Hi Yuri.
I'm sorry, just noticed that my description is wrong. "get-authorization-url" works with a padding =, but "get-tokens-by-code" fails.
```
TRACE [19:28:12.067] [dw-20 - POST /get-client-token] o.g.o.s.s.RpService - Found rp by client_id: a29e105e-cfce-49f4-bc30-41db06046745, rp: Rp{oxdId='da49f930-b1aa-46bc-afe6-aabb12beb460', opHost='https://gluu.my.site', opDiscoveryPath='null', idToken='eyJraWQiOiI4MGQxNmNkYS02YzE3LTQwYWQtODBkZS00M2Y4YjkyODY0ZDlfc2lnX3JzMjU2IiwidHlwIjoiSldUIiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoieC1yZDZUQ3hJbTJocW5NbzVic2pZZyIsImF1ZCI6ImEyOWUxMDVlLWNmY2UtNDlmNC1iYzMwLTQxZGIwNjA0Njc0NSIsImFjciI6InBhc3Nwb3J0X3NhbWwiLCJzdWIiOiJIeGFaT0ZfM29NTWkxRDNSY0Ftbmt5cGd5UDBIWjhrQWpEclhDSG5YSTU0IiwiYW1yIjpbIjYwIl0sImF1dGhfdGltZSI6MTU5OTY3ODkxMSwiaXNzIjoiaHR0cHM6Ly9hdXRoMDEucG9jLmF3aS5kZSIsImV4cCI6MTU5OTY4MzA1NCwiaWF0IjoxNTk5Njc5NDU0LCJub25jZSI6ImVmdDJoNXVwbDZ0OWhiODU2aDlpbG05aXEzIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIn0.Eu4_rFCsMhgF8Pr54DScvXnNx3h580UMw5RgvFu4hoEbcZpxLvbF9LShmJEnuYuf6a2Ts1hwZ5eL8r2Hx8PLpt9OGAyaDwe7OIKtLo7dffgKLNRLRQyzxsN8KuNkFNgJBY-G10iEqplH2RZOazYeBZmlYhhz9npyxomUQG6UrTv80723uPOSqqFbhfj4Mi6pC07bE5qURCYT5QstZ7iOkgKS5k9OcoOxF1QWp3zL7M82S4orh2siWM-y7t2t3ytYACaPshkK5kuiHpDxyXyL9Q2QMqXiwLau0anZBRnZb7qMIUAoIizBq3roN51YRuoK9SQn193Qq14HkysMr15nlA', accessToken='1d07674a-29e8-4714-9b08-332b4db27eca', redirectUri='https://client.my.site/callback', postLogoutRedirectUri='null', postLogoutRedirectUris='[https://client.my.site/logout]', applicationType='web', redirectUris=[https://client.my.site/callback], frontChannelLogoutUris=[], claimsRedirectUri=null, responseTypes=[code], clientId='a29e105e-cfce-49f4-bc30-41db06046745', clientRegistrationAccessToken='a1a8deb2-c494-40cd-89f0-9fef64f0300b', clientRegistrationClientUri='https://gluu.my.site/oxauth/restv1/register?client_id=a29e105e-cfce-49f4-bc30-41db06046745', clientIdIssuedAt=Mon Sep 07 12:50:24 UTC 2020, clientSecretExpiresAt=null, clientName='client.my.site', sectorIdentifierUri='null', clientJwksUri='null', scope=[openid, oxd, profile, user_name, email, memberOf], uiLocales=[], claimsLocales=[], acrValues=[], grantType=[authorization_code, client_credentials], contacts=[martin.petri@awi.de], userId='null', userSecret='null', pat='null', patExpiresIn=null, patCreatedAt=null, patRefreshToken='null', oauthToken='c2a8c914-5283-4aa7-8c16-588ae433812e', oauthTokenExpiresIn='299, oauthTokenCreatedAt='Wed Sep 09 19:23:05 UTC 2020, oauthTokenRefreshToken=''null', umaProtectedResources='[], rpt='null', rptTokenType='null', rptPct='null', rptExpiresAt='null', rptCreatedAt='null', rptUpgraded='null', rptAsJwt='false', tokenEndpointAuthSigningAlg='null', tokenEndpointAuthMethod='null', oxdRpProgrammingLanguage='null', accessTokenAsJwt='false', accessTokenSigningAlg='null', trusted_client='true', frontChannelLogoutSessionRequired='false', runIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims='false', requireAuthTime='false', logoUri='null', clientUri='null', policyUri='null', tosUri='null', jwks='null', idTokenBindingCnf='null', tlsClientAuthSubjectDn='null', idTokenSignedResponseAlg='null', idTokenEncryptedResponseAlg='null', idTokenEncryptedResponseEnc='null', userInfoSignedResponseAlg='null', userInfoEncryptedResponseAlg='null', userInfoEncryptedResponseEnc='null', requestObjectSigningAlg='null', requestObjectEncryptionAlg='null', requestObjectEncryptionEnc='null', defaultMaxAge='null', initiateLoginUri='null', authorizedOrigins='null', accessTokenLifetime='null', softwareId='null', softwareVersion='null', softwareStatement='null', customAttributes='null', requestUris='null'}
TRACE [19:28:12.072] [dw-20 - POST /get-client-token] o.g.o.s.s.HttpService - Created TRUST_ALL client.
