From 775e2e8b6a384a2f6b7efc063193e961868bc0cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Franti=C5=A1ek=20Bu=C4=8D=C3=ADk?= Date: Wed, 1 Sep 2021 14:24:24 +0200 Subject: [PATCH] =?UTF-8?q?refactor:=20=F0=9F=92=A1=20Remove=20logos=20fro?= =?UTF-8?q?m=20clients=20(#23)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit DB update can be done - drop column logo_uri from clients BREAKING CHANGE: 🧨 Removed logo from clients --- .../db/hsql/hsql_database_tables.sql | 1 - .../db/mysql/mysql_database_tables.sql | 1 - .../db/oracle/oracle_database_tables.sql | 1 - .../db/psql/psql_database_tables.sql | 1 - .../src/main/webapp/WEB-INF/views/approve.jsp | 32 - .../webapp/WEB-INF/views/approveDevice.jsp | 32 - .../webapp/resources/css/mitreid-connect.css | 6 - .../src/main/webapp/resources/js/client.js | 17 - .../src/main/webapp/resources/js/dynreg.js | 14 - .../resources/js/locale/en/messages.json | 3 - .../resources/js/locale/fr/messages.json | 2 - .../resources/js/locale/sv/messages.json | 5 +- .../resources/js/locale/zh/messages.json | 977 +++++++++--------- .../resources/js/locale/zh_CN/messages.json | 977 +++++++++--------- .../resources/js/locale/zh_TW/messages.json | 977 +++++++++--------- .../src/main/webapp/resources/js/rsreg.js | 14 - .../webapp/resources/template/client.html | 18 - .../webapp/resources/template/dynreg.html | 14 - .../main/webapp/resources/template/rsreg.html | 14 - .../oauth2/model/ClientDetailsEntity.java | 51 +- .../mitre/oauth2/model/RegisteredClient.java | 25 +- .../ClientDetailsEntityJsonProcessor.java | 39 +- .../openid/connect/model/CachedImage.java | 52 - .../service/ClientLogoLoadingService.java | 34 - .../InMemoryClientLogoLoadingService.java | 122 --- .../mitre/openid/connect/web/ClientAPI.java | 112 +- .../DynamicClientRegistrationEndpoint.java | 35 +- .../oauth2/model/ClientDetailsEntityTest.java | 9 +- .../oauth2/model/RegisteredClientTest.java | 15 +- .../ClientDetailsEntityJsonProcessorTest.java | 15 +- 30 files changed, 1571 insertions(+), 2044 deletions(-) delete mode 100644 openid-connect-server/src/main/java/org/mitre/openid/connect/model/CachedImage.java delete mode 100644 openid-connect-server/src/main/java/org/mitre/openid/connect/service/ClientLogoLoadingService.java delete mode 100644 openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/InMemoryClientLogoLoadingService.java diff --git a/openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_tables.sql b/openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_tables.sql index 2a0175629..d201fd123 100644 --- a/openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_tables.sql +++ b/openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_tables.sql @@ -143,7 +143,6 @@ CREATE TABLE IF NOT EXISTS client_details ( token_endpoint_auth_method VARCHAR(256), subject_type VARCHAR(256), - logo_uri VARCHAR(2048), policy_uri VARCHAR(2048), client_uri VARCHAR(2048), tos_uri VARCHAR(2048), diff --git a/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_tables.sql b/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_tables.sql index 7e00cc876..0ead95dd0 100644 --- a/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_tables.sql +++ b/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_tables.sql @@ -142,7 +142,6 @@ CREATE TABLE IF NOT EXISTS client_details ( token_endpoint_auth_method VARCHAR(256), subject_type VARCHAR(256), - logo_uri VARCHAR(2048), policy_uri VARCHAR(2048), client_uri VARCHAR(2048), tos_uri VARCHAR(2048), diff --git a/openid-connect-server-webapp/src/main/resources/db/oracle/oracle_database_tables.sql b/openid-connect-server-webapp/src/main/resources/db/oracle/oracle_database_tables.sql index 9f430adac..7ebaa2644 100644 --- a/openid-connect-server-webapp/src/main/resources/db/oracle/oracle_database_tables.sql +++ b/openid-connect-server-webapp/src/main/resources/db/oracle/oracle_database_tables.sql @@ -153,7 +153,6 @@ CREATE TABLE client_details ( token_endpoint_auth_method VARCHAR2(256), subject_type VARCHAR2(256), - logo_uri VARCHAR2(2048), policy_uri VARCHAR2(2048), client_uri VARCHAR2(2048), tos_uri VARCHAR2(2048), diff --git a/openid-connect-server-webapp/src/main/resources/db/psql/psql_database_tables.sql b/openid-connect-server-webapp/src/main/resources/db/psql/psql_database_tables.sql index be871b7e8..507b9ccca 100644 --- a/openid-connect-server-webapp/src/main/resources/db/psql/psql_database_tables.sql +++ b/openid-connect-server-webapp/src/main/resources/db/psql/psql_database_tables.sql @@ -143,7 +143,6 @@ CREATE TABLE IF NOT EXISTS client_details ( token_endpoint_auth_method VARCHAR(256), subject_type VARCHAR(256), - logo_uri VARCHAR(2048), policy_uri VARCHAR(2048), client_uri VARCHAR(2048), tos_uri VARCHAR(2048), diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp index 6526fb842..32e2a3dba 100644 --- a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp +++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp @@ -82,38 +82,6 @@ - - - - -
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approveDevice.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approveDevice.jsp index 162170311..a1c70aa66 100644 --- a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approveDevice.jsp +++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approveDevice.jsp @@ -82,38 +82,6 @@ - -
    -
  • - -
    • -
- - -
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect.css b/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect.css index 21d823f22..15afc24cd 100644 --- a/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect.css +++ b/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect.css @@ -187,12 +187,6 @@ h1,label { height: 20px; } -/* Client table images */ -.client-logo { - max-width: 64px; - max-height: 64px -} - /* Modal and sheet fight for the same z-index otherwise */ .modal-backdrop { z-index: 2040; diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/client.js b/openid-connect-server-webapp/src/main/webapp/resources/js/client.js index bc3c7b55f..891f1a4ed 100644 --- a/openid-connect-server-webapp/src/main/webapp/resources/js/client.js +++ b/openid-connect-server-webapp/src/main/webapp/resources/js/client.js @@ -40,7 +40,6 @@ var ClientModel = Backbone.Model.extend({ redirectUris: [], clientName: null, clientUri: null, - logoUri: null, contacts: [], tosUri: null, tokenEndpointAuthMethod: null, @@ -131,9 +130,6 @@ var ClientModel = Backbone.Model.extend({ if (this.get('tosUri') != null && this.get('tosUri').toLowerCase().indexOf(term.toLowerCase()) != -1) { matches.push($.t('client.client-table.match.terms')); } - if (this.get('logoUri') != null && this.get('logoUri').toLowerCase().indexOf(term.toLowerCase()) != -1) { - matches.push($.t('client.client-table.match.logo')); - } if (this.get('contacts') != null) { var f = _.filter(this.get('contacts'), function(item) { return item.toLowerCase().indexOf(term.toLowerCase()) != -1; @@ -720,7 +716,6 @@ var ClientFormView = Backbone.View.extend({ "change #tokenEndpointAuthMethod input:radio": "toggleClientCredentials", "change #displayClientSecret": "toggleDisplayClientSecret", "change #generateClientSecret": "toggleGenerateClientSecret", - "change #logoUri input": "previewLogo", "change #jwkSelector input:radio": "toggleJWKSetType" }, @@ -760,16 +755,6 @@ var ClientFormView = Backbone.View.extend({ $("#refreshTokenValidityTime", this.$el).toggle(); }, - previewLogo: function() { - if ($('#logoUri input', this.el).val()) { - $('#logoPreview', this.el).empty(); - $('#logoPreview', this.el).attr('src', $('#logoUri input', this.el).val()); - } else { - // $('#logoBlock', this.el).hide(); - $('#logoPreview', this.el).attr('src', 'resources/images/logo_placeholder.gif'); - } - }, - /** * Set up the form based on the current state of the tokenEndpointAuthMethod * parameter @@ -1047,7 +1032,6 @@ var ClientFormView = Backbone.View.extend({ generateClientSecret: generateClientSecret, redirectUris: redirectUris, clientDescription: this.emptyToNull($('#clientDescription textarea').val()), - logoUri: this.emptyToNull($('#logoUri input').val()), grantTypes: grantTypes, accessTokenValiditySeconds: accessTokenValiditySeconds, refreshTokenValiditySeconds: refreshTokenValiditySeconds, @@ -1297,7 +1281,6 @@ var ClientFormView = Backbone.View.extend({ // toggle other dynamic fields this.toggleClientCredentials(); - this.previewLogo(); this.toggleJWKSetType(); // disable unsupported JOSE algorithms diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js b/openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js index 0bae62621..38b111493 100644 --- a/openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js +++ b/openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js @@ -24,7 +24,6 @@ var DynRegClient = Backbone.Model.extend({ redirect_uris: [], client_name: null, client_uri: null, - logo_uri: null, contacts: [], tos_uri: null, token_endpoint_auth_method: null, @@ -242,7 +241,6 @@ var DynRegEditView = Backbone.View.extend({ "click .btn-save": "saveClient", "click .btn-cancel": "cancel", "click .btn-delete": "deleteClient", - "change #logoUri input": "previewLogo", "change #tokenEndpointAuthMethod input:radio": "toggleClientCredentials", "change #jwkSelector input:radio": "toggleJWKSetType" }, @@ -279,16 +277,6 @@ var DynRegEditView = Backbone.View.extend({ return false; }, - previewLogo: function() { - if ($('#logoUri input', this.el).val()) { - $('#logoPreview', this.el).empty(); - $('#logoPreview', this.el).attr('src', $('#logoUri input', this.el).val()); - } else { - // $('#logoBlock', this.el).hide(); - $('#logoPreview', this.el).attr('src', 'resources/images/logo_placeholder.gif'); - } - }, - /** * Set up the form based on the current state of the tokenEndpointAuthMethod * parameter @@ -458,7 +446,6 @@ var DynRegEditView = Backbone.View.extend({ var attrs = { client_name: this.emptyToNull($('#clientName input').val()), redirect_uris: redirectUris, - logo_uri: this.emptyToNull($('#logoUri input').val()), grant_types: grantTypes, scope: scopes, client_secret: null, // never send a client secret @@ -680,7 +667,6 @@ var DynRegEditView = Backbone.View.extend({ this.listWidgetViews.push(defaultAcrView); this.toggleClientCredentials(); - this.previewLogo(); this.toggleJWKSetType(); // disable unsupported JOSE algorithms diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json index b142f0a9b..978cb1037 100644 --- a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json +++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json @@ -87,8 +87,6 @@ "jwk-set": "Public Key Set", "jwk-set-help": "URL for the client's JSON Web Key set (must be reachable by the server)", "jwk-set-value-help": "URL for the client's JSON Web Key set (must be reachable by the server)", - "logo": "Logo", - "logo-help": "URL that points to a logo image, will be displayed on approval page", "main": "Main", "max-age": "Default Max Age", "max-age-help": "Default maximum session age before re-prompting", @@ -197,7 +195,6 @@ "description": "description", "homepage": "home page", "id": "id", - "logo": "logo", "name": "name", "policy": "policy", "redirect": "redirect uri", diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/fr/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/fr/messages.json index 0d8197a69..87b852b29 100644 --- a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/fr/messages.json +++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/fr/messages.json @@ -87,7 +87,6 @@ "jwk-set": "Jeu de Clés publique", "jwk-set-help": "URI du jeu de clés Web JSON pour le client (doit être accessible par le serveur)", "jwk-set-value-help": "URI du jeu de clés Web JSON pour le client (doit être accessible par le serveur)", - "logo": "Logo", "logo-help": "L'URI qui pointe vers une image de logo sera affichée sur la page d'approbation", "main": "Principal", "max-age": "Age Maximum par Défaut", @@ -197,7 +196,6 @@ "description": "description", "homepage": "page d'accueil", "id": "id", - "logo": "logo", "name": "nom", "policy": "politique", "redirect": "uri de redirection", diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/sv/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/sv/messages.json index 05ff5077e..397cce614 100644 --- a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/sv/messages.json +++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/sv/messages.json @@ -83,8 +83,6 @@ "introspection": "Introspektion", "jwk-set": "JWK Set", "jwk-set-help": "Länk till klientens JSON Webb-nyckel-set", - "logo": "Logotyp", - "logo-help": "Länk till en logotyp. Den visas på bekräftelsesidan.", "main": "Basinformation", "max-age": "Max sessions-längd", "max-age-help": "Default maximal sessions-längd innan användaren tillfrågas igen", @@ -168,7 +166,6 @@ "description": "beskrivning", "homepage": "hemsida", "id": "id", - "logo": "logotyp", "name": "namn", "policy": "policy", "redirect": "omdirigeringslänk", @@ -433,4 +430,4 @@ "deny": "Avbryt" } } -} \ No newline at end of file +} diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh/messages.json index 50be461e4..be059dee2 100644 --- a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh/messages.json +++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh/messages.json @@ -1,490 +1,487 @@ -{ - "admin": { - "blacklist": "黑名单", - "blacklist-form": { - "blacklisted-uris": "列入黑名单的URI" - }, - "home": "首页", - "list-widget": { - "empty": "此列表为空。", - "tooltip": "单击显示全部值。" - }, - "manage-blacklist": "管理列入黑名单的客户端", - "self-service-client": "自助服务-客户端注册", - "self-service-resource": "自助服务-受保护资源注册", - "user-profile": { - "claim": "声明项", - "show": "查看用户信息", - "text": "您的用户信息如下:", - "value": "内容" - } - }, - "client": { - "client-form": { - "access": "访问", - "access-token-no-timeout": "访问令牌不时间", - "access-token-timeout": "访问令牌超时", - "access-token-timeout-help": "输入时间(秒、分钟或小时)。", - "acr-values": "默认ACR值", - "acr-values-placeholder": "新的ACR值", - "acr-values-help": "用于请求该客户端的默认身份验证上下文参考", - "allow-introspection": "允许调用内省端点?", - "authentication-method": "令牌端点认证方法", - "authorization-code": "授权码", - "client-credentials": "客户端凭证", - "client-description": "描述", - "client-description-help": "人类可读的文本描述", - "client-description-placeholder": "填入说明描述", - "client-id": "客户端ID", - "client-id-help": "唯一标识符。如果不填则系统会自动生成一个。", - "client-id-placeholder": "输入一些字符", - "client-name": "客户端名称", - "client-name-help": "人类可读的应用程序名称", - "client-name-placeholder": "输入一些字符", - "client-secret": "客户端密钥", - "client-secret-placeholder": "输入密钥", - "contacts": "联系人", - "contacts-help": "此客户端管理员的联系人名单。", - "contacts-placeholder": "新联系人", - "credentials": "凭据", - "crypto": { - "a128cbc-hs256": "复合认证加密算法,采用密码块链(CBC)模式AES,以PKCS #5填充,完整性计算使用HMAC SHA-256,并使用256位的CMK(和128位CEK)", - "a256cbc-hs512": "复合认证加密算法,采用密码块链(CBC)模式AES,以PKCS #5填充,完整性计算使用HMAC SHA-512,并使用512位的CMK(和256位CEK)", - "a128gcm": "AES GCM使用128位的密钥", - "a256gcm": "AES GCM使用256位的密钥", - "a128kw": "AES密钥封装算法使用128位的密钥", - "a256kw": "AES密钥封装算法使用256位的密钥", - "default": "使用服务器默认", - "dir": "直接使用一个共享对称密钥作为块加密的内容主密钥(CMK)", - "ecdh-es": "椭圆曲线Diffie-Hellman短时静态密钥协议(使用Concat KDF),商定的密钥被直接用作内容主密钥(CMK)", - "ecdh-es-a128kw": "椭圆曲线Diffie-Hellman短时静态密钥协议(使用ECDH-ES和第4.7小节),但商定的密钥是用以A128KW函数封装内容主密钥(CMK)", - "ecdh-es-a256kw": "椭圆曲线Diffie-Hellman短时静态密钥协议(使用ECDH-ES和第4.7小节),但商定的密钥是用以A256KW函数封装内容主密钥(CMK)", - "none": "不加密", - "rsa-oaep": "RSAES使用最优不对称加密填充(OAEP)", - "rsa1-5": "RSAES-PKCS1-V1_5" - }, - "cryptography": "密码", - "display-secret": "显示/编辑客户端密钥:", - "edit": "编辑客户端", - "generate-new-secret": "生成一个新的客户端密钥吗?", - "generate-new-secret-help": "当点击“保存”时生成新的密钥", - "generate-on-save": "保存时生成", - "grant-types": "批准的类型", - "home": "主页", - "home-help": "客户端首页的URL,将显示给用户", - "hours": "小时", - "id": "ID:", - "id-token-crypto-algorithm": "身份令牌加密算法", - "id-token-crypto-method": "身份令牌加密方法", - "id-token-signing-algorithm": "身份令牌签名算法", - "id-token-timeout": "身份令牌超时", - "implicit": "隐式的", - "initiate-login": "初始化登录", - "initiate-login-help": "启动登录客户端的URL", - "introspection": "自省", - "jwk-set": "公钥集", - "jwk-set-help": "客户端JSON Web Key集的URL (须可被服务器访问)", - "jwk-set-value-help": "客户端JSON Web Key集的URL (须可被服务器访问)", - "logo": "标志(Logo)", - "logo-help": "标志(Logo)图像的URL,将显示在批准页", - "main": "首要", - "max-age": "默认最长有效时间", - "max-age-help": "再提示之前的默认最长会话有效时间", - "minutes": "分钟", - "new": "新客户端", - "other": "其它", - "pairwise": "Pairwise对", - "password": "密码", - "policy": "政策声明", - "policy-help": "此客户端的政策声明链接,将显示给用户", - "post-logout": "注销后重定向", - "post-logout-help": "客户端注销操作后的重定向URL", - "public": "公共", - "redelegation": "重新授权", - "redirect-uris": "重定向URI", - "redirect-uris-help": "在授权页面之后客户端重定向URI", - "claims-redirect-uris": "声明重定向URI", - "claims-redirect-uris-help": "在声明收集步骤之后浏览器跳转至的目的地址", - "refresh": "刷新", - "refresh-tokens": "刷新令牌", - "refresh-tokens-issued": "为此客户端发布的刷新令牌", - "refresh-tokens-issued-help": "这将把 offline_access 加入客户端的范围。", - "refresh-tokens-reused": "此客户端的刷新令牌被重用", - "clear-access-tokens": "当刷新令牌用过之后,已激活的访问令牌自动失效", - "refresh-tokens-no-expire": "刷新令牌尚未过期", - "registered": "注册于", - "registration-token": "注册令牌:", - "registration-access-token": "注册访问令牌", - "registration-token-error": "无法为此客户端下载注册访问令牌。", - "request-object-signing-algorithm": "请求对象签名算法", - "request-uri": "请求的URI", - "request-uri-help": "URI包含此客户端使用的请求对象", - "require-auth-time": "需要身份认证时间(auth_time)", - "require-auth-time-label": "总是需要在身份令牌中包含auth_time声明", - "response-types": "响应类型", - "rotate-registration-token": "旋转注册令牌", - "rotate-registration-token-confirm": "你确定你想旋转这个客户端的登录令牌?", - "rotate-registration-token-error": "无法旋转该客户端的注册访问令牌。", - "saved": { - "no-secret": "没有客户端密钥", - "saved": "客户端已保存", - "secret": "密钥:", - "show-secret": "显示密钥", - "unchanged": "不变" - }, - "scope-placeholder": "新范围", - "scope-help": "OAuth范围允许客户端请求", - "seconds": "秒", - "secret-asymmetric-jwt": "非对称签名JWT断言", - "secret-http": "客户端密钥经由HTTP Basic", - "secret-none": "没有认证", - "secret-post": "客户端密钥经由HTTP POST", - "secret-symmetric-jwt": "客户端密钥经由对称签名JWT断言", - "sector-identifier": "扇区标识符URI", - "signing": { - "any": "允许", - "default": "使用服务器默认", - "es256": "ECDSA采用P-256曲线和SHA-256哈希算法", - "es384": "ECDSA采用P-384曲线及SHA-384哈希算法", - "es512": "ECDSA采用P-512曲线及SHA-512哈希算法", - "hs256": "HMAC使用SHA-256哈希算法", - "hs384": "HMAC使用SHA-384哈希算法", - "hs512": "HMAC使用SHA-512哈希算法", - "none": "没有数字签名", - "rs256": "RSASSA使用SHA-256哈希算法", - "rs384": "RSASSA采用SHA-384哈希算法", - "rs512": "RSASSA使用SHA-512哈希算法", - "ps256": "采用SHA-256和MGF1的RSASSA-PSS算法", - "ps384": "采用SHA-384和MGF1的RSASSA-PSS算法", - "ps512": "采用SHA-512和MGF1的RSASSA-PSS算法" - }, - "subject-type": "主体类型", - "terms": "服务条款", - "terms-help": "此客户服务条款的URL,将向用户显示", - "token-signing-algorithm": "令牌端点认证签名算法", - "tokens": "令牌", - "type": "应用类型", - "type-native": "原生应用", - "type-web": "网络应用", - "unknown": "(未知)", - "user-info-crypto-algorithm": "用户信息端点加密算法", - "user-info-crypto-method": "用户信息端点加密方法", - "user-info-signing-algorithm": "用户信息端点签名算法" - }, - "client-table": { - "allow-introspection-tooltip": "这个客户端可以执行令牌自省", - "confirm": "你确定要删除这个客户端?", - "dynamically-registered-tooltip": "这个客户端是动态注册的。点击查看注册访问令牌", - "match": { - "contacts": "联系人", - "description": "描述", - "homepage": "主页", - "id": "身份", - "logo": "标志", - "name": "名称", - "policy": "政策", - "redirect": "重定向URI", - "scope": "范围", - "terms": "服务条款" - }, - "matched-search": "匹配搜索:", - "new": "新客户端", - "no-clients": "此服务器上没有注册的客户端。", - "no-matches": "没有匹配搜索条件的客户端。", - "no-redirect": "没有重定向URI", - "registered": "注册于", - "search": "搜索……", - "whitelist": "白名单", - "unknown": "一个未知的时间" - }, - "manage": "管理客户端", - "more-info": { - "contacts": "管理员联系方式:", - "home": "主页", - "more": "更多信息", - "policy": "政策", - "terms": "服务条款:" - }, - "newClient": "新客户端" - }, - "common": { - "cancel": "取消", - "client": "客户端", - "clients": "客户端", - "close": "关闭", - "delete": "删除", - "description": "描述", - "dynamically-registered": "这个客户端是动态注册的", - "edit": "编辑", - "expires": "到期:", - "information": "信息", - "new": "新建", - "not-yet-implemented": "未实现", - "not-yet-implemented-content": "这个字段的值将于客户端保存,但服务器目前不处理任何事情。服务器的未来库版本将利用它。", - "revoke": "撤销", - "save": "保存", - "scopes": "范围", - "statistics": "统计", - "refresh": "刷新", - "scope": "范围", - "users": "用户", - "user": "用户", - "roles": "角色", - "role": "角色", - "email": "电子邮箱", - "active": "已激活", - "inactive": "未激活" - }, - "dynreg": { - "client-id-placeholder": "输入客户端ID", - "configuration-url": "客户端配置URL", - "edit-dynamically-registered": "编辑动态注册的客户端", - "edit-existing": "编辑一个现有的客户端", - "edit-existing-help": "用于编辑之前已注册的客户端。粘贴您的客户端ID和注册访问令牌,以便访问该客户端。", - "edit-existing-button": "编辑客户端", - "invalid-access-token": "无效的客户端或注册访问令牌。", - "new-client": "注册新客户端", - "new-client-help": "用于注册新的客户端。请提供客户端ID和注册访问令牌,以便管理您的客户端。", - "new-client-button": "新建客户端", - "regtoken-placeholder": "输入注册访问令牌", - "warning": "警告!你必须保护好客户端ID 客户密钥(如果提供),以及您的注册访问令牌。如果你丢失了客户端ID或注册访问令牌,将无法访问您的客户端注册记录,你需要注册一个新客户端。", - "will-be-generated": "当保存客户端信息将由服务器生成" - }, - "grant": { - "manage-approved-sites": "管理批准的网站", - "refresh": "刷新", - "grant-table": { - "active-tokens": "当前活跃的访问令牌数量", - "application": "应用程序", - "approved-sites": "许可站点", - "authorized": "授权:", - "dynamically-registered": "这个客户端是动态注册的", - "expires": "到期:", - "last-accessed": "上次访问:", - "never": "从未", - "no-sites": "还未批准任何网站。", - "no-whitelisted": "还未访问任何白名单的网站。", - "pre-approved": "这些都是预先由管理员批准的网站。", - "text": "这些都是您已经手动批准的网站。如果同一网站将来要进行同样的访问,它将直接通过、且没有提示。", - "unknown": "未知", - "whitelist-note": "注:如果你在此撤销它们,它们将在您下次访问时不经提示即被自动重新批准。", - "whitelisted-site": "这个网站由管理员列入白名单中", - "whitelisted-sites": "白名单的网站" - } - }, - "rsreg": { - "resource-id-placeholder": "输入资源ID", - "configuration-url": "客户端配置URL", - "edit": "编辑受保护的资源", - "edit-existing": "编辑现有的保护资源", - "edit-existing-help": "用于编辑之前已注册的资源。请提供您的客戶端ID和注册访问令牌来访问资源的属性。", - "edit-existing-button": "编辑资源", - "invalid-access-token": "无效的客户端或注册访问令牌。", - "new-client": "注册新的受保护资源", - "new-client-help": "用于注册新的资源。请提供客户端ID和注册访问令牌,以便管理您的资源。", - "new-client-button": "新建资源", - "regtoken-placeholder": "输入注册访问令牌", - "will-be-generated": "当保存资源信息将由服务器生成", - "warning": "警告!你必须保护好客户端ID 客户密钥(如果提供),以及注册访问令牌。如果丢失了客户端ID或注册访问令牌,将无法再次获得您的客户端注册记录,你需要注册一个新客户端。", - "client-form": { - "scope-help": "这个资源能够自省令牌的范围。" - } - }, - "scope": { - "manage": "管理系统范围", - "scope-list": { - "no-scopes": "没有范围" - }, - "system-scope-form": { - "default": "默认范围", - "default-help": "新创建的用户默认情况下获得这个范围?", - "description-help": "人类可读的文本描述", - "description-placeholder": "输入说明", - "restricted": "限制", - "restricted-help": "限制范围只能由系统管理员使用,可用动态注册客户和保护资源", - "edit": "编辑范围", - "icon": "图标", - "new": "新范围", - "select-icon": "选择图标", - "structured": "是一个结构化的范围", - "structured-help": "范围结构化是否包含如base:extension的结构化值?", - "structured-param-help": "人类可读的结构化参数描述", - "subject-type": "主体类型", - "value": "范围值", - "value-help": "不含空格的单个字符串", - "value-placeholder": "范围" - }, - "system-scope-table": { - "confirm": "你确定要删除此范围?引用了此范围的客户端还需要它。", - "new": "新范围", - "text": "尚未定义系统范围。客户可自定义范围。", - "tooltip-restricted": "此范围只能由管理员使用。它不能用于动态注册。", - "tooltip-default": "这个范围将自动分配给新注册的客户。" - } - }, - "token": { - "manage": "管理活动的令牌", - "token-table": { - "access-tokens": "访问令牌", - "associated-id": "这个访问令牌附带相关的身份令牌。", - "associated-refresh": "这个访问令牌附带相关的刷新令牌。", - "click-to-display": "点击显示完整的令牌值", - "confirm": "你确定要撤销这个令牌?", - "confirm-refresh": "你确定要撤销这个刷新令牌及其相关的访问令牌?", - "expires": "过期", - "no-access": "没有活动的访问令牌。", - "no-refresh": "没有活动的刷新令牌。", - "number-of-tokens": "关联的访问令牌数量", - "refresh-tokens": "刷新令牌", - "text": "访问令牌通常是短暂的,供客户端访问特定的资源。身份令牌是采用OpenID Connect协议登录的、专门的访问令牌。", - "text-refresh": "刷新令牌通常是长期的,以便客户端能无需用户介入即可获取新的访问令牌。", - "token-info": "令牌的信息" - } - }, - "whitelist": { - "confirm": "你确定要删除这个白名单项?", - "edit": "编辑白名单", - "manage": "管理列入白名单的网站", - "new": "新白名单", - "whitelist": "白名单", - "whitelist-form": { - "allowed-scopes": "允许范围", - "edit": "编辑白名单的网站", - "new": "新增白名单网站", - "scope-help": "当客户端发出请求列表时将自动批准的范围", - "scope-placeholder": "新范围" - }, - "whitelist-table": { - "no-sites": "白名单列表为空。使用白名单按钮在客户端管理页面创建一个。" - } - }, - "blacklist": { - "text": "被拉黑的网站URI将无法用做注册客户端的重定向地址(无论是在管理界面中添加、还是动态注册,都不会成功)。", - "blacklist-uri-placeholder": "要拉黑的网站URI", - "add": "将网站URI加入黑名单", - "empty": "当前黑名单为空", - "uri": "URI" - }, - "copyright": "基于MITREid Connect {0}技术构建 © 2016 MITRE公司及MIT因特网信任联盟.", - "about": { - "title": "关于", - "body": "\n此OpenID Connect服务基于开源的MITREid Connect项目,该项目来自 \nMITRE公司MIT因特网信任联盟。\n

