github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

refactor: 💡 Remove logos from clients (#23) 

DB update can be done - drop column logo_uri from clients

BREAKING CHANGE: 🧨 Removed logo from clients
pull/1580/head
Dominik František Bučík 2021-09-01 14:24:24 +02:00 committed by GitHub
parent d17c11c035
commit 775e2e8b6a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
30 changed files with 1571 additions and 2044 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_tables.sql
View File

@ -143,7 +143,6 @@ CREATE TABLE IF NOT EXISTS client_details (
token_endpoint_auth_method VARCHAR(256),
subject_type VARCHAR(256),
logo_uri VARCHAR(2048),
policy_uri VARCHAR(2048),
client_uri VARCHAR(2048),
tos_uri VARCHAR(2048),

1
openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_tables.sql
View File

@ -142,7 +142,6 @@ CREATE TABLE IF NOT EXISTS client_details (
token_endpoint_auth_method VARCHAR(256),
subject_type VARCHAR(256),
logo_uri VARCHAR(2048),
policy_uri VARCHAR(2048),
client_uri VARCHAR(2048),
tos_uri VARCHAR(2048),

1
openid-connect-server-webapp/src/main/resources/db/oracle/oracle_database_tables.sql
View File

@ -153,7 +153,6 @@ CREATE TABLE client_details (
token_endpoint_auth_method VARCHAR2(256),
subject_type VARCHAR2(256),
logo_uri VARCHAR2(2048),
policy_uri VARCHAR2(2048),
client_uri VARCHAR2(2048),
tos_uri VARCHAR2(2048),

1
openid-connect-server-webapp/src/main/resources/db/psql/psql_database_tables.sql
View File

@ -143,7 +143,6 @@ CREATE TABLE IF NOT EXISTS client_details (
token_endpoint_auth_method VARCHAR(256),
subject_type VARCHAR(256),
logo_uri VARCHAR(2048),
policy_uri VARCHAR(2048),
client_uri VARCHAR(2048),
tos_uri VARCHAR(2048),

32
openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp
View File

@ -82,38 +82,6 @@
</c:choose>
</c:if>
<c:if test="${ not empty client.logoUri }">
<ul class="thumbnails">
<li class="span5">
<a class="thumbnail" data-toggle="modal" data-target="#logoModal"><img src="api/clients/${ client.id }/logo" /></a>
</li>
</ul>
<!-- Modal -->
<div id="logoModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="logoModalLabel" aria-hidden="true">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
<h3 id="logoModalLabel">
<c:choose>
<c:when test="${empty client.clientName}">
<em><c:out value="${client.clientId}" /></em>
</c:when>
<c:otherwise>
<em><c:out value="${client.clientName}" /></em>
</c:otherwise>
</c:choose>
</h3>
</div>
<div class="modal-body">
<img src="api/clients/${ client.id }/logo" />
<c:if test="${ not empty client.clientUri }">
<a href="<c:out value="${ client.clientUri }" />"><c:out value="${ client.clientUri }" /></a>
</c:if>
</div>
<div class="modal-footer">
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</div>
</c:if>
<c:if test="${ (not empty client.clientDescription) || (not empty client.clientUri) || (not empty client.policyUri) || (not empty client.tosUri) || (not empty contacts) }">
<div class="muted moreInformationContainer">
<c:out value="${client.clientDescription}" />

32
openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approveDevice.jsp
View File

@ -82,38 +82,6 @@
</c:choose>
</c:if>
<c:if test="${ not empty client.logoUri }">
<ul class="thumbnails">
<li class="span5">
<a class="thumbnail" data-toggle="modal" data-target="#logoModal"><img src="api/clients/${ client.id }/logo" /></a>
</li>
</ul>
<!-- Modal -->
<div id="logoModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="logoModalLabel" aria-hidden="true">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
<h3 id="logoModalLabel">
<c:choose>
<c:when test="${empty client.clientName}">
<em><c:out value="${client.clientId}" /></em>
</c:when>
<c:otherwise>
<em><c:out value="${client.clientName}" /></em>
</c:otherwise>
</c:choose>
</h3>
</div>
<div class="modal-body">
<img src="api/clients/${ client.id }/logo" />
<c:if test="${ not empty client.clientUri }">
<a href="<c:out value="${ client.clientUri }" />"><c:out value="${ client.clientUri }" /></a>
</c:if>
</div>
<div class="modal-footer">
<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
</div>
</div>
</c:if>
<c:if test="${ (not empty client.clientDescription) || (not empty client.clientUri) || (not empty client.policyUri) || (not empty client.tosUri) || (not empty contacts) }">
<div class="muted moreInformationContainer">
<c:out value="${client.clientDescription}" />

6
openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect.css
View File

@ -187,12 +187,6 @@ h1,label {
height: 20px;
}
/* Client table images */
.client-logo {
max-width: 64px;
max-height: 64px
}
/* Modal and sheet fight for the same z-index otherwise */
.modal-backdrop {
z-index: 2040;

17
openid-connect-server-webapp/src/main/webapp/resources/js/client.js
View File

@ -40,7 +40,6 @@ var ClientModel = Backbone.Model.extend({
redirectUris: [],
clientName: null,
clientUri: null,
logoUri: null,
contacts: [],
tosUri: null,
tokenEndpointAuthMethod: null,
@ -131,9 +130,6 @@ var ClientModel = Backbone.Model.extend({
if (this.get('tosUri') != null && this.get('tosUri').toLowerCase().indexOf(term.toLowerCase()) != -1) {
matches.push($.t('client.client-table.match.terms'));
}
if (this.get('logoUri') != null && this.get('logoUri').toLowerCase().indexOf(term.toLowerCase()) != -1) {
matches.push($.t('client.client-table.match.logo'));
}
if (this.get('contacts') != null) {
var f = _.filter(this.get('contacts'), function(item) {
return item.toLowerCase().indexOf(term.toLowerCase()) != -1;
@ -720,7 +716,6 @@ var ClientFormView = Backbone.View.extend({
"change #tokenEndpointAuthMethod input:radio": "toggleClientCredentials",
"change #displayClientSecret": "toggleDisplayClientSecret",
"change #generateClientSecret": "toggleGenerateClientSecret",
"change #logoUri input": "previewLogo",
"change #jwkSelector input:radio": "toggleJWKSetType"
},
@ -760,16 +755,6 @@ var ClientFormView = Backbone.View.extend({
$("#refreshTokenValidityTime", this.$el).toggle();
},
previewLogo: function() {
if ($('#logoUri input', this.el).val()) {
$('#logoPreview', this.el).empty();
$('#logoPreview', this.el).attr('src', $('#logoUri input', this.el).val());
} else {
// $('#logoBlock', this.el).hide();
$('#logoPreview', this.el).attr('src', 'resources/images/logo_placeholder.gif');
}
},
/**
* Set up the form based on the current state of the tokenEndpointAuthMethod
* parameter
@ -1047,7 +1032,6 @@ var ClientFormView = Backbone.View.extend({
generateClientSecret: generateClientSecret,
redirectUris: redirectUris,
clientDescription: this.emptyToNull($('#clientDescription textarea').val()),
logoUri: this.emptyToNull($('#logoUri input').val()),
grantTypes: grantTypes,
accessTokenValiditySeconds: accessTokenValiditySeconds,
refreshTokenValiditySeconds: refreshTokenValiditySeconds,
@ -1297,7 +1281,6 @@ var ClientFormView = Backbone.View.extend({
// toggle other dynamic fields
this.toggleClientCredentials();
this.previewLogo();
this.toggleJWKSetType();
// disable unsupported JOSE algorithms

14
openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js
View File

@ -24,7 +24,6 @@ var DynRegClient = Backbone.Model.extend({
redirect_uris: [],
client_name: null,
client_uri: null,
logo_uri: null,
contacts: [],
tos_uri: null,
token_endpoint_auth_method: null,
@ -242,7 +241,6 @@ var DynRegEditView = Backbone.View.extend({
"click .btn-save": "saveClient",
"click .btn-cancel": "cancel",
"click .btn-delete": "deleteClient",
"change #logoUri input": "previewLogo",
"change #tokenEndpointAuthMethod input:radio": "toggleClientCredentials",
"change #jwkSelector input:radio": "toggleJWKSetType"
},
@ -279,16 +277,6 @@ var DynRegEditView = Backbone.View.extend({
return false;
},
previewLogo: function() {
if ($('#logoUri input', this.el).val()) {
$('#logoPreview', this.el).empty();
$('#logoPreview', this.el).attr('src', $('#logoUri input', this.el).val());
} else {
// $('#logoBlock', this.el).hide();
$('#logoPreview', this.el).attr('src', 'resources/images/logo_placeholder.gif');
}
},
/**
* Set up the form based on the current state of the tokenEndpointAuthMethod
* parameter
@ -458,7 +446,6 @@ var DynRegEditView = Backbone.View.extend({
var attrs = {
client_name: this.emptyToNull($('#clientName input').val()),
redirect_uris: redirectUris,
logo_uri: this.emptyToNull($('#logoUri input').val()),
grant_types: grantTypes,
scope: scopes,
client_secret: null, // never send a client secret
@ -680,7 +667,6 @@ var DynRegEditView = Backbone.View.extend({
this.listWidgetViews.push(defaultAcrView);
this.toggleClientCredentials();
this.previewLogo();
this.toggleJWKSetType();
// disable unsupported JOSE algorithms

3
openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
View File

@ -87,8 +87,6 @@
"jwk-set": "Public Key Set",
"jwk-set-help": "URL for the client's JSON Web Key set (must be reachable by the server)",
"jwk-set-value-help": "URL for the client's JSON Web Key set (must be reachable by the server)",
"logo": "Logo",
"logo-help": "URL that points to a logo image, will be displayed on approval page",
"main": "Main",
"max-age": "Default Max Age",
"max-age-help": "Default maximum session age before re-prompting",
@ -197,7 +195,6 @@
"description": "description",
"homepage": "home page",
"id": "id",
"logo": "logo",
"name": "name",
"policy": "policy",
"redirect": "redirect uri",

2
openid-connect-server-webapp/src/main/webapp/resources/js/locale/fr/messages.json
View File

@ -87,7 +87,6 @@
"jwk-set": "Jeu de Clés publique",
"jwk-set-help": "URI du jeu de clés Web JSON pour le client (doit être accessible par le serveur)",
"jwk-set-value-help": "URI du jeu de clés Web JSON pour le client (doit être accessible par le serveur)",
"logo": "Logo",
"logo-help": "L'URI qui pointe vers une image de logo sera affichée sur la page d'approbation",
"main": "Principal",
"max-age": "Age Maximum par Défaut",
@ -197,7 +196,6 @@
"description": "description",
"homepage": "page d'accueil",
"id": "id",
"logo": "logo",
"name": "nom",
"policy": "politique",
"redirect": "uri de redirection",

5
openid-connect-server-webapp/src/main/webapp/resources/js/locale/sv/messages.json
View File

@ -83,8 +83,6 @@
"introspection": "Introspektion",
"jwk-set": "JWK Set",
"jwk-set-help": "Länk till klientens JSON Webb-nyckel-set",
"logo": "Logotyp",
"logo-help": "Länk till en logotyp. Den visas på bekräftelsesidan.",
"main": "Basinformation",
"max-age": "Max sessions-längd",
"max-age-help": "Default maximal sessions-längd innan användaren tillfrågas igen",
@ -168,7 +166,6 @@
"description": "beskrivning",
"homepage": "hemsida",
"id": "id",
"logo": "logotyp",
"name": "namn",
"policy": "policy",
"redirect": "omdirigeringslänk",
@ -433,4 +430,4 @@
"deny": "Avbryt"
}
}
}
}

977
openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh/messages.json
View File