TRACE [19:28:12.293] [dw-20 - POST /get-client-token] o.g.o.s.s.DiscoveryService - Discovery response: {
"request_parameter_supported" : true,
"token_revocation_endpoint" : "https://gluu.my.site/oxauth/restv1/revoke",
"introspection_endpoint" : "https://gluu.my.site/oxauth/restv1/introspection",
"claims_parameter_supported" : false,
"check_session_iframe" : "https://gluu.my.site/oxauth/opiframe.htm",
"scopes_supported" : [ "https://gluu.my.site/oxauth/restv1/uma/scopes/scim_access", "address", "openid", "clientinfo", "user_name", "profile", "uma_protection", "permission", "https://gluu.my.site/oxauth/restv1/uma/scopes/passport_access", "oxtrust-api-write", "oxtrust-api-read", "phone", "mobile_phone", "uid_number", "oxd", "memberOf", "super_gluu_ro_session", "email" ],
"issuer" : "https://gluu.my.site",
"acr_values_supported" : [ "passport_saml", "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", "poc-dmawi.de" ],
"userinfo_encryption_enc_values_supported" : [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ],
"id_token_encryption_enc_values_supported" : [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ],
"authorization_endpoint" : "https://gluu.my.site/oxauth/restv1/authorize",
"service_documentation" : "http://gluu.org/docs",
"request_object_encryption_enc_values_supported" : [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ],
"display_values_supported" : [ "page", "popup" ],
"id_generation_endpoint" : "https://gluu.my.site/oxauth/restv1/id",
"userinfo_signing_alg_values_supported" : [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ],
"claims_supported" : [ "street_address", "country", "zoneinfo", "birthdate", "gender", "formatted", "user_name", "phone_mobile_number", "preferred_username", "locale", "inum", "updated_at", "nickname", "member_of", "email", "website", "email_verified", "profile", "locality", "phone_number_verified", "given_name", "middle_name", "picture", "name", "uid_number", "phone_number", "postal_code", "region", "family_name" ],
"scope_to_claims_mapping" : [ {
"profile" : [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]
}, {
"openid" : [ ]
}, {
"https://gluu.my.site/oxauth/restv1/uma/scopes/scim_access" : [ ]
}, {
"permission" : [ ]
}, {
"super_gluu_ro_session" : [ ]
}, {
"https://gluu.my.site/oxauth/restv1/uma/scopes/passport_access" : [ ]
}, {
"phone" : [ "phone_number_verified", "phone_number" ]
}, {
"uid_number" : [ "uid_number" ]
}, {
"address" : [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]
}, {
"clientinfo" : [ "name", "inum" ]
}, {
"mobile_phone" : [ "phone_mobile_number" ]
}, {
"email" : [ "email_verified", "email" ]
}, {
"user_name" : [ "user_name" ]
}, {
"oxtrust-api-write" : [ ]
}, {
"oxd" : [ ]
}, {
"memberOf" : [ "member_of" ]
}, {
"uma_protection" : [ ]
}, {
"oxtrust-api-read" : [ ]
} ],
"claim_types_supported" : [ "normal" ],
"op_policy_uri" : "http://ox.gluu.org/doku.php?id=oxauth:policy",
"token_endpoint_auth_methods_supported" : [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ],
"tls_client_certificate_bound_access_tokens" : true,
"response_modes_supported" : [ "query", "fragment", "form_post" ],
"token_endpoint" : "https://gluu.my.site/oxauth/restv1/token",
"response_types_supported" : [ "code token id_token", "token id_token", "code token", "code id_token", "code", "token", "id_token" ],
"request_uri_parameter_supported" : true,
"userinfo_encryption_alg_values_supported" : [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ],
"grant_types_supported" : [ "urn:ietf:params:oauth:grant-type:uma-ticket", "implicit", "authorization_code", "password", "client_credentials", "refresh_token" ],
"end_session_endpoint" : "https://gluu.my.site/oxauth/restv1/end_session",
"ui_locales_supported" : [ "en", "es" ],
"revocation_endpoint" : "https://gluu.my.site/oxauth/restv1/revoke",
"userinfo_endpoint" : "https://gluu.my.site/oxauth/restv1/userinfo",
"token_endpoint_auth_signing_alg_values_supported" : [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ],
"op_tos_uri" : "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported" : true,
"auth_level_mapping" : {
"-1" : [ "poc-dmawi.de" ],
"60" : [ "passport_saml" ]
},
"require_request_uri_registration" : false,
"id_token_encryption_alg_values_supported" : [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ],
"jwks_uri" : "https://gluu.my.site/oxauth/restv1/jwks",
"frontchannel_logout_session_supported" : true,
"subject_types_supported" : [ "public", "pairwise" ],
"id_token_signing_alg_values_supported" : [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ],
"registration_endpoint" : "https://gluu.my.site/oxauth/restv1/register",
"claims_locales_supported" : [ "en" ],
"clientinfo_endpoint" : "https://gluu.my.site/oxauth/restv1/clientinfo",
"request_object_signing_alg_values_supported" : [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ],
"request_object_encryption_alg_values_supported" : [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ],
"id_token_token_binding_cnf_values_supported" : [ "tbh" ]
}
TRACE [19:28:12.294] [dw-20 - POST /get-client-token] o.g.o.s.s.HttpService - Created TRUST_ALL client.