\n

\n有关项目的更多信息可见 \nGitHub上的MITREid Connect项目。 \n在那儿,您可以提交bug报告、提交反馈甚或提交代码补丁。" - }, - "statistics": { - "title": "统计", - "number_users": "用户数: {0}", - "number_clients": "授权的客户端: {0}", - "number_approvals": "已批准的站点: {0}" - }, - "home": { - "title": "首页", - "welcome": { - "title": "欢迎!", - "body": "\nOpenID Connect是适于因特网部署的身份联邦认证服务器,基于OAuth2授权框架之上的OpenID Connect技术构建。\nOpenID Connect让您无需暴露自己的用户名、密码即可便捷登录网站。

\n

了解更多信息»" - }, - "more": "更多", - "about": { - "title": "关于", - "body": "本服务基于开源的MITREid Connect项目,该项目来自 \nMITRE公司MIT因特网信任联盟。" - }, - "contact": { - "title": "联系方式", - "body": "\n如需更多的信息和支持,请联系本系统的管理员。

\n

电子信箱 »" - }, - "statistics": { - "title": "当前统计", - "loading": "加载……", - "number_users": "用户数: {0}", - "number_clients": "授权的客户端: {0}", - "number_approvals": "已批准的站点: {0}" - } - }, - "contact": { - "title": "联系方式", - "body": "如果要报告有关MITREid Connect软件自身的bug,请访问\nGitHub issue追踪系统。 \n有关当前服务器的问题,请联系服务器管理员。" - }, - "topbar": { - "about": "关于", - "contact": "联系方式", - "statistics": "统计", - "home": "首页", - "login": "登录", - "logout": "注销" - }, - "sidebar": { - "administrative": { - "title": "管理", - "manage_clients": "管理客户端", - "whitelisted_clients": "白名单", - "blacklisted_clients": "黑名单", - "system_scopes": "系统范围" - }, - "personal": { - "title": "个人", - "approved_sites": "管理批准的网站", - "active_tokens": "管理活动的令牌", - "profile_information": "查看用户信息" - }, - "developer": { - "title": "开发者自助服务", - "client_registration": "客户端注册", - "resource_registration": "保护资源注册" - } - }, - "manage": { - "ok": "好的", - "loading": "加载", - "title": "管理控制台" - }, - "approve": { - "dynamically-registered-unknown": "在一个未知的时间", - "title": "批准访问", - "error": { - "not_granted": "访问可能不获批准。" - }, - "required_for": "有待批准", - "dynamically_registered": "此客户端已被动态注册了{0}次。", - "caution": { - "title": "注意", - "message": { - "none": "它之前从未被批准。", - "singular": "它之前已被批准了{0}次。", - "plural": "它之前已被批准了{0}次。" - } - }, - "more_information": "更多信息", - "home_page": "主页", - "policy": "政策", - "terms": "服务条款", - "contacts": "管理人员", - "warning": "警告", - "no_redirect_uri": "该客户端没有注册任何重定向URI,可能被使用恶意的URI。", - "redirect_uri": "如果点击批准,您将被重定向至如下页面: {0}", - "pairwise": "该客户端使用pairwise标识符,这使得在不同站点间关联身份变得稍加困难。", - "no_scopes": "该客户端没有注册任何范围,因此允许请求系统可用的any(任意)范围。请务必谨慎处理。", - "access_to": "访问", - "remember": { - "title": "记住这个决定", - "until_revoke": "记住这个决定直到我撤销", - "one_hour": "记住该决定一个小时", - "next_time": "下次再提醒我" - }, - "do_authorize": "是否授权", - "label": { - "authorize": "授权", - "deny": "拒绝" - } - }, - "error": { - "title": "错误", - "header": "错误:", - "message": "在处理您的请求过程中发生了错误。服务器信息为:" - }, - "login": { - "login_with_username_and_password": "请使用您的用户名及密码登录", - "username": "用户名", - "password": "密码", - "login-button": "登录", - "error": "登录失败。请重试。" - } -} \ No newline at end of file +{ + "admin": { + "blacklist": "黑名单", + "blacklist-form": { + "blacklisted-uris": "列入黑名单的URI" + }, + "home": "首页", + "list-widget": { + "empty": "此列表为空。", + "tooltip": "单击显示全部值。" + }, + "manage-blacklist": "管理列入黑名单的客户端", + "self-service-client": "自助服务-客户端注册", + "self-service-resource": "自助服务-受保护资源注册", + "user-profile": { + "claim": "声明项", + "show": "查看用户信息", + "text": "您的用户信息如下:", + "value": "内容" + } + }, + "client": { + "client-form": { + "access": "访问", + "access-token-no-timeout": "访问令牌不时间", + "access-token-timeout": "访问令牌超时", + "access-token-timeout-help": "输入时间(秒、分钟或小时)。", + "acr-values": "默认ACR值", + "acr-values-placeholder": "新的ACR值", + "acr-values-help": "用于请求该客户端的默认身份验证上下文参考", + "allow-introspection": "允许调用内省端点?", + "authentication-method": "令牌端点认证方法", + "authorization-code": "授权码", + "client-credentials": "客户端凭证", + "client-description": "描述", + "client-description-help": "人类可读的文本描述", + "client-description-placeholder": "填入说明描述", + "client-id": "客户端ID", + "client-id-help": "唯一标识符。如果不填则系统会自动生成一个。", + "client-id-placeholder": "输入一些字符", + "client-name": "客户端名称", + "client-name-help": "人类可读的应用程序名称", + "client-name-placeholder": "输入一些字符", + "client-secret": "客户端密钥", + "client-secret-placeholder": "输入密钥", + "contacts": "联系人", + "contacts-help": "此客户端管理员的联系人名单。", + "contacts-placeholder": "新联系人", + "credentials": "凭据", + "crypto": { + "a128cbc-hs256": "复合认证加密算法,采用密码块链(CBC)模式AES,以PKCS #5填充,完整性计算使用HMAC SHA-256,并使用256位的CMK(和128位CEK)", + "a256cbc-hs512": "复合认证加密算法,采用密码块链(CBC)模式AES,以PKCS #5填充,完整性计算使用HMAC SHA-512,并使用512位的CMK(和256位CEK)", + "a128gcm": "AES GCM使用128位的密钥", + "a256gcm": "AES GCM使用256位的密钥", + "a128kw": "AES密钥封装算法使用128位的密钥", + "a256kw": "AES密钥封装算法使用256位的密钥", + "default": "使用服务器默认", + "dir": "直接使用一个共享对称密钥作为块加密的内容主密钥(CMK)", + "ecdh-es": "椭圆曲线Diffie-Hellman短时静态密钥协议(使用Concat KDF),商定的密钥被直接用作内容主密钥(CMK)", + "ecdh-es-a128kw": "椭圆曲线Diffie-Hellman短时静态密钥协议(使用ECDH-ES和第4.7小节),但商定的密钥是用以A128KW函数封装内容主密钥(CMK)", + "ecdh-es-a256kw": "椭圆曲线Diffie-Hellman短时静态密钥协议(使用ECDH-ES和第4.7小节),但商定的密钥是用以A256KW函数封装内容主密钥(CMK)", + "none": "不加密", + "rsa-oaep": "RSAES使用最优不对称加密填充(OAEP)", + "rsa1-5": "RSAES-PKCS1-V1_5" + }, + "cryptography": "密码", + "display-secret": "显示/编辑客户端密钥:", + "edit": "编辑客户端", + "generate-new-secret": "生成一个新的客户端密钥吗?", + "generate-new-secret-help": "当点击“保存”时生成新的密钥", + "generate-on-save": "保存时生成", + "grant-types": "批准的类型", + "home": "主页", + "home-help": "客户端首页的URL,将显示给用户", + "hours": "小时", + "id": "ID:", + "id-token-crypto-algorithm": "身份令牌加密算法", + "id-token-crypto-method": "身份令牌加密方法", + "id-token-signing-algorithm": "身份令牌签名算法", + "id-token-timeout": "身份令牌超时", + "implicit": "隐式的", + "initiate-login": "初始化登录", + "initiate-login-help": "启动登录客户端的URL", + "introspection": "自省", + "jwk-set": "公钥集", + "jwk-set-help": "客户端JSON Web Key集的URL (须可被服务器访问)", + "jwk-set-value-help": "客户端JSON Web Key集的URL (须可被服务器访问)", + "main": "首要", + "max-age": "默认最长有效时间", + "max-age-help": "再提示之前的默认最长会话有效时间", + "minutes": "分钟", + "new": "新客户端", + "other": "其它", + "pairwise": "Pairwise对", + "password": "密码", + "policy": "政策声明", + "policy-help": "此客户端的政策声明链接,将显示给用户", + "post-logout": "注销后重定向", + "post-logout-help": "客户端注销操作后的重定向URL", + "public": "公共", + "redelegation": "重新授权", + "redirect-uris": "重定向URI", + "redirect-uris-help": "在授权页面之后客户端重定向URI", + "claims-redirect-uris": "声明重定向URI", + "claims-redirect-uris-help": "在声明收集步骤之后浏览器跳转至的目的地址", + "refresh": "刷新", + "refresh-tokens": "刷新令牌", + "refresh-tokens-issued": "为此客户端发布的刷新令牌", + "refresh-tokens-issued-help": "这将把 offline_access 加入客户端的范围。", + "refresh-tokens-reused": "此客户端的刷新令牌被重用", + "clear-access-tokens": "当刷新令牌用过之后,已激活的访问令牌自动失效", + "refresh-tokens-no-expire": "刷新令牌尚未过期", + "registered": "注册于", + "registration-token": "注册令牌:", + "registration-access-token": "注册访问令牌", + "registration-token-error": "无法为此客户端下载注册访问令牌。", + "request-object-signing-algorithm": "请求对象签名算法", + "request-uri": "请求的URI", + "request-uri-help": "URI包含此客户端使用的请求对象", + "require-auth-time": "需要身份认证时间(auth_time)", + "require-auth-time-label": "总是需要在身份令牌中包含auth_time声明", + "response-types": "响应类型", + "rotate-registration-token": "旋转注册令牌", + "rotate-registration-token-confirm": "你确定你想旋转这个客户端的登录令牌?", + "rotate-registration-token-error": "无法旋转该客户端的注册访问令牌。", + "saved": { + "no-secret": "没有客户端密钥", + "saved": "客户端已保存", + "secret": "密钥:", + "show-secret": "显示密钥", + "unchanged": "不变" + }, + "scope-placeholder": "新范围", + "scope-help": "OAuth范围允许客户端请求", + "seconds": "秒", + "secret-asymmetric-jwt": "非对称签名JWT断言", + "secret-http": "客户端密钥经由HTTP Basic", + "secret-none": "没有认证", + "secret-post": "客户端密钥经由HTTP POST", + "secret-symmetric-jwt": "客户端密钥经由对称签名JWT断言", + "sector-identifier": "扇区标识符URI", + "signing": { + "any": "允许", + "default": "使用服务器默认", + "es256": "ECDSA采用P-256曲线和SHA-256哈希算法", + "es384": "ECDSA采用P-384曲线及SHA-384哈希算法", + "es512": "ECDSA采用P-512曲线及SHA-512哈希算法", + "hs256": "HMAC使用SHA-256哈希算法", + "hs384": "HMAC使用SHA-384哈希算法", + "hs512": "HMAC使用SHA-512哈希算法", + "none": "没有数字签名", + "rs256": "RSASSA使用SHA-256哈希算法", + "rs384": "RSASSA采用SHA-384哈希算法", + "rs512": "RSASSA使用SHA-512哈希算法", + "ps256": "采用SHA-256和MGF1的RSASSA-PSS算法", + "ps384": "采用SHA-384和MGF1的RSASSA-PSS算法", + "ps512": "采用SHA-512和MGF1的RSASSA-PSS算法" + }, + "subject-type": "主体类型", + "terms": "服务条款", + "terms-help": "此客户服务条款的URL,将向用户显示", + "token-signing-algorithm": "令牌端点认证签名算法", + "tokens": "令牌", + "type": "应用类型", + "type-native": "原生应用", + "type-web": "网络应用", + "unknown": "(未知)", + "user-info-crypto-algorithm": "用户信息端点加密算法", + "user-info-crypto-method": "用户信息端点加密方法", + "user-info-signing-algorithm": "用户信息端点签名算法" + }, + "client-table": { + "allow-introspection-tooltip": "这个客户端可以执行令牌自省", + "confirm": "你确定要删除这个客户端?", + "dynamically-registered-tooltip": "这个客户端是动态注册的。点击查看注册访问令牌", + "match": { + "contacts": "联系人", + "description": "描述", + "homepage": "主页", + "id": "身份", + "name": "名称", + "policy": "政策", + "redirect": "重定向URI", + "scope": "范围", + "terms": "服务条款" + }, + "matched-search": "匹配搜索:", + "new": "新客户端", + "no-clients": "此服务器上没有注册的客户端。", + "no-matches": "没有匹配搜索条件的客户端。", + "no-redirect": "没有重定向URI", + "registered": "注册于", + "search": "搜索……", + "whitelist": "白名单", + "unknown": "一个未知的时间" + }, + "manage": "管理客户端", + "more-info": { + "contacts": "管理员联系方式:", + "home": "主页", + "more": "更多信息", + "policy": "政策", + "terms": "服务条款:" + }, + "newClient": "新客户端" + }, + "common": { + "cancel": "取消", + "client": "客户端", + "clients": "客户端", + "close": "关闭", + "delete": "删除", + "description": "描述", + "dynamically-registered": "这个客户端是动态注册的", + "edit": "编辑", + "expires": "到期:", + "information": "信息", + "new": "新建", + "not-yet-implemented": "未实现", + "not-yet-implemented-content": "这个字段的值将于客户端保存,但服务器目前不处理任何事情。服务器的未来库版本将利用它。", + "revoke": "撤销", + "save": "保存", + "scopes": "范围", + "statistics": "统计", + "refresh": "刷新", + "scope": "范围", + "users": "用户", + "user": "用户", + "roles": "角色", + "role": "角色", + "email": "电子邮箱", + "active": "已激活", + "inactive": "未激活" + }, + "dynreg": { + "client-id-placeholder": "输入客户端ID", + "configuration-url": "客户端配置URL", + "edit-dynamically-registered": "编辑动态注册的客户端", + "edit-existing": "编辑一个现有的客户端", + "edit-existing-help": "用于编辑之前已注册的客户端。粘贴您的客户端ID和注册访问令牌,以便访问该客户端。", + "edit-existing-button": "编辑客户端", + "invalid-access-token": "无效的客户端或注册访问令牌。", + "new-client": "注册新客户端", + "new-client-help": "用于注册新的客户端。请提供客户端ID和注册访问令牌,以便管理您的客户端。", + "new-client-button": "新建客户端", + "regtoken-placeholder": "输入注册访问令牌", + "warning": "警告!你必须保护好客户端ID 客户密钥(如果提供),以及您的注册访问令牌。如果你丢失了客户端ID或注册访问令牌,将无法访问您的客户端注册记录,你需要注册一个新客户端。", + "will-be-generated": "当保存客户端信息将由服务器生成" + }, + "grant": { + "manage-approved-sites": "管理批准的网站", + "refresh": "刷新", + "grant-table": { + "active-tokens": "当前活跃的访问令牌数量", + "application": "应用程序", + "approved-sites": "许可站点", + "authorized": "授权:", + "dynamically-registered": "这个客户端是动态注册的", + "expires": "到期:", + "last-accessed": "上次访问:", + "never": "从未", + "no-sites": "还未批准任何网站。", + "no-whitelisted": "还未访问任何白名单的网站。", + "pre-approved": "这些都是预先由管理员批准的网站。", + "text": "这些都是您已经手动批准的网站。如果同一网站将来要进行同样的访问,它将直接通过、且没有提示。", + "unknown": "未知", + "whitelist-note": "注:如果你在此撤销它们,它们将在您下次访问时不经提示即被自动重新批准。", + "whitelisted-site": "这个网站由管理员列入白名单中", + "whitelisted-sites": "白名单的网站" + } + }, + "rsreg": { + "resource-id-placeholder": "输入资源ID", + "configuration-url": "客户端配置URL", + "edit": "编辑受保护的资源", + "edit-existing": "编辑现有的保护资源", + "edit-existing-help": "用于编辑之前已注册的资源。请提供您的客戶端ID和注册访问令牌来访问资源的属性。", + "edit-existing-button": "编辑资源", + "invalid-access-token": "无效的客户端或注册访问令牌。", + "new-client": "注册新的受保护资源", + "new-client-help": "用于注册新的资源。请提供客户端ID和注册访问令牌,以便管理您的资源。", + "new-client-button": "新建资源", + "regtoken-placeholder": "输入注册访问令牌", + "will-be-generated": "当保存资源信息将由服务器生成", + "warning": "警告!你必须保护好客户端ID 客户密钥(如果提供),以及注册访问令牌。如果丢失了客户端ID或注册访问令牌,将无法再次获得您的客户端注册记录,你需要注册一个新客户端。", + "client-form": { + "scope-help": "这个资源能够自省令牌的范围。" + } + }, + "scope": { + "manage": "管理系统范围", + "scope-list": { + "no-scopes": "没有范围" + }, + "system-scope-form": { + "default": "默认范围", + "default-help": "新创建的用户默认情况下获得这个范围?", + "description-help": "人类可读的文本描述", + "description-placeholder": "输入说明", + "restricted": "限制", + "restricted-help": "限制范围只能由系统管理员使用,可用动态注册客户和保护资源", + "edit": "编辑范围", + "icon": "图标", + "new": "新范围", + "select-icon": "选择图标", + "structured": "是一个结构化的范围", + "structured-help": "范围结构化是否包含如base:extension的结构化值?", + "structured-param-help": "人类可读的结构化参数描述", + "subject-type": "主体类型", + "value": "范围值", + "value-help": "不含空格的单个字符串", + "value-placeholder": "范围" + }, + "system-scope-table": { + "confirm": "你确定要删除此范围?引用了此范围的客户端还需要它。", + "new": "新范围", + "text": "尚未定义系统范围。客户可自定义范围。", + "tooltip-restricted": "此范围只能由管理员使用。它不能用于动态注册。", + "tooltip-default": "这个范围将自动分配给新注册的客户。" + } + }, + "token": { + "manage": "管理活动的令牌", + "token-table": { + "access-tokens": "访问令牌", + "associated-id": "这个访问令牌附带相关的身份令牌。", + "associated-refresh": "这个访问令牌附带相关的刷新令牌。", + "click-to-display": "点击显示完整的令牌值", + "confirm": "你确定要撤销这个令牌?", + "confirm-refresh": "你确定要撤销这个刷新令牌及其相关的访问令牌?", + "expires": "过期", + "no-access": "没有活动的访问令牌。", + "no-refresh": "没有活动的刷新令牌。", + "number-of-tokens": "关联的访问令牌数量", + "refresh-tokens": "刷新令牌", + "text": "访问令牌通常是短暂的,供客户端访问特定的资源。身份令牌是采用OpenID Connect协议登录的、专门的访问令牌。", + "text-refresh": "刷新令牌通常是长期的,以便客户端能无需用户介入即可获取新的访问令牌。", + "token-info": "令牌的信息" + } + }, + "whitelist": { + "confirm": "你确定要删除这个白名单项?", + "edit": "编辑白名单", + "manage": "管理列入白名单的网站", + "new": "新白名单", + "whitelist": "白名单", + "whitelist-form": { + "allowed-scopes": "允许范围", + "edit": "编辑白名单的网站", + "new": "新增白名单网站", + "scope-help": "当客户端发出请求列表时将自动批准的范围", + "scope-placeholder": "新范围" + }, + "whitelist-table": { + "no-sites": "白名单列表为空。使用白名单按钮在客户端管理页面创建一个。" + } + }, + "blacklist": { + "text": "被拉黑的网站URI将无法用做注册客户端的重定向地址(无论是在管理界面中添加、还是动态注册,都不会成功)。", + "blacklist-uri-placeholder": "要拉黑的网站URI", + "add": "将网站URI加入黑名单", + "empty": "当前黑名单为空", + "uri": "URI" + }, + "copyright": "基于MITREid Connect {0}技术构建 © 2016 MITRE公司及MIT因特网信任联盟.", + "about": { + "title": "关于", + "body": "\n此OpenID Connect服务基于开源的MITREid Connect项目,该项目来自 \nMITRE公司MIT因特网信任联盟。\n