@ -1,490 +1,487 @@
{
"admin": {
"blacklist": "黑名单",
"blacklist-form": {
"blacklisted-uris": "列入黑名单的URI"
},
"home": "首页",
"list-widget": {
"empty": "此列表为空。",
"tooltip": "单击显示全部值。"
},
"manage-blacklist": "管理列入黑名单的客户端",
"self-service-client": "自助服务-客户端注册",
"self-service-resource": "自助服务-受保护资源注册",
"user-profile": {
"claim": "声明项",
"show": "查看用户信息",
"text": "您的用户信息如下:",
"value": "内容"
}
},
"client": {
"client-form": {
"access": "访问",
"access-token-no-timeout": "访问令牌不时间",
"access-token-timeout": "访问令牌超时",
"access-token-timeout-help": "输入时间(秒、分钟或小时)。",
"acr-values": "默认ACR值",
"acr-values-placeholder": "新的ACR值",
"acr-values-help": "用于请求该客户端的默认身份验证上下文参考",
"allow-introspection": "允许调用内省端点?",
"authentication-method": "令牌端点认证方法",
"authorization-code": "授权码",
"client-credentials": "客户端凭证",
"client-description": "描述",
"client-description-help": "人类可读的文本描述",
"client-description-placeholder": "填入说明描述",
"client-id": "客户端ID",
"client-id-help": "唯一标识符。如果不填则系统会自动生成一个。",
"client-id-placeholder": "输入一些字符",
"client-name": "客户端名称",
"client-name-help": "人类可读的应用程序名称",
"client-name-placeholder": "输入一些字符",
"client-secret": "客户端密钥",
"client-secret-placeholder": "输入密钥",
"contacts": "联系人",
"contacts-help": "此客户端管理员的联系人名单。",
"contacts-placeholder": "新联系人",
"credentials": "凭据",
"crypto": {
"a128cbc-hs256": "复合认证加密算法采用密码块链CBC模式AES以PKCS #5填充完整性计算使用HMAC SHA-256并使用256位的CMK和128位CEK",
"a256cbc-hs512": "复合认证加密算法采用密码块链CBC模式AES以PKCS #5填充完整性计算使用HMAC SHA-512并使用512位的CMK和256位CEK",
"a128gcm": "AES GCM使用128位的密钥",
"a256gcm": "AES GCM使用256位的密钥",
"a128kw": "AES密钥封装算法使用128位的密钥",
"a256kw": "AES密钥封装算法使用256位的密钥",
"default": "使用服务器默认",
"dir": "直接使用一个共享对称密钥作为块加密的内容主密钥CMK",
"ecdh-es": "椭圆曲线Diffie-Hellman短时静态密钥协议使用Concat KDF商定的密钥被直接用作内容主密钥CMK",
"ecdh-es-a128kw": "椭圆曲线Diffie-Hellman短时静态密钥协议使用ECDH-ES和第4.7小节但商定的密钥是用以A128KW函数封装内容主密钥CMK",
"ecdh-es-a256kw": "椭圆曲线Diffie-Hellman短时静态密钥协议使用ECDH-ES和第4.7小节但商定的密钥是用以A256KW函数封装内容主密钥CMK",
"none": "不加密",
"rsa-oaep": "RSAES使用最优不对称加密填充OAEP",
"rsa1-5": "RSAES-PKCS1-V1_5"
},
"cryptography": "密码",
"display-secret": "显示/编辑客户端密钥:",
"edit": "编辑客户端",
"generate-new-secret": "生成一个新的客户端密钥吗?",
"generate-new-secret-help": "当点击“保存”时生成新的密钥",
"generate-on-save": "保存时生成",
"grant-types": "批准的类型",
"home": "主页",
"home-help": "客户端首页的URL将显示给用户",
"hours": "小时",
"id": "ID",
"id-token-crypto-algorithm": "身份令牌加密算法",
"id-token-crypto-method": "身份令牌加密方法",
"id-token-signing-algorithm": "身份令牌签名算法",
"id-token-timeout": "身份令牌超时",
"implicit": "隐式的",
"initiate-login": "初始化登录",
"initiate-login-help": "启动登录客户端的URL",
"introspection": "自省",
"jwk-set": "公钥集",
"jwk-set-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
"jwk-set-value-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
"logo": "标志Logo)",
"logo-help": "标志Logo图像的URL将显示在批准页",
"main": "首要",
"max-age": "默认最长有效时间",
"max-age-help": "再提示之前的默认最长会话有效时间",
"minutes": "分钟",
"new": "新客户端",
"other": "其它",
"pairwise": "Pairwise对",
"password": "密码",
"policy": "政策声明",
"policy-help": "此客户端的政策声明链接,将显示给用户",
"post-logout": "注销后重定向",
"post-logout-help": "客户端注销操作后的重定向URL",
"public": "公共",
"redelegation": "重新授权",
"redirect-uris": "重定向URI",
"redirect-uris-help": "在授权页面之后客户端重定向URI",
"claims-redirect-uris": "声明重定向URI",
"claims-redirect-uris-help": "在声明收集步骤之后浏览器跳转至的目的地址",
"refresh": "刷新",
"refresh-tokens": "刷新令牌",
"refresh-tokens-issued": "为此客户端发布的刷新令牌",
"refresh-tokens-issued-help": "这将把 offline_access 加入客户端的范围。",
"refresh-tokens-reused": "此客户端的刷新令牌被重用",
"clear-access-tokens": "当刷新令牌用过之后,已激活的访问令牌自动失效",
"refresh-tokens-no-expire": "刷新令牌尚未过期",
"registered": "注册于",
"registration-token": "注册令牌:",
"registration-access-token": "注册访问令牌",
"registration-token-error": "无法为此客户端下载注册访问令牌。",
"request-object-signing-algorithm": "请求对象签名算法",
"request-uri": "请求的URI",
"request-uri-help": "URI包含此客户端使用的请求对象",
"require-auth-time": "需要身份认证时间(auth_time)",
"require-auth-time-label": "总是需要在身份令牌中包含auth_time声明",
"response-types": "响应类型",
"rotate-registration-token": "旋转注册令牌",
"rotate-registration-token-confirm": "你确定你想旋转这个客户端的登录令牌?",
"rotate-registration-token-error": "无法旋转该客户端的注册访问令牌。",
"saved": {
"no-secret": "没有客户端密钥",
"saved": "客户端已保存",
"secret": "密钥:",
"show-secret": "显示密钥",
"unchanged": "不变"
},
"scope-placeholder": "新范围",
"scope-help": "OAuth范围允许客户端请求",
"seconds": "秒",
"secret-asymmetric-jwt": "非对称签名JWT断言",
"secret-http": "客户端密钥经由HTTP Basic",
"secret-none": "没有认证",
"secret-post": "客户端密钥经由HTTP POST",
"secret-symmetric-jwt": "客户端密钥经由对称签名JWT断言",
"sector-identifier": "扇区标识符URI",
"signing": {
"any": "允许",
"default": "使用服务器默认",
"es256": "ECDSA采用P-256曲线和SHA-256哈希算法",
"es384": "ECDSA采用P-384曲线及SHA-384哈希算法",
"es512": "ECDSA采用P-512曲线及SHA-512哈希算法",
"hs256": "HMAC使用SHA-256哈希算法",
"hs384": "HMAC使用SHA-384哈希算法",
"hs512": "HMAC使用SHA-512哈希算法",
"none": "没有数字签名",
"rs256": "RSASSA使用SHA-256哈希算法",
"rs384": "RSASSA采用SHA-384哈希算法",
"rs512": "RSASSA使用SHA-512哈希算法",
"ps256": "采用SHA-256和MGF1的RSASSA-PSS算法",
"ps384": "采用SHA-384和MGF1的RSASSA-PSS算法",
"ps512": "采用SHA-512和MGF1的RSASSA-PSS算法"
},
"subject-type": "主体类型",
"terms": "服务条款",
"terms-help": "此客户服务条款的URL将向用户显示",
"token-signing-algorithm": "令牌端点认证签名算法",
"tokens": "令牌",
"type": "应用类型",
"type-native": "原生应用",
"type-web": "网络应用",
"unknown": "(未知)",
"user-info-crypto-algorithm": "用户信息端点加密算法",
"user-info-crypto-method": "用户信息端点加密方法",
"user-info-signing-algorithm": "用户信息端点签名算法"
},
"client-table": {
"allow-introspection-tooltip": "这个客户端可以执行令牌自省",
"confirm": "你确定要删除这个客户端?",
"dynamically-registered-tooltip": "这个客户端是动态注册的。点击查看注册访问令牌",
"match": {
"contacts": "联系人",
"description": "描述",
"homepage": "主页",
"id": "身份",
"logo": "标志",
"name": "名称",
"policy": "政策",
"redirect": "重定向URI",
"scope": "范围",
"terms": "服务条款"
},
"matched-search": "匹配搜索:",
"new": "新客户端",
"no-clients": "此服务器上没有注册的客户端。",
"no-matches": "没有匹配搜索条件的客户端。",
"no-redirect": "没有重定向URI",
"registered": "注册于",
"search": "搜索……",
"whitelist": "白名单",
"unknown": "一个未知的时间"
},
"manage": "管理客户端",
"more-info": {
"contacts": "管理员联系方式:",
"home": "主页",
"more": "更多信息",
"policy": "政策",
"terms": "服务条款:"
},
"newClient": "新客户端"
},
"common": {
"cancel": "取消",
"client": "客户端",
"clients": "客户端",
"close": "关闭",
"delete": "删除",
"description": "描述",
"dynamically-registered": "这个客户端是动态注册的",
"edit": "编辑",
"expires": "到期:",
"information": "信息",
"new": "新建",
"not-yet-implemented": "未实现",
"not-yet-implemented-content": "这个字段的值将于客户端保存,但服务器目前不处理任何事情。服务器的未来库版本将利用它。",
"revoke": "撤销",
"save": "保存",
"scopes": "范围",
"statistics": "统计",
"refresh": "刷新",
"scope": "范围",
"users": "用户",
"user": "用户",
"roles": "角色",
"role": "角色",
"email": "电子邮箱",
"active": "已激活",
"inactive": "未激活"
},
"dynreg": {
"client-id-placeholder": "输入客户端ID",
"configuration-url": "客户端配置URL",
"edit-dynamically-registered": "编辑动态注册的客户端",
"edit-existing": "编辑一个现有的客户端",
"edit-existing-help": "用于编辑之前已注册的客户端。粘贴您的客户端ID和注册访问令牌以便访问该客户端。",
"edit-existing-button": "编辑客户端",
"invalid-access-token": "无效的客户端或注册访问令牌。",
"new-client": "注册新客户端",
"new-client-help": "用于注册新的客户端。请提供客户端ID和注册访问令牌以便管理您的客户端。",
"new-client-button": "新建客户端",
"regtoken-placeholder": "输入注册访问令牌",
"warning": "<strong>警告!</strong>你必须保护好<b>客户端ID </b><b>客户密钥(如果提供)</b>,以及您的<b>注册访问令牌</b>。如果你丢失了客户端ID或注册访问令牌将无法访问您的客户端注册记录你需要注册一个新客户端。",
"will-be-generated": "当保存客户端信息将由服务器生成"
},
"grant": {
"manage-approved-sites": "管理批准的网站",
"refresh": "刷新",
"grant-table": {
"active-tokens": "当前活跃的访问令牌数量",
"application": "应用程序",
"approved-sites": "许可站点",
"authorized": "授权:",
"dynamically-registered": "这个客户端是动态注册的",
"expires": "到期:",
"last-accessed": "上次访问:",
"never": "从未",
"no-sites": "还未批准任何网站。",
"no-whitelisted": "还未访问任何白名单的网站。",
"pre-approved": "这些都是预先由管理员批准的网站。",
"text": "这些都是您已经手动批准的网站。如果同一网站将来要进行同样的访问,它将直接通过、且没有提示。",
"unknown": "未知",
"whitelist-note": "<b>注:</b>如果你在此撤销它们,它们将在您下次访问时不经提示即被自动重新批准。",
"whitelisted-site": "这个网站由管理员列入白名单中",
"whitelisted-sites": "白名单的网站"
}
},
"rsreg": {
"resource-id-placeholder": "输入资源ID",
"configuration-url": "客户端配置URL",
"edit": "编辑受保护的资源",
"edit-existing": "编辑现有的保护资源",
"edit-existing-help": "用于编辑之前已注册的资源。请提供您的客戶端ID和注册访问令牌来访问资源的属性。",
"edit-existing-button": "编辑资源",
"invalid-access-token": "无效的客户端或注册访问令牌。",
"new-client": "注册新的受保护资源",
"new-client-help": "用于注册新的资源。请提供客户端ID和注册访问令牌以便管理您的资源。",
"new-client-button": "新建资源",
"regtoken-placeholder": "输入注册访问令牌",
"will-be-generated": "当保存资源信息将由服务器生成",
"warning": "<strong>警告!</strong>你必须保护好<b>客户端ID </b><b>客户密钥(如果提供)</b>,以及<b>注册访问令牌</b>。如果丢失了客户端ID或注册访问令牌将无法再次获得您的客户端注册记录你需要注册一个新客户端。",
"client-form": {
"scope-help": "这个资源能够自省令牌的范围。"
}
},
"scope": {
"manage": "管理系统范围",
"scope-list": {
"no-scopes": "没有范围"
},
"system-scope-form": {
"default": "默认范围",
"default-help": "新创建的用户默认情况下获得这个范围?",
"description-help": "人类可读的文本描述",
"description-placeholder": "输入说明",
"restricted": "限制",
"restricted-help": "限制范围只能由系统管理员使用,可用动态注册客户和保护资源",
"edit": "编辑范围",
"icon": "图标",
"new": "新范围",
"select-icon": "选择图标",
"structured": "是一个结构化的范围",
"structured-help": "范围结构化是否包含如<code>base:extension</code>的结构化值?",
"structured-param-help": "人类可读的结构化参数描述",
"subject-type": "主体类型",
"value": "范围值",
"value-help": "不含空格的单个字符串",
"value-placeholder": "范围"
},
"system-scope-table": {
"confirm": "你确定要删除此范围?引用了此范围的客户端还需要它。",
"new": "新范围",
"text": "尚未定义系统范围。客户可自定义范围。",
"tooltip-restricted": "此范围只能由管理员使用。它不能用于动态注册。",
"tooltip-default": "这个范围将自动分配给新注册的客户。"
}
},
"token": {
"manage": "管理活动的令牌",
"token-table": {
"access-tokens": "访问令牌",
"associated-id": "这个访问令牌附带相关的身份令牌。",
"associated-refresh": "这个访问令牌附带相关的刷新令牌。",
"click-to-display": "点击显示完整的令牌值",
"confirm": "你确定要撤销这个令牌?",
"confirm-refresh": "你确定要撤销这个刷新令牌及其相关的访问令牌?",
"expires": "过期",
"no-access": "没有活动的访问令牌。",
"no-refresh": "没有活动的刷新令牌。",
"number-of-tokens": "关联的访问令牌数量",
"refresh-tokens": "刷新令牌",
"text": "访问令牌通常是短暂的供客户端访问特定的资源。身份令牌是采用OpenID Connect协议登录的、专门的访问令牌。",
"text-refresh": "刷新令牌通常是长期的,以便客户端能无需用户介入即可获取新的访问令牌。",
"token-info": "令牌的信息"
}
},
"whitelist": {
"confirm": "你确定要删除这个白名单项?",
"edit": "编辑白名单",
"manage": "管理列入白名单的网站",
"new": "新白名单",
"whitelist": "白名单",
"whitelist-form": {
"allowed-scopes": "允许范围",
"edit": "编辑白名单的网站",
"new": "新增白名单网站",
"scope-help": "当客户端发出请求列表时将自动批准的范围",
"scope-placeholder": "新范围"
},
"whitelist-table": {
"no-sites": "白名单列表为空。使用<strong>白名单</strong>按钮在客户端管理页面创建一个。"
}
},
"blacklist": {
"text": "被拉黑的网站URI将无法用做注册客户端的重定向地址无论是在管理界面中添加、还是动态注册都不会成功。",
"blacklist-uri-placeholder": "要拉黑的网站URI",
"add": "将网站URI加入黑名单",
"empty": "当前黑名单为空",
"uri": "URI"
},
"copyright": "基于<a href=\"https://github.com/mitreid-connect/\">MITREid Connect <span class=\"label\">{0}</span></a>技术构建 <span class=\"pull-right\">&copy; 2016 MITRE公司及MIT因特网信任联盟</span>.",
"about": {
"title": "关于",
"body": "\n此OpenID Connect服务基于开源的MITREid Connect项目该项目来自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特网信任联盟</a>。\n</p>\n<p>\n有关项目的更多信息可见 \n<a href=\"http://github.com/mitreid-connect/\">GitHub上的MITREid Connect项目</a>。 \n在那儿您可以提交bug报告、提交反馈甚或提交代码补丁。"
},
"statistics": {
"title": "统计",
"number_users": "用户数: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
"number_clients": "授权的客户端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
"number_approvals": "已批准的站点: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
},
"home": {
"title": "首页",
"welcome": {
"title": "欢迎!",
"body": "\nOpenID Connect是适于因特网部署的身份联邦认证服务器基于OAuth2授权框架之上的OpenID Connect技术构建。\nOpenID Connect让您无需暴露自己的用户名、密码即可便捷登录网站。</p>\n<p><a class=\"btn btn-primary btn-large\" href=\"http://openid.net/connect/\">了解更多信息&raquo;</a>"
},
"more": "更多",
"about": {
"title": "关于",
"body": "本服务基于开源的MITREid Connect项目该项目来自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特网信任联盟</a>。"
},
"contact": {
"title": "联系方式",
"body": "\n如需更多的信息和支持请联系本系统的管理员。</p>\n<p><a class=\"btn\" href=\"mailto:idp@example.com?Subject=OpenID Connect\">电子信箱 &raquo;</a>"
},
"statistics": {
"title": "当前统计",
"loading": "加载……",
"number_users": "用户数: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
"number_clients": "授权的客户端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
"number_approvals": "已批准的站点: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
}
},
"contact": {
"title": "联系方式",
"body": "如果要报告有关MITREid Connect软件自身的bug请访问\n<a href=\"https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues\">GitHub issue追踪系统</a>。 \n有关当前服务器的问题请联系服务器管理员。"
},
"topbar": {
"about": "关于",
"contact": "联系方式",
"statistics": "统计",
"home": "首页",
"login": "登录",
"logout": "注销"
},
"sidebar": {
"administrative": {
"title": "管理",
"manage_clients": "管理客户端",
"whitelisted_clients": "白名单",
"blacklisted_clients": "黑名单",
"system_scopes": "系统范围"
},
"personal": {
"title": "个人",
"approved_sites": "管理批准的网站",
"active_tokens": "管理活动的令牌",
"profile_information": "查看用户信息"
},
"developer": {
"title": "开发者自助服务",
"client_registration": "客户端注册",
"resource_registration": "保护资源注册"
}
},
"manage": {
"ok": "好的",
"loading": "加载",
"title": "管理控制台"
},
"approve": {
"dynamically-registered-unknown": "在一个未知的时间",
"title": "批准访问",
"error": {
"not_granted": "访问可能不获批准。"
},
"required_for": "有待批准",
"dynamically_registered": "此客户端已被动态注册了<span class=\"label label-info\" id=\"registrationTime\">{0}</span>次。",
"caution": {
"title": "注意",
"message": {
"none": "它之前<span class=\"label label-important\">从未</span>被批准。",
"singular": "它之前已被批准了<span class=\"label label-warning\">{0}</span>次。",
"plural": "它之前已被批准了<span class=\"label\">{0}</span>次。"
}
},
"more_information": "更多信息",
"home_page": "主页",
"policy": "政策",
"terms": "服务条款",
"contacts": "管理人员",
"warning": "警告",
"no_redirect_uri": "该客户端没有注册任何重定向URI可能被使用恶意的URI。",
"redirect_uri": "如果点击批准,您将被重定向至如下页面: <code>{0}</code>",
"pairwise": "该客户端使用<b>pairwise</b>标识符,这使得在不同站点间关联身份变得稍加困难。",
"no_scopes": "该客户端没有注册任何范围,因此允许请求系统可用的<em>any</em>(任意)范围。请务必谨慎处理。",
"access_to": "访问",
"remember": {
"title": "记住这个决定",
"until_revoke": "记住这个决定直到我撤销",
"one_hour": "记住该决定一个小时",
"next_time": "下次再提醒我"
},
"do_authorize": "是否授权",
"label": {
"authorize": "授权",
"deny": "拒绝"
}
},
"error": {
"title": "错误",
"header": "错误:",
"message": "在处理您的请求过程中发生了错误。服务器信息为:"
},
"login": {
"login_with_username_and_password": "请使用您的用户名及密码登录",
"username": "用户名",
"password": "密码",
"login-button": "登录",
"error": "登录失败。请重试。"
}
}
{
"admin": {
"blacklist": "黑名单",
"blacklist-form": {
"blacklisted-uris": "列入黑名单的URI"
},
"home": "首页",
"list-widget": {
"empty": "此列表为空。",
"tooltip": "单击显示全部值。"
},
"manage-blacklist": "管理列入黑名单的客户端",
"self-service-client": "自助服务-客户端注册",
"self-service-resource": "自助服务-受保护资源注册",
"user-profile": {
"claim": "声明项",
"show": "查看用户信息",
"text": "您的用户信息如下:",
"value": "内容"
}
},
"client": {
"client-form": {
"access": "访问",
"access-token-no-timeout": "访问令牌不时间",
"access-token-timeout": "访问令牌超时",
"access-token-timeout-help": "输入时间(秒、分钟或小时)。",
"acr-values": "默认ACR值",
"acr-values-placeholder": "新的ACR值",
"acr-values-help": "用于请求该客户端的默认身份验证上下文参考",
"allow-introspection": "允许调用内省端点?",
"authentication-method": "令牌端点认证方法",
"authorization-code": "授权码",
"client-credentials": "客户端凭证",
"client-description": "描述",
"client-description-help": "人类可读的文本描述",
"client-description-placeholder": "填入说明描述",
"client-id": "客户端ID",
"client-id-help": "唯一标识符。如果不填则系统会自动生成一个。",
"client-id-placeholder": "输入一些字符",
"client-name": "客户端名称",
"client-name-help": "人类可读的应用程序名称",
"client-name-placeholder": "输入一些字符",
"client-secret": "客户端密钥",
"client-secret-placeholder": "输入密钥",
"contacts": "联系人",
"contacts-help": "此客户端管理员的联系人名单。",
"contacts-placeholder": "新联系人",
"credentials": "凭据",
"crypto": {
"a128cbc-hs256": "复合认证加密算法采用密码块链CBC模式AES以PKCS #5填充完整性计算使用HMAC SHA-256并使用256位的CMK和128位CEK",
"a256cbc-hs512": "复合认证加密算法采用密码块链CBC模式AES以PKCS #5填充完整性计算使用HMAC SHA-512并使用512位的CMK和256位CEK",
"a128gcm": "AES GCM使用128位的密钥",
"a256gcm": "AES GCM使用256位的密钥",
"a128kw": "AES密钥封装算法使用128位的密钥",
"a256kw": "AES密钥封装算法使用256位的密钥",
"default": "使用服务器默认",
"dir": "直接使用一个共享对称密钥作为块加密的内容主密钥CMK",
"ecdh-es": "椭圆曲线Diffie-Hellman短时静态密钥协议使用Concat KDF商定的密钥被直接用作内容主密钥CMK",
"ecdh-es-a128kw": "椭圆曲线Diffie-Hellman短时静态密钥协议使用ECDH-ES和第4.7小节但商定的密钥是用以A128KW函数封装内容主密钥CMK",
"ecdh-es-a256kw": "椭圆曲线Diffie-Hellman短时静态密钥协议使用ECDH-ES和第4.7小节但商定的密钥是用以A256KW函数封装内容主密钥CMK",
"none": "不加密",
"rsa-oaep": "RSAES使用最优不对称加密填充OAEP",
"rsa1-5": "RSAES-PKCS1-V1_5"
},
"cryptography": "密码",
"display-secret": "显示/编辑客户端密钥:",
"edit": "编辑客户端",
"generate-new-secret": "生成一个新的客户端密钥吗?",
"generate-new-secret-help": "当点击“保存”时生成新的密钥",
"generate-on-save": "保存时生成",
"grant-types": "批准的类型",
"home": "主页",
"home-help": "客户端首页的URL将显示给用户",
"hours": "小时",
"id": "ID",
"id-token-crypto-algorithm": "身份令牌加密算法",
"id-token-crypto-method": "身份令牌加密方法",
"id-token-signing-algorithm": "身份令牌签名算法",
"id-token-timeout": "身份令牌超时",
"implicit": "隐式的",
"initiate-login": "初始化登录",
"initiate-login-help": "启动登录客户端的URL",
"introspection": "自省",
"jwk-set": "公钥集",
"jwk-set-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
"jwk-set-value-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
"main": "首要",
"max-age": "默认最长有效时间",
"max-age-help": "再提示之前的默认最长会话有效时间",
"minutes": "分钟",
"new": "新客户端",
"other": "其它",
"pairwise": "Pairwise对",
"password": "密码",
"policy": "政策声明",
"policy-help": "此客户端的政策声明链接,将显示给用户",
"post-logout": "注销后重定向",
"post-logout-help": "客户端注销操作后的重定向URL",
"public": "公共",
"redelegation": "重新授权",
"redirect-uris": "重定向URI",
"redirect-uris-help": "在授权页面之后客户端重定向URI",
"claims-redirect-uris": "声明重定向URI",
"claims-redirect-uris-help": "在声明收集步骤之后浏览器跳转至的目的地址",
"refresh": "刷新",
"refresh-tokens": "刷新令牌",
"refresh-tokens-issued": "为此客户端发布的刷新令牌",
"refresh-tokens-issued-help": "这将把 offline_access 加入客户端的范围。",
"refresh-tokens-reused": "此客户端的刷新令牌被重用",
"clear-access-tokens": "当刷新令牌用过之后,已激活的访问令牌自动失效",
"refresh-tokens-no-expire": "刷新令牌尚未过期",
"registered": "注册于",
"registration-token": "注册令牌:",
"registration-access-token": "注册访问令牌",
"registration-token-error": "无法为此客户端下载注册访问令牌。",
"request-object-signing-algorithm": "请求对象签名算法",
"request-uri": "请求的URI",
"request-uri-help": "URI包含此客户端使用的请求对象",
"require-auth-time": "需要身份认证时间(auth_time)",
"require-auth-time-label": "总是需要在身份令牌中包含auth_time声明",
"response-types": "响应类型",
"rotate-registration-token": "旋转注册令牌",
"rotate-registration-token-confirm": "你确定你想旋转这个客户端的登录令牌?",
"rotate-registration-token-error": "无法旋转该客户端的注册访问令牌。",
"saved": {
"no-secret": "没有客户端密钥",
"saved": "客户端已保存",
"secret": "密钥:",
"show-secret": "显示密钥",
"unchanged": "不变"
},
"scope-placeholder": "新范围",
"scope-help": "OAuth范围允许客户端请求",
"seconds": "秒",
"secret-asymmetric-jwt": "非对称签名JWT断言",
"secret-http": "客户端密钥经由HTTP Basic",
"secret-none": "没有认证",
"secret-post": "客户端密钥经由HTTP POST",
"secret-symmetric-jwt": "客户端密钥经由对称签名JWT断言",
"sector-identifier": "扇区标识符URI",
"signing": {
"any": "允许",
"default": "使用服务器默认",
"es256": "ECDSA采用P-256曲线和SHA-256哈希算法",
"es384": "ECDSA采用P-384曲线及SHA-384哈希算法",
"es512": "ECDSA采用P-512曲线及SHA-512哈希算法",
"hs256": "HMAC使用SHA-256哈希算法",
"hs384": "HMAC使用SHA-384哈希算法",
"hs512": "HMAC使用SHA-512哈希算法",
"none": "没有数字签名",
"rs256": "RSASSA使用SHA-256哈希算法",
"rs384": "RSASSA采用SHA-384哈希算法",
"rs512": "RSASSA使用SHA-512哈希算法",
"ps256": "采用SHA-256和MGF1的RSASSA-PSS算法",
"ps384": "采用SHA-384和MGF1的RSASSA-PSS算法",
"ps512": "采用SHA-512和MGF1的RSASSA-PSS算法"
},
"subject-type": "主体类型",
"terms": "服务条款",
"terms-help": "此客户服务条款的URL将向用户显示",
"token-signing-algorithm": "令牌端点认证签名算法",
"tokens": "令牌",
"type": "应用类型",
"type-native": "原生应用",
"type-web": "网络应用",
"unknown": "(未知)",
"user-info-crypto-algorithm": "用户信息端点加密算法",
"user-info-crypto-method": "用户信息端点加密方法",
"user-info-signing-algorithm": "用户信息端点签名算法"
},
"client-table": {
"allow-introspection-tooltip": "这个客户端可以执行令牌自省",
"confirm": "你确定要删除这个客户端?",
"dynamically-registered-tooltip": "这个客户端是动态注册的。点击查看注册访问令牌",
"match": {
"contacts": "联系人",
"description": "描述",
"homepage": "主页",
"id": "身份",
"name": "名称",
"policy": "政策",
"redirect": "重定向URI",
"scope": "范围",
"terms": "服务条款"
},
"matched-search": "匹配搜索:",
"new": "新客户端",
"no-clients": "此服务器上没有注册的客户端。",
"no-matches": "没有匹配搜索条件的客户端。",
"no-redirect": "没有重定向URI",
"registered": "注册于",
"search": "搜索……",
"whitelist": "白名单",
"unknown": "一个未知的时间"
},
"manage": "管理客户端",
"more-info": {
"contacts": "管理员联系方式:",
"home": "主页",
"more": "更多信息",
"policy": "政策",
"terms": "服务条款:"
},
"newClient": "新客户端"
},
"common": {
"cancel": "取消",
"client": "客户端",
"clients": "客户端",
"close": "关闭",
"delete": "删除",
"description": "描述",
"dynamically-registered": "这个客户端是动态注册的",
"edit": "编辑",
"expires": "到期:",
"information": "信息",
"new": "新建",
"not-yet-implemented": "未实现",
"not-yet-implemented-content": "这个字段的值将于客户端保存,但服务器目前不处理任何事情。服务器的未来库版本将利用它。",
"revoke": "撤销",
"save": "保存",
"scopes": "范围",
"statistics": "统计",
"refresh": "刷新",
"scope": "范围",
"users": "用户",
"user": "用户",
"roles": "角色",
"role": "角色",
"email": "电子邮箱",
"active": "已激活",
"inactive": "未激活"
},
"dynreg": {
"client-id-placeholder": "输入客户端ID",
"configuration-url": "客户端配置URL",
"edit-dynamically-registered": "编辑动态注册的客户端",
"edit-existing": "编辑一个现有的客户端",
"edit-existing-help": "用于编辑之前已注册的客户端。粘贴您的客户端ID和注册访问令牌以便访问该客户端。",
"edit-existing-button": "编辑客户端",
"invalid-access-token": "无效的客户端或注册访问令牌。",
"new-client": "注册新客户端",
"new-client-help": "用于注册新的客户端。请提供客户端ID和注册访问令牌以便管理您的客户端。",
"new-client-button": "新建客户端",
"regtoken-placeholder": "输入注册访问令牌",
"warning": "<strong>警告!</strong>你必须保护好<b>客户端ID </b><b>客户密钥(如果提供)</b>,以及您的<b>注册访问令牌</b>。如果你丢失了客户端ID或注册访问令牌将无法访问您的客户端注册记录你需要注册一个新客户端。",
"will-be-generated": "当保存客户端信息将由服务器生成"
},
"grant": {
"manage-approved-sites": "管理批准的网站",
"refresh": "刷新",
"grant-table": {
"active-tokens": "当前活跃的访问令牌数量",
"application": "应用程序",
"approved-sites": "许可站点",
"authorized": "授权:",
"dynamically-registered": "这个客户端是动态注册的",
"expires": "到期:",
"last-accessed": "上次访问:",
"never": "从未",
"no-sites": "还未批准任何网站。",
"no-whitelisted": "还未访问任何白名单的网站。",
"pre-approved": "这些都是预先由管理员批准的网站。",
"text": "这些都是您已经手动批准的网站。如果同一网站将来要进行同样的访问,它将直接通过、且没有提示。",
"unknown": "未知",
"whitelist-note": "<b>注:</b>如果你在此撤销它们,它们将在您下次访问时不经提示即被自动重新批准。",
"whitelisted-site": "这个网站由管理员列入白名单中",
"whitelisted-sites": "白名单的网站"
}
},
"rsreg": {
"resource-id-placeholder": "输入资源ID",
"configuration-url": "客户端配置URL",
"edit": "编辑受保护的资源",
"edit-existing": "编辑现有的保护资源",
"edit-existing-help": "用于编辑之前已注册的资源。请提供您的客戶端ID和注册访问令牌来访问资源的属性。",
"edit-existing-button": "编辑资源",
"invalid-access-token": "无效的客户端或注册访问令牌。",
"new-client": "注册新的受保护资源",
"new-client-help": "用于注册新的资源。请提供客户端ID和注册访问令牌以便管理您的资源。",
"new-client-button": "新建资源",
"regtoken-placeholder": "输入注册访问令牌",
"will-be-generated": "当保存资源信息将由服务器生成",
"warning": "<strong>警告!</strong>你必须保护好<b>客户端ID </b><b>客户密钥(如果提供)</b>,以及<b>注册访问令牌</b>。如果丢失了客户端ID或注册访问令牌将无法再次获得您的客户端注册记录你需要注册一个新客户端。",
"client-form": {
"scope-help": "这个资源能够自省令牌的范围。"
}
},
"scope": {
"manage": "管理系统范围",
"scope-list": {
"no-scopes": "没有范围"
},
"system-scope-form": {
"default": "默认范围",
"default-help": "新创建的用户默认情况下获得这个范围?",
"description-help": "人类可读的文本描述",
"description-placeholder": "输入说明",
"restricted": "限制",
"restricted-help": "限制范围只能由系统管理员使用,可用动态注册客户和保护资源",
"edit": "编辑范围",
"icon": "图标",
"new": "新范围",
"select-icon": "选择图标",
"structured": "是一个结构化的范围",
"structured-help": "范围结构化是否包含如<code>base:extension</code>的结构化值?",
"structured-param-help": "人类可读的结构化参数描述",
"subject-type": "主体类型",
"value": "范围值",
"value-help": "不含空格的单个字符串",
"value-placeholder": "范围"
},
"system-scope-table": {
"confirm": "你确定要删除此范围?引用了此范围的客户端还需要它。",
"new": "新范围",
"text": "尚未定义系统范围。客户可自定义范围。",
"tooltip-restricted": "此范围只能由管理员使用。它不能用于动态注册。",
"tooltip-default": "这个范围将自动分配给新注册的客户。"
}
},
"token": {
"manage": "管理活动的令牌",
"token-table": {
"access-tokens": "访问令牌",
"associated-id": "这个访问令牌附带相关的身份令牌。",
"associated-refresh": "这个访问令牌附带相关的刷新令牌。",
"click-to-display": "点击显示完整的令牌值",
"confirm": "你确定要撤销这个令牌?",
"confirm-refresh": "你确定要撤销这个刷新令牌及其相关的访问令牌?",
"expires": "过期",
"no-access": "没有活动的访问令牌。",
"no-refresh": "没有活动的刷新令牌。",
"number-of-tokens": "关联的访问令牌数量",
"refresh-tokens": "刷新令牌",
"text": "访问令牌通常是短暂的供客户端访问特定的资源。身份令牌是采用OpenID Connect协议登录的、专门的访问令牌。",
"text-refresh": "刷新令牌通常是长期的,以便客户端能无需用户介入即可获取新的访问令牌。",
"token-info": "令牌的信息"
}
},
"whitelist": {
"confirm": "你确定要删除这个白名单项?",
"edit": "编辑白名单",
"manage": "管理列入白名单的网站",
"new": "新白名单",
"whitelist": "白名单",
"whitelist-form": {
"allowed-scopes": "允许范围",
"edit": "编辑白名单的网站",
"new": "新增白名单网站",
"scope-help": "当客户端发出请求列表时将自动批准的范围",
"scope-placeholder": "新范围"
},
"whitelist-table": {
"no-sites": "白名单列表为空。使用<strong>白名单</strong>按钮在客户端管理页面创建一个。"
}
},
"blacklist": {
"text": "被拉黑的网站URI将无法用做注册客户端的重定向地址无论是在管理界面中添加、还是动态注册都不会成功。",
"blacklist-uri-placeholder": "要拉黑的网站URI",
"add": "将网站URI加入黑名单",
"empty": "当前黑名单为空",
"uri": "URI"
},
"copyright": "基于<a href=\"https://github.com/mitreid-connect/\">MITREid Connect <span class=\"label\">{0}</span></a>技术构建 <span class=\"pull-right\">&copy; 2016 MITRE公司及MIT因特网信任联盟</span>.",
"about": {
"title": "关于",
"body": "\n此OpenID Connect服务基于开源的MITREid Connect项目该项目来自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特网信任联盟</a>。\n</p>\n<p>\n有关项目的更多信息可见 \n<a href=\"http://github.com/mitreid-connect/\">GitHub上的MITREid Connect项目</a>。 \n在那儿您可以提交bug报告、提交反馈甚或提交代码补丁。"
},
"statistics": {
"title": "统计",
"number_users": "用户数: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
"number_clients": "授权的客户端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
"number_approvals": "已批准的站点: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
},
"home": {
"title": "首页",
"welcome": {
"title": "欢迎!",
"body": "\nOpenID Connect是适于因特网部署的身份联邦认证服务器基于OAuth2授权框架之上的OpenID Connect技术构建。\nOpenID Connect让您无需暴露自己的用户名、密码即可便捷登录网站。</p>\n<p><a class=\"btn btn-primary btn-large\" href=\"http://openid.net/connect/\">了解更多信息&raquo;</a>"
},
"more": "更多",
"about": {
"title": "关于",
"body": "本服务基于开源的MITREid Connect项目该项目来自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特网信任联盟</a>。"
},
"contact": {
"title": "联系方式",
"body": "\n如需更多的信息和支持请联系本系统的管理员。</p>\n<p><a class=\"btn\" href=\"mailto:idp@example.com?Subject=OpenID Connect\">电子信箱 &raquo;</a>"
},
"statistics": {
"title": "当前统计",
"loading": "加载……",
"number_users": "用户数: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
"number_clients": "授权的客户端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
"number_approvals": "已批准的站点: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
}
},
"contact": {
"title": "联系方式",
"body": "如果要报告有关MITREid Connect软件自身的bug请访问\n<a href=\"https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues\">GitHub issue追踪系统</a>。 \n有关当前服务器的问题请联系服务器管理员。"
},
"topbar": {
"about": "关于",
"contact": "联系方式",
"statistics": "统计",
"home": "首页",
"login": "登录",
"logout": "注销"
},
"sidebar": {
"administrative": {
"title": "管理",
"manage_clients": "管理客户端",
"whitelisted_clients": "白名单",
"blacklisted_clients": "黑名单",
"system_scopes": "系统范围"
},
"personal": {
"title": "个人",
"approved_sites": "管理批准的网站",
"active_tokens": "管理活动的令牌",
"profile_information": "查看用户信息"
},
"developer": {
"title": "开发者自助服务",
"client_registration": "客户端注册",
"resource_registration": "保护资源注册"
}
},
"manage": {
"ok": "好的",
"loading": "加载",
"title": "管理控制台"
},
"approve": {
"dynamically-registered-unknown": "在一个未知的时间",
"title": "批准访问",
"error": {
"not_granted": "访问可能不获批准。"
},
"required_for": "有待批准",
"dynamically_registered": "此客户端已被动态注册了<span class=\"label label-info\" id=\"registrationTime\">{0}</span>次。",
"caution": {
"title": "注意",
"message": {
"none": "它之前<span class=\"label label-important\">从未</span>被批准。",
"singular": "它之前已被批准了<span class=\"label label-warning\">{0}</span>次。",
"plural": "它之前已被批准了<span class=\"label\">{0}</span>次。"
}
},
"more_information": "更多信息",
"home_page": "主页",
"policy": "政策",
"terms": "服务条款",
"contacts": "管理人员",
"warning": "警告",
"no_redirect_uri": "该客户端没有注册任何重定向URI可能被使用恶意的URI。",
"redirect_uri": "如果点击批准,您将被重定向至如下页面: <code>{0}</code>",
"pairwise": "该客户端使用<b>pairwise</b>标识符,这使得在不同站点间关联身份变得稍加困难。",
"no_scopes": "该客户端没有注册任何范围,因此允许请求系统可用的<em>any</em>(任意)范围。请务必谨慎处理。",
"access_to": "访问",
"remember": {
"title": "记住这个决定",
"until_revoke": "记住这个决定直到我撤销",
"one_hour": "记住该决定一个小时",
"next_time": "下次再提醒我"
},
"do_authorize": "是否授权",
"label": {
"authorize": "授权",
"deny": "拒绝"
}
},
"error": {
"title": "错误",
"header": "错误:",
"message": "在处理您的请求过程中发生了错误。服务器信息为:"
},
"login": {
"login_with_username_and_password": "请使用您的用户名及密码登录",
"username": "用户名",
"password": "密码",
"login-button": "登录",
"error": "登录失败。请重试。"
}
}