TRACE [19:28:12.397] [dw-20 - POST /get-client-token] o.g.o.s.RestResource - Send back response: {"access_token":"b86c1af8-958b-4b7d-be2a-1f9e16ddecb3","expires_in":299,"refresh_token":null,"scope":["openid","user_name","oxd","email"]}
TRACE [19:28:12.435] [dw-23 - POST /get-authorization-url] o.g.o.s.RestResource - Command: {"oxd_id": "da49f930-b1aa-46bc-afe6-aabb12beb460", "scope": ["openid", "oxd", "email", "user_name", "memberof"], "acr_values": ["passport_saml"], "redirect_uri": "https://client.my.site/callback", "state": "L3Byb2plY3RzL1BoaWxQcm9qMTA="}
TRACE [19:28:12.437] [dw-23 - POST /get-authorization-url] o.g.o.s.s.ValidationService - Introspect token with rp: Rp{oxdId='da49f930-b1aa-46bc-afe6-aabb12beb460', opHost='https://gluu.my.site', opDiscoveryPath='null', idToken='eyJraWQiOiI4MGQxNmNkYS02YzE3LTQwYWQtODBkZS00M2Y4YjkyODY0ZDlfc2lnX3JzMjU2IiwidHlwIjoiSldUIiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoieC1yZDZUQ3hJbTJocW5NbzVic2pZZyIsImF1ZCI6ImEyOWUxMDVlLWNmY2UtNDlmNC1iYzMwLTQxZGIwNjA0Njc0NSIsImFjciI6InBhc3Nwb3J0X3NhbWwiLCJzdWIiOiJIeGFaT0ZfM29NTWkxRDNSY0Ftbmt5cGd5UDBIWjhrQWpEclhDSG5YSTU0IiwiYW1yIjpbIjYwIl0sImF1dGhfdGltZSI6MTU5OTY3ODkxMSwiaXNzIjoiaHR0cHM6Ly9hdXRoMDEucG9jLmF3aS5kZSIsImV4cCI6MTU5OTY4MzA1NCwiaWF0IjoxNTk5Njc5NDU0LCJub25jZSI6ImVmdDJoNXVwbDZ0OWhiODU2aDlpbG05aXEzIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIn0.Eu4_rFCsMhgF8Pr54DScvXnNx3h580UMw5RgvFu4hoEbcZpxLvbF9LShmJEnuYuf6a2Ts1hwZ5eL8r2Hx8PLpt9OGAyaDwe7OIKtLo7dffgKLNRLRQyzxsN8KuNkFNgJBY-G10iEqplH2RZOazYeBZmlYhhz9npyxomUQG6UrTv80723uPOSqqFbhfj4Mi6pC07bE5qURCYT5QstZ7iOkgKS5k9OcoOxF1QWp3zL7M82S4orh2siWM-y7t2t3ytYACaPshkK5kuiHpDxyXyL9Q2QMqXiwLau0anZBRnZb7qMIUAoIizBq3roN51YRuoK9SQn193Qq14HkysMr15nlA', accessToken='1d07674a-29e8-4714-9b08-332b4db27eca', redirectUri='https://client.my.site/callback', postLogoutRedirectUri='null', postLogoutRedirectUris='[https://client.my.site/logout]', applicationType='web', redirectUris=[https://client.my.site/callback], frontChannelLogoutUris=[], claimsRedirectUri=null, responseTypes=[code], clientId='a29e105e-cfce-49f4-bc30-41db06046745', clientRegistrationAccessToken='a1a8deb2-c494-40cd-89f0-9fef64f0300b', clientRegistrationClientUri='https://gluu.my.site/oxauth/restv1/register?client_id=a29e105e-cfce-49f4-bc30-41db06046745', clientIdIssuedAt=Mon Sep 07 12:50:24 UTC 2020, clientSecretExpiresAt=null, clientName='client.my.site', sectorIdentifierUri='null', clientJwksUri='null', scope=[openid, oxd, profile, user_name, email, memberOf], uiLocales=[], claimsLocales=[], acrValues=[], grantType=[authorization_code, client_credentials], contacts=[martin.petri@awi.de], userId='null', userSecret='null', pat='null', patExpiresIn=null, patCreatedAt=null, patRefreshToken='null', oauthToken='c2a8c914-5283-4aa7-8c16-588ae433812e', oauthTokenExpiresIn='299, oauthTokenCreatedAt='Wed Sep 09 19:23:05 UTC 2020, oauthTokenRefreshToken=''null', umaProtectedResources='[], rpt='null', rptTokenType='null', rptPct='null', rptExpiresAt='null', rptCreatedAt='null', rptUpgraded='null', rptAsJwt='false', tokenEndpointAuthSigningAlg='null', tokenEndpointAuthMethod='null', oxdRpProgrammingLanguage='null', accessTokenAsJwt='false', accessTokenSigningAlg='null', trusted_client='true', frontChannelLogoutSessionRequired='false', runIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims='false', requireAuthTime='false', logoUri='null', clientUri='null', policyUri='null', tosUri='null', jwks='null', idTokenBindingCnf='null', tlsClientAuthSubjectDn='null', idTokenSignedResponseAlg='null', idTokenEncryptedResponseAlg='null', idTokenEncryptedResponseEnc='null', userInfoSignedResponseAlg='null', userInfoEncryptedResponseAlg='null', userInfoEncryptedResponseEnc='null', requestObjectSigningAlg='null', requestObjectEncryptionAlg='null', requestObjectEncryptionEnc='null', defaultMaxAge='null', initiateLoginUri='null', authorizedOrigins='null', accessTokenLifetime='null', softwareId='null', softwareVersion='null', softwareStatement='null', customAttributes='null', requestUris='null'}