\n

\n有关项目的更多信息可见 \nGitHub上的MITREid Connect项目。 \n在那儿,您可以提交bug报告、提交反馈甚或提交代码补丁。" + }, + "statistics": { + "title": "统计", + "number_users": "用户数: {0}", + "number_clients": "授权的客户端: {0}", + "number_approvals": "已批准的站点: {0}" + }, + "home": { + "title": "首页", + "welcome": { + "title": "欢迎!", + "body": "\nOpenID Connect是适于因特网部署的身份联邦认证服务器,基于OAuth2授权框架之上的OpenID Connect技术构建。\nOpenID Connect让您无需暴露自己的用户名、密码即可便捷登录网站。

\n

了解更多信息»" + }, + "more": "更多", + "about": { + "title": "关于", + "body": "本服务基于开源的MITREid Connect项目,该项目来自 \nMITRE公司MIT因特网信任联盟。" + }, + "contact": { + "title": "联系方式", + "body": "\n如需更多的信息和支持,请联系本系统的管理员。

\n

电子信箱 »" + }, + "statistics": { + "title": "当前统计", + "loading": "加载……", + "number_users": "用户数: {0}", + "number_clients": "授权的客户端: {0}", + "number_approvals": "已批准的站点: {0}" + } + }, + "contact": { + "title": "联系方式", + "body": "如果要报告有关MITREid Connect软件自身的bug,请访问\nGitHub issue追踪系统。 \n有关当前服务器的问题,请联系服务器管理员。" + }, + "topbar": { + "about": "关于", + "contact": "联系方式", + "statistics": "统计", + "home": "首页", + "login": "登录", + "logout": "注销" + }, + "sidebar": { + "administrative": { + "title": "管理", + "manage_clients": "管理客户端", + "whitelisted_clients": "白名单", + "blacklisted_clients": "黑名单", + "system_scopes": "系统范围" + }, + "personal": { + "title": "个人", + "approved_sites": "管理批准的网站", + "active_tokens": "管理活动的令牌", + "profile_information": "查看用户信息" + }, + "developer": { + "title": "开发者自助服务", + "client_registration": "客户端注册", + "resource_registration": "保护资源注册" + } + }, + "manage": { + "ok": "好的", + "loading": "加载", + "title": "管理控制台" + }, + "approve": { + "dynamically-registered-unknown": "在一个未知的时间", + "title": "批准访问", + "error": { + "not_granted": "访问可能不获批准。" + }, + "required_for": "有待批准", + "dynamically_registered": "此客户端已被动态注册了{0}次。", + "caution": { + "title": "注意", + "message": { + "none": "它之前从未被批准。", + "singular": "它之前已被批准了{0}次。", + "plural": "它之前已被批准了{0}次。" + } + }, + "more_information": "更多信息", + "home_page": "主页", + "policy": "政策", + "terms": "服务条款", + "contacts": "管理人员", + "warning": "警告", + "no_redirect_uri": "该客户端没有注册任何重定向URI,可能被使用恶意的URI。", + "redirect_uri": "如果点击批准,您将被重定向至如下页面: {0}", + "pairwise": "该客户端使用pairwise标识符,这使得在不同站点间关联身份变得稍加困难。", + "no_scopes": "该客户端没有注册任何范围,因此允许请求系统可用的any(任意)范围。请务必谨慎处理。", + "access_to": "访问", + "remember": { + "title": "记住这个决定", + "until_revoke": "记住这个决定直到我撤销", + "one_hour": "记住该决定一个小时", + "next_time": "下次再提醒我" + }, + "do_authorize": "是否授权", + "label": { + "authorize": "授权", + "deny": "拒绝" + } + }, + "error": { + "title": "错误", + "header": "错误:", + "message": "在处理您的请求过程中发生了错误。服务器信息为:" + }, + "login": { + "login_with_username_and_password": "请使用您的用户名及密码登录", + "username": "用户名", + "password": "密码", + "login-button": "登录", + "error": "登录失败。请重试。" + } +} diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_CN/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_CN/messages.json index 50be461e4..be059dee2 100644 --- a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_CN/messages.json +++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_CN/messages.json @@ -1,490 +1,487 @@ -{ - "admin": { - "blacklist": "黑名单", - "blacklist-form": { - "blacklisted-uris": "列入黑名单的URI" - }, - "home": "首页", - "list-widget": { - "empty": "此列表为空。", - "tooltip": "单击显示全部值。" - }, - "manage-blacklist": "管理列入黑名单的客户端", - "self-service-client": "自助服务-客户端注册", - "self-service-resource": "自助服务-受保护资源注册", - "user-profile": { - "claim": "声明项", - "show": "查看用户信息", - "text": "您的用户信息如下:", - "value": "内容" - } - }, - "client": { - "client-form": { - "access": "访问", - "access-token-no-timeout": "访问令牌不时间", - "access-token-timeout": "访问令牌超时", - "access-token-timeout-help": "输入时间(秒、分钟或小时)。", - "acr-values": "默认ACR值", - "acr-values-placeholder": "新的ACR值", - "acr-values-help": "用于请求该客户端的默认身份验证上下文参考", - "allow-introspection": "允许调用内省端点?", - "authentication-method": "令牌端点认证方法", - "authorization-code": "授权码", - "client-credentials": "客户端凭证", - "client-description": "描述", - "client-description-help": "人类可读的文本描述", - "client-description-placeholder": "填入说明描述", - "client-id": "客户端ID", - "client-id-help": "唯一标识符。如果不填则系统会自动生成一个。", - "client-id-placeholder": "输入一些字符", - "client-name": "客户端名称", - "client-name-help": "人类可读的应用程序名称", - "client-name-placeholder": "输入一些字符", - "client-secret": "客户端密钥", - "client-secret-placeholder": "输入密钥", - "contacts": "联系人", - "contacts-help": "此客户端管理员的联系人名单。", - "contacts-placeholder": "新联系人", - "credentials": "凭据", - "crypto": { - "a128cbc-hs256": "复合认证加密算法,采用密码块链(CBC)模式AES,以PKCS #5填充,完整性计算使用HMAC SHA-256,并使用256位的CMK(和128位CEK)", - "a256cbc-hs512": "复合认证加密算法,采用密码块链(CBC)模式AES,以PKCS #5填充,完整性计算使用HMAC SHA-512,并使用512位的CMK(和256位CEK)", - "a128gcm": "AES GCM使用128位的密钥", - "a256gcm": "AES GCM使用256位的密钥", - "a128kw": "AES密钥封装算法使用128位的密钥", - "a256kw": "AES密钥封装算法使用256位的密钥", - "default": "使用服务器默认", - "dir": "直接使用一个共享对称密钥作为块加密的内容主密钥(CMK)", - "ecdh-es": "椭圆曲线Diffie-Hellman短时静态密钥协议(使用Concat KDF),商定的密钥被直接用作内容主密钥(CMK)", - "ecdh-es-a128kw": "椭圆曲线Diffie-Hellman短时静态密钥协议(使用ECDH-ES和第4.7小节),但商定的密钥是用以A128KW函数封装内容主密钥(CMK)", - "ecdh-es-a256kw": "椭圆曲线Diffie-Hellman短时静态密钥协议(使用ECDH-ES和第4.7小节),但商定的密钥是用以A256KW函数封装内容主密钥(CMK)", - "none": "不加密", - "rsa-oaep": "RSAES使用最优不对称加密填充(OAEP)", - "rsa1-5": "RSAES-PKCS1-V1_5" - }, - "cryptography": "密码", - "display-secret": "显示/编辑客户端密钥:", - "edit": "编辑客户端", - "generate-new-secret": "生成一个新的客户端密钥吗?", - "generate-new-secret-help": "当点击“保存”时生成新的密钥", - "generate-on-save": "保存时生成", - "grant-types": "批准的类型", - "home": "主页", - "home-help": "客户端首页的URL,将显示给用户", - "hours": "小时", - "id": "ID:", - "id-token-crypto-algorithm": "身份令牌加密算法", - "id-token-crypto-method": "身份令牌加密方法", - "id-token-signing-algorithm": "身份令牌签名算法", - "id-token-timeout": "身份令牌超时", - "implicit": "隐式的", - "initiate-login": "初始化登录", - "initiate-login-help": "启动登录客户端的URL", - "introspection": "自省", - "jwk-set": "公钥集", - "jwk-set-help": "客户端JSON Web Key集的URL (须可被服务器访问)", - "jwk-set-value-help": "客户端JSON Web Key集的URL (须可被服务器访问)", - "logo": "标志(Logo)", - "logo-help": "标志(Logo)图像的URL,将显示在批准页", - "main": "首要", - "max-age": "默认最长有效时间", - "max-age-help": "再提示之前的默认最长会话有效时间", - "minutes": "分钟", - "new": "新客户端", - "other": "其它", - "pairwise": "Pairwise对", - "password": "密码", - "policy": "政策声明", - "policy-help": "此客户端的政策声明链接,将显示给用户", - "post-logout": "注销后重定向", - "post-logout-help": "客户端注销操作后的重定向URL", - "public": "公共", - "redelegation": "重新授权", - "redirect-uris": "重定向URI", - "redirect-uris-help": "在授权页面之后客户端重定向URI", - "claims-redirect-uris": "声明重定向URI", - "claims-redirect-uris-help": "在声明收集步骤之后浏览器跳转至的目的地址", - "refresh": "刷新", - "refresh-tokens": "刷新令牌", - "refresh-tokens-issued": "为此客户端发布的刷新令牌", - "refresh-tokens-issued-help": "这将把 offline_access 加入客户端的范围。", - "refresh-tokens-reused": "此客户端的刷新令牌被重用", - "clear-access-tokens": "当刷新令牌用过之后,已激活的访问令牌自动失效", - "refresh-tokens-no-expire": "刷新令牌尚未过期", - "registered": "注册于", - "registration-token": "注册令牌:", - "registration-access-token": "注册访问令牌", - "registration-token-error": "无法为此客户端下载注册访问令牌。", - "request-object-signing-algorithm": "请求对象签名算法", - "request-uri": "请求的URI", - "request-uri-help": "URI包含此客户端使用的请求对象", - "require-auth-time": "需要身份认证时间(auth_time)", - "require-auth-time-label": "总是需要在身份令牌中包含auth_time声明", - "response-types": "响应类型", - "rotate-registration-token": "旋转注册令牌", - "rotate-registration-token-confirm": "你确定你想旋转这个客户端的登录令牌?", - "rotate-registration-token-error": "无法旋转该客户端的注册访问令牌。", - "saved": { - "no-secret": "没有客户端密钥", - "saved": "客户端已保存", - "secret": "密钥:", - "show-secret": "显示密钥", - "unchanged": "不变" - }, - "scope-placeholder": "新范围", - "scope-help": "OAuth范围允许客户端请求", - "seconds": "秒", - "secret-asymmetric-jwt": "非对称签名JWT断言", - "secret-http": "客户端密钥经由HTTP Basic", - "secret-none": "没有认证", - "secret-post": "客户端密钥经由HTTP POST", - "secret-symmetric-jwt": "客户端密钥经由对称签名JWT断言", - "sector-identifier": "扇区标识符URI", - "signing": { - "any": "允许", - "default": "使用服务器默认", - "es256": "ECDSA采用P-256曲线和SHA-256哈希算法", - "es384": "ECDSA采用P-384曲线及SHA-384哈希算法", - "es512": "ECDSA采用P-512曲线及SHA-512哈希算法", - "hs256": "HMAC使用SHA-256哈希算法", - "hs384": "HMAC使用SHA-384哈希算法", - "hs512": "HMAC使用SHA-512哈希算法", - "none": "没有数字签名", - "rs256": "RSASSA使用SHA-256哈希算法", - "rs384": "RSASSA采用SHA-384哈希算法", - "rs512": "RSASSA使用SHA-512哈希算法", - "ps256": "采用SHA-256和MGF1的RSASSA-PSS算法", - "ps384": "采用SHA-384和MGF1的RSASSA-PSS算法", - "ps512": "采用SHA-512和MGF1的RSASSA-PSS算法" - }, - "subject-type": "主体类型", - "terms": "服务条款", - "terms-help": "此客户服务条款的URL,将向用户显示", - "token-signing-algorithm": "令牌端点认证签名算法", - "tokens": "令牌", - "type": "应用类型", - "type-native": "原生应用", - "type-web": "网络应用", - "unknown": "(未知)", - "user-info-crypto-algorithm": "用户信息端点加密算法", - "user-info-crypto-method": "用户信息端点加密方法", - "user-info-signing-algorithm": "用户信息端点签名算法" - }, - "client-table": { - "allow-introspection-tooltip": "这个客户端可以执行令牌自省", - "confirm": "你确定要删除这个客户端?", - "dynamically-registered-tooltip": "这个客户端是动态注册的。点击查看注册访问令牌", - "match": { - "contacts": "联系人", - "description": "描述", - "homepage": "主页", - "id": "身份", - "logo": "标志", - "name": "名称", - "policy": "政策", - "redirect": "重定向URI", - "scope": "范围", - "terms": "服务条款" - }, - "matched-search": "匹配搜索:", - "new": "新客户端", - "no-clients": "此服务器上没有注册的客户端。", - "no-matches": "没有匹配搜索条件的客户端。", - "no-redirect": "没有重定向URI", - "registered": "注册于", - "search": "搜索……", - "whitelist": "白名单", - "unknown": "一个未知的时间" - }, - "manage": "管理客户端", - "more-info": { - "contacts": "管理员联系方式:", - "home": "主页", - "more": "更多信息", - "policy": "政策", - "terms": "服务条款:" - }, - "newClient": "新客户端" - }, - "common": { - "cancel": "取消", - "client": "客户端", - "clients": "客户端", - "close": "关闭", - "delete": "删除", - "description": "描述", - "dynamically-registered": "这个客户端是动态注册的", - "edit": "编辑", - "expires": "到期:", - "information": "信息", - "new": "新建", - "not-yet-implemented": "未实现", - "not-yet-implemented-content": "这个字段的值将于客户端保存,但服务器目前不处理任何事情。服务器的未来库版本将利用它。", - "revoke": "撤销", - "save": "保存", - "scopes": "范围", - "statistics": "统计", - "refresh": "刷新", - "scope": "范围", - "users": "用户", - "user": "用户", - "roles": "角色", - "role": "角色", - "email": "电子邮箱", - "active": "已激活", - "inactive": "未激活" - }, - "dynreg": { - "client-id-placeholder": "输入客户端ID", - "configuration-url": "客户端配置URL", - "edit-dynamically-registered": "编辑动态注册的客户端", - "edit-existing": "编辑一个现有的客户端", - "edit-existing-help": "用于编辑之前已注册的客户端。粘贴您的客户端ID和注册访问令牌,以便访问该客户端。", - "edit-existing-button": "编辑客户端", - "invalid-access-token": "无效的客户端或注册访问令牌。", - "new-client": "注册新客户端", - "new-client-help": "用于注册新的客户端。请提供客户端ID和注册访问令牌,以便管理您的客户端。", - "new-client-button": "新建客户端", - "regtoken-placeholder": "输入注册访问令牌", - "warning": "警告!你必须保护好客户端ID 客户密钥(如果提供),以及您的注册访问令牌。如果你丢失了客户端ID或注册访问令牌,将无法访问您的客户端注册记录,你需要注册一个新客户端。", - "will-be-generated": "当保存客户端信息将由服务器生成" - }, - "grant": { - "manage-approved-sites": "管理批准的网站", - "refresh": "刷新", - "grant-table": { - "active-tokens": "当前活跃的访问令牌数量", - "application": "应用程序", - "approved-sites": "许可站点", - "authorized": "授权:", - "dynamically-registered": "这个客户端是动态注册的", - "expires": "到期:", - "last-accessed": "上次访问:", - "never": "从未", - "no-sites": "还未批准任何网站。", - "no-whitelisted": "还未访问任何白名单的网站。", - "pre-approved": "这些都是预先由管理员批准的网站。", - "text": "这些都是您已经手动批准的网站。如果同一网站将来要进行同样的访问,它将直接通过、且没有提示。", - "unknown": "未知", - "whitelist-note": "注:如果你在此撤销它们,它们将在您下次访问时不经提示即被自动重新批准。", - "whitelisted-site": "这个网站由管理员列入白名单中", - "whitelisted-sites": "白名单的网站" - } - }, - "rsreg": { - "resource-id-placeholder": "输入资源ID", - "configuration-url": "客户端配置URL", - "edit": "编辑受保护的资源", - "edit-existing": "编辑现有的保护资源", - "edit-existing-help": "用于编辑之前已注册的资源。请提供您的客戶端ID和注册访问令牌来访问资源的属性。", - "edit-existing-button": "编辑资源", - "invalid-access-token": "无效的客户端或注册访问令牌。", - "new-client": "注册新的受保护资源", - "new-client-help": "用于注册新的资源。请提供客户端ID和注册访问令牌,以便管理您的资源。", - "new-client-button": "新建资源", - "regtoken-placeholder": "输入注册访问令牌", - "will-be-generated": "当保存资源信息将由服务器生成", - "warning": "警告!你必须保护好客户端ID 客户密钥(如果提供),以及注册访问令牌。如果丢失了客户端ID或注册访问令牌,将无法再次获得您的客户端注册记录,你需要注册一个新客户端。", - "client-form": { - "scope-help": "这个资源能够自省令牌的范围。" - } - }, - "scope": { - "manage": "管理系统范围", - "scope-list": { - "no-scopes": "没有范围" - }, - "system-scope-form": { - "default": "默认范围", - "default-help": "新创建的用户默认情况下获得这个范围?", - "description-help": "人类可读的文本描述", - "description-placeholder": "输入说明", - "restricted": "限制", - "restricted-help": "限制范围只能由系统管理员使用,可用动态注册客户和保护资源", - "edit": "编辑范围", - "icon": "图标", - "new": "新范围", - "select-icon": "选择图标", - "structured": "是一个结构化的范围", - "structured-help": "范围结构化是否包含如base:extension的结构化值?", - "structured-param-help": "人类可读的结构化参数描述", - "subject-type": "主体类型", - "value": "范围值", - "value-help": "不含空格的单个字符串", - "value-placeholder": "范围" - }, - "system-scope-table": { - "confirm": "你确定要删除此范围?引用了此范围的客户端还需要它。", - "new": "新范围", - "text": "尚未定义系统范围。客户可自定义范围。", - "tooltip-restricted": "此范围只能由管理员使用。它不能用于动态注册。", - "tooltip-default": "这个范围将自动分配给新注册的客户。" - } - }, - "token": { - "manage": "管理活动的令牌", - "token-table": { - "access-tokens": "访问令牌", - "associated-id": "这个访问令牌附带相关的身份令牌。", - "associated-refresh": "这个访问令牌附带相关的刷新令牌。", - "click-to-display": "点击显示完整的令牌值", - "confirm": "你确定要撤销这个令牌?", - "confirm-refresh": "你确定要撤销这个刷新令牌及其相关的访问令牌?", - "expires": "过期", - "no-access": "没有活动的访问令牌。", - "no-refresh": "没有活动的刷新令牌。", - "number-of-tokens": "关联的访问令牌数量", - "refresh-tokens": "刷新令牌", - "text": "访问令牌通常是短暂的,供客户端访问特定的资源。身份令牌是采用OpenID Connect协议登录的、专门的访问令牌。", - "text-refresh": "刷新令牌通常是长期的,以便客户端能无需用户介入即可获取新的访问令牌。", - "token-info": "令牌的信息" - } - }, - "whitelist": { - "confirm": "你确定要删除这个白名单项?", - "edit": "编辑白名单", - "manage": "管理列入白名单的网站", - "new": "新白名单", - "whitelist": "白名单", - "whitelist-form": { - "allowed-scopes": "允许范围", - "edit": "编辑白名单的网站", - "new": "新增白名单网站", - "scope-help": "当客户端发出请求列表时将自动批准的范围", - "scope-placeholder": "新范围" - }, - "whitelist-table": { - "no-sites": "白名单列表为空。使用白名单按钮在客户端管理页面创建一个。" - } - }, - "blacklist": { - "text": "被拉黑的网站URI将无法用做注册客户端的重定向地址(无论是在管理界面中添加、还是动态注册,都不会成功)。", - "blacklist-uri-placeholder": "要拉黑的网站URI", - "add": "将网站URI加入黑名单", - "empty": "当前黑名单为空", - "uri": "URI" - }, - "copyright": "基于MITREid Connect {0}技术构建 © 2016 MITRE公司及MIT因特网信任联盟.", - "about": { - "title": "关于", - "body": "\n此OpenID Connect服务基于开源的MITREid Connect项目,该项目来自 \nMITRE公司MIT因特网信任联盟。\n

