OC5:FTR-op-tok-pkjwt-x-Gluu OX

From OSIS Open Source Identity Systems
Jump to: navigation, search

{{#vardefine:DtArticleSortKey|}}

FTR-op-tok-pkjwt-x-Gluu OX

{{#vardefine:page|{{#if:{{#var:page}}|{{#var:page}}|FTR-op-tok-pkjwt-x-Gluu OX}}}}{{#vardefine:nr|{{#if:{{#var:nr}}|{{#expr:{{#var:nr}}+1}}|1}}}}{{#vardefine:url|{{#replace:{{#var:page}}| |_}}}}{{#if:FTR-op-tok-pkjwt-x-Gluu OX|{{#if:{{#var:DtArticleSortKey}}||}}}}{{#ifeq:{{#var:header}}|no||

{{#ifeq:no|no||
{{#if:{{#var:refs}}|[[{{#var:page}}|no_ref's]]|[[Special:Call/DT Article show Refs,page={{#var:page}},refs=yes|ref's]]}}}} {{#if:{{#var:DtArticleSortKey}}|({{#var:DtArticleSortKey}})}}    list help  [[Special:Call/DT Article copy,cat=OC5 Result,from={{#var:page}},namespace=OC5|copy]]  [[Special:Call/DT Articles list XML,type=OC5 Result,title={{#var:page}},namespace=OC5|as XML]]  edit
}}
{{#if:|Feature Test Result |Feature Test Result }}   FTR-op-tok-pkjwt-x-Gluu OX
Test Identifier   bgcolor={{{color}}}}}|FTR-op-tok-pkjwt
Primary Solution   bgcolor={{{color}}}}}|Gluu OX
Test   bgcolor={{{color}}}}}|{{#dpl:|category = FeatureTest|namespace = OC5|include={FeatureTest}:identifier |includematchparsed=/identifier\s*=\s*FTR-op-tok-pkjwt/s| noresultsheader= no matching test found.\n

}}

Date Tested   bgcolor={{{color}}}}}|16 July 2013
Tested by   bgcolor={{{color}}}}}|Javier Rojas Blum
Outcome   bgcolor={{{color}}}}}|Works
Solutions Involved   bgcolor={{{color}}}}}|{{#if: Gluu_OX | OC5:Gluu_OX | }} {{#if: | [[OC5:]] | }}  
  bgcolor={{{color}}}}}|{{#if: | [[OC5:]] |   }}
Operating System   bgcolor={{{color}}}}}|Fedora 18 x86_64
Browser   bgcolor={{{color}}}}}|Firefox 22.0
Notes   bgcolor={{{color}}}}}|https://svn.gluu.info/repository/openxdi/oxAuth/Client/src/test/java/org/xdi/oxauth/interop/SupportAuthenticationToTokenEndpointWithAsymmetricallySignedJWTs.java
#######################################################
TEST: OC5:FeatureTest-Support Authentication to Token Endpoint with Asymmetrically Signed JWTs (RS256)
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: seed.gluu.org

{
    "redirect_uris": [
        "https://seed.gluu.org/oxauth-rp/home.seam",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "token_endpoint_auth_method": "private_key_jwt",
    "jwks_uri": "https://seed.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://seed.gluu.org/oxauth-client/test/resources/sector_identifier.js"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{
    "client_id": "@!1111!0008!F571.5F2A",
    "client_secret": "10ca557e-3ff7-4d2a-8006-f6faa79fb5e8",
    "registration_access_token": "d9967790-2f97-4d59-bc6e-f97b5994dfd9",
    "registration_client_uri": "https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/register?client_id=@!1111!0008!F571.5F2A",
    "client_id_issued_at": 1374011634,
    "client_secret_expires_at": 1374098034,
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "token_endpoint_auth_method": "private_key_jwt",
    "jwks_uri": "https://seed.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://seed.gluu.org/oxauth-client/test/resources/sector_identifier.js",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "require_auth_time": false,
    "request_uris": [],
    "scopes": [
        "openid",
        "address",
        "profile",
        "phone",
        "email"
    ]
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/authorize?response_type=code&client_id=%40%211111%210008%21F571.5F2A&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam%3Ffoo%3Dbar&state=STATE_XYZ

