✅ AccessToken_Response_with_QueryString
✅ AccessToken_Response_with_QueryString_and_Empty_Entry
✅ AccessToken_Response_with_QueryString_and_HashFragment
✅ Code_Response_with_QueryString
✅ Error_Response_with_HashFragment
✅ Error_Response_with_QueryString
✅ Error_Response_with_QueryString_and_HashFragment
✅ form_post_format_should_parse

✅ oauth_values_should_decode_correctly(id: ":/&%%(/(&/) %&%&/%/&", secret: ")(/)(/&  /%/&%$&$$&")
✅ oauth_values_should_decode_correctly(id: "firstname lastname", secret: "bar")
✅ oauth_values_should_decode_correctly(id: "firstname:lastname", secret: "bar:bar2")
✅ oauth_values_should_decode_correctly(id: "firstname:lastname", secret: "bar")
✅ oauth_values_should_decode_correctly(id: "foo", secret: "bar")
✅ oauth_values_should_decode_correctly(id: "foo", secret: "very+secret")
✅ oauth_values_should_decode_correctly(id: "sören:müller", secret: "bar:bar2")

✅ Default_options_should_result_in_four_claims
✅ Ignoring_issuer_should_result_in_one_claim
✅ Ordinal_and_ignoring_issuer_should_result_in_two_claims
✅ Ordinal_should_result_in_four_claims

✅ New_initialization_should_work

✅ Authority_comparison_may_be_case_insensitive
✅ Connecting_to_http_should_return_error
✅ Endpoints_not_belonging_to_authority_host_must_be_allowed_if_whitelisted(authority: "https://127.0.0.1", endpointBase: "https://127.0.0.2")
✅ Endpoints_not_belonging_to_authority_host_must_be_allowed_if_whitelisted(authority: "https://127.0.0.1", endpointBase: "https://differentauthority")
✅ Endpoints_not_belonging_to_authority_host_must_be_allowed_if_whitelisted(authority: "https://127.0.0.1", endpointBase: "https://localhost")
✅ Endpoints_not_belonging_to_authority_host_must_be_allowed_if_whitelisted(authority: "https://authority", endpointBase: "https://differentauthority")
✅ Endpoints_not_belonging_to_authority_host_must_be_allowed_if_whitelisted(authority: "https://authority/sub", endpointBase: "https://differentauthority")
✅ Endpoints_not_belonging_to_authority_host_must_return_policy_error(authority: "https://127.0.0.1", endpointBase: "https://127.0.0.2")
✅ Endpoints_not_belonging_to_authority_host_must_return_policy_error(authority: "https://127.0.0.1", endpointBase: "https://differentauthority")
✅ Endpoints_not_belonging_to_authority_host_must_return_policy_error(authority: "https://127.0.0.1", endpointBase: "https://localhost")
✅ Endpoints_not_belonging_to_authority_host_must_return_policy_error(authority: "https://authority", endpointBase: "https://differentauthority")
✅ Endpoints_not_belonging_to_authority_host_must_return_policy_error(authority: "https://authority/sub", endpointBase: "https://differentauthority")
✅ Endpoints_not_beneath_authority_must_be_allowed_if_whitelisted(authority: "https://authority/sub", endpointBase: "https://authority")
✅ Endpoints_not_beneath_authority_must_be_allowed_if_whitelisted(authority: "https://authority/sub1", endpointBase: "https://authority/sub2")
✅ Endpoints_not_beneath_authority_must_return_policy_error(authority: "https://authority/sub", endpointBase: "https://authority")
✅ Endpoints_not_beneath_authority_must_return_policy_error(authority: "https://authority/sub1", endpointBase: "https://authority/sub2")
✅ Endpoints_not_using_https_should_return_policy_error
✅ Excluded_endpoints_should_not_fail_validation
✅ Http_on_loopback_must_not_return_error(input: "http://127.0.0.1")
✅ Http_on_loopback_must_not_return_error(input: "http://localhost")
✅ Http_on_loopback_must_not_return_error(input: "http://LocalHost")
✅ If_policy_allows_http_non_http_must_not_return_error
✅ Invalid_issuer_name_must_return_policy_error
✅ Issuer_and_endpoint_can_be_unrelated_if_allowed
✅ Issuer_and_endpoint_can_be_unrelated_if_allowed_but_https_is_still_enforced
✅ Valid_issuer_name_must_return_no_error
✅ Valid_Urls_with_default_policy_should_succeed(input: "http://127.0.0.1:5000")
✅ Valid_Urls_with_default_policy_should_succeed(input: "http://127.0.0.1")
✅ Valid_Urls_with_default_policy_should_succeed(input: "http://localhost:5000")
✅ Valid_Urls_with_default_policy_should_succeed(input: "http://LocalHost:5000")
✅ Valid_Urls_with_default_policy_should_succeed(input: "http://localhost")
✅ Valid_Urls_with_default_policy_should_succeed(input: "http://LocalHost")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://authority:5000")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://authority:5000/sub")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://authority")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://authority/sub")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://demo.identityserver.io:5000/sub")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://demo.identityserver.io")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://demo.identityserver.io/sub")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://sub.demo.identityserver.io:5000/sub")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://sub.demo.identityserver.io")

