json view and form elements
parent
36151975c1
commit
8e6da2b936
|
@ -672,7 +672,7 @@ var AppRouter = Backbone.Router.extend({
|
|||
this.breadCrumbView.collection.add([
|
||||
{text:"Home", href:""},
|
||||
{text:"Client Registration", href:"manage/#dev/dynreg"},
|
||||
{text:"New", href:"manage/#dev/dynreg/new"}
|
||||
{text:"Edit", href:"manage/#dev/dynreg/new"}
|
||||
]);
|
||||
|
||||
setPageTitle("Edit a New Client");
|
||||
|
|
|
@ -92,22 +92,22 @@ var DynRegRootView = Backbone.View.extend({
|
|||
var clientId = $('#clientId').val();
|
||||
var token = $('#regtoken').val();
|
||||
|
||||
var client = new DynRegClient();
|
||||
client.set({
|
||||
var client = new DynRegClient({
|
||||
client_id: clientId,
|
||||
registration_access_token: token
|
||||
}, { silent: true });
|
||||
});
|
||||
|
||||
console.log(client.get('registration_access_token'));
|
||||
|
||||
client.fetch();
|
||||
console.log(client);
|
||||
|
||||
var dynRegEditView = new DynRegEditView({model: client});
|
||||
|
||||
this.remove();
|
||||
$('#content').html(dynRegEditView.render().el);
|
||||
client.fetch({success: function() {
|
||||
console.log(client);
|
||||
|
||||
var dynRegEditView = new DynRegEditView({model: client});
|
||||
|
||||
$('#content').html(dynRegEditView.render().el);
|
||||
}});
|
||||
app.navigate('dev/dynreg/edit', {trigger: true});
|
||||
this.remove();
|
||||
}
|
||||
|
||||
});
|
||||
|
@ -128,10 +128,138 @@ var DynRegEditView = Backbone.View.extend({
|
|||
this.requestUrisCollection = new Backbone.Collection();
|
||||
},
|
||||
|
||||
render:function() {
|
||||
$(this.el).html(this.template(this.model.toJSON()));
|
||||
previewLogo:function(event) {
|
||||
if ($('#logoUri input', this.el).val()) {
|
||||
$('#logoPreview', this.el).empty();
|
||||
$('#logoPreview', this.el).attr('src', $('#logoUri input').val());
|
||||
} else {
|
||||
$('#logoBlock', this.el).hide();
|
||||
}
|
||||
},
|
||||
|
||||
disableUnsupportedJOSEItems:function(serverSupported, query) {
|
||||
var supported = ['default'];
|
||||
if (serverSupported) {
|
||||
supported = _.union(supported, serverSupported);
|
||||
}
|
||||
$(query, this.$el).each(function(idx) {
|
||||
if(_.contains(supported, $(this).val())) {
|
||||
$(this).prop('disabled', false);
|
||||
} else {
|
||||
$(this).prop('disabled', true);
|
||||
}
|
||||
});
|
||||
|
||||
},
|
||||
|
||||
// returns "null" if given the value "default" as a string, otherwise returns input value. useful for parsing the JOSE algorithm dropdowns
|
||||
defaultToNull:function(value) {
|
||||
if (value == 'default') {
|
||||
return null;
|
||||
} else {
|
||||
return value;
|
||||
}
|
||||
},
|
||||
|
||||
// maps from a form-friendly name to the real grant parameter name
|
||||
grantMap:{
|
||||
'authorization_code': 'authorization_code',
|
||||
'password': 'password',
|
||||
'implicit': 'implicit',
|
||||
'client_credentials': 'client_credentials',
|
||||
'redelegate': 'urn:ietf:params:oauth:grant_type:redelegate',
|
||||
'refresh_token': 'refresh_token'
|
||||
},
|
||||
|
||||
// maps from a form-friendly name to the real response type parameter name
|
||||
responseMap:{
|
||||
'code': 'code',
|
||||
'token': 'token',
|
||||
'idtoken': 'id_token',
|
||||
'token-idtoken': 'token id_token',
|
||||
'code-idtoken': 'code id_token',
|
||||
'code-token': 'code token',
|
||||
'code-token-idtoken': 'code token id_token'
|
||||
},
|
||||
|
||||
render:function() {
|
||||
console.log(this.model.toJSON());
|
||||
$(this.el).html(this.template({client: this.model.toJSON()}));
