github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

changed all templates to print escaped characters

pull/653/head
Justin Richer 2014-07-19 22:39:48 -07:00
parent 38b6ab7a1b
commit 91e00d79e3
8 changed files with 320 additions and 320 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
openid-connect-server-webapp/src/main/webapp/resources/template/admin.html
View File

@ -19,16 +19,16 @@
<script type="text/html" id="tmpl-breadcrumbs"> <script type="text/html" id="tmpl-breadcrumbs">
<% if (active == false) { %> <% if (active == false) { %>
<li><a href="<%=href%>"><%=text%></a> <span class="divider">/</span></li> <li><a href="<%-href%>"><%-text%></a> <span class="divider">/</span></li>
<% } else { %> <% } else { %>
<li class="active"><%=text%></li> <li class="active"><%-text%></li>
<% } %> <% } %>
</script> </script>
<!-- list widget --> <!-- list widget -->
<script type="text/html" id="tmpl-list-widget-child"> <script type="text/html" id="tmpl-list-widget-child">
<td><%=(item.length > 30) ? item.substr(0,27) + '...' : item %></td> <td><%-(item.length > 30) ? item.substr(0,27) + '...' : item %></td>
<td><a class="btn btn-small btn-delete-list-item" href="#"><i class="icon-minus-sign"></i></a></td> <td><a class="btn btn-small btn-delete-list-item" href="#"><i class="icon-minus-sign"></i></a></td>
</script> </script>
@ -42,7 +42,7 @@
<thead> <thead>
<tr> <tr>
<th class="control-group"> <th class="control-group">
<input type="text" value="" placeholder="<%=(placeholder) ? placeholder : ''%>"></th> <input type="text" value="" placeholder="<%-(placeholder) ? placeholder : ''%>"></th>
<th><a class="btn btn-small btn-add-list-item" href="#"><i class="icon-plus-sign"></i></a></th> <th><a class="btn btn-small btn-add-list-item" href="#"><i class="icon-plus-sign"></i></a></th>
</tr> </tr>
</thead> </thead>
@ -89,7 +89,7 @@
<script type="text/html" id="tmpl-user-profile-element"> <script type="text/html" id="tmpl-user-profile-element">
<dt><%= key %></dt> <dt><%- key %></dt>
<dd><%= value %></dd> <dd><%- value %></dd>
</script> </script>

268
openid-connect-server-webapp/src/main/webapp/resources/template/client.html
View File