✅ Authority_comparison_with_uri_equivalence
✅ Connecting_to_http_should_return_error
✅ Endpoints_not_belonging_to_authority_host_must_be_allowed_if_whitelisted(authority: "https://127.0.0.1", endpointBase: "https://127.0.0.2")
✅ Endpoints_not_belonging_to_authority_host_must_be_allowed_if_whitelisted(authority: "https://127.0.0.1", endpointBase: "https://differentauthority")
✅ Endpoints_not_belonging_to_authority_host_must_be_allowed_if_whitelisted(authority: "https://127.0.0.1", endpointBase: "https://localhost")
✅ Endpoints_not_belonging_to_authority_host_must_be_allowed_if_whitelisted(authority: "https://authority", endpointBase: "https://differentauthority")
✅ Endpoints_not_belonging_to_authority_host_must_be_allowed_if_whitelisted(authority: "https://authority/sub", endpointBase: "https://differentauthority")
✅ Endpoints_not_belonging_to_authority_host_must_return_policy_error(authority: "https://127.0.0.1", endpointBase: "https://127.0.0.2")
✅ Endpoints_not_belonging_to_authority_host_must_return_policy_error(authority: "https://127.0.0.1", endpointBase: "https://differentauthority")
✅ Endpoints_not_belonging_to_authority_host_must_return_policy_error(authority: "https://127.0.0.1", endpointBase: "https://localhost")
✅ Endpoints_not_belonging_to_authority_host_must_return_policy_error(authority: "https://authority", endpointBase: "https://differentauthority")
✅ Endpoints_not_belonging_to_authority_host_must_return_policy_error(authority: "https://authority/sub", endpointBase: "https://differentauthority")
✅ Endpoints_not_beneath_authority_must_be_allowed_if_whitelisted(authority: "https://authority/sub", endpointBase: "https://authority")
✅ Endpoints_not_beneath_authority_must_be_allowed_if_whitelisted(authority: "https://authority/sub1", endpointBase: "https://authority/sub2")
✅ Endpoints_not_beneath_authority_must_return_policy_error(authority: "https://authority/sub", endpointBase: "https://authority")
✅ Endpoints_not_beneath_authority_must_return_policy_error(authority: "https://authority/sub1", endpointBase: "https://authority/sub2")
✅ Endpoints_not_using_https_should_return_policy_error
✅ Excluded_endpoints_should_not_fail_validation
✅ Http_on_loopback_must_not_return_error(input: "http://127.0.0.1")
✅ Http_on_loopback_must_not_return_error(input: "http://localhost")
✅ Http_on_loopback_must_not_return_error(input: "http://LocalHost")
✅ If_policy_allows_http_non_http_must_not_return_error
✅ Invalid_issuer_name_must_return_policy_error
✅ Issuer_and_endpoint_can_be_unrelated_if_allowed
✅ Issuer_and_endpoint_can_be_unrelated_if_allowed_but_https_is_still_enforced
✅ String_comparison_with_uri_equivalence_is_default_strategy
✅ Valid_issuer_name_must_return_no_error
✅ Valid_Urls_with_default_policy_should_succeed(input: "http://127.0.0.1:5000")
✅ Valid_Urls_with_default_policy_should_succeed(input: "http://127.0.0.1")
✅ Valid_Urls_with_default_policy_should_succeed(input: "http://localhost:5000")
✅ Valid_Urls_with_default_policy_should_succeed(input: "http://LocalHost:5000")
✅ Valid_Urls_with_default_policy_should_succeed(input: "http://localhost")
✅ Valid_Urls_with_default_policy_should_succeed(input: "http://LocalHost")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://authority:5000")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://authority:5000/sub")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://authority")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://authority/sub")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://demo.identityserver.io:5000/sub")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://demo.identityserver.io")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://demo.identityserver.io/sub")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://sub.demo.identityserver.io:5000/sub")
✅ Valid_Urls_with_default_policy_should_succeed(input: "https://sub.demo.identityserver.io")

