added 'use server default' to JOSE options, addresses #462
Justin Richer
parent
b54f33d0db
commit
a80c19384f
|
|
@ -97,15 +97,15 @@ public class ClientDetailsEntity implements ClientDetails {
|
|||
private String sectorIdentifierUri; // sector_identifier_uri
|
||||
private SubjectType subjectType; // subject_type
|
||||
|
||||
private JWSAlgorithmEmbed requestObjectSigningAlg = JWSAlgorithmEmbed.NONE; // request_object_signing_alg
|
||||
private JWSAlgorithmEmbed requestObjectSigningAlg = null; // request_object_signing_alg
|
||||
|
||||
private JWSAlgorithmEmbed userInfoSignedResponseAlg = JWSAlgorithmEmbed.NONE; // user_info_signed_response_alg
|
||||
private JWEAlgorithmEmbed userInfoEncryptedResponseAlg = JWEAlgorithmEmbed.NONE; // user_info_encrypted_response_alg
|
||||
private JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc = JWEEncryptionMethodEmbed.NONE; // user_info_encrypted_response_enc
|
||||
private JWSAlgorithmEmbed userInfoSignedResponseAlg = null; // user_info_signed_response_alg
|
||||
private JWEAlgorithmEmbed userInfoEncryptedResponseAlg = null; // user_info_encrypted_response_alg
|
||||
private JWEEncryptionMethodEmbed userInfoEncryptedResponseEnc = null; // user_info_encrypted_response_enc
|
||||
|
||||
private JWSAlgorithmEmbed idTokenSignedResponseAlg = JWSAlgorithmEmbed.NONE; // id_token_signed_response_alg
|
||||
private JWEAlgorithmEmbed idTokenEncryptedResponseAlg = JWEAlgorithmEmbed.NONE; // id_token_encrypted_response_alg
|
||||
private JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc = JWEEncryptionMethodEmbed.NONE; // id_token_encrypted_response_enc
|
||||
private JWSAlgorithmEmbed idTokenSignedResponseAlg = null; // id_token_signed_response_alg
|
||||
private JWEAlgorithmEmbed idTokenEncryptedResponseAlg = null; // id_token_encrypted_response_alg
|
||||
private JWEEncryptionMethodEmbed idTokenEncryptedResponseEnc = null; // id_token_encrypted_response_enc
|
||||
|
||||
private Integer defaultMaxAge; // default_max_age
|
||||
private Boolean requireAuthTime; // require_auth_time
|
||||
|
|
|
|||
|
|
@ -386,6 +386,15 @@ var ClientFormView = Backbone.View.extend({
|
|||
}
|
||||
},
|
||||
|
||||
// returns "null" if given the value "default" as a string, otherwise returns input value. useful for parsing the JOSE algorithm dropdowns
|
||||
defaultToNull:function(value) {
|
||||
if (value == 'default') {
|
||||
return null;
|
||||
} else {
|
||||
return value;
|
||||
}
|
||||
},
|
||||
|
||||
// maps from a form-friendly name to the real grant parameter name
|
||||
grantMap:{
|
||||
'authorization_code': 'authorization_code',
|
||||
|
|
@ -496,13 +505,13 @@ var ClientFormView = Backbone.View.extend({
|
|||
contacts: this.contactsCollection.pluck('item'),
|
||||
requestUris: this.requestUrisCollection.pluck('item'),
|
||||
defaultAcrValues: this.defaultAcrValuesCollection.pluck('item'),
|
||||
requestObjectSigningAlg: $('#requestObjectSigningAlg select').val(),
|
||||
userInfoSignedResponseAlg: $('#userInfoSignedResponseAlg select').val(),
|
||||
userInfoEncryptedResponseAlg: $('#userInfoEncryptedResponseAlg select').val(),
|
||||
userInfoEncryptedResponseEnc: $('#userInfoEncryptedResponseEnc select').val(),
|
||||
idTokenSignedResponseAlg: $('#idTokenSignedResponseAlg select').val(),
|
||||
idTokenEncryptedResponseAlg: $('#idTokenEncryptedResponseAlg select').val(),
|
||||
idTokenEncryptedResponseEnc: $('#idTokenEncryptedResponseEnc select').val()
|
||||
requestObjectSigningAlg: this.defaultToNull($('#requestObjectSigningAlg select').val()),
|
||||
userInfoSignedResponseAlg: this.defaultToNull($('#userInfoSignedResponseAlg select').val()),
|
||||
userInfoEncryptedResponseAlg: this.defaultToNull($('#userInfoEncryptedResponseAlg select').val()),
|
||||
userInfoEncryptedResponseEnc: this.defaultToNull($('#userInfoEncryptedResponseEnc select').val()),
|
||||
idTokenSignedResponseAlg: this.defaultToNull($('#idTokenSignedResponseAlg select').val()),
|
||||
idTokenEncryptedResponseAlg: this.defaultToNull($('#idTokenEncryptedResponseAlg select').val()),
|
||||
idTokenEncryptedResponseEnc: this.defaultToNull($('#idTokenEncryptedResponseEnc select').val())
|
||||
};
|
||||
|
||||
// post-validate
|
||||
|
|
|
|||
|
|
@ -487,6 +487,7 @@
|
|||
<div class="controls">
|
||||
<select>
|
||||
<!-- TODO: this should be filled out by the server, perhaps? -->
|
||||
<option value="default" <%=requestObjectSigningAlg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=requestObjectSigningAlg == "none" ? 'selected' : ''%>>No digital signature</option>
|
||||
<option value="HS256" <%=requestObjectSigningAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
|
||||
<option value="HS384" <%=requestObjectSigningAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
|
||||
|
|
@ -506,6 +507,7 @@
|
|||
<div class="controls">
|
||||
<select>
|
||||
<!-- TODO: this should be filled out by the server, perhaps? -->
|
||||
<option value="default" <%=userInfoSignedResponseAlg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=userInfoSignedResponseAlg == "none" ? 'selected' : ''%>>No digital signature</option>
|
||||
<option value="HS256" <%=userInfoSignedResponseAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
|
||||
<option value="HS384" <%=userInfoSignedResponseAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
|
||||
|
|
@ -525,6 +527,7 @@
|
|||
<div class="controls">
|
||||
<select>
|
||||
<!-- TODO: this should be filled out by the server, perhaps? -->
|
||||
<option value="default" <%=userInfoEncryptedResponseAlg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=userInfoEncryptedResponseAlg == "none" ? 'selected' : ''%>>No encryption</option>
|
||||
<option value="RSA1_5" <%=userInfoEncryptedResponseAlg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option>
|
||||
<option value="RSA-OAEP" <%=userInfoEncryptedResponseAlg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
|
||||
|
|
@ -543,6 +546,7 @@
|
|||
<div class="controls">
|
||||
<select>
|
||||
<!-- TODO: this should be filled out by the server, perhaps? -->
|
||||
<option value="default" <%=userInfoEncryptedResponseEnc == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=userInfoEncryptedResponseEnc == "none" ? 'selected' : ''%>>No encryption</option>
|
||||
<option value="A128CBC+HS256" <%=userInfoEncryptedResponseEnc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
|
||||
<option value="A256CBC+HS512" <%=userInfoEncryptedResponseEnc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
|
||||
|
|
@ -557,6 +561,7 @@
|
|||
<div class="controls">
|
||||
<select>
|
||||
<!-- TODO: this should be filled out by the server, perhaps? -->
|
||||
<option value="default" <%=idTokenSignedResponseAlg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=idTokenSignedResponseAlg == "none" ? 'selected' : ''%>>No digital signature</option>
|
||||
<option value="HS256" <%=idTokenSignedResponseAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
|
||||
<option value="HS384" <%=idTokenSignedResponseAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
|
||||
|
|
@ -576,6 +581,7 @@
|
|||
<div class="controls">
|
||||
<select>
|
||||
<!-- TODO: this should be filled out by the server, perhaps? -->
|
||||
<option value="default" <%=idTokenEncryptedResponseAlg == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=idTokenEncryptedResponseAlg == "none" ? 'selected' : ''%>>No encryption</option>
|
||||
<option value="RSA1_5" <%=idTokenEncryptedResponseAlg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option>
|
||||
<option value="RSA-OAEP" <%=idTokenEncryptedResponseAlg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
|
||||
|
|
@ -594,6 +600,7 @@
|
|||
<div class="controls">
|
||||
<select>
|
||||
<!-- TODO: this should be filled out by the server, perhaps? -->
|
||||
<option value="default" <%=idTokenEncryptedResponseEnc == null ? 'selected ' : ''%>>Use server default</option>
|
||||
<option value="none" <%=idTokenEncryptedResponseEnc == "none" ? 'selected' : ''%>>No encryption</option>
|
||||
<option value="A128CBC+HS256" <%=idTokenEncryptedResponseEnc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
|
||||
<option value="A256CBC+HS512" <%=idTokenEncryptedResponseEnc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
|
||||
|
|
|
|||
Loading…
Reference in New Issue