@ -21,7 +21,7 @@
<% if (count == 0) { %> <% if (count == 0) { %>
<span class="label label-important">0</span> <span class="label label-important">0</span>
<% } else if (count != null) { %> <% } else if (count != null) { %>
<span class="label label-info"><%= count %></span> <span class="label label-info"><%- count %></span>
<% } else { %> <% } else { %>
<span class="label label-warning">?</span> <span class="label label-warning">?</span>
<% } %> <% } %>
@ -29,10 +29,10 @@
<td> <td>
<div> <div>
<span class="clientid-substring" title="<%= client.clientId %> (click to display client ID)"><%= client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span> <span class="clientid-substring" title="<%- client.clientId %> (click to display client ID)"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
</div> </div>
<div> <div>
<input type="text" readonly style="cursor: text" class="clientid-full input-xxlarge" value="<%= client.clientId %>" /> <input type="text" readonly style="cursor: text" class="clientid-full input-xxlarge" value="<%- client.clientId %>" />
</div> </div>
<div> <div>
<% if (client.dynamicallyRegistered) { %> <% if (client.dynamicallyRegistered) { %>
@ -43,7 +43,7 @@
<% } %> <% } %>
</div> </div>
<div> <div>
<small class="muted" title="<%= hoverCreationDate %>"><i class="icon-time"></i> Registered <%= displayCreationDate %></small> <small class="muted" title="<%- hoverCreationDate %>"><i class="icon-time"></i> Registered <%- displayCreationDate %></small>
</div> </div>
<div class="matched text-info"> <div class="matched text-info">
<small><i>Matched: <span class="label"></span></i></small> <small><i>Matched: <span class="label"></span></i></small>
@ -77,19 +77,19 @@
<i class="icon-chevron-right"></i> <small>more information</small> <i class="icon-chevron-right"></i> <small>more information</small>
</div> </div>
<div class="moreInformation hide"> <div class="moreInformation hide">
<%=client.clientDescription%> <%-client.clientDescription%>
<ul> <ul>
<% if (client.clientUri) { %> <% if (client.clientUri) { %>
<li>Home page: <a href="<%= client.clientUri %>"><%= client.clientUri %></a></li> <li>Home page: <a href="<%- client.clientUri %>"><%- client.clientUri %></a></li>
<% } %> <% } %>
<% if (client.policyUri) { %> <% if (client.policyUri) { %>
<li>Policy: <a href="<%= client.policyUri %>"><%= client.policyUri %></a></li> <li>Policy: <a href="<%- client.policyUri %>"><%- client.policyUri %></a></li>
<% } %> <% } %>
<% if (client.tosUri) { %> <% if (client.tosUri) { %>
<li>Terms of Service: <a href="<%= client.tosUri %>"><%= client.tosUri %></a></li> <li>Terms of Service: <a href="<%- client.tosUri %>"><%- client.tosUri %></a></li>
<% } %> <% } %>
<% if (client.contacts != null && client.contacts.length > 0) { %> <% if (client.contacts != null && client.contacts.length > 0) { %>
<li>Administrative Contacts: <%= client.contacts.join(', ') %></li> <li>Administrative Contacts: <%- client.contacts.join(', ') %></li>
<% } %> <% } %>
</ul> </ul>
</div> </div>
@ -144,7 +144,7 @@
<script type="text/html" id="tmpl-client-form"> <script type="text/html" id="tmpl-client-form">
<h1><%=(id == null ? 'New' : 'Edit')%> Client</h1> <h1><%-(id == null ? 'New' : 'Edit')%> Client</h1>
<form class="form-horizontal tabbable"> <form class="form-horizontal tabbable">
@ -170,14 +170,14 @@
<div class="control-group" id="createdAt"> <div class="control-group" id="createdAt">
<label class="control-label">Registered at</label> <label class="control-label">Registered at</label>
<div class="controls"> <div class="controls">
<%=createdAt%> <%-createdAt%>
</div> </div>
</div> </div>
<div class="control-group" id="clientName"> <div class="control-group" id="clientName">
<label class="control-label">Client name</label> <label class="control-label">Client name</label>
<div class="controls"> <div class="controls">
<input value="<%=clientName%>" maxlength="100" type="text" class="" placeholder="Type something"> <input value="<%-clientName%>" maxlength="100" type="text" class="" placeholder="Type something">
<p class="help-block">Human-readable application name</p> <p class="help-block">Human-readable application name</p>
</div> </div>
</div> </div>
@ -185,7 +185,7 @@
<div class="control-group" id="clientId"> <div class="control-group" id="clientId">
<label class="control-label">Client ID</label> <label class="control-label">Client ID</label>
<div class="controls"> <div class="controls">
<input value="<%=clientId%>" maxlength="100" type="text" class="" placeholder="Type something"> <input value="<%-clientId%>" maxlength="100" type="text" class="" placeholder="Type something">
<p class="help-block">Unique identifier. If you leave this blank it will be automatically generated.</p> <p class="help-block">Unique identifier. If you leave this blank it will be automatically generated.</p>
</div> </div>
</div> </div>
@ -200,7 +200,7 @@
<label class="control-label">Description</label> <label class="control-label">Description</label>
<div class="controls"> <div class="controls">
<textarea class="input-xlarge" placeholder="Type a description" maxlength="200" <textarea class="input-xlarge" placeholder="Type a description" maxlength="200"
rows="3"><%=clientDescription%></textarea> rows="3"><%-clientDescription%></textarea>
<p class="help-block">Human-readable text description</p> <p class="help-block">Human-readable text description</p>
</div> </div>
</div> </div>
@ -208,7 +208,7 @@
<div class="control-group" id="logoUri"> <div class="control-group" id="logoUri">
<label class="control-label">Logo</label> <label class="control-label">Logo</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=logoUri%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-logoUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL that points to a logo image, will be displayed on approval page</p> <p class="help-block">URL that points to a logo image, will be displayed on approval page</p>
</div> </div>
</div> </div>
@ -222,7 +222,7 @@
<div class="control-group" id="tosUri"> <div class="control-group" id="tosUri">
<label class="control-label">Terms of Service</label> <label class="control-label">Terms of Service</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=tosUri%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-tosUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the Terms of Service of this client, will be displayed to the user</p> <p class="help-block">URL for the Terms of Service of this client, will be displayed to the user</p>
</div> </div>
</div> </div>
@ -230,7 +230,7 @@
<div class="control-group" id="policyUri"> <div class="control-group" id="policyUri">
<label class="control-label">Policy Statement</label> <label class="control-label">Policy Statement</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=policyUri%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-policyUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the Policy Statement of this client, will be displayed to the user</p> <p class="help-block">URL for the Policy Statement of this client, will be displayed to the user</p>
</div> </div>
</div> </div>
@ -238,7 +238,7 @@
<div class="control-group" id="clientUri"> <div class="control-group" id="clientUri">
<label class="control-label">Home Page</label> <label class="control-label">Home Page</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=clientUri%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-clientUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the client's home page, will be displayed to the user</p> <p class="help-block">URL for the client's home page, will be displayed to the user</p>
</div> </div>
</div> </div>
@ -247,10 +247,10 @@
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Application Type</label> <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Application Type</label>
<div class="controls"> <div class="controls">
<label class="radio inline"> <label class="radio inline">
<input type="radio" name="applicationType" value="NATIVE" <%=(applicationType == 'NATIVE' ? 'checked' : '')%>> Native <input type="radio" name="applicationType" value="NATIVE" <%-(applicationType == 'NATIVE' ? 'checked' : '')%>> Native
</label> </label>
<label class="radio inline"> <label class="radio inline">
<input type="radio" name="applicationType" value="WEB" <%=(applicationType == 'WEB' ? 'checked' : '')%>> Web <input type="radio" name="applicationType" value="WEB" <%-(applicationType == 'WEB' ? 'checked' : '')%>> Web
</label> </label>
</div> </div>
</div> </div>
@ -281,26 +281,26 @@
<label class="checkbox"> <label class="checkbox">
<input id="grantTypes-authorization_code" type="checkbox" <input id="grantTypes-authorization_code" type="checkbox"
<%=($.inArray("authorization_code", grantTypes) > -1 ? 'checked' : '')%>> <%-($.inArray("authorization_code", grantTypes) > -1 ? 'checked' : '')%>>
authorization code authorization code
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="grantTypes-client_credentials" type="checkbox" <input id="grantTypes-client_credentials" type="checkbox"
<%=($.inArray("client_credentials", grantTypes) > -1 ? 'checked' : '')%>> client credentials <%-($.inArray("client_credentials", grantTypes) > -1 ? 'checked' : '')%>> client credentials
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="grantTypes-password" type="checkbox" <%=($.inArray("password", grantTypes) > -1 ? 'checked' : '')%>> password <input id="grantTypes-password" type="checkbox" <%-($.inArray("password", grantTypes) > -1 ? 'checked' : '')%>> password
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="grantTypes-implicit" type="checkbox" <%=($.inArray("implicit", grantTypes) > -1 ? 'checked' : '')%>> implicit <input id="grantTypes-implicit" type="checkbox" <%-($.inArray("implicit", grantTypes) > -1 ? 'checked' : '')%>> implicit
</label> </label>
<!-- <!--
<label class="checkbox"> <label class="checkbox">
<input id="grantTypes-refresh_token" type="checkbox" <%=($.inArray("refresh_token", grantTypes) > -1 ? 'checked' : '')%>> refresh <input id="grantTypes-refresh_token" type="checkbox" <%-($.inArray("refresh_token", grantTypes) > -1 ? 'checked' : '')%>> refresh
</label> </label>
--> -->
<label class="checkbox"> <label class="checkbox">
<input id="grantTypes-redelegate" type="checkbox" <%=($.inArray("urn:ietf:params:oauth:grant_type:redelegate", grantTypes) > -1 ? 'checked' : '')%>> redelegate <input id="grantTypes-redelegate" type="checkbox" <%-($.inArray("urn:ietf:params:oauth:grant_type:redelegate", grantTypes) > -1 ? 'checked' : '')%>> redelegate
</label> </label>
</div> </div>
@ -311,25 +311,25 @@
<div class="controls"> <div class="controls">
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-code" type="checkbox" <%=($.inArray("code", responseTypes) > -1 ? 'checked' : '')%>> code <input id="responseTypes-code" type="checkbox" <%-($.inArray("code", responseTypes) > -1 ? 'checked' : '')%>> code
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-token" type="checkbox" <%=($.inArray("token", responseTypes) > -1 ? 'checked' : '')%>> token <input id="responseTypes-token" type="checkbox" <%-($.inArray("token", responseTypes) > -1 ? 'checked' : '')%>> token
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-idtoken" type="checkbox" <%=($.inArray("id_token", responseTypes) > -1 ? 'checked' : '')%>> id_token <input id="responseTypes-idtoken" type="checkbox" <%-($.inArray("id_token", responseTypes) > -1 ? 'checked' : '')%>> id_token
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-token-idtoken" type="checkbox" <%=($.inArray("token id_token", responseTypes) > -1 ? 'checked' : '')%>> token id_token <input id="responseTypes-token-idtoken" type="checkbox" <%-($.inArray("token id_token", responseTypes) > -1 ? 'checked' : '')%>> token id_token
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-code-idtoken" type="checkbox" <%=($.inArray("code id_token", responseTypes) > -1 ? 'checked' : '')%>> code id_token <input id="responseTypes-code-idtoken" type="checkbox" <%-($.inArray("code id_token", responseTypes) > -1 ? 'checked' : '')%>> code id_token
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-code-token" type="checkbox" <%=($.inArray("code token", responseTypes) > -1 ? 'checked' : '')%>> code token <input id="responseTypes-code-token" type="checkbox" <%-($.inArray("code token", responseTypes) > -1 ? 'checked' : '')%>> code token
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-code-token-idtoken" type="checkbox" <%=($.inArray("code token id_token", responseTypes) > -1 ? 'checked' : '')%>> code token id_token <input id="responseTypes-code-token-idtoken" type="checkbox" <%-($.inArray("code token id_token", responseTypes) > -1 ? 'checked' : '')%>> code token id_token
</label> </label>
</div> </div>
</div> </div>
@ -338,7 +338,7 @@
<label class="control-label">Introspection</label> <label class="control-label">Introspection</label>
<div class="controls"> <div class="controls">
<label class="checkbox"> <label class="checkbox">
<input type="checkbox" <%=(allowIntrospection == true ? 'checked' : '')%>> Allow calls to the Introspection Endpoint? <input type="checkbox" <%-(allowIntrospection == true ? 'checked' : '')%>> Allow calls to the Introspection Endpoint?
</label> </label>
</div> </div>
</div> </div>
@ -347,10 +347,10 @@
<label class="control-label">Subject Type</label> <label class="control-label">Subject Type</label>
<div class="controls"> <div class="controls">
<label class="radio inline"> <label class="radio inline">
<input type="radio" name="subjectType" value="PUBLIC" <%=(subjectType == 'PUBLIC' ? 'checked' : '')%>> Public <input type="radio" name="subjectType" value="PUBLIC" <%-(subjectType == 'PUBLIC' ? 'checked' : '')%>> Public
</label> </label>
<label class="radio inline"> <label class="radio inline">
<input type="radio" name="subjectType" value="PAIRWISE" <%=(subjectType == 'PAIRWISE' ? 'checked' : '')%>> Pairwise <input type="radio" name="subjectType" value="PAIRWISE" <%-(subjectType == 'PAIRWISE' ? 'checked' : '')%>> Pairwise
</label> </label>
</div> </div>
</div> </div>
@ -358,7 +358,7 @@
<div class="control-group" id="sectorIdentifierUri"> <div class="control-group" id="sectorIdentifierUri">
<label class="control-label">Sector Identifier URI</label> <label class="control-label">Sector Identifier URI</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=sectorIdentifierUri%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-sectorIdentifierUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">Sector Identifier for JavaScript</p> <p class="help-block">Sector Identifier for JavaScript</p>
</div> </div>
</div> </div>
@ -371,19 +371,19 @@