✅ Custom_path_is_supported(input: "https://server:123", documentPath: "/strange-location/openid-configuration")
✅ Custom_path_is_supported(input: "https://server:123/", documentPath: "/strange-location/openid-configuration")
✅ Custom_path_is_supported(input: "https://server:123/strange-location/openid-configu"···, documentPath: "/strange-location/openid-configuration")
✅ Custom_path_is_supported(input: "https://server:123/strange-location/openid-configu"···, documentPath: "/strange-location/openid-configuration")
✅ Custom_path_is_supported(input: "https://server:123/strange-location/openid-configu"···, documentPath: "strange-location/openid-configuration")
✅ Malformed_authority_url_should_throw(input: "file://some_file")
✅ Malformed_authority_url_should_throw(input: "foo")
✅ Malformed_authority_url_should_throw(input: "https:something_weird_https://something_other")
✅ Various_urls_should_normalize(input: "https://server:123")
✅ Various_urls_should_normalize(input: "https://server:123/.well-known/openid-configuratio"···)
✅ Various_urls_should_normalize(input: "https://server:123/.well-known/openid-configuratio"···)
✅ Various_urls_should_normalize(input: "https://server:123/")

✅ Http_request_should_have_correct_format
✅ Http_request_with_request_object_should_have_correct_format
✅ Valid_protocol_response_should_be_handled_correctly

✅ Exception_should_be_handled_correctly
✅ Http_error_should_be_handled_correctly
✅ Http_error_with_json_content_should_be_handled_correctly
✅ Http_error_with_non_json_content_should_be_handled_correctly
✅ Http_request_should_have_correct_format
✅ Malformed_response_document_should_be_handled_correctly
✅ Repeating_a_request_should_succeed
✅ Request_without_body_should_have_correct_format
✅ Setting_basic_authentication_style_should_send_basic_authentication_header
✅ Setting_post_values_authentication_style_should_post_values
✅ Valid_protocol_error_should_be_handled_correctly
✅ Valid_protocol_response_should_be_handled_correctly

✅ Authority_should_expand_to_endpoint
✅ Base_address_should_work
✅ Exception_at_jwk_should_be_handled_correctly
✅ Exception_should_be_handled_correctly
✅ Explicit_address_should_work
✅ Http_error_at_jwk_with_json_content_should_be_handled_correctly
✅ Http_error_at_jwk_with_no_content_should_be_handled_correctly
✅ Http_error_at_jwk_with_non_json_content_should_be_handled_correctly
✅ Http_error_should_be_handled_correctly
✅ Http_error_with_json_content_should_be_handled_correctly
✅ Http_error_with_non_json_content_should_be_handled_correctly
✅ Http_request_should_have_correct_format
✅ Mtls_alias_accessors_should_behave_as_expected
✅ Null_client_base_address_should_throw
✅ Null_discovery_document_address_should_throw
✅ Policy_authority_does_not_get_overwritten
✅ Strongly_typed_accessors_should_behave_as_expected
✅ TryGetValue_calls_should_behave_as_excected

✅ Exception_should_be_handled_correctly
✅ Extensions_should_be_serializable
✅ Http_error_should_be_handled_correctly
✅ Http_request_should_have_correct_format
✅ Malformed_response_document_should_be_handled_correctly
✅ Valid_protocol_error_should_be_handled_correctly
✅ Valid_protocol_response_should_be_handled_correctly