|
||||
|
||||
return this;
|
||||
var _self = this;
|
||||
|
||||
// build and bind registered redirect URI collection and view
|
||||
_.each(this.model.get("redirectUris"), function (redirectUri) {
|
||||
_self.redirectUrisCollection.add(new URIModel({item:redirectUri}));
|
||||
});
|
||||
|
||||
$("#redirectUris .controls",this.el).html(new ListWidgetView({
|
||||
type:'uri',
|
||||
placeholder: 'http://',
|
||||
collection: this.redirectUrisCollection}).render().el);
|
||||
|
||||
// build and bind scopes
|
||||
var scopeSet = this.model.get("scope").split(" ");
|
||||
_.each(scopeSet, function (scope) {
|
||||
_self.scopeCollection.add(new Backbone.Model({item:scope}));
|
||||
});
|
||||
|
||||
$("#scope .controls",this.el).html(new ListWidgetView({
|
||||
placeholder: 'new scope',
|
||||
autocomplete: _.uniq(_.flatten(app.systemScopeList.pluck("value"))),
|
||||
collection: this.scopeCollection}).render().el);
|
||||
|
||||
// build and bind contacts
|
||||
_.each(this.model.get('contacts'), function (contact) {
|
||||
_self.contactsCollection.add(new Backbone.Model({item:contact}));
|
||||
});
|
||||
|
||||
$("#contacts .controls", this.el).html(new ListWidgetView({
|
||||
placeholder: 'new contact',
|
||||
collection: this.contactsCollection}).render().el);
|
||||
|
||||
|
||||
// build and bind request URIs
|
||||
_.each(this.model.get('requestUris'), function (requestUri) {
|
||||
_self.requestUrisCollection.add(new URIModel({item:requestUri}));
|
||||
});
|
||||
|
||||
$('#requestUris .controls', this.el).html(new ListWidgetView({
|
||||
type: 'uri',
|
||||
placeholder: 'http://',
|
||||
collection: this.requestUrisCollection}).render().el);
|
||||
|
||||
// build and bind default ACR values
|
||||
_.each(this.model.get('defaultAcrValues'), function (defaultAcrValue) {
|
||||
_self.defaultAcrValuesCollection.add(new Backbone.Model({item:defaultAcrValue}));
|
||||
});
|
||||
|
||||
$('#defaultAcrValues .controls', this.el).html(new ListWidgetView({
|
||||
placeholder: 'new ACR value',
|
||||
// TODO: autocomplete from spec
|
||||
collection: this.defaultAcrValuesCollection}).render().el);
|
||||
|
||||
this.previewLogo();
|
||||
|
||||
// disable unsupported JOSE algorithms
|
||||
this.disableUnsupportedJOSEItems(app.serverConfiguration.request_object_signing_alg_values_supported, '#requestObjectSigningAlg option');
|
||||
this.disableUnsupportedJOSEItems(app.serverConfiguration.userinfo_signing_alg_values_supported, '#userInfoSignedResponseAlg option');
|
||||
this.disableUnsupportedJOSEItems(app.serverConfiguration.userinfo_encryption_alg_values_supported, '#userInfoEncryptedResponseAlg option');
|
||||
this.disableUnsupportedJOSEItems(app.serverConfiguration.userinfo_encryption_enc_values_supported, '#userInfoEncryptedResponseEnc option');
|
||||
this.disableUnsupportedJOSEItems(app.serverConfiguration.id_token_signing_alg_values_supported, '#idTokenSignedResponseAlg option');
|
||||
this.disableUnsupportedJOSEItems(app.serverConfiguration.id_token_encryption_alg_values_supported, '#idTokenEncryptedResponseAlg option');
|
||||
this.disableUnsupportedJOSEItems(app.serverConfiguration.id_token_encryption_enc_values_supported, '#idTokenEncryptedResponseEnc option');
|
||||
|
||||
this.$('.nyi').clickover({
|
||||
placement: 'right',
|
||||
title: 'Not Yet Implemented',
|
||||
content: 'The value of this field will be saved with the client, '
|
||||
+'but the server does not currently process anything with it. '
|
||||
+'Future versions of the server library will make use of this.'