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://seed.gluu.org/oxauth-rp/home.seam?foo=bar&&code=f3a1d759-3249-4b9c-aa04-fee7acee2b60&auth_level=10&auth_mode=basic&session_id=cde12908-de2f-42eb-8526-4bb5a4ed7636&state=STATE_XYZ&scope=openid+profile+address+email

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: seed.gluu.org

grant_type=authorization_code&code=f3a1d759-3249-4b9c-aa04-fee7acee2b60&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam%3Ffoo%3Dbar&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1MiLCJhbGciOiJSUzI1NiIsImtpZCI6IlJTMjU2U0lHIn0.eyJpc3MiOiJAITExMTEhMDAwOCFGNTcxLjVGMkEiLCJzdWIiOiJAITExMTEhMDAwOCFGNTcxLjVGMkEiLCJhdWQiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC90b2tlbiIsImp0aSI6IjI3MzZhNGRmLWMzNDEtNDcyZC1hOGVjLTRhMjkyODJhMTYzYiIsImV4cCI6MTM3NDAxMTk1NiwiaWF0IjoxMzc0MDExNjU2fQ.MQBrzl5t5oILM6gx6JeApWsEnKT7vcyB9zY5L0DsXk5XQST62NBsdK0TCOvWsHzBePHNOlHrzCsZzERkQazsXIs6Zx7WcuN8C4_4cAa0T4dhsklRBm3uWNvE5bCgUD9luFP-Rkxg2d5EOJObjxXtTGT_WPuafzvyyLdvI1yhDjKsPELL8tO1HpySJynYyvUzv71d0INJxRZdZeodcGTSzST2erYG2v-YFqMngs4g7fimVkfgYBMv4j3aGzitgk2ELnwZwf0ENnxIUX9H6LMqcogSkoccv4uofPCUn84L2d5dDnJMwejvE59jk6iTf3oTYXZfzdtFuu9DbZSk9aiUyg

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{"access_token":"750c8bef-48d1-429c-a32e-b113d098b207","token_type":"bearer","expires_in":3599,"refresh_token":"580a7a62-992f-414f-9c9b-9a910fc8b145","id_token":"eyJ0eXAiOiJKV1MiLCJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOi8vc2VlZC5nbHV1Lm9yZy9veGF1dGgvc2VhbS9yZXNvdXJjZS9yZXN0djEvb3hhdXRoL2p3a3MiLCJraWQiOiIxIn0.eyJpc3MiOiJodHRwczovL3NlZWQuZ2x1dS5vcmciLCJhdWQiOiJAITExMTEhMDAwOCFGNTcxLjVGMkEiLCJleHAiOjEzNzQwMTUyNTYsImlhdCI6MTM3NDAxMTY1Niwic3ViIjoibWlrZSIsIm94SW51bSI6IkAhMTExMSEwMDAwIUQ0RTciLCJveFZhbGlkYXRpb25VUkkiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC9jaGVja19zZXNzaW9uIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIn0.ivv3gjJU5EhKX9SPstEsAS9wJMlKyi6xNh4pzYhSLcUEYbx-UFwkttkR5vjdxcjiPDrdYr8kV9kA64351LTsvShAKlJVZ4lAt-5zGaoJj2Oy95V360TNcJWFMxIbMXa1jTwswa900OwOEV4C-LUT7N-z5-9-V6Aq57uBzrNDOXb1cmKG4U5go8he-sbwXuOcA9XiWWUeV8OvaciWEWJOc0ZF6DLq3P-mDCAGWPsIw1sfVpbxVYLZcdpl4xv9YP_uvMw56Dxh7pFLrfBqNKqRXve-s68_A6QnQ0Ty0k0eccD4akMfBtC2of-kiuMHnhzW7tr7_2ujj5Ixjo_MyinZMw"}


#######################################################
TEST: OC5:FeatureTest-Support Authentication to Token Endpoint with Asymmetrically Signed JWTs (RS384)
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: seed.gluu.org

