fixed client secret display on dynreg and res reg pages

11 years ago · 6df68fc97a
parent e0fe22e4ba
commit 6df68fc97a
4 changed files with 37 additions and 9 deletions
--- a/openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js
@ -341,7 +341,7 @@ var DynRegEditView = Backbone.View.extend({
            logo_uri:$('#logoUri input').val(),
            grant_types: grantTypes,
            scope: scopes,
-            
+            client_secret: null, // never send a client secret
            tos_uri: $('#tosUri input').val(),
            policy_uri: $('#policyUri input').val(),
            client_uri: $('#clientUri input').val(),
--- a/openid-connect-server-webapp/src/main/webapp/resources/js/rsreg.js
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/rsreg.js
@ -302,7 +302,7 @@ var ResRegEditView = Backbone.View.extend({
            client_name:$('#clientName input').val(),
            logo_uri:$('#logoUri input').val(),
            scope: scopes,
-            
+            client_secret: null, // never send a client secret
            tos_uri: $('#tosUri input').val(),
            policy_uri: $('#policyUri input').val(),
            client_uri: $('#clientUri input').val(),
--- a/openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html
@ -67,8 +67,8 @@
 			<div class="control-group">
 				<div class="controls">
 					<div class="alert alert-error">
-						<strong>Warning!</strong> You MUST protect your Client ID, Client Secret, and your Registration Access Token. If
-						you lose your Client ID or Registration Access Token, you will no longer have access to your client's registration
+						<strong>Warning!</strong> You MUST protect your <b>Client ID</b>, <b>Client Secret (if provided)</b>, and your <b>Registration Access Token</b>. 
+						If you lose your Client ID or Registration Access Token, you will no longer have access to your client's registration
 						records and you will need to register a new client.
 					</div>
 				</div>
@ -87,7 +87,21 @@
 				<label class="control-label">Client Secret</label>
    	        <div class="control-group">
            	    <div class="controls">
-						<pre><%=client.client_id ? (client.client_secret ? client.client_secret : 'None (public client)') : 'Will be generated'%></pre>
+						<% if (client.client_id) { %>
+							<% if (client.client_secret) { %>
+								<pre><%= client.client_secret %></pre>
+							<% } else { %>
+								<% if (client.token_endpoint_auth_method == 'none') { %>
+									<pre>None (public client)</pre>
+								<% } else if (client.token_endpoint_auth_method == 'private_key_jwt') { %>
+									<pre>None (private key authentication)</pre>
+								<% } else { %>
+									<p class="text-error"><b>Unknown error:</b> no client secret and unknown auth method.</p>
+								<% } %>
+							<% } %>
+						<% } else { %>
+							<pre>Will be generated</pre>
+						<% } %>
 	                </div>
    	        </div>

--- a/openid-connect-server-webapp/src/main/webapp/resources/template/rsreg.html
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/rsreg.html
@ -65,9 +65,9 @@
 			<div class="control-group">
 				<div class="controls">
 					<div class="alert alert-error">
-						<strong>Warning!</strong> You MUST protect your resource ID, Secret, and your Registration Access Token. If
-						you lose your ID or Registration Access Token, you will no longer have access to your resource's registration
-						records and you will need to register a new resource.
+						<strong>Warning!</strong> You MUST protect your <b>Client ID</b>, <b>Client Secret (if provided)</b>, and your <b>Registration Access Token</b>. 
+						If you lose your Client ID or Registration Access Token, you will no longer have access to your client's registration
+						records and you will need to register a new client.
 					</div>
 				</div>

@ -85,7 +85,21 @@
 				<label class="control-label">Client Secret</label>
    	        <div class="control-group">
            	    <div class="controls">
-						<pre><%=client.client_id ? (client.client_secret ? client.client_secret : 'None (public client)') : 'Will be generated'%></pre>
+						<% if (client.client_id) { %>
+							<% if (client.client_secret) { %>
+								<pre><%= client.client_secret %></pre>
+							<% } else { %>
+								<% if (client.token_endpoint_auth_method == 'none') { %>
+									<pre>None (public client)</pre>
+								<% } else if (client.token_endpoint_auth_method == 'private_key_jwt') { %>
+									<pre>None (private key authentication)</pre>
+								<% } else { %>
+									<p class="text-error"><b>Unknown error:</b> no client secret and unknown auth method.</p>
+								<% } %>
+							<% } %>
+						<% } else { %>
+							<pre>Will be generated</pre>
+						<% } %>
 	                </div>
    	        </div>