|
||||
});
|
||||
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
});
|
|
@ -38,7 +38,7 @@
|
|||
|
||||
<script type="text/html" id="tmpl-dynreg-client-form">
|
||||
|
||||
<h1><%=(client_id == null ? 'New' : 'Edit')%> Client</h1>
|
||||
<h1><%=(client.client_id == null ? 'New' : 'Edit')%> Client</h1>
|
||||
|
||||
|
||||
<form class="form-horizontal tabbable">
|
||||
|
@ -55,6 +55,7 @@
|
|||
<li><a data-target="#client-secret-tab" data-toggle="tab" href="#">Credentials</a></li>
|
||||
<li><a data-target="#client-crypto-tab" data-toggle="tab" href="#">Crypto</a></li>
|
||||
<li><a data-target="#client-other-tab" data-toggle="tab" href="#">Other</a></li>
|
||||
<li><a data-target="#client-json-tab" data-toggle="tab" href="#">JSON</a></li>
|
||||
</ul>
|
||||
|
||||
<div class="tab-content">
|
||||
|
@ -63,29 +64,47 @@
|
|||
<div class="control-group" id="clientId">
|
||||
<label class="control-label">Client ID</label>
|
||||
<div class="controls">
|
||||
<%=client_id ? client_id : 'Will be generated'%>
|
||||
<code><%=client.client_id ? client.client_id : 'Will be generated'%></code>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
<div class="control-group" id="clientId">
|
||||
<div class="control-group" id="requireClientSecret">
|
||||
<label class="control-label">Client Secret</label>
|
||||
<div class="control-group">
|
||||
<div class="controls">
|
||||
<% if (client.client_id) { %>
|
||||
<div id="clientSecret" class="span3">
|
||||
<code><%=client.client_secret ? client.client_secret : ''%></code>
|
||||
</div>
|
||||
<% } else { %>
|
||||
<div id="clientSecretGenerated" class="span3">
|
||||
<code>Will be generated</code>
|
||||
</div>
|
||||
<% } %>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="clientConfigurationUri">
|
||||
<label class="control-label">Client Configuration URL</label>
|
||||
<div class="controls">
|
||||
<%=registration_client_uri ? registration_client_uri : 'Will be generated'%>
|
||||
<code><%=client.registration_client_uri ? client.registration_client_uri : 'Will be generated'%></code>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="clientId">
|
||||
<div class="control-group" id="registrationAccessToken">
|
||||
<label class="control-label">Registration Access Token</label>
|
||||
<div class="controls">
|
||||
<%=registration_access_token ? registration_access_token : 'Will be generated'%>
|
||||
<code><%=client.registration_access_token ? client.registration_access_token : 'Will be generated'%></code>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="clientName">
|
||||
<label class="control-label">Client name</label>
|
||||
<div class="controls">
|
||||
<input value="<%=client_name ? client_name : ''%>" maxlength="100" type="text" class="" placeholder="Type something">
|
||||
<input value="<%=client.client_name ? client.client_name : ''%>" maxlength="100" type="text" class="" placeholder="Type something">
|
||||
<p class="help-block">Human-readable application name</p>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -99,7 +118,7 @@
|
|||
<div class="control-group" id="clientDescription">
|
||||
<label class="control-label">Description</label>
|
||||
<div class="controls">
|
||||
<textarea class="input-xlarge" placeholder="Type a description" maxlength="200" rows="3"><%=client_description ? client_description : ''%></textarea>
|
||||
<textarea class="input-xlarge" placeholder="Type a description" maxlength="200" rows="3"><%=client.client_description ? client.client_description : ''%></textarea>
|
||||
<p class="help-block">Human-readable text description</p>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -107,7 +126,7 @@
|
|||
<div class="control-group" id="logoUri">
|
||||
<label class="control-label">Logo</label>
|
||||
<div class="controls">
|
||||
<input placeholder="http://" value="<%=logo_uri ? logo_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<input placeholder="http://" value="<%=client.logo_uri ? client.logo_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<p class="help-block">URL that points to a logo image, will be displayed on approval page</p>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -122,7 +141,7 @@
|
|||
<div class="control-group" id="tosUri">
|
||||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Terms of Service</label>
|
||||
<div class="controls">
|
||||
<input placeholder="http://" value="<%=tos_uri ? tos_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<input placeholder="http://" value="<%=client.tos_uri ? client.tos_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<p class="help-block">URL for the Terms of Service of this client, will be displayed to the user</p>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -130,7 +149,7 @@
|
|||
<div class="control-group" id="policyUri">
|
||||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Policy</label>
|
||||
<div class="controls">
|
||||
<input placeholder="http://" value="<%=policy_uri ? policy_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<input placeholder="http://" value="<%=client.policy_uri ? client.policy_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<p class="help-block">URL for the Policy Statement of this client, will be displayed to the user</p>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -138,7 +157,7 @@
|
|||
<div class="control-group" id="clientUri">
|
||||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Home Page</label>
|
||||
<div class="controls">
|
||||
<input placeholder="http://" value="<%=client_uri ? client_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<input placeholder="http://" value="<%=client.client_uri ? client.client_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<p class="help-block">URL for the client's home page, will be displayed to the user</p>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -147,10 +166,10 @@