977
openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_CN/messages.json
View File

@ -1,490 +1,487 @@
{
"admin": {
"blacklist": "黑名单",
"blacklist-form": {
"blacklisted-uris": "列入黑名单的URI"
},
"home": "首页",
"list-widget": {
"empty": "此列表为空。",
"tooltip": "单击显示全部值。"
},
"manage-blacklist": "管理列入黑名单的客户端",
"self-service-client": "自助服务-客户端注册",
"self-service-resource": "自助服务-受保护资源注册",
"user-profile": {
"claim": "声明项",
"show": "查看用户信息",
"text": "您的用户信息如下:",
"value": "内容"
}
},
"client": {
"client-form": {
"access": "访问",
"access-token-no-timeout": "访问令牌不时间",
"access-token-timeout": "访问令牌超时",
"access-token-timeout-help": "输入时间(秒、分钟或小时)。",
"acr-values": "默认ACR值",
"acr-values-placeholder": "新的ACR值",
"acr-values-help": "用于请求该客户端的默认身份验证上下文参考",
"allow-introspection": "允许调用内省端点?",
"authentication-method": "令牌端点认证方法",
"authorization-code": "授权码",
"client-credentials": "客户端凭证",
"client-description": "描述",
"client-description-help": "人类可读的文本描述",
"client-description-placeholder": "填入说明描述",
"client-id": "客户端ID",
"client-id-help": "唯一标识符。如果不填则系统会自动生成一个。",
"client-id-placeholder": "输入一些字符",
"client-name": "客户端名称",
"client-name-help": "人类可读的应用程序名称",
"client-name-placeholder": "输入一些字符",
"client-secret": "客户端密钥",
"client-secret-placeholder": "输入密钥",
"contacts": "联系人",
"contacts-help": "此客户端管理员的联系人名单。",
"contacts-placeholder": "新联系人",
"credentials": "凭据",
"crypto": {
"a128cbc-hs256": "复合认证加密算法采用密码块链CBC模式AES以PKCS #5填充完整性计算使用HMAC SHA-256并使用256位的CMK和128位CEK",
"a256cbc-hs512": "复合认证加密算法采用密码块链CBC模式AES以PKCS #5填充完整性计算使用HMAC SHA-512并使用512位的CMK和256位CEK",
"a128gcm": "AES GCM使用128位的密钥",
"a256gcm": "AES GCM使用256位的密钥",
"a128kw": "AES密钥封装算法使用128位的密钥",
"a256kw": "AES密钥封装算法使用256位的密钥",
"default": "使用服务器默认",
"dir": "直接使用一个共享对称密钥作为块加密的内容主密钥CMK",
"ecdh-es": "椭圆曲线Diffie-Hellman短时静态密钥协议使用Concat KDF商定的密钥被直接用作内容主密钥CMK",
"ecdh-es-a128kw": "椭圆曲线Diffie-Hellman短时静态密钥协议使用ECDH-ES和第4.7小节但商定的密钥是用以A128KW函数封装内容主密钥CMK",
"ecdh-es-a256kw": "椭圆曲线Diffie-Hellman短时静态密钥协议使用ECDH-ES和第4.7小节但商定的密钥是用以A256KW函数封装内容主密钥CMK",
"none": "不加密",
"rsa-oaep": "RSAES使用最优不对称加密填充OAEP",
"rsa1-5": "RSAES-PKCS1-V1_5"
},
"cryptography": "密码",
"display-secret": "显示/编辑客户端密钥:",
"edit": "编辑客户端",
"generate-new-secret": "生成一个新的客户端密钥吗?",
"generate-new-secret-help": "当点击“保存”时生成新的密钥",
"generate-on-save": "保存时生成",
"grant-types": "批准的类型",
"home": "主页",
"home-help": "客户端首页的URL将显示给用户",
"hours": "小时",
"id": "ID",
"id-token-crypto-algorithm": "身份令牌加密算法",
"id-token-crypto-method": "身份令牌加密方法",
"id-token-signing-algorithm": "身份令牌签名算法",
"id-token-timeout": "身份令牌超时",
"implicit": "隐式的",
"initiate-login": "初始化登录",
"initiate-login-help": "启动登录客户端的URL",
"introspection": "自省",
"jwk-set": "公钥集",
"jwk-set-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
"jwk-set-value-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
"logo": "标志Logo)",
"logo-help": "标志Logo图像的URL将显示在批准页",
"main": "首要",
"max-age": "默认最长有效时间",
"max-age-help": "再提示之前的默认最长会话有效时间",
"minutes": "分钟",
"new": "新客户端",
"other": "其它",
"pairwise": "Pairwise对",
"password": "密码",
"policy": "政策声明",
"policy-help": "此客户端的政策声明链接,将显示给用户",
"post-logout": "注销后重定向",
"post-logout-help": "客户端注销操作后的重定向URL",
"public": "公共",
"redelegation": "重新授权",
"redirect-uris": "重定向URI",
"redirect-uris-help": "在授权页面之后客户端重定向URI",
"claims-redirect-uris": "声明重定向URI",
"claims-redirect-uris-help": "在声明收集步骤之后浏览器跳转至的目的地址",
"refresh": "刷新",
"refresh-tokens": "刷新令牌",
"refresh-tokens-issued": "为此客户端发布的刷新令牌",
"refresh-tokens-issued-help": "这将把 offline_access 加入客户端的范围。",
"refresh-tokens-reused": "此客户端的刷新令牌被重用",
"clear-access-tokens": "当刷新令牌用过之后,已激活的访问令牌自动失效",
"refresh-tokens-no-expire": "刷新令牌尚未过期",
"registered": "注册于",
"registration-token": "注册令牌:",
"registration-access-token": "注册访问令牌",
"registration-token-error": "无法为此客户端下载注册访问令牌。",
"request-object-signing-algorithm": "请求对象签名算法",
"request-uri": "请求的URI",
"request-uri-help": "URI包含此客户端使用的请求对象",
"require-auth-time": "需要身份认证时间(auth_time)",
"require-auth-time-label": "总是需要在身份令牌中包含auth_time声明",
"response-types": "响应类型",
"rotate-registration-token": "旋转注册令牌",
"rotate-registration-token-confirm": "你确定你想旋转这个客户端的登录令牌?",
"rotate-registration-token-error": "无法旋转该客户端的注册访问令牌。",
"saved": {
"no-secret": "没有客户端密钥",
"saved": "客户端已保存",
"secret": "密钥:",
"show-secret": "显示密钥",
"unchanged": "不变"
},
"scope-placeholder": "新范围",
"scope-help": "OAuth范围允许客户端请求",
"seconds": "秒",
"secret-asymmetric-jwt": "非对称签名JWT断言",
"secret-http": "客户端密钥经由HTTP Basic",
"secret-none": "没有认证",
"secret-post": "客户端密钥经由HTTP POST",
"secret-symmetric-jwt": "客户端密钥经由对称签名JWT断言",
"sector-identifier": "扇区标识符URI",
"signing": {
"any": "允许",
"default": "使用服务器默认",
"es256": "ECDSA采用P-256曲线和SHA-256哈希算法",
"es384": "ECDSA采用P-384曲线及SHA-384哈希算法",
"es512": "ECDSA采用P-512曲线及SHA-512哈希算法",
"hs256": "HMAC使用SHA-256哈希算法",
"hs384": "HMAC使用SHA-384哈希算法",
"hs512": "HMAC使用SHA-512哈希算法",
"none": "没有数字签名",
"rs256": "RSASSA使用SHA-256哈希算法",
"rs384": "RSASSA采用SHA-384哈希算法",
"rs512": "RSASSA使用SHA-512哈希算法",
"ps256": "采用SHA-256和MGF1的RSASSA-PSS算法",
"ps384": "采用SHA-384和MGF1的RSASSA-PSS算法",
"ps512": "采用SHA-512和MGF1的RSASSA-PSS算法"
},
"subject-type": "主体类型",
"terms": "服务条款",
"terms-help": "此客户服务条款的URL将向用户显示",
"token-signing-algorithm": "令牌端点认证签名算法",
"tokens": "令牌",
"type": "应用类型",
"type-native": "原生应用",
"type-web": "网络应用",
"unknown": "(未知)",
"user-info-crypto-algorithm": "用户信息端点加密算法",
"user-info-crypto-method": "用户信息端点加密方法",
"user-info-signing-algorithm": "用户信息端点签名算法"
},
"client-table": {
"allow-introspection-tooltip": "这个客户端可以执行令牌自省",
"confirm": "你确定要删除这个客户端?",
"dynamically-registered-tooltip": "这个客户端是动态注册的。点击查看注册访问令牌",
"match": {
"contacts": "联系人",
"description": "描述",
"homepage": "主页",
"id": "身份",
"logo": "标志",
"name": "名称",
"policy": "政策",
"redirect": "重定向URI",
"scope": "范围",
"terms": "服务条款"
},
"matched-search": "匹配搜索:",
"new": "新客户端",
"no-clients": "此服务器上没有注册的客户端。",
"no-matches": "没有匹配搜索条件的客户端。",
"no-redirect": "没有重定向URI",
"registered": "注册于",
"search": "搜索……",
"whitelist": "白名单",
"unknown": "一个未知的时间"
},
"manage": "管理客户端",
"more-info": {
"contacts": "管理员联系方式:",
"home": "主页",
"more": "更多信息",
"policy": "政策",
"terms": "服务条款:"
},
"newClient": "新客户端"
},
"common": {
"cancel": "取消",
"client": "客户端",
"clients": "客户端",
"close": "关闭",
"delete": "删除",
"description": "描述",
"dynamically-registered": "这个客户端是动态注册的",
"edit": "编辑",
"expires": "到期:",
"information": "信息",
"new": "新建",
"not-yet-implemented": "未实现",
"not-yet-implemented-content": "这个字段的值将于客户端保存,但服务器目前不处理任何事情。服务器的未来库版本将利用它。",
"revoke": "撤销",
"save": "保存",
"scopes": "范围",
"statistics": "统计",
"refresh": "刷新",
"scope": "范围",
"users": "用户",
"user": "用户",
"roles": "角色",
"role": "角色",
"email": "电子邮箱",
"active": "已激活",
"inactive": "未激活"
},
"dynreg": {
"client-id-placeholder": "输入客户端ID",
"configuration-url": "客户端配置URL",
"edit-dynamically-registered": "编辑动态注册的客户端",
"edit-existing": "编辑一个现有的客户端",
"edit-existing-help": "用于编辑之前已注册的客户端。粘贴您的客户端ID和注册访问令牌以便访问该客户端。",
"edit-existing-button": "编辑客户端",
"invalid-access-token": "无效的客户端或注册访问令牌。",
"new-client": "注册新客户端",
"new-client-help": "用于注册新的客户端。请提供客户端ID和注册访问令牌以便管理您的客户端。",
"new-client-button": "新建客户端",
"regtoken-placeholder": "输入注册访问令牌",
"warning": "<strong>警告!</strong>你必须保护好<b>客户端ID </b><b>客户密钥(如果提供)</b>,以及您的<b>注册访问令牌</b>。如果你丢失了客户端ID或注册访问令牌将无法访问您的客户端注册记录你需要注册一个新客户端。",
"will-be-generated": "当保存客户端信息将由服务器生成"
},
"grant": {
"manage-approved-sites": "管理批准的网站",
"refresh": "刷新",
"grant-table": {
"active-tokens": "当前活跃的访问令牌数量",
"application": "应用程序",
"approved-sites": "许可站点",
"authorized": "授权:",
"dynamically-registered": "这个客户端是动态注册的",
"expires": "到期:",
"last-accessed": "上次访问:",
"never": "从未",
"no-sites": "还未批准任何网站。",
"no-whitelisted": "还未访问任何白名单的网站。",
"pre-approved": "这些都是预先由管理员批准的网站。",
"text": "这些都是您已经手动批准的网站。如果同一网站将来要进行同样的访问,它将直接通过、且没有提示。",
"unknown": "未知",
"whitelist-note": "<b>注:</b>如果你在此撤销它们,它们将在您下次访问时不经提示即被自动重新批准。",
"whitelisted-site": "这个网站由管理员列入白名单中",
"whitelisted-sites": "白名单的网站"
}
},
"rsreg": {
"resource-id-placeholder": "输入资源ID",
"configuration-url": "客户端配置URL",
"edit": "编辑受保护的资源",
"edit-existing": "编辑现有的保护资源",
"edit-existing-help": "用于编辑之前已注册的资源。请提供您的客戶端ID和注册访问令牌来访问资源的属性。",
"edit-existing-button": "编辑资源",
"invalid-access-token": "无效的客户端或注册访问令牌。",
"new-client": "注册新的受保护资源",
"new-client-help": "用于注册新的资源。请提供客户端ID和注册访问令牌以便管理您的资源。",
"new-client-button": "新建资源",
"regtoken-placeholder": "输入注册访问令牌",
"will-be-generated": "当保存资源信息将由服务器生成",
"warning": "<strong>警告!</strong>你必须保护好<b>客户端ID </b><b>客户密钥(如果提供)</b>,以及<b>注册访问令牌</b>。如果丢失了客户端ID或注册访问令牌将无法再次获得您的客户端注册记录你需要注册一个新客户端。",
"client-form": {
"scope-help": "这个资源能够自省令牌的范围。"
}
},
"scope": {
"manage": "管理系统范围",
"scope-list": {
"no-scopes": "没有范围"
},
"system-scope-form": {
"default": "默认范围",
"default-help": "新创建的用户默认情况下获得这个范围?",
"description-help": "人类可读的文本描述",
"description-placeholder": "输入说明",
"restricted": "限制",
"restricted-help": "限制范围只能由系统管理员使用,可用动态注册客户和保护资源",
"edit": "编辑范围",
"icon": "图标",
"new": "新范围",
"select-icon": "选择图标",
"structured": "是一个结构化的范围",
"structured-help": "范围结构化是否包含如<code>base:extension</code>的结构化值?",
"structured-param-help": "人类可读的结构化参数描述",
"subject-type": "主体类型",
"value": "范围值",
"value-help": "不含空格的单个字符串",
"value-placeholder": "范围"
},
"system-scope-table": {
"confirm": "你确定要删除此范围?引用了此范围的客户端还需要它。",
"new": "新范围",
"text": "尚未定义系统范围。客户可自定义范围。",
"tooltip-restricted": "此范围只能由管理员使用。它不能用于动态注册。",
"tooltip-default": "这个范围将自动分配给新注册的客户。"
}
},
"token": {
"manage": "管理活动的令牌",
"token-table": {
"access-tokens": "访问令牌",
"associated-id": "这个访问令牌附带相关的身份令牌。",
"associated-refresh": "这个访问令牌附带相关的刷新令牌。",
"click-to-display": "点击显示完整的令牌值",
"confirm": "你确定要撤销这个令牌?",
"confirm-refresh": "你确定要撤销这个刷新令牌及其相关的访问令牌?",
"expires": "过期",
"no-access": "没有活动的访问令牌。",
"no-refresh": "没有活动的刷新令牌。",
"number-of-tokens": "关联的访问令牌数量",
"refresh-tokens": "刷新令牌",
"text": "访问令牌通常是短暂的供客户端访问特定的资源。身份令牌是采用OpenID Connect协议登录的、专门的访问令牌。",
"text-refresh": "刷新令牌通常是长期的,以便客户端能无需用户介入即可获取新的访问令牌。",
"token-info": "令牌的信息"
}
},
"whitelist": {
"confirm": "你确定要删除这个白名单项?",
"edit": "编辑白名单",
"manage": "管理列入白名单的网站",
"new": "新白名单",
"whitelist": "白名单",
"whitelist-form": {
"allowed-scopes": "允许范围",
"edit": "编辑白名单的网站",
"new": "新增白名单网站",
"scope-help": "当客户端发出请求列表时将自动批准的范围",
"scope-placeholder": "新范围"
},
"whitelist-table": {
"no-sites": "白名单列表为空。使用<strong>白名单</strong>按钮在客户端管理页面创建一个。"
}
},
"blacklist": {
"text": "被拉黑的网站URI将无法用做注册客户端的重定向地址无论是在管理界面中添加、还是动态注册都不会成功。",
"blacklist-uri-placeholder": "要拉黑的网站URI",
"add": "将网站URI加入黑名单",
"empty": "当前黑名单为空",
"uri": "URI"
},
"copyright": "基于<a href=\"https://github.com/mitreid-connect/\">MITREid Connect <span class=\"label\">{0}</span></a>技术构建 <span class=\"pull-right\">&copy; 2016 MITRE公司及MIT因特网信任联盟</span>.",
"about": {
"title": "关于",
"body": "\n此OpenID Connect服务基于开源的MITREid Connect项目该项目来自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特网信任联盟</a>。\n</p>\n<p>\n有关项目的更多信息可见 \n<a href=\"http://github.com/mitreid-connect/\">GitHub上的MITREid Connect项目</a>。 \n在那儿您可以提交bug报告、提交反馈甚或提交代码补丁。"
},
"statistics": {
"title": "统计",
"number_users": "用户数: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
"number_clients": "授权的客户端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
"number_approvals": "已批准的站点: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
},
"home": {
"title": "首页",
"welcome": {
"title": "欢迎!",
"body": "\nOpenID Connect是适于因特网部署的身份联邦认证服务器基于OAuth2授权框架之上的OpenID Connect技术构建。\nOpenID Connect让您无需暴露自己的用户名、密码即可便捷登录网站。</p>\n<p><a class=\"btn btn-primary btn-large\" href=\"http://openid.net/connect/\">了解更多信息&raquo;</a>"
},
"more": "更多",
"about": {
"title": "关于",
"body": "本服务基于开源的MITREid Connect项目该项目来自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特网信任联盟</a>。"
},
"contact": {
"title": "联系方式",
"body": "\n如需更多的信息和支持请联系本系统的管理员。</p>\n<p><a class=\"btn\" href=\"mailto:idp@example.com?Subject=OpenID Connect\">电子信箱 &raquo;</a>"
},
"statistics": {
"title": "当前统计",
"loading": "加载……",
"number_users": "用户数: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
"number_clients": "授权的客户端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
"number_approvals": "已批准的站点: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
}
},
"contact": {
"title": "联系方式",
"body": "如果要报告有关MITREid Connect软件自身的bug请访问\n<a href=\"https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues\">GitHub issue追踪系统</a>。 \n有关当前服务器的问题请联系服务器管理员。"
},
"topbar": {
"about": "关于",
"contact": "联系方式",
"statistics": "统计",
"home": "首页",
"login": "登录",
"logout": "注销"
},
"sidebar": {
"administrative": {
"title": "管理",
"manage_clients": "管理客户端",
"whitelisted_clients": "白名单",
"blacklisted_clients": "黑名单",
"system_scopes": "系统范围"
},
"personal": {
"title": "个人",
"approved_sites": "管理批准的网站",
"active_tokens": "管理活动的令牌",
"profile_information": "查看用户信息"
},
"developer": {
"title": "开发者自助服务",
"client_registration": "客户端注册",
"resource_registration": "保护资源注册"
}
},
"manage": {
"ok": "好的",
"loading": "加载",
"title": "管理控制台"
},
"approve": {
"dynamically-registered-unknown": "在一个未知的时间",
"title": "批准访问",
"error": {
"not_granted": "访问可能不获批准。"
},
"required_for": "有待批准",
"dynamically_registered": "此客户端已被动态注册了<span class=\"label label-info\" id=\"registrationTime\">{0}</span>次。",
"caution": {
"title": "注意",
"message": {
"none": "它之前<span class=\"label label-important\">从未</span>被批准。",
"singular": "它之前已被批准了<span class=\"label label-warning\">{0}</span>次。",
"plural": "它之前已被批准了<span class=\"label\">{0}</span>次。"
}
},
"more_information": "更多信息",
"home_page": "主页",
"policy": "政策",
"terms": "服务条款",
"contacts": "管理人员",
"warning": "警告",
"no_redirect_uri": "该客户端没有注册任何重定向URI可能被使用恶意的URI。",
"redirect_uri": "如果点击批准,您将被重定向至如下页面: <code>{0}</code>",
"pairwise": "该客户端使用<b>pairwise</b>标识符,这使得在不同站点间关联身份变得稍加困难。",
"no_scopes": "该客户端没有注册任何范围,因此允许请求系统可用的<em>any</em>(任意)范围。请务必谨慎处理。",
"access_to": "访问",
"remember": {
"title": "记住这个决定",
"until_revoke": "记住这个决定直到我撤销",
"one_hour": "记住该决定一个小时",
"next_time": "下次再提醒我"
},
"do_authorize": "是否授权",
"label": {
"authorize": "授权",
"deny": "拒绝"
}
},
"error": {
"title": "错误",
"header": "错误:",
"message": "在处理您的请求过程中发生了错误。服务器信息为:"
},
"login": {
"login_with_username_and_password": "请使用您的用户名及密码登录",