TRACE [19:28:12.448] [dw-23 - POST /get-authorization-url] o.g.o.s.s.HttpService - Created TRUST_ALL client.
TRACE [19:28:12.511] [dw-23 - POST /get-authorization-url] o.g.o.s.s.DiscoveryService - Discovery response: {
"request_parameter_supported" : true,
"token_revocation_endpoint" : "https://gluu.my.site/oxauth/restv1/revoke",
"introspection_endpoint" : "https://gluu.my.site/oxauth/restv1/introspection",
"claims_parameter_supported" : false,
"check_session_iframe" : "https://gluu.my.site/oxauth/opiframe.htm",
"scopes_supported" : [ "https://gluu.my.site/oxauth/restv1/uma/scopes/scim_access", "address", "openid", "clientinfo", "user_name", "profile", "uma_protection", "permission", "https://gluu.my.site/oxauth/restv1/uma/scopes/passport_access", "oxtrust-api-write", "oxtrust-api-read", "phone", "mobile_phone", "uid_number", "oxd", "memberOf", "super_gluu_ro_session", "email" ],
"issuer" : "https://gluu.my.site",
"acr_values_supported" : [ "passport_saml", "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", "poc-dmawi.de" ],
"userinfo_encryption_enc_values_supported" : [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ],
"id_token_encryption_enc_values_supported" : [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ],
"authorization_endpoint" : "https://gluu.my.site/oxauth/restv1/authorize",
"service_documentation" : "http://gluu.org/docs",
"request_object_encryption_enc_values_supported" : [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ],
"display_values_supported" : [ "page", "popup" ],
"id_generation_endpoint" : "https://gluu.my.site/oxauth/restv1/id",
"userinfo_signing_alg_values_supported" : [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ],
"claims_supported" : [ "street_address", "country", "zoneinfo", "birthdate", "gender", "formatted", "user_name", "phone_mobile_number", "preferred_username", "locale", "inum", "updated_at", "nickname", "member_of", "email", "website", "email_verified", "profile", "locality", "phone_number_verified", "given_name", "middle_name", "picture", "name", "uid_number", "phone_number", "postal_code", "region", "family_name" ],
"scope_to_claims_mapping" : [ {
"profile" : [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]
}, {
"openid" : [ ]
}, {
"https://gluu.my.site/oxauth/restv1/uma/scopes/scim_access" : [ ]
}, {
"permission" : [ ]
}, {
"super_gluu_ro_session" : [ ]
}, {
"https://gluu.my.site/oxauth/restv1/uma/scopes/passport_access" : [ ]
}, {
"phone" : [ "phone_number_verified", "phone_number" ]
}, {
"uid_number" : [ "uid_number" ]
}, {
"address" : [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]
}, {
"clientinfo" : [ "name", "inum" ]
}, {
"mobile_phone" : [ "phone_mobile_number" ]
}, {
"email" : [ "email_verified", "email" ]
}, {
"user_name" : [ "user_name" ]
}, {
"oxtrust-api-write" : [ ]
}, {
"oxd" : [ ]
}, {
"memberOf" : [ "member_of" ]
}, {
"uma_protection" : [ ]
}, {
"oxtrust-api-read" : [ ]
} ],
"claim_types_supported" : [ "normal" ],
"op_policy_uri" : "http://ox.gluu.org/doku.php?id=oxauth:policy",
"token_endpoint_auth_methods_supported" : [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ],