|
|||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Application Type</label>
|
||||
<div class="controls">
|
||||
<label class="radio inline">
|
||||
<input type="radio" name="applicationType" value="NATIVE" <%=(application_type == 'NATIVE' ? 'checked' : '')%>> Native
|
||||
<input type="radio" name="applicationType" value="NATIVE" <%=(client.application_type == 'NATIVE' ? 'checked' : '')%>> Native
|
||||
</label>
|
||||
<label class="radio inline">
|
||||
<input type="radio" name="applicationType" value="WEB" <%=(application_type == 'WEB' ? 'checked' : '')%>> Web
|
||||
<input type="radio" name="applicationType" value="WEB" <%=(client.application_type == 'WEB' ? 'checked' : '')%>> Web
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -181,26 +200,26 @@
|
|||
|
||||
<label class="checkbox">
|
||||
<input id="grantTypes-authorization_code" type="checkbox"
|
||||
<%=($.inArray("authorization_code", grant_types) > -1 ? 'checked' : '')%>>
|
||||
<%=($.inArray("authorization_code", client.grant_types) > -1 ? 'checked' : '')%>>
|
||||
authorization code
|
||||
</label>
|
||||
<label class="checkbox">
|
||||
<input id="grantTypes-client_credentials" type="checkbox"
|
||||
<%=($.inArray("client_credentials", grant_types) > -1 ? 'checked' : '')%>> client credentials
|
||||
<%=($.inArray("client_credentials", client.grant_types) > -1 ? 'checked' : '')%>> client credentials
|
||||
</label>
|
||||
<label class="checkbox">
|
||||
<input id="grantTypes-password" type="checkbox" <%=($.inArray("password", grant_types) > -1 ? 'checked' : '')%>> password
|
||||
<input id="grantTypes-password" type="checkbox" <%=($.inArray("password", client.grant_types) > -1 ? 'checked' : '')%>> password
|
||||
</label>
|
||||
<label class="checkbox">
|
||||
<input id="grantTypes-implicit" type="checkbox" <%=($.inArray("implicit", grant_types) > -1 ? 'checked' : '')%>> implicit
|
||||
<input id="grantTypes-implicit" type="checkbox" <%=($.inArray("implicit", client.grant_types) > -1 ? 'checked' : '')%>> implicit
|
||||
</label>
|
||||
<!--
|
||||
<label class="checkbox">
|
||||
<input id="grantTypes-refresh_token" type="checkbox" <%=($.inArray("refresh_token", grant_types) > -1 ? 'checked' : '')%>> refresh
|
||||
<input id="grantTypes-refresh_token" type="checkbox" <%=($.inArray("refresh_token", client.grant_types) > -1 ? 'checked' : '')%>> refresh
|
||||
</label>
|
||||
-->
|
||||
<label class="checkbox">
|
||||
<input id="grantTypes-redelegate" type="checkbox" <%=($.inArray("urn:ietf:params:oauth:grant_type:redelegate", grant_types) > -1 ? 'checked' : '')%>> redelegate
|
||||
<input id="grantTypes-redelegate" type="checkbox" <%=($.inArray("urn:ietf:params:oauth:grant_type:redelegate", client.grant_types) > -1 ? 'checked' : '')%>> redelegate
|
||||
</label>
|
||||
|
||||
</div>
|
||||
|
@ -211,25 +230,25 @@
|
|||
|
||||
<div class="controls">
|
||||
<label class="checkbox">
|
||||
<input id="responseTypes-code" type="checkbox" <%=($.inArray("code", response_types) > -1 ? 'checked' : '')%>> code
|
||||
<input id="responseTypes-code" type="checkbox" <%=($.inArray("code", client.response_types) > -1 ? 'checked' : '')%>> code
|
||||
</label>
|
||||
<label class="checkbox">
|
||||
<input id="responseTypes-token" type="checkbox" <%=($.inArray("token", response_types) > -1 ? 'checked' : '')%>> token
|
||||
<input id="responseTypes-token" type="checkbox" <%=($.inArray("token", client.response_types) > -1 ? 'checked' : '')%>> token
|
||||
</label>
|
||||
<label class="checkbox">
|
||||
<input id="responseTypes-idtoken" type="checkbox" <%=($.inArray("id_token", response_types) > -1 ? 'checked' : '')%>> id_token
|
||||
<input id="responseTypes-idtoken" type="checkbox" <%=($.inArray("id_token", client.response_types) > -1 ? 'checked' : '')%>> id_token
|
||||
</label>
|
||||
<label class="checkbox">
|
||||
<input id="responseTypes-token-idtoken" type="checkbox" <%=($.inArray("token id_token", response_types) > -1 ? 'checked' : '')%>> token id_token
|
||||
<input id="responseTypes-token-idtoken" type="checkbox" <%=($.inArray("token id_token", client.response_types) > -1 ? 'checked' : '')%>> token id_token
|
||||
</label>
|
||||
<label class="checkbox">
|
||||
<input id="responseTypes-code-idtoken" type="checkbox" <%=($.inArray("code id_token", response_types) > -1 ? 'checked' : '')%>> code id_token
|
||||
<input id="responseTypes-code-idtoken" type="checkbox" <%=($.inArray("code id_token", client.response_types) > -1 ? 'checked' : '')%>> code id_token
|
||||
</label>
|
||||
<label class="checkbox">
|
||||
<input id="responseTypes-code-token" type="checkbox" <%=($.inArray("code token", response_types) > -1 ? 'checked' : '')%>> code token
|
||||
<input id="responseTypes-code-token" type="checkbox" <%=($.inArray("code token", client.response_types) > -1 ? 'checked' : '')%>> code token
|
||||
</label>
|
||||
<label class="checkbox">
|
||||
<input id="responseTypes-code-token-idtoken" type="checkbox" <%=($.inArray("code token id_token", response_types) > -1 ? 'checked' : '')%>> code token id_token
|
||||
<input id="responseTypes-code-token-idtoken" type="checkbox" <%=($.inArray("code token id_token", client.response_types) > -1 ? 'checked' : '')%>> code token id_token
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -241,45 +260,27 @@
|
|||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Token Endpoint Authentication Method</label>
|
||||
<div class="controls">
|
||||
<label class="radio">
|
||||
<input type="radio" name="tokenEndpointAuthMethod" value="SECRET_BASIC" <%=(token_endpoint_auth_method == 'SECRET_BASIC' ? 'checked' : '')%>> Client Secret over HTTP Basic
|
||||
<input type="radio" name="tokenEndpointAuthMethod" value="SECRET_BASIC" <%=(client.token_endpoint_auth_method == 'SECRET_BASIC' ? 'checked' : '')%>> Client Secret over HTTP Basic