\n

\n有关项目的更多信息可见 \nGitHub上的MITREid Connect项目。 \n在那儿,您可以提交bug报告、提交反馈甚或提交代码补丁。" - }, - "statistics": { - "title": "统计", - "number_users": "用户数: {0}", - "number_clients": "授权的客户端: {0}", - "number_approvals": "已批准的站点: {0}" - }, - "home": { - "title": "首页", - "welcome": { - "title": "欢迎!", - "body": "\nOpenID Connect是适于因特网部署的身份联邦认证服务器,基于OAuth2授权框架之上的OpenID Connect技术构建。\nOpenID Connect让您无需暴露自己的用户名、密码即可便捷登录网站。

\n

了解更多信息»" - }, - "more": "更多", - "about": { - "title": "关于", - "body": "本服务基于开源的MITREid Connect项目,该项目来自 \nMITRE公司MIT因特网信任联盟。" - }, - "contact": { - "title": "联系方式", - "body": "\n如需更多的信息和支持,请联系本系统的管理员。

\n

电子信箱 »" - }, - "statistics": { - "title": "当前统计", - "loading": "加载……", - "number_users": "用户数: {0}", - "number_clients": "授权的客户端: {0}", - "number_approvals": "已批准的站点: {0}" - } - }, - "contact": { - "title": "联系方式", - "body": "如果要报告有关MITREid Connect软件自身的bug,请访问\nGitHub issue追踪系统。 \n有关当前服务器的问题,请联系服务器管理员。" - }, - "topbar": { - "about": "关于", - "contact": "联系方式", - "statistics": "统计", - "home": "首页", - "login": "登录", - "logout": "注销" - }, - "sidebar": { - "administrative": { - "title": "管理", - "manage_clients": "管理客户端", - "whitelisted_clients": "白名单", - "blacklisted_clients": "黑名单", - "system_scopes": "系统范围" - }, - "personal": { - "title": "个人", - "approved_sites": "管理批准的网站", - "active_tokens": "管理活动的令牌", - "profile_information": "查看用户信息" - }, - "developer": { - "title": "开发者自助服务", - "client_registration": "客户端注册", - "resource_registration": "保护资源注册" - } - }, - "manage": { - "ok": "好的", - "loading": "加载", - "title": "管理控制台" - }, - "approve": { - "dynamically-registered-unknown": "在一个未知的时间", - "title": "批准访问", - "error": { - "not_granted": "访问可能不获批准。" - }, - "required_for": "有待批准", - "dynamically_registered": "此客户端已被动态注册了{0}次。", - "caution": { - "title": "注意", - "message": { - "none": "它之前从未被批准。", - "singular": "它之前已被批准了{0}次。", - "plural": "它之前已被批准了{0}次。" - } - }, - "more_information": "更多信息", - "home_page": "主页", - "policy": "政策", - "terms": "服务条款", - "contacts": "管理人员", - "warning": "警告", - "no_redirect_uri": "该客户端没有注册任何重定向URI,可能被使用恶意的URI。", - "redirect_uri": "如果点击批准,您将被重定向至如下页面: {0}", - "pairwise": "该客户端使用pairwise标识符,这使得在不同站点间关联身份变得稍加困难。", - "no_scopes": "该客户端没有注册任何范围,因此允许请求系统可用的any(任意)范围。请务必谨慎处理。", - "access_to": "访问", - "remember": { - "title": "记住这个决定", - "until_revoke": "记住这个决定直到我撤销", - "one_hour": "记住该决定一个小时", - "next_time": "下次再提醒我" - }, - "do_authorize": "是否授权", - "label": { - "authorize": "授权", - "deny": "拒绝" - } - }, - "error": { - "title": "错误", - "header": "错误:", - "message": "在处理您的请求过程中发生了错误。服务器信息为:" - }, - "login": { - "login_with_username_and_password": "请使用您的用户名及密码登录", - "username": "用户名", - "password": "密码", - "login-button": "登录", - "error": "登录失败。请重试。" - } -} \ No newline at end of file +{ + "admin": { + "blacklist": "黑名单", + "blacklist-form": { + "blacklisted-uris": "列入黑名单的URI" + }, + "home": "首页", + "list-widget": { + "empty": "此列表为空。", + "tooltip": "单击显示全部值。" + }, + "manage-blacklist": "管理列入黑名单的客户端", + "self-service-client": "自助服务-客户端注册", + "self-service-resource": "自助服务-受保护资源注册", + "user-profile": { + "claim": "声明项", + "show": "查看用户信息", + "text": "您的用户信息如下:", + "value": "内容" + } + }, + "client": { + "client-form": { + "access": "访问", + "access-token-no-timeout": "访问令牌不时间", + "access-token-timeout": "访问令牌超时", + "access-token-timeout-help": "输入时间(秒、分钟或小时)。", + "acr-values": "默认ACR值", + "acr-values-placeholder": "新的ACR值", + "acr-values-help": "用于请求该客户端的默认身份验证上下文参考", + "allow-introspection": "允许调用内省端点?", + "authentication-method": "令牌端点认证方法", + "authorization-code": "授权码", + "client-credentials": "客户端凭证", + "client-description": "描述", + "client-description-help": "人类可读的文本描述", + "client-description-placeholder": "填入说明描述", + "client-id": "客户端ID", + "client-id-help": "唯一标识符。如果不填则系统会自动生成一个。", + "client-id-placeholder": "输入一些字符", + "client-name": "客户端名称", + "client-name-help": "人类可读的应用程序名称", + "client-name-placeholder": "输入一些字符", + "client-secret": "客户端密钥", + "client-secret-placeholder": "输入密钥", + "contacts": "联系人", + "contacts-help": "此客户端管理员的联系人名单。", + "contacts-placeholder": "新联系人", + "credentials": "凭据", + "crypto": { + "a128cbc-hs256": "复合认证加密算法,采用密码块链(CBC)模式AES,以PKCS #5填充,完整性计算使用HMAC SHA-256,并使用256位的CMK(和128位CEK)", + "a256cbc-hs512": "复合认证加密算法,采用密码块链(CBC)模式AES,以PKCS #5填充,完整性计算使用HMAC SHA-512,并使用512位的CMK(和256位CEK)", + "a128gcm": "AES GCM使用128位的密钥", + "a256gcm": "AES GCM使用256位的密钥", + "a128kw": "AES密钥封装算法使用128位的密钥", + "a256kw": "AES密钥封装算法使用256位的密钥", + "default": "使用服务器默认", + "dir": "直接使用一个共享对称密钥作为块加密的内容主密钥(CMK)", + "ecdh-es": "椭圆曲线Diffie-Hellman短时静态密钥协议(使用Concat KDF),商定的密钥被直接用作内容主密钥(CMK)", + "ecdh-es-a128kw": "椭圆曲线Diffie-Hellman短时静态密钥协议(使用ECDH-ES和第4.7小节),但商定的密钥是用以A128KW函数封装内容主密钥(CMK)", + "ecdh-es-a256kw": "椭圆曲线Diffie-Hellman短时静态密钥协议(使用ECDH-ES和第4.7小节),但商定的密钥是用以A256KW函数封装内容主密钥(CMK)", + "none": "不加密", + "rsa-oaep": "RSAES使用最优不对称加密填充(OAEP)", + "rsa1-5": "RSAES-PKCS1-V1_5" + }, + "cryptography": "密码", + "display-secret": "显示/编辑客户端密钥:", + "edit": "编辑客户端", + "generate-new-secret": "生成一个新的客户端密钥吗?", + "generate-new-secret-help": "当点击“保存”时生成新的密钥", + "generate-on-save": "保存时生成", + "grant-types": "批准的类型", + "home": "主页", + "home-help": "客户端首页的URL,将显示给用户", + "hours": "小时", + "id": "ID:", + "id-token-crypto-algorithm": "身份令牌加密算法", + "id-token-crypto-method": "身份令牌加密方法", + "id-token-signing-algorithm": "身份令牌签名算法", + "id-token-timeout": "身份令牌超时", + "implicit": "隐式的", + "initiate-login": "初始化登录", + "initiate-login-help": "启动登录客户端的URL", + "introspection": "自省", + "jwk-set": "公钥集", + "jwk-set-help": "客户端JSON Web Key集的URL (须可被服务器访问)", + "jwk-set-value-help": "客户端JSON Web Key集的URL (须可被服务器访问)", + "main": "首要", + "max-age": "默认最长有效时间", + "max-age-help": "再提示之前的默认最长会话有效时间", + "minutes": "分钟", + "new": "新客户端", + "other": "其它", + "pairwise": "Pairwise对", + "password": "密码", + "policy": "政策声明", + "policy-help": "此客户端的政策声明链接,将显示给用户", + "post-logout": "注销后重定向", + "post-logout-help": "客户端注销操作后的重定向URL", + "public": "公共", + "redelegation": "重新授权", + "redirect-uris": "重定向URI", + "redirect-uris-help": "在授权页面之后客户端重定向URI", + "claims-redirect-uris": "声明重定向URI", + "claims-redirect-uris-help": "在声明收集步骤之后浏览器跳转至的目的地址", + "refresh": "刷新", + "refresh-tokens": "刷新令牌", + "refresh-tokens-issued": "为此客户端发布的刷新令牌", + "refresh-tokens-issued-help": "这将把 offline_access 加入客户端的范围。", + "refresh-tokens-reused": "此客户端的刷新令牌被重用", + "clear-access-tokens": "当刷新令牌用过之后,已激活的访问令牌自动失效", + "refresh-tokens-no-expire": "刷新令牌尚未过期", + "registered": "注册于", + "registration-token": "注册令牌:", + "registration-access-token": "注册访问令牌", + "registration-token-error": "无法为此客户端下载注册访问令牌。", + "request-object-signing-algorithm": "请求对象签名算法", + "request-uri": "请求的URI", + "request-uri-help": "URI包含此客户端使用的请求对象", + "require-auth-time": "需要身份认证时间(auth_time)", + "require-auth-time-label": "总是需要在身份令牌中包含auth_time声明", + "response-types": "响应类型", + "rotate-registration-token": "旋转注册令牌", + "rotate-registration-token-confirm": "你确定你想旋转这个客户端的登录令牌?", + "rotate-registration-token-error": "无法旋转该客户端的注册访问令牌。", + "saved": { + "no-secret": "没有客户端密钥", + "saved": "客户端已保存", + "secret": "密钥:", + "show-secret": "显示密钥", + "unchanged": "不变" + }, + "scope-placeholder": "新范围", + "scope-help": "OAuth范围允许客户端请求", + "seconds": "秒", + "secret-asymmetric-jwt": "非对称签名JWT断言", + "secret-http": "客户端密钥经由HTTP Basic", + "secret-none": "没有认证", + "secret-post": "客户端密钥经由HTTP POST", + "secret-symmetric-jwt": "客户端密钥经由对称签名JWT断言", + "sector-identifier": "扇区标识符URI", + "signing": { + "any": "允许", + "default": "使用服务器默认", + "es256": "ECDSA采用P-256曲线和SHA-256哈希算法", + "es384": "ECDSA采用P-384曲线及SHA-384哈希算法", + "es512": "ECDSA采用P-512曲线及SHA-512哈希算法", + "hs256": "HMAC使用SHA-256哈希算法", + "hs384": "HMAC使用SHA-384哈希算法", + "hs512": "HMAC使用SHA-512哈希算法", + "none": "没有数字签名", + "rs256": "RSASSA使用SHA-256哈希算法", + "rs384": "RSASSA采用SHA-384哈希算法", + "rs512": "RSASSA使用SHA-512哈希算法", + "ps256": "采用SHA-256和MGF1的RSASSA-PSS算法", + "ps384": "采用SHA-384和MGF1的RSASSA-PSS算法", + "ps512": "采用SHA-512和MGF1的RSASSA-PSS算法" + }, + "subject-type": "主体类型", + "terms": "服务条款", + "terms-help": "此客户服务条款的URL,将向用户显示", + "token-signing-algorithm": "令牌端点认证签名算法", + "tokens": "令牌", + "type": "应用类型", + "type-native": "原生应用", + "type-web": "网络应用", + "unknown": "(未知)", + "user-info-crypto-algorithm": "用户信息端点加密算法", + "user-info-crypto-method": "用户信息端点加密方法", + "user-info-signing-algorithm": "用户信息端点签名算法" + }, + "client-table": { + "allow-introspection-tooltip": "这个客户端可以执行令牌自省", + "confirm": "你确定要删除这个客户端?", + "dynamically-registered-tooltip": "这个客户端是动态注册的。点击查看注册访问令牌", + "match": { + "contacts": "联系人", + "description": "描述", + "homepage": "主页", + "id": "身份", + "name": "名称", + "policy": "政策", + "redirect": "重定向URI", + "scope": "范围", + "terms": "服务条款" + }, + "matched-search": "匹配搜索:", + "new": "新客户端", + "no-clients": "此服务器上没有注册的客户端。", + "no-matches": "没有匹配搜索条件的客户端。", + "no-redirect": "没有重定向URI", + "registered": "注册于", + "search": "搜索……", + "whitelist": "白名单", + "unknown": "一个未知的时间" + }, + "manage": "管理客户端", + "more-info": { + "contacts": "管理员联系方式:", + "home": "主页", + "more": "更多信息", + "policy": "政策", + "terms": "服务条款:" + }, + "newClient": "新客户端" + }, + "common": { + "cancel": "取消", + "client": "客户端", + "clients": "客户端", + "close": "关闭", + "delete": "删除", + "description": "描述", + "dynamically-registered": "这个客户端是动态注册的", + "edit": "编辑", + "expires": "到期:", + "information": "信息", + "new": "新建", + "not-yet-implemented": "未实现", + "not-yet-implemented-content": "这个字段的值将于客户端保存,但服务器目前不处理任何事情。服务器的未来库版本将利用它。", + "revoke": "撤销", + "save": "保存", + "scopes": "范围", + "statistics": "统计", + "refresh": "刷新", + "scope": "范围", + "users": "用户", + "user": "用户", + "roles": "角色", + "role": "角色", + "email": "电子邮箱", + "active": "已激活", + "inactive": "未激活" + }, + "dynreg": { + "client-id-placeholder": "输入客户端ID", + "configuration-url": "客户端配置URL", + "edit-dynamically-registered": "编辑动态注册的客户端", + "edit-existing": "编辑一个现有的客户端", + "edit-existing-help": "用于编辑之前已注册的客户端。粘贴您的客户端ID和注册访问令牌,以便访问该客户端。", + "edit-existing-button": "编辑客户端", + "invalid-access-token": "无效的客户端或注册访问令牌。", + "new-client": "注册新客户端", + "new-client-help": "用于注册新的客户端。请提供客户端ID和注册访问令牌,以便管理您的客户端。", + "new-client-button": "新建客户端", + "regtoken-placeholder": "输入注册访问令牌", + "warning": "警告!你必须保护好客户端ID 客户密钥(如果提供),以及您的注册访问令牌。如果你丢失了客户端ID或注册访问令牌,将无法访问您的客户端注册记录,你需要注册一个新客户端。", + "will-be-generated": "当保存客户端信息将由服务器生成" + }, + "grant": { + "manage-approved-sites": "管理批准的网站", + "refresh": "刷新", + "grant-table": { + "active-tokens": "当前活跃的访问令牌数量", + "application": "应用程序", + "approved-sites": "许可站点", + "authorized": "授权:", + "dynamically-registered": "这个客户端是动态注册的", + "expires": "到期:", + "last-accessed": "上次访问:", + "never": "从未", + "no-sites": "还未批准任何网站。", + "no-whitelisted": "还未访问任何白名单的网站。", + "pre-approved": "这些都是预先由管理员批准的网站。", + "text": "这些都是您已经手动批准的网站。如果同一网站将来要进行同样的访问,它将直接通过、且没有提示。", + "unknown": "未知", + "whitelist-note": "注:如果你在此撤销它们,它们将在您下次访问时不经提示即被自动重新批准。", + "whitelisted-site": "这个网站由管理员列入白名单中", + "whitelisted-sites": "白名单的网站" + } + }, + "rsreg": { + "resource-id-placeholder": "输入资源ID", + "configuration-url": "客户端配置URL", + "edit": "编辑受保护的资源", + "edit-existing": "编辑现有的保护资源", + "edit-existing-help": "用于编辑之前已注册的资源。请提供您的客戶端ID和注册访问令牌来访问资源的属性。", + "edit-existing-button": "编辑资源", + "invalid-access-token": "无效的客户端或注册访问令牌。", + "new-client": "注册新的受保护资源", + "new-client-help": "用于注册新的资源。请提供客户端ID和注册访问令牌,以便管理您的资源。", + "new-client-button": "新建资源", + "regtoken-placeholder": "输入注册访问令牌", + "will-be-generated": "当保存资源信息将由服务器生成", + "warning": "警告!你必须保护好客户端ID 客户密钥(如果提供),以及注册访问令牌。如果丢失了客户端ID或注册访问令牌,将无法再次获得您的客户端注册记录,你需要注册一个新客户端。", + "client-form": { + "scope-help": "这个资源能够自省令牌的范围。" + } + }, + "scope": { + "manage": "管理系统范围", + "scope-list": { + "no-scopes": "没有范围" + }, + "system-scope-form": { + "default": "默认范围", + "default-help": "新创建的用户默认情况下获得这个范围?", + "description-help": "人类可读的文本描述", + "description-placeholder": "输入说明", + "restricted": "限制", + "restricted-help": "限制范围只能由系统管理员使用,可用动态注册客户和保护资源", + "edit": "编辑范围", + "icon": "图标", + "new": "新范围", + "select-icon": "选择图标", + "structured": "是一个结构化的范围", + "structured-help": "范围结构化是否包含如base:extension的结构化值?", + "structured-param-help": "人类可读的结构化参数描述", + "subject-type": "主体类型", + "value": "范围值", + "value-help": "不含空格的单个字符串", + "value-placeholder": "范围" + }, + "system-scope-table": { + "confirm": "你确定要删除此范围?引用了此范围的客户端还需要它。", + "new": "新范围", + "text": "尚未定义系统范围。客户可自定义范围。", + "tooltip-restricted": "此范围只能由管理员使用。它不能用于动态注册。", + "tooltip-default": "这个范围将自动分配给新注册的客户。" + } + }, + "token": { + "manage": "管理活动的令牌", + "token-table": { + "access-tokens": "访问令牌", + "associated-id": "这个访问令牌附带相关的身份令牌。", + "associated-refresh": "这个访问令牌附带相关的刷新令牌。", + "click-to-display": "点击显示完整的令牌值", + "confirm": "你确定要撤销这个令牌?", + "confirm-refresh": "你确定要撤销这个刷新令牌及其相关的访问令牌?", + "expires": "过期", + "no-access": "没有活动的访问令牌。", + "no-refresh": "没有活动的刷新令牌。", + "number-of-tokens": "关联的访问令牌数量", + "refresh-tokens": "刷新令牌", + "text": "访问令牌通常是短暂的,供客户端访问特定的资源。身份令牌是采用OpenID Connect协议登录的、专门的访问令牌。", + "text-refresh": "刷新令牌通常是长期的,以便客户端能无需用户介入即可获取新的访问令牌。", + "token-info": "令牌的信息" + } + }, + "whitelist": { + "confirm": "你确定要删除这个白名单项?", + "edit": "编辑白名单", + "manage": "管理列入白名单的网站", + "new": "新白名单", + "whitelist": "白名单", + "whitelist-form": { + "allowed-scopes": "允许范围", + "edit": "编辑白名单的网站", + "new": "新增白名单网站", + "scope-help": "当客户端发出请求列表时将自动批准的范围", + "scope-placeholder": "新范围" + }, + "whitelist-table": { + "no-sites": "白名单列表为空。使用白名单按钮在客户端管理页面创建一个。" + } + }, + "blacklist": { + "text": "被拉黑的网站URI将无法用做注册客户端的重定向地址(无论是在管理界面中添加、还是动态注册,都不会成功)。", + "blacklist-uri-placeholder": "要拉黑的网站URI", + "add": "将网站URI加入黑名单", + "empty": "当前黑名单为空", + "uri": "URI" + }, + "copyright": "基于MITREid Connect {0}技术构建 © 2016 MITRE公司及MIT因特网信任联盟.", + "about": { + "title": "关于", + "body": "\n此OpenID Connect服务基于开源的MITREid Connect项目,该项目来自 \nMITRE公司MIT因特网信任联盟。\n