{
    "redirect_uris": [
        "https://seed.gluu.org/oxauth-rp/home.seam",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "token_endpoint_auth_method": "private_key_jwt",
    "jwks_uri": "https://seed.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://seed.gluu.org/oxauth-client/test/resources/sector_identifier.js"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{
    "client_id": "@!1111!0008!41FA.843B",
    "client_secret": "a8f299b5-1fb2-4671-80a8-1e67f08b1675",
    "registration_access_token": "834b9179-5db7-479b-8ede-d0595c56a9b0",
    "registration_client_uri": "https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/register?client_id=@!1111!0008!41FA.843B",
    "client_id_issued_at": 1374011658,
    "client_secret_expires_at": 1374098058,
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "token_endpoint_auth_method": "private_key_jwt",
    "jwks_uri": "https://seed.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://seed.gluu.org/oxauth-client/test/resources/sector_identifier.js",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "require_auth_time": false,
    "request_uris": [],
    "scopes": [
        "openid",
        "address",
        "profile",
        "phone",
        "email"
    ]
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/authorize?response_type=code&client_id=%40%211111%210008%2141FA.843B&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam%3Ffoo%3Dbar&state=STATE_XYZ

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://seed.gluu.org/oxauth-rp/home.seam?foo=bar&&code=d44eee9a-6e17-4833-92ce-10692beeb1c9&auth_level=10&auth_mode=basic&session_id=aeba5789-7a61-47cf-8c4c-b47eb106ff99&state=STATE_XYZ&scope=openid+profile+address+email

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: seed.gluu.org

grant_type=authorization_code&code=d44eee9a-6e17-4833-92ce-10692beeb1c9&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam%3Ffoo%3Dbar&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1MiLCJhbGciOiJSUzM4NCIsImtpZCI6IlJTMzg0U0lHIn0.eyJpc3MiOiJAITExMTEhMDAwOCE0MUZBLjg0M0IiLCJzdWIiOiJAITExMTEhMDAwOCE0MUZBLjg0M0IiLCJhdWQiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC90b2tlbiIsImp0aSI6IjUxYzZjNGEzLWQ2MjAtNGJkZC05MGYzLWYwYjY5M2MxYzRkYyIsImV4cCI6MTM3NDAxMTk4MCwiaWF0IjoxMzc0MDExNjgwfQ.byDfEfD-g_BMhPoUZupsQGoohCHPXztW3xGAMcurhBFr2LwhTL-UeUwEijQf0A3lWBg_xFJRLHIVA4jAXqwKlhig-hdxxS9fTytnBdeBp0vJkE6soiwQDle6Z6AJDBSZuRK3_-_Df9_wMRAEddxb2jGyeKVbCaL_OCc1QQ1QvuexZBaKpX1D-ZdN4uNixdtmB1kNPjvDGwuvZgPigwOPkgYlyFSSkJjuqCYcL7i8-AZ7MHQpu5pvlGCcOkLf39BREybgKFM-R2xMlEFemTm8mAt7u9eE9cU3pesbgnCWeURp_UoVto1uagdvv3Pait1Xku3sUjXkhTGdPZmpydRUqg

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{"access_token":"5439c6ca-a6f7-46ee-9e88-b6c58296cc05","token_type":"bearer","expires_in":3599,"refresh_token":"7a4dcb75-d765-427f-8c3a-00ae88950a15","id_token":"eyJ0eXAiOiJKV1MiLCJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOi8vc2VlZC5nbHV1Lm9yZy9veGF1dGgvc2VhbS9yZXNvdXJjZS9yZXN0djEvb3hhdXRoL2p3a3MiLCJraWQiOiIxIn0.eyJpc3MiOiJodHRwczovL3NlZWQuZ2x1dS5vcmciLCJhdWQiOiJAITExMTEhMDAwOCE0MUZBLjg0M0IiLCJleHAiOjEzNzQwMTUyNzksImlhdCI6MTM3NDAxMTY3OSwic3ViIjoibWlrZSIsIm94SW51bSI6IkAhMTExMSEwMDAwIUQ0RTciLCJveFZhbGlkYXRpb25VUkkiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC9jaGVja19zZXNzaW9uIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIn0.foqYaUk0QFfAEb_Y9ly5Smp7gAF5B-ormw8Pmhq4NpRSQnGDo8AnQ9FrQHgOADZ_sdd8eIzmG0RVRCi29k0gI_p3ZX9MjhLLGY286a2_QEMtNf3MSUw2uwmqIR8JLTW65m4am5p-Iv_qjEYE1t02Ty-bFRd8ZiztiXWByz3WB6RZdZlGkG_sBxmGk29prHyLC_hL-ORATqaW_JbHOu3L-p15arulAe3Lz1mT0MdwhWNNUZyKhGWDJJ9K8Ky1nXFj3l-zMIFjbFDCc-ySOlYYziU0XS4EBiPtNrrxr09hWj5LtRUJBTuLsKdJD7RUf1A7F4pChj993LBU7oFSA_f8sQ"}