"username": "用户名",
"password": "密码",
"login-button": "登录",
"error": "登录失败。请重试。"
}
}
{
"admin": {
"blacklist": "黑名单",
"blacklist-form": {
"blacklisted-uris": "列入黑名单的URI"
},
"home": "首页",
"list-widget": {
"empty": "此列表为空。",
"tooltip": "单击显示全部值。"
},
"manage-blacklist": "管理列入黑名单的客户端",
"self-service-client": "自助服务-客户端注册",
"self-service-resource": "自助服务-受保护资源注册",
"user-profile": {
"claim": "声明项",
"show": "查看用户信息",
"text": "您的用户信息如下:",
"value": "内容"
}
},
"client": {
"client-form": {
"access": "访问",
"access-token-no-timeout": "访问令牌不时间",
"access-token-timeout": "访问令牌超时",
"access-token-timeout-help": "输入时间(秒、分钟或小时)。",
"acr-values": "默认ACR值",
"acr-values-placeholder": "新的ACR值",
"acr-values-help": "用于请求该客户端的默认身份验证上下文参考",
"allow-introspection": "允许调用内省端点?",
"authentication-method": "令牌端点认证方法",
"authorization-code": "授权码",
"client-credentials": "客户端凭证",
"client-description": "描述",
"client-description-help": "人类可读的文本描述",
"client-description-placeholder": "填入说明描述",
"client-id": "客户端ID",
"client-id-help": "唯一标识符。如果不填则系统会自动生成一个。",
"client-id-placeholder": "输入一些字符",
"client-name": "客户端名称",
"client-name-help": "人类可读的应用程序名称",
"client-name-placeholder": "输入一些字符",
"client-secret": "客户端密钥",
"client-secret-placeholder": "输入密钥",
"contacts": "联系人",
"contacts-help": "此客户端管理员的联系人名单。",
"contacts-placeholder": "新联系人",
"credentials": "凭据",
"crypto": {
"a128cbc-hs256": "复合认证加密算法采用密码块链CBC模式AES以PKCS #5填充完整性计算使用HMAC SHA-256并使用256位的CMK和128位CEK",
"a256cbc-hs512": "复合认证加密算法采用密码块链CBC模式AES以PKCS #5填充完整性计算使用HMAC SHA-512并使用512位的CMK和256位CEK",
"a128gcm": "AES GCM使用128位的密钥",
"a256gcm": "AES GCM使用256位的密钥",
"a128kw": "AES密钥封装算法使用128位的密钥",
"a256kw": "AES密钥封装算法使用256位的密钥",
"default": "使用服务器默认",
"dir": "直接使用一个共享对称密钥作为块加密的内容主密钥CMK",
"ecdh-es": "椭圆曲线Diffie-Hellman短时静态密钥协议使用Concat KDF商定的密钥被直接用作内容主密钥CMK",
"ecdh-es-a128kw": "椭圆曲线Diffie-Hellman短时静态密钥协议使用ECDH-ES和第4.7小节但商定的密钥是用以A128KW函数封装内容主密钥CMK",
"ecdh-es-a256kw": "椭圆曲线Diffie-Hellman短时静态密钥协议使用ECDH-ES和第4.7小节但商定的密钥是用以A256KW函数封装内容主密钥CMK",
"none": "不加密",
"rsa-oaep": "RSAES使用最优不对称加密填充OAEP",
"rsa1-5": "RSAES-PKCS1-V1_5"
},
"cryptography": "密码",
"display-secret": "显示/编辑客户端密钥:",
"edit": "编辑客户端",
"generate-new-secret": "生成一个新的客户端密钥吗?",
"generate-new-secret-help": "当点击“保存”时生成新的密钥",
"generate-on-save": "保存时生成",
"grant-types": "批准的类型",
"home": "主页",
"home-help": "客户端首页的URL将显示给用户",
"hours": "小时",
"id": "ID",
"id-token-crypto-algorithm": "身份令牌加密算法",
"id-token-crypto-method": "身份令牌加密方法",
"id-token-signing-algorithm": "身份令牌签名算法",
"id-token-timeout": "身份令牌超时",
"implicit": "隐式的",
"initiate-login": "初始化登录",
"initiate-login-help": "启动登录客户端的URL",
"introspection": "自省",
"jwk-set": "公钥集",
"jwk-set-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
"jwk-set-value-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
"main": "首要",
"max-age": "默认最长有效时间",
"max-age-help": "再提示之前的默认最长会话有效时间",
"minutes": "分钟",
"new": "新客户端",
"other": "其它",
"pairwise": "Pairwise对",
"password": "密码",
"policy": "政策声明",
"policy-help": "此客户端的政策声明链接,将显示给用户",
"post-logout": "注销后重定向",
"post-logout-help": "客户端注销操作后的重定向URL",
"public": "公共",
"redelegation": "重新授权",
"redirect-uris": "重定向URI",
"redirect-uris-help": "在授权页面之后客户端重定向URI",
"claims-redirect-uris": "声明重定向URI",
"claims-redirect-uris-help": "在声明收集步骤之后浏览器跳转至的目的地址",
"refresh": "刷新",
"refresh-tokens": "刷新令牌",
"refresh-tokens-issued": "为此客户端发布的刷新令牌",
"refresh-tokens-issued-help": "这将把 offline_access 加入客户端的范围。",
"refresh-tokens-reused": "此客户端的刷新令牌被重用",
"clear-access-tokens": "当刷新令牌用过之后,已激活的访问令牌自动失效",
"refresh-tokens-no-expire": "刷新令牌尚未过期",
"registered": "注册于",
"registration-token": "注册令牌:",
"registration-access-token": "注册访问令牌",
"registration-token-error": "无法为此客户端下载注册访问令牌。",
"request-object-signing-algorithm": "请求对象签名算法",
"request-uri": "请求的URI",
"request-uri-help": "URI包含此客户端使用的请求对象",
"require-auth-time": "需要身份认证时间(auth_time)",
"require-auth-time-label": "总是需要在身份令牌中包含auth_time声明",
"response-types": "响应类型",
"rotate-registration-token": "旋转注册令牌",
"rotate-registration-token-confirm": "你确定你想旋转这个客户端的登录令牌?",
"rotate-registration-token-error": "无法旋转该客户端的注册访问令牌。",
"saved": {
"no-secret": "没有客户端密钥",
"saved": "客户端已保存",
"secret": "密钥:",
"show-secret": "显示密钥",
"unchanged": "不变"
},
"scope-placeholder": "新范围",
"scope-help": "OAuth范围允许客户端请求",
"seconds": "秒",
"secret-asymmetric-jwt": "非对称签名JWT断言",
"secret-http": "客户端密钥经由HTTP Basic",
"secret-none": "没有认证",
"secret-post": "客户端密钥经由HTTP POST",
"secret-symmetric-jwt": "客户端密钥经由对称签名JWT断言",
"sector-identifier": "扇区标识符URI",
"signing": {
"any": "允许",
"default": "使用服务器默认",
"es256": "ECDSA采用P-256曲线和SHA-256哈希算法",
"es384": "ECDSA采用P-384曲线及SHA-384哈希算法",
"es512": "ECDSA采用P-512曲线及SHA-512哈希算法",
"hs256": "HMAC使用SHA-256哈希算法",
"hs384": "HMAC使用SHA-384哈希算法",
"hs512": "HMAC使用SHA-512哈希算法",
"none": "没有数字签名",
"rs256": "RSASSA使用SHA-256哈希算法",
"rs384": "RSASSA采用SHA-384哈希算法",
"rs512": "RSASSA使用SHA-512哈希算法",
"ps256": "采用SHA-256和MGF1的RSASSA-PSS算法",
"ps384": "采用SHA-384和MGF1的RSASSA-PSS算法",
"ps512": "采用SHA-512和MGF1的RSASSA-PSS算法"
},
"subject-type": "主体类型",
"terms": "服务条款",
"terms-help": "此客户服务条款的URL将向用户显示",
"token-signing-algorithm": "令牌端点认证签名算法",
"tokens": "令牌",
"type": "应用类型",
"type-native": "原生应用",
"type-web": "网络应用",
"unknown": "(未知)",
"user-info-crypto-algorithm": "用户信息端点加密算法",
"user-info-crypto-method": "用户信息端点加密方法",
"user-info-signing-algorithm": "用户信息端点签名算法"
},
"client-table": {
"allow-introspection-tooltip": "这个客户端可以执行令牌自省",
"confirm": "你确定要删除这个客户端?",
"dynamically-registered-tooltip": "这个客户端是动态注册的。点击查看注册访问令牌",
"match": {
"contacts": "联系人",
"description": "描述",
"homepage": "主页",
"id": "身份",
"name": "名称",
"policy": "政策",
"redirect": "重定向URI",
"scope": "范围",
"terms": "服务条款"
},
"matched-search": "匹配搜索:",
"new": "新客户端",
"no-clients": "此服务器上没有注册的客户端。",
"no-matches": "没有匹配搜索条件的客户端。",
"no-redirect": "没有重定向URI",
"registered": "注册于",
"search": "搜索……",
"whitelist": "白名单",
"unknown": "一个未知的时间"
},
"manage": "管理客户端",
"more-info": {
"contacts": "管理员联系方式:",
"home": "主页",
"more": "更多信息",
"policy": "政策",
"terms": "服务条款:"
},
"newClient": "新客户端"
},
"common": {
"cancel": "取消",
"client": "客户端",
"clients": "客户端",
"close": "关闭",
"delete": "删除",
"description": "描述",
"dynamically-registered": "这个客户端是动态注册的",
"edit": "编辑",
"expires": "到期:",
"information": "信息",
"new": "新建",
"not-yet-implemented": "未实现",
"not-yet-implemented-content": "这个字段的值将于客户端保存,但服务器目前不处理任何事情。服务器的未来库版本将利用它。",
"revoke": "撤销",
"save": "保存",
"scopes": "范围",
"statistics": "统计",
"refresh": "刷新",
"scope": "范围",
"users": "用户",
"user": "用户",
"roles": "角色",
"role": "角色",
"email": "电子邮箱",
"active": "已激活",
"inactive": "未激活"
},
"dynreg": {
"client-id-placeholder": "输入客户端ID",
"configuration-url": "客户端配置URL",
"edit-dynamically-registered": "编辑动态注册的客户端",
"edit-existing": "编辑一个现有的客户端",
"edit-existing-help": "用于编辑之前已注册的客户端。粘贴您的客户端ID和注册访问令牌以便访问该客户端。",
"edit-existing-button": "编辑客户端",
"invalid-access-token": "无效的客户端或注册访问令牌。",
"new-client": "注册新客户端",
"new-client-help": "用于注册新的客户端。请提供客户端ID和注册访问令牌以便管理您的客户端。",
"new-client-button": "新建客户端",
"regtoken-placeholder": "输入注册访问令牌",
"warning": "<strong>警告!</strong>你必须保护好<b>客户端ID </b><b>客户密钥(如果提供)</b>,以及您的<b>注册访问令牌</b>。如果你丢失了客户端ID或注册访问令牌将无法访问您的客户端注册记录你需要注册一个新客户端。",
"will-be-generated": "当保存客户端信息将由服务器生成"
},
"grant": {
"manage-approved-sites": "管理批准的网站",
"refresh": "刷新",
"grant-table": {
"active-tokens": "当前活跃的访问令牌数量",
"application": "应用程序",
"approved-sites": "许可站点",
"authorized": "授权:",
"dynamically-registered": "这个客户端是动态注册的",
"expires": "到期:",
"last-accessed": "上次访问:",
"never": "从未",
"no-sites": "还未批准任何网站。",
"no-whitelisted": "还未访问任何白名单的网站。",
"pre-approved": "这些都是预先由管理员批准的网站。",
"text": "这些都是您已经手动批准的网站。如果同一网站将来要进行同样的访问,它将直接通过、且没有提示。",
"unknown": "未知",
"whitelist-note": "<b>注:</b>如果你在此撤销它们,它们将在您下次访问时不经提示即被自动重新批准。",
"whitelisted-site": "这个网站由管理员列入白名单中",
"whitelisted-sites": "白名单的网站"
}
},
"rsreg": {
"resource-id-placeholder": "输入资源ID",
"configuration-url": "客户端配置URL",
"edit": "编辑受保护的资源",
"edit-existing": "编辑现有的保护资源",
"edit-existing-help": "用于编辑之前已注册的资源。请提供您的客戶端ID和注册访问令牌来访问资源的属性。",
"edit-existing-button": "编辑资源",
"invalid-access-token": "无效的客户端或注册访问令牌。",
"new-client": "注册新的受保护资源",
"new-client-help": "用于注册新的资源。请提供客户端ID和注册访问令牌以便管理您的资源。",
"new-client-button": "新建资源",
"regtoken-placeholder": "输入注册访问令牌",
"will-be-generated": "当保存资源信息将由服务器生成",
"warning": "<strong>警告!</strong>你必须保护好<b>客户端ID </b><b>客户密钥(如果提供)</b>,以及<b>注册访问令牌</b>。如果丢失了客户端ID或注册访问令牌将无法再次获得您的客户端注册记录你需要注册一个新客户端。",
"client-form": {
"scope-help": "这个资源能够自省令牌的范围。"
}
},
"scope": {
"manage": "管理系统范围",
"scope-list": {
"no-scopes": "没有范围"
},
"system-scope-form": {
"default": "默认范围",
"default-help": "新创建的用户默认情况下获得这个范围?",
"description-help": "人类可读的文本描述",
"description-placeholder": "输入说明",
"restricted": "限制",
"restricted-help": "限制范围只能由系统管理员使用,可用动态注册客户和保护资源",
"edit": "编辑范围",
"icon": "图标",
"new": "新范围",
"select-icon": "选择图标",
"structured": "是一个结构化的范围",
"structured-help": "范围结构化是否包含如<code>base:extension</code>的结构化值?",
"structured-param-help": "人类可读的结构化参数描述",
"subject-type": "主体类型",
"value": "范围值",
"value-help": "不含空格的单个字符串",
"value-placeholder": "范围"
},
"system-scope-table": {
"confirm": "你确定要删除此范围?引用了此范围的客户端还需要它。",
"new": "新范围",
"text": "尚未定义系统范围。客户可自定义范围。",
"tooltip-restricted": "此范围只能由管理员使用。它不能用于动态注册。",
"tooltip-default": "这个范围将自动分配给新注册的客户。"
}
},
"token": {
"manage": "管理活动的令牌",
"token-table": {
"access-tokens": "访问令牌",
"associated-id": "这个访问令牌附带相关的身份令牌。",
"associated-refresh": "这个访问令牌附带相关的刷新令牌。",
"click-to-display": "点击显示完整的令牌值",
"confirm": "你确定要撤销这个令牌?",
"confirm-refresh": "你确定要撤销这个刷新令牌及其相关的访问令牌?",
"expires": "过期",
"no-access": "没有活动的访问令牌。",
"no-refresh": "没有活动的刷新令牌。",
"number-of-tokens": "关联的访问令牌数量",
"refresh-tokens": "刷新令牌",
"text": "访问令牌通常是短暂的供客户端访问特定的资源。身份令牌是采用OpenID Connect协议登录的、专门的访问令牌。",
"text-refresh": "刷新令牌通常是长期的,以便客户端能无需用户介入即可获取新的访问令牌。",
"token-info": "令牌的信息"
}
},
"whitelist": {
"confirm": "你确定要删除这个白名单项?",
"edit": "编辑白名单",
"manage": "管理列入白名单的网站",
"new": "新白名单",
"whitelist": "白名单",
"whitelist-form": {
"allowed-scopes": "允许范围",
"edit": "编辑白名单的网站",
"new": "新增白名单网站",
"scope-help": "当客户端发出请求列表时将自动批准的范围",
"scope-placeholder": "新范围"
},
"whitelist-table": {
"no-sites": "白名单列表为空。使用<strong>白名单</strong>按钮在客户端管理页面创建一个。"
}
},
"blacklist": {
"text": "被拉黑的网站URI将无法用做注册客户端的重定向地址无论是在管理界面中添加、还是动态注册都不会成功。",
"blacklist-uri-placeholder": "要拉黑的网站URI",
"add": "将网站URI加入黑名单",
"empty": "当前黑名单为空",
"uri": "URI"
},
"copyright": "基于<a href=\"https://github.com/mitreid-connect/\">MITREid Connect <span class=\"label\">{0}</span></a>技术构建 <span class=\"pull-right\">&copy; 2016 MITRE公司及MIT因特网信任联盟</span>.",
"about": {
"title": "关于",
"body": "\n此OpenID Connect服务基于开源的MITREid Connect项目该项目来自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特网信任联盟</a>。\n</p>\n<p>\n有关项目的更多信息可见 \n<a href=\"http://github.com/mitreid-connect/\">GitHub上的MITREid Connect项目</a>。 \n在那儿您可以提交bug报告、提交反馈甚或提交代码补丁。"
},
"statistics": {
"title": "统计",
"number_users": "用户数: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
"number_clients": "授权的客户端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
"number_approvals": "已批准的站点: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
},
"home": {
"title": "首页",
"welcome": {
"title": "欢迎!",
"body": "\nOpenID Connect是适于因特网部署的身份联邦认证服务器基于OAuth2授权框架之上的OpenID Connect技术构建。\nOpenID Connect让您无需暴露自己的用户名、密码即可便捷登录网站。</p>\n<p><a class=\"btn btn-primary btn-large\" href=\"http://openid.net/connect/\">了解更多信息&raquo;</a>"
},
"more": "更多",
"about": {
"title": "关于",
"body": "本服务基于开源的MITREid Connect项目该项目来自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特网信任联盟</a>。"
},
"contact": {
"title": "联系方式",
"body": "\n如需更多的信息和支持请联系本系统的管理员。</p>\n<p><a class=\"btn\" href=\"mailto:idp@example.com?Subject=OpenID Connect\">电子信箱 &raquo;</a>"
},
"statistics": {
"title": "当前统计",
"loading": "加载……",
"number_users": "用户数: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
"number_clients": "授权的客户端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
"number_approvals": "已批准的站点: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
}
},
"contact": {
"title": "联系方式",
"body": "如果要报告有关MITREid Connect软件自身的bug请访问\n<a href=\"https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues\">GitHub issue追踪系统</a>。 \n有关当前服务器的问题请联系服务器管理员。"
},
"topbar": {
"about": "关于",
"contact": "联系方式",
"statistics": "统计",
"home": "首页",
"login": "登录",
"logout": "注销"
},
"sidebar": {
"administrative": {
"title": "管理",
"manage_clients": "管理客户端",
"whitelisted_clients": "白名单",
"blacklisted_clients": "黑名单",
"system_scopes": "系统范围"
},
"personal": {
"title": "个人",
"approved_sites": "管理批准的网站",
"active_tokens": "管理活动的令牌",
"profile_information": "查看用户信息"
},
"developer": {
"title": "开发者自助服务",
"client_registration": "客户端注册",
"resource_registration": "保护资源注册"
}
},
"manage": {
"ok": "好的",
"loading": "加载",
"title": "管理控制台"
},
"approve": {
"dynamically-registered-unknown": "在一个未知的时间",
"title": "批准访问",
"error": {
"not_granted": "访问可能不获批准。"
},
"required_for": "有待批准",
"dynamically_registered": "此客户端已被动态注册了<span class=\"label label-info\" id=\"registrationTime\">{0}</span>次。",
"caution": {
"title": "注意",
"message": {
"none": "它之前<span class=\"label label-important\">从未</span>被批准。",
"singular": "它之前已被批准了<span class=\"label label-warning\">{0}</span>次。",
"plural": "它之前已被批准了<span class=\"label\">{0}</span>次。"
}
},
"more_information": "更多信息",
"home_page": "主页",
"policy": "政策",
"terms": "服务条款",
"contacts": "管理人员",
"warning": "警告",
"no_redirect_uri": "该客户端没有注册任何重定向URI可能被使用恶意的URI。",
"redirect_uri": "如果点击批准,您将被重定向至如下页面: <code>{0}</code>",
"pairwise": "该客户端使用<b>pairwise</b>标识符,这使得在不同站点间关联身份变得稍加困难。",
"no_scopes": "该客户端没有注册任何范围,因此允许请求系统可用的<em>any</em>(任意)范围。请务必谨慎处理。",
"access_to": "访问",
"remember": {
"title": "记住这个决定",
"until_revoke": "记住这个决定直到我撤销",
"one_hour": "记住该决定一个小时",
"next_time": "下次再提醒我"
},
"do_authorize": "是否授权",
"label": {
"authorize": "授权",
"deny": "拒绝"
}
},
"error": {
"title": "错误",
"header": "错误:",
"message": "在处理您的请求过程中发生了错误。服务器信息为:"
},
"login": {
"login_with_username_and_password": "请使用您的用户名及密码登录",
"username": "用户名",
"password": "密码",
"login-button": "登录",
"error": "登录失败。请重试。"
}
}