<label class="control-label">Token Endpoint Authentication Method</label> <label class="control-label">Token Endpoint Authentication Method</label>
<div class="controls"> <div class="controls">
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="SECRET_BASIC" <%=(tokenEndpointAuthMethod == 'SECRET_BASIC' ? 'checked' : '')%>> Client Secret over HTTP Basic <input type="radio" name="tokenEndpointAuthMethod" value="SECRET_BASIC" <%-(tokenEndpointAuthMethod == 'SECRET_BASIC' ? 'checked' : '')%>> Client Secret over HTTP Basic
</label> </label>
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="SECRET_POST" <%=(tokenEndpointAuthMethod == 'SECRET_POST' ? 'checked' : '')%>> Client Secret over HTTP POST <input type="radio" name="tokenEndpointAuthMethod" value="SECRET_POST" <%-(tokenEndpointAuthMethod == 'SECRET_POST' ? 'checked' : '')%>> Client Secret over HTTP POST
</label> </label>
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="SECRET_JWT" <%=(tokenEndpointAuthMethod == 'SECRET_JWT' ? 'checked' : '')%>> Client Secret via symmetrically-signed JWT assertion <input type="radio" name="tokenEndpointAuthMethod" value="SECRET_JWT" <%-(tokenEndpointAuthMethod == 'SECRET_JWT' ? 'checked' : '')%>> Client Secret via symmetrically-signed JWT assertion
</label> </label>
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="PRIVATE_KEY" <%=(tokenEndpointAuthMethod == 'PRIVATE_KEY' ? 'checked' : '')%>> Asymmetrically-signed JWT assertion <input type="radio" name="tokenEndpointAuthMethod" value="PRIVATE_KEY" <%-(tokenEndpointAuthMethod == 'PRIVATE_KEY' ? 'checked' : '')%>> Asymmetrically-signed JWT assertion
</label> </label>
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="NONE" <%=(tokenEndpointAuthMethod == 'NONE' ? 'checked' : '')%>> No authentication <input type="radio" name="tokenEndpointAuthMethod" value="NONE" <%-(tokenEndpointAuthMethod == 'NONE' ? 'checked' : '')%>> No authentication
</label> </label>
</div> </div>
</div> </div>
@ -394,7 +394,7 @@
<div class="control-group" id="generateClientSecret"> <div class="control-group" id="generateClientSecret">
<div class="controls"> <div class="controls">
<label class="checkbox"> <label class="checkbox">
<input type="checkbox" <%=(generateClientSecret == true ? 'checked' : '')%>> Generate a new client secret? <input type="checkbox" <%-(generateClientSecret == true ? 'checked' : '')%>> Generate a new client secret?
</label> </label>
<p class="help-block">New secret will be generated when you click 'Save'</p> <p class="help-block">New secret will be generated when you click 'Save'</p>
</div> </div>
@ -403,7 +403,7 @@
<div class="control-group" id="displayClientSecret"> <div class="control-group" id="displayClientSecret">
<div class="controls"> <div class="controls">
<label class="checkbox"> <label class="checkbox">
<input type="checkbox" <%=(displayClientSecret == true ? 'checked' : '')%>> Display/edit client secret: <input type="checkbox" <%-(displayClientSecret == true ? 'checked' : '')%>> Display/edit client secret:
</label> </label>
</div> </div>
</div> </div>
@ -411,7 +411,7 @@
<div class="control-group"> <div class="control-group">
<div class="controls"> <div class="controls">
<div id="clientSecret" class="span3"> <div id="clientSecret" class="span3">
<input value="<%=clientSecret%>" maxlength="100" type="text" placeholder="Type a secret"> <input value="<%-clientSecret%>" maxlength="100" type="text" placeholder="Type a secret">
</div> </div>
<div id="clientSecretGenerated" class="span3"> <div id="clientSecretGenerated" class="span3">
<span class="uneditable-input">Generate on Save</span> <span class="uneditable-input">Generate on Save</span>
@ -428,16 +428,16 @@
<label class="control-label">Token Endpoint Authentication Signing Algorithm</label> <label class="control-label">Token Endpoint Authentication Signing Algorithm</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=tokenEndpointAuthSigningAlg == null ? 'selected ' : ''%>>Any allowed</option> <option value="default" <%-tokenEndpointAuthSigningAlg == null ? 'selected ' : ''%>>Any allowed</option>
<option value="HS256" <%=tokenEndpointAuthSigningAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option> <option value="HS256" <%-tokenEndpointAuthSigningAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
<option value="HS384" <%=tokenEndpointAuthSigningAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option> <option value="HS384" <%-tokenEndpointAuthSigningAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
<option value="HS512" <%=tokenEndpointAuthSigningAlg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option> <option value="HS512" <%-tokenEndpointAuthSigningAlg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
<option value="RS256" <%=tokenEndpointAuthSigningAlg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option> <option value="RS256" <%-tokenEndpointAuthSigningAlg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
<option value="RS384" <%=tokenEndpointAuthSigningAlg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option> <option value="RS384" <%-tokenEndpointAuthSigningAlg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
<option value="RS512" <%=tokenEndpointAuthSigningAlg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option> <option value="RS512" <%-tokenEndpointAuthSigningAlg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
<option value="ES256" <%=tokenEndpointAuthSigningAlg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option> <option value="ES256" <%-tokenEndpointAuthSigningAlg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
<option value="ES384" <%=tokenEndpointAuthSigningAlg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option> <option value="ES384" <%-tokenEndpointAuthSigningAlg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
<option value="ES512" <%=tokenEndpointAuthSigningAlg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option> <option value="ES512" <%-tokenEndpointAuthSigningAlg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
</select> </select>
</div> </div>
</div> </div>
@ -445,7 +445,7 @@
<div class="control-group" id="jwksUri"> <div class="control-group" id="jwksUri">
<label class="control-label">JWK Set</label> <label class="control-label">JWK Set</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=jwksUri%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-jwksUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the client's JSON Web Key set</p> <p class="help-block">URL for the client's JSON Web Key set</p>
</div> </div>
</div> </div>
@ -458,11 +458,11 @@
<div class="controls"> <div class="controls">
<div> <div>
<label class="checkbox"> <label class="checkbox">
<input type="checkbox" id="disableAccessTokenTimeout" <%=(accessTokenValiditySeconds == null ? 'checked' : '')%>/> Access tokens do not time out <input type="checkbox" id="disableAccessTokenTimeout" <%-(accessTokenValiditySeconds == null ? 'checked' : '')%>/> Access tokens do not time out
</label> </label>
</div> </div>
<div> <div>
<input type="text" class="" value="<%=(accessTokenValiditySeconds == null ? '' : accessTokenValiditySeconds)%>" id="access-token-timeout-time" size="16" style="width:8em;"> <input type="text" class="" value="<%-(accessTokenValiditySeconds == null ? '' : accessTokenValiditySeconds)%>" id="access-token-timeout-time" size="16" style="width:8em;">
<select id="access-token-timeout-unit" style="width:8em;"> <select id="access-token-timeout-unit" style="width:8em;">
<option>seconds</option> <option>seconds</option>
<option>minutes</option> <option>minutes</option>
@ -478,7 +478,7 @@
<label class="control-label">ID Token Timeout</label> <label class="control-label">ID Token Timeout</label>
<div class="controls"> <div class="controls">
<div> <div>
<input type="text" class="" value="<%=(idTokenValiditySeconds == null ? '' : idTokenValiditySeconds)%>" id="id-token-timeout-time" size="16" style="width:8em;"> <input type="text" class="" value="<%-(idTokenValiditySeconds == null ? '' : idTokenValiditySeconds)%>" id="id-token-timeout-time" size="16" style="width:8em;">
<select id="id-token-timeout-unit" style="width:8em;"> <select id="id-token-timeout-unit" style="width:8em;">
<option>seconds</option> <option>seconds</option>
<option>minutes</option> <option>minutes</option>
@ -493,7 +493,7 @@
<label class="control-label">Refresh Tokens</label> <label class="control-label">Refresh Tokens</label>
<div class="controls"> <div class="controls">
<label class="checkbox"> <label class="checkbox">
<input type="checkbox" id="allowRefresh" <%=(allowRefresh == true ? 'checked' : '')%>> Refresh tokens are issued for this client <input type="checkbox" id="allowRefresh" <%-(allowRefresh == true ? 'checked' : '')%>> Refresh tokens are issued for this client
</label> </label>
</div> </div>
</div> </div>
@ -502,16 +502,16 @@
<div class="controls"> <div class="controls">
<div> <div>
<label class="checkbox"> <label class="checkbox">
<input type="checkbox" id="reuseRefreshToken" <%=(reuseRefreshToken == true ? 'checked' : '')%>> Refresh tokens for this client are re-used <input type="checkbox" id="reuseRefreshToken" <%-(reuseRefreshToken == true ? 'checked' : '')%>> Refresh tokens for this client are re-used
</label> </label>
</div> </div>
<div> <div>
<label class="checkbox"> <label class="checkbox">
<input type="checkbox" id="disableRefreshTokenTimeout" <%=(refreshTokenValiditySeconds == null ? 'checked' : '')%>/> Refresh tokens do not time out <input type="checkbox" id="disableRefreshTokenTimeout" <%-(refreshTokenValiditySeconds == null ? 'checked' : '')%>/> Refresh tokens do not time out
</label> </label>
</div> </div>
<div> <div>
<input type="text" class="" value="<%=(refreshTokenValiditySeconds == null ? '' : refreshTokenValiditySeconds)%>" id="refresh-token-timeout-time" size="16" style="width:8em;"> <input type="text" class="" value="<%-(refreshTokenValiditySeconds == null ? '' : refreshTokenValiditySeconds)%>" id="refresh-token-timeout-time" size="16" style="width:8em;">
<select id="refresh-token-timeout-unit" style="width:8em;"> <select id="refresh-token-timeout-unit" style="width:8em;">
<option>seconds</option> <option>seconds</option>
<option>minutes</option> <option>minutes</option>
@ -528,17 +528,17 @@
<label class="control-label">Request Object Signing Algorithm</label> <label class="control-label">Request Object Signing Algorithm</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=requestObjectSigningAlg == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-requestObjectSigningAlg == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=requestObjectSigningAlg == "none" ? 'selected' : ''%>>No digital signature</option> <option value="none" <%-requestObjectSigningAlg == "none" ? 'selected' : ''%>>No digital signature</option>
<option value="HS256" <%=requestObjectSigningAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option> <option value="HS256" <%-requestObjectSigningAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
<option value="HS384" <%=requestObjectSigningAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option> <option value="HS384" <%-requestObjectSigningAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
<option value="HS512" <%=requestObjectSigningAlg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option> <option value="HS512" <%-requestObjectSigningAlg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
<option value="RS256" <%=requestObjectSigningAlg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option> <option value="RS256" <%-requestObjectSigningAlg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
<option value="RS384" <%=requestObjectSigningAlg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option> <option value="RS384" <%-requestObjectSigningAlg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
<option value="RS512" <%=requestObjectSigningAlg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option> <option value="RS512" <%-requestObjectSigningAlg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
<option value="ES256" <%=requestObjectSigningAlg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option> <option value="ES256" <%-requestObjectSigningAlg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
<option value="ES384" <%=requestObjectSigningAlg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option> <option value="ES384" <%-requestObjectSigningAlg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
<option value="ES512" <%=requestObjectSigningAlg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option> <option value="ES512" <%-requestObjectSigningAlg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
</select> </select>
</div> </div>
</div> </div>
@ -547,17 +547,17 @@
<label class="control-label">User Info Endpoint Signing Algorithm</label> <label class="control-label">User Info Endpoint Signing Algorithm</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=userInfoSignedResponseAlg == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-userInfoSignedResponseAlg == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=userInfoSignedResponseAlg == "none" ? 'selected' : ''%>>No digital signature</option> <option value="none" <%-userInfoSignedResponseAlg == "none" ? 'selected' : ''%>>No digital signature</option>
<option value="HS256" <%=userInfoSignedResponseAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option> <option value="HS256" <%-userInfoSignedResponseAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
<option value="HS384" <%=userInfoSignedResponseAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option> <option value="HS384" <%-userInfoSignedResponseAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
<option value="HS512" <%=userInfoSignedResponseAlg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option> <option value="HS512" <%-userInfoSignedResponseAlg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
<option value="RS256" <%=userInfoSignedResponseAlg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option> <option value="RS256" <%-userInfoSignedResponseAlg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
<option value="RS384" <%=userInfoSignedResponseAlg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option> <option value="RS384" <%-userInfoSignedResponseAlg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
<option value="RS512" <%=userInfoSignedResponseAlg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option> <option value="RS512" <%-userInfoSignedResponseAlg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
<option value="ES256" <%=userInfoSignedResponseAlg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option> <option value="ES256" <%-userInfoSignedResponseAlg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