#######################################################
TEST: OC5:FeatureTest-Support Authentication to Token Endpoint with Asymmetrically Signed JWTs (RS512)
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: seed.gluu.org

{
    "redirect_uris": [
        "https://seed.gluu.org/oxauth-rp/home.seam",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "token_endpoint_auth_method": "private_key_jwt",
    "jwks_uri": "https://seed.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://seed.gluu.org/oxauth-client/test/resources/sector_identifier.js"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{
    "client_id": "@!1111!0008!4C9C.1EBE",
    "client_secret": "451bf1f7-38e8-4c1e-9787-20187b13aa41",
    "registration_access_token": "a59a0f03-a24a-4b7c-abbd-9575712057a5",
    "registration_client_uri": "https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/register?client_id=@!1111!0008!4C9C.1EBE",
    "client_id_issued_at": 1374011682,
    "client_secret_expires_at": 1374098082,
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "token_endpoint_auth_method": "private_key_jwt",
    "jwks_uri": "https://seed.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://seed.gluu.org/oxauth-client/test/resources/sector_identifier.js",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "require_auth_time": false,
    "request_uris": [],
    "scopes": [
        "openid",
        "address",
        "profile",
        "phone",
        "email"
    ]
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/authorize?response_type=code&client_id=%40%211111%210008%214C9C.1EBE&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam%3Ffoo%3Dbar&state=STATE_XYZ

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://seed.gluu.org/oxauth-rp/home.seam?foo=bar&&code=172244ba-a030-423b-8183-e4339c1ffd82&auth_level=10&auth_mode=basic&session_id=93131b31-fd9f-4cac-b740-ff9865949edf&state=STATE_XYZ&scope=openid+profile+address+email

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: seed.gluu.org

grant_type=authorization_code&code=172244ba-a030-423b-8183-e4339c1ffd82&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam%3Ffoo%3Dbar&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1MiLCJhbGciOiJSUzUxMiIsImtpZCI6IlJTNTEyU0lHIn0.eyJpc3MiOiJAITExMTEhMDAwOCE0QzlDLjFFQkUiLCJzdWIiOiJAITExMTEhMDAwOCE0QzlDLjFFQkUiLCJhdWQiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC90b2tlbiIsImp0aSI6ImEyN2RiMmRlLThiY2UtNDMzMy04MGVhLTdjZmM1YjhkNzY2OCIsImV4cCI6MTM3NDAxMjAwMywiaWF0IjoxMzc0MDExNzAzfQ.BpHKZbVQtwG8LXKOxu820qev5tJZb5Vj4w0bLT3uIJwCr-JAwY5TkmEsTbLnliXoqu6xpAuTNw4wdjcZgmGyAWaBr16C3VSJOnZ6KcO75ph85tUGbLanKnHtlQQLMHYJMTNWfSteEp_FAhEXCybztgYZosDuQKb-aQ_nmr-o84ek4JDM5iEnEb85P2DEiLotBUKUXaSr0ueX3onNX51InU7n9KMSEBTjc0e12U-PslMVs9nmyc692aBXXrjiw2gIf_jlDwXqQER9e8F7YMyT6nP-GSBMAEtGRj6Uv6Q8pNqwKZp-BIj5pP4wIRqAFY7I3jRW99PMiCXteFaJWl4ZiQ