\n

\n有关项目的更多信息可见 \nGitHub上的MITREid Connect项目。 \n在那儿,您可以提交bug报告、提交反馈甚或提交代码补丁。" + }, + "statistics": { + "title": "统计", + "number_users": "用户数: {0}", + "number_clients": "授权的客户端: {0}", + "number_approvals": "已批准的站点: {0}" + }, + "home": { + "title": "首页", + "welcome": { + "title": "欢迎!", + "body": "\nOpenID Connect是适于因特网部署的身份联邦认证服务器,基于OAuth2授权框架之上的OpenID Connect技术构建。\nOpenID Connect让您无需暴露自己的用户名、密码即可便捷登录网站。

\n

了解更多信息»" + }, + "more": "更多", + "about": { + "title": "关于", + "body": "本服务基于开源的MITREid Connect项目,该项目来自 \nMITRE公司MIT因特网信任联盟。" + }, + "contact": { + "title": "联系方式", + "body": "\n如需更多的信息和支持,请联系本系统的管理员。

\n

电子信箱 »" + }, + "statistics": { + "title": "当前统计", + "loading": "加载……", + "number_users": "用户数: {0}", + "number_clients": "授权的客户端: {0}", + "number_approvals": "已批准的站点: {0}" + } + }, + "contact": { + "title": "联系方式", + "body": "如果要报告有关MITREid Connect软件自身的bug,请访问\nGitHub issue追踪系统。 \n有关当前服务器的问题,请联系服务器管理员。" + }, + "topbar": { + "about": "关于", + "contact": "联系方式", + "statistics": "统计", + "home": "首页", + "login": "登录", + "logout": "注销" + }, + "sidebar": { + "administrative": { + "title": "管理", + "manage_clients": "管理客户端", + "whitelisted_clients": "白名单", + "blacklisted_clients": "黑名单", + "system_scopes": "系统范围" + }, + "personal": { + "title": "个人", + "approved_sites": "管理批准的网站", + "active_tokens": "管理活动的令牌", + "profile_information": "查看用户信息" + }, + "developer": { + "title": "开发者自助服务", + "client_registration": "客户端注册", + "resource_registration": "保护资源注册" + } + }, + "manage": { + "ok": "好的", + "loading": "加载", + "title": "管理控制台" + }, + "approve": { + "dynamically-registered-unknown": "在一个未知的时间", + "title": "批准访问", + "error": { + "not_granted": "访问可能不获批准。" + }, + "required_for": "有待批准", + "dynamically_registered": "此客户端已被动态注册了{0}次。", + "caution": { + "title": "注意", + "message": { + "none": "它之前从未被批准。", + "singular": "它之前已被批准了{0}次。", + "plural": "它之前已被批准了{0}次。" + } + }, + "more_information": "更多信息", + "home_page": "主页", + "policy": "政策", + "terms": "服务条款", + "contacts": "管理人员", + "warning": "警告", + "no_redirect_uri": "该客户端没有注册任何重定向URI,可能被使用恶意的URI。", + "redirect_uri": "如果点击批准,您将被重定向至如下页面: {0}", + "pairwise": "该客户端使用pairwise标识符,这使得在不同站点间关联身份变得稍加困难。", + "no_scopes": "该客户端没有注册任何范围,因此允许请求系统可用的any(任意)范围。请务必谨慎处理。", + "access_to": "访问", + "remember": { + "title": "记住这个决定", + "until_revoke": "记住这个决定直到我撤销", + "one_hour": "记住该决定一个小时", + "next_time": "下次再提醒我" + }, + "do_authorize": "是否授权", + "label": { + "authorize": "授权", + "deny": "拒绝" + } + }, + "error": { + "title": "错误", + "header": "错误:", + "message": "在处理您的请求过程中发生了错误。服务器信息为:" + }, + "login": { + "login_with_username_and_password": "请使用您的用户名及密码登录", + "username": "用户名", + "password": "密码", + "login-button": "登录", + "error": "登录失败。请重试。" + } +} diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_TW/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_TW/messages.json index 5534d5e1b..e1a3a1c14 100644 --- a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_TW/messages.json +++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_TW/messages.json @@ -1,490 +1,487 @@ -{ - "admin": { - "blacklist": "黑名單", - "blacklist-form": { - "blacklisted-uris": "列入黑名單的URI" - }, - "home": "首頁", - "list-widget": { - "empty": "此列表為空。", - "tooltip": "單擊顯示全部值。" - }, - "manage-blacklist": "管理列入黑名單的客戶端", - "self-service-client": "自助服務-客戶端註冊", - "self-service-resource": "自助服務-受保護資源註冊", - "user-profile": { - "claim": "聲明項", - "show": "查看用戶資訊", - "text": "您的用戶資訊如下:", - "value": "內容" - } - }, - "client": { - "client-form": { - "access": "訪問", - "access-token-no-timeout": "訪問令牌不時間", - "access-token-timeout": "訪問令牌超時", - "access-token-timeout-help": "輸入時間(秒、分鐘或小時)。", - "acr-values": "默認ACR值", - "acr-values-placeholder": "新的ACR值", - "acr-values-help": "用於請求該客戶端的默認身份驗證上下文參考", - "allow-introspection": "允許調用內省端點?", - "authentication-method": "令牌端點認證方法", - "authorization-code": "授權碼", - "client-credentials": "客戶端憑證", - "client-description": "描述", - "client-description-help": "人類可讀的文本描述", - "client-description-placeholder": "填入說明描述", - "client-id": "客戶端ID", - "client-id-help": "唯一標識符。如果不填則系統會自動生成一個。", - "client-id-placeholder": "輸入一些字符", - "client-name": "客戶端名稱", - "client-name-help": "人類可讀的應用程式名稱", - "client-name-placeholder": "輸入一些字符", - "client-secret": "客戶端密鑰", - "client-secret-placeholder": "輸入密鑰", - "contacts": "聯繫人", - "contacts-help": "此客戶端管理員的聯繫人名單。", - "contacts-placeholder": "新聯繫人", - "credentials": "憑據", - "crypto": { - "a128cbc-hs256": "複合認證加密算法,採用密碼塊鏈(CBC)模式AES,以PKCS #5填充,完整性計算使用HMAC SHA-256,並使用256位的CMK(和128位CEK)", - "a256cbc-hs512": "複合認證加密算法,採用密碼塊鏈(CBC)模式AES,以PKCS #5填充,完整性計算使用HMAC SHA-512,並使用512位的CMK(和256位CEK)", - "a128gcm": "AES GCM使用128位的密鑰", - "a256gcm": "AES GCM使用256位的密鑰", - "a128kw": "AES密鑰封裝算法使用128位的密鑰", - "a256kw": "AES密鑰封裝算法使用256位的密鑰", - "default": "使用伺服器默認", - "dir": "直接使用一個共享對稱密鑰作為塊加密的內容主密鑰(CMK)", - "ecdh-es": "橢圓曲線Diffie-Hellman短時靜態密鑰協議(使用Concat KDF),商定的密鑰被直接用作內容主密鑰(CMK)", - "ecdh-es-a128kw": "橢圓曲線Diffie-Hellman短時靜態密鑰協議(使用ECDH-ES和第4.7小節),但商定的密鑰是用以A128KW函數封裝內容主密鑰(CMK)", - "ecdh-es-a256kw": "橢圓曲線Diffie-Hellman短時靜態密鑰協議(使用ECDH-ES和第4.7小節),但商定的密鑰是用以A256KW函數封裝內容主密鑰(CMK)", - "none": "不加密", - "rsa-oaep": "RSAES使用最優不對稱加密填充(OAEP)", - "rsa1-5": "RSAES-PKCS1-V1_5" - }, - "cryptography": "密碼", - "display-secret": "顯示/編輯客戶端密鑰:", - "edit": "編輯客戶端", - "generate-new-secret": "生成一個新的客戶端密鑰嗎?", - "generate-new-secret-help": "當點擊「保存」時生成新的密鑰", - "generate-on-save": "保存時生成", - "grant-types": "批准的類型", - "home": "主頁", - "home-help": "客戶端首頁的URL,將顯示給用戶", - "hours": "小時", - "id": "ID:", - "id-token-crypto-algorithm": "身份令牌加密算法", - "id-token-crypto-method": "身份令牌加密方法", - "id-token-signing-algorithm": "身份令牌簽名算法", - "id-token-timeout": "身份令牌超時", - "implicit": "隱式的", - "initiate-login": "初始化登入", - "initiate-login-help": "啟動登入客戶端的URL", - "introspection": "自省", - "jwk-set": "公鑰集", - "jwk-set-help": "客戶端JSON Web Key集的URL (須可被伺服器訪問)", - "jwk-set-value-help": "客戶端JSON Web Key集的URL (須可被伺服器訪問)", - "logo": "標誌(Logo)", - "logo-help": "標誌(Logo)圖像的URL,將顯示在批准頁", - "main": "首要", - "max-age": "默認最長有效時間", - "max-age-help": "再提示之前的默認最長會話有效時間", - "minutes": "分鐘", - "new": "新客戶端", - "other": "其它", - "pairwise": "Pairwise對", - "password": "密碼", - "policy": "政策聲明", - "policy-help": "此客戶端的政策聲明連接,將顯示給用戶", - "post-logout": "登出後重定向", - "post-logout-help": "客戶端登出操作後的重定向URL", - "public": "公共", - "redelegation": "重新授權", - "redirect-uris": "重定向URI", - "redirect-uris-help": "在授權頁面之後客戶端重定向URI", - "claims-redirect-uris": "聲明重定向URI", - "claims-redirect-uris-help": "在聲明採集步驟之後瀏覽器需重定向的目標URI", - "refresh": "刷新", - "refresh-tokens": "刷新令牌", - "refresh-tokens-issued": "為此客戶端發佈的刷新令牌", - "refresh-tokens-issued-help": "這將把 offline_access 加入客戶端的範圍。", - "refresh-tokens-reused": "此客戶端的刷新令牌被重用", - "clear-access-tokens": "當刷新令牌用過之後,已激活的訪問令牌自動失效", - "refresh-tokens-no-expire": "刷新令牌尚未過期", - "registered": "註冊於", - "registration-token": "註冊令牌:", - "registration-access-token": "註冊訪問令牌", - "registration-token-error": "無法為此客戶端下載註冊訪問令牌。", - "request-object-signing-algorithm": "請求對像簽名算法", - "request-uri": "請求的URI", - "request-uri-help": "URI包含此客戶端使用的請求對像", - "require-auth-time": "需要身份認證時間(auth_time)", - "require-auth-time-label": "總是需要在身份令牌中包含auth_time聲明", - "response-types": "回應類型", - "rotate-registration-token": "旋轉註冊令牌", - "rotate-registration-token-confirm": "你確定你想旋轉這個客戶端的登入令牌?", - "rotate-registration-token-error": "無法旋轉該客戶端的註冊訪問令牌。", - "saved": { - "no-secret": "沒有客戶端密鑰", - "saved": "客戶端已保存", - "secret": "密鑰:", - "show-secret": "顯示密鑰", - "unchanged": "不變" - }, - "scope-placeholder": "新範圍", - "scope-help": "OAuth範圍允許客戶端請求", - "seconds": "秒", - "secret-asymmetric-jwt": "非對稱簽名JWT斷言", - "secret-http": "客戶端密鑰經由HTTP Basic", - "secret-none": "沒有認證", - "secret-post": "客戶端密鑰經由HTTP POST", - "secret-symmetric-jwt": "客戶端密鑰經由對稱簽名JWT斷言", - "sector-identifier": "扇區標識符URI", - "signing": { - "any": "允許", - "default": "使用伺服器默認", - "es256": "ECDSA採用P-256曲線和SHA-256哈希算法", - "es384": "ECDSA採用P-384曲線及SHA-384哈希算法", - "es512": "ECDSA採用P-512曲線及SHA-512哈希算法", - "hs256": "HMAC使用SHA-256哈希算法", - "hs384": "HMAC使用SHA-384哈希算法", - "hs512": "HMAC使用SHA-512哈希算法", - "none": "沒有數字簽名", - "rs256": "RSASSA使用SHA-256哈希算法", - "rs384": "RSASSA採用SHA-384哈希算法", - "rs512": "RSASSA使用SHA-512哈希算法", - "ps256": "採用SHA-256和MGF1的RSASSA-PSS算法", - "ps384": "採用SHA-384和MGF1的RSASSA-PSS算法", - "ps512": "採用SHA-512和MGF1的RSASSA-PSS算法" - }, - "subject-type": "主體類型", - "terms": "服務條款", - "terms-help": "此客戶服務條款的URL,將向用戶顯示", - "token-signing-algorithm": "令牌端點認證簽名算法", - "tokens": "令牌", - "type": "應用類型", - "type-native": "原生應用", - "type-web": "網絡應用", - "unknown": "(未知)", - "user-info-crypto-algorithm": "用戶資訊端點加密算法", - "user-info-crypto-method": "用戶資訊端點加密方法", - "user-info-signing-algorithm": "用戶資訊端點簽名算法" - }, - "client-table": { - "allow-introspection-tooltip": "這個客戶端可以執行令牌自省", - "confirm": "你確定要刪除這個客戶端?", - "dynamically-registered-tooltip": "這個客戶端是動態註冊的。點擊查看註冊訪問令牌", - "match": { - "contacts": "聯繫人", - "description": "描述", - "homepage": "主頁", - "id": "身分", - "logo": "標誌", - "name": "名稱", - "policy": "政策", - "redirect": "重定向URI", - "scope": "範圍", - "terms": "服務條款" - }, - "matched-search": "匹配搜索:", - "new": "新客戶端", - "no-clients": "此伺服器上沒有註冊的客戶端。", - "no-matches": "沒有匹配搜索條件的客戶端。", - "no-redirect": "沒有重定向URI", - "registered": "註冊於", - "search": "搜索……", - "whitelist": "白名單", - "unknown": "一個未知的時間" - }, - "manage": "管理客戶端", - "more-info": { - "contacts": "管理員聯繫方式:", - "home": "主頁", - "more": "更多資訊", - "policy": "政策", - "terms": "服務條款:" - }, - "newClient": "新客戶端" - }, - "common": { - "cancel": "取消", - "client": "客戶端", - "clients": "客戶端", - "close": "關閉", - "delete": "刪除", - "description": "描述", - "dynamically-registered": "這個客戶端是動態註冊的", - "edit": "編輯", - "expires": "到期:", - "information": "資訊", - "new": "新建", - "not-yet-implemented": "未實現", - "not-yet-implemented-content": "這個字段的值將於客戶端保存,但伺服器目前不處理任何事情。伺服器的未來庫版本將利用它。", - "revoke": "撤銷", - "save": "保存", - "scopes": "範圍", - "statistics": "統計", - "refresh": "刷新", - "scope": "範圍", - "users": "用戶", - "user": "用戶", - "roles": "角色", - "role": "角色", - "email": "電子郵箱", - "active": "已激活", - "inactive": "未激活" - }, - "dynreg": { - "client-id-placeholder": "輸入客戶端ID", - "configuration-url": "客戶端配置URL", - "edit-dynamically-registered": "編輯動態註冊的客戶端", - "edit-existing": "編輯一個現有的客戶端", - "edit-existing-help": "用於編輯之前已註冊的客戶端。粘貼您的客戶端ID和註冊訪問令牌,以便訪問該客戶端。", - "edit-existing-button": "編輯客戶端", - "invalid-access-token": "無效的客戶端或註冊訪問令牌。", - "new-client": "註冊新客戶端", - "new-client-help": "用於註冊新的客戶端。請提供客戶端ID和註冊訪問令牌,以便管理您的客戶端。", - "new-client-button": "新建客戶端", - "regtoken-placeholder": "輸入註冊訪問令牌", - "warning": "警告!你必須保護好客戶端ID 客戶密鑰(如果提供),以及您的註冊訪問令牌。如果你丟失了客戶端ID或註冊訪問令牌,將無法訪問您的客戶端註冊記錄,你需要註冊一個新客戶端。", - "will-be-generated": "當存儲客戶端資訊時將由伺服器自動生成" - }, - "grant": { - "manage-approved-sites": "管理批准的網站", - "refresh": "刷新", - "grant-table": { - "active-tokens": "當前活躍的訪問令牌數量", - "application": "應用程式", - "approved-sites": "許可站點", - "authorized": "授權:", - "dynamically-registered": "這個客戶端是動態註冊的", - "expires": "到期:", - "last-accessed": "上次訪問:", - "never": "從未", - "no-sites": "還未批准任何網站。", - "no-whitelisted": "還未訪問任何白名單的網站。", - "pre-approved": "這些都是預先由管理員批准的網站。", - "text": "這些都是您已經手動批准的網站。如果同一網站將來要進行同樣的訪問,它將直接通過、且沒有提示。", - "unknown": "未知", - "whitelist-note": "註:如果你在此撤銷它們,它們將在您下次訪問時不經提示即被自動重新批准。", - "whitelisted-site": "這個網站由管理員列入白名單中", - "whitelisted-sites": "白名單的網站" - } - }, - "rsreg": { - "resource-id-placeholder": "輸入資源ID", - "configuration-url": "客戶端配置URL", - "edit": "編輯受保護的資源", - "edit-existing": "編輯現有的保護資源", - "edit-existing-help": "用於編輯之前已註冊的資源。請使用您的客戶端ID和註冊訪問令牌來訪問資源的屬性。", - "edit-existing-button": "編輯資源", - "invalid-access-token": "無效的客戶端或註冊訪問令牌。", - "new-client": "註冊新的受保護資源", - "new-client-help": "用於註冊新的資源。請提供客戶端ID和註冊訪問令牌,以便管理您的資源。", - "new-client-button": "新建資源", - "regtoken-placeholder": "輸入註冊訪問令牌", - "will-be-generated": "將生成", - "warning": "警告!你必須保護好客戶端ID 客戶密鑰(如果提供),以及註冊訪問令牌。如果丟失了客戶端ID或註冊訪問令牌,將無法獲得您客戶端的登記記錄,你需要註冊一個新客戶端。", - "client-form": { - "scope-help": "這個資源能夠自省令牌的範圍。" - } - }, - "scope": { - "manage": "管理系統範圍", - "scope-list": { - "no-scopes": "沒有範圍" - }, - "system-scope-form": { - "default": "默認範圍", - "default-help": "新創建的用戶默認情況下獲得這個範圍?", - "description-help": "人類可讀的文本描述", - "description-placeholder": "輸入說明", - "restricted": "限制", - "restricted-help": "限制範圍衹能由系統管理員使用,可用動態註冊客戶和保護資源", - "edit": "編輯範圍", - "icon": "圖標", - "new": "新範圍", - "select-icon": "選擇圖標", - "structured": "是一個結構化的範圍", - "structured-help": "範圍結構化是否包含如base:extension的結構化值?", - "structured-param-help": "人類可讀的結構化參數描述", - "subject-type": "主體類型", - "value": "範圍值", - "value-help": "不含空格的單個字符串", - "value-placeholder": "範圍" - }, - "system-scope-table": { - "confirm": "你確定要刪除此範圍?引用了此範圍的客戶端還需要它。", - "new": "新範圍", - "text": "尚未定義系統範圍。客戶還可自定義範圍。", - "tooltip-restricted": "此範圍衹能由管理員使用。它不能用於動態註冊。", - "tooltip-default": "這個範圍將自動分配給新註冊的客戶。" - } - }, - "token": { - "manage": "管理活動的令牌", - "token-table": { - "access-tokens": "訪問令牌", - "associated-id": "這個訪問令牌附帶相關的身份令牌。", - "associated-refresh": "這個訪問令牌附帶相關的刷新令牌。", - "click-to-display": "點擊顯示完整的令牌值", - "confirm": "你確定要撤銷這個令牌?", - "confirm-refresh": "你確定要撤銷這個刷新令牌及其相關的訪問令牌?", - "expires": "過期", - "no-access": "沒有活動的訪問令牌。", - "no-refresh": "沒有活動的刷新令牌。", - "number-of-tokens": "關聯的訪問令牌數量", - "refresh-tokens": "刷新令牌", - "text": "訪問令牌通常是短暫的,供客戶端訪問特定的資源。身份令牌是採用OpenID Connect協議登入的、專門的訪問令牌。", - "text-refresh": "刷新令牌通常是長期的,以便客戶端能無需用戶介入即可獲取新的訪問令牌。", - "token-info": "令牌的資訊" - } - }, - "whitelist": { - "confirm": "你確定要刪除這個白名單項?", - "edit": "編輯白名單", - "manage": "管理列入白名單的網站", - "new": "新白名單", - "whitelist": "白名單", - "whitelist-form": { - "allowed-scopes": "允許範圍", - "edit": "編輯白名單的網站", - "new": "新增白名單網站", - "scope-help": "當客戶端發出請求列表時將自動批准的範圍", - "scope-placeholder": "新範圍" - }, - "whitelist-table": { - "no-sites": "白名單列表為空。使用白名單按鈕在客戶端管理頁面創建一個。" - } - }, - "blacklist": { - "text": "被拉黑的網站URI將無法用於註冊客戶端的重定向地址(無論是在管理介面中添加、還是動態註冊,都不行)。", - "blacklist-uri-placeholder": "要拉黑的網站URI", - "add": "將網站URI加入黑名單", - "empty": "當前黑名單為空", - "uri": "URI" - }, - "copyright": "基於MITREid Connect {0}技術構建 © 2016 MITRE公司及MIT因特網信任聯盟。", - "about": { - "title": "關於", - "body": "\n此OpenID Connect服務基於開源的MITREid Connect專案,該專案來自 \nMITRE公司MIT因特網信任聯盟。\n