"tls_client_certificate_bound_access_tokens" : true,
"response_modes_supported" : [ "query", "fragment", "form_post" ],
"token_endpoint" : "https://gluu.my.site/oxauth/restv1/token",
"response_types_supported" : [ "code token id_token", "token id_token", "code token", "code id_token", "code", "token", "id_token" ],
"request_uri_parameter_supported" : true,
"userinfo_encryption_alg_values_supported" : [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ],
"grant_types_supported" : [ "urn:ietf:params:oauth:grant-type:uma-ticket", "implicit", "authorization_code", "password", "client_credentials", "refresh_token" ],
"end_session_endpoint" : "https://gluu.my.site/oxauth/restv1/end_session",
"ui_locales_supported" : [ "en", "es" ],
"revocation_endpoint" : "https://gluu.my.site/oxauth/restv1/revoke",
"userinfo_endpoint" : "https://gluu.my.site/oxauth/restv1/userinfo",
"token_endpoint_auth_signing_alg_values_supported" : [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ],
"op_tos_uri" : "http://ox.gluu.org/doku.php?id=oxauth:tos",
"frontchannel_logout_supported" : true,
"auth_level_mapping" : {
"-1" : [ "poc-dmawi.de" ],
"60" : [ "passport_saml" ]
},
"require_request_uri_registration" : false,
"id_token_encryption_alg_values_supported" : [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ],
"jwks_uri" : "https://gluu.my.site/oxauth/restv1/jwks",
"frontchannel_logout_session_supported" : true,
"subject_types_supported" : [ "public", "pairwise" ],
"id_token_signing_alg_values_supported" : [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ],
"registration_endpoint" : "https://gluu.my.site/oxauth/restv1/register",
"claims_locales_supported" : [ "en" ],
"clientinfo_endpoint" : "https://gluu.my.site/oxauth/restv1/clientinfo",
"request_object_signing_alg_values_supported" : [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ],
"request_object_encryption_alg_values_supported" : [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ],
"id_token_token_binding_cnf_values_supported" : [ "tbh" ]
}
TRACE [19:28:12.511] [dw-23 - POST /get-authorization-url] o.g.o.s.s.HttpService - Created TRUST_ALL client.
TRACE [19:28:12.523] [dw-23 - POST /get-authorization-url] o.g.o.s.s.HttpService - Created TRUST_ALL client.
TRACE [19:28:12.585] [dw-23 - POST /get-authorization-url] o.g.o.s.s.UmaTokenService - Obtained token with client authentication: UmaToken{token='f9b9b92a-3b05-4bf9-8677-0ccae6a35a08', refreshToken='null', expiresIn=299}
DEBUG [19:28:12.605] [dw-23 - POST /get-authorization-url] o.g.o.s.p.SqlPersistenceServiceImpl - RP updated successfully. RP : Rp{oxdId='da49f930-b1aa-46bc-afe6-aabb12beb460', opHost='https://gluu.my.site', opDiscoveryPath='null', idToken='eyJraWQiOiI4MGQxNmNkYS02YzE3LTQwYWQtODBkZS00M2Y4YjkyODY0ZDlfc2lnX3JzMjU2IiwidHlwIjoiSldUIiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoieC1yZDZUQ3hJbTJocW5NbzVic2pZZyIsImF1ZCI6ImEyOWUxMDVlLWNmY2UtNDlmNC1iYzMwLTQxZGIwNjA0Njc0NSIsImFjciI6InBhc3Nwb3J0X3NhbWwiLCJzdWIiOiJIeGFaT0ZfM29NTWkxRDNSY0Ftbmt5cGd5UDBIWjhrQWpEclhDSG5YSTU0IiwiYW1yIjpbIjYwIl0sImF1dGhfdGltZSI6MTU5OTY3ODkxMSwiaXNzIjoiaHR0cHM6Ly9hdXRoMDEucG9jLmF3aS5kZSIsImV4cCI6MTU5OTY4MzA1NCwiaWF0IjoxNTk5Njc5NDU0LCJub25jZSI6ImVmdDJoNXVwbDZ0OWhiODU2aDlpbG05aXEzIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIn0.Eu4_rFCsMhgF8Pr54DScvXnNx3h580UMw5RgvFu4hoEbcZpxLvbF9LShmJEnuYuf6a2Ts1hwZ5eL8r2Hx8PLpt9OGAyaDwe7OIKtLo7dffgKLNRLRQyzxsN8KuNkFNgJBY-G10iEqplH2RZOazYeBZmlYhhz9npyxomUQG6UrTv80723uPOSqqFbhfj4Mi6pC07bE5qURCYT5QstZ7iOkgKS5k9OcoOxF1QWp3zL7M82S4orh2siWM-y7t2t3ytYACaPshkK5kuiHpDxyXyL9Q2QMqXiwLau0anZBRnZb7qMIUAoIizBq3roN51YRuoK9SQn193Qq14HkysMr15nlA', accessToken='1d07674a-29e8-4714-9b08-332b4db27eca', redirectUri='https://client.my.site/callback', postLogoutRedirectUri='null', postLogoutRedirectUris='[https://client.my.site/logout]', applicationType='web', redirectUris=[https://client.my.site/callback], frontChannelLogoutUris=[], claimsRedirectUri=[], responseTypes=[code], clientId='a29e105e-cfce-49f4-bc30-41db06046745', clientRegistrationAccessToken='a1a8deb2-c494-40cd-89f0-9fef64f0300b', clientRegistrationClientUri='https://gluu.my.site/oxauth/restv1/register?client_id=a29e105e-cfce-49f4-bc30-41db06046745', clientIdIssuedAt=Mon Sep 07 12:50:24 UTC 2020, clientSecretExpiresAt=null, clientName='client.my.site', sectorIdentifierUri='null', clientJwksUri='null', scope=[openid, oxd, profile, user_name, email, memberOf], uiLocales=[], claimsLocales=[], acrValues=[], grantType=[authorization_code, client_credentials], contacts=[martin.petri@awi.de], userId='null', userSecret='null', pat='null', patExpiresIn=null, patCreatedAt=null, patRefreshToken='null', oauthToken='f9b9b92a-3b05-4bf9-8677-0ccae6a35a08', oauthTokenExpiresIn='299, oauthTokenCreatedAt='Wed Sep 09 19:28:12 UTC 2020, oauthTokenRefreshToken=''null', umaProtectedResources='[], rpt='null', rptTokenType='null', rptPct='null', rptExpiresAt='null', rptCreatedAt='null', rptUpgraded='null', rptAsJwt='false', tokenEndpointAuthSigningAlg='null', tokenEndpointAuthMethod='null', oxdRpProgrammingLanguage='null', accessTokenAsJwt='false', accessTokenSigningAlg='null', trusted_client='true', frontChannelLogoutSessionRequired='false', runIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims='false', requireAuthTime='false', logoUri='null', clientUri='null', policyUri='null', tosUri='null', jwks='null', idTokenBindingCnf='null', tlsClientAuthSubjectDn='null', idTokenSignedResponseAlg='null', idTokenEncryptedResponseAlg='null', idTokenEncryptedResponseEnc='null', userInfoSignedResponseAlg='null', userInfoEncryptedResponseAlg='null', userInfoEncryptedResponseEnc='null', requestObjectSigningAlg='null', requestObjectEncryptionAlg='null', requestObjectEncryptionEnc='null', defaultMaxAge='null', initiateLoginUri='null', authorizedOrigins='null', accessTokenLifetime='null', softwareId='null', softwareVersion='null', softwareStatement='null', customAttributes='null', requestUris='null'}
TRACE [19:28:12.694] [dw-23 - POST /get-authorization-url] o.g.o.s.s.ValidationService - access_token: b86c1af8-958b-4b7d-be2a-1f9e16ddecb3, introspection: IntrospectionResponse{active=true, scope=[openid, user_name, oxd, email], clientId='a29e105e-cfce-49f4-bc30-41db06046745', username='null', tokenType='bearer', expiresAt=1599679992, issuedAt=1599679692, subject='', audience='a29e105e-cfce-49f4-bc30-41db06046745', issuer='https://gluu.my.site', jti='null', acrValues='null'}, clientId: a29e105e-cfce-49f4-bc30-41db06046745
TRACE [19:28:12.697] [dw-23 - POST /get-authorization-url] o.g.o.s.RestResource - Send back response: {"authorization_url":"https://gluu.my.site/oxauth/restv1/authorize?response_type=code&client_id=a29e105e-cfce-49f4-bc30-41db06046745&redirect_uri=https://client.my.site/callback&scope=openid+oxd+email+user_name+memberof&state=L3Byb2plY3RzL1BoaWxQcm9qMTA%3D&nonce=ck41jj0sg18h8snm5oikit2v0d&acr_values=passport_saml"}
TRACE [19:28:57.274] [dw-23 - POST /get-tokens-by-code] o.g.o.s.RestResource - Command: {"oxd_id": "da49f930-b1aa-46bc-afe6-aabb12beb460", "code": "29ecabbf-8e30-4118-9dee-9ce2915db23f", "state": "L3Byb2plY3RzL1BoaWxQcm9qMTA="}