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{"access_token":"a6084dea-04f8-4326-bc88-dadd4247b490","token_type":"bearer","expires_in":3599,"refresh_token":"72821c78-2b1f-4729-bfda-0c8131b070da","id_token":"eyJ0eXAiOiJKV1MiLCJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOi8vc2VlZC5nbHV1Lm9yZy9veGF1dGgvc2VhbS9yZXNvdXJjZS9yZXN0djEvb3hhdXRoL2p3a3MiLCJraWQiOiIxIn0.eyJpc3MiOiJodHRwczovL3NlZWQuZ2x1dS5vcmciLCJhdWQiOiJAITExMTEhMDAwOCE0QzlDLjFFQkUiLCJleHAiOjEzNzQwMTUzMDMsImlhdCI6MTM3NDAxMTcwMywic3ViIjoibWlrZSIsIm94SW51bSI6IkAhMTExMSEwMDAwIUQ0RTciLCJveFZhbGlkYXRpb25VUkkiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC9jaGVja19zZXNzaW9uIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIn0.jp-xRtnFbljKrd6oo4UUNlZsOHp5d7r4voaOEHXa6ZgFoDom-wLfWYnxBGqzy4mYKp1wcSJGPRmhHo0Y1nEwHzAud0bWg-zgGe9xImF_Br1s5uzjQUP9OkPEzRqPyfsxeBymperf5B3tvyk72WXNAwMAJgAhX1h-KMs5kOKVmzRoPxQVgHL3o9gAW0toc2_cE2_Puc1wNy08pZOA1opH9N6m6OtwSqt7r9AbsiyyXTzDD8Xci6T1XcYJDSuyoy6rg3u9r0Zq-Z3AW2h032ig1dJYW7kLK4bKcPd5b4cSgHE8vA3pyHa1-9qWCq1aZmUpAOjvpC9SQSc8rnDHz4rtzg"}


#######################################################
TEST: OC5:FeatureTest-Support Authentication to Token Endpoint with Asymmetrically Signed JWTs (ES256)
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: seed.gluu.org

{
    "redirect_uris": [
        "https://seed.gluu.org/oxauth-rp/home.seam",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "token_endpoint_auth_method": "private_key_jwt",
    "jwks_uri": "https://seed.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://seed.gluu.org/oxauth-client/test/resources/sector_identifier.js"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{
    "client_id": "@!1111!0008!223D.FD46",
    "client_secret": "e26ad6b1-6f9f-4048-a782-192eb366a811",
    "registration_access_token": "8e0f883a-bdbc-4338-8f6c-e7dd580c2303",
    "registration_client_uri": "https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/register?client_id=@!1111!0008!223D.FD46",
    "client_id_issued_at": 1374011561,
    "client_secret_expires_at": 1374097961,
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "token_endpoint_auth_method": "private_key_jwt",
    "jwks_uri": "https://seed.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://seed.gluu.org/oxauth-client/test/resources/sector_identifier.js",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "require_auth_time": false,
    "request_uris": [],
    "scopes": [
        "openid",
        "address",
        "profile",
        "phone",
        "email"
    ]
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/authorize?response_type=code&client_id=%40%211111%210008%21223D.FD46&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam%3Ffoo%3Dbar&state=STATE_XYZ

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://seed.gluu.org/oxauth-rp/home.seam?foo=bar&&code=a7a36985-d150-4e55-8525-ef9697e2dfc0&auth_level=10&auth_mode=basic&session_id=c32bb46a-9221-48fa-ac96-5aad9a84e181&state=STATE_XYZ&scope=openid+profile+address+email

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: seed.gluu.org

grant_type=authorization_code&code=a7a36985-d150-4e55-8525-ef9697e2dfc0&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam%3Ffoo%3Dbar&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1MiLCJhbGciOiJFUzI1NiIsImtpZCI6IkVTMjU2U0lHIn0.eyJpc3MiOiJAITExMTEhMDAwOCEyMjNELkZENDYiLCJzdWIiOiJAITExMTEhMDAwOCEyMjNELkZENDYiLCJhdWQiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC90b2tlbiIsImp0aSI6ImQ0ZWY3NWNiLTY5NzYtNGExNi1hMTcwLTE4ZjY3YjQ4MWMxNyIsImV4cCI6MTM3NDAxMTg4NCwiaWF0IjoxMzc0MDExNTg0fQ.MEUCIGOpqGSHyeMRPs3e7zFSGJpmPSNJQ-Dew6EJcfa3ZrG-AiEA1CKHnWHI_XdF3XEeUjfaMdXSYOGKTirDLybykodU-H0