977
openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_TW/messages.json
View File

@ -1,490 +1,487 @@
{
"admin": {
"blacklist": "黑名單",
"blacklist-form": {
"blacklisted-uris": "列入黑名單的URI"
},
"home": "首頁",
"list-widget": {
"empty": "此列表為空。",
"tooltip": "單擊顯示全部值。"
},
"manage-blacklist": "管理列入黑名單的客戶端",
"self-service-client": "自助服務-客戶端註冊",
"self-service-resource": "自助服務-受保護資源註冊",
"user-profile": {
"claim": "聲明項",
"show": "查看用戶資訊",
"text": "您的用戶資訊如下:",
"value": "內容"
}
},
"client": {
"client-form": {
"access": "訪問",
"access-token-no-timeout": "訪問令牌不時間",
"access-token-timeout": "訪問令牌超時",
"access-token-timeout-help": "輸入時間(秒、分鐘或小時)。",
"acr-values": "默認ACR值",
"acr-values-placeholder": "新的ACR值",
"acr-values-help": "用於請求該客戶端的默認身份驗證上下文參考",
"allow-introspection": "允許調用內省端點?",
"authentication-method": "令牌端點認證方法",
"authorization-code": "授權碼",
"client-credentials": "客戶端憑證",
"client-description": "描述",
"client-description-help": "人類可讀的文本描述",
"client-description-placeholder": "填入說明描述",
"client-id": "客戶端ID",
"client-id-help": "唯一標識符。如果不填則系統會自動生成一個。",
"client-id-placeholder": "輸入一些字符",
"client-name": "客戶端名稱",
"client-name-help": "人類可讀的應用程式名稱",
"client-name-placeholder": "輸入一些字符",
"client-secret": "客戶端密鑰",
"client-secret-placeholder": "輸入密鑰",
"contacts": "聯繫人",
"contacts-help": "此客戶端管理員的聯繫人名單。",
"contacts-placeholder": "新聯繫人",
"credentials": "憑據",
"crypto": {
"a128cbc-hs256": "複合認證加密算法採用密碼塊鏈CBC模式AES以PKCS #5填充完整性計算使用HMAC SHA-256並使用256位的CMK和128位CEK",
"a256cbc-hs512": "複合認證加密算法採用密碼塊鏈CBC模式AES以PKCS #5填充完整性計算使用HMAC SHA-512並使用512位的CMK和256位CEK",
"a128gcm": "AES GCM使用128位的密鑰",
"a256gcm": "AES GCM使用256位的密鑰",
"a128kw": "AES密鑰封裝算法使用128位的密鑰",
"a256kw": "AES密鑰封裝算法使用256位的密鑰",
"default": "使用伺服器默認",
"dir": "直接使用一個共享對稱密鑰作為塊加密的內容主密鑰CMK",
"ecdh-es": "橢圓曲線Diffie-Hellman短時靜態密鑰協議使用Concat KDF商定的密鑰被直接用作內容主密鑰CMK",
"ecdh-es-a128kw": "橢圓曲線Diffie-Hellman短時靜態密鑰協議使用ECDH-ES和第4.7小節但商定的密鑰是用以A128KW函數封裝內容主密鑰CMK",
"ecdh-es-a256kw": "橢圓曲線Diffie-Hellman短時靜態密鑰協議使用ECDH-ES和第4.7小節但商定的密鑰是用以A256KW函數封裝內容主密鑰CMK",
"none": "不加密",
"rsa-oaep": "RSAES使用最優不對稱加密填充OAEP",
"rsa1-5": "RSAES-PKCS1-V1_5"
},
"cryptography": "密碼",
"display-secret": "顯示/編輯客戶端密鑰:",
"edit": "編輯客戶端",
"generate-new-secret": "生成一個新的客戶端密鑰嗎?",
"generate-new-secret-help": "當點擊「保存」時生成新的密鑰",
"generate-on-save": "保存時生成",
"grant-types": "批准的類型",
"home": "主頁",
"home-help": "客戶端首頁的URL將顯示給用戶",
"hours": "小時",
"id": "ID",
"id-token-crypto-algorithm": "身份令牌加密算法",
"id-token-crypto-method": "身份令牌加密方法",
"id-token-signing-algorithm": "身份令牌簽名算法",
"id-token-timeout": "身份令牌超時",
"implicit": "隱式的",
"initiate-login": "初始化登入",
"initiate-login-help": "啟動登入客戶端的URL",
"introspection": "自省",
"jwk-set": "公鑰集",
"jwk-set-help": "客戶端JSON Web Key集的URL (須可被伺服器訪問)",
"jwk-set-value-help": "客戶端JSON Web Key集的URL (須可被伺服器訪問)",
"logo": "標誌Logo)",
"logo-help": "標誌Logo圖像的URL將顯示在批准頁",
"main": "首要",
"max-age": "默認最長有效時間",
"max-age-help": "再提示之前的默認最長會話有效時間",
"minutes": "分鐘",
"new": "新客戶端",
"other": "其它",
"pairwise": "Pairwise對",
"password": "密碼",
"policy": "政策聲明",
"policy-help": "此客戶端的政策聲明連接,將顯示給用戶",
"post-logout": "登出後重定向",
"post-logout-help": "客戶端登出操作後的重定向URL",
"public": "公共",
"redelegation": "重新授權",
"redirect-uris": "重定向URI",
"redirect-uris-help": "在授權頁面之後客戶端重定向URI",
"claims-redirect-uris": "聲明重定向URI",
"claims-redirect-uris-help": "在聲明採集步驟之後瀏覽器需重定向的目標URI",
"refresh": "刷新",
"refresh-tokens": "刷新令牌",
"refresh-tokens-issued": "為此客戶端發佈的刷新令牌",
"refresh-tokens-issued-help": "這將把 offline_access 加入客戶端的範圍。",
"refresh-tokens-reused": "此客戶端的刷新令牌被重用",
"clear-access-tokens": "當刷新令牌用過之後,已激活的訪問令牌自動失效",
"refresh-tokens-no-expire": "刷新令牌尚未過期",
"registered": "註冊於",
"registration-token": "註冊令牌:",
"registration-access-token": "註冊訪問令牌",
"registration-token-error": "無法為此客戶端下載註冊訪問令牌。",
"request-object-signing-algorithm": "請求對像簽名算法",
"request-uri": "請求的URI",
"request-uri-help": "URI包含此客戶端使用的請求對像",
"require-auth-time": "需要身份認證時間(auth_time)",
"require-auth-time-label": "總是需要在身份令牌中包含auth_time聲明",
"response-types": "回應類型",
"rotate-registration-token": "旋轉註冊令牌",
"rotate-registration-token-confirm": "你確定你想旋轉這個客戶端的登入令牌?",
"rotate-registration-token-error": "無法旋轉該客戶端的註冊訪問令牌。",
"saved": {
"no-secret": "沒有客戶端密鑰",
"saved": "客戶端已保存",
"secret": "密鑰:",
"show-secret": "顯示密鑰",
"unchanged": "不變"
},
"scope-placeholder": "新範圍",
"scope-help": "OAuth範圍允許客戶端請求",
"seconds": "秒",
"secret-asymmetric-jwt": "非對稱簽名JWT斷言",
"secret-http": "客戶端密鑰經由HTTP Basic",
"secret-none": "沒有認證",
"secret-post": "客戶端密鑰經由HTTP POST",
"secret-symmetric-jwt": "客戶端密鑰經由對稱簽名JWT斷言",
"sector-identifier": "扇區標識符URI",
"signing": {
"any": "允許",
"default": "使用伺服器默認",
"es256": "ECDSA採用P-256曲線和SHA-256哈希算法",
"es384": "ECDSA採用P-384曲線及SHA-384哈希算法",
"es512": "ECDSA採用P-512曲線及SHA-512哈希算法",
"hs256": "HMAC使用SHA-256哈希算法",
"hs384": "HMAC使用SHA-384哈希算法",
"hs512": "HMAC使用SHA-512哈希算法",
"none": "沒有數字簽名",
"rs256": "RSASSA使用SHA-256哈希算法",
"rs384": "RSASSA採用SHA-384哈希算法",
"rs512": "RSASSA使用SHA-512哈希算法",
"ps256": "採用SHA-256和MGF1的RSASSA-PSS算法",
"ps384": "採用SHA-384和MGF1的RSASSA-PSS算法",
"ps512": "採用SHA-512和MGF1的RSASSA-PSS算法"
},
"subject-type": "主體類型",
"terms": "服務條款",
"terms-help": "此客戶服務條款的URL將向用戶顯示",
"token-signing-algorithm": "令牌端點認證簽名算法",
"tokens": "令牌",
"type": "應用類型",
"type-native": "原生應用",
"type-web": "網絡應用",
"unknown": "(未知)",
"user-info-crypto-algorithm": "用戶資訊端點加密算法",
"user-info-crypto-method": "用戶資訊端點加密方法",
"user-info-signing-algorithm": "用戶資訊端點簽名算法"
},
"client-table": {
"allow-introspection-tooltip": "這個客戶端可以執行令牌自省",
"confirm": "你確定要刪除這個客戶端?",
"dynamically-registered-tooltip": "這個客戶端是動態註冊的。點擊查看註冊訪問令牌",
"match": {
"contacts": "聯繫人",
"description": "描述",
"homepage": "主頁",
"id": "身分",
"logo": "標誌",
"name": "名稱",
"policy": "政策",
"redirect": "重定向URI",
"scope": "範圍",
"terms": "服務條款"
},
"matched-search": "匹配搜索:",
"new": "新客戶端",
"no-clients": "此伺服器上沒有註冊的客戶端。",
"no-matches": "沒有匹配搜索條件的客戶端。",
"no-redirect": "沒有重定向URI",
"registered": "註冊於",
"search": "搜索……",
"whitelist": "白名單",
"unknown": "一個未知的時間"
},
"manage": "管理客戶端",
"more-info": {
"contacts": "管理員聯繫方式:",
"home": "主頁",
"more": "更多資訊",
"policy": "政策",
"terms": "服務條款:"
},
"newClient": "新客戶端"
},
"common": {
"cancel": "取消",
"client": "客戶端",
"clients": "客戶端",
"close": "關閉",
"delete": "刪除",
"description": "描述",
"dynamically-registered": "這個客戶端是動態註冊的",
"edit": "編輯",
"expires": "到期:",
"information": "資訊",
"new": "新建",
"not-yet-implemented": "未實現",
"not-yet-implemented-content": "這個字段的值將於客戶端保存,但伺服器目前不處理任何事情。伺服器的未來庫版本將利用它。",
"revoke": "撤銷",
"save": "保存",
"scopes": "範圍",
"statistics": "統計",
"refresh": "刷新",
"scope": "範圍",
"users": "用戶",
"user": "用戶",
"roles": "角色",
"role": "角色",
"email": "電子郵箱",
"active": "已激活",
"inactive": "未激活"
},
"dynreg": {
"client-id-placeholder": "輸入客戶端ID",
"configuration-url": "客戶端配置URL",
"edit-dynamically-registered": "編輯動態註冊的客戶端",
"edit-existing": "編輯一個現有的客戶端",
"edit-existing-help": "用於編輯之前已註冊的客戶端。粘貼您的客戶端ID和註冊訪問令牌以便訪問該客戶端。",
"edit-existing-button": "編輯客戶端",
"invalid-access-token": "無效的客戶端或註冊訪問令牌。",
"new-client": "註冊新客戶端",
"new-client-help": "用於註冊新的客戶端。請提供客戶端ID和註冊訪問令牌以便管理您的客戶端。",
"new-client-button": "新建客戶端",
"regtoken-placeholder": "輸入註冊訪問令牌",
"warning": "<strong>警告!</strong>你必須保護好<b>客戶端ID </b><b>客戶密鑰(如果提供)</b>,以及您的<b>註冊訪問令牌</b>。如果你丟失了客戶端ID或註冊訪問令牌將無法訪問您的客戶端註冊記錄你需要註冊一個新客戶端。",
"will-be-generated": "當存儲客戶端資訊時將由伺服器自動生成"
},
"grant": {
"manage-approved-sites": "管理批准的網站",
"refresh": "刷新",
"grant-table": {
"active-tokens": "當前活躍的訪問令牌數量",
"application": "應用程式",
"approved-sites": "許可站點",
"authorized": "授權:",
"dynamically-registered": "這個客戶端是動態註冊的",
"expires": "到期:",
"last-accessed": "上次訪問:",
"never": "從未",
"no-sites": "還未批准任何網站。",
"no-whitelisted": "還未訪問任何白名單的網站。",
"pre-approved": "這些都是預先由管理員批准的網站。",
"text": "這些都是您已經手動批准的網站。如果同一網站將來要進行同樣的訪問,它將直接通過、且沒有提示。",
"unknown": "未知",
"whitelist-note": "<b>註:</b>如果你在此撤銷它們,它們將在您下次訪問時不經提示即被自動重新批准。",
"whitelisted-site": "這個網站由管理員列入白名單中",
"whitelisted-sites": "白名單的網站"
}
},
"rsreg": {
"resource-id-placeholder": "輸入資源ID",
"configuration-url": "客戶端配置URL",
"edit": "編輯受保護的資源",
"edit-existing": "編輯現有的保護資源",
"edit-existing-help": "用於編輯之前已註冊的資源。請使用您的客戶端ID和註冊訪問令牌來訪問資源的屬性。",
"edit-existing-button": "編輯資源",
"invalid-access-token": "無效的客戶端或註冊訪問令牌。",
"new-client": "註冊新的受保護資源",
"new-client-help": "用於註冊新的資源。請提供客戶端ID和註冊訪問令牌以便管理您的資源。",
"new-client-button": "新建資源",
"regtoken-placeholder": "輸入註冊訪問令牌",
"will-be-generated": "將生成",
"warning": "<strong>警告!</strong>你必須保護好<b>客戶端ID </b><b>客戶密鑰(如果提供)</b>,以及<b>註冊訪問令牌</b>。如果丟失了客戶端ID或註冊訪問令牌將無法獲得您客戶端的登記記錄你需要註冊一個新客戶端。",
"client-form": {
"scope-help": "這個資源能夠自省令牌的範圍。"
}
},
"scope": {
"manage": "管理系統範圍",
"scope-list": {
"no-scopes": "沒有範圍"
},
"system-scope-form": {
"default": "默認範圍",
"default-help": "新創建的用戶默認情況下獲得這個範圍?",
"description-help": "人類可讀的文本描述",
"description-placeholder": "輸入說明",
"restricted": "限制",
"restricted-help": "限制範圍衹能由系統管理員使用,可用動態註冊客戶和保護資源",
"edit": "編輯範圍",
"icon": "圖標",
"new": "新範圍",
"select-icon": "選擇圖標",
"structured": "是一個結構化的範圍",
"structured-help": "範圍結構化是否包含如<code>base:extension</code>的結構化值?",
"structured-param-help": "人類可讀的結構化參數描述",
"subject-type": "主體類型",
"value": "範圍值",
"value-help": "不含空格的單個字符串",
"value-placeholder": "範圍"
},
"system-scope-table": {
"confirm": "你確定要刪除此範圍?引用了此範圍的客戶端還需要它。",
"new": "新範圍",
"text": "尚未定義系統範圍。客戶還可自定義範圍。",
"tooltip-restricted": "此範圍衹能由管理員使用。它不能用於動態註冊。",
"tooltip-default": "這個範圍將自動分配給新註冊的客戶。"
}
},
"token": {
"manage": "管理活動的令牌",
"token-table": {
"access-tokens": "訪問令牌",
"associated-id": "這個訪問令牌附帶相關的身份令牌。",
"associated-refresh": "這個訪問令牌附帶相關的刷新令牌。",
"click-to-display": "點擊顯示完整的令牌值",
"confirm": "你確定要撤銷這個令牌?",
"confirm-refresh": "你確定要撤銷這個刷新令牌及其相關的訪問令牌?",
"expires": "過期",
"no-access": "沒有活動的訪問令牌。",
"no-refresh": "沒有活動的刷新令牌。",
"number-of-tokens": "關聯的訪問令牌數量",
"refresh-tokens": "刷新令牌",
"text": "訪問令牌通常是短暫的供客戶端訪問特定的資源。身份令牌是採用OpenID Connect協議登入的、專門的訪問令牌。",
"text-refresh": "刷新令牌通常是長期的,以便客戶端能無需用戶介入即可獲取新的訪問令牌。",
"token-info": "令牌的資訊"
}
},
"whitelist": {
"confirm": "你確定要刪除這個白名單項?",
"edit": "編輯白名單",
"manage": "管理列入白名單的網站",
"new": "新白名單",
"whitelist": "白名單",
"whitelist-form": {
"allowed-scopes": "允許範圍",
"edit": "編輯白名單的網站",
"new": "新增白名單網站",
"scope-help": "當客戶端發出請求列表時將自動批准的範圍",
"scope-placeholder": "新範圍"
},
"whitelist-table": {
"no-sites": "白名單列表為空。使用<strong>白名單</strong>按鈕在客戶端管理頁面創建一個。"
}
},
"blacklist": {
"text": "被拉黑的網站URI將無法用於註冊客戶端的重定向地址無論是在管理介面中添加、還是動態註冊都不行。",
"blacklist-uri-placeholder": "要拉黑的網站URI",
"add": "將網站URI加入黑名單",
"empty": "當前黑名單為空",
"uri": "URI"
},
"copyright": "基於<a href=\"https://github.com/mitreid-connect/\">MITREid Connect <span class=\"label\">{0}</span></a>技術構建 <span class=\"pull-right\">&copy; 2016 MITRE公司及MIT因特網信任聯盟</span>。",
"about": {
"title": "關於",
"body": "\n此OpenID Connect服務基於開源的MITREid Connect專案該專案來自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特網信任聯盟</a>。\n</p>\n<p>\n有關該專案的更多資訊可見 \n<a href=\"http://github.com/mitreid-connect/\">GitHub上的MITREid Connect專案</a>。 \n您可以在該網站報告bug、提交意見及代碼補丁。"
},
"statistics": {
"title": "統計",
"number_users": "用戶數: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
"number_clients": "授權的客戶端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
"number_approvals": "已批准的站點: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
},
"home": {
"title": "首頁",
"welcome": {
"title": "歡迎!",
"body": "\nOpenID Connect是適於因特網部署的身分聯邦認證伺服器基於OAuth2授權框架之上的OpenID Connect技術構建。\nOpenID Connect讓您無需暴露自己的用戶名、密碼即可便捷登入網站。</p>\n<p><a class=\"btn btn-primary btn-large\" href=\"http://openid.net/connect/\">在此瞭解更多詳情&raquo;</a>"
},
"more": "更多",
"about": {
"title": "關於",
"body": "本服務基於開源的MITREid Connect專案該專案來自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特網信任聯盟</a>。"
},
"contact": {
"title": "聯繫方式",
"body": "\n如需更多的資訊和支持請聯繫本系統的管理員。</p>\n<p><a class=\"btn\" href=\"mailto:idp@example.com?Subject=OpenID Connect\">電子信箱 &raquo;</a>"
},
"statistics": {
"title": "當前統計",
"loading": "加載……",
"number_users": "用戶數: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
"number_clients": "授權的客戶端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
"number_approvals": "已批准的站點: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
}
},
"contact": {
"title": "聯繫方式",
"body": "如果要報告有關MITREid Connect軟體自身的bug請拜訪\n<a href=\"https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues\">GitHub issue追蹤系統</a>。 \n有關當前伺服器的問題請聯繫伺服器的管理者。"
},
"topbar": {
"about": "關於",
"contact": "聯繫方式",
"statistics": "統計",
"home": "首頁",
"login": "登入",
"logout": "登出"
},
"sidebar": {
"administrative": {
"title": "管理",
"manage_clients": "管理客戶端",
"whitelisted_clients": "白名單",
"blacklisted_clients": "黑名單",
"system_scopes": "系統範圍"
},
"personal": {
"title": "個人",
"approved_sites": "管理批准的網站",
"active_tokens": "管理活動的令牌",
"profile_information": "查看用戶資訊"
},
"developer": {
"title": "開發者自助服務",
"client_registration": "客戶端註冊",
"resource_registration": "保護資源註冊"
}
},
"manage": {
"ok": "好的",
"loading": "加載",
"title": "管理控制檯"
},
"approve": {
"dynamically-registered-unknown": "在一個未知的時間",
"title": "批准訪問",
"error": {
"not_granted": "訪問可能不獲批准。"
},
"required_for": "有待批准",
"dynamically_registered": "此客戶端已被動態註冊了<span class=\"label label-info\" id=\"registrationTime\">{0}</span>次。",
"caution": {
"title": "注意",
"message": {
"none": "它之前<span class=\"label label-important\">從未</span>被批准。",
"singular": "它之前已被批准了<span class=\"label label-warning\">{0}</span>次。",
"plural": "它之前已被批准了<span class=\"label\">{0}</span>次。"
}
},
"more_information": "更多資訊",
"home_page": "主頁",
"policy": "政策",
"terms": "服務條款",
"contacts": "管理人員",
"warning": "警告",
"no_redirect_uri": "該客戶端沒有註冊任何重定向URI可能被使用惡意的URI。",
"redirect_uri": "如果點擊批准,您將被重定向至如下頁面: <code>{0}</code>",
"pairwise": "該客戶端使用<b>pairwise</b>標識符,這使得在不同站點間關聯身份變得稍加困難。",
"no_scopes": "該客戶端沒有註冊任何範圍,因此允許請求系統可用的<em>any</em>(任意)範圍。請務必謹慎處理。",
"access_to": "訪問",
"remember": {
"title": "記住這個決定",
"until_revoke": "記住這個決定直到我撤銷",
"one_hour": "記住該決定一個小時",
"next_time": "下次再提醒我"
},
"do_authorize": "是否授權",
"label": {
"authorize": "授權",
"deny": "拒絕"
}
},
"error": {
"title": "錯誤",
"header": "錯誤:",
"message": "在處理您的請求過程中發生了錯誤。伺服器日誌為:"
},
"login": {
"login_with_username_and_password": "請用您的用戶名和密碼登入",