TRACE [19:28:57.279] [dw-23 - POST /get-tokens-by-code] o.g.o.s.s.ValidationService - Introspect token with rp: Rp{oxdId='da49f930-b1aa-46bc-afe6-aabb12beb460', opHost='https://gluu.my.site', opDiscoveryPath='null', idToken='eyJraWQiOiI4MGQxNmNkYS02YzE3LTQwYWQtODBkZS00M2Y4YjkyODY0ZDlfc2lnX3JzMjU2IiwidHlwIjoiSldUIiwiYWxnIjoiUlMyNTYifQ.eyJhdF9oYXNoIjoieC1yZDZUQ3hJbTJocW5NbzVic2pZZyIsImF1ZCI6ImEyOWUxMDVlLWNmY2UtNDlmNC1iYzMwLTQxZGIwNjA0Njc0NSIsImFjciI6InBhc3Nwb3J0X3NhbWwiLCJzdWIiOiJIeGFaT0ZfM29NTWkxRDNSY0Ftbmt5cGd5UDBIWjhrQWpEclhDSG5YSTU0IiwiYW1yIjpbIjYwIl0sImF1dGhfdGltZSI6MTU5OTY3ODkxMSwiaXNzIjoiaHR0cHM6Ly9hdXRoMDEucG9jLmF3aS5kZSIsImV4cCI6MTU5OTY4MzA1NCwiaWF0IjoxNTk5Njc5NDU0LCJub25jZSI6ImVmdDJoNXVwbDZ0OWhiODU2aDlpbG05aXEzIiwib3hPcGVuSURDb25uZWN0VmVyc2lvbiI6Im9wZW5pZGNvbm5lY3QtMS4wIn0.Eu4_rFCsMhgF8Pr54DScvXnNx3h580UMw5RgvFu4hoEbcZpxLvbF9LShmJEnuYuf6a2Ts1hwZ5eL8r2Hx8PLpt9OGAyaDwe7OIKtLo7dffgKLNRLRQyzxsN8KuNkFNgJBY-G10iEqplH2RZOazYeBZmlYhhz9npyxomUQG6UrTv80723uPOSqqFbhfj4Mi6pC07bE5qURCYT5QstZ7iOkgKS5k9OcoOxF1QWp3zL7M82S4orh2siWM-y7t2t3ytYACaPshkK5kuiHpDxyXyL9Q2QMqXiwLau0anZBRnZb7qMIUAoIizBq3roN51YRuoK9SQn193Qq14HkysMr15nlA', accessToken='1d07674a-29e8-4714-9b08-332b4db27eca', redirectUri='https://client.my.site/callback', postLogoutRedirectUri='null', postLogoutRedirectUris='[https://client.my.site/logout]', applicationType='web', redirectUris=[https://client.my.site/callback], frontChannelLogoutUris=[], claimsRedirectUri=[], responseTypes=[code], clientId='a29e105e-cfce-49f4-bc30-41db06046745', clientRegistrationAccessToken='a1a8deb2-c494-40cd-89f0-9fef64f0300b', clientRegistrationClientUri='https://gluu.my.site/oxauth/restv1/register?client_id=a29e105e-cfce-49f4-bc30-41db06046745', clientIdIssuedAt=Mon Sep 07 12:50:24 UTC 2020, clientSecretExpiresAt=null, clientName='client.my.site', sectorIdentifierUri='null', clientJwksUri='null', scope=[openid, oxd, profile, user_name, email, memberOf], uiLocales=[], claimsLocales=[], acrValues=[], grantType=[authorization_code, client_credentials], contacts=[martin.petri@awi.de], userId='null', userSecret='null', pat='null', patExpiresIn=null, patCreatedAt=null, patRefreshToken='null', oauthToken='f9b9b92a-3b05-4bf9-8677-0ccae6a35a08', oauthTokenExpiresIn='299, oauthTokenCreatedAt='Wed Sep 09 19:28:12 UTC 2020, oauthTokenRefreshToken=''null', umaProtectedResources='[], rpt='null', rptTokenType='null', rptPct='null', rptExpiresAt='null', rptCreatedAt='null', rptUpgraded='null', rptAsJwt='false', tokenEndpointAuthSigningAlg='null', tokenEndpointAuthMethod='null', oxdRpProgrammingLanguage='null', accessTokenAsJwt='false', accessTokenSigningAlg='null', trusted_client='true', frontChannelLogoutSessionRequired='false', runIntrospectionScriptBeforeAccessTokenAsJwtCreationAndIncludeClaims='false', requireAuthTime='false', logoUri='null', clientUri='null', policyUri='null', tosUri='null', jwks='null', idTokenBindingCnf='null', tlsClientAuthSubjectDn='null', idTokenSignedResponseAlg='null', idTokenEncryptedResponseAlg='null', idTokenEncryptedResponseEnc='null', userInfoSignedResponseAlg='null', userInfoEncryptedResponseAlg='null', userInfoEncryptedResponseEnc='null', requestObjectSigningAlg='null', requestObjectEncryptionAlg='null', requestObjectEncryptionEnc='null', defaultMaxAge='null', initiateLoginUri='null', authorizedOrigins='null', accessTokenLifetime='null', softwareId='null', softwareVersion='null', softwareStatement='null', customAttributes='null', requestUris='null'}
TRACE [19:28:57.281] [dw-23 - POST /get-tokens-by-code] o.g.o.s.s.HttpService - Created TRUST_ALL client.