\n

\n有關該專案的更多資訊可見 \nGitHub上的MITREid Connect專案。 \n您可以在該網站報告bug、提交意見及代碼補丁。" - }, - "statistics": { - "title": "統計", - "number_users": "用戶數: {0}", - "number_clients": "授權的客戶端: {0}", - "number_approvals": "已批准的站點: {0}" - }, - "home": { - "title": "首頁", - "welcome": { - "title": "歡迎!", - "body": "\nOpenID Connect是適於因特網部署的身分聯邦認證伺服器,基於OAuth2授權框架之上的OpenID Connect技術構建。\nOpenID Connect讓您無需暴露自己的用戶名、密碼即可便捷登入網站。

\n

在此瞭解更多詳情»" - }, - "more": "更多", - "about": { - "title": "關於", - "body": "本服務基於開源的MITREid Connect專案,該專案來自 \nMITRE公司MIT因特網信任聯盟。" - }, - "contact": { - "title": "聯繫方式", - "body": "\n如需更多的資訊和支持,請聯繫本系統的管理員。

\n

電子信箱 »" - }, - "statistics": { - "title": "當前統計", - "loading": "加載……", - "number_users": "用戶數: {0}", - "number_clients": "授權的客戶端: {0}", - "number_approvals": "已批准的站點: {0}" - } - }, - "contact": { - "title": "聯繫方式", - "body": "如果要報告有關MITREid Connect軟體自身的bug,請拜訪\nGitHub issue追蹤系統。 \n有關當前伺服器的問題,請聯繫伺服器的管理者。" - }, - "topbar": { - "about": "關於", - "contact": "聯繫方式", - "statistics": "統計", - "home": "首頁", - "login": "登入", - "logout": "登出" - }, - "sidebar": { - "administrative": { - "title": "管理", - "manage_clients": "管理客戶端", - "whitelisted_clients": "白名單", - "blacklisted_clients": "黑名單", - "system_scopes": "系統範圍" - }, - "personal": { - "title": "個人", - "approved_sites": "管理批准的網站", - "active_tokens": "管理活動的令牌", - "profile_information": "查看用戶資訊" - }, - "developer": { - "title": "開發者自助服務", - "client_registration": "客戶端註冊", - "resource_registration": "保護資源註冊" - } - }, - "manage": { - "ok": "好的", - "loading": "加載", - "title": "管理控制檯" - }, - "approve": { - "dynamically-registered-unknown": "在一個未知的時間", - "title": "批准訪問", - "error": { - "not_granted": "訪問可能不獲批准。" - }, - "required_for": "有待批准", - "dynamically_registered": "此客戶端已被動態註冊了{0}次。", - "caution": { - "title": "注意", - "message": { - "none": "它之前從未被批准。", - "singular": "它之前已被批准了{0}次。", - "plural": "它之前已被批准了{0}次。" - } - }, - "more_information": "更多資訊", - "home_page": "主頁", - "policy": "政策", - "terms": "服務條款", - "contacts": "管理人員", - "warning": "警告", - "no_redirect_uri": "該客戶端沒有註冊任何重定向URI,可能被使用惡意的URI。", - "redirect_uri": "如果點擊批准,您將被重定向至如下頁面: {0}", - "pairwise": "該客戶端使用pairwise標識符,這使得在不同站點間關聯身份變得稍加困難。", - "no_scopes": "該客戶端沒有註冊任何範圍,因此允許請求系統可用的any(任意)範圍。請務必謹慎處理。", - "access_to": "訪問", - "remember": { - "title": "記住這個決定", - "until_revoke": "記住這個決定直到我撤銷", - "one_hour": "記住該決定一個小時", - "next_time": "下次再提醒我" - }, - "do_authorize": "是否授權", - "label": { - "authorize": "授權", - "deny": "拒絕" - } - }, - "error": { - "title": "錯誤", - "header": "錯誤:", - "message": "在處理您的請求過程中發生了錯誤。伺服器日誌為:" - }, - "login": { - "login_with_username_and_password": "請用您的用戶名和密碼登入", - "username": "用戶名", - "password": "密碼", - "login-button": "登入", - "error": "登入失敗,請重試。" - } -} \ No newline at end of file +{ + "admin": { + "blacklist": "黑名單", + "blacklist-form": { + "blacklisted-uris": "列入黑名單的URI" + }, + "home": "首頁", + "list-widget": { + "empty": "此列表為空。", + "tooltip": "單擊顯示全部值。" + }, + "manage-blacklist": "管理列入黑名單的客戶端", + "self-service-client": "自助服務-客戶端註冊", + "self-service-resource": "自助服務-受保護資源註冊", + "user-profile": { + "claim": "聲明項", + "show": "查看用戶資訊", + "text": "您的用戶資訊如下:", + "value": "內容" + } + }, + "client": { + "client-form": { + "access": "訪問", + "access-token-no-timeout": "訪問令牌不時間", + "access-token-timeout": "訪問令牌超時", + "access-token-timeout-help": "輸入時間(秒、分鐘或小時)。", + "acr-values": "默認ACR值", + "acr-values-placeholder": "新的ACR值", + "acr-values-help": "用於請求該客戶端的默認身份驗證上下文參考", + "allow-introspection": "允許調用內省端點?", + "authentication-method": "令牌端點認證方法", + "authorization-code": "授權碼", + "client-credentials": "客戶端憑證", + "client-description": "描述", + "client-description-help": "人類可讀的文本描述", + "client-description-placeholder": "填入說明描述", + "client-id": "客戶端ID", + "client-id-help": "唯一標識符。如果不填則系統會自動生成一個。", + "client-id-placeholder": "輸入一些字符", + "client-name": "客戶端名稱", + "client-name-help": "人類可讀的應用程式名稱", + "client-name-placeholder": "輸入一些字符", + "client-secret": "客戶端密鑰", + "client-secret-placeholder": "輸入密鑰", + "contacts": "聯繫人", + "contacts-help": "此客戶端管理員的聯繫人名單。", + "contacts-placeholder": "新聯繫人", + "credentials": "憑據", + "crypto": { + "a128cbc-hs256": "複合認證加密算法,採用密碼塊鏈(CBC)模式AES,以PKCS #5填充,完整性計算使用HMAC SHA-256,並使用256位的CMK(和128位CEK)", + "a256cbc-hs512": "複合認證加密算法,採用密碼塊鏈(CBC)模式AES,以PKCS #5填充,完整性計算使用HMAC SHA-512,並使用512位的CMK(和256位CEK)", + "a128gcm": "AES GCM使用128位的密鑰", + "a256gcm": "AES GCM使用256位的密鑰", + "a128kw": "AES密鑰封裝算法使用128位的密鑰", + "a256kw": "AES密鑰封裝算法使用256位的密鑰", + "default": "使用伺服器默認", + "dir": "直接使用一個共享對稱密鑰作為塊加密的內容主密鑰(CMK)", + "ecdh-es": "橢圓曲線Diffie-Hellman短時靜態密鑰協議(使用Concat KDF),商定的密鑰被直接用作內容主密鑰(CMK)", + "ecdh-es-a128kw": "橢圓曲線Diffie-Hellman短時靜態密鑰協議(使用ECDH-ES和第4.7小節),但商定的密鑰是用以A128KW函數封裝內容主密鑰(CMK)", + "ecdh-es-a256kw": "橢圓曲線Diffie-Hellman短時靜態密鑰協議(使用ECDH-ES和第4.7小節),但商定的密鑰是用以A256KW函數封裝內容主密鑰(CMK)", + "none": "不加密", + "rsa-oaep": "RSAES使用最優不對稱加密填充(OAEP)", + "rsa1-5": "RSAES-PKCS1-V1_5" + }, + "cryptography": "密碼", + "display-secret": "顯示/編輯客戶端密鑰:", + "edit": "編輯客戶端", + "generate-new-secret": "生成一個新的客戶端密鑰嗎?", + "generate-new-secret-help": "當點擊「保存」時生成新的密鑰", + "generate-on-save": "保存時生成", + "grant-types": "批准的類型", + "home": "主頁", + "home-help": "客戶端首頁的URL,將顯示給用戶", + "hours": "小時", + "id": "ID:", + "id-token-crypto-algorithm": "身份令牌加密算法", + "id-token-crypto-method": "身份令牌加密方法", + "id-token-signing-algorithm": "身份令牌簽名算法", + "id-token-timeout": "身份令牌超時", + "implicit": "隱式的", + "initiate-login": "初始化登入", + "initiate-login-help": "啟動登入客戶端的URL", + "introspection": "自省", + "jwk-set": "公鑰集", + "jwk-set-help": "客戶端JSON Web Key集的URL (須可被伺服器訪問)", + "jwk-set-value-help": "客戶端JSON Web Key集的URL (須可被伺服器訪問)", + "main": "首要", + "max-age": "默認最長有效時間", + "max-age-help": "再提示之前的默認最長會話有效時間", + "minutes": "分鐘", + "new": "新客戶端", + "other": "其它", + "pairwise": "Pairwise對", + "password": "密碼", + "policy": "政策聲明", + "policy-help": "此客戶端的政策聲明連接,將顯示給用戶", + "post-logout": "登出後重定向", + "post-logout-help": "客戶端登出操作後的重定向URL", + "public": "公共", + "redelegation": "重新授權", + "redirect-uris": "重定向URI", + "redirect-uris-help": "在授權頁面之後客戶端重定向URI", + "claims-redirect-uris": "聲明重定向URI", + "claims-redirect-uris-help": "在聲明採集步驟之後瀏覽器需重定向的目標URI", + "refresh": "刷新", + "refresh-tokens": "刷新令牌", + "refresh-tokens-issued": "為此客戶端發佈的刷新令牌", + "refresh-tokens-issued-help": "這將把 offline_access 加入客戶端的範圍。", + "refresh-tokens-reused": "此客戶端的刷新令牌被重用", + "clear-access-tokens": "當刷新令牌用過之後,已激活的訪問令牌自動失效", + "refresh-tokens-no-expire": "刷新令牌尚未過期", + "registered": "註冊於", + "registration-token": "註冊令牌:", + "registration-access-token": "註冊訪問令牌", + "registration-token-error": "無法為此客戶端下載註冊訪問令牌。", + "request-object-signing-algorithm": "請求對像簽名算法", + "request-uri": "請求的URI", + "request-uri-help": "URI包含此客戶端使用的請求對像", + "require-auth-time": "需要身份認證時間(auth_time)", + "require-auth-time-label": "總是需要在身份令牌中包含auth_time聲明", + "response-types": "回應類型", + "rotate-registration-token": "旋轉註冊令牌", + "rotate-registration-token-confirm": "你確定你想旋轉這個客戶端的登入令牌?", + "rotate-registration-token-error": "無法旋轉該客戶端的註冊訪問令牌。", + "saved": { + "no-secret": "沒有客戶端密鑰", + "saved": "客戶端已保存", + "secret": "密鑰:", + "show-secret": "顯示密鑰", + "unchanged": "不變" + }, + "scope-placeholder": "新範圍", + "scope-help": "OAuth範圍允許客戶端請求", + "seconds": "秒", + "secret-asymmetric-jwt": "非對稱簽名JWT斷言", + "secret-http": "客戶端密鑰經由HTTP Basic", + "secret-none": "沒有認證", + "secret-post": "客戶端密鑰經由HTTP POST", + "secret-symmetric-jwt": "客戶端密鑰經由對稱簽名JWT斷言", + "sector-identifier": "扇區標識符URI", + "signing": { + "any": "允許", + "default": "使用伺服器默認", + "es256": "ECDSA採用P-256曲線和SHA-256哈希算法", + "es384": "ECDSA採用P-384曲線及SHA-384哈希算法", + "es512": "ECDSA採用P-512曲線及SHA-512哈希算法", + "hs256": "HMAC使用SHA-256哈希算法", + "hs384": "HMAC使用SHA-384哈希算法", + "hs512": "HMAC使用SHA-512哈希算法", + "none": "沒有數字簽名", + "rs256": "RSASSA使用SHA-256哈希算法", + "rs384": "RSASSA採用SHA-384哈希算法", + "rs512": "RSASSA使用SHA-512哈希算法", + "ps256": "採用SHA-256和MGF1的RSASSA-PSS算法", + "ps384": "採用SHA-384和MGF1的RSASSA-PSS算法", + "ps512": "採用SHA-512和MGF1的RSASSA-PSS算法" + }, + "subject-type": "主體類型", + "terms": "服務條款", + "terms-help": "此客戶服務條款的URL,將向用戶顯示", + "token-signing-algorithm": "令牌端點認證簽名算法", + "tokens": "令牌", + "type": "應用類型", + "type-native": "原生應用", + "type-web": "網絡應用", + "unknown": "(未知)", + "user-info-crypto-algorithm": "用戶資訊端點加密算法", + "user-info-crypto-method": "用戶資訊端點加密方法", + "user-info-signing-algorithm": "用戶資訊端點簽名算法" + }, + "client-table": { + "allow-introspection-tooltip": "這個客戶端可以執行令牌自省", + "confirm": "你確定要刪除這個客戶端?", + "dynamically-registered-tooltip": "這個客戶端是動態註冊的。點擊查看註冊訪問令牌", + "match": { + "contacts": "聯繫人", + "description": "描述", + "homepage": "主頁", + "id": "身分", + "name": "名稱", + "policy": "政策", + "redirect": "重定向URI", + "scope": "範圍", + "terms": "服務條款" + }, + "matched-search": "匹配搜索:", + "new": "新客戶端", + "no-clients": "此伺服器上沒有註冊的客戶端。", + "no-matches": "沒有匹配搜索條件的客戶端。", + "no-redirect": "沒有重定向URI", + "registered": "註冊於", + "search": "搜索……", + "whitelist": "白名單", + "unknown": "一個未知的時間" + }, + "manage": "管理客戶端", + "more-info": { + "contacts": "管理員聯繫方式:", + "home": "主頁", + "more": "更多資訊", + "policy": "政策", + "terms": "服務條款:" + }, + "newClient": "新客戶端" + }, + "common": { + "cancel": "取消", + "client": "客戶端", + "clients": "客戶端", + "close": "關閉", + "delete": "刪除", + "description": "描述", + "dynamically-registered": "這個客戶端是動態註冊的", + "edit": "編輯", + "expires": "到期:", + "information": "資訊", + "new": "新建", + "not-yet-implemented": "未實現", + "not-yet-implemented-content": "這個字段的值將於客戶端保存,但伺服器目前不處理任何事情。伺服器的未來庫版本將利用它。", + "revoke": "撤銷", + "save": "保存", + "scopes": "範圍", + "statistics": "統計", + "refresh": "刷新", + "scope": "範圍", + "users": "用戶", + "user": "用戶", + "roles": "角色", + "role": "角色", + "email": "電子郵箱", + "active": "已激活", + "inactive": "未激活" + }, + "dynreg": { + "client-id-placeholder": "輸入客戶端ID", + "configuration-url": "客戶端配置URL", + "edit-dynamically-registered": "編輯動態註冊的客戶端", + "edit-existing": "編輯一個現有的客戶端", + "edit-existing-help": "用於編輯之前已註冊的客戶端。粘貼您的客戶端ID和註冊訪問令牌,以便訪問該客戶端。", + "edit-existing-button": "編輯客戶端", + "invalid-access-token": "無效的客戶端或註冊訪問令牌。", + "new-client": "註冊新客戶端", + "new-client-help": "用於註冊新的客戶端。請提供客戶端ID和註冊訪問令牌,以便管理您的客戶端。", + "new-client-button": "新建客戶端", + "regtoken-placeholder": "輸入註冊訪問令牌", + "warning": "警告!你必須保護好客戶端ID 客戶密鑰(如果提供),以及您的註冊訪問令牌。如果你丟失了客戶端ID或註冊訪問令牌,將無法訪問您的客戶端註冊記錄,你需要註冊一個新客戶端。", + "will-be-generated": "當存儲客戶端資訊時將由伺服器自動生成" + }, + "grant": { + "manage-approved-sites": "管理批准的網站", + "refresh": "刷新", + "grant-table": { + "active-tokens": "當前活躍的訪問令牌數量", + "application": "應用程式", + "approved-sites": "許可站點", + "authorized": "授權:", + "dynamically-registered": "這個客戶端是動態註冊的", + "expires": "到期:", + "last-accessed": "上次訪問:", + "never": "從未", + "no-sites": "還未批准任何網站。", + "no-whitelisted": "還未訪問任何白名單的網站。", + "pre-approved": "這些都是預先由管理員批准的網站。", + "text": "這些都是您已經手動批准的網站。如果同一網站將來要進行同樣的訪問,它將直接通過、且沒有提示。", + "unknown": "未知", + "whitelist-note": "註:如果你在此撤銷它們,它們將在您下次訪問時不經提示即被自動重新批准。", + "whitelisted-site": "這個網站由管理員列入白名單中", + "whitelisted-sites": "白名單的網站" + } + }, + "rsreg": { + "resource-id-placeholder": "輸入資源ID", + "configuration-url": "客戶端配置URL", + "edit": "編輯受保護的資源", + "edit-existing": "編輯現有的保護資源", + "edit-existing-help": "用於編輯之前已註冊的資源。請使用您的客戶端ID和註冊訪問令牌來訪問資源的屬性。", + "edit-existing-button": "編輯資源", + "invalid-access-token": "無效的客戶端或註冊訪問令牌。", + "new-client": "註冊新的受保護資源", + "new-client-help": "用於註冊新的資源。請提供客戶端ID和註冊訪問令牌,以便管理您的資源。", + "new-client-button": "新建資源", + "regtoken-placeholder": "輸入註冊訪問令牌", + "will-be-generated": "將生成", + "warning": "警告!你必須保護好客戶端ID 客戶密鑰(如果提供),以及註冊訪問令牌。如果丟失了客戶端ID或註冊訪問令牌,將無法獲得您客戶端的登記記錄,你需要註冊一個新客戶端。", + "client-form": { + "scope-help": "這個資源能夠自省令牌的範圍。" + } + }, + "scope": { + "manage": "管理系統範圍", + "scope-list": { + "no-scopes": "沒有範圍" + }, + "system-scope-form": { + "default": "默認範圍", + "default-help": "新創建的用戶默認情況下獲得這個範圍?", + "description-help": "人類可讀的文本描述", + "description-placeholder": "輸入說明", + "restricted": "限制", + "restricted-help": "限制範圍衹能由系統管理員使用,可用動態註冊客戶和保護資源", + "edit": "編輯範圍", + "icon": "圖標", + "new": "新範圍", + "select-icon": "選擇圖標", + "structured": "是一個結構化的範圍", + "structured-help": "範圍結構化是否包含如base:extension的結構化值?", + "structured-param-help": "人類可讀的結構化參數描述", + "subject-type": "主體類型", + "value": "範圍值", + "value-help": "不含空格的單個字符串", + "value-placeholder": "範圍" + }, + "system-scope-table": { + "confirm": "你確定要刪除此範圍?引用了此範圍的客戶端還需要它。", + "new": "新範圍", + "text": "尚未定義系統範圍。客戶還可自定義範圍。", + "tooltip-restricted": "此範圍衹能由管理員使用。它不能用於動態註冊。", + "tooltip-default": "這個範圍將自動分配給新註冊的客戶。" + } + }, + "token": { + "manage": "管理活動的令牌", + "token-table": { + "access-tokens": "訪問令牌", + "associated-id": "這個訪問令牌附帶相關的身份令牌。", + "associated-refresh": "這個訪問令牌附帶相關的刷新令牌。", + "click-to-display": "點擊顯示完整的令牌值", + "confirm": "你確定要撤銷這個令牌?", + "confirm-refresh": "你確定要撤銷這個刷新令牌及其相關的訪問令牌?", + "expires": "過期", + "no-access": "沒有活動的訪問令牌。", + "no-refresh": "沒有活動的刷新令牌。", + "number-of-tokens": "關聯的訪問令牌數量", + "refresh-tokens": "刷新令牌", + "text": "訪問令牌通常是短暫的,供客戶端訪問特定的資源。身份令牌是採用OpenID Connect協議登入的、專門的訪問令牌。", + "text-refresh": "刷新令牌通常是長期的,以便客戶端能無需用戶介入即可獲取新的訪問令牌。", + "token-info": "令牌的資訊" + } + }, + "whitelist": { + "confirm": "你確定要刪除這個白名單項?", + "edit": "編輯白名單", + "manage": "管理列入白名單的網站", + "new": "新白名單", + "whitelist": "白名單", + "whitelist-form": { + "allowed-scopes": "允許範圍", + "edit": "編輯白名單的網站", + "new": "新增白名單網站", + "scope-help": "當客戶端發出請求列表時將自動批准的範圍", + "scope-placeholder": "新範圍" + }, + "whitelist-table": { + "no-sites": "白名單列表為空。使用白名單按鈕在客戶端管理頁面創建一個。" + } + }, + "blacklist": { + "text": "被拉黑的網站URI將無法用於註冊客戶端的重定向地址(無論是在管理介面中添加、還是動態註冊,都不行)。", + "blacklist-uri-placeholder": "要拉黑的網站URI", + "add": "將網站URI加入黑名單", + "empty": "當前黑名單為空", + "uri": "URI" + }, + "copyright": "基於MITREid Connect {0}技術構建 © 2016 MITRE公司及MIT因特網信任聯盟。", + "about": { + "title": "關於", + "body": "\n此OpenID Connect服務基於開源的MITREid Connect專案,該專案來自 \nMITRE公司MIT因特網信任聯盟。\n