<option value="ES384" <%=userInfoSignedResponseAlg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option> <option value="ES384" <%-userInfoSignedResponseAlg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
<option value="ES512" <%=userInfoSignedResponseAlg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option> <option value="ES512" <%-userInfoSignedResponseAlg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
</select> </select>
</div> </div>
</div> </div>
@ -566,16 +566,16 @@
<label class="control-label">User Info Endpoint Encryption Algorithm</label> <label class="control-label">User Info Endpoint Encryption Algorithm</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=userInfoEncryptedResponseAlg == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-userInfoEncryptedResponseAlg == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=userInfoEncryptedResponseAlg == "none" ? 'selected' : ''%>>No encryption</option> <option value="none" <%-userInfoEncryptedResponseAlg == "none" ? 'selected' : ''%>>No encryption</option>
<option value="RSA1_5" <%=userInfoEncryptedResponseAlg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option> <option value="RSA1_5" <%-userInfoEncryptedResponseAlg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option>
<option value="RSA-OAEP" <%=userInfoEncryptedResponseAlg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option> <option value="RSA-OAEP" <%-userInfoEncryptedResponseAlg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
<option value="A128KW" <%=userInfoEncryptedResponseAlg == "A128KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 128 bit keys </option> <option value="A128KW" <%-userInfoEncryptedResponseAlg == "A128KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 128 bit keys </option>
<option value="A256KW" <%=userInfoEncryptedResponseAlg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option> <option value="A256KW" <%-userInfoEncryptedResponseAlg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option>
<option value="dir" <%=userInfoEncryptedResponseAlg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option> <option value="dir" <%-userInfoEncryptedResponseAlg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
<option value="ECDH-ES" <%=userInfoEncryptedResponseAlg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option> <option value="ECDH-ES" <%-userInfoEncryptedResponseAlg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
<option value="ECDH-ES+A128KW" <%=userInfoEncryptedResponseAlg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option> <option value="ECDH-ES+A128KW" <%-userInfoEncryptedResponseAlg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
<option value="ECDH-ES+A256KW" <%=userInfoEncryptedResponseAlg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option> <option value="ECDH-ES+A256KW" <%-userInfoEncryptedResponseAlg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
</select> </select>
</div> </div>
</div> </div>
@ -584,12 +584,12 @@
<label class="control-label">User Info Endpoint Encryption Method</label> <label class="control-label">User Info Endpoint Encryption Method</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=userInfoEncryptedResponseEnc == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-userInfoEncryptedResponseEnc == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=userInfoEncryptedResponseEnc == "none" ? 'selected' : ''%>>No encryption</option> <option value="none" <%-userInfoEncryptedResponseEnc == "none" ? 'selected' : ''%>>No encryption</option>
<option value="A128CBC+HS256" <%=userInfoEncryptedResponseEnc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option> <option value="A128CBC+HS256" <%-userInfoEncryptedResponseEnc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
<option value="A256CBC+HS512" <%=userInfoEncryptedResponseEnc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option> <option value="A256CBC+HS512" <%-userInfoEncryptedResponseEnc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
<option value="A128GCM" <%=userInfoEncryptedResponseEnc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option> <option value="A128GCM" <%-userInfoEncryptedResponseEnc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option>
<option value="A256GCM" <%=userInfoEncryptedResponseEnc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option> <option value="A256GCM" <%-userInfoEncryptedResponseEnc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option>
</select> </select>
</div> </div>
</div> </div>
@ -598,17 +598,17 @@
<label class="control-label">ID Token Signing Algorithm</label> <label class="control-label">ID Token Signing Algorithm</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=idTokenSignedResponseAlg == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-idTokenSignedResponseAlg == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=idTokenSignedResponseAlg == "none" ? 'selected' : ''%>>No digital signature</option> <option value="none" <%-idTokenSignedResponseAlg == "none" ? 'selected' : ''%>>No digital signature</option>
<option value="HS256" <%=idTokenSignedResponseAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option> <option value="HS256" <%-idTokenSignedResponseAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
<option value="HS384" <%=idTokenSignedResponseAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option> <option value="HS384" <%-idTokenSignedResponseAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
<option value="HS512" <%=idTokenSignedResponseAlg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option> <option value="HS512" <%-idTokenSignedResponseAlg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
<option value="RS256" <%=idTokenSignedResponseAlg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option> <option value="RS256" <%-idTokenSignedResponseAlg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
<option value="RS384" <%=idTokenSignedResponseAlg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option> <option value="RS384" <%-idTokenSignedResponseAlg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
<option value="RS512" <%=idTokenSignedResponseAlg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option> <option value="RS512" <%-idTokenSignedResponseAlg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
<option value="ES256" <%=idTokenSignedResponseAlg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option> <option value="ES256" <%-idTokenSignedResponseAlg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
<option value="ES384" <%=idTokenSignedResponseAlg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option> <option value="ES384" <%-idTokenSignedResponseAlg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
<option value="ES512" <%=idTokenSignedResponseAlg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option> <option value="ES512" <%-idTokenSignedResponseAlg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
</select> </select>
</div> </div>
</div> </div>
@ -617,16 +617,16 @@
<label class="control-label">ID Token Encryption Algorithm</label> <label class="control-label">ID Token Encryption Algorithm</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=idTokenEncryptedResponseAlg == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-idTokenEncryptedResponseAlg == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=idTokenEncryptedResponseAlg == "none" ? 'selected' : ''%>>No encryption</option> <option value="none" <%-idTokenEncryptedResponseAlg == "none" ? 'selected' : ''%>>No encryption</option>
<option value="RSA1_5" <%=idTokenEncryptedResponseAlg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option> <option value="RSA1_5" <%-idTokenEncryptedResponseAlg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option>
<option value="RSA-OAEP" <%=idTokenEncryptedResponseAlg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option> <option value="RSA-OAEP" <%-idTokenEncryptedResponseAlg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
<option value="A128KW" <%=idTokenEncryptedResponseAlg == "A128KW" ? 'selected' : ''%>>Advanced Encryption Standard (AES) Key Wrap Algorithm using 128 bit keys </option> <option value="A128KW" <%-idTokenEncryptedResponseAlg == "A128KW" ? 'selected' : ''%>>Advanced Encryption Standard (AES) Key Wrap Algorithm using 128 bit keys </option>
<option value="A256KW" <%=idTokenEncryptedResponseAlg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option> <option value="A256KW" <%-idTokenEncryptedResponseAlg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option>
<option value="dir" <%=idTokenEncryptedResponseAlg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option> <option value="dir" <%-idTokenEncryptedResponseAlg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
<option value="ECDH-ES" <%=idTokenEncryptedResponseAlg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option> <option value="ECDH-ES" <%-idTokenEncryptedResponseAlg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
<option value="ECDH-ES+A128KW" <%=idTokenEncryptedResponseAlg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option> <option value="ECDH-ES+A128KW" <%-idTokenEncryptedResponseAlg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
<option value="ECDH-ES+A256KW" <%=idTokenEncryptedResponseAlg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option> <option value="ECDH-ES+A256KW" <%-idTokenEncryptedResponseAlg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
</select> </select>
</div> </div>
</div> </div>
@ -635,12 +635,12 @@
<label class="control-label">ID Token Encryption Method</label> <label class="control-label">ID Token Encryption Method</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=idTokenEncryptedResponseEnc == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-idTokenEncryptedResponseEnc == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=idTokenEncryptedResponseEnc == "none" ? 'selected' : ''%>>No encryption</option> <option value="none" <%-idTokenEncryptedResponseEnc == "none" ? 'selected' : ''%>>No encryption</option>
<option value="A128CBC+HS256" <%=idTokenEncryptedResponseEnc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option> <option value="A128CBC+HS256" <%-idTokenEncryptedResponseEnc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
<option value="A256CBC+HS512" <%=idTokenEncryptedResponseEnc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option> <option value="A256CBC+HS512" <%-idTokenEncryptedResponseEnc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
<option value="A128GCM" <%=idTokenEncryptedResponseEnc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option> <option value="A128GCM" <%-idTokenEncryptedResponseEnc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option>
<option value="A256GCM" <%=idTokenEncryptedResponseEnc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option> <option value="A256GCM" <%-idTokenEncryptedResponseEnc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option>
</select> </select>
</div> </div>
</div> </div>
@ -652,7 +652,7 @@
<div class="control-group" id="initiateLoginUri"> <div class="control-group" id="initiateLoginUri">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Initiate Login</label> <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Initiate Login</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=initiateLoginUri%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-initiateLoginUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL to initiate login on the client</p> <p class="help-block">URL to initiate login on the client</p>
</div> </div>
</div> </div>
@ -660,7 +660,7 @@
<div class="control-group" id="postLogoutRedirectUri"> <div class="control-group" id="postLogoutRedirectUri">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Post-Logout Redirect</label> <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Post-Logout Redirect</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=postLogoutRedirectUri%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-postLogoutRedirectUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL to redirect the client to after a logout operation</p> <p class="help-block">URL to redirect the client to after a logout operation</p>
</div> </div>
</div> </div>
@ -670,7 +670,7 @@
<label class="control-label">Require Authentication Time</label> <label class="control-label">Require Authentication Time</label>
<div class="controls"> <div class="controls">
<label class="checkbox"> <label class="checkbox">
<input type="checkbox" <%=(requireAuthTime == true ? 'checked' : '')%>> Always require that the auth_time claim be sent in the id token <input type="checkbox" <%-(requireAuthTime == true ? 'checked' : '')%>> Always require that the auth_time claim be sent in the id token
</label> </label>
</div> </div>
</div> </div>
@ -678,7 +678,7 @@
<div class="control-group" id="defaultMaxAge"> <div class="control-group" id="defaultMaxAge">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Default Max Age</label> <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Default Max Age</label>
<div class="controls"> <div class="controls">
<input placeholder="" value="<%=defaultMaxAge%>" maxlength="1000" type="text" class=""/> <input placeholder="" value="<%-defaultMaxAge%>" maxlength="1000" type="text" class=""/>
<p class="help-block">Default maximum session age before re-prompting</p> <p class="help-block">Default maximum session age before re-prompting</p>
</div> </div>
</div> </div>
@ -712,13 +712,13 @@
<script type="text/html" id="tmpl-client-saved"> <script type="text/html" id="tmpl-client-saved">
<div> <div>
<strong>ID:</strong> <input type="text" readonly style="cursor: text" class="token-full input-xxlarge" value="<%= clientId %>" /> <strong>ID:</strong> <input type="text" readonly style="cursor: text" class="token-full input-xxlarge" value="<%- clientId %>" />
</div> </div>
<% if (secretChanged) { %> <% if (secretChanged) { %>
<div> <div>
<strong>Secret:</strong> <button class="btn btn-mini" id="clientSaveShow">Show Secret</button> <strong>Secret:</strong> <button class="btn btn-mini" id="clientSaveShow">Show Secret</button>
<input type="text" id="savedClientSecret" readonly style="cursor: text" class="token-full input-xxlarge" value="<%= clientSecret %>" /> <input type="text" id="savedClientSecret" readonly style="cursor: text" class="token-full input-xxlarge" value="<%- clientSecret %>" />
</div> </div>
<% } else if (clientSecret == null || clientSecret == '') { %> <% } else if (clientSecret == null || clientSecret == '') { %>
<div> <div>