DEBUG [19:28:57.282] [dw-23 - POST /get-tokens-by-code] o.g.o.s.s.UmaTokenService - OauthToken from site configuration, OauthToken: f9b9b92a-3b05-4bf9-8677-0ccae6a35a08
TRACE [19:28:57.348] [dw-23 - POST /get-tokens-by-code] o.g.o.s.s.ValidationService - access_token: b86c1af8-958b-4b7d-be2a-1f9e16ddecb3, introspection: IntrospectionResponse{active=true, scope=[openid, user_name, oxd, email], clientId='a29e105e-cfce-49f4-bc30-41db06046745', username='null', tokenType='bearer', expiresAt=1599679992, issuedAt=1599679692, subject='', audience='a29e105e-cfce-49f4-bc30-41db06046745', issuer='https://gluu.my.site', jti='null', acrValues='null'}, clientId: a29e105e-cfce-49f4-bc30-41db06046745
ERROR [19:28:57.362] [dw-23 - POST /get-tokens-by-code] o.g.o.s.Processor - HTTP 400 Bad Request
org.gluu.oxd.server.HttpException: HTTP 400 Bad Request
at org.gluu.oxd.server.op.GetTokensByCodeOperation.validate(GetTokensByCodeOperation.java:116)
at org.gluu.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:40)
at org.gluu.oxd.server.op.GetTokensByCodeOperation.execute(GetTokensByCodeOperation.java:25)
at org.gluu.oxd.server.Processor.process(Processor.java:47)
at org.gluu.oxd.server.RestResource.getObjectForJsonConversion(RestResource.java:234)
at org.gluu.oxd.server.RestResource.process(RestResource.java:220)
at org.gluu.oxd.server.RestResource.getTokenByCode(RestResource.java:103)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.glassfish.jersey.server.model.internal.ResourceMethodInvocationHandlerFactory$1.invoke(ResourceMethodInvocationHandlerFactory.java:81)
at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher$1.run(AbstractJavaResourceMethodDispatcher.java:144)
at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.invoke(AbstractJavaResourceMethodDispatcher.java:161)
at org.glassfish.jersey.server.model.internal.JavaResourceMethodDispatcherProvider$TypeOutInvoker.doDispatch(JavaResourceMethodDispatcherProvider.java:205)
at org.glassfish.jersey.server.model.internal.AbstractJavaResourceMethodDispatcher.dispatch(AbstractJavaResourceMethodDispatcher.java:99)
at org.glassfish.jersey.server.model.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:389)
at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:347)
at org.glassfish.jersey.server.model.ResourceMethodInvoker.apply(ResourceMethodInvoker.java:102)
at org.glassfish.jersey.server.ServerRuntime$2.run(ServerRuntime.java:326)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:271)
at org.glassfish.jersey.internal.Errors$1.call(Errors.java:267)
at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
at org.glassfish.jersey.internal.Errors.process(Errors.java:267)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:317)
at org.glassfish.jersey.server.ServerRuntime.process(ServerRuntime.java:305)
at org.glassfish.jersey.server.ApplicationHandler.handle(ApplicationHandler.java:1154)
at org.glassfish.jersey.servlet.WebComponent.serviceImpl(WebComponent.java:473)
at org.glassfish.jersey.servlet.WebComponent.service(WebComponent.java:427)
at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:388)
at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:341)
at org.glassfish.jersey.servlet.ServletContainer.service(ServletContainer.java:228)
at io.dropwizard.jetty.NonblockingServletHolder.handle(NonblockingServletHolder.java:49)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1650)
at io.dropwizard.servlets.ThreadNameFilter.doFilter(ThreadNameFilter.java:35)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
at io.dropwizard.jersey.filter.AllowedMethodsFilter.handle(AllowedMethodsFilter.java:45)
at io.dropwizard.jersey.filter.AllowedMethodsFilter.doFilter(AllowedMethodsFilter.java:39)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:188)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1253)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:168)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:166)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1155)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
at com.codahale.metrics.jetty9.InstrumentedHandler.handle(InstrumentedHandler.java:239)
at io.dropwizard.jetty.RoutingHandler.handle(RoutingHandler.java:52)
at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:455)
at io.dropwizard.jetty.BiDiGzipHandler.handle(BiDiGzipHandler.java:67)
at org.eclipse.jetty.server.handler.RequestLogHandler.handle(RequestLogHandler.java:56)
at org.eclipse.jetty.server.handler.StatisticsHandler.handle(StatisticsHandler.java:169)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
at org.eclipse.jetty.server.Server.handle(Server.java:530)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:347)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:256)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:289)
at org.eclipse.jetty.io.ssl.SslConnection$3.succeeded(SslConnection.java:149)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)
at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:247)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.produce(EatWhatYouKill.java:140)
at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:382)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:708)
at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:626)
at java.lang.Thread.run(Thread.java:748)
```