"username": "用戶名",
"password": "密碼",
"login-button": "登入",
"error": "登入失敗,請重試。"
}
}
{
"admin": {
"blacklist": "黑名單",
"blacklist-form": {
"blacklisted-uris": "列入黑名單的URI"
},
"home": "首頁",
"list-widget": {
"empty": "此列表為空。",
"tooltip": "單擊顯示全部值。"
},
"manage-blacklist": "管理列入黑名單的客戶端",
"self-service-client": "自助服務-客戶端註冊",
"self-service-resource": "自助服務-受保護資源註冊",
"user-profile": {
"claim": "聲明項",
"show": "查看用戶資訊",
"text": "您的用戶資訊如下:",
"value": "內容"
}
},
"client": {
"client-form": {
"access": "訪問",
"access-token-no-timeout": "訪問令牌不時間",
"access-token-timeout": "訪問令牌超時",
"access-token-timeout-help": "輸入時間(秒、分鐘或小時)。",
"acr-values": "默認ACR值",
"acr-values-placeholder": "新的ACR值",
"acr-values-help": "用於請求該客戶端的默認身份驗證上下文參考",
"allow-introspection": "允許調用內省端點?",
"authentication-method": "令牌端點認證方法",
"authorization-code": "授權碼",
"client-credentials": "客戶端憑證",
"client-description": "描述",
"client-description-help": "人類可讀的文本描述",
"client-description-placeholder": "填入說明描述",
"client-id": "客戶端ID",
"client-id-help": "唯一標識符。如果不填則系統會自動生成一個。",
"client-id-placeholder": "輸入一些字符",
"client-name": "客戶端名稱",
"client-name-help": "人類可讀的應用程式名稱",
"client-name-placeholder": "輸入一些字符",
"client-secret": "客戶端密鑰",
"client-secret-placeholder": "輸入密鑰",
"contacts": "聯繫人",
"contacts-help": "此客戶端管理員的聯繫人名單。",
"contacts-placeholder": "新聯繫人",
"credentials": "憑據",
"crypto": {
"a128cbc-hs256": "複合認證加密算法採用密碼塊鏈CBC模式AES以PKCS #5填充完整性計算使用HMAC SHA-256並使用256位的CMK和128位CEK",
"a256cbc-hs512": "複合認證加密算法採用密碼塊鏈CBC模式AES以PKCS #5填充完整性計算使用HMAC SHA-512並使用512位的CMK和256位CEK",
"a128gcm": "AES GCM使用128位的密鑰",
"a256gcm": "AES GCM使用256位的密鑰",
"a128kw": "AES密鑰封裝算法使用128位的密鑰",
"a256kw": "AES密鑰封裝算法使用256位的密鑰",
"default": "使用伺服器默認",
"dir": "直接使用一個共享對稱密鑰作為塊加密的內容主密鑰CMK",
"ecdh-es": "橢圓曲線Diffie-Hellman短時靜態密鑰協議使用Concat KDF商定的密鑰被直接用作內容主密鑰CMK",
"ecdh-es-a128kw": "橢圓曲線Diffie-Hellman短時靜態密鑰協議使用ECDH-ES和第4.7小節但商定的密鑰是用以A128KW函數封裝內容主密鑰CMK",
"ecdh-es-a256kw": "橢圓曲線Diffie-Hellman短時靜態密鑰協議使用ECDH-ES和第4.7小節但商定的密鑰是用以A256KW函數封裝內容主密鑰CMK",
"none": "不加密",
"rsa-oaep": "RSAES使用最優不對稱加密填充OAEP",
"rsa1-5": "RSAES-PKCS1-V1_5"
},
"cryptography": "密碼",
"display-secret": "顯示/編輯客戶端密鑰:",
"edit": "編輯客戶端",
"generate-new-secret": "生成一個新的客戶端密鑰嗎?",
"generate-new-secret-help": "當點擊「保存」時生成新的密鑰",
"generate-on-save": "保存時生成",
"grant-types": "批准的類型",
"home": "主頁",
"home-help": "客戶端首頁的URL將顯示給用戶",
"hours": "小時",
"id": "ID",
"id-token-crypto-algorithm": "身份令牌加密算法",
"id-token-crypto-method": "身份令牌加密方法",
"id-token-signing-algorithm": "身份令牌簽名算法",
"id-token-timeout": "身份令牌超時",
"implicit": "隱式的",
"initiate-login": "初始化登入",
"initiate-login-help": "啟動登入客戶端的URL",
"introspection": "自省",
"jwk-set": "公鑰集",
"jwk-set-help": "客戶端JSON Web Key集的URL (須可被伺服器訪問)",
"jwk-set-value-help": "客戶端JSON Web Key集的URL (須可被伺服器訪問)",
"main": "首要",
"max-age": "默認最長有效時間",
"max-age-help": "再提示之前的默認最長會話有效時間",
"minutes": "分鐘",
"new": "新客戶端",
"other": "其它",
"pairwise": "Pairwise對",
"password": "密碼",
"policy": "政策聲明",
"policy-help": "此客戶端的政策聲明連接,將顯示給用戶",
"post-logout": "登出後重定向",
"post-logout-help": "客戶端登出操作後的重定向URL",
"public": "公共",
"redelegation": "重新授權",
"redirect-uris": "重定向URI",
"redirect-uris-help": "在授權頁面之後客戶端重定向URI",
"claims-redirect-uris": "聲明重定向URI",
"claims-redirect-uris-help": "在聲明採集步驟之後瀏覽器需重定向的目標URI",
"refresh": "刷新",
"refresh-tokens": "刷新令牌",
"refresh-tokens-issued": "為此客戶端發佈的刷新令牌",
"refresh-tokens-issued-help": "這將把 offline_access 加入客戶端的範圍。",
"refresh-tokens-reused": "此客戶端的刷新令牌被重用",
"clear-access-tokens": "當刷新令牌用過之後,已激活的訪問令牌自動失效",
"refresh-tokens-no-expire": "刷新令牌尚未過期",
"registered": "註冊於",
"registration-token": "註冊令牌:",
"registration-access-token": "註冊訪問令牌",
"registration-token-error": "無法為此客戶端下載註冊訪問令牌。",
"request-object-signing-algorithm": "請求對像簽名算法",
"request-uri": "請求的URI",
"request-uri-help": "URI包含此客戶端使用的請求對像",
"require-auth-time": "需要身份認證時間(auth_time)",
"require-auth-time-label": "總是需要在身份令牌中包含auth_time聲明",
"response-types": "回應類型",
"rotate-registration-token": "旋轉註冊令牌",
"rotate-registration-token-confirm": "你確定你想旋轉這個客戶端的登入令牌?",
"rotate-registration-token-error": "無法旋轉該客戶端的註冊訪問令牌。",
"saved": {
"no-secret": "沒有客戶端密鑰",
"saved": "客戶端已保存",
"secret": "密鑰:",
"show-secret": "顯示密鑰",
"unchanged": "不變"
},
"scope-placeholder": "新範圍",
"scope-help": "OAuth範圍允許客戶端請求",
"seconds": "秒",
"secret-asymmetric-jwt": "非對稱簽名JWT斷言",
"secret-http": "客戶端密鑰經由HTTP Basic",
"secret-none": "沒有認證",
"secret-post": "客戶端密鑰經由HTTP POST",
"secret-symmetric-jwt": "客戶端密鑰經由對稱簽名JWT斷言",
"sector-identifier": "扇區標識符URI",
"signing": {
"any": "允許",
"default": "使用伺服器默認",
"es256": "ECDSA採用P-256曲線和SHA-256哈希算法",
"es384": "ECDSA採用P-384曲線及SHA-384哈希算法",
"es512": "ECDSA採用P-512曲線及SHA-512哈希算法",
"hs256": "HMAC使用SHA-256哈希算法",
"hs384": "HMAC使用SHA-384哈希算法",
"hs512": "HMAC使用SHA-512哈希算法",
"none": "沒有數字簽名",
"rs256": "RSASSA使用SHA-256哈希算法",
"rs384": "RSASSA採用SHA-384哈希算法",
"rs512": "RSASSA使用SHA-512哈希算法",
"ps256": "採用SHA-256和MGF1的RSASSA-PSS算法",
"ps384": "採用SHA-384和MGF1的RSASSA-PSS算法",
"ps512": "採用SHA-512和MGF1的RSASSA-PSS算法"
},
"subject-type": "主體類型",
"terms": "服務條款",
"terms-help": "此客戶服務條款的URL將向用戶顯示",
"token-signing-algorithm": "令牌端點認證簽名算法",
"tokens": "令牌",
"type": "應用類型",
"type-native": "原生應用",
"type-web": "網絡應用",
"unknown": "(未知)",
"user-info-crypto-algorithm": "用戶資訊端點加密算法",
"user-info-crypto-method": "用戶資訊端點加密方法",
"user-info-signing-algorithm": "用戶資訊端點簽名算法"
},
"client-table": {
"allow-introspection-tooltip": "這個客戶端可以執行令牌自省",
"confirm": "你確定要刪除這個客戶端?",
"dynamically-registered-tooltip": "這個客戶端是動態註冊的。點擊查看註冊訪問令牌",
"match": {
"contacts": "聯繫人",
"description": "描述",
"homepage": "主頁",
"id": "身分",
"name": "名稱",
"policy": "政策",
"redirect": "重定向URI",
"scope": "範圍",
"terms": "服務條款"
},
"matched-search": "匹配搜索:",
"new": "新客戶端",
"no-clients": "此伺服器上沒有註冊的客戶端。",
"no-matches": "沒有匹配搜索條件的客戶端。",
"no-redirect": "沒有重定向URI",
"registered": "註冊於",
"search": "搜索……",
"whitelist": "白名單",
"unknown": "一個未知的時間"
},
"manage": "管理客戶端",
"more-info": {
"contacts": "管理員聯繫方式:",
"home": "主頁",
"more": "更多資訊",
"policy": "政策",
"terms": "服務條款:"
},
"newClient": "新客戶端"
},
"common": {
"cancel": "取消",
"client": "客戶端",
"clients": "客戶端",
"close": "關閉",
"delete": "刪除",
"description": "描述",
"dynamically-registered": "這個客戶端是動態註冊的",
"edit": "編輯",
"expires": "到期:",
"information": "資訊",
"new": "新建",
"not-yet-implemented": "未實現",
"not-yet-implemented-content": "這個字段的值將於客戶端保存,但伺服器目前不處理任何事情。伺服器的未來庫版本將利用它。",
"revoke": "撤銷",
"save": "保存",
"scopes": "範圍",
"statistics": "統計",
"refresh": "刷新",
"scope": "範圍",
"users": "用戶",
"user": "用戶",
"roles": "角色",
"role": "角色",
"email": "電子郵箱",
"active": "已激活",
"inactive": "未激活"
},
"dynreg": {
"client-id-placeholder": "輸入客戶端ID",
"configuration-url": "客戶端配置URL",
"edit-dynamically-registered": "編輯動態註冊的客戶端",
"edit-existing": "編輯一個現有的客戶端",
"edit-existing-help": "用於編輯之前已註冊的客戶端。粘貼您的客戶端ID和註冊訪問令牌以便訪問該客戶端。",
"edit-existing-button": "編輯客戶端",
"invalid-access-token": "無效的客戶端或註冊訪問令牌。",
"new-client": "註冊新客戶端",
"new-client-help": "用於註冊新的客戶端。請提供客戶端ID和註冊訪問令牌以便管理您的客戶端。",
"new-client-button": "新建客戶端",
"regtoken-placeholder": "輸入註冊訪問令牌",
"warning": "<strong>警告!</strong>你必須保護好<b>客戶端ID </b><b>客戶密鑰(如果提供)</b>,以及您的<b>註冊訪問令牌</b>。如果你丟失了客戶端ID或註冊訪問令牌將無法訪問您的客戶端註冊記錄你需要註冊一個新客戶端。",
"will-be-generated": "當存儲客戶端資訊時將由伺服器自動生成"
},
"grant": {
"manage-approved-sites": "管理批准的網站",
"refresh": "刷新",
"grant-table": {
"active-tokens": "當前活躍的訪問令牌數量",
"application": "應用程式",
"approved-sites": "許可站點",
"authorized": "授權:",
"dynamically-registered": "這個客戶端是動態註冊的",
"expires": "到期:",
"last-accessed": "上次訪問:",
"never": "從未",
"no-sites": "還未批准任何網站。",
"no-whitelisted": "還未訪問任何白名單的網站。",
"pre-approved": "這些都是預先由管理員批准的網站。",
"text": "這些都是您已經手動批准的網站。如果同一網站將來要進行同樣的訪問,它將直接通過、且沒有提示。",
"unknown": "未知",
"whitelist-note": "<b>註:</b>如果你在此撤銷它們,它們將在您下次訪問時不經提示即被自動重新批准。",
"whitelisted-site": "這個網站由管理員列入白名單中",
"whitelisted-sites": "白名單的網站"
}
},
"rsreg": {
"resource-id-placeholder": "輸入資源ID",
"configuration-url": "客戶端配置URL",
"edit": "編輯受保護的資源",
"edit-existing": "編輯現有的保護資源",
"edit-existing-help": "用於編輯之前已註冊的資源。請使用您的客戶端ID和註冊訪問令牌來訪問資源的屬性。",
"edit-existing-button": "編輯資源",
"invalid-access-token": "無效的客戶端或註冊訪問令牌。",
"new-client": "註冊新的受保護資源",
"new-client-help": "用於註冊新的資源。請提供客戶端ID和註冊訪問令牌以便管理您的資源。",
"new-client-button": "新建資源",
"regtoken-placeholder": "輸入註冊訪問令牌",
"will-be-generated": "將生成",
"warning": "<strong>警告!</strong>你必須保護好<b>客戶端ID </b><b>客戶密鑰(如果提供)</b>,以及<b>註冊訪問令牌</b>。如果丟失了客戶端ID或註冊訪問令牌將無法獲得您客戶端的登記記錄你需要註冊一個新客戶端。",
"client-form": {
"scope-help": "這個資源能夠自省令牌的範圍。"
}
},
"scope": {
"manage": "管理系統範圍",
"scope-list": {
"no-scopes": "沒有範圍"
},
"system-scope-form": {
"default": "默認範圍",
"default-help": "新創建的用戶默認情況下獲得這個範圍?",
"description-help": "人類可讀的文本描述",
"description-placeholder": "輸入說明",
"restricted": "限制",
"restricted-help": "限制範圍衹能由系統管理員使用,可用動態註冊客戶和保護資源",
"edit": "編輯範圍",
"icon": "圖標",
"new": "新範圍",
"select-icon": "選擇圖標",
"structured": "是一個結構化的範圍",
"structured-help": "範圍結構化是否包含如<code>base:extension</code>的結構化值?",
"structured-param-help": "人類可讀的結構化參數描述",
"subject-type": "主體類型",
"value": "範圍值",
"value-help": "不含空格的單個字符串",
"value-placeholder": "範圍"
},
"system-scope-table": {
"confirm": "你確定要刪除此範圍?引用了此範圍的客戶端還需要它。",
"new": "新範圍",
"text": "尚未定義系統範圍。客戶還可自定義範圍。",
"tooltip-restricted": "此範圍衹能由管理員使用。它不能用於動態註冊。",
"tooltip-default": "這個範圍將自動分配給新註冊的客戶。"
}
},
"token": {
"manage": "管理活動的令牌",
"token-table": {
"access-tokens": "訪問令牌",
"associated-id": "這個訪問令牌附帶相關的身份令牌。",
"associated-refresh": "這個訪問令牌附帶相關的刷新令牌。",
"click-to-display": "點擊顯示完整的令牌值",
"confirm": "你確定要撤銷這個令牌?",
"confirm-refresh": "你確定要撤銷這個刷新令牌及其相關的訪問令牌?",
"expires": "過期",
"no-access": "沒有活動的訪問令牌。",
"no-refresh": "沒有活動的刷新令牌。",
"number-of-tokens": "關聯的訪問令牌數量",
"refresh-tokens": "刷新令牌",
"text": "訪問令牌通常是短暫的供客戶端訪問特定的資源。身份令牌是採用OpenID Connect協議登入的、專門的訪問令牌。",
"text-refresh": "刷新令牌通常是長期的,以便客戶端能無需用戶介入即可獲取新的訪問令牌。",
"token-info": "令牌的資訊"
}
},
"whitelist": {
"confirm": "你確定要刪除這個白名單項?",
"edit": "編輯白名單",
"manage": "管理列入白名單的網站",
"new": "新白名單",
"whitelist": "白名單",
"whitelist-form": {
"allowed-scopes": "允許範圍",
"edit": "編輯白名單的網站",
"new": "新增白名單網站",
"scope-help": "當客戶端發出請求列表時將自動批准的範圍",
"scope-placeholder": "新範圍"
},
"whitelist-table": {
"no-sites": "白名單列表為空。使用<strong>白名單</strong>按鈕在客戶端管理頁面創建一個。"
}
},
"blacklist": {
"text": "被拉黑的網站URI將無法用於註冊客戶端的重定向地址無論是在管理介面中添加、還是動態註冊都不行。",
"blacklist-uri-placeholder": "要拉黑的網站URI",
"add": "將網站URI加入黑名單",
"empty": "當前黑名單為空",
"uri": "URI"
},
"copyright": "基於<a href=\"https://github.com/mitreid-connect/\">MITREid Connect <span class=\"label\">{0}</span></a>技術構建 <span class=\"pull-right\">&copy; 2016 MITRE公司及MIT因特網信任聯盟</span>。",
"about": {
"title": "關於",
"body": "\n此OpenID Connect服務基於開源的MITREid Connect專案該專案來自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特網信任聯盟</a>。\n</p>\n<p>\n有關該專案的更多資訊可見 \n<a href=\"http://github.com/mitreid-connect/\">GitHub上的MITREid Connect專案</a>。 \n您可以在該網站報告bug、提交意見及代碼補丁。"
},
"statistics": {
"title": "統計",
"number_users": "用戶數: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
"number_clients": "授權的客戶端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
"number_approvals": "已批准的站點: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
},
"home": {
"title": "首頁",
"welcome": {
"title": "歡迎!",
"body": "\nOpenID Connect是適於因特網部署的身分聯邦認證伺服器基於OAuth2授權框架之上的OpenID Connect技術構建。\nOpenID Connect讓您無需暴露自己的用戶名、密碼即可便捷登入網站。</p>\n<p><a class=\"btn btn-primary btn-large\" href=\"http://openid.net/connect/\">在此瞭解更多詳情&raquo;</a>"
},
"more": "更多",
"about": {
"title": "關於",
"body": "本服務基於開源的MITREid Connect專案該專案來自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特網信任聯盟</a>。"
},
"contact": {
"title": "聯繫方式",
"body": "\n如需更多的資訊和支持請聯繫本系統的管理員。</p>\n<p><a class=\"btn\" href=\"mailto:idp@example.com?Subject=OpenID Connect\">電子信箱 &raquo;</a>"
},
"statistics": {
"title": "當前統計",
"loading": "加載……",
"number_users": "用戶數: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
"number_clients": "授權的客戶端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
"number_approvals": "已批准的站點: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
}
},
"contact": {
"title": "聯繫方式",
"body": "如果要報告有關MITREid Connect軟體自身的bug請拜訪\n<a href=\"https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues\">GitHub issue追蹤系統</a>。 \n有關當前伺服器的問題請聯繫伺服器的管理者。"
},
"topbar": {
"about": "關於",
"contact": "聯繫方式",
"statistics": "統計",
"home": "首頁",
"login": "登入",
"logout": "登出"
},
"sidebar": {
"administrative": {
"title": "管理",
"manage_clients": "管理客戶端",
"whitelisted_clients": "白名單",
"blacklisted_clients": "黑名單",
"system_scopes": "系統範圍"
},
"personal": {
"title": "個人",
"approved_sites": "管理批准的網站",
"active_tokens": "管理活動的令牌",
"profile_information": "查看用戶資訊"
},
"developer": {
"title": "開發者自助服務",
"client_registration": "客戶端註冊",
"resource_registration": "保護資源註冊"
}
},
"manage": {
"ok": "好的",
"loading": "加載",
"title": "管理控制檯"
},
"approve": {
"dynamically-registered-unknown": "在一個未知的時間",
"title": "批准訪問",
"error": {
"not_granted": "訪問可能不獲批准。"
},
"required_for": "有待批准",
"dynamically_registered": "此客戶端已被動態註冊了<span class=\"label label-info\" id=\"registrationTime\">{0}</span>次。",
"caution": {
"title": "注意",
"message": {
"none": "它之前<span class=\"label label-important\">從未</span>被批准。",
"singular": "它之前已被批准了<span class=\"label label-warning\">{0}</span>次。",
"plural": "它之前已被批准了<span class=\"label\">{0}</span>次。"
}
},
"more_information": "更多資訊",
"home_page": "主頁",
"policy": "政策",
"terms": "服務條款",
"contacts": "管理人員",
"warning": "警告",
"no_redirect_uri": "該客戶端沒有註冊任何重定向URI可能被使用惡意的URI。",
"redirect_uri": "如果點擊批准,您將被重定向至如下頁面: <code>{0}</code>",
"pairwise": "該客戶端使用<b>pairwise</b>標識符,這使得在不同站點間關聯身份變得稍加困難。",
"no_scopes": "該客戶端沒有註冊任何範圍,因此允許請求系統可用的<em>any</em>(任意)範圍。請務必謹慎處理。",
"access_to": "訪問",
"remember": {
"title": "記住這個決定",
"until_revoke": "記住這個決定直到我撤銷",
"one_hour": "記住該決定一個小時",
"next_time": "下次再提醒我"
},
"do_authorize": "是否授權",
"label": {
"authorize": "授權",
"deny": "拒絕"
}
},
"error": {
"title": "錯誤",
"header": "錯誤:",
"message": "在處理您的請求過程中發生了錯誤。伺服器日誌為:"
},
"login": {
"login_with_username_and_password": "請用您的用戶名和密碼登入",
"username": "用戶名",
"password": "密碼",
"login-button": "登入",
"error": "登入失敗,請重試。"
}
}