226
openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html
View File

@ -38,7 +38,7 @@
<script type="text/html" id="tmpl-dynreg-client-form"> <script type="text/html" id="tmpl-dynreg-client-form">
<h1><%=(client.client_id == null ? 'New' : 'Edit')%> Client</h1> <h1><%-(client.client_id == null ? 'New' : 'Edit')%> Client</h1>
<form class="form-horizontal tabbable"> <form class="form-horizontal tabbable">
@ -78,7 +78,7 @@
<div class="control-group" id="clientId"> <div class="control-group" id="clientId">
<label class="control-label">Client ID</label> <label class="control-label">Client ID</label>
<div class="controls"> <div class="controls">
<pre><%=client.client_id ? client.client_id : '<code>Will be generated</code>'%></pre> <pre><%-client.client_id ? client.client_id : '<code>Will be generated</code>'%></pre>
</div> </div>
</div> </div>
@ -89,7 +89,7 @@
<div class="controls"> <div class="controls">
<% if (client.client_id) { %> <% if (client.client_id) { %>
<% if (client.client_secret) { %> <% if (client.client_secret) { %>
<pre><%= client.client_secret %></pre> <pre><%- client.client_secret %></pre>
<% } else { %> <% } else { %>
<% if (client.token_endpoint_auth_method == 'none') { %> <% if (client.token_endpoint_auth_method == 'none') { %>
<pre>None (public client)</pre> <pre>None (public client)</pre>
@ -110,14 +110,14 @@
<div class="control-group" id="clientConfigurationUri"> <div class="control-group" id="clientConfigurationUri">
<label class="control-label">Client Configuration URL</label> <label class="control-label">Client Configuration URL</label>
<div class="controls"> <div class="controls">
<pre><%=client.registration_client_uri ? client.registration_client_uri : 'Will be generated'%></pre> <pre><%-client.registration_client_uri ? client.registration_client_uri : 'Will be generated'%></pre>
</div> </div>
</div> </div>
<div class="control-group" id="registrationAccessToken"> <div class="control-group" id="registrationAccessToken">
<label class="control-label">Registration Access Token</label> <label class="control-label">Registration Access Token</label>
<div class="controls"> <div class="controls">
<pre><%=client.registration_access_token ? client.registration_access_token : 'Will be generated'%></pre> <pre><%-client.registration_access_token ? client.registration_access_token : 'Will be generated'%></pre>
</div> </div>
</div> </div>
@ -161,7 +161,7 @@
<div class="control-group" id="clientName"> <div class="control-group" id="clientName">
<label class="control-label">Client name</label> <label class="control-label">Client name</label>
<div class="controls"> <div class="controls">
<input value="<%=client.client_name ? client.client_name : ''%>" maxlength="100" type="text" class="" placeholder="Type something"> <input value="<%-client.client_name ? client.client_name : ''%>" maxlength="100" type="text" class="" placeholder="Type something">
<p class="help-block">Human-readable application name</p> <p class="help-block">Human-readable application name</p>
</div> </div>
</div> </div>
@ -175,7 +175,7 @@
<div class="control-group" id="logoUri"> <div class="control-group" id="logoUri">
<label class="control-label">Logo</label> <label class="control-label">Logo</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=client.logo_uri ? client.logo_uri : ''%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-client.logo_uri ? client.logo_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL that points to a logo image, will be displayed on approval page</p> <p class="help-block">URL that points to a logo image, will be displayed on approval page</p>
</div> </div>
</div> </div>
@ -189,7 +189,7 @@
<div class="control-group" id="tosUri"> <div class="control-group" id="tosUri">
<label class="control-label">Terms of Service</label> <label class="control-label">Terms of Service</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=client.tos_uri ? client.tos_uri : ''%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-client.tos_uri ? client.tos_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the Terms of Service of this client, will be displayed to the user</p> <p class="help-block">URL for the Terms of Service of this client, will be displayed to the user</p>
</div> </div>
</div> </div>
@ -197,7 +197,7 @@
<div class="control-group" id="policyUri"> <div class="control-group" id="policyUri">
<label class="control-label">Policy</label> <label class="control-label">Policy</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=client.policy_uri ? client.policy_uri : ''%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-client.policy_uri ? client.policy_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the Policy Statement of this client, will be displayed to the user</p> <p class="help-block">URL for the Policy Statement of this client, will be displayed to the user</p>
</div> </div>
</div> </div>
@ -205,7 +205,7 @@
<div class="control-group" id="clientUri"> <div class="control-group" id="clientUri">
<label class="control-label">Home Page</label> <label class="control-label">Home Page</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=client.client_uri ? client.client_uri : ''%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-client.client_uri ? client.client_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the client's home page, will be displayed to the user</p> <p class="help-block">URL for the client's home page, will be displayed to the user</p>
</div> </div>
</div> </div>
@ -214,10 +214,10 @@
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Application Type</label> <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Application Type</label>
<div class="controls"> <div class="controls">
<label class="radio inline"> <label class="radio inline">
<input type="radio" name="applicationType" value="NATIVE" <%=(client.application_type == 'NATIVE' ? 'checked' : '')%>> Native <input type="radio" name="applicationType" value="NATIVE" <%-(client.application_type == 'NATIVE' ? 'checked' : '')%>> Native
</label> </label>
<label class="radio inline"> <label class="radio inline">
<input type="radio" name="applicationType" value="WEB" <%=(client.application_type == 'WEB' ? 'checked' : '')%>> Web <input type="radio" name="applicationType" value="WEB" <%-(client.application_type == 'WEB' ? 'checked' : '')%>> Web
</label> </label>
</div> </div>
</div> </div>
@ -225,7 +225,7 @@
<div class="control-group" id="contacts"> <div class="control-group" id="contacts">
<label class="control-label">Contacts</label> <label class="control-label">Contacts</label>
<div class="controls"> <div class="controls">
<p class="help-block">List of contacts for adminstrators of this client. Your email address (<%= userInfo.email %>) will be automatically added to this list on save.</p> <p class="help-block">List of contacts for adminstrators of this client. Your email address (<%- userInfo.email %>) will be automatically added to this list on save.</p>
<div></div> <div></div>
</div> </div>
</div> </div>
@ -250,19 +250,19 @@
<label class="radio"> <label class="radio">
<input id="grantTypes-authorization_code" type="radio" name="grantTypes" <input id="grantTypes-authorization_code" type="radio" name="grantTypes"
<%=($.inArray("authorization_code", client.grant_types) > -1 ? 'checked' : '')%>> <%-($.inArray("authorization_code", client.grant_types) > -1 ? 'checked' : '')%>>
authorization code authorization code
</label> </label>
<label class="radio"> <label class="radio">
<input id="grantTypes-client_credentials" type="radio" name="grantTypes" <input id="grantTypes-client_credentials" type="radio" name="grantTypes"
<%=($.inArray("client_credentials", client.grant_types) > -1 ? 'checked' : '')%>> client credentials <%-($.inArray("client_credentials", client.grant_types) > -1 ? 'checked' : '')%>> client credentials
</label> </label>
<label class="radio"> <label class="radio">
<input id="grantTypes-implicit" type="radio" name="grantTypes" <input id="grantTypes-implicit" type="radio" name="grantTypes"
<%=($.inArray("implicit", client.grant_types) > -1 ? 'checked' : '')%>> implicit <%-($.inArray("implicit", client.grant_types) > -1 ? 'checked' : '')%>> implicit
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="grantTypes-redelegate" type="checkbox" <%=($.inArray("urn:ietf:params:oauth:grant_type:redelegate", client.grant_types) > -1 ? 'checked' : '')%>> redelegate <input id="grantTypes-redelegate" type="checkbox" <%-($.inArray("urn:ietf:params:oauth:grant_type:redelegate", client.grant_types) > -1 ? 'checked' : '')%>> redelegate
</label> </label>
</div> </div>
@ -273,25 +273,25 @@
<div class="controls"> <div class="controls">
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-code" type="checkbox" <%=($.inArray("code", client.response_types) > -1 ? 'checked' : '')%>> code <input id="responseTypes-code" type="checkbox" <%-($.inArray("code", client.response_types) > -1 ? 'checked' : '')%>> code
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-token" type="checkbox" <%=($.inArray("token", client.response_types) > -1 ? 'checked' : '')%>> token <input id="responseTypes-token" type="checkbox" <%-($.inArray("token", client.response_types) > -1 ? 'checked' : '')%>> token
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-idtoken" type="checkbox" <%=($.inArray("id_token", client.response_types) > -1 ? 'checked' : '')%>> id_token <input id="responseTypes-idtoken" type="checkbox" <%-($.inArray("id_token", client.response_types) > -1 ? 'checked' : '')%>> id_token
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-token-idtoken" type="checkbox" <%=($.inArray("token id_token", client.response_types) > -1 ? 'checked' : '')%>> token id_token <input id="responseTypes-token-idtoken" type="checkbox" <%-($.inArray("token id_token", client.response_types) > -1 ? 'checked' : '')%>> token id_token
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-code-idtoken" type="checkbox" <%=($.inArray("code id_token", client.response_types) > -1 ? 'checked' : '')%>> code id_token <input id="responseTypes-code-idtoken" type="checkbox" <%-($.inArray("code id_token", client.response_types) > -1 ? 'checked' : '')%>> code id_token
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-code-token" type="checkbox" <%=($.inArray("code token", client.response_types) > -1 ? 'checked' : '')%>> code token <input id="responseTypes-code-token" type="checkbox" <%-($.inArray("code token", client.response_types) > -1 ? 'checked' : '')%>> code token
</label> </label>
<label class="checkbox"> <label class="checkbox">
<input id="responseTypes-code-token-idtoken" type="checkbox" <%=($.inArray("code token id_token", client.response_types) > -1 ? 'checked' : '')%>> code token id_token <input id="responseTypes-code-token-idtoken" type="checkbox" <%-($.inArray("code token id_token", client.response_types) > -1 ? 'checked' : '')%>> code token id_token
</label> </label>
</div> </div>
</div> </div>
@ -300,10 +300,10 @@
<label class="control-label">Subject Type</label> <label class="control-label">Subject Type</label>
<div class="controls"> <div class="controls">
<label class="radio inline"> <label class="radio inline">
<input type="radio" name="subjectType" value="public" <%=(client.subject_type == 'public' ? 'checked' : '')%>> Public <input type="radio" name="subjectType" value="public" <%-(client.subject_type == 'public' ? 'checked' : '')%>> Public
</label> </label>
<label class="radio inline"> <label class="radio inline">
<input type="radio" name="subjectType" value="pairwise" <%=(client.subject_type == 'pairwise' ? 'checked' : '')%>> Pairwise <input type="radio" name="subjectType" value="pairwise" <%-(client.subject_type == 'pairwise' ? 'checked' : '')%>> Pairwise
</label> </label>
</div> </div>
</div> </div>
@ -311,7 +311,7 @@
<div class="control-group" id="sectorIdentifierUri"> <div class="control-group" id="sectorIdentifierUri">
<label class="control-label">Sector Identifier URI</label> <label class="control-label">Sector Identifier URI</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=client.sector_identifier_uri ? client.sector_identifier_uri : ''%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-client.sector_identifier_uri ? client.sector_identifier_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block">Sector Identifier for JavaScript</p> <p class="help-block">Sector Identifier for JavaScript</p>
</div> </div>
</div> </div>
@ -324,19 +324,19 @@
<label class="control-label">Token Endpoint Authentication Method</label> <label class="control-label">Token Endpoint Authentication Method</label>
<div class="controls"> <div class="controls">
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="client_secret_basic" <%=(client.token_endpoint_auth_method == 'client_secret_basic' ? 'checked' : '')%>> Client Secret over HTTP Basic <input type="radio" name="tokenEndpointAuthMethod" value="client_secret_basic" <%-(client.token_endpoint_auth_method == 'client_secret_basic' ? 'checked' : '')%>> Client Secret over HTTP Basic
</label> </label>
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="client_secret_post" <%=(client.token_endpoint_auth_method == 'client_secret_post' ? 'checked' : '')%>> Client Secret over HTTP POST <input type="radio" name="tokenEndpointAuthMethod" value="client_secret_post" <%-(client.token_endpoint_auth_method == 'client_secret_post' ? 'checked' : '')%>> Client Secret over HTTP POST
</label> </label>
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="client_secret_jwt" <%=(client.token_endpoint_auth_method == 'client_secret_jwt' ? 'checked' : '')%>> Client Secret via symmetrically-signed JWT assertion <input type="radio" name="tokenEndpointAuthMethod" value="client_secret_jwt" <%-(client.token_endpoint_auth_method == 'client_secret_jwt' ? 'checked' : '')%>> Client Secret via symmetrically-signed JWT assertion
</label> </label>
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="private_key_jwt" <%=(client.token_endpoint_auth_method == 'private_key_jwt' ? 'checked' : '')%>> Asymmetrically-signed JWT assertion <input type="radio" name="tokenEndpointAuthMethod" value="private_key_jwt" <%-(client.token_endpoint_auth_method == 'private_key_jwt' ? 'checked' : '')%>> Asymmetrically-signed JWT assertion
</label> </label>
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="none" <%=(client.token_endpoint_auth_method == 'none' ? 'checked' : '')%>> No authentication <input type="radio" name="tokenEndpointAuthMethod" value="none" <%-(client.token_endpoint_auth_method == 'none' ? 'checked' : '')%>> No authentication
</label> </label>
</div> </div>
</div> </div>
@ -345,16 +345,16 @@
<label class="control-label">Token Endpoint Authentication Signing Algorithm</label> <label class="control-label">Token Endpoint Authentication Signing Algorithm</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=client.token_endpoint_auth_signing_alg == null ? 'selected ' : ''%>>Any allowed</option> <option value="default" <%-client.token_endpoint_auth_signing_alg == null ? 'selected ' : ''%>>Any allowed</option>
<option value="HS256" <%=client.token_endpoint_auth_signing_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option> <option value="HS256" <%-client.token_endpoint_auth_signing_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
<option value="HS384" <%=client.token_endpoint_auth_signing_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option> <option value="HS384" <%-client.token_endpoint_auth_signing_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
<option value="HS512" <%=client.token_endpoint_auth_signing_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option> <option value="HS512" <%-client.token_endpoint_auth_signing_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
<option value="RS256" <%=client.token_endpoint_auth_signing_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option> <option value="RS256" <%-client.token_endpoint_auth_signing_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
<option value="RS384" <%=client.token_endpoint_auth_signing_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option> <option value="RS384" <%-client.token_endpoint_auth_signing_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
<option value="RS512" <%=client.token_endpoint_auth_signing_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option> <option value="RS512" <%-client.token_endpoint_auth_signing_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
<option value="ES256" <%=client.token_endpoint_auth_signing_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option> <option value="ES256" <%-client.token_endpoint_auth_signing_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
<option value="ES384" <%=client.token_endpoint_auth_signing_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option> <option value="ES384" <%-client.token_endpoint_auth_signing_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
<option value="ES512" <%=client.token_endpoint_auth_signing_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option> <option value="ES512" <%-client.token_endpoint_auth_signing_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
</select> </select>
</div> </div>
</div> </div>
@ -362,7 +362,7 @@
<div class="control-group" id="jwksUri"> <div class="control-group" id="jwksUri">
<label class="control-label">JWK Set</label> <label class="control-label">JWK Set</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=client.jwks_uri ? client.jwks_uri : ''%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-client.jwks_uri ? client.jwks_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the client's JSON Web Key set</p> <p class="help-block">URL for the client's JSON Web Key set</p>
</div> </div>
</div> </div>
@ -374,17 +374,17 @@
<label class="control-label">Request Object Signing Algorithm</label> <label class="control-label">Request Object Signing Algorithm</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=client.request_object_signing_alg == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-client.request_object_signing_alg == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=client.request_object_signing_alg == "none" ? 'selected' : ''%>>No digital signature</option> <option value="none" <%-client.request_object_signing_alg == "none" ? 'selected' : ''%>>No digital signature</option>
<option value="HS256" <%=client.request_object_signing_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option> <option value="HS256" <%-client.request_object_signing_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
<option value="HS384" <%=client.request_object_signing_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option> <option value="HS384" <%-client.request_object_signing_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