✅ Base_address_should_work
✅ Exception_should_be_handled_correctly
✅ Explicit_address_should_work
✅ Http_error_should_be_handled_correctly
✅ Http_error_with_json_content_should_be_handled_correctly
✅ Http_error_with_non_json_content_should_be_handled_correctly
✅ Http_request_should_have_correct_format
✅ Strongly_typed_accessors_should_behave_as_expected

✅ Additional_request_parameters_should_be_handled_correctly
✅ Exception_should_be_handled_correctly
✅ Http_error_should_be_handled_correctly
✅ Http_request_should_have_correct_format
✅ Malformed_response_document_should_be_handled_correctly
✅ Pushed_authorization_with_request_uri_should_fail
✅ Pushed_authorization_without_response_type_should_fail
✅ Request_with_request_object_should_succeed
✅ Success_protocol_response_should_be_handled_correctly

✅ Additional_request_parameters_should_be_handled_correctly
✅ Exception_should_be_handled_correctly
✅ Http_error_should_be_handled_correctly
✅ Http_request_should_have_correct_format
✅ Legacy_protocol_response_should_be_handled_correctly
✅ Malformed_response_document_should_be_handled_correctly
✅ Repeating_a_request_should_succeed
✅ Request_without_token_should_fail
✅ Success_protocol_response_should_be_handled_correctly
✅ Success_protocol_response_without_issuer_should_be_handled_correctly

✅ Additional_headers_should_be_propagated
✅ Additional_request_properties_should_be_propagated
✅ Backchannel_authentication_request_should_have_correct_format
✅ Client_credentials_request_should_have_correct_format
✅ Code_request_should_have_correct_format
✅ Code_request_without_code_should_fail
✅ Code_request_without_redirect_uri_should_fail
✅ Device_request_should_have_correct_format
✅ Device_request_without_device_code_should_fail
✅ dpop_nonce_should_be_returned
✅ dpop_proof_token_should_be_propagated
✅ Explicit_null_parameters_should_not_fail_
✅ Http_request_should_have_correct_format
✅ No_explicit_endpoint_address_should_use_base_address
✅ Password_request_should_have_correct_format
✅ Password_request_without_password_should_have_correct_format
✅ Password_request_without_username_should_fail
✅ Refresh_request_should_have_correct_format
✅ Refresh_request_without_refresh_token_should_fail
✅ Repeating_a_request_should_succeed
✅ Sending_raw_parameters_should_create_correct_format
✅ Setting_assertion_without_client_id_and_authz_header_should_have_correct_format
✅ Setting_basic_authentication_style_should_send_basic_authentication_header
✅ Setting_client_id_and_assertion_should_have_correct_format
✅ Setting_client_id_and_assertion_with_authorization_header_should_fail
✅ Setting_client_id_only_and_header_should_put_client_id_in_header
✅ Setting_client_id_only_and_post_should_put_client_id_in_post_body
✅ Setting_custom_parameters_should_have_correct_format
✅ Setting_grant_type_via_optional_parameters_should_create_correct_format
✅ Setting_no_grant_type_should_fail
✅ Setting_post_values_authentication_style_should_post_values
✅ TokenExchange_request_should_have_correct_format

✅ Exception_should_be_handled_correctly
✅ Http_error_should_be_handled_correctly
✅ Http_error_with_json_content_should_be_handled_correctly
✅ Http_error_with_non_json_content_should_be_handled_correctly
✅ Malformed_response_document_should_be_handled_correctly
✅ Valid_protocol_error_should_be_handled_correctly
✅ Valid_protocol_response_should_be_handled_correctly

✅ Additional_parameters_should_be_sent_correctly
✅ Exception_should_be_handled_correctly
✅ Http_error_should_be_handled_correctly
✅ Http_request_should_have_correct_format
✅ Malformed_response_document_should_be_handled_correctly
✅ Repeating_a_request_should_succeed
✅ Valid_protocol_error_should_be_handled_correctly
✅ Valid_protocol_response_should_be_handled_correctly

✅ BadRequest_with_empty_body_should_be_handled_as_error
✅ Exception_should_be_handled_correctly
✅ Http_error_should_be_handled_correctly
✅ Http_request_should_have_correct_format
✅ Malformed_response_document_should_be_handled_correctly
✅ Non_json_response_should_set_raw
✅ Valid_protocol_response_should_be_handled_correctly