\n

\n有關該專案的更多資訊可見 \nGitHub上的MITREid Connect專案。 \n您可以在該網站報告bug、提交意見及代碼補丁。" + }, + "statistics": { + "title": "統計", + "number_users": "用戶數: {0}", + "number_clients": "授權的客戶端: {0}", + "number_approvals": "已批准的站點: {0}" + }, + "home": { + "title": "首頁", + "welcome": { + "title": "歡迎!", + "body": "\nOpenID Connect是適於因特網部署的身分聯邦認證伺服器,基於OAuth2授權框架之上的OpenID Connect技術構建。\nOpenID Connect讓您無需暴露自己的用戶名、密碼即可便捷登入網站。

\n

在此瞭解更多詳情»" + }, + "more": "更多", + "about": { + "title": "關於", + "body": "本服務基於開源的MITREid Connect專案,該專案來自 \nMITRE公司MIT因特網信任聯盟。" + }, + "contact": { + "title": "聯繫方式", + "body": "\n如需更多的資訊和支持,請聯繫本系統的管理員。

\n

電子信箱 »" + }, + "statistics": { + "title": "當前統計", + "loading": "加載……", + "number_users": "用戶數: {0}", + "number_clients": "授權的客戶端: {0}", + "number_approvals": "已批准的站點: {0}" + } + }, + "contact": { + "title": "聯繫方式", + "body": "如果要報告有關MITREid Connect軟體自身的bug,請拜訪\nGitHub issue追蹤系統。 \n有關當前伺服器的問題,請聯繫伺服器的管理者。" + }, + "topbar": { + "about": "關於", + "contact": "聯繫方式", + "statistics": "統計", + "home": "首頁", + "login": "登入", + "logout": "登出" + }, + "sidebar": { + "administrative": { + "title": "管理", + "manage_clients": "管理客戶端", + "whitelisted_clients": "白名單", + "blacklisted_clients": "黑名單", + "system_scopes": "系統範圍" + }, + "personal": { + "title": "個人", + "approved_sites": "管理批准的網站", + "active_tokens": "管理活動的令牌", + "profile_information": "查看用戶資訊" + }, + "developer": { + "title": "開發者自助服務", + "client_registration": "客戶端註冊", + "resource_registration": "保護資源註冊" + } + }, + "manage": { + "ok": "好的", + "loading": "加載", + "title": "管理控制檯" + }, + "approve": { + "dynamically-registered-unknown": "在一個未知的時間", + "title": "批准訪問", + "error": { + "not_granted": "訪問可能不獲批准。" + }, + "required_for": "有待批准", + "dynamically_registered": "此客戶端已被動態註冊了{0}次。", + "caution": { + "title": "注意", + "message": { + "none": "它之前從未被批准。", + "singular": "它之前已被批准了{0}次。", + "plural": "它之前已被批准了{0}次。" + } + }, + "more_information": "更多資訊", + "home_page": "主頁", + "policy": "政策", + "terms": "服務條款", + "contacts": "管理人員", + "warning": "警告", + "no_redirect_uri": "該客戶端沒有註冊任何重定向URI,可能被使用惡意的URI。", + "redirect_uri": "如果點擊批准,您將被重定向至如下頁面: {0}", + "pairwise": "該客戶端使用pairwise標識符,這使得在不同站點間關聯身份變得稍加困難。", + "no_scopes": "該客戶端沒有註冊任何範圍,因此允許請求系統可用的any(任意)範圍。請務必謹慎處理。", + "access_to": "訪問", + "remember": { + "title": "記住這個決定", + "until_revoke": "記住這個決定直到我撤銷", + "one_hour": "記住該決定一個小時", + "next_time": "下次再提醒我" + }, + "do_authorize": "是否授權", + "label": { + "authorize": "授權", + "deny": "拒絕" + } + }, + "error": { + "title": "錯誤", + "header": "錯誤:", + "message": "在處理您的請求過程中發生了錯誤。伺服器日誌為:" + }, + "login": { + "login_with_username_and_password": "請用您的用戶名和密碼登入", + "username": "用戶名", + "password": "密碼", + "login-button": "登入", + "error": "登入失敗,請重試。" + } +} diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/rsreg.js b/openid-connect-server-webapp/src/main/webapp/resources/js/rsreg.js index cb3830949..5a3e43b88 100644 --- a/openid-connect-server-webapp/src/main/webapp/resources/js/rsreg.js +++ b/openid-connect-server-webapp/src/main/webapp/resources/js/rsreg.js @@ -21,7 +21,6 @@ var ResRegClient = Backbone.Model.extend({ client_secret: null, client_name: null, client_uri: null, - logo_uri: null, contacts: [], tos_uri: null, token_endpoint_auth_method: null, @@ -194,7 +193,6 @@ var ResRegEditView = Backbone.View.extend({ "click .btn-save": "saveClient", "click .btn-cancel": "cancel", "click .btn-delete": "deleteClient", - "change #logoUri input": "previewLogo", "change #tokenEndpointAuthMethod input:radio": "toggleClientCredentials", "change #jwkSelector input:radio": "toggleJWKSetType" }, @@ -229,16 +227,6 @@ var ResRegEditView = Backbone.View.extend({ return false; }, - previewLogo: function() { - if ($('#logoUri input', this.el).val()) { - $('#logoPreview', this.el).empty(); - $('#logoPreview', this.el).attr('src', $('#logoUri input', this.el).val()); - } else { - // $('#logoBlock', this.el).hide(); - $('#logoPreview', this.el).attr('src', 'resources/images/logo_placeholder.gif'); - } - }, - /** * Set up the form based on the current state of the tokenEndpointAuthMethod * parameter @@ -350,7 +338,6 @@ var ResRegEditView = Backbone.View.extend({ var attrs = { client_name: $('#clientName input').val(), - logo_uri: $('#logoUri input').val(), scope: scopes, client_secret: null, // never send a client secret tos_uri: $('#tosUri input').val(), @@ -455,7 +442,6 @@ var ResRegEditView = Backbone.View.extend({ this.listWidgetViews.push(contactView); this.toggleClientCredentials(); - this.previewLogo(); this.toggleJWKSetType(); // disable unsupported JOSE algorithms diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/client.html b/openid-connect-server-webapp/src/main/webapp/resources/template/client.html index 2a748fefb..1cdf7b785 100644 --- a/openid-connect-server-webapp/src/main/webapp/resources/template/client.html +++ b/openid-connect-server-webapp/src/main/webapp/resources/template/client.html @@ -25,10 +25,6 @@

- <% if (client.logoUri) { %> - - <% } %> -
<%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %>
@@ -238,20 +234,6 @@
-
- -
- -

URL that points to a logo image, will be displayed on approval page

-
-
- -
-
- logo -
-
-
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html b/openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html index eda228006..a2d489659 100644 --- a/openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html +++ b/openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html @@ -154,20 +154,6 @@
-
- -
- -

URL that points to a logo image, will be displayed on approval page

-
-
- -
-
- logo -
-
-
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/rsreg.html b/openid-connect-server-webapp/src/main/webapp/resources/template/rsreg.html index e8c1a50a2..6f6401e38 100644 --- a/openid-connect-server-webapp/src/main/webapp/resources/template/rsreg.html +++ b/openid-connect-server-webapp/src/main/webapp/resources/template/rsreg.html @@ -146,20 +146,6 @@
-
- -
- -

