JARM FAPI Test Failed: fapi1-advanced-final-user-rejects-authentication

[HemantKMehta]

fapi1-advanced-final-user-rejects-authentication: https://www.certification.openid.net/log-detail.html?log=OMZWXbz2Ctg1KDl&public=true

Instruction on Test page: "This test requires the user to reject the authentication or consent, for example by pressing the 'cancel' button on the login screen. It verifies that the user is redirected back to the relying party's redirect_uri with an 'access_denied' error."

In this test user is supposed to reject the authentication/ consent request since we don't have the cancel button on login screen (I am trying to add it), so I am rejecting authentication request by clicking Don't Allow button on consent screen as given in screenshot.

After click on "Don't Allow", it returns back to the following URL(redirectUri) and results in "ExtractJARMFromURLQuery: Couldn't find response in callback_query_params" error

https://www.certification.openid.net/test/a/GOBD1CNFAPITestOBUK/callback?

We need to return access_denied error within the JARM response.

[HemantKMehta]

Further details on this issue, Since this test is about rejecting the authentication, we don't have the cancel button on the login page (I have added cancel button but couldn't make it work) so I am rejecting the authentication by clicking don't allow on consent gathering screen.

The flow starts returning from this point by calling AuthorizeAction.permissionDenied method. In turn, the AuthorizeAction.permissionDenied method calls authorizeService.permissionDenied(session).

Finally authorizeService.permissionDenied(session) redirect to FAPI test from this line https://github.com/JanssenProject/jans-auth-server/blob/master/server/src/main/java/io/jans/as/server/service/AuthorizeService.java#L246.

Attaching log for reference jans-auth for user rejects authentication test.log

[HemantKMehta]

Completed and tested in this PR #695