|
||||
</label>
|
||||
<label class="radio">
|
||||
<input type="radio" name="tokenEndpointAuthMethod" value="SECRET_POST" <%=(token_endpoint_auth_method == 'SECRET_POST' ? 'checked' : '')%>> Client Secret over HTTP POST
|
||||
<input type="radio" name="tokenEndpointAuthMethod" value="SECRET_POST" <%=(client.token_endpoint_auth_method == 'SECRET_POST' ? 'checked' : '')%>> Client Secret over HTTP POST
|
||||
</label>
|
||||
<label class="radio">
|
||||
<input type="radio" name="tokenEndpointAuthMethod" value="SECRET_JWT" <%=(token_endpoint_auth_method == 'SECRET_JWT' ? 'checked' : '')%>> Client Secret via symmetrically-signed JWT assertion
|
||||
<input type="radio" name="tokenEndpointAuthMethod" value="SECRET_JWT" <%=(client.token_endpoint_auth_method == 'SECRET_JWT' ? 'checked' : '')%>> Client Secret via symmetrically-signed JWT assertion
|
||||
</label>
|
||||
<label class="radio">
|
||||
<input type="radio" name="tokenEndpointAuthMethod" value="PRIVATE_KEY_JWT" <%=(token_endpoint_auth_method == 'PRIVATE_KEY_JWT' ? 'checked' : '')%>> Asymmetrically-signed JWT assertion
|
||||
<input type="radio" name="tokenEndpointAuthMethod" value="PRIVATE_KEY_JWT" <%=(client.token_endpoint_auth_method == 'PRIVATE_KEY_JWT' ? 'checked' : '')%>> Asymmetrically-signed JWT assertion
|
||||
</label>
|
||||
<label class="radio">
|
||||
<input type="radio" name="tokenEndpointAuthMethod" value="NONE" <%=(token_endpoint_auth_method == 'NONE' ? 'checked' : '')%>> No authentication
|
||||
<input type="radio" name="tokenEndpointAuthMethod" value="NONE" <%=(client.token_endpoint_auth_method == 'NONE' ? 'checked' : '')%>> No authentication
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="requireClientSecret">
|
||||
<label class="control-label">Client Secret</label>
|
||||
<div class="control-group">
|
||||
<div class="controls">
|
||||
<div id="clientSecret" class="span3">
|
||||
<input value="<%=client_secret ? client_secret : ''%>" maxlength="100" type="text" placeholder="Type a secret">
|
||||
</div>
|
||||
<div id="clientSecretGenerated" class="span3">
|
||||
<span class="uneditable-input">Generate on Save</span>
|
||||
</div>
|
||||
<div id="clientSecretHidden" class="span3">
|
||||
<span class="uneditable-input span3">* * * * * * * * * * * *</span>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="control-group" id="jwksUri">
|
||||
<label class="control-label">JWK Set</label>
|
||||
<div class="controls">
|
||||
<input placeholder="http://" value="<%=jwks_uri ? jwks_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<input placeholder="http://" value="<%=client.jwks_uri ? client.jwks_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<p class="help-block">URL for the client's JSON Web Key set</p>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -291,17 +292,17 @@
|
|||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Request Object Signing Algorithm</label>
|
||||
<div class="controls">
|
||||
<select>
|
||||
<option value="default" <%=request_object_signing_alg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=request_object_signing_alg == "none" ? 'selected' : ''%>>No digital signature</option>
|
||||
<option value="HS256" <%=request_object_signing_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
|
||||
<option value="HS384" <%=request_object_signing_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
|
||||
<option value="HS512" <%=request_object_signing_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
|
||||
<option value="RS256" <%=request_object_signing_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
|
||||
<option value="RS384" <%=request_object_signing_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
|
||||
<option value="RS512" <%=request_object_signing_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
|
||||
<option value="ES256" <%=request_object_signing_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
|
||||
<option value="ES384" <%=request_object_signing_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
|
||||
<option value="ES512" <%=request_object_signing_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
|
||||
<option value="default" <%=client.request_object_signing_alg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=client.request_object_signing_alg == "none" ? 'selected' : ''%>>No digital signature</option>
|
||||
<option value="HS256" <%=client.request_object_signing_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
|
||||
<option value="HS384" <%=client.request_object_signing_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
|
||||
<option value="HS512" <%=client.request_object_signing_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
|
||||
<option value="RS256" <%=client.request_object_signing_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
|
||||
<option value="RS384" <%=client.request_object_signing_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
|
||||
<option value="RS512" <%=client.request_object_signing_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
|
||||
<option value="ES256" <%=client.request_object_signing_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
|
||||
<option value="ES384" <%=client.request_object_signing_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
|
||||
<option value="ES512" <%=client.request_object_signing_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -310,17 +311,17 @@
|
|||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> User Info Endpoint Signing Algorithm</label>
|
||||
<div class="controls">
|
||||
<select>
|
||||
<option value="default" <%=userinfo_signed_response_alg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=userinfo_signed_response_alg == "none" ? 'selected' : ''%>>No digital signature</option>