14
openid-connect-server-webapp/src/main/webapp/resources/js/rsreg.js
View File

@ -21,7 +21,6 @@ var ResRegClient = Backbone.Model.extend({
client_secret: null,
client_name: null,
client_uri: null,
logo_uri: null,
contacts: [],
tos_uri: null,
token_endpoint_auth_method: null,
@ -194,7 +193,6 @@ var ResRegEditView = Backbone.View.extend({
"click .btn-save": "saveClient",
"click .btn-cancel": "cancel",
"click .btn-delete": "deleteClient",
"change #logoUri input": "previewLogo",
"change #tokenEndpointAuthMethod input:radio": "toggleClientCredentials",
"change #jwkSelector input:radio": "toggleJWKSetType"
},
@ -229,16 +227,6 @@ var ResRegEditView = Backbone.View.extend({
return false;
},
previewLogo: function() {
if ($('#logoUri input', this.el).val()) {
$('#logoPreview', this.el).empty();
$('#logoPreview', this.el).attr('src', $('#logoUri input', this.el).val());
} else {
// $('#logoBlock', this.el).hide();
$('#logoPreview', this.el).attr('src', 'resources/images/logo_placeholder.gif');
}
},
/**
* Set up the form based on the current state of the tokenEndpointAuthMethod
* parameter
@ -350,7 +338,6 @@ var ResRegEditView = Backbone.View.extend({
var attrs = {
client_name: $('#clientName input').val(),
logo_uri: $('#logoUri input').val(),
scope: scopes,
client_secret: null, // never send a client secret
tos_uri: $('#tosUri input').val(),
@ -455,7 +442,6 @@ var ResRegEditView = Backbone.View.extend({
this.listWidgetViews.push(contactView);
this.toggleClientCredentials();
this.previewLogo();
this.toggleJWKSetType();
// disable unsupported JOSE algorithms

18
openid-connect-server-webapp/src/main/webapp/resources/template/client.html
View File

@ -25,10 +25,6 @@
<td>
<div class="media">
<% if (client.logoUri) { %>
<span class="pull-left"><img class="media-object client-logo" src="api/clients/<%- client.id %>/logo"></span>
<% } %>
<div class="media-body">
<span class="clientid-substring" title="<%- client.clientId %> (click to display client ID)"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
</div>
@ -238,20 +234,6 @@
</div>
</div>
<div class="control-group" id="logoUri">
<label class="control-label" data-i18n="client.client-form.logo">Logo</label>
<div class="controls">
<input placeholder="https://" value="<%-client.logoUri ? client.logoUri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block" data-i18n="client.client-form.logo-help">URL that points to a logo image, will be displayed on approval page</p>
</div>
</div>
<div class="control-group" id="logoBlock">
<div class="controls">
<img src="resources/images/logo_placeholder.gif" alt="logo" id="logoPreview" width="275px" class="thumbnail" />
</div>
</div>
<div class="control-group" id="tosUri">
<label class="control-label" data-i18n="client.client-form.terms">Terms of Service</label>
<div class="controls">

14
openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html
View File

@ -154,20 +154,6 @@
</div>
</div>
<div class="control-group" id="logoUri">
<label class="control-label" data-i18n="client.client-form.logo">Logo</label>
<div class="controls">
<input placeholder="https://" value="<%-client.logo_uri ? client.logo_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block" data-i18n="client.client-form.logo-help">URL that points to a logo image, will be displayed on approval page</p>
</div>
</div>
<div class="control-group" id="logoBlock">
<div class="controls">
<img src="resources/images/logo_placeholder.gif" alt="logo" id="logoPreview" width="275px" class="thumbnail" />
</div>
</div>
<div class="control-group" id="tosUri">
<label class="control-label" data-i18n="client.client-form.terms">Terms of Service</label>
<div class="controls">

14
openid-connect-server-webapp/src/main/webapp/resources/template/rsreg.html
View File

@ -146,20 +146,6 @@
</div>
</div>
<div class="control-group" id="logoUri">
<label class="control-label" data-i18n="client.client-form.logo">Logo</label>
<div class="controls">
<input placeholder="https://" value="<%-client.logo_uri ? client.logo_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block" data-i18n="client.client-form.logo-help">URL that points to a logo image, will be displayed on approval page</p>
</div>
</div>
<div class="control-group" id="logoBlock">
<div class="controls">
<img src="resources/images/logo_placeholder.gif" alt="logo" id="logoPreview" width="275px" class="thumbnail" />
</div>
</div>
<div class="control-group" id="tosUri">
<label class="control-label" data-i18n="client.client-form.terms">Terms of Service</label>
<div class="controls">

51
openid-connect-server/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java
View File

@ -20,11 +20,20 @@
*/
package org.mitre.oauth2.model;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jwt.JWT;
import org.mitre.oauth2.model.convert.JWEAlgorithmStringConverter;
import org.mitre.oauth2.model.convert.JWEEncryptionMethodStringConverter;
import org.mitre.oauth2.model.convert.JWKSetStringConverter;
import org.mitre.oauth2.model.convert.JWSAlgorithmStringConverter;
import org.mitre.oauth2.model.convert.JWTStringConverter;
import org.mitre.oauth2.model.convert.PKCEAlgorithmStringConverter;
import org.mitre.oauth2.model.convert.SimpleGrantedAuthorityStringConverter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.provider.ClientDetails;
import javax.persistence.Basic;
import javax.persistence.CollectionTable;
@ -47,22 +56,11 @@ import javax.persistence.Table;
import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import javax.persistence.Transient;
import org.mitre.oauth2.model.convert.JWEAlgorithmStringConverter;
import org.mitre.oauth2.model.convert.JWEEncryptionMethodStringConverter;
import org.mitre.oauth2.model.convert.JWKSetStringConverter;
import org.mitre.oauth2.model.convert.JWSAlgorithmStringConverter;
import org.mitre.oauth2.model.convert.JWTStringConverter;
import org.mitre.oauth2.model.convert.PKCEAlgorithmStringConverter;
import org.mitre.oauth2.model.convert.SimpleGrantedAuthorityStringConverter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.oauth2.provider.ClientDetails;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jwt.JWT;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
/**
* @author jricher
@ -91,7 +89,6 @@ public class ClientDetailsEntity implements ClientDetails {
private Set<String> redirectUris = new HashSet<>();
private String clientName;
private String clientUri;
private String logoUri;
private Set<String> contacts;
private String tosUri;
private AuthMethod tokenEndpointAuthMethod = AuthMethod.SECRET_BASIC;
@ -488,16 +485,6 @@ public class ClientDetailsEntity implements ClientDetails {
this.contacts = contacts;
}
@Basic
@Column(name="logo_uri")
public String getLogoUri() {
return logoUri;
}
public void setLogoUri(String logoUri) {
this.logoUri = logoUri;
}
@Basic
@Column(name="policy_uri")
public String getPolicyUri() {

25
openid-connect-server/src/main/java/org/mitre/oauth2/model/RegisteredClient.java
View File