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{"access_token":"0b474222-2213-41d3-bbb9-47d14531345f","token_type":"bearer","expires_in":3599,"refresh_token":"3b18a74a-4c1f-4ae9-aa31-7558e98c5c02","id_token":"eyJ0eXAiOiJKV1MiLCJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOi8vc2VlZC5nbHV1Lm9yZy9veGF1dGgvc2VhbS9yZXNvdXJjZS9yZXN0djEvb3hhdXRoL2p3a3MiLCJraWQiOiIxIn0.eyJpc3MiOiJodHRwczovL3NlZWQuZ2x1dS5vcmciLCJhdWQiOiJAITExMTEhMDAwOCEyMjNELkZENDYiLCJleHAiOjEzNzQwMTUxODQsImlhdCI6MTM3NDAxMTU4NCwic3ViIjoibWlrZSIsIm94SW51bSI6IkAhMTExMSEwMDAwIUQ0RTciLCJveFZhbGlkYXRpb25VUkkiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC9jaGVja19zZXNzaW9uIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIn0.kbti1yqb4fCzmgHDTD-GRpjZe-SXjk_a2tcZ-7XcaCB2E4teUwEWH1-EhF4X6pv9UkeiK9neG3wCLJ7fMrTceEBNmLF21L2vB11S7Bl6eApCLDXkik5MyPP_A9R5BLoxpobK6XpvpiD_lCvlgqxK91zY3tWkwXBvfqk8eb0xMnsFwVt-ZBZ_kBCWWHQuMvmONbaGk5cOvatbZyfyoz_sWNhn7wPhqbF6qWPBy_w_sRQGbPdAktIlayhAhcrvcGlI6U866AkbI6CnmgGMrh56zwm8qU-ldccqM3pvYCyO0SsQfxfQCBWpZp7lkM-yL5oc2y8wCA54e-j9tAjndDOMdw"}


#######################################################
TEST: OC5:FeatureTest-Support Authentication to Token Endpoint with Asymmetrically Signed JWTs (ES384)
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: seed.gluu.org

{
    "redirect_uris": [
        "https://seed.gluu.org/oxauth-rp/home.seam",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "token_endpoint_auth_method": "private_key_jwt",
    "jwks_uri": "https://seed.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://seed.gluu.org/oxauth-client/test/resources/sector_identifier.js"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{
    "client_id": "@!1111!0008!7DE8.2660",
    "client_secret": "4da000ae-75b5-43af-b515-b682e904d803",
    "registration_access_token": "9f9e0fe6-d206-4259-ab18-fa271bb6e9ce",
    "registration_client_uri": "https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/register?client_id=@!1111!0008!7DE8.2660",
    "client_id_issued_at": 1374011586,
    "client_secret_expires_at": 1374097986,
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "token_endpoint_auth_method": "private_key_jwt",
    "jwks_uri": "https://seed.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://seed.gluu.org/oxauth-client/test/resources/sector_identifier.js",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "require_auth_time": false,
    "request_uris": [],
    "scopes": [
        "openid",
        "address",
        "profile",
        "phone",
        "email"
    ]
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/authorize?response_type=code&client_id=%40%211111%210008%217DE8.2660&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam%3Ffoo%3Dbar&state=STATE_XYZ

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://seed.gluu.org/oxauth-rp/home.seam?foo=bar&&code=6e4708c5-386b-4683-b284-0aad8ed8c078&auth_level=10&auth_mode=basic&session_id=9c3f9205-e469-4213-9967-05db9e7337ad&state=STATE_XYZ&scope=openid+profile+address+email

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: seed.gluu.org

grant_type=authorization_code&code=6e4708c5-386b-4683-b284-0aad8ed8c078&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam%3Ffoo%3Dbar&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1MiLCJhbGciOiJFUzM4NCIsImtpZCI6IkVTMzg0U0lHIn0.eyJpc3MiOiJAITExMTEhMDAwOCE3REU4LjI2NjAiLCJzdWIiOiJAITExMTEhMDAwOCE3REU4LjI2NjAiLCJhdWQiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC90b2tlbiIsImp0aSI6ImVhNjY4NzM0LThiZjctNGIzYi1iN2Y0LTU1NjM4M2U2ZWZhZSIsImV4cCI6MTM3NDAxMTkwNywiaWF0IjoxMzc0MDExNjA3fQ.MGYCMQD6s7RDFcmiH2Zch1nMFUcKXkuLuqrHzGuR95MxNenwGSsC7XY-bqX67EBPVR8cJjECMQDYhc0Z9119vy8IntjMcuIlsCWK08OyPY82FsT1mdnjRQNXmaWpIkiFN8Z2lDEQxes