|
||||
<option value="HS256" <%=userinfo_signed_response_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
|
||||
<option value="HS384" <%=userinfo_signed_response_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
|
||||
<option value="HS512" <%=userinfo_signed_response_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
|
||||
<option value="RS256" <%=userinfo_signed_response_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
|
||||
<option value="RS384" <%=userinfo_signed_response_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
|
||||
<option value="RS512" <%=userinfo_signed_response_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
|
||||
<option value="ES256" <%=userinfo_signed_response_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
|
||||
<option value="ES384" <%=userinfo_signed_response_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
|
||||
<option value="ES512" <%=userinfo_signed_response_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
|
||||
<option value="default" <%=client.userinfo_signed_response_alg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=client.userinfo_signed_response_alg == "none" ? 'selected' : ''%>>No digital signature</option>
|
||||
<option value="HS256" <%=client.userinfo_signed_response_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
|
||||
<option value="HS384" <%=client.userinfo_signed_response_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
|
||||
<option value="HS512" <%=client.userinfo_signed_response_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
|
||||
<option value="RS256" <%=client.userinfo_signed_response_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
|
||||
<option value="RS384" <%=client.userinfo_signed_response_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
|
||||
<option value="RS512" <%=client.userinfo_signed_response_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
|
||||
<option value="ES256" <%=client.userinfo_signed_response_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
|
||||
<option value="ES384" <%=client.userinfo_signed_response_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
|
||||
<option value="ES512" <%=client.userinfo_signed_response_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -329,16 +330,16 @@
|
|||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> User Info Endpoint Encryption Algorithm</label>
|
||||
<div class="controls">
|
||||
<select>
|
||||
<option value="default" <%=userinfo_encrypted_response_alg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=userinfo_encrypted_response_alg == "none" ? 'selected' : ''%>>No encryption</option>
|
||||
<option value="RSA1_5" <%=userinfo_encrypted_response_alg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option>
|
||||
<option value="RSA-OAEP" <%=userinfo_encrypted_response_alg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
|
||||
<option value="A128KW" <%=userinfo_encrypted_response_alg == "A128KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 128 bit keys </option>
|
||||
<option value="A256KW" <%=userinfo_encrypted_response_alg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option>
|
||||
<option value="dir" <%=userinfo_encrypted_response_alg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
|
||||
<option value="ECDH-ES" <%=userinfo_encrypted_response_alg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
|
||||
<option value="ECDH-ES+A128KW" <%=userinfo_encrypted_response_alg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
|
||||
<option value="ECDH-ES+A256KW" <%=userinfo_encrypted_response_alg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
|
||||
<option value="default" <%=client.userinfo_encrypted_response_alg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=client.userinfo_encrypted_response_alg == "none" ? 'selected' : ''%>>No encryption</option>
|
||||
<option value="RSA1_5" <%=client.userinfo_encrypted_response_alg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option>
|
||||
<option value="RSA-OAEP" <%=client.userinfo_encrypted_response_alg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
|
||||
<option value="A128KW" <%=client.userinfo_encrypted_response_alg == "A128KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 128 bit keys </option>
|
||||
<option value="A256KW" <%=client.userinfo_encrypted_response_alg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option>
|
||||
<option value="dir" <%=client.userinfo_encrypted_response_alg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
|
||||
<option value="ECDH-ES" <%=client.userinfo_encrypted_response_alg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
|
||||
<option value="ECDH-ES+A128KW" <%=client.userinfo_encrypted_response_alg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
|
||||
<option value="ECDH-ES+A256KW" <%=client.userinfo_encrypted_response_alg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -347,12 +348,12 @@
|
|||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> User Info Endpoint Encryption Method</label>
|
||||
<div class="controls">
|
||||
<select>
|
||||
<option value="default" <%=userinfo_encrypted_response_enc == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=userinfo_encrypted_response_enc == "none" ? 'selected' : ''%>>No encryption</option>
|
||||
<option value="A128CBC+HS256" <%=userinfo_encrypted_response_enc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
|
||||
<option value="A256CBC+HS512" <%=userinfo_encrypted_response_enc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
|
||||
<option value="A128GCM" <%=userinfo_encrypted_response_enc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option>
|
||||
<option value="A256GCM" <%=userinfo_encrypted_response_enc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option>