<option value="HS512" <%=client.request_object_signing_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option> <option value="HS512" <%-client.request_object_signing_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
<option value="RS256" <%=client.request_object_signing_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option> <option value="RS256" <%-client.request_object_signing_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
<option value="RS384" <%=client.request_object_signing_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option> <option value="RS384" <%-client.request_object_signing_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
<option value="RS512" <%=client.request_object_signing_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option> <option value="RS512" <%-client.request_object_signing_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
<option value="ES256" <%=client.request_object_signing_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option> <option value="ES256" <%-client.request_object_signing_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
<option value="ES384" <%=client.request_object_signing_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option> <option value="ES384" <%-client.request_object_signing_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
<option value="ES512" <%=client.request_object_signing_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option> <option value="ES512" <%-client.request_object_signing_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
</select> </select>
</div> </div>
</div> </div>
@ -393,17 +393,17 @@
<label class="control-label">User Info Endpoint Signing Algorithm</label> <label class="control-label">User Info Endpoint Signing Algorithm</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=client.userinfo_signed_response_alg == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-client.userinfo_signed_response_alg == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=client.userinfo_signed_response_alg == "none" ? 'selected' : ''%>>No digital signature</option> <option value="none" <%-client.userinfo_signed_response_alg == "none" ? 'selected' : ''%>>No digital signature</option>
<option value="HS256" <%=client.userinfo_signed_response_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option> <option value="HS256" <%-client.userinfo_signed_response_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
<option value="HS384" <%=client.userinfo_signed_response_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option> <option value="HS384" <%-client.userinfo_signed_response_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
<option value="HS512" <%=client.userinfo_signed_response_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option> <option value="HS512" <%-client.userinfo_signed_response_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
<option value="RS256" <%=client.userinfo_signed_response_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option> <option value="RS256" <%-client.userinfo_signed_response_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
<option value="RS384" <%=client.userinfo_signed_response_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option> <option value="RS384" <%-client.userinfo_signed_response_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
<option value="RS512" <%=client.userinfo_signed_response_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option> <option value="RS512" <%-client.userinfo_signed_response_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
<option value="ES256" <%=client.userinfo_signed_response_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option> <option value="ES256" <%-client.userinfo_signed_response_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
<option value="ES384" <%=client.userinfo_signed_response_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option> <option value="ES384" <%-client.userinfo_signed_response_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
<option value="ES512" <%=client.userinfo_signed_response_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option> <option value="ES512" <%-client.userinfo_signed_response_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
</select> </select>
</div> </div>
</div> </div>
@ -412,16 +412,16 @@
<label class="control-label">User Info Endpoint Encryption Algorithm</label> <label class="control-label">User Info Endpoint Encryption Algorithm</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=client.userinfo_encrypted_response_alg == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-client.userinfo_encrypted_response_alg == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=client.userinfo_encrypted_response_alg == "none" ? 'selected' : ''%>>No encryption</option> <option value="none" <%-client.userinfo_encrypted_response_alg == "none" ? 'selected' : ''%>>No encryption</option>
<option value="RSA1_5" <%=client.userinfo_encrypted_response_alg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option> <option value="RSA1_5" <%-client.userinfo_encrypted_response_alg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option>
<option value="RSA-OAEP" <%=client.userinfo_encrypted_response_alg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option> <option value="RSA-OAEP" <%-client.userinfo_encrypted_response_alg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
<option value="A128KW" <%=client.userinfo_encrypted_response_alg == "A128KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 128 bit keys </option> <option value="A128KW" <%-client.userinfo_encrypted_response_alg == "A128KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 128 bit keys </option>
<option value="A256KW" <%=client.userinfo_encrypted_response_alg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option> <option value="A256KW" <%-client.userinfo_encrypted_response_alg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option>
<option value="dir" <%=client.userinfo_encrypted_response_alg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option> <option value="dir" <%-client.userinfo_encrypted_response_alg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
<option value="ECDH-ES" <%=client.userinfo_encrypted_response_alg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option> <option value="ECDH-ES" <%-client.userinfo_encrypted_response_alg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
<option value="ECDH-ES+A128KW" <%=client.userinfo_encrypted_response_alg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option> <option value="ECDH-ES+A128KW" <%-client.userinfo_encrypted_response_alg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
<option value="ECDH-ES+A256KW" <%=client.userinfo_encrypted_response_alg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option> <option value="ECDH-ES+A256KW" <%-client.userinfo_encrypted_response_alg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
</select> </select>
</div> </div>
</div> </div>
@ -430,12 +430,12 @@
<label class="control-label">User Info Endpoint Encryption Method</label> <label class="control-label">User Info Endpoint Encryption Method</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=client.userinfo_encrypted_response_enc == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-client.userinfo_encrypted_response_enc == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=client.userinfo_encrypted_response_enc == "none" ? 'selected' : ''%>>No encryption</option> <option value="none" <%-client.userinfo_encrypted_response_enc == "none" ? 'selected' : ''%>>No encryption</option>
<option value="A128CBC+HS256" <%=client.userinfo_encrypted_response_enc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option> <option value="A128CBC+HS256" <%-client.userinfo_encrypted_response_enc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
<option value="A256CBC+HS512" <%=client.userinfo_encrypted_response_enc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option> <option value="A256CBC+HS512" <%-client.userinfo_encrypted_response_enc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
<option value="A128GCM" <%=client.userinfo_encrypted_response_enc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option> <option value="A128GCM" <%-client.userinfo_encrypted_response_enc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option>
<option value="A256GCM" <%=client.userinfo_encrypted_response_enc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option> <option value="A256GCM" <%-client.userinfo_encrypted_response_enc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option>
</select> </select>
</div> </div>
</div> </div>
@ -444,17 +444,17 @@
<label class="control-label">ID Token Signing Algorithm</label> <label class="control-label">ID Token Signing Algorithm</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=client.id_token_signed_response_alg == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-client.id_token_signed_response_alg == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=client.id_token_signed_response_alg == "none" ? 'selected' : ''%>>No digital signature</option> <option value="none" <%-client.id_token_signed_response_alg == "none" ? 'selected' : ''%>>No digital signature</option>
<option value="HS256" <%=client.id_token_signed_response_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option> <option value="HS256" <%-client.id_token_signed_response_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
<option value="HS384" <%=client.id_token_signed_response_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option> <option value="HS384" <%-client.id_token_signed_response_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
<option value="HS512" <%=client.id_token_signed_response_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option> <option value="HS512" <%-client.id_token_signed_response_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
<option value="RS256" <%=client.id_token_signed_response_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option> <option value="RS256" <%-client.id_token_signed_response_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
<option value="RS384" <%=client.id_token_signed_response_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option> <option value="RS384" <%-client.id_token_signed_response_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
<option value="RS512" <%=client.id_token_signed_response_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option> <option value="RS512" <%-client.id_token_signed_response_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
<option value="ES256" <%=client.id_token_signed_response_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option> <option value="ES256" <%-client.id_token_signed_response_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
<option value="ES384" <%=client.id_token_signed_response_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option> <option value="ES384" <%-client.id_token_signed_response_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
<option value="ES512" <%=client.id_token_signed_response_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option> <option value="ES512" <%-client.id_token_signed_response_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
</select> </select>
</div> </div>
</div> </div>
@ -463,16 +463,16 @@
<label class="control-label">ID Token Encryption Algorithm</label> <label class="control-label">ID Token Encryption Algorithm</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=client.id_token_encrypted_response_alg == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-client.id_token_encrypted_response_alg == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=client.id_token_encrypted_response_alg == "none" ? 'selected' : ''%>>No encryption</option> <option value="none" <%-client.id_token_encrypted_response_alg == "none" ? 'selected' : ''%>>No encryption</option>
<option value="RSA1_5" <%=client.id_token_encrypted_response_alg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option> <option value="RSA1_5" <%-client.id_token_encrypted_response_alg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option>
<option value="RSA-OAEP" <%=client.id_token_encrypted_response_alg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option> <option value="RSA-OAEP" <%-client.id_token_encrypted_response_alg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
<option value="A128KW" <%=client.id_token_encrypted_response_alg == "A128KW" ? 'selected' : ''%>>Advanced Encryption Standard (AES) Key Wrap Algorithm using 128 bit keys </option> <option value="A128KW" <%-client.id_token_encrypted_response_alg == "A128KW" ? 'selected' : ''%>>Advanced Encryption Standard (AES) Key Wrap Algorithm using 128 bit keys </option>
<option value="A256KW" <%=client.id_token_encrypted_response_alg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option> <option value="A256KW" <%-client.id_token_encrypted_response_alg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option>
<option value="dir" <%=client.id_token_encrypted_response_alg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option> <option value="dir" <%-client.id_token_encrypted_response_alg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
<option value="ECDH-ES" <%=client.id_token_encrypted_response_alg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option> <option value="ECDH-ES" <%-client.id_token_encrypted_response_alg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
<option value="ECDH-ES+A128KW" <%=client.id_token_encrypted_response_alg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option> <option value="ECDH-ES+A128KW" <%-client.id_token_encrypted_response_alg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
<option value="ECDH-ES+A256KW" <%=client.id_token_encrypted_response_alg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option> <option value="ECDH-ES+A256KW" <%-client.id_token_encrypted_response_alg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
</select> </select>
</div> </div>
</div> </div>
@ -481,12 +481,12 @@
<label class="control-label">ID Token Encryption Method</label> <label class="control-label">ID Token Encryption Method</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=client.id_token_encrypted_response_enc == null ? 'selected ' : ''%>>Use server default</option> <option value="default" <%-client.id_token_encrypted_response_enc == null ? 'selected ' : ''%>>Use server default</option>
<option value="none" <%=client.id_token_encrypted_response_enc == "none" ? 'selected' : ''%>>No encryption</option> <option value="none" <%-client.id_token_encrypted_response_enc == "none" ? 'selected' : ''%>>No encryption</option>
<option value="A128CBC+HS256" <%=client.id_token_encrypted_response_enc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option> <option value="A128CBC+HS256" <%-client.id_token_encrypted_response_enc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
<option value="A256CBC+HS512" <%=client.id_token_encrypted_response_enc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option> <option value="A256CBC+HS512" <%-client.id_token_encrypted_response_enc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
<option value="A128GCM" <%=client.id_token_encrypted_response_enc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option> <option value="A128GCM" <%-client.id_token_encrypted_response_enc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option>
<option value="A256GCM" <%=client.id_token_encrypted_response_enc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option> <option value="A256GCM" <%-client.id_token_encrypted_response_enc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option>
</select> </select>
</div> </div>
</div> </div>
@ -499,7 +499,7 @@
<label class="control-label">Require Authentication Time</label> <label class="control-label">Require Authentication Time</label>
<div class="controls"> <div class="controls">
<label class="checkbox"> <label class="checkbox">
<input type="checkbox" <%=(client.require_auth_time == true ? 'checked' : '')%>> Always require that the auth_time claim be sent in the id token <input type="checkbox" <%-(client.require_auth_time == true ? 'checked' : '')%>> Always require that the auth_time claim be sent in the id token
</label> </label>
</div> </div>
</div> </div>
@ -507,7 +507,7 @@
<div class="control-group" id="defaultMaxAge"> <div class="control-group" id="defaultMaxAge">
<label class="control-label">Default Max Age</label> <label class="control-label">Default Max Age</label>
<div class="controls"> <div class="controls">
<input placeholder="" value="<%=client.default_max_age ? client.default_max_age : ''%>" maxlength="10" type="text" class=""/> <input placeholder="" value="<%-client.default_max_age ? client.default_max_age : ''%>" maxlength="10" type="text" class=""/>
<p class="help-block">Default maximum session age before re-prompting</p> <p class="help-block">Default maximum session age before re-prompting</p>
</div> </div>
</div> </div>
@ -515,7 +515,7 @@
<div class="control-group" id="initiateLoginUri"> <div class="control-group" id="initiateLoginUri">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Initiate Login</label> <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Initiate Login</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=client.initiate_login_uri ? client.initiate_login_uri : ''%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-client.initiate_login_uri ? client.initiate_login_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL to initiate login on the client</p> <p class="help-block">URL to initiate login on the client</p>
</div> </div>
</div> </div>
@ -523,7 +523,7 @@
<div class="control-group" id="postLogoutRedirectUri"> <div class="control-group" id="postLogoutRedirectUri">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Post-Logout Redirect</label> <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Post-Logout Redirect</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=client.post_logout_redirect_uri%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-client.post_logout_redirect_uri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL to redirect the client to after a logout operation</p> <p class="help-block">URL to redirect the client to after a logout operation</p>
</div> </div>
</div> </div>
@ -548,7 +548,7 @@
<div class="tab-pane" id="client-json-tab"> <div class="tab-pane" id="client-json-tab">
<pre> <pre>
<%= JSON.stringify(client, undefined, 2) %> <%- JSON.stringify(client, undefined, 2) %>
</pre> </pre>
</div> </div>