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{"access_token":"b5774d95-7cb3-4a16-a4a0-6f865afa0404","token_type":"bearer","expires_in":3599,"refresh_token":"7d5df13b-c0fd-4f8e-be4e-35eebc8058ae","id_token":"eyJ0eXAiOiJKV1MiLCJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOi8vc2VlZC5nbHV1Lm9yZy9veGF1dGgvc2VhbS9yZXNvdXJjZS9yZXN0djEvb3hhdXRoL2p3a3MiLCJraWQiOiIxIn0.eyJpc3MiOiJodHRwczovL3NlZWQuZ2x1dS5vcmciLCJhdWQiOiJAITExMTEhMDAwOCE3REU4LjI2NjAiLCJleHAiOjEzNzQwMTUyMDcsImlhdCI6MTM3NDAxMTYwNywic3ViIjoibWlrZSIsIm94SW51bSI6IkAhMTExMSEwMDAwIUQ0RTciLCJveFZhbGlkYXRpb25VUkkiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC9jaGVja19zZXNzaW9uIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIn0.LCGoqx9Pi2V9CcktneBB1dkhtDRQgmwJuyCKqw-nroqa9X4QQ0yM6Qb7XVvOznKGWv7rIK0AiiiYC7V3wxUTFtMAQU4GEzS5mPUYFEH5wzuYcLjuj5HB8lNXmbio_yrx0DOSrnPe-_zZ181tvo_No_w73U19N2pJprw4ncvlEdjHhMBMkeyBTg5ozYOXfFnAXG_xpNstFNicX5rBkmku_3hNcz6ci40_DaiTCacS84sRjgbm5m_vJ_mamsdvI0lCSTu0Xb-QwezUFcJ5m2jC6FmueLQSiJ5gC3a5ly7FCK_gCkl4DKOkM7TieDe_PZh3vr3LniHQw2TDbMmJicsAQw"}


#######################################################
TEST: OC5:FeatureTest-Support Authentication to Token Endpoint with Asymmetrically Signed JWTs (ES512)
#######################################################
-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/register HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: seed.gluu.org

{
    "redirect_uris": [
        "https://seed.gluu.org/oxauth-rp/home.seam",
        "https://client.example.com/cb",
        "https://client.example.com/cb1",
        "https://client.example.com/cb2"
    ],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "token_endpoint_auth_method": "private_key_jwt",
    "jwks_uri": "https://seed.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://seed.gluu.org/oxauth-client/test/resources/sector_identifier.js"
}

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{
    "client_id": "@!1111!0008!9225.28D9",
    "client_secret": "10a9781c-ed98-4bb1-bdde-5f47f105753e",
    "registration_access_token": "be92c554-081c-41a6-b9ad-04ce5557206a",
    "registration_client_uri": "https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/register?client_id=@!1111!0008!9225.28D9",
    "client_id_issued_at": 1374011611,
    "client_secret_expires_at": 1374098011,
    "response_types": ["code"],
    "application_type": "web",
    "client_name": "oxAuth test app",
    "token_endpoint_auth_method": "private_key_jwt",
    "jwks_uri": "https://seed.gluu.org/oxauth-client/test/resources/jwks.json",
    "sector_identifier_uri": "https://seed.gluu.org/oxauth-client/test/resources/sector_identifier.js",
    "subject_type": "public",
    "id_token_signed_response_alg": "RS256",
    "require_auth_time": false,
    "request_uris": [],
    "scopes": [
        "openid",
        "address",
        "profile",
        "phone",
        "email"
    ]
}

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
https://seed.gluu.org/oxauth/seam/resource/restv1/oxauth/authorize?response_type=code&client_id=%40%211111%210008%219225.28D9&scope=openid+profile+address+email&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam%3Ffoo%3Dbar&state=STATE_XYZ