✅ Add_with_all_replace_works_as_expected
✅ Add_with_single_replace_but_multiple_exist_should_throw
✅ Add_with_single_replace_works_as_expected
✅ AddOptional_with_allow_duplicates_should_add_values
✅ AddOptional_with_allow_duplicates_should_not_add_empty_value(emptyValue: "")
✅ AddOptional_with_allow_duplicates_should_not_add_empty_value(emptyValue: null)
✅ AddOptional_with_duplicate_key_should_fail(value: "custom")
✅ AddOptional_with_duplicate_key_should_fail(value: "different value")
✅ AddOptional_with_duplicate_key_without_a_value_should_noop(emptyValue: "")
✅ AddOptional_with_duplicate_key_without_a_value_should_noop(emptyValue: null)
✅ AddOptional_with_empty_value_should_not_be_added(emptyValue: "")
✅ AddOptional_with_empty_value_should_not_be_added(emptyValue: null)
✅ AddOptional_with_key_and_value_should_add
✅ AddOptional_with_missing_key_should_fail(missingKey: "")
✅ AddOptional_with_missing_key_should_fail(missingKey: null)
✅ AddRequired_with_duplicate_empty_value_and_allowEmptyValue_and_allowDuplicates_should_add(emptyValue: "")
✅ AddRequired_with_duplicate_empty_value_and_allowEmptyValue_and_allowDuplicates_should_add(emptyValue: null)
✅ AddRequired_with_duplicate_key_and_distinct_values_should_fail
✅ AddRequired_with_duplicate_key_and_value_should_noop
✅ AddRequired_with_duplicate_key_without_a_value_should_noop(emptyValue: "")
✅ AddRequired_with_duplicate_key_without_a_value_should_noop(emptyValue: null)
✅ AddRequired_with_empty_value_and_allowEmptyValue_should_add(emptyValue: "")
✅ AddRequired_with_empty_value_and_allowEmptyValue_should_add(emptyValue: null)
✅ AddRequired_with_empty_value_and_existing_parameter_should_noop
✅ AddRequired_with_empty_value_should_fail(emptyValue: "")
✅ AddRequired_with_empty_value_should_fail(emptyValue: null)
✅ AddRequired_with_key_and_value_should_add
✅ AddRequired_with_missing_key_should_fail(missingKey: "")
✅ AddRequired_with_missing_key_should_fail(missingKey: null)
✅ Default_add_does_not_replace

✅ Create_absolute_url_should_behave_as_expected
✅ Create_authorize_url_for_non_par_should_succeed
✅ Create_authorize_url_for_par_should_succeed
✅ Create_relative_url_should_behave_as_expected
✅ empty_value_should_return_base
✅ Multiple_parameter_names_should_behave_as_expected
✅ null_value_should_return_base
✅ Null_values_should_be_skipped
✅ Special_characters_in_query_param_should_be_encoded_correctly

✅ Client_credentials_request_should_have_correct_format
✅ Code_request_should_have_correct_format
✅ Code_request_without_code_should_fail
✅ Code_request_without_redirect_uri_should_fail
✅ Device_request_should_have_correct_format
✅ Device_request_without_device_code_should_fail
✅ Local_custom_parameters_should_not_interfere_with_global
✅ Mixing_local_and_global_custom_parameters_should_have_correct_format
✅ No_explicit_endpoint_address_should_use_base_address
✅ Password_request_should_have_correct_format
✅ Password_request_without_password_should_have_correct_format
✅ Password_request_without_username_should_fail
✅ Refresh_request_should_have_correct_format
✅ Refresh_request_without_refresh_token_should_fail
✅ Setting_basic_authentication_style_should_send_basic_authentication_header
✅ Setting_client_id_and_assertion_should_have_correct_format
✅ Setting_client_id_only_and_header_should_put_client_id_in_header
✅ Setting_client_id_only_and_post_should_put_client_id_in_post_body
✅ Setting_custom_parameters_should_have_correct_format
✅ Setting_no_grant_type_should_fail
✅ Setting_post_values_authentication_style_should_post_values

✅ VerifyPublicApi