|
||||
<option value="default" <%=client.userinfo_encrypted_response_enc == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=client.userinfo_encrypted_response_enc == "none" ? 'selected' : ''%>>No encryption</option>
|
||||
<option value="A128CBC+HS256" <%=client.userinfo_encrypted_response_enc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
|
||||
<option value="A256CBC+HS512" <%=client.userinfo_encrypted_response_enc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
|
||||
<option value="A128GCM" <%=client.userinfo_encrypted_response_enc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option>
|
||||
<option value="A256GCM" <%=client.userinfo_encrypted_response_enc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -361,17 +362,17 @@
|
|||
<label class="control-label">ID Token Signing Algorithm</label>
|
||||
<div class="controls">
|
||||
<select>
|
||||
<option value="default" <%=id_token_signed_response_alg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=id_token_signed_response_alg == "none" ? 'selected' : ''%>>No digital signature</option>
|
||||
<option value="HS256" <%=id_token_signed_response_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
|
||||
<option value="HS384" <%=id_token_signed_response_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
|
||||
<option value="HS512" <%=id_token_signed_response_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
|
||||
<option value="RS256" <%=id_token_signed_response_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
|
||||
<option value="RS384" <%=id_token_signed_response_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
|
||||
<option value="RS512" <%=id_token_signed_response_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
|
||||
<option value="ES256" <%=id_token_signed_response_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
|
||||
<option value="ES384" <%=id_token_signed_response_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
|
||||
<option value="ES512" <%=id_token_signed_response_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
|
||||
<option value="default" <%=client.id_token_signed_response_alg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=client.id_token_signed_response_alg == "none" ? 'selected' : ''%>>No digital signature</option>
|
||||
<option value="HS256" <%=client.id_token_signed_response_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
|
||||
<option value="HS384" <%=client.id_token_signed_response_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
|
||||
<option value="HS512" <%=client.id_token_signed_response_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
|
||||
<option value="RS256" <%=client.id_token_signed_response_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
|
||||
<option value="RS384" <%=client.id_token_signed_response_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
|
||||
<option value="RS512" <%=client.id_token_signed_response_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
|
||||
<option value="ES256" <%=client.id_token_signed_response_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
|
||||
<option value="ES384" <%=client.id_token_signed_response_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
|
||||
<option value="ES512" <%=client.id_token_signed_response_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -380,16 +381,16 @@
|
|||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> ID Token Encryption Algorithm</label>
|
||||
<div class="controls">
|
||||
<select>
|
||||
<option value="default" <%=id_token_encrypted_response_alg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=id_token_encrypted_response_alg == "none" ? 'selected' : ''%>>No encryption</option>
|
||||
<option value="RSA1_5" <%=id_token_encrypted_response_alg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option>
|
||||
<option value="RSA-OAEP" <%=id_token_encrypted_response_alg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
|
||||
<option value="A128KW" <%=id_token_encrypted_response_alg == "A128KW" ? 'selected' : ''%>>Advanced Encryption Standard (AES) Key Wrap Algorithm using 128 bit keys </option>
|
||||
<option value="A256KW" <%=id_token_encrypted_response_alg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option>
|
||||
<option value="dir" <%=id_token_encrypted_response_alg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
|
||||
<option value="ECDH-ES" <%=id_token_encrypted_response_alg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
|
||||
<option value="ECDH-ES+A128KW" <%=id_token_encrypted_response_alg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
|
||||
<option value="ECDH-ES+A256KW" <%=id_token_encrypted_response_alg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
|
||||
<option value="default" <%=client.id_token_encrypted_response_alg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=client.id_token_encrypted_response_alg == "none" ? 'selected' : ''%>>No encryption</option>
|
||||
<option value="RSA1_5" <%=client.id_token_encrypted_response_alg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option>
|
||||
<option value="RSA-OAEP" <%=client.id_token_encrypted_response_alg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
|
||||
<option value="A128KW" <%=client.id_token_encrypted_response_alg == "A128KW" ? 'selected' : ''%>>Advanced Encryption Standard (AES) Key Wrap Algorithm using 128 bit keys </option>
|
||||
<option value="A256KW" <%=client.id_token_encrypted_response_alg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option>
|
||||
<option value="dir" <%=client.id_token_encrypted_response_alg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
|
||||
<option value="ECDH-ES" <%=client.id_token_encrypted_response_alg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