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 302 Found
Location: https://seed.gluu.org/oxauth-rp/home.seam?foo=bar&&code=78fd5cc6-dcad-46ec-991e-99578eab6eb9&auth_level=10&auth_mode=basic&session_id=9894c47c-e1f1-484a-aaaf-b245981f7a5d&state=STATE_XYZ&scope=openid+profile+address+email

-------------------------------------------------------
REQUEST:
-------------------------------------------------------
POST /oxauth/seam/resource/restv1/oxauth/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: seed.gluu.org

grant_type=authorization_code&code=78fd5cc6-dcad-46ec-991e-99578eab6eb9&redirect_uri=https%3A%2F%2Fseed.gluu.org%2Foxauth-rp%2Fhome.seam%3Ffoo%3Dbar&client_assertion_type=urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer&client_assertion=eyJ0eXAiOiJKV1MiLCJhbGciOiJFUzUxMiIsImtpZCI6IkVTNTEyU0lHIn0.eyJpc3MiOiJAITExMTEhMDAwOCE5MjI1LjI4RDkiLCJzdWIiOiJAITExMTEhMDAwOCE5MjI1LjI4RDkiLCJhdWQiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC90b2tlbiIsImp0aSI6IjhlZjFkYzgzLWEwYzAtNDZhNS04NDlmLWEyMTA2ODRiZTE3OSIsImV4cCI6MTM3NDAxMTkzMywiaWF0IjoxMzc0MDExNjMzfQ.MIGHAkIAnP7HCCI00o_5_ecNPdoQFZBWIgJ15Oaxq_oxhYJ9I0WM5mNHstJQVScz03GtbO3Qxt3EPh6OoDWRGzpi5SCnOZYCQWldfRwijvPkdbm9-9VedMseLaz8IvlQfyG6d-dPKJOfoHqTTGaJLmhMEvRPS5Ww4dZQWgYZrD61zI8bS5nNAuoL

-------------------------------------------------------
RESPONSE:
-------------------------------------------------------
HTTP/1.1 200
Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

{"access_token":"8b35a305-d130-4554-8a78-9568d26280b1","token_type":"bearer","expires_in":3599,"refresh_token":"c97c9a52-514d-463a-b9ff-2a8f6a50890b","id_token":"eyJ0eXAiOiJKV1MiLCJhbGciOiJSUzI1NiIsImprdSI6Imh0dHBzOi8vc2VlZC5nbHV1Lm9yZy9veGF1dGgvc2VhbS9yZXNvdXJjZS9yZXN0djEvb3hhdXRoL2p3a3MiLCJraWQiOiIxIn0.eyJpc3MiOiJodHRwczovL3NlZWQuZ2x1dS5vcmciLCJhdWQiOiJAITExMTEhMDAwOCE5MjI1LjI4RDkiLCJleHAiOjEzNzQwMTUyMzIsImlhdCI6MTM3NDAxMTYzMiwic3ViIjoibWlrZSIsIm94SW51bSI6IkAhMTExMSEwMDAwIUQ0RTciLCJveFZhbGlkYXRpb25VUkkiOiJodHRwczovL3NlZWQuZ2x1dS5vcmcvb3hhdXRoL3NlYW0vcmVzb3VyY2UvcmVzdHYxL294YXV0aC9jaGVja19zZXNzaW9uIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIn0.TfyJxyh9RIlInYFI0toRJ-RY86ji_v3g_jrDSO9NTXMmWcMnKaUxlsQLklr9ReMX6xymcKwjJlNxlOb-NPcQw6lyD7JwXuedbufaY_961ejwnVHSRmPZe9jgb91uHjruCC1e1oarfsWZ3pSE0ZMctgcrkkaYKtPdkr-1tArZZ0o_lFRpJQudMhfZGMmqKxvMEcne68pcuaUExnMz-9qxOquirglYiMRuiBeRj0fx3gHiocNV5vIZrhl0higifUOt45MCBD0ZcqD-w1IvKaj8XM9NUtJwZVdNcmcgAgw_cg0WdGrLWLiTuJel44YJRWsVmpSmNX9flsrvoMjisY4gAQ"}


===============================================
Custom suite
Total tests run: 6, Failures: 0, Skips: 0
===============================================

Back To

{{#dpl: namespace = OC5 | linksto = OC5:FTR-op-tok-pkjwt-x-Gluu OX }}