ny00ODI2LTgxOTYtN2M1MmZjNmI1NTRkIiwiYXV0aF90aW1lIjoxNTMxMjI3MTgwLCJhdF9oYXNoIjoiT1ZkMkh0NHFDNlpaNjNpQkhzUmVVUSIsIm94T3BlbklEQ29ubmVjdFZlcnNpb24iOiJvcGVuaWRjb25uZWN0LTEuMCIsInN1YiI6IkZGeHVfdGhxV3hNTjdsdy11eU1HMHB2WmJHZTB6UmhUV3k1YWVDSzNoV0UifQ.Q7_pqe0ND7QbDdemx7w8Gk6aq9uPaRPua1derrDj494Tv150qmgwnvEIcXSeEbEHqnEiQ5ONkMWoSdUeZ3yNgIT0jg5WNkqoRKtRe8EBdHYig97zRV12j1U7pi0BiHo8vBStF4_FvNy_cQJ6UbRs5kgOBg5r_43ie0Kfpuy1Q80mO-t_vywbZ2SDJKUzlmHiTczf_QQ_FdQDQIES-k7_gmuvOVbASJqk_Ls-FeVilEVUj-e0ZM_iVq0E1gtQvct2TO4z3GNvRcIjchuPDxVVhIGInJXngwqhiwsDgGGrntCbF6M2aNlyl2TTYVQbuBsFTvYJ7LfWRduzpl40vE2jSA&post_logout_redirect_uri=https%3A%2F%2Fclient.example.com%2Fpl&state=e553fbde-75be-4b71-94a0-4f3e1448e7d2&session_id=3c8b0153-8dc6-49c6-aec4-31569ac9bf98 HTTP/1.1 Host: ce-dev4.gluu.org ------------------------------------------------------- RESPONSE: ------------------------------------------------------- HTTP/1.1