10
openid-connect-server-webapp/src/main/webapp/resources/template/grant.html
View File

@ -94,12 +94,12 @@
<% if (client.dynamicallyRegistered) { %> <% if (client.dynamicallyRegistered) { %>
<span class="label label-inverse dynamically-registered"><i class="icon-globe icon-white"></i></span> <span class="label label-inverse dynamically-registered"><i class="icon-globe icon-white"></i></span>
<% } %> <% } %>
<span class="label label-info tokens"><%= grant.approvedAccessTokens.length %></span> <span class="label label-info tokens"><%- grant.approvedAccessTokens.length %></span>
</td> </td>
<td> <td>
<span title="<%= client.clientId %>"><%= client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span> <span title="<%- client.clientId %>"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
<div class="client-more-info-block"></div> <div class="client-more-info-block"></div>
<div class="scope-list"></div> <div class="scope-list"></div>
</td> </td>
@ -107,15 +107,15 @@
<td> <td>
<div> <div>
<i>Authorized:</i> <span title="<%= formattedDate.hoverCreationDate %>"><%= formattedDate.displayCreationDate %></span> <i>Authorized:</i> <span title="<%- formattedDate.hoverCreationDate %>"><%- formattedDate.displayCreationDate %></span>
</div> </div>
<div> <div>
<i>Last accessed:</i> <span title="<%= formattedDate.hoverAccessDate %>"><%= formattedDate.displayAccessDate %></span> <i>Last accessed:</i> <span title="<%- formattedDate.hoverAccessDate %>"><%- formattedDate.displayAccessDate %></span>
</div> </div>
<div> <div>
<i>Expires:</i> <span title="<%= formattedDate.hoverTimeoutDate %>"><%= formattedDate.displayTimeoutDate %></span> <i>Expires:</i> <span title="<%- formattedDate.hoverTimeoutDate %>"><%- formattedDate.displayTimeoutDate %></span>
</div> </div>
</td> </td>

60
openid-connect-server-webapp/src/main/webapp/resources/template/rsreg.html
View File

@ -38,7 +38,7 @@
<script type="text/html" id="tmpl-rsreg-resource-form"> <script type="text/html" id="tmpl-rsreg-resource-form">
<h1><%=(client.client_id == null ? 'New' : 'Edit')%> Protected Resource</h1> <h1><%-(client.client_id == null ? 'New' : 'Edit')%> Protected Resource</h1>
<form class="form-horizontal tabbable"> <form class="form-horizontal tabbable">
@ -76,7 +76,7 @@
<div class="control-group" id="clientId"> <div class="control-group" id="clientId">
<label class="control-label">Client ID</label> <label class="control-label">Client ID</label>
<div class="controls"> <div class="controls">
<pre><%=client.client_id ? client.client_id : '<code>Will be generated</code>'%></pre> <pre><%-client.client_id ? client.client_id : '<code>Will be generated</code>'%></pre>
</div> </div>
</div> </div>
@ -87,7 +87,7 @@
<div class="controls"> <div class="controls">
<% if (client.client_id) { %> <% if (client.client_id) { %>
<% if (client.client_secret) { %> <% if (client.client_secret) { %>
<pre><%= client.client_secret %></pre> <pre><%- client.client_secret %></pre>
<% } else { %> <% } else { %>
<% if (client.token_endpoint_auth_method == 'none') { %> <% if (client.token_endpoint_auth_method == 'none') { %>
<pre>None (public client)</pre> <pre>None (public client)</pre>
@ -108,14 +108,14 @@
<div class="control-group" id="clientConfigurationUri"> <div class="control-group" id="clientConfigurationUri">
<label class="control-label">Client Configuration URL</label> <label class="control-label">Client Configuration URL</label>
<div class="controls"> <div class="controls">
<pre><%=client.registration_client_uri ? client.registration_client_uri : 'Will be generated'%></pre> <pre><%-client.registration_client_uri ? client.registration_client_uri : 'Will be generated'%></pre>
</div> </div>
</div> </div>
<div class="control-group" id="registrationAccessToken"> <div class="control-group" id="registrationAccessToken">
<label class="control-label">Registration Access Token</label> <label class="control-label">Registration Access Token</label>
<div class="controls"> <div class="controls">
<pre><%=client.registration_access_token ? client.registration_access_token : 'Will be generated'%></pre> <pre><%-client.registration_access_token ? client.registration_access_token : 'Will be generated'%></pre>
</div> </div>
</div> </div>
@ -159,7 +159,7 @@
<div class="control-group" id="clientName"> <div class="control-group" id="clientName">
<label class="control-label">Resource name</label> <label class="control-label">Resource name</label>
<div class="controls"> <div class="controls">
<input value="<%=client.client_name ? client.client_name : ''%>" maxlength="100" type="text" class="" placeholder="Type something"> <input value="<%-client.client_name ? client.client_name : ''%>" maxlength="100" type="text" class="" placeholder="Type something">
<p class="help-block">Human-readable application name</p> <p class="help-block">Human-readable application name</p>
</div> </div>
</div> </div>
@ -167,7 +167,7 @@
<div class="control-group" id="logoUri"> <div class="control-group" id="logoUri">
<label class="control-label">Logo</label> <label class="control-label">Logo</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=client.logo_uri ? client.logo_uri : ''%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-client.logo_uri ? client.logo_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL that points to a logo image, will be displayed on approval page</p> <p class="help-block">URL that points to a logo image, will be displayed on approval page</p>
</div> </div>
</div> </div>
@ -181,7 +181,7 @@
<div class="control-group" id="tosUri"> <div class="control-group" id="tosUri">
<label class="control-label">Terms of Service</label> <label class="control-label">Terms of Service</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=client.tos_uri ? client.tos_uri : ''%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-client.tos_uri ? client.tos_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the Terms of Service of this client, will be displayed to the user</p> <p class="help-block">URL for the Terms of Service of this client, will be displayed to the user</p>
</div> </div>
</div> </div>
@ -189,7 +189,7 @@
<div class="control-group" id="policyUri"> <div class="control-group" id="policyUri">
<label class="control-label">Policy</label> <label class="control-label">Policy</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=client.policy_uri ? client.policy_uri : ''%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-client.policy_uri ? client.policy_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the Policy Statement of this client, will be displayed to the user</p> <p class="help-block">URL for the Policy Statement of this client, will be displayed to the user</p>
</div> </div>
</div> </div>
@ -197,7 +197,7 @@
<div class="control-group" id="clientUri"> <div class="control-group" id="clientUri">
<label class="control-label">Home Page</label> <label class="control-label">Home Page</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=client.client_uri ? client.client_uri : ''%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-client.client_uri ? client.client_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the client's home page, will be displayed to the user</p> <p class="help-block">URL for the client's home page, will be displayed to the user</p>
</div> </div>
</div> </div>
@ -206,10 +206,10 @@
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Application Type</label> <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Application Type</label>
<div class="controls"> <div class="controls">
<label class="radio inline"> <label class="radio inline">
<input type="radio" name="applicationType" value="NATIVE" <%=(client.application_type == 'NATIVE' ? 'checked' : '')%>> Native <input type="radio" name="applicationType" value="NATIVE" <%-(client.application_type == 'NATIVE' ? 'checked' : '')%>> Native
</label> </label>
<label class="radio inline"> <label class="radio inline">
<input type="radio" name="applicationType" value="WEB" <%=(client.application_type == 'WEB' ? 'checked' : '')%>> Web <input type="radio" name="applicationType" value="WEB" <%-(client.application_type == 'WEB' ? 'checked' : '')%>> Web
</label> </label>
</div> </div>
</div> </div>
@ -217,7 +217,7 @@
<div class="control-group" id="contacts"> <div class="control-group" id="contacts">
<label class="control-label">Contacts</label> <label class="control-label">Contacts</label>
<div class="controls"> <div class="controls">
<span class="help-block">List of contacts for adminstrators of this client. Your email address (<%= userInfo.email %>) will be automatically added to this list on save.</span> <span class="help-block">List of contacts for adminstrators of this client. Your email address (<%- userInfo.email %>) will be automatically added to this list on save.</span>
<div></div> <div></div>
</div> </div>
</div> </div>
@ -239,19 +239,19 @@
<label class="control-label">Introspection Endpoint Authentication Method</label> <label class="control-label">Introspection Endpoint Authentication Method</label>
<div class="controls"> <div class="controls">
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="client_secret_basic" <%=(client.token_endpoint_auth_method == 'client_secret_basic' ? 'checked' : '')%>> Client Secret over HTTP Basic <input type="radio" name="tokenEndpointAuthMethod" value="client_secret_basic" <%-(client.token_endpoint_auth_method == 'client_secret_basic' ? 'checked' : '')%>> Client Secret over HTTP Basic
</label> </label>
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="client_secret_post" <%=(client.token_endpoint_auth_method == 'client_secret_post' ? 'checked' : '')%>> Client Secret over HTTP POST <input type="radio" name="tokenEndpointAuthMethod" value="client_secret_post" <%-(client.token_endpoint_auth_method == 'client_secret_post' ? 'checked' : '')%>> Client Secret over HTTP POST
</label> </label>
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="client_secret_jwt" <%=(client.token_endpoint_auth_method == 'client_secret_jwt' ? 'checked' : '')%>> Client Secret via symmetrically-signed JWT assertion <input type="radio" name="tokenEndpointAuthMethod" value="client_secret_jwt" <%-(client.token_endpoint_auth_method == 'client_secret_jwt' ? 'checked' : '')%>> Client Secret via symmetrically-signed JWT assertion
</label> </label>
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="private_key_jwt" <%=(client.token_endpoint_auth_method == 'private_key_jwt' ? 'checked' : '')%>> Asymmetrically-signed JWT assertion <input type="radio" name="tokenEndpointAuthMethod" value="private_key_jwt" <%-(client.token_endpoint_auth_method == 'private_key_jwt' ? 'checked' : '')%>> Asymmetrically-signed JWT assertion
</label> </label>
<label class="radio"> <label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="none" <%=(client.token_endpoint_auth_method == 'none' ? 'checked' : '')%>> No authentication <input type="radio" name="tokenEndpointAuthMethod" value="none" <%-(client.token_endpoint_auth_method == 'none' ? 'checked' : '')%>> No authentication
</label> </label>
</div> </div>
</div> </div>
@ -260,16 +260,16 @@
<label class="control-label">Introspection Endpoint Authentication Signing Algorithm</label> <label class="control-label">Introspection Endpoint Authentication Signing Algorithm</label>
<div class="controls"> <div class="controls">
<select> <select>
<option value="default" <%=client.token_endpoint_auth_signing_alg == null ? 'selected ' : ''%>>Any allowed</option> <option value="default" <%-client.token_endpoint_auth_signing_alg == null ? 'selected ' : ''%>>Any allowed</option>
<option value="HS256" <%=client.token_endpoint_auth_signing_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option> <option value="HS256" <%-client.token_endpoint_auth_signing_alg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
<option value="HS384" <%=client.token_endpoint_auth_signing_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option> <option value="HS384" <%-client.token_endpoint_auth_signing_alg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
<option value="HS512" <%=client.token_endpoint_auth_signing_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option> <option value="HS512" <%-client.token_endpoint_auth_signing_alg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
<option value="RS256" <%=client.token_endpoint_auth_signing_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option> <option value="RS256" <%-client.token_endpoint_auth_signing_alg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
<option value="RS384" <%=client.token_endpoint_auth_signing_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option> <option value="RS384" <%-client.token_endpoint_auth_signing_alg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
<option value="RS512" <%=client.token_endpoint_auth_signing_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option> <option value="RS512" <%-client.token_endpoint_auth_signing_alg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
<option value="ES256" <%=client.token_endpoint_auth_signing_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option> <option value="ES256" <%-client.token_endpoint_auth_signing_alg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
<option value="ES384" <%=client.token_endpoint_auth_signing_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option> <option value="ES384" <%-client.token_endpoint_auth_signing_alg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
<option value="ES512" <%=client.token_endpoint_auth_signing_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option> <option value="ES512" <%-client.token_endpoint_auth_signing_alg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
</select> </select>
</div> </div>
</div> </div>
@ -277,7 +277,7 @@
<div class="control-group" id="jwksUri"> <div class="control-group" id="jwksUri">
<label class="control-label">JWK Set</label> <label class="control-label">JWK Set</label>
<div class="controls"> <div class="controls">
<input placeholder="https://" value="<%=client.jwks_uri ? client.jwks_uri : ''%>" maxlength="1000" type="text" class=""/> <input placeholder="https://" value="<%-client.jwks_uri ? client.jwks_uri : ''%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the client's JSON Web Key set</p> <p class="help-block">URL for the client's JSON Web Key set</p>
</div> </div>
</div> </div>
@ -287,7 +287,7 @@
<div class="tab-pane" id="resource-json-tab"> <div class="tab-pane" id="resource-json-tab">
<pre> <pre>
<%= JSON.stringify(client, undefined, 2) %> <%- JSON.stringify(client, undefined, 2) %>
</pre> </pre>
</div> </div>

