From 26483b22a93a69df026dd5fc92e16193143286b8 Mon Sep 17 00:00:00 2001
From: Justin Richer <jricher@mit.edu>
Date: Fri, 22 Jan 2016 17:50:40 -0500
Subject: [PATCH] added claims redirect URI editing to the UI for both admins
 and dynamic clients, closes #1005

---
 .../src/main/webapp/resources/js/client.js    | 19 ++++++++++++++++++-
 .../src/main/webapp/resources/js/dynreg.js    | 19 ++++++++++++++++++-
 .../resources/js/locale/en/messages.json      |  2 ++
 .../webapp/resources/template/client.html     |  8 +++++++-
 .../webapp/resources/template/dynreg.html     |  8 +++++++-
 5 files changed, 52 insertions(+), 4 deletions(-)

diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/client.js b/openid-connect-server-webapp/src/main/webapp/resources/js/client.js
index 41b13f0ca..0fe8b177f 100644
--- a/openid-connect-server-webapp/src/main/webapp/resources/js/client.js
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/client.js
@@ -83,6 +83,8 @@ var ClientModel = Backbone.Model.extend({
         resourceIds:[],
         //additionalInformation?
         
+        claimsRedirectUris:[],
+        
         clientDescription:"",
         reuseRefreshToken:true,
         clearAccessTokensOnRefresh:true,
@@ -619,6 +621,7 @@ var ClientFormView = Backbone.View.extend({
         this.defaultAcrValuesCollection = new Backbone.Collection();
         this.requestUrisCollection = new Backbone.Collection();
         this.postLogoutRedirectUrisCollection = new Backbone.Collection();
+        this.claimsRedirectUrisCollection = new Backbone.Collection();
         // TODO: add Spring authorities collection and resource IDs collection?
         
         // collection of sub-views that need to be sync'd on save
@@ -988,6 +991,7 @@ var ClientFormView = Backbone.View.extend({
             sectorIdentifierUri: sectorIdentifierUri,
             initiateLoginUri: $('#initiateLoginUri input').val(),
             postLogoutRedirectUris: this.postLogoutRedirectUrisCollection.pluck('item'),
+            claimsRedirectUris: this.claimsRedirectUrisCollection.pluck('item'),
             reuseRefreshToken: $('#reuseRefreshToken').is(':checked'),
             clearAccessTokensOnRefresh: $('#clearAccessTokensOnRefresh').is(':checked'),
             requireAuthTime: $('#requireAuthTime input').is(':checked'),
@@ -1136,9 +1140,22 @@ var ClientFormView = Backbone.View.extend({
         	placeholder: 'https://',
         	helpBlockText: $.t('client.client-form.post-logout-help'),
         	collection: this.postLogoutRedirectUrisCollection});
-        $('#postLogoutRedirectUri .controls', this.el).html(postLogoutRedirectUrisView.render().el);
+        $('#postLogoutRedirectUris .controls', this.el).html(postLogoutRedirectUrisView.render().el);
         this.listWidgetViews.push(postLogoutRedirectUrisView);
         
+        // build and bind claims redirect URIs
+        _.each(this.model.get('claimsRedirectUris'), function(claimsRedirectUri) {
+        	_self.claimsRedirectUrisCollection.add(new URIModel({item:claimsRedirectUri}));
+        });
+        
+        var claimsRedirectUrisView = new ListWidgetView({
+        	type: 'uri',
+        	placeholder: 'https://',
+        	helpBlockText: $.t('client.client-form.claims-redirect-uris-help'),
+        	collection: this.claimsRedirectUrisCollection});
+        $('#claimsRedirectUris .controls', this.el).html(claimsRedirectUrisView.render().el);
+        this.listWidgetViews.push(claimsRedirectUrisView);
+        
         // build and bind request URIs
         _.each(this.model.get('requestUris'), function (requestUri) {
         	_self.requestUrisCollection.add(new URIModel({item:requestUri}));
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js b/openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js
index 377d32090..54711d395 100644
--- a/openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js
@@ -57,6 +57,8 @@ var DynRegClient = Backbone.Model.extend({
         initiate_login_uri:null,
         post_logout_redirect_uris:null,
         
+        claims_redirect_uris:[],
+        
         request_uris:[],
         
         registration_access_token:null,
@@ -191,6 +193,7 @@ var DynRegEditView = Backbone.View.extend({
         this.defaultAcrValuesCollection = new Backbone.Collection();
         this.requestUrisCollection = new Backbone.Collection();
         this.postLogoutRedirectUrisCollection = new Backbone.Collection();
+        this.claimsRedirectUrisCollection = new Backbone.Collection();
         
         this.listWidgetViews = [];
 	},
@@ -458,6 +461,7 @@ var DynRegEditView = Backbone.View.extend({
             sector_identifier_uri: sectorIdentifierUri,
             initiate_login_uri: $('#initiateLoginUri input').val(),
             post_logout_redirect_uris: this.postLogoutRedirectUrisCollection.pluck('item'),
+            claims_redirect_uris: this.claimsRedirectUrisCollection.pluck('item'),
             require_auth_time: $('#requireAuthTime input').is(':checked'),
             default_max_age: parseInt($('#defaultMaxAge input').val()),
             contacts: contacts,
@@ -592,9 +596,22 @@ var DynRegEditView = Backbone.View.extend({
         	placeholder: 'https://',
         	helpBlockText: $.t('client.client-form.post-logout-help'),
         	collection: this.postLogoutRedirectUrisCollection});
-        $('#postLogoutRedirectUri .controls', this.el).html(postLogoutRedirectUrisView.render().el);
+        $('#postLogoutRedirectUris .controls', this.el).html(postLogoutRedirectUrisView.render().el);
         this.listWidgetViews.push(postLogoutRedirectUrisView);
 
+        // build and bind claims redirect URIs
+        _.each(this.model.get('claimsRedirectUris'), function(claimsRedirectUri) {
+        	_self.claimsRedirectUrisCollection.add(new URIModel({item:claimsRedirectUri}));
+        });
+        
+        var claimsRedirectUrisView = new ListWidgetView({
+        	type: 'uri',
+        	placeholder: 'https://',
+        	helpBlockText: $.t('client.client-form.claims-redirect-uris-help'),
+        	collection: this.claimsRedirectUrisCollection});
+        $('#claimsRedirectUris .controls', this.el).html(claimsRedirectUrisView.render().el);
+        this.listWidgetViews.push(claimsRedirectUrisView);
+        
         // build and bind request URIs
         _.each(this.model.get('request_uris'), function (requestUri) {
         	_self.requestUrisCollection.add(new URIModel({item:requestUri}));
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
index 027cb02f6..66b45187c 100644
--- a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
@@ -103,6 +103,8 @@
             "redelegation": "redelegation",
             "redirect-uris": "Redirect URI(s)",
             "redirect-uris-help": "URIs that the client can be redirected to after the authorization page",
+            "claims-redirect-uris": "Claims Redirect URI(s)",
+            "claims-redirect-uris-help": "URIs that the client can be redirected to after the claims gathering flow",
             "refresh": "refresh",
             "refresh-tokens": "Refresh Tokens",
             "refresh-tokens-issued": "Refresh tokens are issued for this client",
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/client.html b/openid-connect-server-webapp/src/main/webapp/resources/template/client.html
index 6a9417b5e..8c4ddfc6e 100644
--- a/openid-connect-server-webapp/src/main/webapp/resources/template/client.html
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/client.html
@@ -742,7 +742,13 @@
 				</div>
 			</div>
 
-			<div class="control-group" id="postLogoutRedirectUri">
+            <div class="control-group" id="claimsRedirectUris">
+                <label class="control-label" data-i18n="client.client-form.claims-redirect-uris">Claims Redirect URI(s)</label>
+                <div class="controls">
+                </div>
+            </div>
+
+			<div class="control-group" id="postLogoutRedirectUris">
 				<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.post-logout">Post-Logout Redirect</span></label>
 				<div class="controls">
 				</div>
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html b/openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html
index 1428efff2..f7c313321 100644
--- a/openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html
@@ -527,7 +527,13 @@
                 </div>
 			</div>
 
-			<div class="control-group" id="postLogoutRedirectUri">
+            <div class="control-group" id="claimsRedirectUris">
+                <label class="control-label" data-i18n="client.client-form.claims-redirect-uris">Claims Redirect URI(s)</label>
+                <div class="controls">
+                </div>
+            </div>
+
+			<div class="control-group" id="postLogoutRedirectUris">
                 <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.post-logout">Post-Logout Redirect</span></label>
                 <div class="controls">
                 </div>