@ -20,21 +20,20 @@
*/
package org.mitre.oauth2.model;
import java.util.Date;
import java.util.Map;
import java.util.Set;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
import org.springframework.security.core.GrantedAuthority;
import com.google.gson.JsonObject;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jwt.JWT;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
import org.springframework.security.core.GrantedAuthority;
import java.util.Date;
import java.util.Map;
import java.util.Set;
/**
* @author jricher
@ -246,14 +245,6 @@ public class RegisteredClient {
client.setContacts(contacts);
}
public String getLogoUri() {
return client.getLogoUri();
}
public void setLogoUri(String logoUri) {
client.setLogoUri(logoUri);
}
public String getPolicyUri() {
return client.getPolicyUri();
}

39
openid-connect-server/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java
View File

@ -21,25 +21,6 @@
package org.mitre.openid.connect;
import static org.mitre.util.JsonUtils.getAsArray;
import static org.mitre.util.JsonUtils.getAsDate;
import static org.mitre.util.JsonUtils.getAsJweAlgorithm;
import static org.mitre.util.JsonUtils.getAsJweEncryptionMethod;
import static org.mitre.util.JsonUtils.getAsJwsAlgorithm;
import static org.mitre.util.JsonUtils.getAsPkceAlgorithm;
import static org.mitre.util.JsonUtils.getAsString;
import static org.mitre.util.JsonUtils.getAsStringSet;
import java.text.ParseException;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
import org.mitre.oauth2.model.RegisteredClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.google.common.base.Joiner;
import com.google.common.base.Splitter;
import com.google.common.base.Strings;
@ -50,6 +31,15 @@ import com.google.gson.JsonParser;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTParser;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
import org.mitre.oauth2.model.RegisteredClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.text.ParseException;
import static org.mitre.oauth2.model.RegisteredClientFields.APPLICATION_TYPE;
import static org.mitre.oauth2.model.RegisteredClientFields.CLAIMS_REDIRECT_URIS;
@ -70,7 +60,6 @@ import static org.mitre.oauth2.model.RegisteredClientFields.ID_TOKEN_SIGNED_RESP
import static org.mitre.oauth2.model.RegisteredClientFields.INITIATE_LOGIN_URI;
import static org.mitre.oauth2.model.RegisteredClientFields.JWKS;
import static org.mitre.oauth2.model.RegisteredClientFields.JWKS_URI;
import static org.mitre.oauth2.model.RegisteredClientFields.LOGO_URI;
import static org.mitre.oauth2.model.RegisteredClientFields.POLICY_URI;
import static org.mitre.oauth2.model.RegisteredClientFields.POST_LOGOUT_REDIRECT_URIS;
import static org.mitre.oauth2.model.RegisteredClientFields.REDIRECT_URIS;
@ -93,6 +82,14 @@ import static org.mitre.oauth2.model.RegisteredClientFields.TOS_URI;
import static org.mitre.oauth2.model.RegisteredClientFields.USERINFO_ENCRYPTED_RESPONSE_ALG;
import static org.mitre.oauth2.model.RegisteredClientFields.USERINFO_ENCRYPTED_RESPONSE_ENC;
import static org.mitre.oauth2.model.RegisteredClientFields.USERINFO_SIGNED_RESPONSE_ALG;
import static org.mitre.util.JsonUtils.getAsArray;
import static org.mitre.util.JsonUtils.getAsDate;
import static org.mitre.util.JsonUtils.getAsJweAlgorithm;
import static org.mitre.util.JsonUtils.getAsJweEncryptionMethod;
import static org.mitre.util.JsonUtils.getAsJwsAlgorithm;
import static org.mitre.util.JsonUtils.getAsPkceAlgorithm;
import static org.mitre.util.JsonUtils.getAsString;
import static org.mitre.util.JsonUtils.getAsStringSet;
/**
* Utility class to handle the parsing and serialization of ClientDetails objects.
@ -124,7 +121,6 @@ public class ClientDetailsEntityJsonProcessor {
c.setRedirectUris(getAsStringSet(o, REDIRECT_URIS));
c.setClientName(getAsString(o, CLIENT_NAME));
c.setClientUri(getAsString(o, CLIENT_URI));
c.setLogoUri(getAsString(o, LOGO_URI));
c.setContacts(getAsStringSet(o, CONTACTS));
c.setTosUri(getAsString(o, TOS_URI));
@ -301,7 +297,6 @@ public class ClientDetailsEntityJsonProcessor {
o.add(REDIRECT_URIS, getAsArray(c.getRedirectUris()));
o.addProperty(CLIENT_NAME, c.getClientName());
o.addProperty(CLIENT_URI, c.getClientUri());
o.addProperty(LOGO_URI, c.getLogoUri());
o.add(CONTACTS, getAsArray(c.getContacts()));
o.addProperty(TOS_URI, c.getTosUri());
o.addProperty(TOKEN_ENDPOINT_AUTH_METHOD, c.getTokenEndpointAuthMethod() != null ? c.getTokenEndpointAuthMethod().getValue() : null);

52
openid-connect-server/src/main/java/org/mitre/openid/connect/model/CachedImage.java
View File

@ -1,52 +0,0 @@
/*******************************************************************************
* Copyright 2018 The MIT Internet Trust Consortium
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*******************************************************************************/
package org.mitre.openid.connect.model;
/**
* @author jricher
*/
public class CachedImage {
private byte[] data;
private String contentType;
private long length;
public byte[] getData() {
return data;
}
public void setData(byte[] data) {
this.data = data;
}
public String getContentType() {
return contentType;
}
public void setContentType(String contentType) {
this.contentType = contentType;
}
public long getLength() {
return length;
}
public void setLength(long length) {
this.length = length;
}
}

34
openid-connect-server/src/main/java/org/mitre/openid/connect/service/ClientLogoLoadingService.java
View File

@ -1,34 +0,0 @@
/*******************************************************************************
* Copyright 2018 The MIT Internet Trust Consortium
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*******************************************************************************/
package org.mitre.openid.connect.service;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.openid.connect.model.CachedImage;
/**
* @author jricher
*
*/
public interface ClientLogoLoadingService {
/**
* @param client
* @return
*/
CachedImage getLogo(ClientDetailsEntity client);
}

122
openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/InMemoryClientLogoLoadingService.java
View File

@ -1,122 +0,0 @@
/*******************************************************************************
* Copyright 2018 The MIT Internet Trust Consortium
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*******************************************************************************/
package org.mitre.openid.connect.service.impl;
import java.io.IOException;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import org.apache.commons.io.IOUtils;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.HttpClientBuilder;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.openid.connect.model.CachedImage;
import org.mitre.openid.connect.service.ClientLogoLoadingService;
import org.springframework.stereotype.Service;
import com.google.common.base.Strings;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
import com.google.common.util.concurrent.UncheckedExecutionException;
/**
* @author jricher
*
*/
@Service("inMemoryClientLogoLoadingService")
public class InMemoryClientLogoLoadingService implements ClientLogoLoadingService {
private LoadingCache<ClientDetailsEntity, CachedImage> cache;
public InMemoryClientLogoLoadingService() {
this(HttpClientBuilder.create().useSystemProperties().build());
}
/**
*
*/
public InMemoryClientLogoLoadingService(HttpClient httpClient) {
cache = CacheBuilder.newBuilder()
.maximumSize(100)
.expireAfterAccess(14, TimeUnit.DAYS)
.build(new ClientLogoFetcher(httpClient));
}
/* (non-Javadoc)
* @see org.mitre.openid.connect.service.ClientLogoLoadingService#getLogo(org.mitre.oauth2.model.ClientDetailsEntity)
*/
@Override
public CachedImage getLogo(ClientDetailsEntity client) {
try {
if (client != null && !Strings.isNullOrEmpty(client.getLogoUri())) {
return cache.get(client);
} else {
return null;
}
} catch (UncheckedExecutionException | ExecutionException e) {
return null;
}
}
/**
* @author jricher
*
*/
public class ClientLogoFetcher extends CacheLoader<ClientDetailsEntity, CachedImage> {
private HttpClient httpClient;
public ClientLogoFetcher() {
this(HttpClientBuilder.create().useSystemProperties().build());
}
public ClientLogoFetcher(HttpClient httpClient) {
this.httpClient = httpClient;
}
/* (non-Javadoc)
* @see com.google.common.cache.CacheLoader#load(java.lang.Object)
*/
@Override
public CachedImage load(ClientDetailsEntity key) throws Exception {
try {
HttpResponse response = httpClient.execute(new HttpGet(key.getLogoUri()));
HttpEntity entity = response.getEntity();
CachedImage image = new CachedImage();
image.setContentType(entity.getContentType().getValue());
image.setLength(entity.getContentLength());
image.setData(IOUtils.toByteArray(entity.getContent()));
return image;
} catch (IOException e) {
throw new IllegalArgumentException("Unable to load client image.");
}
}
}
}

112
openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java
View File

@ -17,49 +17,6 @@
*******************************************************************************/
package org.mitre.openid.connect.web;
import java.lang.reflect.Type;
import java.sql.SQLIntegrityConstraintViolationException;
import java.text.ParseException;
import java.util.Collection;
import javax.persistence.PersistenceException;
import org.eclipse.persistence.exceptions.DatabaseException;
import org.mitre.jwt.assertion.AssertionValidator;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
import org.mitre.oauth2.model.PKCEAlgorithm;
import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.oauth2.web.AuthenticationUtilities;
import org.mitre.openid.connect.exception.ValidationException;
import org.mitre.openid.connect.model.CachedImage;
import org.mitre.openid.connect.service.ClientLogoLoadingService;
import org.mitre.openid.connect.view.ClientEntityViewForAdmins;
import org.mitre.openid.connect.view.ClientEntityViewForUsers;
import org.mitre.openid.connect.view.HttpCodeView;
import org.mitre.openid.connect.view.JsonEntityView;
import org.mitre.openid.connect.view.JsonErrorView;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
import com.google.common.base.Strings;
import com.google.common.collect.Sets;
import com.google.gson.Gson;
@ -79,6 +36,43 @@ import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.JWTParser;
import org.eclipse.persistence.exceptions.DatabaseException;
import org.mitre.jwt.assertion.AssertionValidator;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod;
import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType;
import org.mitre.oauth2.model.PKCEAlgorithm;
import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.oauth2.web.AuthenticationUtilities;
import org.mitre.openid.connect.exception.ValidationException;
import org.mitre.openid.connect.view.ClientEntityViewForAdmins;
import org.mitre.openid.connect.view.ClientEntityViewForUsers;
import org.mitre.openid.connect.view.HttpCodeView;
import org.mitre.openid.connect.view.JsonEntityView;
import org.mitre.openid.connect.view.JsonErrorView;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
import javax.persistence.PersistenceException;
import java.lang.reflect.Type;
import java.sql.SQLIntegrityConstraintViolationException;
import java.text.ParseException;
import java.util.Collection;
import static org.mitre.oauth2.model.RegisteredClientFields.APPLICATION_TYPE;
import static org.mitre.oauth2.model.RegisteredClientFields.CLAIMS_REDIRECT_URIS;
@ -98,7 +92,6 @@ import static org.mitre.oauth2.model.RegisteredClientFields.ID_TOKEN_SIGNED_RESP
import static org.mitre.oauth2.model.RegisteredClientFields.INITIATE_LOGIN_URI;
import static org.mitre.oauth2.model.RegisteredClientFields.JWKS;
import static org.mitre.oauth2.model.RegisteredClientFields.JWKS_URI;
import static org.mitre.oauth2.model.RegisteredClientFields.LOGO_URI;
import static org.mitre.oauth2.model.RegisteredClientFields.POLICY_URI;
import static org.mitre.oauth2.model.RegisteredClientFields.POST_LOGOUT_REDIRECT_URIS;
import static org.mitre.oauth2.model.RegisteredClientFields.REDIRECT_URIS;
@ -133,9 +126,6 @@ public class ClientAPI {
@Autowired
private ClientDetailsEntityService clientService;
@Autowired
private ClientLogoLoadingService clientLogoLoadingService;
@Autowired
@Qualifier("clientAssertionValidator")
private AssertionValidator assertionValidator;
@ -506,31 +496,6 @@ public class ClientAPI {
}
}
/**
* Get the logo image for a client
* @param id
*/
@RequestMapping(value = "/{id}/logo", method=RequestMethod.GET, produces = { MediaType.IMAGE_GIF_VALUE, MediaType.IMAGE_JPEG_VALUE, MediaType.IMAGE_PNG_VALUE })
public ResponseEntity<byte[]> getClientLogo(@PathVariable("id") Long id, Model model) {
ClientDetailsEntity client = clientService.getClientById(id);
if (client == null) {
return new ResponseEntity<>(HttpStatus.NOT_FOUND);
} else if (Strings.isNullOrEmpty(client.getLogoUri())) {
return new ResponseEntity<>(HttpStatus.NOT_FOUND);
} else {
// get the image from cache
CachedImage image = clientLogoLoadingService.getLogo(client);
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.parseMediaType(image.getContentType()));
headers.setContentLength(image.getLength());
return new ResponseEntity<>(image.getData(), headers, HttpStatus.OK);
}
}
private ClientDetailsEntity validateSoftwareStatement(ClientDetailsEntity newClient) throws ValidationException {
if (newClient.getSoftwareStatement() != null) {
if (assertionValidator.isValid(newClient.getSoftwareStatement())) {
@ -632,9 +597,6 @@ public class ClientAPI {
case CONTACTS:
newClient.setContacts(Sets.newHashSet(claimSet.getStringListClaim(claim)));
break;
case LOGO_URI:
newClient.setLogoUri(claimSet.getStringClaim(claim));
break;
case CLIENT_URI:
newClient.setClientUri(claimSet.getStringClaim(claim));
break;

35
openid-connect-server/src/main/java/org/mitre/openid/connect/web/DynamicClientRegistrationEndpoint.java
View File

@ -17,13 +17,15 @@
*******************************************************************************/
package org.mitre.openid.connect.web;
import java.io.UnsupportedEncodingException;
import java.text.ParseException;
import java.util.Date;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Sets;
import com.google.gson.JsonSyntaxException;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jwt.JWTClaimsSet;
import org.mitre.jwt.assertion.AssertionValidator;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.ClientDetailsEntity.AppType;
@ -61,15 +63,12 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.util.UriUtils;
import com.google.common.base.Strings;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Sets;
import com.google.gson.JsonSyntaxException;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jwt.JWTClaimsSet;
import java.io.UnsupportedEncodingException;
import java.text.ParseException;
import java.util.Date;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import static org.mitre.oauth2.model.RegisteredClientFields.APPLICATION_TYPE;
import static org.mitre.oauth2.model.RegisteredClientFields.CLAIMS_REDIRECT_URIS;
@ -89,7 +88,6 @@ import static org.mitre.oauth2.model.RegisteredClientFields.ID_TOKEN_SIGNED_RESP
import static org.mitre.oauth2.model.RegisteredClientFields.INITIATE_LOGIN_URI;
import static org.mitre.oauth2.model.RegisteredClientFields.JWKS;
import static org.mitre.oauth2.model.RegisteredClientFields.JWKS_URI;
import static org.mitre.oauth2.model.RegisteredClientFields.LOGO_URI;
import static org.mitre.oauth2.model.RegisteredClientFields.POLICY_URI;
import static org.mitre.oauth2.model.RegisteredClientFields.POST_LOGOUT_REDIRECT_URIS;
import static org.mitre.oauth2.model.RegisteredClientFields.REDIRECT_URIS;
@ -712,9 +710,6 @@ public class DynamicClientRegistrationEndpoint {
case CONTACTS:
newClient.setContacts(Sets.newHashSet(claimSet.getStringListClaim(claim)));
break;
case LOGO_URI:
newClient.setLogoUri(claimSet.getStringClaim(claim));
break;
case CLIENT_URI:
newClient.setClientUri(claimSet.getStringClaim(claim));
break;

9
openid-connect-server/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java
View File

@ -20,13 +20,12 @@
*/
package org.mitre.oauth2.model;
import java.util.Date;
import org.junit.Test;
import com.google.common.collect.ImmutableSet;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import org.junit.Test;
import java.util.Date;
import static org.junit.Assert.assertEquals;
@ -50,7 +49,6 @@ public class ClientDetailsEntityTest {
c.setApplicationType(ClientDetailsEntity.AppType.WEB);
c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"));
c.setClientName("My Example");
c.setLogoUri("https://client.example.org/logo.png");
c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE);
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
@ -67,7 +65,6 @@ public class ClientDetailsEntityTest {
assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType());
assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris());
assertEquals("My Example", c.getClientName());
assertEquals("https://client.example.org/logo.png", c.getLogoUri());
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType());
assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri());
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod());

15
openid-connect-server/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java
View File

@ -20,13 +20,12 @@
*/
package org.mitre.oauth2.model;
import java.sql.Date;
import org.junit.Test;
import com.google.common.collect.ImmutableSet;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import org.junit.Test;
import java.sql.Date;
import static org.junit.Assert.assertEquals;
@ -54,7 +53,6 @@ public class RegisteredClientTest {
c.setApplicationType(ClientDetailsEntity.AppType.WEB);
c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"));
c.setClientName("My Example");
c.setLogoUri("https://client.example.org/logo.png");
c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE);
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
@ -72,7 +70,6 @@ public class RegisteredClientTest {
assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType());
assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris());
assertEquals("My Example", c.getClientName());
assertEquals("https://client.example.org/logo.png", c.getLogoUri());
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType());
assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri());
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod());
@ -95,7 +92,7 @@ public class RegisteredClientTest {
c.setApplicationType(ClientDetailsEntity.AppType.WEB);
c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"));
c.setClientName("My Example");
c.setLogoUri("https://client.example.org/logo.png");
c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE);
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
@ -120,7 +117,6 @@ public class RegisteredClientTest {
assertEquals(ClientDetailsEntity.AppType.WEB, rc.getApplicationType());
assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), rc.getRedirectUris());
assertEquals("My Example", rc.getClientName());
assertEquals("https://client.example.org/logo.png", rc.getLogoUri());
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, rc.getSubjectType());
assertEquals("https://other.example.net/file_of_redirect_uris.json", rc.getSectorIdentifierUri());
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, rc.getTokenEndpointAuthMethod());
@ -143,7 +139,7 @@ public class RegisteredClientTest {
c.setApplicationType(ClientDetailsEntity.AppType.WEB);
c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"));
c.setClientName("My Example");
c.setLogoUri("https://client.example.org/logo.png");
c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE);
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
@ -164,7 +160,6 @@ public class RegisteredClientTest {
assertEquals(ClientDetailsEntity.AppType.WEB, rc.getApplicationType());
assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), rc.getRedirectUris());
assertEquals("My Example", rc.getClientName());
assertEquals("https://client.example.org/logo.png", rc.getLogoUri());
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, rc.getSubjectType());
assertEquals("https://other.example.net/file_of_redirect_uris.json", rc.getSectorIdentifierUri());
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, rc.getTokenEndpointAuthMethod());

15
openid-connect-server/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java
View File

@ -20,17 +20,16 @@
*/
package org.mitre.openid.connect;
import java.sql.Date;
import org.junit.Test;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.RegisteredClient;
import com.google.common.collect.ImmutableSet;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import org.junit.Test;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.RegisteredClient;
import java.sql.Date;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
@ -75,7 +74,6 @@ public class ClientDetailsEntityJsonProcessorTest {
assertEquals("My Example", c.getClientName());
assertEquals(ImmutableSet.of("code", "token"), c.getResponseTypes());
assertEquals(ImmutableSet.of("authorization_code", "implicit"), c.getGrantTypes());
assertEquals("https://client.example.org/logo.png", c.getLogoUri());
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType());
assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri());
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod());
@ -137,7 +135,6 @@ public class ClientDetailsEntityJsonProcessorTest {
assertEquals("My Example", c.getClientName());
assertEquals(ImmutableSet.of("code", "token"), c.getResponseTypes());
assertEquals(ImmutableSet.of("authorization_code", "implicit"), c.getGrantTypes());
assertEquals("https://client.example.org/logo.png", c.getLogoUri());
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType());
assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri());
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod());
@ -166,7 +163,6 @@ public class ClientDetailsEntityJsonProcessorTest {
c.setClientName("My Example");
c.setResponseTypes(ImmutableSet.of("code", "token"));
c.setGrantTypes(ImmutableSet.of("authorization_code", "implicit"));
c.setLogoUri("https://client.example.org/logo.png");
c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE);
c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json");
c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC);
@ -194,7 +190,6 @@ public class ClientDetailsEntityJsonProcessorTest {
for (JsonElement e : j.get("grant_types").getAsJsonArray()) {
assertTrue(ImmutableSet.of("authorization_code", "implicit").contains(e.getAsString()));
}
assertEquals("https://client.example.org/logo.png", j.get("logo_uri").getAsString());
assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE.getValue(), j.get("subject_type").getAsString());
assertEquals("https://other.example.net/file_of_redirect_uris.json", j.get("sector_identifier_uri").getAsString());
assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC.getValue(), j.get("token_endpoint_auth_method").getAsString());