38
openid-connect-server-webapp/src/main/webapp/resources/template/scope.html
View File

@ -55,11 +55,11 @@
<td> <td>
<span class="badge badge-info"> <span class="badge badge-info">
<% if (icon) { %> <% if (icon) { %>
<i class="icon-<%= icon %> icon-white"></i> <i class="icon-<%- icon %> icon-white"></i>
<% } %> <% } %>
<%= value %> <%- value %>
</span> </span>
<p><small><%= description %></small></p> <p><small><%- description %></small></p>
</td> </td>
<td> <td>
@ -72,7 +72,7 @@
</script> </script>
<script type="text/html" id="tmpl-system-scope-form"> <script type="text/html" id="tmpl-system-scope-form">
<h1><%= id == null ? 'New' : 'Edit'%> Scope</h1> <h1><%- id == null ? 'New' : 'Edit'%> Scope</h1>
<form class="form-horizontal"> <form class="form-horizontal">
<fieldset> <fieldset>
@ -85,7 +85,7 @@
<div class="control-group" id="value"> <div class="control-group" id="value">
<label class="control-label">Scope value</label> <label class="control-label">Scope value</label>
<div class="controls"> <div class="controls">
<input value="<%=value != null ? value : ''%>" type="text" class="" placeholder="scope"> <input value="<%-value != null ? value : ''%>" type="text" class="" placeholder="scope">
<p class="help-block">Single string with no spaces</p> <p class="help-block">Single string with no spaces</p>
</div> </div>
</div> </div>
@ -93,7 +93,7 @@
<div class="control-group" id="description"> <div class="control-group" id="description">
<label class="control-label">Description</label> <label class="control-label">Description</label>
<div class="controls"> <div class="controls">
<textarea class="input-xlarge" placeholder="Type a description" maxlength="200" rows="3"><%=description != null ? description : ''%></textarea> <textarea class="input-xlarge" placeholder="Type a description" maxlength="200" rows="3"><%-description != null ? description : ''%></textarea>
<p class="help-block">Human-readable text description</p> <p class="help-block">Human-readable text description</p>
</div> </div>
</div> </div>
@ -103,9 +103,9 @@
<div class="controls"> <div class="controls">
<span id="iconDisplay"> <span id="iconDisplay">
<i class="icon-<%=icon%>"></i> <span class="uneditable-input"><%=icon%></span> <i class="icon-<%-icon%>"></i> <span class="uneditable-input"><%-icon%></span>
<input type="hidden" value="<%=icon%>"> <input type="hidden" value="<%-icon%>">
</span> </span>
<a href="#iconSelector" role="button" class="btn btn-info" data-toggle="modal"><i class="icon-white icon-picture"></i> Select an icon</a> <a href="#iconSelector" role="button" class="btn btn-info" data-toggle="modal"><i class="icon-white icon-picture"></i> Select an icon</a>
@ -129,7 +129,7 @@
<div class="control-group" id="defaultScope"> <div class="control-group" id="defaultScope">
<div class="controls"> <div class="controls">
<label class="checkbox"> <label class="checkbox">
<input type="checkbox" <%=defaultScope ? 'checked' : '' %>> default scope <input type="checkbox" <%-defaultScope ? 'checked' : '' %>> default scope
</label> </label>
<p class="help-block">Newly-created clients get this scope by default?</p> <p class="help-block">Newly-created clients get this scope by default?</p>
</div> </div>
@ -138,7 +138,7 @@
<div class="control-group" id="allowDynReg"> <div class="control-group" id="allowDynReg">
<div class="controls"> <div class="controls">
<label class="checkbox"> <label class="checkbox">
<input type="checkbox" <%=allowDynReg ? 'checked' : '' %>> allow dynamic registration <input type="checkbox" <%-allowDynReg ? 'checked' : '' %>> allow dynamic registration
</label> </label>
<p class="help-block">Allow dynamically registered clients to request this scope?</p> <p class="help-block">Allow dynamically registered clients to request this scope?</p>
</div> </div>
@ -147,12 +147,12 @@
<div class="control-group"> <div class="control-group">
<div class="controls" id="isStructured"> <div class="controls" id="isStructured">
<label class="checkbox"> <label class="checkbox">
<input type="checkbox" <%=structured ? 'checked' : '' %>> is a structured scope <input type="checkbox" <%-structured ? 'checked' : '' %>> is a structured scope
</label> </label>
<p class="help-block">Is the scope structured with structured values like <code>base:extension</code>?</p> <p class="help-block">Is the scope structured with structured values like <code>base:extension</code>?</p>
</div> </div>
<div class="controls" id="structuredParamDescription"> <div class="controls" id="structuredParamDescription">
<input type="text" value="<%=structuredParamDescription ? structuredParamDescription : '' %>"> <input type="text" value="<%-structuredParamDescription ? structuredParamDescription : '' %>">
<p class="help-block">Human-readable description of the structured parameter</p> <p class="help-block">Human-readable description of the structured parameter</p>
</div> </div>
</div> </div>
@ -171,17 +171,17 @@
<div class="row-fluid"> <div class="row-fluid">
<div class="span4" style="margin-top: 5px; margin-bottom: 5px;"> <div class="span4" style="margin-top: 5px; margin-bottom: 5px;">
<% if (items[0]) { %> <% if (items[0]) { %>
<button class="btn btn-block btn-icon" value="<%=items[0]%>"><i class="icon-<%=items[0]%>"></i> <%=items[0]%> <button class="btn btn-block btn-icon" value="<%-items[0]%>"><i class="icon-<%-items[0]%>"></i> <%-items[0]%>
<% } %> <% } %>
</div> </div>
<div class="span4" style="margin-top: 5px; margin-bottom: 5px;"> <div class="span4" style="margin-top: 5px; margin-bottom: 5px;">
<% if (items[1]) { %> <% if (items[1]) { %>
<button class="btn btn-block btn-icon" value="<%=items[1]%>"><i class="icon-<%=items[1]%>"></i> <%=items[1]%> <button class="btn btn-block btn-icon" value="<%-items[1]%>"><i class="icon-<%-items[1]%>"></i> <%-items[1]%>
<% } %> <% } %>
</div> </div>
<div class="span4" style="margin-top: 5px; margin-bottom: 5px;"> <div class="span4" style="margin-top: 5px; margin-bottom: 5px;">
<% if (items[2]) { %> <% if (items[2]) { %>
<button class="btn btn-block btn-icon" value="<%=items[2]%>"><i class="icon-<%=items[2]%>"></i> <%=items[2]%> <button class="btn btn-block btn-icon" value="<%-items[2]%>"><i class="icon-<%-items[2]%>"></i> <%-items[2]%>
<% } %> <% } %>
</div> </div>
</div> </div>
@ -198,19 +198,19 @@ _.each(scopes, function(s) {
%> %>
<span class="badge badge-info" <span class="badge badge-info"
<% if (ss.get('description')) { %> <% if (ss.get('description')) { %>
title="<%= ss.get('description') %>" title="<%- ss.get('description') %>"
<% } %> <% } %>
style="cursor: default;" > style="cursor: default;" >
<% if (ss.get('icon')) { %> <% if (ss.get('icon')) { %>
<i class="icon-<%=ss.get('icon')%> icon-white"></i> <i class="icon-<%-ss.get('icon')%> icon-white"></i>
<% } %> <% } %>
<%=s%> <%-s%>
</span> </span>
<% <%
} else { } else {
%> %>
<span class="badge" style="cursor: default;"><%=s%></span> <span class="badge" style="cursor: default;">§s%></span>
<% <%
} }

18
openid-connect-server-webapp/src/main/webapp/resources/template/token.html
View File

@ -92,7 +92,7 @@
<script type="text/html" id="tmpl-access-token"> <script type="text/html" id="tmpl-access-token">
<td> <td>
<span title="<%= client.clientId %>"><%= client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span> <span title="<%- client.clientId %>"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
<div class="client-more-info-block"></div> <div class="client-more-info-block"></div>
<% if (token.refreshTokenId != null) { %> <% if (token.refreshTokenId != null) { %>
<br /> <br />
@ -107,14 +107,14 @@
<td> <td>
<div class="token-value"> <div class="token-value">
<code class="token-substring" style="cursor: pointer" title="Click to display full token value"><%= token.value.substr(0,27) %> ...</code> <code class="token-substring" style="cursor: pointer" title="Click to display full token value"><%- token.value.substr(0,27) %> ...</code>
<input type="text" readonly style="cursor: text" class="token-full input-xxlarge" value="<%= token.value %>" /> <input type="text" readonly style="cursor: text" class="token-full input-xxlarge" value="<%- token.value %>" />
</div> </div>
<div class="scope-list"></div> <div class="scope-list"></div>
</td> </td>
<td> <td>
<%= formattedExpiration %> <%- formattedExpiration %>
</td> </td>
<td> <td>
@ -125,21 +125,21 @@
<script type="text/html" id="tmpl-refresh-token"> <script type="text/html" id="tmpl-refresh-token">
<td> <td>
<span title="<%= client.clientId %>"><%= client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span> <span title="<%- client.clientId %>"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
<div class="client-more-info-block"></div> <div class="client-more-info-block"></div>
<span class="label label-info" title="Number of associated access tokens"><%= accessTokenCount %></span> <span class="label label-info" title="Number of associated access tokens"><%- accessTokenCount %></span>
</td> </td>
<td> <td>
<div class="token-value"> <div class="token-value">
<code class="token-substring" style="cursor: pointer" title="Click to display full token value"><%= token.value.substr(0,27) %> ...</code> <code class="token-substring" style="cursor: pointer" title="Click to display full token value"><%- token.value.substr(0,27) %> ...</code>
<input type="text" readonly style="cursor: text" class="token-full input-xxlarge" value="<%= token.value %>" /> <input type="text" readonly style="cursor: text" class="token-full input-xxlarge" value="<%- token.value %>" />
</div> </div>
<div class="scope-list"></div> <div class="scope-list"></div>
</td> </td>
<td> <td>
<%= formattedExpiration %> <%- formattedExpiration %>
</td> </td>
<td> <td>

8
openid-connect-server-webapp/src/main/webapp/resources/template/whitelist.html
View File

@ -24,7 +24,7 @@
</td> </td>
<td> <td>
<span title="<%= client.clientId %>"><%= client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span> <span title="<%- client.clientId %>"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
<div class="client-more-info-block"></div> <div class="client-more-info-block"></div>
</td> </td>
@ -71,7 +71,7 @@
<script type="text/html" id="tmpl-whitelist-form"> <script type="text/html" id="tmpl-whitelist-form">
<h1><%=(whiteList.id == null ? 'New' : 'Edit')%> Whitelisted Site</h1> <h1><%-(whiteList.id == null ? 'New' : 'Edit')%> Whitelisted Site</h1>
<form class="form-horizontal"> <form class="form-horizontal">
@ -84,8 +84,8 @@
<div class="control-group" id="clientId"> <div class="control-group" id="clientId">
<label class="control-label">Client</label> <label class="control-label">Client</label>
<div class="controls"> <div class="controls">
<input type="hidden" name="clientId" value="<%= client.clientId %>" /> <input type="hidden" name="clientId" value="<%- client.clientId %>" />
<span title="<%= client.clientId %>"><%= client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span> <span title="<%- client.clientId %>"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
</div> </div>
</div> </div>