URL that points to a logo image, will be displayed on approval page

-
-
- -
-
- logo -
-
-
diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java b/openid-connect-server/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java index 646d78a35..08c716002 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/model/ClientDetailsEntity.java @@ -20,11 +20,20 @@ */ package org.mitre.oauth2.model; -import java.util.Date; -import java.util.HashMap; -import java.util.HashSet; -import java.util.Map; -import java.util.Set; +import com.nimbusds.jose.EncryptionMethod; +import com.nimbusds.jose.JWEAlgorithm; +import com.nimbusds.jose.JWSAlgorithm; +import com.nimbusds.jose.jwk.JWKSet; +import com.nimbusds.jwt.JWT; +import org.mitre.oauth2.model.convert.JWEAlgorithmStringConverter; +import org.mitre.oauth2.model.convert.JWEEncryptionMethodStringConverter; +import org.mitre.oauth2.model.convert.JWKSetStringConverter; +import org.mitre.oauth2.model.convert.JWSAlgorithmStringConverter; +import org.mitre.oauth2.model.convert.JWTStringConverter; +import org.mitre.oauth2.model.convert.PKCEAlgorithmStringConverter; +import org.mitre.oauth2.model.convert.SimpleGrantedAuthorityStringConverter; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.oauth2.provider.ClientDetails; import javax.persistence.Basic; import javax.persistence.CollectionTable; @@ -47,22 +56,11 @@ import javax.persistence.Table; import javax.persistence.Temporal; import javax.persistence.TemporalType; import javax.persistence.Transient; - -import org.mitre.oauth2.model.convert.JWEAlgorithmStringConverter; -import org.mitre.oauth2.model.convert.JWEEncryptionMethodStringConverter; -import org.mitre.oauth2.model.convert.JWKSetStringConverter; -import org.mitre.oauth2.model.convert.JWSAlgorithmStringConverter; -import org.mitre.oauth2.model.convert.JWTStringConverter; -import org.mitre.oauth2.model.convert.PKCEAlgorithmStringConverter; -import org.mitre.oauth2.model.convert.SimpleGrantedAuthorityStringConverter; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.oauth2.provider.ClientDetails; - -import com.nimbusds.jose.EncryptionMethod; -import com.nimbusds.jose.JWEAlgorithm; -import com.nimbusds.jose.JWSAlgorithm; -import com.nimbusds.jose.jwk.JWKSet; -import com.nimbusds.jwt.JWT; +import java.util.Date; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Map; +import java.util.Set; /** * @author jricher @@ -91,7 +89,6 @@ public class ClientDetailsEntity implements ClientDetails { private Set redirectUris = new HashSet<>(); private String clientName; private String clientUri; - private String logoUri; private Set contacts; private String tosUri; private AuthMethod tokenEndpointAuthMethod = AuthMethod.SECRET_BASIC; @@ -488,16 +485,6 @@ public class ClientDetailsEntity implements ClientDetails { this.contacts = contacts; } - @Basic - @Column(name="logo_uri") - public String getLogoUri() { - return logoUri; - } - - public void setLogoUri(String logoUri) { - this.logoUri = logoUri; - } - @Basic @Column(name="policy_uri") public String getPolicyUri() { diff --git a/openid-connect-server/src/main/java/org/mitre/oauth2/model/RegisteredClient.java b/openid-connect-server/src/main/java/org/mitre/oauth2/model/RegisteredClient.java index a746a6b02..454e702b9 100644 --- a/openid-connect-server/src/main/java/org/mitre/oauth2/model/RegisteredClient.java +++ b/openid-connect-server/src/main/java/org/mitre/oauth2/model/RegisteredClient.java @@ -20,21 +20,20 @@ */ package org.mitre.oauth2.model; -import java.util.Date; -import java.util.Map; -import java.util.Set; - -import org.mitre.oauth2.model.ClientDetailsEntity.AppType; -import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; -import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType; -import org.springframework.security.core.GrantedAuthority; - import com.google.gson.JsonObject; import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.JWEAlgorithm; import com.nimbusds.jose.JWSAlgorithm; import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jwt.JWT; +import org.mitre.oauth2.model.ClientDetailsEntity.AppType; +import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; +import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType; +import org.springframework.security.core.GrantedAuthority; + +import java.util.Date; +import java.util.Map; +import java.util.Set; /** * @author jricher @@ -246,14 +245,6 @@ public class RegisteredClient { client.setContacts(contacts); } - public String getLogoUri() { - return client.getLogoUri(); - } - - public void setLogoUri(String logoUri) { - client.setLogoUri(logoUri); - } - public String getPolicyUri() { return client.getPolicyUri(); } diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java index a076514df..6cb1b712a 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessor.java @@ -21,25 +21,6 @@ package org.mitre.openid.connect; -import static org.mitre.util.JsonUtils.getAsArray; -import static org.mitre.util.JsonUtils.getAsDate; -import static org.mitre.util.JsonUtils.getAsJweAlgorithm; -import static org.mitre.util.JsonUtils.getAsJweEncryptionMethod; -import static org.mitre.util.JsonUtils.getAsJwsAlgorithm; -import static org.mitre.util.JsonUtils.getAsPkceAlgorithm; -import static org.mitre.util.JsonUtils.getAsString; -import static org.mitre.util.JsonUtils.getAsStringSet; - -import java.text.ParseException; - -import org.mitre.oauth2.model.ClientDetailsEntity; -import org.mitre.oauth2.model.ClientDetailsEntity.AppType; -import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; -import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType; -import org.mitre.oauth2.model.RegisteredClient; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - import com.google.common.base.Joiner; import com.google.common.base.Splitter; import com.google.common.base.Strings; @@ -50,6 +31,15 @@ import com.google.gson.JsonParser; import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jwt.JWT; import com.nimbusds.jwt.JWTParser; +import org.mitre.oauth2.model.ClientDetailsEntity; +import org.mitre.oauth2.model.ClientDetailsEntity.AppType; +import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; +import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType; +import org.mitre.oauth2.model.RegisteredClient; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.text.ParseException; import static org.mitre.oauth2.model.RegisteredClientFields.APPLICATION_TYPE; import static org.mitre.oauth2.model.RegisteredClientFields.CLAIMS_REDIRECT_URIS; @@ -70,7 +60,6 @@ import static org.mitre.oauth2.model.RegisteredClientFields.ID_TOKEN_SIGNED_RESP import static org.mitre.oauth2.model.RegisteredClientFields.INITIATE_LOGIN_URI; import static org.mitre.oauth2.model.RegisteredClientFields.JWKS; import static org.mitre.oauth2.model.RegisteredClientFields.JWKS_URI; -import static org.mitre.oauth2.model.RegisteredClientFields.LOGO_URI; import static org.mitre.oauth2.model.RegisteredClientFields.POLICY_URI; import static org.mitre.oauth2.model.RegisteredClientFields.POST_LOGOUT_REDIRECT_URIS; import static org.mitre.oauth2.model.RegisteredClientFields.REDIRECT_URIS; @@ -93,6 +82,14 @@ import static org.mitre.oauth2.model.RegisteredClientFields.TOS_URI; import static org.mitre.oauth2.model.RegisteredClientFields.USERINFO_ENCRYPTED_RESPONSE_ALG; import static org.mitre.oauth2.model.RegisteredClientFields.USERINFO_ENCRYPTED_RESPONSE_ENC; import static org.mitre.oauth2.model.RegisteredClientFields.USERINFO_SIGNED_RESPONSE_ALG; +import static org.mitre.util.JsonUtils.getAsArray; +import static org.mitre.util.JsonUtils.getAsDate; +import static org.mitre.util.JsonUtils.getAsJweAlgorithm; +import static org.mitre.util.JsonUtils.getAsJweEncryptionMethod; +import static org.mitre.util.JsonUtils.getAsJwsAlgorithm; +import static org.mitre.util.JsonUtils.getAsPkceAlgorithm; +import static org.mitre.util.JsonUtils.getAsString; +import static org.mitre.util.JsonUtils.getAsStringSet; /** * Utility class to handle the parsing and serialization of ClientDetails objects. @@ -124,7 +121,6 @@ public class ClientDetailsEntityJsonProcessor { c.setRedirectUris(getAsStringSet(o, REDIRECT_URIS)); c.setClientName(getAsString(o, CLIENT_NAME)); c.setClientUri(getAsString(o, CLIENT_URI)); - c.setLogoUri(getAsString(o, LOGO_URI)); c.setContacts(getAsStringSet(o, CONTACTS)); c.setTosUri(getAsString(o, TOS_URI)); @@ -301,7 +297,6 @@ public class ClientDetailsEntityJsonProcessor { o.add(REDIRECT_URIS, getAsArray(c.getRedirectUris())); o.addProperty(CLIENT_NAME, c.getClientName()); o.addProperty(CLIENT_URI, c.getClientUri()); - o.addProperty(LOGO_URI, c.getLogoUri()); o.add(CONTACTS, getAsArray(c.getContacts())); o.addProperty(TOS_URI, c.getTosUri()); o.addProperty(TOKEN_ENDPOINT_AUTH_METHOD, c.getTokenEndpointAuthMethod() != null ? c.getTokenEndpointAuthMethod().getValue() : null); diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/model/CachedImage.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/model/CachedImage.java deleted file mode 100644 index 48a76e725..000000000 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/model/CachedImage.java +++ /dev/null @@ -1,52 +0,0 @@ -/******************************************************************************* - * Copyright 2018 The MIT Internet Trust Consortium - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - *******************************************************************************/ - -package org.mitre.openid.connect.model; - -/** - * @author jricher - */ -public class CachedImage { - - private byte[] data; - private String contentType; - private long length; - - public byte[] getData() { - return data; - } - - public void setData(byte[] data) { - this.data = data; - } - - public String getContentType() { - return contentType; - } - - public void setContentType(String contentType) { - this.contentType = contentType; - } - - public long getLength() { - return length; - } - - public void setLength(long length) { - this.length = length; - } - -} diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/ClientLogoLoadingService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/ClientLogoLoadingService.java deleted file mode 100644 index 407944696..000000000 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/ClientLogoLoadingService.java +++ /dev/null @@ -1,34 +0,0 @@ -/******************************************************************************* - * Copyright 2018 The MIT Internet Trust Consortium - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - *******************************************************************************/ - -package org.mitre.openid.connect.service; - -import org.mitre.oauth2.model.ClientDetailsEntity; -import org.mitre.openid.connect.model.CachedImage; - -/** - * @author jricher - * - */ -public interface ClientLogoLoadingService { - - /** - * @param client - * @return - */ - CachedImage getLogo(ClientDetailsEntity client); - -} diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/InMemoryClientLogoLoadingService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/InMemoryClientLogoLoadingService.java deleted file mode 100644 index e16d0692a..000000000 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/InMemoryClientLogoLoadingService.java +++ /dev/null @@ -1,122 +0,0 @@ -/******************************************************************************* - * Copyright 2018 The MIT Internet Trust Consortium - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - *******************************************************************************/ - -package org.mitre.openid.connect.service.impl; - -import java.io.IOException; -import java.util.concurrent.ExecutionException; -import java.util.concurrent.TimeUnit; - -import org.apache.commons.io.IOUtils; -import org.apache.http.HttpEntity; -import org.apache.http.HttpResponse; -import org.apache.http.client.HttpClient; -import org.apache.http.client.methods.HttpGet; -import org.apache.http.impl.client.HttpClientBuilder; -import org.mitre.oauth2.model.ClientDetailsEntity; -import org.mitre.openid.connect.model.CachedImage; -import org.mitre.openid.connect.service.ClientLogoLoadingService; -import org.springframework.stereotype.Service; - -import com.google.common.base.Strings; -import com.google.common.cache.CacheBuilder; -import com.google.common.cache.CacheLoader; -import com.google.common.cache.LoadingCache; -import com.google.common.util.concurrent.UncheckedExecutionException; - -/** - * @author jricher - * - */ -@Service("inMemoryClientLogoLoadingService") -public class InMemoryClientLogoLoadingService implements ClientLogoLoadingService { - - private LoadingCache cache; - - public InMemoryClientLogoLoadingService() { - this(HttpClientBuilder.create().useSystemProperties().build()); - } - - /** - * - */ - public InMemoryClientLogoLoadingService(HttpClient httpClient) { - - cache = CacheBuilder.newBuilder() - .maximumSize(100) - .expireAfterAccess(14, TimeUnit.DAYS) - .build(new ClientLogoFetcher(httpClient)); - - } - - - /* (non-Javadoc) - * @see org.mitre.openid.connect.service.ClientLogoLoadingService#getLogo(org.mitre.oauth2.model.ClientDetailsEntity) - */ - @Override - public CachedImage getLogo(ClientDetailsEntity client) { - try { - if (client != null && !Strings.isNullOrEmpty(client.getLogoUri())) { - return cache.get(client); - } else { - return null; - } - } catch (UncheckedExecutionException | ExecutionException e) { - return null; - } - } - - /** - * @author jricher - * - */ - public class ClientLogoFetcher extends CacheLoader { - private HttpClient httpClient; - - public ClientLogoFetcher() { - this(HttpClientBuilder.create().useSystemProperties().build()); - } - - public ClientLogoFetcher(HttpClient httpClient) { - this.httpClient = httpClient; - } - - /* (non-Javadoc) - * @see com.google.common.cache.CacheLoader#load(java.lang.Object) - */ - @Override - public CachedImage load(ClientDetailsEntity key) throws Exception { - try { - HttpResponse response = httpClient.execute(new HttpGet(key.getLogoUri())); - - HttpEntity entity = response.getEntity(); - - CachedImage image = new CachedImage(); - - image.setContentType(entity.getContentType().getValue()); - image.setLength(entity.getContentLength()); - image.setData(IOUtils.toByteArray(entity.getContent())); - - return image; - } catch (IOException e) { - throw new IllegalArgumentException("Unable to load client image."); - } - } - - } - - -} diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java index 45ba59901..e2ccb9802 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/ClientAPI.java @@ -17,49 +17,6 @@ *******************************************************************************/ package org.mitre.openid.connect.web; -import java.lang.reflect.Type; -import java.sql.SQLIntegrityConstraintViolationException; -import java.text.ParseException; -import java.util.Collection; - -import javax.persistence.PersistenceException; - -import org.eclipse.persistence.exceptions.DatabaseException; -import org.mitre.jwt.assertion.AssertionValidator; -import org.mitre.oauth2.model.ClientDetailsEntity; -import org.mitre.oauth2.model.ClientDetailsEntity.AppType; -import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; -import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType; -import org.mitre.oauth2.model.PKCEAlgorithm; -import org.mitre.oauth2.service.ClientDetailsEntityService; -import org.mitre.oauth2.web.AuthenticationUtilities; -import org.mitre.openid.connect.exception.ValidationException; -import org.mitre.openid.connect.model.CachedImage; -import org.mitre.openid.connect.service.ClientLogoLoadingService; -import org.mitre.openid.connect.view.ClientEntityViewForAdmins; -import org.mitre.openid.connect.view.ClientEntityViewForUsers; -import org.mitre.openid.connect.view.HttpCodeView; -import org.mitre.openid.connect.view.JsonEntityView; -import org.mitre.openid.connect.view.JsonErrorView; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.http.HttpHeaders; -import org.springframework.http.HttpStatus; -import org.springframework.http.MediaType; -import org.springframework.http.ResponseEntity; -import org.springframework.security.access.prepost.PreAuthorize; -import org.springframework.security.core.Authentication; -import org.springframework.security.oauth2.common.util.OAuth2Utils; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.servlet.ModelAndView; - import com.google.common.base.Strings; import com.google.common.collect.Sets; import com.google.gson.Gson; @@ -79,6 +36,43 @@ import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jwt.JWT; import com.nimbusds.jwt.JWTClaimsSet; import com.nimbusds.jwt.JWTParser; +import org.eclipse.persistence.exceptions.DatabaseException; +import org.mitre.jwt.assertion.AssertionValidator; +import org.mitre.oauth2.model.ClientDetailsEntity; +import org.mitre.oauth2.model.ClientDetailsEntity.AppType; +import org.mitre.oauth2.model.ClientDetailsEntity.AuthMethod; +import org.mitre.oauth2.model.ClientDetailsEntity.SubjectType; +import org.mitre.oauth2.model.PKCEAlgorithm; +import org.mitre.oauth2.service.ClientDetailsEntityService; +import org.mitre.oauth2.web.AuthenticationUtilities; +import org.mitre.openid.connect.exception.ValidationException; +import org.mitre.openid.connect.view.ClientEntityViewForAdmins; +import org.mitre.openid.connect.view.ClientEntityViewForUsers; +import org.mitre.openid.connect.view.HttpCodeView; +import org.mitre.openid.connect.view.JsonEntityView; +import org.mitre.openid.connect.view.JsonErrorView; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.http.HttpStatus; +import org.springframework.http.MediaType; +import org.springframework.security.access.prepost.PreAuthorize; +import org.springframework.security.core.Authentication; +import org.springframework.security.oauth2.common.util.OAuth2Utils; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.servlet.ModelAndView; + +import javax.persistence.PersistenceException; +import java.lang.reflect.Type; +import java.sql.SQLIntegrityConstraintViolationException; +import java.text.ParseException; +import java.util.Collection; import static org.mitre.oauth2.model.RegisteredClientFields.APPLICATION_TYPE; import static org.mitre.oauth2.model.RegisteredClientFields.CLAIMS_REDIRECT_URIS; @@ -98,7 +92,6 @@ import static org.mitre.oauth2.model.RegisteredClientFields.ID_TOKEN_SIGNED_RESP import static org.mitre.oauth2.model.RegisteredClientFields.INITIATE_LOGIN_URI; import static org.mitre.oauth2.model.RegisteredClientFields.JWKS; import static org.mitre.oauth2.model.RegisteredClientFields.JWKS_URI; -import static org.mitre.oauth2.model.RegisteredClientFields.LOGO_URI; import static org.mitre.oauth2.model.RegisteredClientFields.POLICY_URI; import static org.mitre.oauth2.model.RegisteredClientFields.POST_LOGOUT_REDIRECT_URIS; import static org.mitre.oauth2.model.RegisteredClientFields.REDIRECT_URIS; @@ -133,9 +126,6 @@ public class ClientAPI { @Autowired private ClientDetailsEntityService clientService; - @Autowired - private ClientLogoLoadingService clientLogoLoadingService; - @Autowired @Qualifier("clientAssertionValidator") private AssertionValidator assertionValidator; @@ -506,31 +496,6 @@ public class ClientAPI { } } - /** - * Get the logo image for a client - * @param id - */ - @RequestMapping(value = "/{id}/logo", method=RequestMethod.GET, produces = { MediaType.IMAGE_GIF_VALUE, MediaType.IMAGE_JPEG_VALUE, MediaType.IMAGE_PNG_VALUE }) - public ResponseEntity getClientLogo(@PathVariable("id") Long id, Model model) { - - ClientDetailsEntity client = clientService.getClientById(id); - - if (client == null) { - return new ResponseEntity<>(HttpStatus.NOT_FOUND); - } else if (Strings.isNullOrEmpty(client.getLogoUri())) { - return new ResponseEntity<>(HttpStatus.NOT_FOUND); - } else { - // get the image from cache - CachedImage image = clientLogoLoadingService.getLogo(client); - - HttpHeaders headers = new HttpHeaders(); - headers.setContentType(MediaType.parseMediaType(image.getContentType())); - headers.setContentLength(image.getLength()); - - return new ResponseEntity<>(image.getData(), headers, HttpStatus.OK); - } - } - private ClientDetailsEntity validateSoftwareStatement(ClientDetailsEntity newClient) throws ValidationException { if (newClient.getSoftwareStatement() != null) { if (assertionValidator.isValid(newClient.getSoftwareStatement())) { @@ -632,9 +597,6 @@ public class ClientAPI { case CONTACTS: newClient.setContacts(Sets.newHashSet(claimSet.getStringListClaim(claim))); break; - case LOGO_URI: - newClient.setLogoUri(claimSet.getStringClaim(claim)); - break; case CLIENT_URI: newClient.setClientUri(claimSet.getStringClaim(claim)); break; diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/DynamicClientRegistrationEndpoint.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/DynamicClientRegistrationEndpoint.java index a96f8209e..30d6159c1 100644 --- a/openid-connect-server/src/main/java/org/mitre/openid/connect/web/DynamicClientRegistrationEndpoint.java +++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/web/DynamicClientRegistrationEndpoint.java @@ -17,13 +17,15 @@ *******************************************************************************/ package org.mitre.openid.connect.web; -import java.io.UnsupportedEncodingException; -import java.text.ParseException; -import java.util.Date; -import java.util.HashSet; -import java.util.Set; -import java.util.concurrent.TimeUnit; - +import com.google.common.base.Strings; +import com.google.common.collect.ImmutableSet; +import com.google.common.collect.Sets; +import com.google.gson.JsonSyntaxException; +import com.nimbusds.jose.EncryptionMethod; +import com.nimbusds.jose.JWEAlgorithm; +import com.nimbusds.jose.JWSAlgorithm; +import com.nimbusds.jose.jwk.JWKSet; +import com.nimbusds.jwt.JWTClaimsSet; import org.mitre.jwt.assertion.AssertionValidator; import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity.AppType; @@ -61,15 +63,12 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.util.UriUtils; -import com.google.common.base.Strings; -import com.google.common.collect.ImmutableSet; -import com.google.common.collect.Sets; -import com.google.gson.JsonSyntaxException; -import com.nimbusds.jose.EncryptionMethod; -import com.nimbusds.jose.JWEAlgorithm; -import com.nimbusds.jose.JWSAlgorithm; -import com.nimbusds.jose.jwk.JWKSet; -import com.nimbusds.jwt.JWTClaimsSet; +import java.io.UnsupportedEncodingException; +import java.text.ParseException; +import java.util.Date; +import java.util.HashSet; +import java.util.Set; +import java.util.concurrent.TimeUnit; import static org.mitre.oauth2.model.RegisteredClientFields.APPLICATION_TYPE; import static org.mitre.oauth2.model.RegisteredClientFields.CLAIMS_REDIRECT_URIS; @@ -89,7 +88,6 @@ import static org.mitre.oauth2.model.RegisteredClientFields.ID_TOKEN_SIGNED_RESP import static org.mitre.oauth2.model.RegisteredClientFields.INITIATE_LOGIN_URI; import static org.mitre.oauth2.model.RegisteredClientFields.JWKS; import static org.mitre.oauth2.model.RegisteredClientFields.JWKS_URI; -import static org.mitre.oauth2.model.RegisteredClientFields.LOGO_URI; import static org.mitre.oauth2.model.RegisteredClientFields.POLICY_URI; import static org.mitre.oauth2.model.RegisteredClientFields.POST_LOGOUT_REDIRECT_URIS; import static org.mitre.oauth2.model.RegisteredClientFields.REDIRECT_URIS; @@ -712,9 +710,6 @@ public class DynamicClientRegistrationEndpoint { case CONTACTS: newClient.setContacts(Sets.newHashSet(claimSet.getStringListClaim(claim))); break; - case LOGO_URI: - newClient.setLogoUri(claimSet.getStringClaim(claim)); - break; case CLIENT_URI: newClient.setClientUri(claimSet.getStringClaim(claim)); break; diff --git a/openid-connect-server/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java b/openid-connect-server/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java index cfcd29d9f..3815b2d9a 100644 --- a/openid-connect-server/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java +++ b/openid-connect-server/src/test/java/org/mitre/oauth2/model/ClientDetailsEntityTest.java @@ -20,13 +20,12 @@ */ package org.mitre.oauth2.model; -import java.util.Date; - -import org.junit.Test; - import com.google.common.collect.ImmutableSet; import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.JWEAlgorithm; +import org.junit.Test; + +import java.util.Date; import static org.junit.Assert.assertEquals; @@ -50,7 +49,6 @@ public class ClientDetailsEntityTest { c.setApplicationType(ClientDetailsEntity.AppType.WEB); c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2")); c.setClientName("My Example"); - c.setLogoUri("https://client.example.org/logo.png"); c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json"); c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC); @@ -67,7 +65,6 @@ public class ClientDetailsEntityTest { assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType()); assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris()); assertEquals("My Example", c.getClientName()); - assertEquals("https://client.example.org/logo.png", c.getLogoUri()); assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType()); assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri()); assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod()); diff --git a/openid-connect-server/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java b/openid-connect-server/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java index d973fc020..adb252cd7 100644 --- a/openid-connect-server/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java +++ b/openid-connect-server/src/test/java/org/mitre/oauth2/model/RegisteredClientTest.java @@ -20,13 +20,12 @@ */ package org.mitre.oauth2.model; -import java.sql.Date; - -import org.junit.Test; - import com.google.common.collect.ImmutableSet; import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.JWEAlgorithm; +import org.junit.Test; + +import java.sql.Date; import static org.junit.Assert.assertEquals; @@ -54,7 +53,6 @@ public class RegisteredClientTest { c.setApplicationType(ClientDetailsEntity.AppType.WEB); c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2")); c.setClientName("My Example"); - c.setLogoUri("https://client.example.org/logo.png"); c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json"); c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC); @@ -72,7 +70,6 @@ public class RegisteredClientTest { assertEquals(ClientDetailsEntity.AppType.WEB, c.getApplicationType()); assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), c.getRedirectUris()); assertEquals("My Example", c.getClientName()); - assertEquals("https://client.example.org/logo.png", c.getLogoUri()); assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType()); assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri()); assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod()); @@ -95,7 +92,7 @@ public class RegisteredClientTest { c.setApplicationType(ClientDetailsEntity.AppType.WEB); c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2")); c.setClientName("My Example"); - c.setLogoUri("https://client.example.org/logo.png"); + c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json"); c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC); @@ -120,7 +117,6 @@ public class RegisteredClientTest { assertEquals(ClientDetailsEntity.AppType.WEB, rc.getApplicationType()); assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), rc.getRedirectUris()); assertEquals("My Example", rc.getClientName()); - assertEquals("https://client.example.org/logo.png", rc.getLogoUri()); assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, rc.getSubjectType()); assertEquals("https://other.example.net/file_of_redirect_uris.json", rc.getSectorIdentifierUri()); assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, rc.getTokenEndpointAuthMethod()); @@ -143,7 +139,7 @@ public class RegisteredClientTest { c.setApplicationType(ClientDetailsEntity.AppType.WEB); c.setRedirectUris(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2")); c.setClientName("My Example"); - c.setLogoUri("https://client.example.org/logo.png"); + c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json"); c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC); @@ -164,7 +160,6 @@ public class RegisteredClientTest { assertEquals(ClientDetailsEntity.AppType.WEB, rc.getApplicationType()); assertEquals(ImmutableSet.of("https://client.example.org/callback", "https://client.example.org/callback2"), rc.getRedirectUris()); assertEquals("My Example", rc.getClientName()); - assertEquals("https://client.example.org/logo.png", rc.getLogoUri()); assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, rc.getSubjectType()); assertEquals("https://other.example.net/file_of_redirect_uris.json", rc.getSectorIdentifierUri()); assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, rc.getTokenEndpointAuthMethod()); diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java index ab19f8b0a..63a207907 100644 --- a/openid-connect-server/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java +++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/ClientDetailsEntityJsonProcessorTest.java @@ -20,17 +20,16 @@ */ package org.mitre.openid.connect; -import java.sql.Date; - -import org.junit.Test; -import org.mitre.oauth2.model.ClientDetailsEntity; -import org.mitre.oauth2.model.RegisteredClient; - import com.google.common.collect.ImmutableSet; import com.google.gson.JsonElement; import com.google.gson.JsonObject; import com.nimbusds.jose.EncryptionMethod; import com.nimbusds.jose.JWEAlgorithm; +import org.junit.Test; +import org.mitre.oauth2.model.ClientDetailsEntity; +import org.mitre.oauth2.model.RegisteredClient; + +import java.sql.Date; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; @@ -75,7 +74,6 @@ public class ClientDetailsEntityJsonProcessorTest { assertEquals("My Example", c.getClientName()); assertEquals(ImmutableSet.of("code", "token"), c.getResponseTypes()); assertEquals(ImmutableSet.of("authorization_code", "implicit"), c.getGrantTypes()); - assertEquals("https://client.example.org/logo.png", c.getLogoUri()); assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType()); assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri()); assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod()); @@ -137,7 +135,6 @@ public class ClientDetailsEntityJsonProcessorTest { assertEquals("My Example", c.getClientName()); assertEquals(ImmutableSet.of("code", "token"), c.getResponseTypes()); assertEquals(ImmutableSet.of("authorization_code", "implicit"), c.getGrantTypes()); - assertEquals("https://client.example.org/logo.png", c.getLogoUri()); assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE, c.getSubjectType()); assertEquals("https://other.example.net/file_of_redirect_uris.json", c.getSectorIdentifierUri()); assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC, c.getTokenEndpointAuthMethod()); @@ -166,7 +163,6 @@ public class ClientDetailsEntityJsonProcessorTest { c.setClientName("My Example"); c.setResponseTypes(ImmutableSet.of("code", "token")); c.setGrantTypes(ImmutableSet.of("authorization_code", "implicit")); - c.setLogoUri("https://client.example.org/logo.png"); c.setSubjectType(ClientDetailsEntity.SubjectType.PAIRWISE); c.setSectorIdentifierUri("https://other.example.net/file_of_redirect_uris.json"); c.setTokenEndpointAuthMethod(ClientDetailsEntity.AuthMethod.SECRET_BASIC); @@ -194,7 +190,6 @@ public class ClientDetailsEntityJsonProcessorTest { for (JsonElement e : j.get("grant_types").getAsJsonArray()) { assertTrue(ImmutableSet.of("authorization_code", "implicit").contains(e.getAsString())); } - assertEquals("https://client.example.org/logo.png", j.get("logo_uri").getAsString()); assertEquals(ClientDetailsEntity.SubjectType.PAIRWISE.getValue(), j.get("subject_type").getAsString()); assertEquals("https://other.example.net/file_of_redirect_uris.json", j.get("sector_identifier_uri").getAsString()); assertEquals(ClientDetailsEntity.AuthMethod.SECRET_BASIC.getValue(), j.get("token_endpoint_auth_method").getAsString());