|
||||
<option value="ECDH-ES+A128KW" <%=client.id_token_encrypted_response_alg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
|
||||
<option value="ECDH-ES+A256KW" <%=client.id_token_encrypted_response_alg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -398,12 +399,12 @@
|
|||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> ID Token Encryption Method</label>
|
||||
<div class="controls">
|
||||
<select>
|
||||
<option value="default" <%=id_token_encrypted_response_enc == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=id_token_encrypted_response_enc == "none" ? 'selected' : ''%>>No encryption</option>
|
||||
<option value="A128CBC+HS256" <%=id_token_encrypted_response_enc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
|
||||
<option value="A256CBC+HS512" <%=id_token_encrypted_response_enc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
|
||||
<option value="A128GCM" <%=id_token_encrypted_response_enc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option>
|
||||
<option value="A256GCM" <%=id_token_encrypted_response_enc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option>
|
||||
<option value="default" <%=client.id_token_encrypted_response_enc == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=client.id_token_encrypted_response_enc == "none" ? 'selected' : ''%>>No encryption</option>
|
||||
<option value="A128CBC+HS256" <%=client.id_token_encrypted_response_enc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
|
||||
<option value="A256CBC+HS512" <%=client.id_token_encrypted_response_enc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
|
||||
<option value="A128GCM" <%=client.id_token_encrypted_response_enc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option>
|
||||
<option value="A256GCM" <%=client.id_token_encrypted_response_enc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option>
|
||||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -416,10 +417,10 @@
|
|||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Subject Type</label>
|
||||
<div class="controls">
|
||||
<label class="radio inline">
|
||||
<input type="radio" name="subjectType" value="PUBLIC" <%=(subject_type == 'PUBLIC' ? 'checked' : '')%>> Public
|
||||
<input type="radio" name="subjectType" value="public" <%=(client.subject_type == 'public' ? 'checked' : '')%>> Public
|
||||
</label>
|
||||
<label class="radio inline">
|
||||
<input type="radio" name="subjectType" value="PAIRWISE" <%=(subject_type == 'PAIRWISE' ? 'checked' : '')%>> Pairwise
|
||||
<input type="radio" name="subjectType" value="pairwise" <%=(client.subject_type == 'pairwise' ? 'checked' : '')%>> Pairwise
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -427,7 +428,7 @@
|
|||
<div class="control-group" id="initiateLoginUri">
|
||||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Initiate Login</label>
|
||||
<div class="controls">
|
||||
<input placeholder="http://" value="<%=initiate_login_uri ? initiate_login_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<input placeholder="http://" value="<%=client.initiate_login_uri ? client.initiate_login_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<p class="help-block">URL to initiate login on the client</p>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -435,7 +436,7 @@
|
|||
<div class="control-group" id="postLogoutRedirectUri">
|
||||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Post-Logout Redirect</label>
|
||||
<div class="controls">
|
||||
<input placeholder="http://" value="<%=post_logout_redirect_uri%>" maxlength="1000" type="text" class=""/>
|
||||
<input placeholder="http://" value="<%=client.post_logout_redirect_uri%>" maxlength="1000" type="text" class=""/>
|
||||
<p class="help-block">URL to redirect the client to after a logout operation</p>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -445,7 +446,7 @@
|
|||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Require Auth Time</label>
|
||||
<div class="controls">
|
||||
<label class="checkbox">
|
||||
<input type="checkbox" <%=(require_auth_time == true ? 'checked' : '')%>> Always require that the auth_time claim be sent in the id token
|
||||
<input type="checkbox" <%=(client.require_auth_time == true ? 'checked' : '')%>> Always require that the auth_time claim be sent in the id token
|
||||
</label>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -453,7 +454,7 @@
|
|||
<div class="control-group" id="defaultMaxAge">
|
||||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Default Max Age</label>
|
||||
<div class="controls">
|
||||
<input placeholder="" value="<%=default_max_age ? default_max_age : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<input placeholder="" value="<%=client.default_max_age ? client.default_max_age : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<p class="help-block">Default maximum session age before re-prompting</p>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -473,13 +474,21 @@
|
|||
<div class="control-group" id="sectorIdentifierUri">
|
||||
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Sector Identifier URI</label>
|
||||
<div class="controls">
|
||||
<input placeholder="http://" value="<%=sector_identifier_uri ? sector_identifier_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<input placeholder="http://" value="<%=client.sector_identifier_uri ? client.sector_identifier_uri : ''%>" maxlength="1000" type="text" class=""/>
|
||||
<p class="help-block">Sector Identifier for JavaScript</p>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
</div>
|
||||
|
||||
<div class="tab-pane" id="client-json-tab">
|
||||
|
||||
<pre>
|
||||
<%= JSON.stringify(client, undefined, 2) %>
|
||||
</pre>
|
||||
|
||||
</div>
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue