diff --git a/openid-connect-client/pom.xml b/openid-connect-client/pom.xml
index 25903b93c..6ce1e7c6d 100644
--- a/openid-connect-client/pom.xml
+++ b/openid-connect-client/pom.xml
@@ -22,7 +22,7 @@
 	<parent>
 		<artifactId>openid-connect-parent</artifactId>
 		<groupId>org.mitre</groupId>
-		<version>1.3.5.cnaf</version>
+		<version>1.3.5.cnaf-SNAPSHOT</version>
 		<relativePath>..</relativePath>
 	</parent>
 	<artifactId>openid-connect-client</artifactId>
diff --git a/openid-connect-common/pom.xml b/openid-connect-common/pom.xml
index f90290212..184451c64 100644
--- a/openid-connect-common/pom.xml
+++ b/openid-connect-common/pom.xml
@@ -22,7 +22,7 @@
 	<parent>
 		<artifactId>openid-connect-parent</artifactId>
 		<groupId>org.mitre</groupId>
-		<version>1.3.5.cnaf</version>
+		<version>1.3.5.cnaf-SNAPSHOT</version>
 		<relativePath>..</relativePath>
 	</parent>
 	<artifactId>openid-connect-common</artifactId>
diff --git a/openid-connect-common/src/main/java/org/mitre/oauth2/model/SavedUserAuthentication.java b/openid-connect-common/src/main/java/org/mitre/oauth2/model/SavedUserAuthentication.java
index 032d4ea94..e1698a55f 100644
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/model/SavedUserAuthentication.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/model/SavedUserAuthentication.java
@@ -54,7 +54,7 @@ public class SavedUserAuthentication implements Authentication {
 
   private String name;
 
-  private Collection<? extends GrantedAuthority> authorities;
+  private Collection<GrantedAuthority> authorities;
 
   private boolean authenticated;
 
@@ -117,7 +117,7 @@ public class SavedUserAuthentication implements Authentication {
       joinColumns = @JoinColumn(name = "owner_id") )
   @Convert(converter = SimpleGrantedAuthorityStringConverter.class)
   @Column(name = "authority")
-  public Collection<? extends GrantedAuthority> getAuthorities() {
+  public Collection<GrantedAuthority> getAuthorities() {
     return authorities;
   }
 
diff --git a/openid-connect-server-webapp/.gitignore b/openid-connect-server-webapp/.gitignore
new file mode 100644
index 000000000..016a3b8f8
--- /dev/null
+++ b/openid-connect-server-webapp/.gitignore
@@ -0,0 +1,12 @@
+local-values.conf
+target
+*~
+bin
+*.idea
+*.iml
+*.eml
+.project
+.settings
+.classpath
+/target
+.springBeans
diff --git a/openid-connect-server-webapp/pom.xml b/openid-connect-server-webapp/pom.xml
new file mode 100644
index 000000000..9a4c45bc3
--- /dev/null
+++ b/openid-connect-server-webapp/pom.xml
@@ -0,0 +1,152 @@
+<?xml version="1.0"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Portions copyright 2011-2013 The MITRE Corporation
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.mitre</groupId>
+		<artifactId>openid-connect-parent</artifactId>
+		<version>1.3.3-SNAPSHOT</version>
+	</parent>
+	<artifactId>openid-connect-server-webapp</artifactId>
+	<packaging>war</packaging>
+	<name>OpenID Connect Server Webapp</name>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<configuration>
+					<source>${java-version}</source>
+					<target>${java-version}</target>
+				</configuration>
+			</plugin>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-war-plugin</artifactId>
+				<configuration>
+					<warName>openid-connect-server-webapp</warName>
+					<webResources>
+						<resource>
+							<directory>src/main/webapp</directory>
+							<filtering>true</filtering>
+							<includes>
+								<include>**/*.tag</include>
+								<include>**/*.jsp</include>
+							</includes>
+						</resource>
+						<resource>
+							<directory>src/main/webapp</directory>
+							<filtering>false</filtering>
+							<excludes>
+								<exclude>**/*.tag</exclude>
+								<exclude>**/*.jsp</exclude>
+							</excludes>
+						</resource>
+					</webResources>
+					<packagingExcludes>less/**</packagingExcludes>
+				</configuration>
+			</plugin>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-dependency-plugin</artifactId>
+				<executions>
+					<execution>
+						<id>install</id>
+						<phase>install</phase>
+						<goals>
+							<goal>sources</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
+			<plugin>
+				<groupId>org.eclipse.jetty</groupId>
+				<artifactId>jetty-maven-plugin</artifactId>
+				<configuration>
+					<war>${project.build.directory}/openid-connect-server-webapp.war</war>
+					<webAppConfig>
+						<contextPath>/openid-connect-server-webapp</contextPath>
+					</webAppConfig>
+				</configuration>
+			</plugin>
+			<plugin>
+				<groupId>ro.isdc.wro4j</groupId>
+				<artifactId>wro4j-maven-plugin</artifactId>
+				<configuration>
+					<targetGroups>bootstrap,bootstrap-responsive</targetGroups>
+					<destinationFolder>${project.build.directory}/${project.build.finalName}</destinationFolder>
+					<cssDestinationFolder>${project.build.directory}/${project.build.finalName}/resources/bootstrap2/css/</cssDestinationFolder>
+					<jsDestinationFolder>${project.build.directory}/${project.build.finalName}/js/</jsDestinationFolder>
+					<wroManagerFactory>ro.isdc.wro.maven.plugin.manager.factory.ConfigurableWroManagerFactory</wroManagerFactory>
+				</configuration>
+			</plugin>
+			
+		</plugins>
+	</build>
+	<dependencies>
+  		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-server</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-orm</artifactId>
+			<exclusions>
+				<exclusion>
+					<groupId>commons-logging</groupId>
+					<artifactId>commons-logging</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>jcl-over-slf4j</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>slf4j-log4j12</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>log4j</groupId>
+			<artifactId>log4j</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.hsqldb</groupId>
+			<artifactId>hsqldb</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.eclipse.persistence</groupId>
+			<artifactId>org.eclipse.persistence.jpa</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-taglibs</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>javax.servlet</groupId>
+			<artifactId>jstl</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>com.zaxxer</groupId>
+			<artifactId>HikariCP</artifactId>
+		</dependency>
+	</dependencies>
+	<description>Deployable package of the OpenID Connect server</description>
+</project>
diff --git a/openid-connect-server-webapp/pom.xml.versionsBackup b/openid-connect-server-webapp/pom.xml.versionsBackup
new file mode 100644
index 000000000..3053bf020
--- /dev/null
+++ b/openid-connect-server-webapp/pom.xml.versionsBackup
@@ -0,0 +1,137 @@
+<?xml version="1.0"?>
+<!--
+    Copyright 2016 The MITRE Corporation
+      and the MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.mitre</groupId>
+		<artifactId>openid-connect-parent</artifactId>
+		<version>1.2.7-SNAPSHOT</version>
+	</parent>
+	<artifactId>openid-connect-server-webapp</artifactId>
+	<packaging>war</packaging>
+	<name>OpenID Connect Server Webapp</name>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<configuration>
+					<source>${java-version}</source>
+					<target>${java-version}</target>
+				</configuration>
+			</plugin>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-war-plugin</artifactId>
+				<configuration>
+					<warName>openid-connect-server-webapp</warName>
+					<webResources>
+						<resource>
+							<directory>src/main/webapp</directory>
+							<filtering>true</filtering>
+							<includes>
+								<include>**/*.tag</include>
+								<include>**/*.jsp</include>
+							</includes>
+						</resource>
+						<resource>
+							<directory>src/main/webapp</directory>
+							<filtering>false</filtering>
+							<excludes>
+								<exclude>**/*.tag</exclude>
+								<exclude>**/*.jsp</exclude>
+							</excludes>
+						</resource>
+					</webResources>
+				</configuration>
+			</plugin>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-dependency-plugin</artifactId>
+				<executions>
+					<execution>
+						<id>install</id>
+						<phase>install</phase>
+						<goals>
+							<goal>sources</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
+			<plugin>
+				<groupId>org.eclipse.jetty</groupId>
+				<artifactId>jetty-maven-plugin</artifactId>
+				<configuration>
+					<war>${project.build.directory}/openid-connect-server-webapp.war</war>
+					<webAppConfig>
+						<contextPath>/openid-connect-server-webapp</contextPath>
+					</webAppConfig>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+	<dependencies>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-server</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-orm</artifactId>
+			<exclusions>
+				<exclusion>
+					<groupId>commons-logging</groupId>
+					<artifactId>commons-logging</artifactId>
+				</exclusion>
+			</exclusions>
+		</dependency>
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>jcl-over-slf4j</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.slf4j</groupId>
+			<artifactId>slf4j-log4j12</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>log4j</groupId>
+			<artifactId>log4j</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.hsqldb</groupId>
+			<artifactId>hsqldb</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.eclipse.persistence</groupId>
+			<artifactId>org.eclipse.persistence.jpa</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-taglibs</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>javax.servlet</groupId>
+			<artifactId>jstl</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>com.zaxxer</groupId>
+			<artifactId>HikariCP</artifactId>
+		</dependency>
+	</dependencies>
+</project>
diff --git a/openid-connect-server-webapp/src/main/resources/db/hsql/clients.sql b/openid-connect-server-webapp/src/main/resources/db/hsql/clients.sql
new file mode 100644
index 000000000..1410f7bd1
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/hsql/clients.sql
@@ -0,0 +1,70 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+SET AUTOCOMMIT FALSE;
+
+START TRANSACTION;
+
+--
+-- Insert client information into the temporary tables. To add clients to the HSQL database, edit things here.
+-- 
+
+INSERT INTO client_details_TEMP (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection) VALUES
+	('client', 'secret', 'Test Client', false, null, 3600, 600, true);
+
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES
+	('client', 'openid'),
+	('client', 'profile'),
+	('client', 'email'),
+	('client', 'address'),
+	('client', 'phone'),
+	('client', 'offline_access');
+
+INSERT INTO client_redirect_uri_TEMP (owner_id, redirect_uri) VALUES
+	('client', 'http://localhost/'),
+	('client', 'http://localhost:8080/');
+	
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES
+	('client', 'authorization_code'),
+	('client', 'urn:ietf:params:oauth:grant_type:redelegate'),
+	('client', 'urn:ietf:params:oauth:grant-type:device_code'),
+	('client', 'implicit'),
+	('client', 'refresh_token');
+	
+--
+-- Merge the temporary clients safely into the database. This is a two-step process to keep clients from being created on every startup with a persistent store.
+--
+
+MERGE INTO client_details 
+  USING (SELECT client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection FROM client_details_TEMP) AS vals(client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection)
+  ON vals.client_id = client_details.client_id
+  WHEN NOT MATCHED THEN 
+    INSERT (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection) VALUES(client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection);
+
+MERGE INTO client_scope 
+  USING (SELECT id, scope FROM client_scope_TEMP, client_details WHERE client_details.client_id = client_scope_TEMP.owner_id) AS vals(id, scope)
+  ON vals.id = client_scope.owner_id AND vals.scope = client_scope.scope
+  WHEN NOT MATCHED THEN 
+    INSERT (owner_id, scope) values (vals.id, vals.scope);
+
+MERGE INTO client_redirect_uri 
+  USING (SELECT id, redirect_uri FROM client_redirect_uri_TEMP, client_details WHERE client_details.client_id = client_redirect_uri_TEMP.owner_id) AS vals(id, redirect_uri)
+  ON vals.id = client_redirect_uri.owner_id AND vals.redirect_uri = client_redirect_uri.redirect_uri
+  WHEN NOT MATCHED THEN 
+    INSERT (owner_id, redirect_uri) values (vals.id, vals.redirect_uri);
+
+MERGE INTO client_grant_type 
+  USING (SELECT id, grant_type FROM client_grant_type_TEMP, client_details WHERE client_details.client_id = client_grant_type_TEMP.owner_id) AS vals(id, grant_type)
+  ON vals.id = client_grant_type.owner_id AND vals.grant_type = client_grant_type.grant_type
+  WHEN NOT MATCHED THEN 
+    INSERT (owner_id, grant_type) values (vals.id, vals.grant_type);
+    
+-- 
+-- Close the transaction and turn autocommit back on
+-- 
+    
+COMMIT;
+
+SET AUTOCOMMIT TRUE;
+
diff --git a/openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_index.sql b/openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_index.sql
new file mode 100644
index 000000000..38636a96f
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_index.sql
@@ -0,0 +1,19 @@
+-- 
+-- Indexes for HSQLDB
+-- 
+
+CREATE INDEX IF NOT EXISTS at_tv_idx ON access_token(token_value);
+CREATE INDEX IF NOT EXISTS ts_oi_idx ON token_scope(owner_id);
+CREATE INDEX IF NOT EXISTS at_exp_idx ON access_token(expiration);
+CREATE INDEX IF NOT EXISTS rf_ahi_idx ON refresh_token(auth_holder_id);
+CREATE INDEX IF NOT EXISTS rf_tv_idx ON refresh_token(token_value);
+CREATE INDEX IF NOT EXISTS cd_ci_idx ON client_details(client_id);
+CREATE INDEX IF NOT EXISTS at_ahi_idx ON access_token(auth_holder_id);
+CREATE INDEX IF NOT EXISTS aha_oi_idx ON authentication_holder_authority(owner_id);
+CREATE INDEX IF NOT EXISTS ahe_oi_idx ON authentication_holder_extension(owner_id);
+CREATE INDEX IF NOT EXISTS ahrp_oi_idx ON authentication_holder_request_parameter(owner_id);
+CREATE INDEX IF NOT EXISTS ahri_oi_idx ON authentication_holder_resource_id(owner_id);
+CREATE INDEX IF NOT EXISTS ahrt_oi_idx ON authentication_holder_response_type(owner_id);
+CREATE INDEX IF NOT EXISTS ahs_oi_idx ON authentication_holder_scope(owner_id);
+CREATE INDEX IF NOT EXISTS ac_ahi_idx ON authorization_code(auth_holder_id);
+CREATE INDEX IF NOT EXISTS suaa_oi_idx ON saved_user_auth_authority(owner_id);
diff --git a/openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_tables.sql b/openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_tables.sql
new file mode 100644
index 000000000..2a0175629
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/hsql/hsql_database_tables.sql
@@ -0,0 +1,384 @@
+--
+-- Tables for OIDC Server functionality, HSQL
+--
+
+CREATE TABLE IF NOT EXISTS access_token (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	token_value VARCHAR(4096),
+	expiration TIMESTAMP,
+	token_type VARCHAR(256),
+	refresh_token_id BIGINT,
+	client_id BIGINT,
+	auth_holder_id BIGINT,
+	approved_site_id BIGINT,
+	UNIQUE(token_value)
+);
+
+CREATE TABLE IF NOT EXISTS access_token_permissions (
+	access_token_id BIGINT NOT NULL,
+	permission_id BIGINT NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS address (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	formatted VARCHAR(256),
+	street_address VARCHAR(256),
+	locality VARCHAR(256),
+	region VARCHAR(256),
+	postal_code VARCHAR(256),
+	country VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS approved_site (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	user_id VARCHAR(256),
+	client_id VARCHAR(256),
+	creation_date TIMESTAMP,
+	access_date TIMESTAMP,
+	timeout_date TIMESTAMP,
+	whitelisted_site_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS approved_site_scope (
+	owner_id BIGINT,
+	scope VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	user_auth_id BIGINT,
+	approved BOOLEAN,
+	redirect_uri VARCHAR(2048),
+	client_id VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_authority (
+	owner_id BIGINT,
+	authority VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_resource_id (
+	owner_id BIGINT,
+	resource_id VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_response_type (
+	owner_id BIGINT,
+	response_type VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_extension (
+	owner_id BIGINT,
+	extension VARCHAR(2048),
+	val VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_scope (
+	owner_id BIGINT,
+	scope VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_request_parameter (
+	owner_id BIGINT,
+	param VARCHAR(2048),
+	val VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS saved_user_auth (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	name VARCHAR(1024),
+	authenticated BOOLEAN,
+	source_class VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS saved_user_auth_authority (
+	owner_id BIGINT,
+	authority VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS client_authority (
+	owner_id BIGINT,
+	authority VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS authorization_code (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	code VARCHAR(256),
+	auth_holder_id BIGINT,
+	expiration TIMESTAMP
+);
+
+CREATE TABLE IF NOT EXISTS client_grant_type (
+	owner_id BIGINT,
+	grant_type VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS client_response_type (
+	owner_id BIGINT,
+	response_type VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS blacklisted_site (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	uri VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS client_details (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+
+	client_description VARCHAR(1024),
+	reuse_refresh_tokens BOOLEAN DEFAULT true NOT NULL,
+	dynamically_registered BOOLEAN DEFAULT false NOT NULL,
+	allow_introspection BOOLEAN DEFAULT false NOT NULL,
+	id_token_validity_seconds BIGINT DEFAULT 600 NOT NULL,
+	device_code_validity_seconds BIGINT,
+	
+	client_id VARCHAR(256),
+	client_secret VARCHAR(2048),
+	access_token_validity_seconds BIGINT,
+	refresh_token_validity_seconds BIGINT,
+	
+	application_type VARCHAR(256),
+	client_name VARCHAR(256),
+	token_endpoint_auth_method VARCHAR(256),
+	subject_type VARCHAR(256),
+	
+	logo_uri VARCHAR(2048),
+	policy_uri VARCHAR(2048),
+	client_uri VARCHAR(2048),
+	tos_uri VARCHAR(2048),
+
+	jwks_uri VARCHAR(2048),
+	jwks VARCHAR(8192),
+	sector_identifier_uri VARCHAR(2048),
+	
+	request_object_signing_alg VARCHAR(256),
+	
+	user_info_signed_response_alg VARCHAR(256),
+	user_info_encrypted_response_alg VARCHAR(256),
+	user_info_encrypted_response_enc VARCHAR(256),
+	
+	id_token_signed_response_alg VARCHAR(256),
+	id_token_encrypted_response_alg VARCHAR(256),
+	id_token_encrypted_response_enc VARCHAR(256),
+	
+	token_endpoint_auth_signing_alg VARCHAR(256),
+	
+	default_max_age BIGINT,
+	require_auth_time BOOLEAN,
+	created_at TIMESTAMP,
+	initiate_login_uri VARCHAR(2048),
+	clear_access_tokens_on_refresh BOOLEAN DEFAULT true NOT NULL,
+	
+	software_statement VARCHAR(4096),
+	software_id VARCHAR(2048),
+	software_version VARCHAR(2048),
+	
+	code_challenge_method VARCHAR(256),
+	
+	UNIQUE (client_id)
+);
+
+CREATE TABLE IF NOT EXISTS client_request_uri (
+	owner_id BIGINT,
+	request_uri VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS client_post_logout_redirect_uri (
+	owner_id BIGINT,
+	post_logout_redirect_uri VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS client_default_acr_value (
+	owner_id BIGINT,
+	default_acr_value VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS client_contact (
+	owner_id BIGINT,
+	contact VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS client_redirect_uri (
+	owner_id BIGINT, 
+	redirect_uri VARCHAR(2048) 
+);
+
+CREATE TABLE IF NOT EXISTS client_claims_redirect_uri (
+	owner_id BIGINT, 
+	redirect_uri VARCHAR(2048) 
+);
+
+CREATE TABLE IF NOT EXISTS refresh_token (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	token_value VARCHAR(4096),
+	expiration TIMESTAMP,
+	auth_holder_id BIGINT,
+	client_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS client_resource (
+	owner_id BIGINT, 
+	resource_id VARCHAR(256) 
+);
+
+CREATE TABLE IF NOT EXISTS client_scope (
+	owner_id BIGINT,
+	scope VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS token_scope (
+	owner_id BIGINT,
+	scope VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS system_scope (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	scope VARCHAR(256) NOT NULL,
+	description VARCHAR(4096),
+	icon VARCHAR(256),
+	restricted BOOLEAN DEFAULT false NOT NULL,
+	default_scope BOOLEAN DEFAULT false NOT NULL,
+	UNIQUE (scope)
+);
+
+CREATE TABLE IF NOT EXISTS user_info (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	sub VARCHAR(256),
+	preferred_username VARCHAR(256),
+	name VARCHAR(256),
+	given_name VARCHAR(256),
+	family_name VARCHAR(256),
+	middle_name VARCHAR(256),
+	nickname VARCHAR(256),
+	profile VARCHAR(256),
+	picture VARCHAR(256),
+	website VARCHAR(256),
+	email VARCHAR(256),
+	email_verified BOOLEAN,
+	gender VARCHAR(256),
+	zone_info VARCHAR(256),
+	locale VARCHAR(256),
+	phone_number VARCHAR(256),
+	phone_number_verified BOOLEAN,
+	address_id VARCHAR(256),
+	updated_time VARCHAR(256),
+	birthdate VARCHAR(256),
+	src VARCHAR(4096)
+);
+
+CREATE TABLE IF NOT EXISTS whitelisted_site (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	creator_user_id VARCHAR(256),
+	client_id VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS whitelisted_site_scope (
+	owner_id BIGINT,
+	scope VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS pairwise_identifier (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	identifier VARCHAR(256),
+	sub VARCHAR(256),
+	sector_identifier VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS resource_set (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	name VARCHAR(1024) NOT NULL,
+	uri VARCHAR(1024),
+	icon_uri VARCHAR(1024),
+	rs_type VARCHAR(256),
+	owner VARCHAR(256) NOT NULL,
+	client_id VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS resource_set_scope (
+	owner_id BIGINT NOT NULL,
+	scope VARCHAR(256) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS permission_ticket (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	ticket VARCHAR(256) NOT NULL,
+	permission_id BIGINT NOT NULL,
+	expiration TIMESTAMP
+);
+
+CREATE TABLE IF NOT EXISTS permission (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	resource_set_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS permission_scope (
+	owner_id BIGINT NOT NULL,
+	scope VARCHAR(256) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS claim (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	name VARCHAR(256),
+	friendly_name VARCHAR(1024),
+	claim_type VARCHAR(1024),
+	claim_value VARCHAR(1024)
+);
+
+CREATE TABLE IF NOT EXISTS claim_to_policy (
+	policy_id BIGINT NOT NULL,
+	claim_id BIGINT NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS claim_to_permission_ticket (
+	permission_ticket_id BIGINT NOT NULL,
+	claim_id BIGINT NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS policy (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	name VARCHAR(1024),
+	resource_set_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS policy_scope (
+	owner_id BIGINT NOT NULL,
+	scope VARCHAR(256) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS claim_token_format (
+	owner_id BIGINT NOT NULL,
+	claim_token_format VARCHAR(1024)
+);
+
+CREATE TABLE IF NOT EXISTS claim_issuer (
+	owner_id BIGINT NOT NULL,
+	issuer VARCHAR(1024)
+);
+
+CREATE TABLE IF NOT EXISTS saved_registered_client (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	issuer VARCHAR(1024),
+	registered_client VARCHAR(8192)
+);
+
+CREATE TABLE IF NOT EXISTS device_code (
+	id BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) PRIMARY KEY,
+	device_code VARCHAR(1024),
+	user_code VARCHAR(1024),
+	expiration TIMESTAMP,
+	client_id VARCHAR(256),
+	approved BOOLEAN,
+	auth_holder_id BIGINT	
+);
+
+CREATE TABLE IF NOT EXISTS device_code_scope (
+	owner_id BIGINT NOT NULL,
+	scope VARCHAR(256) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS device_code_request_parameter (
+	owner_id BIGINT,
+	param VARCHAR(2048),
+	val VARCHAR(2048)
+);
diff --git a/openid-connect-server-webapp/src/main/resources/db/hsql/loading_temp_tables.sql b/openid-connect-server-webapp/src/main/resources/db/hsql/loading_temp_tables.sql
new file mode 100644
index 000000000..37b0092e7
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/hsql/loading_temp_tables.sql
@@ -0,0 +1,73 @@
+--
+-- Temporary tables used during the bootstrapping process to safely load users and clients.
+-- These are not needed if you're not using the users.sql/clients.sql files to bootstrap the database.
+--
+
+CREATE TEMPORARY TABLE IF NOT EXISTS authorities_TEMP (
+      username varchar(50) not null,
+      authority varchar(50) not null,
+      constraint ix_authority_TEMP unique (username,authority));
+      
+CREATE TEMPORARY TABLE IF NOT EXISTS users_TEMP (
+      username varchar(50) not null primary key,
+      password varchar(50) not null,
+      enabled boolean not null);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS user_info_TEMP (
+	sub VARCHAR(256) not null primary key,
+	preferred_username VARCHAR(256),
+	name VARCHAR(256),
+	given_name VARCHAR(256),
+	family_name VARCHAR(256),
+	middle_name VARCHAR(256),
+	nickname VARCHAR(256),
+	profile VARCHAR(256),
+	picture VARCHAR(256),
+	website VARCHAR(256),
+	email VARCHAR(256),
+	email_verified BOOLEAN,
+	gender VARCHAR(256),
+	zone_info VARCHAR(256),
+	locale VARCHAR(256),
+	phone_number VARCHAR(256),
+	address_id VARCHAR(256),
+	updated_time VARCHAR(256),
+	birthdate VARCHAR(256)
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS client_details_TEMP (
+	client_description VARCHAR(256),
+	dynamically_registered BOOLEAN,
+	id_token_validity_seconds BIGINT,
+	
+	client_id VARCHAR(256),
+	client_secret VARCHAR(2048),
+	access_token_validity_seconds BIGINT,
+	refresh_token_validity_seconds BIGINT,
+	allow_introspection BOOLEAN,
+	
+	client_name VARCHAR(256)
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS client_scope_TEMP (
+	owner_id VARCHAR(256),
+	scope VARCHAR(2048)
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS client_redirect_uri_TEMP (
+	owner_id VARCHAR(256),
+	redirect_uri VARCHAR(2048) 
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS client_grant_type_TEMP (
+	owner_id VARCHAR(256),
+	grant_type VARCHAR(2000)
+);
+
+CREATE TEMPORARY TABLE IF NOT EXISTS system_scope_TEMP (
+	scope VARCHAR(256),
+	description VARCHAR(4096),
+	icon VARCHAR(256),
+	restricted BOOLEAN,
+	default_scope BOOLEAN
+);
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/resources/db/hsql/scopes.sql b/openid-connect-server-webapp/src/main/resources/db/hsql/scopes.sql
new file mode 100644
index 000000000..8e72c88c7
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/hsql/scopes.sql
@@ -0,0 +1,33 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+SET AUTOCOMMIT FALSE;
+
+START TRANSACTION;
+
+--
+-- Insert scope information into the temporary tables.
+-- 
+
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope) VALUES
+  ('openid', 'log in using your identity', 'user', false, true),
+  ('profile', 'basic profile information', 'list-alt', false, true),
+  ('email', 'email address', 'envelope', false, true),
+  ('address', 'physical address', 'home', false, true),
+  ('phone', 'telephone number', 'bell', false, true),
+  ('offline_access', 'offline access', 'time', false, false);
+  
+--
+-- Merge the temporary scopes safely into the database. This is a two-step process to keep scopes from being created on every startup with a persistent store.
+--
+
+MERGE INTO system_scope
+	USING (SELECT scope, description, icon, restricted, default_scope  FROM system_scope_TEMP) AS vals(scope, description, icon, restricted, default_scope)
+	ON vals.scope = system_scope.scope
+	WHEN NOT MATCHED THEN
+	  INSERT (scope, description, icon, restricted, default_scope) VALUES(vals.scope, vals.description, vals.icon, vals.restricted, vals.default_scope);
+
+COMMIT;
+
+SET AUTOCOMMIT TRUE;
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/resources/db/hsql/security-schema.sql b/openid-connect-server-webapp/src/main/resources/db/hsql/security-schema.sql
new file mode 100644
index 000000000..bc5d70b88
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/hsql/security-schema.sql
@@ -0,0 +1,14 @@
+-- 
+-- Tables for Spring Security's user details service
+--
+  
+create table IF NOT EXISTS users(
+      username varchar(50) not null primary key,
+      password varchar(50) not null,
+      enabled boolean not null);
+
+  create table IF NOT EXISTS authorities (
+      username varchar(50) not null,
+      authority varchar(50) not null,
+      constraint fk_authorities_users foreign key(username) references users(username),
+      constraint ix_authority unique (username,authority));
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/resources/db/hsql/users.sql b/openid-connect-server-webapp/src/main/resources/db/hsql/users.sql
new file mode 100644
index 000000000..6e6958e1f
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/hsql/users.sql
@@ -0,0 +1,59 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+SET AUTOCOMMIT FALSE;
+
+START TRANSACTION;
+
+--
+-- Insert user information into the temporary tables. To add users to the HSQL database, edit things here.
+-- 
+
+INSERT INTO users_TEMP (username, password, enabled) VALUES
+  ('admin','password',true),
+  ('user','password',true);
+
+
+INSERT INTO authorities_TEMP (username, authority) VALUES
+  ('admin','ROLE_ADMIN'),
+  ('admin','ROLE_USER'),
+  ('user','ROLE_USER');
+    
+-- By default, the username column here has to match the username column in the users table, above
+INSERT INTO user_info_TEMP (sub, preferred_username, name, email, email_verified) VALUES
+  ('90342.ASDFJWFA','admin','Demo Admin','admin@example.com', true),
+  ('01921.FLANRJQW','user','Demo User','user@example.com', true);
+
+ 
+--
+-- Merge the temporary users safely into the database. This is a two-step process to keep users from being created on every startup with a persistent store.
+--
+
+MERGE INTO users 
+  USING (SELECT username, password, enabled FROM users_TEMP) AS vals(username, password, enabled)
+  ON vals.username = users.username
+  WHEN NOT MATCHED THEN 
+    INSERT (username, password, enabled) VALUES(vals.username, vals.password, vals.enabled);
+
+MERGE INTO authorities 
+  USING (SELECT username, authority FROM authorities_TEMP) AS vals(username, authority)
+  ON vals.username = authorities.username AND vals.authority = authorities.authority
+  WHEN NOT MATCHED THEN 
+    INSERT (username,authority) values (vals.username, vals.authority);
+
+MERGE INTO user_info 
+  USING (SELECT sub, preferred_username, name, email, email_verified FROM user_info_TEMP) AS vals(sub, preferred_username, name, email, email_verified)
+  ON vals.preferred_username = user_info.preferred_username
+  WHEN NOT MATCHED THEN 
+    INSERT (sub, preferred_username, name, email, email_verified) VALUES (vals.sub, vals.preferred_username, vals.name, vals.email, vals.email_verified);
+
+    
+-- 
+-- Close the transaction and turn autocommit back on
+-- 
+    
+COMMIT;
+
+SET AUTOCOMMIT TRUE;
+
diff --git a/openid-connect-server-webapp/src/main/resources/db/mysql/clients.sql b/openid-connect-server-webapp/src/main/resources/db/mysql/clients.sql
new file mode 100644
index 000000000..7f0255789
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/mysql/clients.sql
@@ -0,0 +1,61 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+SET AUTOCOMMIT = 0;
+
+START TRANSACTION;
+
+--
+-- Insert client information into the temporary tables. To add clients to the HSQL database, edit things here.
+-- 
+
+INSERT INTO client_details_TEMP (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection) VALUES
+	('client', 'secret', 'Test Client', false, null, 3600, 600, true);
+
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES
+	('client', 'openid'),
+	('client', 'profile'),
+	('client', 'email'),
+	('client', 'address'),
+	('client', 'phone'),
+	('client', 'offline_access');
+
+INSERT INTO client_redirect_uri_TEMP (owner_id, redirect_uri) VALUES
+	('client', 'http://localhost/'),
+	('client', 'http://localhost:8080/');
+	
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES
+	('client', 'authorization_code'),
+	('client', 'urn:ietf:params:oauth:grant_type:redelegate'),
+	('client', 'implicit'),
+	('client', 'refresh_token');
+	
+--
+-- Merge the temporary clients safely into the database. This is a two-step process to keep clients from being created on every startup with a persistent store.
+--
+
+INSERT INTO client_details (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection)
+  SELECT client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection FROM client_details_TEMP
+  ON DUPLICATE KEY UPDATE client_details.client_id = client_details.client_id;
+
+INSERT INTO client_scope (owner_id, scope)
+  SELECT id, scope FROM client_scope_TEMP, client_details WHERE client_details.client_id = client_scope_TEMP.owner_id
+  ON DUPLICATE KEY UPDATE client_scope.owner_id = client_scope.owner_id;
+
+INSERT INTO client_redirect_uri (owner_id, redirect_uri)
+  SELECT id, redirect_uri FROM client_redirect_uri_TEMP, client_details WHERE client_details.client_id = client_redirect_uri_TEMP.owner_id
+  ON DUPLICATE KEY UPDATE client_redirect_uri.owner_id = client_redirect_uri.owner_id;
+
+INSERT INTO client_grant_type (owner_id, grant_type)
+  SELECT id, grant_type FROM client_grant_type_TEMP, client_details WHERE client_details.client_id = client_grant_type_TEMP.owner_id
+  ON DUPLICATE KEY UPDATE client_grant_type.owner_id = client_grant_type.owner_id;
+    
+-- 
+-- Close the transaction and turn autocommit back on
+-- 
+    
+COMMIT;
+
+SET AUTOCOMMIT = 1;
+
diff --git a/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_index.sql b/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_index.sql
new file mode 100644
index 000000000..f5daf991d
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_index.sql
@@ -0,0 +1,19 @@
+--
+-- Indexes for MySQL
+--
+
+CREATE INDEX at_tv_idx ON access_token(token_value(767));
+CREATE INDEX ts_oi_idx ON token_scope(owner_id);
+CREATE INDEX at_exp_idx ON access_token(expiration);
+CREATE INDEX rf_ahi_idx ON refresh_token(auth_holder_id);
+CREATE INDEX rf_tv_idx ON refresh_token(token_value(105));
+CREATE INDEX cd_ci_idx ON client_details(client_id);
+CREATE INDEX at_ahi_idx ON access_token(auth_holder_id);
+CREATE INDEX aha_oi_idx ON authentication_holder_authority(owner_id);
+CREATE INDEX ahe_oi_idx ON authentication_holder_extension(owner_id);
+CREATE INDEX ahrp_oi_idx ON authentication_holder_request_parameter(owner_id);
+CREATE INDEX ahri_oi_idx ON authentication_holder_resource_id(owner_id);
+CREATE INDEX ahrt_oi_idx ON authentication_holder_response_type(owner_id);
+CREATE INDEX ahs_oi_idx ON authentication_holder_scope(owner_id);
+CREATE INDEX ac_ahi_idx ON authorization_code(auth_holder_id);
+CREATE INDEX suaa_oi_idx ON saved_user_auth_authority(owner_id);
diff --git a/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_tables.sql b/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_tables.sql
new file mode 100644
index 000000000..7e00cc876
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/mysql/mysql_database_tables.sql
@@ -0,0 +1,383 @@
+--
+-- Tables for OIDC Server functionality, MySQL
+--
+
+CREATE TABLE IF NOT EXISTS access_token (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	token_value VARCHAR(4096),
+	expiration TIMESTAMP NULL,
+	token_type VARCHAR(256),
+	refresh_token_id BIGINT,
+	client_id BIGINT,
+	auth_holder_id BIGINT,
+	approved_site_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS access_token_permissions (
+	access_token_id BIGINT NOT NULL,
+	permission_id BIGINT NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS address (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	formatted VARCHAR(256),
+	street_address VARCHAR(256),
+	locality VARCHAR(256),
+	region VARCHAR(256),
+	postal_code VARCHAR(256),
+	country VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS approved_site (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	user_id VARCHAR(256),
+	client_id VARCHAR(256),
+	creation_date TIMESTAMP NULL,
+	access_date TIMESTAMP NULL,
+	timeout_date TIMESTAMP NULL,
+	whitelisted_site_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS approved_site_scope (
+	owner_id BIGINT,
+	scope VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	user_auth_id BIGINT,
+	approved BOOLEAN,
+	redirect_uri VARCHAR(2048),
+	client_id VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_authority (
+	owner_id BIGINT,
+	authority VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_resource_id (
+	owner_id BIGINT,
+	resource_id VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_response_type (
+	owner_id BIGINT,
+	response_type VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_extension (
+	owner_id BIGINT,
+	extension VARCHAR(2048),
+	val VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_scope (
+	owner_id BIGINT,
+	scope VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_request_parameter (
+	owner_id BIGINT,
+	param VARCHAR(2048),
+	val VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS saved_user_auth (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	name VARCHAR(1024),
+	authenticated BOOLEAN,
+	source_class VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS saved_user_auth_authority (
+	owner_id BIGINT,
+	authority VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS client_authority (
+	owner_id BIGINT,
+	authority VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS authorization_code (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	code VARCHAR(256),
+	auth_holder_id BIGINT,
+	expiration TIMESTAMP NULL
+);
+
+CREATE TABLE IF NOT EXISTS client_grant_type (
+	owner_id BIGINT,
+	grant_type VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS client_response_type (
+	owner_id BIGINT,
+	response_type VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS blacklisted_site (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	uri VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS client_details (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+
+	client_description VARCHAR(1024),
+	reuse_refresh_tokens BOOLEAN DEFAULT true NOT NULL,
+	dynamically_registered BOOLEAN DEFAULT false NOT NULL,
+	allow_introspection BOOLEAN DEFAULT false NOT NULL,
+	id_token_validity_seconds BIGINT DEFAULT 600 NOT NULL,
+	device_code_validity_seconds BIGINT,
+	
+	client_id VARCHAR(256),
+	client_secret VARCHAR(2048),
+	access_token_validity_seconds BIGINT,
+	refresh_token_validity_seconds BIGINT,
+	
+	application_type VARCHAR(256),
+	client_name VARCHAR(256),
+	token_endpoint_auth_method VARCHAR(256),
+	subject_type VARCHAR(256),
+	
+	logo_uri VARCHAR(2048),
+	policy_uri VARCHAR(2048),
+	client_uri VARCHAR(2048),
+	tos_uri VARCHAR(2048),
+
+	jwks_uri VARCHAR(2048),
+	jwks VARCHAR(8192),
+	sector_identifier_uri VARCHAR(2048),
+	
+	request_object_signing_alg VARCHAR(256),
+	
+	user_info_signed_response_alg VARCHAR(256),
+	user_info_encrypted_response_alg VARCHAR(256),
+	user_info_encrypted_response_enc VARCHAR(256),
+	
+	id_token_signed_response_alg VARCHAR(256),
+	id_token_encrypted_response_alg VARCHAR(256),
+	id_token_encrypted_response_enc VARCHAR(256),
+	
+	token_endpoint_auth_signing_alg VARCHAR(256),
+	
+	default_max_age BIGINT,
+	require_auth_time BOOLEAN,
+	created_at TIMESTAMP NULL,
+	initiate_login_uri VARCHAR(2048),
+	clear_access_tokens_on_refresh BOOLEAN DEFAULT true NOT NULL,
+	
+	software_statement VARCHAR(4096),
+	software_id VARCHAR(2048),
+	software_version VARCHAR(2048),
+	
+	code_challenge_method VARCHAR(256),
+	
+	UNIQUE (client_id)
+);
+
+CREATE TABLE IF NOT EXISTS client_request_uri (
+	owner_id BIGINT,
+	request_uri VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS client_post_logout_redirect_uri (
+	owner_id BIGINT,
+	post_logout_redirect_uri VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS client_default_acr_value (
+	owner_id BIGINT,
+	default_acr_value VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS client_contact (
+	owner_id BIGINT,
+	contact VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS client_redirect_uri (
+	owner_id BIGINT, 
+	redirect_uri VARCHAR(2048) 
+);
+
+CREATE TABLE IF NOT EXISTS client_claims_redirect_uri (
+	owner_id BIGINT, 
+	redirect_uri VARCHAR(2048) 
+);
+
+CREATE TABLE IF NOT EXISTS refresh_token (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	token_value VARCHAR(4096),
+	expiration TIMESTAMP NULL,
+	auth_holder_id BIGINT,
+	client_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS client_resource (
+	owner_id BIGINT, 
+	resource_id VARCHAR(256) 
+);
+
+CREATE TABLE IF NOT EXISTS client_scope (
+	owner_id BIGINT,
+	scope VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS token_scope (
+	owner_id BIGINT,
+	scope VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS system_scope (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	scope VARCHAR(256) NOT NULL,
+	description VARCHAR(4096),
+	icon VARCHAR(256),
+	restricted BOOLEAN DEFAULT false NOT NULL,
+	default_scope BOOLEAN DEFAULT false NOT NULL,
+	UNIQUE (scope)
+);
+
+CREATE TABLE IF NOT EXISTS user_info (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	sub VARCHAR(256),
+	preferred_username VARCHAR(256),
+	name VARCHAR(256),
+	given_name VARCHAR(256),
+	family_name VARCHAR(256),
+	middle_name VARCHAR(256),
+	nickname VARCHAR(256),
+	profile VARCHAR(256),
+	picture VARCHAR(256),
+	website VARCHAR(256),
+	email VARCHAR(256),
+	email_verified BOOLEAN,
+	gender VARCHAR(256),
+	zone_info VARCHAR(256),
+	locale VARCHAR(256),
+	phone_number VARCHAR(256),
+	phone_number_verified BOOLEAN,
+	address_id VARCHAR(256),
+	updated_time VARCHAR(256),
+	birthdate VARCHAR(256),
+	src VARCHAR(4096)
+);
+
+CREATE TABLE IF NOT EXISTS whitelisted_site (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	creator_user_id VARCHAR(256),
+	client_id VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS whitelisted_site_scope (
+	owner_id BIGINT,
+	scope VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS pairwise_identifier (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	identifier VARCHAR(256),
+	sub VARCHAR(256),
+	sector_identifier VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS resource_set (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	name VARCHAR(1024) NOT NULL,
+	uri VARCHAR(1024),
+	icon_uri VARCHAR(1024),
+	rs_type VARCHAR(256),
+	owner VARCHAR(256) NOT NULL,
+	client_id VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS resource_set_scope (
+	owner_id BIGINT NOT NULL,
+	scope VARCHAR(256) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS permission_ticket (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	ticket VARCHAR(256) NOT NULL,
+	permission_id BIGINT NOT NULL,
+	expiration TIMESTAMP NULL
+);
+
+CREATE TABLE IF NOT EXISTS permission (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	resource_set_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS permission_scope (
+	owner_id BIGINT NOT NULL,
+	scope VARCHAR(256) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS claim (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	name VARCHAR(256),
+	friendly_name VARCHAR(1024),
+	claim_type VARCHAR(1024),
+	claim_value VARCHAR(1024)
+);
+
+CREATE TABLE IF NOT EXISTS claim_to_policy (
+	policy_id BIGINT NOT NULL,
+	claim_id BIGINT NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS claim_to_permission_ticket (
+	permission_ticket_id BIGINT NOT NULL,
+	claim_id BIGINT NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS policy (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	name VARCHAR(1024),
+	resource_set_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS policy_scope (
+	owner_id BIGINT NOT NULL,
+	scope VARCHAR(256) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS claim_token_format (
+	owner_id BIGINT NOT NULL,
+	claim_token_format VARCHAR(1024)
+);
+
+CREATE TABLE IF NOT EXISTS claim_issuer (
+	owner_id BIGINT NOT NULL,
+	issuer VARCHAR(1024)
+);
+
+CREATE TABLE IF NOT EXISTS saved_registered_client (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	issuer VARCHAR(1024),
+	registered_client VARCHAR(8192)
+);
+
+CREATE TABLE IF NOT EXISTS device_code (
+	id BIGINT AUTO_INCREMENT PRIMARY KEY,
+	device_code VARCHAR(1024),
+	user_code VARCHAR(1024),
+	expiration TIMESTAMP NULL,
+	client_id VARCHAR(256),
+	approved BOOLEAN,
+	auth_holder_id BIGINT	
+);
+
+CREATE TABLE IF NOT EXISTS device_code_scope (
+	owner_id BIGINT NOT NULL,
+	scope VARCHAR(256) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS device_code_request_parameter (
+	owner_id BIGINT,
+	param VARCHAR(2048),
+	val VARCHAR(2048)
+);
diff --git a/openid-connect-server-webapp/src/main/resources/db/mysql/scopes.sql b/openid-connect-server-webapp/src/main/resources/db/mysql/scopes.sql
new file mode 100644
index 000000000..3768977ec
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/mysql/scopes.sql
@@ -0,0 +1,31 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+SET AUTOCOMMIT = 0;
+
+START TRANSACTION;
+
+--
+-- Insert scope information into the temporary tables.
+-- 
+
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope) VALUES
+  ('openid', 'log in using your identity', 'user', false, true),
+  ('profile', 'basic profile information', 'list-alt', false, true),
+  ('email', 'email address', 'envelope', false, true),
+  ('address', 'physical address', 'home', false, true),
+  ('phone', 'telephone number', 'bell', false, true),
+  ('offline_access', 'offline access', 'time', false, false);
+  
+--
+-- Merge the temporary scopes safely into the database. This is a two-step process to keep scopes from being created on every startup with a persistent store.
+--
+
+INSERT INTO system_scope (scope, description, icon, restricted, default_scope, structured, structured_param_description) 
+  SELECT scope, description, icon, restricted, default_scope, structured, structured_param_description FROM system_scope_TEMP
+  ON DUPLICATE KEY UPDATE system_scope.scope = system_scope.scope;
+
+COMMIT;
+
+SET AUTOCOMMIT = 1;
diff --git a/openid-connect-server-webapp/src/main/resources/db/mysql/security-schema.sql b/openid-connect-server-webapp/src/main/resources/db/mysql/security-schema.sql
new file mode 100644
index 000000000..bc5d70b88
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/mysql/security-schema.sql
@@ -0,0 +1,14 @@
+-- 
+-- Tables for Spring Security's user details service
+--
+  
+create table IF NOT EXISTS users(
+      username varchar(50) not null primary key,
+      password varchar(50) not null,
+      enabled boolean not null);
+
+  create table IF NOT EXISTS authorities (
+      username varchar(50) not null,
+      authority varchar(50) not null,
+      constraint fk_authorities_users foreign key(username) references users(username),
+      constraint ix_authority unique (username,authority));
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/resources/db/mysql/users.sql b/openid-connect-server-webapp/src/main/resources/db/mysql/users.sql
new file mode 100644
index 000000000..fc82e4800
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/mysql/users.sql
@@ -0,0 +1,52 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+SET AUTOCOMMIT = 0;
+
+START TRANSACTION;
+
+--
+-- Insert user information into the temporary tables. To add users to the HSQL database, edit things here.
+-- 
+
+INSERT INTO users_TEMP (username, password, enabled) VALUES
+  ('admin','password',true),
+  ('user','password',true);
+
+
+INSERT INTO authorities_TEMP (username, authority) VALUES
+  ('admin','ROLE_ADMIN'),
+  ('admin','ROLE_USER'),
+  ('user','ROLE_USER');
+    
+-- By default, the username column here has to match the username column in the users table, above
+INSERT INTO user_info_TEMP (sub, preferred_username, name, email, email_verified) VALUES
+  ('90342.ASDFJWFA','admin','Demo Admin','admin@example.com', true),
+  ('01921.FLANRJQW','user','Demo User','user@example.com', true);
+
+ 
+--
+-- Merge the temporary users safely into the database. This is a two-step process to keep users from being created on every startup with a persistent store.
+--
+
+INSERT INTO users (username, password, enabled)
+  SELECT username, password, enabled FROM users_TEMP
+  ON DUPLICATE KEY UPDATE users.username = users.username;
+
+INSERT INTO authorities (username,authority)
+  SELECT username, authority FROM authorities_TEMP
+  ON DUPLICATE KEY UPDATE authorities.username = authorities.username;
+
+INSERT INTO user_info (sub, preferred_username, name, email, email_verified)
+  SELECT sub, preferred_username, name, email, email_verified FROM user_info_TEMP
+  ON DUPLICATE KEY UPDATE user_info.preferred_username = user_info.preferred_username;
+    
+-- 
+-- Close the transaction and turn autocommit back on
+-- 
+    
+COMMIT;
+
+SET AUTOCOMMIT = 1;
+
diff --git a/openid-connect-server-webapp/src/main/resources/db/oracle/clients_oracle.sql b/openid-connect-server-webapp/src/main/resources/db/oracle/clients_oracle.sql
new file mode 100644
index 000000000..488d92845
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/oracle/clients_oracle.sql
@@ -0,0 +1,51 @@
+--
+-- Insert client information into the temporary tables. To add clients to the Oracle database, edit things here.
+-- 
+
+INSERT INTO client_details_TEMP (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection) VALUES
+	('client', 'secret', 'Test Client', 0, null, 3600, 600, 1);
+
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('client', 'openid');
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('client', 'profile');
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('client', 'email');
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('client', 'address');
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('client', 'phone');
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('client', 'offline_access');
+
+INSERT INTO client_redirect_uri_TEMP (owner_id, redirect_uri) VALUES ('client', 'http://localhost/');
+INSERT INTO client_redirect_uri_TEMP (owner_id, redirect_uri) VALUES ('client', 'http://localhost:8080/');
+
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES ('client', 'authorization_code');
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES ('client', 'urn:ietf:params:oauth:grant_type:redelegate');
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES ('client', 'implicit');
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES ('client', 'refresh_token');
+	
+--
+-- Merge the temporary clients safely into the database. This is a two-step process to keep clients from being created on every startup with a persistent store.
+--
+
+MERGE INTO client_details 
+  USING (SELECT client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection FROM client_details_TEMP) vals
+  ON (vals.client_id = client_details.client_id)
+  WHEN NOT MATCHED THEN 
+    INSERT (id, client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds,
+    id_token_validity_seconds, allow_introspection) VALUES(client_details_seq.nextval, vals.client_id, vals.client_secret, vals.client_name, vals.dynamically_registered,
+    vals.refresh_token_validity_seconds, vals.access_token_validity_seconds, vals.id_token_validity_seconds, vals.allow_introspection);
+
+MERGE INTO client_scope 
+  USING (SELECT id, scope FROM client_scope_TEMP, client_details WHERE client_details.client_id = client_scope_TEMP.owner_id) vals
+  ON (vals.id = client_scope.owner_id AND vals.scope = client_scope.scope)
+  WHEN NOT MATCHED THEN 
+    INSERT (owner_id, scope) values (vals.id, vals.scope);
+
+MERGE INTO client_redirect_uri 
+  USING (SELECT id, redirect_uri FROM client_redirect_uri_TEMP, client_details WHERE client_details.client_id = client_redirect_uri_TEMP.owner_id) vals
+  ON (vals.id = client_redirect_uri.owner_id AND vals.redirect_uri = client_redirect_uri.redirect_uri)
+  WHEN NOT MATCHED THEN 
+    INSERT (owner_id, redirect_uri) values (vals.id, vals.redirect_uri);
+
+MERGE INTO client_grant_type 
+  USING (SELECT id, grant_type FROM client_grant_type_TEMP, client_details WHERE client_details.client_id = client_grant_type_TEMP.owner_id) vals
+  ON (vals.id = client_grant_type.owner_id AND vals.grant_type = client_grant_type.grant_type)
+  WHEN NOT MATCHED THEN 
+    INSERT (owner_id, grant_type) values (vals.id, vals.grant_type);
diff --git a/openid-connect-server-webapp/src/main/resources/db/oracle/entity-mappings_oracle.xml b/openid-connect-server-webapp/src/main/resources/db/oracle/entity-mappings_oracle.xml
new file mode 100644
index 000000000..2aba62824
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/oracle/entity-mappings_oracle.xml
@@ -0,0 +1,281 @@
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<entity-mappings xmlns="http://xmlns.jcp.org/xml/ns/persistence/orm"
+                 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                 xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/persistence/orm http://xmlns.jcp.org/xml/ns/persistence/orm_2_0.xsd"
+                 version="2.1">
+
+    <description>OpenID Connect Server entities</description>
+
+    <entity class="org.mitre.oauth2.model.AuthenticationHolderEntity" name="AuthenticationHolderEntity">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="AuthenticationHolderSequenceGenerator"/>
+                <sequence-generator name="AuthenticationHolderSequenceGenerator" sequence-name="authentication_holder_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+            <!-- table name too long: authentication_holder_authority -->
+            <element-collection fetch="EAGER" name="authorities">
+                <collection-table name="auth_holder_authority">
+                    <join-column name="owner_id"/>
+                </collection-table>
+                <convert converter="org.mitre.oauth2.model.convert.SimpleGrantedAuthorityStringConverter"/>
+                <column name="authority"/>
+            </element-collection>
+            <!-- table name too long: authentication_holder_resource_id -->
+            <element-collection fetch="EAGER" name="resourceIds">
+                <collection-table name="auth_holder_resource_id">
+                    <join-column name="owner_id"/>
+                </collection-table>
+                <column name="resource_id"/>
+            </element-collection>
+            <!-- table name too long: authentication_holder_response_type -->
+            <element-collection fetch="EAGER" name="responseTypes">
+                <collection-table name="auth_holder_response_type">
+                    <join-column name="owner_id"/>
+                </collection-table>
+                <column name="response_type"/>
+            </element-collection>
+            <!-- table name too long: authentication_holder_extension -->
+            <element-collection fetch="EAGER" name="extensions">
+                <collection-table name="auth_holder_extension">
+                    <join-column name="owner_id"/>
+                </collection-table>
+                <column name="val"/>
+                <map-key-column name="extension"/>
+                <convert converter="org.mitre.oauth2.model.convert.SerializableStringConverter"/>
+            </element-collection>
+            <!-- table name too long: authentication_holder_request_parameter -->
+            <element-collection fetch="EAGER" name="requestParameters">
+                <collection-table name="auth_holder_request_parameter">
+                    <join-column name="owner_id"/>
+                </collection-table>
+                <column name="val"/>
+                <map-key-column name="param"/>
+            </element-collection>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.oauth2.model.AuthorizationCodeEntity" name="AuthorizationCodeEntity">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="AuthorizationCodeSequenceGenerator"/>
+                <sequence-generator name="AuthorizationCodeSequenceGenerator" sequence-name="authorization_code_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.oauth2.model.ClientDetailsEntity" name="ClientDetailsEntity">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="ClientDetailsSequenceGenerator"/>
+                <sequence-generator name="ClientDetailsSequenceGenerator" sequence-name="client_details_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+            <!-- column name too long: user_info_encrypted_response_alg -->
+            <basic name="userInfoEncryptedResponseAlg">
+                <column name="user_info_encrypted_resp_alg"/>
+                <convert converter="org.mitre.oauth2.model.convert.JWEAlgorithmStringConverter"/>
+            </basic>
+            <!-- column name too long: user_info_encrypted_response_enc -->
+            <basic name="userInfoEncryptedResponseEnc">
+                <column name="user_info_encrypted_resp_enc"/>
+                <convert converter="org.mitre.oauth2.model.convert.JWEEncryptionMethodStringConverter"/>
+            </basic>
+            <!-- column name too long: id_token_encrypted_response_alg -->
+            <basic name="idTokenEncryptedResponseAlg">
+                <column name="id_token_encrypted_resp_alg"/>
+                <convert converter="org.mitre.oauth2.model.convert.JWEAlgorithmStringConverter"/>
+            </basic>
+            <!-- column name too long: id_token_encrypted_response_enc -->
+            <basic name="idTokenEncryptedResponseEnc">
+                <column name="id_token_encrypted_resp_enc"/>
+                <convert converter="org.mitre.oauth2.model.convert.JWEEncryptionMethodStringConverter"/>
+            </basic>
+            <!-- column name too long: token_endpoint_auth_signing_alg -->
+            <basic name="tokenEndpointAuthSigningAlg">
+                <column name="token_endpoint_auth_sign_alg"/>
+                <convert converter="org.mitre.oauth2.model.convert.JWSAlgorithmStringConverter"/>
+            </basic>
+            <!-- table name too long: client_post_logout_redirect_uri -->
+            <element-collection fetch="EAGER" name="postLogoutRedirectUris">
+                <collection-table name="client_post_logout_redir_uri">
+                    <join-column name="owner_id"/>
+                </collection-table>
+                <column name="post_logout_redirect_uri"/>
+            </element-collection>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.oauth2.model.OAuth2AccessTokenEntity" name="OAuth2AccessTokenEntity">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="OAuth2AccessTokenSequenceGenerator"/>
+                <sequence-generator name="OAuth2AccessTokenSequenceGenerator" sequence-name="access_token_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.oauth2.model.OAuth2RefreshTokenEntity" name="OAuth2RefreshTokenEntity">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="OAuth2RefreshTokenSequenceGenerator"/>
+                <sequence-generator name="OAuth2RefreshTokenSequenceGenerator" sequence-name="refresh_token_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.oauth2.model.SavedUserAuthentication" name="SavedUserAuthentication">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="SavedUserAuthenticationSequenceGenerator"/>
+                <sequence-generator name="SavedUserAuthenticationSequenceGenerator" sequence-name="saved_user_auth_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.oauth2.model.SystemScope" name="SystemScope">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="SystemScopeSequenceGenerator"/>
+                <sequence-generator name="SystemScopeSequenceGenerator" sequence-name="system_scope_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.openid.connect.model.ApprovedSite" name="ApprovedSite">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="ApprovedSiteSequenceGenerator"/>
+                <sequence-generator name="ApprovedSiteSequenceGenerator" sequence-name="approved_site_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.openid.connect.model.BlacklistedSite" name="BlacklistedSite">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="BlacklistedSiteSequenceGenerator"/>
+                <sequence-generator name="BlacklistedSiteSequenceGenerator" sequence-name="blacklisted_site_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.openid.connect.model.PairwiseIdentifier" name="PairwiseIdentifier">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="PairwiseIdentifierSequenceGenerator"/>
+                <sequence-generator name="PairwiseIdentifierSequenceGenerator" sequence-name="pairwise_identifier_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.openid.connect.model.WhitelistedSite" name="WhitelistedSite">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="WhitelistedSiteSequenceGenerator"/>
+                <sequence-generator name="WhitelistedSiteSequenceGenerator" sequence-name="whitelisted_site_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.uma.model.Claim" name="Claim">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="ClaimSequenceGenerator"/>
+                <sequence-generator name="ClaimSequenceGenerator" sequence-name="claim_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.uma.model.Permission" name="Permission">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="PermissionSequenceGenerator"/>
+                <sequence-generator name="PermissionSequenceGenerator" sequence-name="permission_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.uma.model.PermissionTicket" name="PermissionTicket">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="PermissionTicketSequenceGenerator"/>
+                <sequence-generator name="PermissionTicketSequenceGenerator" sequence-name="permission_ticket_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.uma.model.Policy" name="Policy">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="PolicySequenceGenerator"/>
+                <sequence-generator name="PolicySequenceGenerator" sequence-name="policy_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.uma.model.ResourceSet" name="ResourceSet">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="ResourceSetSequenceGenerator"/>
+                <sequence-generator name="ResourceSetSequenceGenerator" sequence-name="resource_set_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+    <entity class="org.mitre.uma.model.SavedRegisteredClient" name="SavedRegisteredClient">
+        <attributes>
+            <!-- changing generated value to sequence strategy (Oracle doesn't support identity) -->
+            <id name="id">
+                <generated-value strategy="SEQUENCE" generator="SavedRegisteredClientSequenceGenerator"/>
+                <sequence-generator name="SavedRegisteredClientSequenceGenerator" sequence-name="saved_registered_client_seq" allocation-size="1"/>
+                <column name="id"/>
+            </id>
+        </attributes>
+    </entity>
+
+</entity-mappings>
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/resources/db/oracle/loading_temp_tables_oracle.sql b/openid-connect-server-webapp/src/main/resources/db/oracle/loading_temp_tables_oracle.sql
new file mode 100644
index 000000000..c9a1e7f3d
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/oracle/loading_temp_tables_oracle.sql
@@ -0,0 +1,77 @@
+--
+-- Temporary tables used during the bootstrapping process to safely load users and clients.
+-- These are not needed if you're not using the users.sql/clients.sql files to bootstrap the database.
+--
+
+CREATE GLOBAL TEMPORARY TABLE authorities_TEMP (
+  username varchar2(50) not null,
+  authority varchar2(50) not null,
+  constraint ix_authority_TEMP unique (username,authority)
+) ON COMMIT PRESERVE ROWS;
+      
+CREATE GLOBAL TEMPORARY TABLE users_TEMP (
+  username VARCHAR2(50) not null primary key,
+  password VARCHAR2(50) not null,
+  enabled NUMBER(1) not null
+) ON COMMIT PRESERVE ROWS;
+
+CREATE GLOBAL TEMPORARY TABLE user_info_TEMP (
+	sub VARCHAR2(256) not null primary key,
+	preferred_username VARCHAR2(256),
+	name VARCHAR2(256),
+	given_name VARCHAR2(256),
+	family_name VARCHAR2(256),
+	middle_name VARCHAR2(256),
+	nickname VARCHAR2(256),
+	profile VARCHAR2(256),
+	picture VARCHAR2(256),
+	website VARCHAR2(256),
+	email VARCHAR2(256),
+	email_verified NUMBER(1),
+	gender VARCHAR2(256),
+	zone_info VARCHAR2(256),
+	locale VARCHAR2(256),
+	phone_number VARCHAR2(256),
+	address_id VARCHAR2(256),
+	updated_time VARCHAR2(256),
+	birthdate VARCHAR2(256)
+) ON COMMIT PRESERVE ROWS;
+
+CREATE GLOBAL TEMPORARY TABLE client_details_TEMP (
+	client_description VARCHAR2(256),
+	dynamically_registered NUMBER(1),
+	id_token_validity_seconds NUMBER(19),
+	
+	client_id VARCHAR2(256),
+	client_secret VARCHAR2(2048),
+	access_token_validity_seconds NUMBER(19),
+	refresh_token_validity_seconds NUMBER(19),
+	allow_introspection NUMBER(1),
+	
+	client_name VARCHAR2(256)
+) ON COMMIT PRESERVE ROWS;
+
+CREATE GLOBAL TEMPORARY TABLE client_scope_TEMP (
+	owner_id VARCHAR2(256),
+	scope VARCHAR2(2048)
+) ON COMMIT PRESERVE ROWS;
+
+CREATE GLOBAL TEMPORARY TABLE client_redirect_uri_TEMP (
+	owner_id VARCHAR2(256),
+	redirect_uri VARCHAR2(2048) 
+) ON COMMIT PRESERVE ROWS;
+
+CREATE GLOBAL TEMPORARY TABLE client_grant_type_TEMP (
+	owner_id VARCHAR2(256),
+	grant_type VARCHAR2(2000)
+) ON COMMIT PRESERVE ROWS;
+
+CREATE GLOBAL TEMPORARY TABLE system_scope_TEMP (
+	scope VARCHAR2(256),
+	description VARCHAR2(4000),
+	icon VARCHAR2(256),
+	restricted NUMBER(1),
+	default_scope NUMBER(1),
+	structured NUMBER(1),
+	structured_param_description VARCHAR2(256)
+) ON COMMIT PRESERVE ROWS;
diff --git a/openid-connect-server-webapp/src/main/resources/db/oracle/oracle_database_index.sql b/openid-connect-server-webapp/src/main/resources/db/oracle/oracle_database_index.sql
new file mode 100644
index 000000000..fc70a7ae4
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/oracle/oracle_database_index.sql
@@ -0,0 +1,18 @@
+--
+-- Indexes for Oracle
+--
+
+CREATE INDEX at_tv_idx ON access_token(token_value);
+CREATE INDEX ts_oi_idx ON token_scope(owner_id);
+CREATE INDEX at_exp_idx ON access_token(expiration);
+CREATE INDEX rf_ahi_idx ON refresh_token(auth_holder_id);
+CREATE INDEX rf_tv_idx ON refresh_token(token_value);
+CREATE INDEX at_ahi_idx ON access_token(auth_holder_id);
+CREATE INDEX aha_oi_idx ON authentication_holder_authority(owner_id);
+CREATE INDEX ahe_oi_idx ON authentication_holder_extension(owner_id);
+CREATE INDEX ahrp_oi_idx ON authentication_holder_request_parameter(owner_id);
+CREATE INDEX ahri_oi_idx ON authentication_holder_resource_id(owner_id);
+CREATE INDEX ahrt_oi_idx ON authentication_holder_response_type(owner_id);
+CREATE INDEX ahs_oi_idx ON authentication_holder_scope(owner_id);
+CREATE INDEX ac_ahi_idx ON authorization_code(auth_holder_id);
+CREATE INDEX suaa_oi_idx ON saved_user_auth_authority(owner_id);
diff --git a/openid-connect-server-webapp/src/main/resources/db/oracle/oracle_database_tables.sql b/openid-connect-server-webapp/src/main/resources/db/oracle/oracle_database_tables.sql
new file mode 100644
index 000000000..9f430adac
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/oracle/oracle_database_tables.sql
@@ -0,0 +1,417 @@
+--
+-- Tables for OIDC Server functionality, Oracle
+--
+
+CREATE TABLE access_token (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  token_value VARCHAR2(4000),
+  expiration TIMESTAMP,
+  token_type VARCHAR2(256),
+  refresh_token_id NUMBER(19),
+  client_id NUMBER(19),
+  auth_holder_id NUMBER(19),
+  approved_site_id NUMBER(19)
+);
+CREATE SEQUENCE access_token_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE access_token_permissions (
+  access_token_id NUMBER(19) NOT NULL,
+  permission_id NUMBER(19) NOT NULL
+);
+
+CREATE TABLE address (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  formatted VARCHAR2(256),
+  street_address VARCHAR2(256),
+  locality VARCHAR2(256),
+  region VARCHAR2(256),
+  postal_code VARCHAR2(256),
+  country VARCHAR2(256)
+);
+CREATE SEQUENCE address_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE approved_site (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  user_id VARCHAR2(256),
+  client_id VARCHAR2(256),
+  creation_date TIMESTAMP,
+  access_date TIMESTAMP,
+  timeout_date TIMESTAMP,
+  whitelisted_site_id NUMBER(19)
+);
+CREATE SEQUENCE approved_site_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE approved_site_scope (
+  owner_id NUMBER(19),
+  scope VARCHAR2(256)
+);
+
+CREATE TABLE authentication_holder (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  user_auth_id NUMBER(19),
+  approved NUMBER(1),
+  redirect_uri VARCHAR2(2048),
+  client_id VARCHAR2(256),
+
+  CONSTRAINT approved_check CHECK (approved in (1,0))
+);
+CREATE SEQUENCE authentication_holder_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE auth_holder_authority (
+  owner_id NUMBER(19),
+  authority VARCHAR2(256)
+);
+
+CREATE TABLE auth_holder_resource_id (
+  owner_id NUMBER(19),
+  resource_id VARCHAR2(2048)
+);
+
+CREATE TABLE auth_holder_response_type (
+  owner_id NUMBER(19),
+  response_type VARCHAR2(2048)
+);
+
+CREATE TABLE auth_holder_extension (
+  owner_id NUMBER(19),
+  extension VARCHAR2(2048),
+  val VARCHAR2(2048)
+);
+
+CREATE TABLE authentication_holder_scope (
+  owner_id NUMBER(19),
+  scope VARCHAR2(2048)
+);
+
+CREATE TABLE auth_holder_request_parameter (
+  owner_id NUMBER(19),
+  param VARCHAR2(2048),
+  val VARCHAR2(2048)
+);
+
+CREATE TABLE saved_user_auth (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  name VARCHAR2(1024),
+  authenticated NUMBER(1),
+  source_class VARCHAR2(2048),
+
+  CONSTRAINT authenticated_check CHECK (authenticated in (1,0))
+);
+CREATE SEQUENCE saved_user_auth_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE saved_user_auth_authority (
+  owner_id NUMBER(19),
+  authority VARCHAR2(256)
+);
+
+CREATE TABLE client_authority (
+  owner_id NUMBER(19),
+  authority VARCHAR2(256)
+);
+
+CREATE TABLE authorization_code (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  code VARCHAR2(256),
+  auth_holder_id NUMBER(19),
+  expiration TIMESTAMP
+);
+CREATE SEQUENCE authorization_code_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE client_grant_type (
+  owner_id NUMBER(19),
+  grant_type VARCHAR2(2000)
+);
+
+CREATE TABLE client_response_type (
+  owner_id NUMBER(19),
+  response_type VARCHAR2(2000)
+);
+
+CREATE TABLE blacklisted_site (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  uri VARCHAR2(2048)
+);
+CREATE SEQUENCE blacklisted_site_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE client_details (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+
+  client_description VARCHAR2(1024),
+  reuse_refresh_tokens NUMBER(1) DEFAULT 1 NOT NULL,
+  dynamically_registered NUMBER(1) DEFAULT 0 NOT NULL,
+  allow_introspection NUMBER(1) DEFAULT 0 NOT NULL,
+  id_token_validity_seconds NUMBER(19) DEFAULT 600 NOT NULL,
+
+  client_id VARCHAR2(256),
+  client_secret VARCHAR2(2048),
+  access_token_validity_seconds NUMBER(19),
+  refresh_token_validity_seconds NUMBER(19),
+  device_code_validity_seconds NUMBER(19),
+
+  application_type VARCHAR2(256),
+  client_name VARCHAR2(256),
+  token_endpoint_auth_method VARCHAR2(256),
+  subject_type VARCHAR2(256),
+
+  logo_uri VARCHAR2(2048),
+  policy_uri VARCHAR2(2048),
+  client_uri VARCHAR2(2048),
+  tos_uri VARCHAR2(2048),
+
+  jwks_uri VARCHAR2(2048),
+  jwks CLOB,
+  sector_identifier_uri VARCHAR2(2048),
+
+  request_object_signing_alg VARCHAR2(256),
+
+  user_info_signed_response_alg VARCHAR2(256),
+  user_info_encrypted_resp_alg VARCHAR2(256),
+  user_info_encrypted_resp_enc VARCHAR2(256),
+
+  id_token_signed_response_alg VARCHAR2(256),
+  id_token_encrypted_resp_alg VARCHAR2(256),
+  id_token_encrypted_resp_enc VARCHAR2(256),
+
+  token_endpoint_auth_sign_alg VARCHAR2(256),
+
+  default_max_age NUMBER(19),
+  require_auth_time NUMBER(1),
+  created_at TIMESTAMP,
+  initiate_login_uri VARCHAR2(2048),
+  clear_access_tokens_on_refresh NUMBER(1) DEFAULT 1 NOT NULL,
+  
+  software_statement VARCHAR(4096),
+  software_id VARCHAR(2048),
+  software_statement VARCHAR2(4000),
+	
+  code_challenge_method VARCHAR2(256),
+
+  CONSTRAINT client_details_unique UNIQUE (client_id),
+  CONSTRAINT reuse_refresh_tokens_check CHECK (reuse_refresh_tokens in (1,0)),
+  CONSTRAINT dynamically_registered_check CHECK (dynamically_registered in (1,0)),
+  CONSTRAINT allow_introspection_check CHECK (allow_introspection in (1,0)),
+  CONSTRAINT require_auth_time_check CHECK (require_auth_time in (1,0)),
+  CONSTRAINT clear_acc_tok_on_refresh_check CHECK (clear_access_tokens_on_refresh in (1,0))
+);
+CREATE SEQUENCE client_details_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE client_request_uri (
+  owner_id NUMBER(19),
+  request_uri VARCHAR2(2000)
+);
+
+CREATE TABLE client_post_logout_redir_uri (
+  owner_id NUMBER(19),
+  post_logout_redirect_uri VARCHAR2(2000)
+);
+
+CREATE TABLE client_default_acr_value (
+  owner_id NUMBER(19),
+  default_acr_value VARCHAR2(2000)
+);
+
+CREATE TABLE client_contact (
+  owner_id NUMBER(19),
+  contact VARCHAR2(256)
+);
+
+CREATE TABLE client_redirect_uri (
+  owner_id NUMBER(19),
+  redirect_uri VARCHAR2(2048)
+);
+
+CREATE TABLE client_claims_redirect_uri (
+  owner_id NUMBER(19),
+  redirect_uri VARCHAR2(2048)
+);
+
+CREATE TABLE refresh_token (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  token_value VARCHAR2(4000),
+  expiration TIMESTAMP,
+  auth_holder_id NUMBER(19),
+  client_id NUMBER(19)
+);
+CREATE SEQUENCE refresh_token_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE client_resource (
+  owner_id NUMBER(19),
+  resource_id VARCHAR2(256)
+);
+
+CREATE TABLE client_scope (
+  owner_id NUMBER(19),
+  scope VARCHAR2(2048)
+);
+
+CREATE TABLE token_scope (
+  owner_id NUMBER(19),
+  scope VARCHAR2(2048)
+);
+
+CREATE TABLE system_scope (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  scope VARCHAR2(256) NOT NULL,
+  description VARCHAR2(4000),
+  icon VARCHAR2(256),
+  restricted NUMBER(1) DEFAULT 0 NOT NULL,
+  default_scope NUMBER(1) DEFAULT 0 NOT NULL
+
+  CONSTRAINT system_scope_unique UNIQUE (scope),
+  CONSTRAINT default_scope_check CHECK (default_scope in (1,0)),
+  CONSTRAINT restricted_check CHECK (restricted in (1,0))
+);
+CREATE SEQUENCE system_scope_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE user_info (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  sub VARCHAR2(256),
+  preferred_username VARCHAR2(256),
+  name VARCHAR2(256),
+  given_name VARCHAR2(256),
+  family_name VARCHAR2(256),
+  middle_name VARCHAR2(256),
+  nickname VARCHAR2(256),
+  profile VARCHAR2(256),
+  picture VARCHAR2(256),
+  website VARCHAR2(256),
+  email VARCHAR2(256),
+  email_verified NUMBER(1),
+  gender VARCHAR2(256),
+  zone_info VARCHAR2(256),
+  locale VARCHAR2(256),
+  phone_number VARCHAR2(256),
+  phone_number_verified NUMBER(1),
+  address_id VARCHAR2(256),
+  updated_time VARCHAR2(256),
+  birthdate VARCHAR2(256),
+  src VARCHAR2(4000),
+
+  CONSTRAINT email_verified_check CHECK (email_verified in (1,0)),
+  CONSTRAINT phone_number_verified_check CHECK (phone_number_verified in (1,0))
+);
+CREATE SEQUENCE user_info_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE whitelisted_site (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  creator_user_id VARCHAR2(256),
+  client_id VARCHAR2(256)
+);
+CREATE SEQUENCE whitelisted_site_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE whitelisted_site_scope (
+  owner_id NUMBER(19),
+  scope VARCHAR2(256)
+);
+
+CREATE TABLE pairwise_identifier (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  identifier VARCHAR2(256),
+  sub VARCHAR2(256),
+  sector_identifier VARCHAR2(2048)
+);
+CREATE SEQUENCE pairwise_identifier_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE resource_set (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  name VARCHAR2(1024) NOT NULL,
+  uri VARCHAR2(1024),
+  icon_uri VARCHAR2(1024),
+  rs_type VARCHAR2(256),
+  owner VARCHAR2(256) NOT NULL,
+  client_id VARCHAR2(256)
+);
+CREATE SEQUENCE resource_set_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE resource_set_scope (
+  owner_id NUMBER(19) NOT NULL,
+  scope VARCHAR2(256) NOT NULL
+);
+
+CREATE TABLE permission_ticket (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  ticket VARCHAR2(256) NOT NULL,
+  permission_id NUMBER(19) NOT NULL,
+  expiration TIMESTAMP
+);
+CREATE SEQUENCE permission_ticket_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE permission (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  resource_set_id NUMBER(19)
+);
+CREATE SEQUENCE permission_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE permission_scope (
+  owner_id NUMBER(19) NOT NULL,
+  scope VARCHAR2(256) NOT NULL
+);
+
+CREATE TABLE claim (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  name VARCHAR2(256),
+  friendly_name VARCHAR2(1024),
+  claim_type VARCHAR2(1024),
+  claim_value VARCHAR2(1024)
+);
+CREATE SEQUENCE claim_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE claim_to_policy (
+  policy_id NUMBER(19) NOT NULL,
+  claim_id NUMBER(19) NOT NULL
+);
+
+CREATE TABLE claim_to_permission_ticket (
+  permission_ticket_id NUMBER(19) NOT NULL,
+  claim_id NUMBER(19) NOT NULL
+);
+
+CREATE TABLE policy (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  name VARCHAR2(1024),
+  resource_set_id NUMBER(19)
+);
+CREATE SEQUENCE policy_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE policy_scope (
+  owner_id NUMBER(19) NOT NULL,
+  scope VARCHAR2(256) NOT NULL
+);
+
+CREATE TABLE claim_token_format (
+  owner_id NUMBER(19) NOT NULL,
+  claim_token_format VARCHAR2(1024) NOT NULL
+);
+
+CREATE TABLE claim_issuer (
+  owner_id NUMBER(19) NOT NULL,
+  issuer VARCHAR2(1024) NOT NULL
+);
+
+CREATE TABLE saved_registered_client (
+  id NUMBER(19) NOT NULL PRIMARY KEY,
+  issuer VARCHAR2(1024),
+  registered_client CLOB
+);
+CREATE SEQUENCE saved_registered_client_seq START WITH 1 INCREMENT BY 1 NOCACHE NOCYCLE;
+
+CREATE TABLE IF NOT EXISTS device_code (
+	id NUMBER(19) NOT NULL PRIMARY KEY,
+	device_code VARCHAR2(1024),
+	user_code VARCHAR2(1024),
+	expiration TIMESTAMP,
+	client_id VARCHAR2(256),
+	approved BOOLEAN,
+	auth_holder_id NUMBER(19)	
+);
+
+CREATE TABLE IF NOT EXISTS device_code_scope (
+	owner_id NUMBER(19) NOT NULL,
+	scope VARCHAR2(256) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS device_code_request_parameter (
+	owner_id NUMBER(19),
+	param VARCHAR2(2048),
+	val VARCHAR2(2048)
+);
diff --git a/openid-connect-server-webapp/src/main/resources/db/oracle/scopes_oracle.sql b/openid-connect-server-webapp/src/main/resources/db/oracle/scopes_oracle.sql
new file mode 100644
index 000000000..bb6bc82a2
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/oracle/scopes_oracle.sql
@@ -0,0 +1,26 @@
+--
+-- Insert scope information into the temporary tables.
+-- 
+
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope) VALUES
+  ('openid', 'log in using your identity', 'user', 0, 1);
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope) VALUES
+  ('profile', 'basic profile information', 'list-alt', 0, 1);
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope) VALUES
+  ('email', 'email address', 'envelope', 0, 1);
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope) VALUES
+  ('address', 'physical address', 'home', 0, 1);
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope) VALUES
+  ('phone', 'telephone number', 'bell', 0, 1, 0);
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope) VALUES
+  ('offline_access', 'offline access', 'time', 0, 0);
+--
+-- Merge the temporary scopes safely into the database. This is a two-step process to keep scopes from being created on every startup with a persistent store.
+--
+
+MERGE INTO system_scope
+	USING (SELECT scope, description, icon, restricted, default_scope FROM system_scope_TEMP) vals
+	ON (vals.scope = system_scope.scope)
+	WHEN NOT MATCHED THEN
+	  INSERT (id, scope, description, icon, restricted, default_scope) VALUES(system_scope_seq.nextval, vals.scope,
+	  vals.description, vals.icon, vals.restricted, vals.default_scope);
diff --git a/openid-connect-server-webapp/src/main/resources/db/oracle/security-schema_oracle.sql b/openid-connect-server-webapp/src/main/resources/db/oracle/security-schema_oracle.sql
new file mode 100644
index 000000000..5b67ef668
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/oracle/security-schema_oracle.sql
@@ -0,0 +1,18 @@
+-- 
+-- Tables for Spring Security's user details service
+--
+  
+create table users(
+  username varchar2(50) not null primary key,
+  password varchar2(50) not null,
+  enabled number(1) not null,
+
+  constraint enabled_check check (enabled in (1, 0))
+);
+
+create table authorities (
+  username varchar2(50) not null,
+  authority varchar2(50) not null,
+  constraint fk_authorities_users foreign key(username) references users(username),
+  constraint ix_authority unique (username,authority)
+);
diff --git a/openid-connect-server-webapp/src/main/resources/db/oracle/users_oracle.sql b/openid-connect-server-webapp/src/main/resources/db/oracle/users_oracle.sql
new file mode 100644
index 000000000..732a13f16
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/oracle/users_oracle.sql
@@ -0,0 +1,39 @@
+--
+-- Insert user information into the temporary tables. To add users to the Oracle database, edit things here.
+-- 
+
+INSERT INTO users_TEMP (username, password, enabled) VALUES ('admin','password',1);
+INSERT INTO users_TEMP (username, password, enabled) VALUES ('user','password',1);
+
+
+INSERT INTO authorities_TEMP (username, authority) VALUES ('admin','ROLE_ADMIN');
+INSERT INTO authorities_TEMP (username, authority) VALUES('admin','ROLE_USER');
+INSERT INTO authorities_TEMP (username, authority) VALUES('user','ROLE_USER');
+    
+-- By default, the username column here has to match the username column in the users table, above
+INSERT INTO user_info_TEMP (sub, preferred_username, name, email, email_verified) VALUES ('90342.ASDFJWFA','admin','Demo Admin','admin@example.com', 1);
+INSERT INTO user_info_TEMP (sub, preferred_username, name, email, email_verified) VALUES ('01921.FLANRJQW','user','Demo User','user@example.com', 1);
+
+ 
+--
+-- Merge the temporary users safely into the database. This is a two-step process to keep users from being created on every startup with a persistent store.
+--
+
+MERGE INTO users 
+  USING (SELECT username, password, enabled FROM users_TEMP) vals
+  ON (vals.username = users.username)
+  WHEN NOT MATCHED THEN 
+    INSERT (username, password, enabled) VALUES(vals.username, vals.password, vals.enabled);
+
+MERGE INTO authorities 
+  USING (SELECT username, authority FROM authorities_TEMP) vals
+  ON (vals.username = authorities.username AND vals.authority = authorities.authority)
+  WHEN NOT MATCHED THEN 
+    INSERT (username,authority) values (vals.username, vals.authority);
+
+MERGE INTO user_info 
+  USING (SELECT sub, preferred_username, name, email, email_verified FROM user_info_TEMP) vals
+  ON (vals.preferred_username = user_info.preferred_username)
+  WHEN NOT MATCHED THEN 
+    INSERT (id, sub, preferred_username, name, email, email_verified) VALUES (user_info_seq.nextval, vals.sub, vals.preferred_username, vals.name, vals.email,
+    vals.email_verified);
diff --git a/openid-connect-server-webapp/src/main/resources/db/psql/clients.sql b/openid-connect-server-webapp/src/main/resources/db/psql/clients.sql
new file mode 100644
index 000000000..bf14c2b2b
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/psql/clients.sql
@@ -0,0 +1,66 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+--SET AUTOCOMMIT = OFF;
+
+START TRANSACTION;
+
+--
+-- Insert client information into the temporary tables. To add clients to the HSQL database, edit things here.
+-- 
+
+INSERT INTO client_details_TEMP (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection) VALUES
+	('client', 'secret', 'Test Client', false, null, 3600, 600, true);
+
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES
+	('client', 'openid'),
+	('client', 'profile'),
+	('client', 'email'),
+	('client', 'address'),
+	('client', 'phone'),
+	('client', 'offline_access');
+
+INSERT INTO client_redirect_uri_TEMP (owner_id, redirect_uri) VALUES
+	('client', 'http://localhost/'),
+	('client', 'http://localhost:8080/');
+	
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES
+	('client', 'authorization_code'),
+	('client', 'urn:ietf:params:oauth:grant_type:redelegate'),
+	('client', 'implicit'),
+	('client', 'refresh_token');
+	
+--
+-- Merge the temporary clients safely into the database. This is a two-step process to keep clients from being created on every startup with a persistent store.
+--
+
+INSERT INTO client_details (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection)
+  SELECT client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection FROM client_details_TEMP
+  ON CONFLICT
+  DO NOTHING;
+
+INSERT INTO client_scope (scope)
+  SELECT scope FROM client_scope_TEMP, client_details WHERE client_details.client_id = client_scope_TEMP.owner_id
+  ON CONFLICT
+  DO NOTHING;
+
+INSERT INTO client_redirect_uri (redirect_uri)
+  SELECT redirect_uri FROM client_redirect_uri_TEMP, client_details WHERE client_details.client_id = client_redirect_uri_TEMP.owner_id
+  ON CONFLICT
+  DO NOTHING;
+
+INSERT INTO client_grant_type (grant_type)
+  SELECT grant_type FROM client_grant_type_TEMP, client_details WHERE client_details.client_id = client_grant_type_TEMP.owner_id
+  ON CONFLICT
+  DO NOTHING;
+    
+-- 
+-- Close the transaction and turn autocommit back on
+-- 
+    
+COMMIT;
+
+--SET AUTOCOMMIT = ON;
+
+
diff --git a/openid-connect-server-webapp/src/main/resources/db/psql/psql_database_index.sql b/openid-connect-server-webapp/src/main/resources/db/psql/psql_database_index.sql
new file mode 100644
index 000000000..a641ff821
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/psql/psql_database_index.sql
@@ -0,0 +1,19 @@
+--
+-- Indexes for PostgreSQL
+--
+
+CREATE INDEX IF NOT EXISTS at_tv_idx ON access_token(token_value);
+CREATE INDEX IF NOT EXISTS ts_oi_idx ON token_scope(owner_id);
+CREATE INDEX IF NOT EXISTS at_exp_idx ON access_token(expiration);
+CREATE INDEX IF NOT EXISTS rf_ahi_idx ON refresh_token(auth_holder_id);
+CREATE INDEX IF NOT EXISTS rf_tv_idx ON refresh_token(token_value);
+CREATE INDEX IF NOT EXISTS cd_ci_idx ON client_details(client_id);
+CREATE INDEX IF NOT EXISTS at_ahi_idx ON access_token(auth_holder_id);
+CREATE INDEX IF NOT EXISTS aha_oi_idx ON authentication_holder_authority(owner_id);
+CREATE INDEX IF NOT EXISTS ahe_oi_idx ON authentication_holder_extension(owner_id);
+CREATE INDEX IF NOT EXISTS ahrp_oi_idx ON authentication_holder_request_parameter(owner_id);
+CREATE INDEX IF NOT EXISTS ahri_oi_idx ON authentication_holder_resource_id(owner_id);
+CREATE INDEX IF NOT EXISTS ahrt_oi_idx ON authentication_holder_response_type(owner_id);
+CREATE INDEX IF NOT EXISTS ahs_oi_idx ON authentication_holder_scope(owner_id);
+CREATE INDEX IF NOT EXISTS ac_ahi_idx ON authorization_code(auth_holder_id);
+CREATE INDEX IF NOT EXISTS suaa_oi_idx ON saved_user_auth_authority(owner_id);
diff --git a/openid-connect-server-webapp/src/main/resources/db/psql/psql_database_tables.sql b/openid-connect-server-webapp/src/main/resources/db/psql/psql_database_tables.sql
new file mode 100644
index 000000000..be871b7e8
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/psql/psql_database_tables.sql
@@ -0,0 +1,384 @@
+--
+-- Tables for OIDC Server functionality, PostgreSQL
+--
+
+CREATE TABLE IF NOT EXISTS access_token (
+	id BIGSERIAL PRIMARY KEY,
+	token_value VARCHAR(4096),
+	expiration TIMESTAMP,
+	token_type VARCHAR(256),
+	refresh_token_id BIGINT,
+	client_id BIGINT,
+	auth_holder_id BIGINT,
+	approved_site_id BIGINT,
+	UNIQUE(token_value)
+);
+
+CREATE TABLE IF NOT EXISTS access_token_permissions (
+	access_token_id BIGINT NOT NULL,
+	permission_id BIGINT NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS address (
+	id BIGSERIAL PRIMARY KEY,
+	formatted VARCHAR(256),
+	street_address VARCHAR(256),
+	locality VARCHAR(256),
+	region VARCHAR(256),
+	postal_code VARCHAR(256),
+	country VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS approved_site (
+	id BIGSERIAL PRIMARY KEY,
+	user_id VARCHAR(256),
+	client_id VARCHAR(256),
+	creation_date TIMESTAMP,
+	access_date TIMESTAMP,
+	timeout_date TIMESTAMP,
+	whitelisted_site_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS approved_site_scope (
+	owner_id BIGINT,
+	scope VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder (
+	id BIGSERIAL PRIMARY KEY,
+	user_auth_id BIGINT,
+	approved BOOLEAN,
+	redirect_uri VARCHAR(2048),
+	client_id VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_authority (
+	owner_id BIGINT,
+	authority VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_resource_id (
+	owner_id BIGINT,
+	resource_id VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_response_type (
+	owner_id BIGINT,
+	response_type VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_extension (
+	owner_id BIGINT,
+	extension VARCHAR(2048),
+	val VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_scope (
+	owner_id BIGINT,
+	scope VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS authentication_holder_request_parameter (
+	owner_id BIGINT,
+	param VARCHAR(2048),
+	val VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS saved_user_auth (
+	id BIGSERIAL PRIMARY KEY,
+	name VARCHAR(1024),
+	authenticated BOOLEAN,
+	source_class VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS saved_user_auth_authority (
+	owner_id BIGINT,
+	authority VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS client_authority (
+	owner_id BIGINT,
+	authority VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS authorization_code (
+	id BIGSERIAL PRIMARY KEY,
+	code VARCHAR(256),
+	auth_holder_id BIGINT,
+	expiration TIMESTAMP
+);
+
+CREATE TABLE IF NOT EXISTS client_grant_type (
+	owner_id BIGINT,
+	grant_type VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS client_response_type (
+	owner_id BIGINT,
+	response_type VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS blacklisted_site (
+	id BIGSERIAL PRIMARY KEY,
+	uri VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS client_details (
+	id BIGSERIAL PRIMARY KEY,
+
+	client_description VARCHAR(1024),
+	reuse_refresh_tokens BOOLEAN DEFAULT true NOT NULL,
+	dynamically_registered BOOLEAN DEFAULT false NOT NULL,
+	allow_introspection BOOLEAN DEFAULT false NOT NULL,
+	id_token_validity_seconds BIGINT DEFAULT 600 NOT NULL,
+	device_code_validity_seconds BIGINT,
+
+	client_id VARCHAR(256),
+	client_secret VARCHAR(2048),
+	access_token_validity_seconds BIGINT,
+	refresh_token_validity_seconds BIGINT,
+
+	application_type VARCHAR(256),
+	client_name VARCHAR(256),
+	token_endpoint_auth_method VARCHAR(256),
+	subject_type VARCHAR(256),
+
+	logo_uri VARCHAR(2048),
+	policy_uri VARCHAR(2048),
+	client_uri VARCHAR(2048),
+	tos_uri VARCHAR(2048),
+
+	jwks_uri VARCHAR(2048),
+	jwks VARCHAR(8192),
+	sector_identifier_uri VARCHAR(2048),
+
+	request_object_signing_alg VARCHAR(256),
+
+	user_info_signed_response_alg VARCHAR(256),
+	user_info_encrypted_response_alg VARCHAR(256),
+	user_info_encrypted_response_enc VARCHAR(256),
+
+	id_token_signed_response_alg VARCHAR(256),
+	id_token_encrypted_response_alg VARCHAR(256),
+	id_token_encrypted_response_enc VARCHAR(256),
+
+	token_endpoint_auth_signing_alg VARCHAR(256),
+
+	default_max_age BIGINT,
+	require_auth_time BOOLEAN,
+	created_at TIMESTAMP,
+	initiate_login_uri VARCHAR(2048),
+	clear_access_tokens_on_refresh BOOLEAN DEFAULT true NOT NULL,
+
+	software_statement VARCHAR(4096),
+	software_id VARCHAR(2048),
+	software_version VARCHAR(2048),
+
+	code_challenge_method VARCHAR(256),
+
+	UNIQUE (client_id)
+);
+
+CREATE TABLE IF NOT EXISTS client_request_uri (
+	owner_id BIGINT,
+	request_uri VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS client_post_logout_redirect_uri (
+	owner_id BIGINT,
+	post_logout_redirect_uri VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS client_default_acr_value (
+	owner_id BIGINT,
+	default_acr_value VARCHAR(2000)
+);
+
+CREATE TABLE IF NOT EXISTS client_contact (
+	owner_id BIGINT,
+	contact VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS client_redirect_uri (
+	owner_id BIGINT,
+	redirect_uri VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS client_claims_redirect_uri (
+	owner_id BIGINT,
+	redirect_uri VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS refresh_token (
+	id BIGSERIAL PRIMARY KEY,
+	token_value VARCHAR(4096),
+	expiration TIMESTAMP,
+	auth_holder_id BIGINT,
+	client_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS client_resource (
+	owner_id BIGINT,
+	resource_id VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS client_scope (
+	owner_id BIGINT,
+	scope VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS token_scope (
+	owner_id BIGINT,
+	scope VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS system_scope (
+	id BIGSERIAL PRIMARY KEY,
+	scope VARCHAR(256) NOT NULL,
+	description VARCHAR(4096),
+	icon VARCHAR(256),
+	restricted BOOLEAN DEFAULT false NOT NULL,
+	default_scope BOOLEAN DEFAULT false NOT NULL,
+	UNIQUE (scope)
+);
+
+CREATE TABLE IF NOT EXISTS user_info (
+	id BIGSERIAL PRIMARY KEY,
+	sub VARCHAR(256),
+	preferred_username VARCHAR(256),
+	name VARCHAR(256),
+	given_name VARCHAR(256),
+	family_name VARCHAR(256),
+	middle_name VARCHAR(256),
+	nickname VARCHAR(256),
+	profile VARCHAR(256),
+	picture VARCHAR(256),
+	website VARCHAR(256),
+	email VARCHAR(256),
+	email_verified BOOLEAN,
+	gender VARCHAR(256),
+	zone_info VARCHAR(256),
+	locale VARCHAR(256),
+	phone_number VARCHAR(256),
+	phone_number_verified BOOLEAN,
+	address_id VARCHAR(256),
+	updated_time VARCHAR(256),
+	birthdate VARCHAR(256),
+	src VARCHAR(4096)
+);
+
+CREATE TABLE IF NOT EXISTS whitelisted_site (
+	id BIGSERIAL PRIMARY KEY,
+	creator_user_id VARCHAR(256),
+	client_id VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS whitelisted_site_scope (
+	owner_id BIGINT,
+	scope VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS pairwise_identifier (
+	id BIGSERIAL PRIMARY KEY,
+	identifier VARCHAR(256),
+	sub VARCHAR(256),
+	sector_identifier VARCHAR(2048)
+);
+
+CREATE TABLE IF NOT EXISTS resource_set (
+	id BIGSERIAL PRIMARY KEY,
+	name VARCHAR(1024) NOT NULL,
+	uri VARCHAR(1024),
+	icon_uri VARCHAR(1024),
+	rs_type VARCHAR(256),
+	owner VARCHAR(256) NOT NULL,
+	client_id VARCHAR(256)
+);
+
+CREATE TABLE IF NOT EXISTS resource_set_scope (
+	owner_id BIGINT NOT NULL,
+	scope VARCHAR(256) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS permission_ticket (
+	id BIGSERIAL PRIMARY KEY,
+	ticket VARCHAR(256) NOT NULL,
+	permission_id BIGINT NOT NULL,
+	expiration TIMESTAMP
+);
+
+CREATE TABLE IF NOT EXISTS permission (
+	id BIGSERIAL PRIMARY KEY,
+	resource_set_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS permission_scope (
+	owner_id BIGINT NOT NULL,
+	scope VARCHAR(256) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS claim (
+	id BIGSERIAL PRIMARY KEY,
+	name VARCHAR(256),
+	friendly_name VARCHAR(1024),
+	claim_type VARCHAR(1024),
+	claim_value VARCHAR(1024)
+);
+
+CREATE TABLE IF NOT EXISTS claim_to_policy (
+	policy_id BIGINT NOT NULL,
+	claim_id BIGINT NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS claim_to_permission_ticket (
+	permission_ticket_id BIGINT NOT NULL,
+	claim_id BIGINT NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS policy (
+	id BIGSERIAL PRIMARY KEY,
+	name VARCHAR(1024),
+	resource_set_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS policy_scope (
+	owner_id BIGINT NOT NULL,
+	scope VARCHAR(256) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS claim_token_format (
+	owner_id BIGINT NOT NULL,
+	claim_token_format VARCHAR(1024)
+);
+
+CREATE TABLE IF NOT EXISTS claim_issuer (
+	owner_id BIGINT NOT NULL,
+	issuer VARCHAR(1024)
+);
+
+CREATE TABLE IF NOT EXISTS saved_registered_client (
+	id BIGSERIAL PRIMARY KEY,
+	issuer VARCHAR(1024),
+	registered_client VARCHAR(8192)
+);
+
+CREATE TABLE IF NOT EXISTS device_code (
+	id BIGSERIAL PRIMARY KEY,
+	device_code VARCHAR(1024),
+	user_code VARCHAR(1024),
+	expiration TIMESTAMP NULL,
+	client_id VARCHAR(256),
+	approved BOOLEAN,
+	auth_holder_id BIGINT
+);
+
+CREATE TABLE IF NOT EXISTS device_code_scope (
+	owner_id BIGINT NOT NULL,
+	scope VARCHAR(256) NOT NULL
+);
+
+CREATE TABLE IF NOT EXISTS device_code_request_parameter (
+	owner_id BIGINT,
+	param VARCHAR(2048),
+	val VARCHAR(2048)
+);
diff --git a/openid-connect-server-webapp/src/main/resources/db/psql/scopes.sql b/openid-connect-server-webapp/src/main/resources/db/psql/scopes.sql
new file mode 100644
index 000000000..140c72755
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/psql/scopes.sql
@@ -0,0 +1,33 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+--SET AUTOCOMMIT = OFF;
+
+START TRANSACTION;
+
+--
+-- Insert scope information into the temporary tables.
+-- 
+
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope) VALUES
+  ('openid', 'log in using your identity', 'user', false, true),
+  ('profile', 'basic profile information', 'list-alt', false, true),
+  ('email', 'email address', 'envelope', false, true),
+  ('address', 'physical address', 'home', false, true),
+  ('phone', 'telephone number', 'bell', false, true),
+  ('offline_access', 'offline access', 'time', false, false);
+  
+--
+-- Merge the temporary scopes safely into the database. This is a two-step process to keep scopes from being created on every startup with a persistent store.
+--
+
+INSERT INTO system_scope (scope, description, icon, restricted, default_scope)
+  SELECT scope, description, icon, restricted, default_scope FROM system_scope_TEMP
+  ON CONFLICT(scope)
+  DO NOTHING;
+
+COMMIT;
+
+--SET AUTOCOMMIT = ON;
+
diff --git a/openid-connect-server-webapp/src/main/resources/db/psql/security-schema.sql b/openid-connect-server-webapp/src/main/resources/db/psql/security-schema.sql
new file mode 100644
index 000000000..bc5d70b88
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/psql/security-schema.sql
@@ -0,0 +1,14 @@
+-- 
+-- Tables for Spring Security's user details service
+--
+  
+create table IF NOT EXISTS users(
+      username varchar(50) not null primary key,
+      password varchar(50) not null,
+      enabled boolean not null);
+
+  create table IF NOT EXISTS authorities (
+      username varchar(50) not null,
+      authority varchar(50) not null,
+      constraint fk_authorities_users foreign key(username) references users(username),
+      constraint ix_authority unique (username,authority));
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/resources/db/psql/users.sql b/openid-connect-server-webapp/src/main/resources/db/psql/users.sql
new file mode 100644
index 000000000..537330278
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/db/psql/users.sql
@@ -0,0 +1,55 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+--SET AUTOCOMMIT FALSE;
+
+START TRANSACTION;
+
+--
+-- Insert user information into the temporary tables. To add users to the HSQL database, edit things here.
+-- 
+
+INSERT INTO users_TEMP (username, password, enabled) VALUES
+  ('admin','password',true),
+  ('user','password',true);
+
+
+INSERT INTO authorities_TEMP (username, authority) VALUES
+  ('admin','ROLE_ADMIN'),
+  ('admin','ROLE_USER'),
+  ('user','ROLE_USER');
+    
+-- By default, the username column here has to match the username column in the users table, above
+INSERT INTO user_info_TEMP (sub, preferred_username, name, email, email_verified) VALUES
+  ('90342.ASDFJWFA','admin','Demo Admin','admin@example.com', true),
+  ('01921.FLANRJQW','user','Demo User','user@example.com', true);
+
+ 
+--
+-- Merge the temporary users safely into the database. This is a two-step process to keep users from being created on every startup with a persistent store.
+--
+
+INSERT INTO users
+  SELECT username, password, enabled FROM users_TEMP
+  ON CONFLICT(username)
+  DO NOTHING;
+
+INSERT INTO authorities
+  SELECT username, authority FROM authorities_TEMP
+  ON CONFLICT(username, authority)
+  DO NOTHING;
+
+INSERT INTO user_info (sub, preferred_username, name, email, email_verified)
+  SELECT sub, preferred_username, name, email, email_verified FROM user_info_TEMP
+  ON CONFLICT
+  DO NOTHING;
+    
+-- 
+-- Close the transaction and turn autocommit back on
+-- 
+    
+COMMIT;
+
+--SET AUTOCOMMIT TRUE;
+
diff --git a/openid-connect-server-webapp/src/main/resources/keystore.jwks b/openid-connect-server-webapp/src/main/resources/keystore.jwks
new file mode 100644
index 000000000..461413ffe
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/keystore.jwks
@@ -0,0 +1,12 @@
+{
+  "keys": [
+    {
+      "alg": "RS256",
+      "d": "PvBAngE3kkTnD3yDKo3wCvHJHm20kb9a0FVGLd0s2Y0E_3H2XnZC8-2zPhN6AQTjPhohSDCew20gzm76lyOvMqRiUP2Zpaopa1d2fGvNIQSdM07yKa6EivEYxqPQxa5esoZnexgnb9fom70I8n5OQRNQikwu-az26CsHX2zWMRodzSdN5CXHvb1PV09DmH8azTYwoMElPIqmcTfxiRw2Ov5ucmXXngKRFJgvfUgKd7v4ScBX7sQoQEjWEtt7ta0WvL3Ar5E1RAW4aHxuubZ6AtloxWCf17AAKw03dfP5RDm5TDmgm2B635ecJ7fTvneFmg8W_fdMTPRfBlCGNBp3wQ",
+      "e": "AQAB",
+      "n": "qt6yOiI_wCoCVlGO0MySsez0VkSqhPvDl3rfabOslx35mYEO-n4ABfIT5Gn2zN-CeIcOZ5ugAXvIIRWv5H55-tzjFazi5IKkOIMCiz5__MtsdxKCqGlZu2zt-BLpqTOAPiflNPpM3RUAlxKAhnYEqNha6-allPnFQupnW_eTYoyuzuedT7dSp90ry0ZcQDimntXWeaSbrYKCj9Rr9W1jn2uTowUuXaScKXTCjAmJVnsD75JNzQfa8DweklTyWQF-Y5Ky039I0VIu-0CIGhXY48GAFe2EFb8VpNhf07DP63p138RWQ1d3KPEM9mYJVpQC68j3wzDQYSljpLf9by7TGw",
+      "kty": "RSA",
+      "kid": "rsa1"
+    }
+  ]
+}
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/resources/log4j.xml b/openid-connect-server-webapp/src/main/resources/log4j.xml
new file mode 100644
index 000000000..caed28b32
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/resources/log4j.xml
@@ -0,0 +1,83 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Portions copyright 2011-2013 The MITRE Corporation
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<!DOCTYPE log4j:configuration PUBLIC "-//APACHE//DTD LOG4J 1.2//EN" "log4j.dtd">
+<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/">
+
+	<!-- Appenders -->
+	<appender name="console" class="org.apache.log4j.ConsoleAppender">
+		<param name="Target" value="System.out" />
+		<layout class="org.apache.log4j.PatternLayout">
+			<param name="ConversionPattern" value="%-5p: %c - %m%n" />
+		</layout>
+	</appender>
+
+	<!-- Application Loggers -->
+	<logger name="org.mitre.openid">
+		<level value="info" />
+	</logger>
+	<logger name="org.mitre.oauth2">
+		<level value="info" />
+	</logger>
+	<logger name="org.mitre.discovery">
+		<level value="info" />
+	</logger>
+	<logger name="org.mitre.jose">
+		<level value="info" />
+	</logger>
+	<logger name="org.mitre.jwt">
+		<level value="info" />
+	</logger>
+	<logger name="org.mitre.util">
+		<level value="info" />
+	</logger>
+	<logger name="org.mitre.uma">
+		<level value="info" />
+	</logger>
+	<logger name="org.mitre.data">
+		<level value="info" />
+	</logger>
+					
+	<!-- 3rdparty Loggers -->
+	<logger name="org.springframework.core">
+		<level value="info" />
+	</logger>
+
+	<logger name="org.springframework.beans">
+		<level value="info" />
+	</logger>
+
+	<logger name="org.springframework.context">
+		<level value="info" />
+	</logger>
+
+	<logger name="org.springframework.web">
+		<level value="info" />
+	</logger>
+
+	<logger name="org.springframework.security">
+		<level value="warn" />
+	</logger>
+
+	<!-- Root Logger -->
+	<root>
+		<priority value="warn" />
+		<appender-ref ref="console" />
+	</root>
+
+</log4j:configuration>
diff --git a/openid-connect-server-webapp/src/main/webapp/META-INF/MANIFEST.MF b/openid-connect-server-webapp/src/main/webapp/META-INF/MANIFEST.MF
new file mode 100644
index 000000000..59499bce4
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/META-INF/MANIFEST.MF
@@ -0,0 +1,2 @@
+Manifest-Version: 1.0
+
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/application-context.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/application-context.xml
new file mode 100644
index 000000000..480b5780c
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/application-context.xml
@@ -0,0 +1,314 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Portions copyright 2011-2013 The MITRE Corporation
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xmlns:util="http://www.springframework.org/schema/util"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+	<!-- Scan for components -->
+	<context:component-scan annotation-config="true" base-package="org.mitre" />
+
+	<!-- Enables the Spring MVC @Controller programming model -->
+	<tx:annotation-driven transaction-manager="transactionManager" />
+	<mvc:annotation-driven ignore-default-model-on-redirect="true">
+		<mvc:message-converters>
+			<bean class="org.springframework.http.converter.StringHttpMessageConverter" />
+			<bean class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter" />
+		</mvc:message-converters>
+	</mvc:annotation-driven>
+
+	<mvc:interceptors>
+		<mvc:interceptor>
+			<!-- Exclude APIs and other machine-facing endpoints from these interceptors -->
+			<mvc:mapping path="/**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.openid.connect.web.JWKSetPublishingEndpoint).URL}**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.discovery.web.DiscoveryEndpoint).WELL_KNOWN_URL}/**" />
+			<mvc:exclude-mapping path="/resources/**" />
+			<mvc:exclude-mapping path="/token**"/>
+			<mvc:exclude-mapping path="/#{T(org.mitre.openid.connect.web.DynamicClientRegistrationEndpoint).URL}/**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.openid.connect.web.ProtectedResourceRegistrationEndpoint).URL}/**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.openid.connect.web.UserInfoEndpoint).URL}**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.openid.connect.web.RootController).API_URL}/**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.oauth2.web.DeviceEndpoint).URL}/**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.oauth2.web.IntrospectionEndpoint).URL}**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.oauth2.web.RevocationEndpoint).URL}**" />
+					 
+			<!-- Inject the UserInfo into the response -->
+			<bean id="userInfoInterceptor" class="org.mitre.openid.connect.web.UserInfoInterceptor" />
+		</mvc:interceptor>
+		<mvc:interceptor>
+			<!-- Exclude APIs and other machine-facing endpoints from these interceptors -->
+			<mvc:mapping path="/**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.openid.connect.web.JWKSetPublishingEndpoint).URL}**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.discovery.web.DiscoveryEndpoint).WELL_KNOWN_URL}/**" />
+			<mvc:exclude-mapping path="/resources/**" />
+			<mvc:exclude-mapping path="/token**"/>
+			<mvc:exclude-mapping path="/#{T(org.mitre.openid.connect.web.DynamicClientRegistrationEndpoint).URL}/**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.openid.connect.web.ProtectedResourceRegistrationEndpoint).URL}/**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.openid.connect.web.UserInfoEndpoint).URL}**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.openid.connect.web.RootController).API_URL}/**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.oauth2.web.DeviceEndpoint).URL}/**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.oauth2.web.IntrospectionEndpoint).URL}**" />
+			<mvc:exclude-mapping path="/#{T(org.mitre.oauth2.web.RevocationEndpoint).URL}**" />
+			<!-- Inject the server configuration into the response -->
+			<bean id="serverConfigInterceptor" class="org.mitre.openid.connect.web.ServerConfigInterceptor" />
+		</mvc:interceptor>
+	</mvc:interceptors>
+
+	<mvc:default-servlet-handler />
+
+	<!-- Bean to hold configuration properties -->
+	<import resource="server-config.xml" />
+
+	<!-- Import the data context -->
+	<import resource="data-context.xml" />
+
+	<!-- SPEL processors -->
+	<security:global-method-security pre-post-annotations="enabled" proxy-target-class="true" authentication-manager-ref="authenticationManager">
+		<!--you could also wire in the expression handler up at the layer of the http filters. See https://jira.springsource.org/browse/SEC-1452 -->
+		<security:expression-handler ref="oauthExpressionHandler" />
+	</security:global-method-security>
+
+	<oauth:expression-handler id="oauthExpressionHandler" />
+
+	<oauth:web-expression-handler id="oauthWebExpressionHandler" />
+
+	<!-- Spring Security configuration -->
+
+	<oauth:resource-server id="resourceServerFilter" token-services-ref="defaultOAuth2ProviderTokenService" stateless="false" />
+
+	<security:http pattern="/token" 
+		create-session="stateless"
+		authentication-manager-ref="clientAuthenticationManager"
+		entry-point-ref="oauthAuthenticationEntryPoint"
+		use-expressions="true">
+		
+		<security:intercept-url pattern="/token" access="permitAll" method="OPTIONS" /> <!-- allow OPTIONS calls without auth for CORS stuff -->
+		<security:intercept-url pattern="/token" access="isAuthenticated()" />
+		<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
+		<!-- include this only if you need to authenticate clients via request parameters -->
+		<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
+		<security:custom-filter ref="clientCredentialsEndpointFilter" after="BASIC_AUTH_FILTER" />
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:access-denied-handler ref="oauthAccessDeniedHandler" />
+		<security:csrf disabled="true"/>
+	</security:http>
+
+	<!-- Allow open access to discovery endpoints -->
+	<security:http pattern="/#{T(org.mitre.openid.connect.web.JWKSetPublishingEndpoint).URL}**" use-expressions="true" entry-point-ref="http403EntryPoint" create-session="stateless">
+		<security:intercept-url pattern="/#{T(org.mitre.openid.connect.web.JWKSetPublishingEndpoint).URL}**" access="permitAll"/>
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:csrf disabled="true"/>
+	</security:http>
+	<security:http pattern="/#{T(org.mitre.discovery.web.DiscoveryEndpoint).WELL_KNOWN_URL}/**" use-expressions="true" entry-point-ref="http403EntryPoint" create-session="stateless">
+		<security:intercept-url pattern="/#{T(org.mitre.discovery.web.DiscoveryEndpoint).WELL_KNOWN_URL}/**" access="permitAll"/>
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:csrf disabled="true"/>
+	</security:http>
+
+	<!-- Allow open access to all static resources -->	
+	<security:http pattern="/resources/**" use-expressions="true" entry-point-ref="http403EntryPoint" create-session="stateless">
+		<security:intercept-url pattern="/resources/**" access="permitAll"/>
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:csrf disabled="true"/>
+	</security:http>
+	
+	<!-- OAuth-protect API and other endpoints -->
+	<security:http pattern="/#{T(org.mitre.openid.connect.web.DynamicClientRegistrationEndpoint).URL}/**" use-expressions="true" entry-point-ref="oauthAuthenticationEntryPoint" create-session="stateless">
+		<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:expression-handler ref="oauthWebExpressionHandler" />
+		<security:intercept-url pattern="/register/**" access="permitAll"/>
+		<security:csrf disabled="true"/>
+	</security:http>
+
+	<security:http pattern="/#{T(org.mitre.openid.connect.web.ProtectedResourceRegistrationEndpoint).URL}/**" use-expressions="true" entry-point-ref="oauthAuthenticationEntryPoint" create-session="stateless">
+		<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:expression-handler ref="oauthWebExpressionHandler" />
+		<security:intercept-url pattern="/resource/**" access="permitAll"/>
+		<security:csrf disabled="true"/>
+	</security:http>
+
+	<security:http pattern="/#{T(org.mitre.openid.connect.web.UserInfoEndpoint).URL}**" use-expressions="true" entry-point-ref="oauthAuthenticationEntryPoint" create-session="stateless">
+		<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:expression-handler ref="oauthWebExpressionHandler" />
+		<security:csrf disabled="true"/>
+	</security:http>
+
+ 	<security:http pattern="/#{T(org.mitre.openid.connect.web.RootController).API_URL}/**" use-expressions="true" entry-point-ref="oauthAuthenticationEntryPoint" create-session="never">
+		<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
+		<security:expression-handler ref="oauthWebExpressionHandler" />
+		<security:csrf disabled="true"/>
+	</security:http>
+	
+ 	<security:http pattern="/#{T(org.mitre.oauth2.web.DeviceEndpoint).URL}/**" 
+ 		use-expressions="true" 
+ 		entry-point-ref="oauthAuthenticationEntryPoint" 
+ 		create-session="stateless"
+ 		authentication-manager-ref="clientAuthenticationManager">
+		<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
+		<!-- include this only if you need to authenticate clients via request parameters -->
+		<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
+		<security:custom-filter ref="clientCredentialsEndpointFilter" after="BASIC_AUTH_FILTER" />
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:access-denied-handler ref="oauthAccessDeniedHandler" />
+		<security:csrf disabled="true"/>
+	</security:http>
+	
+	<security:http pattern="/#{T(org.mitre.oauth2.web.IntrospectionEndpoint).URL}**" 
+			use-expressions="true" 
+			entry-point-ref="oauthAuthenticationEntryPoint" 
+			create-session="stateless"
+			authentication-manager-ref="clientAuthenticationManager">
+		<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
+		<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
+		<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:custom-filter ref="clientCredentialsEndpointFilter" after="BASIC_AUTH_FILTER" />
+		<security:csrf disabled="true"/>
+	</security:http>
+
+	<security:http pattern="/#{T(org.mitre.oauth2.web.RevocationEndpoint).URL}**"
+			use-expressions="true" 
+			entry-point-ref="oauthAuthenticationEntryPoint" 
+			create-session="stateless"
+			authentication-manager-ref="clientAuthenticationManager">
+		<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
+		<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
+		<security:custom-filter ref="clientAssertionEndpointFilter" after="PRE_AUTH_FILTER" /> <!-- this one has to go first -->
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:custom-filter ref="clientCredentialsEndpointFilter" after="BASIC_AUTH_FILTER" />
+		<security:csrf disabled="true"/>
+	</security:http>
+
+	<bean id="oauthAuthenticationEntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
+		<property name="realmName" value="openidconnect" />
+	</bean>
+
+	<bean id="http403EntryPoint" class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" />
+
+	<!-- Additional endpoints for extensions (such as UMA) -->
+	
+	<import resource="endpoint-config.xml" />
+
+	<!-- SECOAUTH Authorization Server -->
+
+	<import resource="authz-config.xml" />
+
+	<bean id="oauth2ExceptionTranslator" class="org.springframework.security.oauth2.provider.error.DefaultWebResponseExceptionTranslator" />
+
+	<bean id="clientAuthMatcher" class="org.mitre.openid.connect.filter.MultiUrlRequestMatcher">
+		<constructor-arg name="filterProcessesUrls">
+			<set>
+				<value>/introspect</value>
+				<value>/revoke</value>
+				<value>/token</value>
+			</set>
+		</constructor-arg>
+	</bean>
+
+	<bean id="clientCredentialsEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
+		<property name="authenticationManager" ref="clientAuthenticationManager" />
+		<property name="requiresAuthenticationRequestMatcher" ref="clientAuthMatcher" />
+	</bean>
+	
+	<bean id="clientAssertionEndpointFilter" class="org.mitre.openid.connect.assertion.JWTBearerClientAssertionTokenEndpointFilter">
+		<constructor-arg name="additionalMatcher" ref="clientAuthMatcher" />
+		<property name="authenticationManager" ref="clientAssertionAuthenticationManager" />
+	</bean>
+
+	<security:authentication-manager id="clientAuthenticationManager">
+		<security:authentication-provider user-service-ref="clientUserDetailsService" />
+		<security:authentication-provider user-service-ref="uriEncodedClientUserDetailsService" />
+	</security:authentication-manager>
+
+	<security:authentication-manager id="clientAssertionAuthenticationManager">
+		<security:authentication-provider ref="clientAssertionAuthenticationProvider" />
+	</security:authentication-manager>
+	
+	<bean id="clientAssertionAuthenticationProvider" class="org.mitre.openid.connect.assertion.JWTBearerAuthenticationProvider" />
+
+	<!-- Configure locale information -->
+	<import resource="locale-config.xml" />
+
+	<!-- user services -->
+	<import resource="user-context.xml" />
+	
+	<!-- assertion processing -->
+	<import resource="assertion-config.xml" />
+
+	<!-- End Spring Security configuration -->
+
+	<!-- JPA -->
+
+	<import resource="jpa-config.xml" />
+
+	<!-- End JPA -->
+
+	<!-- Crypto -->
+
+	<import resource="crypto-config.xml" />
+
+	<!-- End Crypto -->
+
+	<!-- View configuration -->
+
+	<!-- Handles HTTP GET requests for /resources/** by efficiently serving 
+		up static resources in the ${webappRoot}/resources directory -->
+	<mvc:resources mapping="/resources/**" location="/resources/" />
+
+	<!-- Resolves views selected for rendering by @Controllers to .jsp resources 
+		in the /WEB-INF/views directory -->
+	<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
+		<property name="viewClass" value="org.springframework.web.servlet.view.JstlView" />
+		<property name="prefix" value="/WEB-INF/views/" />
+		<property name="suffix" value=".jsp" />
+		<property name="order" value="2" />
+	</bean>
+
+	<!-- Resolve views based on string names -->
+	<bean class="org.springframework.web.servlet.view.BeanNameViewResolver">
+		<property name="order" value="1" />
+	</bean>
+
+	<!-- End view configuration -->
+
+	<!--Import scheduled task configuration -->
+	<import resource="task-config.xml" />
+	
+	<!-- Import configuration for front-end (JavaScript) UI components -->
+	<import resource="ui-config.xml" />
+
+	<!-- import application-local configuration information (such as bean definitions) -->
+	<import resource="local-config.xml" />
+
+</beans>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/assertion-config.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/assertion-config.xml
new file mode 100644
index 000000000..0ec4ce7f6
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/assertion-config.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+	<!-- validate incoming tokens for JWT assertions -->
+	<bean id="jwtAssertionValidator" class="org.mitre.jwt.assertion.impl.NullAssertionValidator" />
+
+	<!-- translate incoming assertions to token authorization objects -->
+	<bean id="jwtAssertionTokenFactory" class="org.mitre.oauth2.assertion.impl.DirectCopyRequestFactory" />
+
+	<!-- validate client software statements for dynamic registration -->
+<!-- 	<bean id="clientAssertionValidator" class="org.mitre.jwt.assertion.impl.NullAssertionValidator" /> -->
+	
+	<!-- this class will pass assertions signed by the issuers and keys in the whitelist -->
+	<bean id="clientAssertionValidator" class="org.mitre.jwt.assertion.impl.WhitelistedIssuerAssertionValidator">
+		<property name="whitelist">
+			<map>
+				<entry key="http://artemesia.local" value="http://localhost:8080/openid-connect-server-webapp/jwk" />
+			</map>
+		</property>
+	</bean>
+
+
+</beans>
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/authz-config.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/authz-config.xml
new file mode 100644
index 000000000..3b7a4faa8
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/authz-config.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+
+	<oauth:authorization-server 
+		client-details-service-ref="defaultOAuth2ClientDetailsEntityService"
+		authorization-request-manager-ref="connectOAuth2RequestFactory" 
+		token-services-ref="defaultOAuth2ProviderTokenService" 
+		user-approval-handler-ref="tofuUserApprovalHandler" 
+		request-validator-ref="oauthRequestValidator"
+		redirect-resolver-ref="blacklistAwareRedirectResolver"
+		authorization-endpoint-url="/authorize" 
+		token-endpoint-url="/token"
+		error-page="/error">
+		
+		<oauth:authorization-code authorization-code-services-ref="defaultOAuth2AuthorizationCodeService"/>
+		<oauth:implicit />
+		<oauth:refresh-token/>
+		<oauth:client-credentials/>
+		<oauth:custom-grant token-granter-ref="chainedTokenGranter" />
+		<oauth:custom-grant token-granter-ref="jwtAssertionTokenGranter" />
+		<oauth:custom-grant token-granter-ref="deviceTokenGranter" />
+
+	</oauth:authorization-server>
+
+	<bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />
+
+	<bean id="oauthRequestValidator" class="org.mitre.oauth2.token.ScopeServiceAwareOAuth2RequestValidator" />
+
+	<!-- Error page handler. -->
+	<mvc:view-controller path="/error" view-name="error" />
+
+</beans>
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/crypto-config.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/crypto-config.xml
new file mode 100644
index 000000000..c1e47a8dc
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/crypto-config.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Portions copyright 2011-2013 The MITRE Corporation
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+	<bean id="defaultKeyStore" class="org.mitre.jose.keystore.JWKSetKeyStore">
+		<property name="location" value="classpath:keystore.jwks" />
+	</bean>
+	
+	<bean id="defaultsignerService" class="org.mitre.jwt.signer.service.impl.DefaultJWTSigningAndValidationService">
+		<constructor-arg name="keyStore" ref="defaultKeyStore" />
+		<property name="defaultSignerKeyId" value="rsa1" />
+ 		<property name="defaultSigningAlgorithmName" value="RS256" />
+	</bean>
+
+	<bean id="defaultEncryptionService" class="org.mitre.jwt.encryption.service.impl.DefaultJWTEncryptionAndDecryptionService">
+		<constructor-arg name="keyStore" ref="defaultKeyStore" />
+		<property name="defaultAlgorithm" value="RSA1_5" />
+		<property name="defaultDecryptionKeyId" value="rsa1" />
+		<property name="defaultEncryptionKeyId" value="rsa1" />
+	</bean>
+
+</beans>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/data-context.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/data-context.xml
new file mode 100644
index 000000000..67d8bd146
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/data-context.xml
@@ -0,0 +1,128 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Portions copyright 2011-2013 The MITRE Corporation
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	   xmlns:jdbc="http://www.springframework.org/schema/jdbc"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+       						http://www.springframework.org/schema/jdbc http://www.springframework.org/schema/jdbc/spring-jdbc-4.3.xsd">
+
+	<bean id="dataSource" class="com.zaxxer.hikari.HikariDataSource" destroy-method="close">
+		<property name="driverClassName" value="org.hsqldb.jdbcDriver" />
+		<property name="jdbcUrl" value="jdbc:hsqldb:mem:oic;sql.syntax_mys=true" />
+<!-- 		<property name="jdbcUrl" value="jdbc:hsqldb:file:/tmp/oic;sql.syntax_mys=true" /> -->
+		<property name="username" value="oic" />
+		<property name="password" value="oic" />
+	</bean>
+
+	<!-- Use the following to set up the OIC tables in the in-memory DB
+ 		   If you are using a file based HSQLDB you should not run this every time. -->
+	<jdbc:initialize-database data-source="dataSource">
+		<jdbc:script location="classpath:/db/hsql/hsql_database_tables.sql"/>
+		<!-- The following file is for the jdbc-user-service spring security implementation -->
+		<jdbc:script location="classpath:/db/hsql/security-schema.sql"/>
+		<!-- The following files are for safely bootstrapping users and clients into the database -->
+		<jdbc:script location="classpath:/db/hsql/loading_temp_tables.sql"/>
+		<jdbc:script location="classpath:/db/hsql/users.sql"/>
+		<jdbc:script location="classpath:/db/hsql/clients.sql"/>
+		<jdbc:script location="classpath:/db/hsql/scopes.sql"/>
+	</jdbc:initialize-database>
+
+	<bean id="jpaAdapter" class="org.springframework.orm.jpa.vendor.EclipseLinkJpaVendorAdapter">
+ 		<property name="databasePlatform" value="org.eclipse.persistence.platform.database.HSQLPlatform" />
+		<property name="showSql" value="true" />
+	</bean>
+
+	<!--  The following is for connecting to a MySQL database that has been initialized with 
+			src/main/resources/db/mysql/mysql_database_tables.sql -->
+<!-- 	<bean id="dataSource" class="com.zaxxer.hikari.HikariDataSource" destroy-method="close"> -->
+<!-- 		<property name="driverClassName" value="com.mysql.jdbc.Driver" /> -->
+<!-- 		<property name="jdbcUrl" value="jdbc:mysql://127.0.0.1:3306/oic" /> -->
+<!-- 		<property name="username" value="oic" /> -->
+<!-- 		<property name="password" value="oic" /> -->
+<!--  	</bean> -->
+
+<!-- 	<bean id="jpaAdapter" class="org.springframework.orm.jpa.vendor.EclipseLinkJpaVendorAdapter"> -->
+<!-- 		<property name="databasePlatform" value="org.eclipse.persistence.platform.database.MySQLPlatform" /> -->
+<!-- 		<property name="showSql" value="true" /> -->
+<!-- 	</bean> -->
+
+	<!-- You can optionally initialize the database with test values here, 
+		but this is not recommended for real systems -->
+<!-- 	<jdbc:initialize-database data-source="dataSource"> -->
+<!-- 		<jdbc:script location="classpath:/db/tables/mysql_database_tables.sql"/> -->
+<!-- 		<jdbc:script location="classpath:/db/tables/security-schema.sql"/> -->
+<!-- 		<jdbc:script location="classpath:/db/tables/loading_temp_tables.sql"/> -->
+<!-- 		<jdbc:script location="classpath:/db/mysql/users.sql"/> -->
+<!-- 		<jdbc:script location="classpath:/db/mysql/clients.sql"/> -->
+<!-- 		<jdbc:script location="classpath:/db/mysql/scopes.sql"/> -->
+<!-- 	</jdbc:initialize-database> -->
+
+	<!--  The following is for connecting to a PostgreSQL database that has been initialized with
+			src/main/resources/db/psql/psql_database_tables.sql -->
+	<!--
+	<bean id="dataSource" class="com.zaxxer.hikari.HikariDataSource" destroy-method="close">
+		<property name="driverClassName" value="org.postgresql.Driver" />
+		<property name="jdbcUrl" value="jdbc:postgresql://localhost/oic" />
+		<property name="username" value="oic" />
+		<property name="password" value="oic" />
+	</bean>
+
+
+	<bean id="jpaAdapter" class="org.springframework.orm.jpa.vendor.EclipseLinkJpaVendorAdapter">
+		<property name="databasePlatform" value="org.eclipse.persistence.platform.database.PostgreSQLPlatform" />
+		<property name="showSql" value="true" />
+	</bean>
+	-->
+	
+	<!-- You can optionally initialize the database with test values here, 
+		but this is not recommended for real systems -->
+<!-- 	<jdbc:initialize-database data-source="dataSource"> -->
+<!-- 		<jdbc:script location="classpath:/db/psql/psql_database_tables.sql"/> -->
+<!-- 		<jdbc:script location="classpath:/db/psql/security-schema.sql"/> -->
+<!-- 		<jdbc:script location="classpath:/db/psql/loading_temp_tables.sql"/> -->
+<!-- 		<jdbc:script location="classpath:/db/psql/users.sql"/> -->
+<!-- 		<jdbc:script location="classpath:/db/psql/clients.sql"/> -->
+<!-- 		<jdbc:script location="classpath:/db/psql/scopes.sql"/> -->
+<!-- 	</jdbc:initialize-database> -->
+
+	<!--  The following is for connecting to a Oracle database that has been initialized with
+			src/main/resources/db/oracle/oracle_database_tables.sql -->
+	<!--<bean id="dataSource" class="com.zaxxer.hikari.HikariDataSource" destroy-method="close">
+		<property name="driverClassName" value="oracle.jdbc.driver.OracleDriver" />
+		<property name="jdbcUrl" value="jdbc:oracle:thin:@localhost:1521:XE" />
+		<property name="username" value="oic" />
+		<property name="password" value="oic" />
+	</bean>-->
+
+	<!--<bean id="jpaAdapter" class="org.springframework.orm.jpa.vendor.EclipseLinkJpaVendorAdapter">
+		<property name="databasePlatform" value="org.eclipse.persistence.platform.database.OraclePlatform" />
+		<property name="showSql" value="true" />
+	</bean>-->
+
+	<!-- Use the following to set up the OIC tables in the Oracle DB
+		   Below scripts are intended to be run once at startup. -->
+	<!--<jdbc:initialize-database data-source="dataSource">
+		<jdbc:script location="classpath:/db/oracle/oracle_database_tables.sql"/>
+		<jdbc:script location="classpath:/db/oracle/security-schema_oracle.sql"/>
+		<jdbc:script location="classpath:/db/oracle/loading_temp_tables_oracle.sql"/>
+		<jdbc:script location="classpath:/db/oracle/users_oracle.sql"/>
+		<jdbc:script location="classpath:/db/oracle/clients_oracle.sql"/>
+		<jdbc:script location="classpath:/db/oracle/scopes_oracle.sql"/>
+	</jdbc:initialize-database>-->
+</beans>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/endpoint-config.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/endpoint-config.xml
new file mode 100644
index 000000000..14fbcf2ea
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/endpoint-config.xml
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+
+<!-- This file allows you to define additional endpoints, it's normally empty in the OIDC server and has entries in the UMA server -->
+
+</beans>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/jpa-config.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/jpa-config.xml
new file mode 100644
index 000000000..592d56a2e
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/jpa-config.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+	<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
+		<property name="entityManagerFactory" ref="entityManagerFactory" />
+		<qualifier value="defaultTransactionManager" />
+	</bean>
+
+	<bean id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
+		<property name="packagesToScan" value="org.mitre" />
+		<property name="persistenceProviderClass" value="org.eclipse.persistence.jpa.PersistenceProvider" />
+		<property name="dataSource" ref="dataSource" />
+		<property name="jpaVendorAdapter" ref="jpaAdapter" />
+		<property name="jpaPropertyMap">
+			<map>
+				<entry key="eclipselink.weaving" value="false" />
+				<entry key="eclipselink.logging.level" value="INFO" />
+				<entry key="eclipselink.logging.level.sql" value="INFO" />
+				<entry key="eclipselink.cache.shared.default" value="false" />
+			</map>
+		</property>
+		<property name="persistenceUnitName" value="defaultPersistenceUnit" />
+		<!-- uncomment for Oracle -->
+		<!--<property name="mappingResources" value="db/oracle/entity-mappings_oracle.xml" />-->
+	</bean>
+
+
+</beans>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/local-config.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/local-config.xml
new file mode 100644
index 000000000..3e5fef8e8
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/local-config.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Portions copyright 2011-2013 The MITRE Corporation
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+
+<!-- Empty: Override this file in your local project to change configuration options. -->
+
+</beans>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/locale-config.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/locale-config.xml
new file mode 100644
index 000000000..60cdb6b0f
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/locale-config.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+	<bean id="messageSource" class="org.mitre.openid.connect.config.JsonMessageSource">
+		<property name="baseDirectory" value="/resources/js/locale/" />
+		<property name="useCodeAsDefaultMessage" value="true" />
+	</bean>
+
+	<bean id="localeResolver" class="org.mitre.openid.connect.config.ConfigurationBeanLocaleResolver" />
+
+</beans>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/server-config.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/server-config.xml
new file mode 100644
index 000000000..544f01c98
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/server-config.xml
@@ -0,0 +1,77 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Portions copyright 2011-2013 The MITRE Corporation
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+	<bean id="configBean" class="org.mitre.openid.connect.config.ConfigurationPropertiesBean">
+	    
+	    <!-- This property sets the root URL of the server, known as the issuer -->
+		<property name="issuer" value="http://localhost:8080/openid-connect-server-webapp/" />
+		
+		<!-- This property is a URL pointing to a logo image 24px high to be used in the top bar -->
+ 		<property name="logoImageUrl" value="resources/images/openid_connect_small.png" />
+ 		
+ 		<!-- This property sets the display name of the server, displayed in the topbar and page title -->
+ 		<property name="topbarTitle" value="OpenID Connect Server" />
+ 		
+		<!-- This property sets the lifetime of registration access tokens, in seconds. Leave it unset (null) for no rotation. -->
+		<!-- <property name="regTokenLifeTime" value="172800" /> -->
+		
+		<!-- This property forces the issuer value to start with "https", recommended on production servers -->
+		<!-- <property name="forceHttps" value="true" /> -->
+		
+		<!-- This property sets the locale for server text -->
+		<!-- <property name="locale" value="sv" /> -->
+
+		<!-- This property sets the set of namespaces for language translation files. The default is "messages". These are checked in the order presented here. -->
+		<!-- 
+		<property name="languageNamespaces">
+			<list>
+				<value>foo</value>
+				<value>bar</value>
+				<value>messages</value>
+			</list>
+		</property>
+		-->
+
+		<!-- This property indicates if a dynamically registered client supports dual flows, such as client_credentials
+		at the same time with authorization_code or implicit -->
+		<!-- <property name="dualClient" value="true" /> -->
+		
+		<!-- This property turns on HEART compliance mode -->
+		<!-- <property name="heartMode" value="true" /> -->
+
+        <!-- This property allows the server to create and accept fully-composed 
+        user URIs (with the user-code emebedded) for the device flow -->
+        <!-- <property name="allowCompleteDeviceCodeUri" value="true" /> -->
+
+	</bean>
+	
+</beans>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/spring-servlet.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/spring-servlet.xml
new file mode 100644
index 000000000..9306834d0
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/spring-servlet.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Portions copyright 2011-2013 The MITRE Corporation
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+<!-- This file has been left blank -->
+<!-- Feel free to override this by using a maven overlay. -->
+<!-- see: https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/wiki/Maven-Overlay-Project-How-To/ -->
+
+</beans>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/actionmenu.tag b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/actionmenu.tag
new file mode 100644
index 000000000..d391a30ad
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/actionmenu.tag
@@ -0,0 +1,20 @@
+<%@ tag language="java" pageEncoding="UTF-8"%>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+<%@ taglib prefix="security"
+	uri="http://www.springframework.org/security/tags"%>
+<security:authorize access="hasRole('ROLE_ADMIN')">
+	<li class="nav-header"><spring:message code="sidebar.administrative.title"/></li>
+	<li><a href="manage/#admin/clients" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.administrative.manage_clients"/></a></li>
+	<li><a href="manage/#admin/whitelists" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.administrative.whitelisted_clients"/></a></li>
+	<li><a href="manage/#admin/blacklist" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.administrative.blacklisted_clients"/></a></li>
+	<li><a href="manage/#admin/scope" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.administrative.system_scopes"/></a></li>
+	<li class="divider"></li>
+</security:authorize>
+<li class="nav-header"><spring:message code="sidebar.personal.title"/></li>
+<li><a href="manage/#user/approved" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.personal.approved_sites"/></a></li>
+<li><a href="manage/#user/tokens" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.personal.active_tokens"/></a></li>
+<li><a href="manage/#user/profile" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.personal.profile_information"/></a></li>
+<li class="divider"></li>
+<li class="nav-header"><spring:message code="sidebar.developer.title"/></li>
+<li><a href="manage/#dev/dynreg" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.developer.client_registration"/></a><li>
+<li><a href="manage/#dev/resource" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.developer.resource_registration"/></a><li>
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/copyright.tag b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/copyright.tag
new file mode 100644
index 000000000..4b0aa920a
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/copyright.tag
@@ -0,0 +1,4 @@
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<c:if test="${ config.heartMode }"><span class="pull-left"><img src="resources/images/heart_mode.png" alt="HEART Mode" title="This server is running in HEART Compliance Mode" /></span> </c:if>
+<spring:message code="copyright" arguments="${project.version}"/>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/footer.tag b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/footer.tag
new file mode 100644
index 000000000..2b95de6dc
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/footer.tag
@@ -0,0 +1,45 @@
+<%@ attribute name="js" required="false"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<div id="push"></div>
+</div>
+<!-- end #wrap -->
+<div id="footer">
+	<div class="container">
+		<p class="muted credit">
+			<o:copyright />
+		</p>
+	</div>
+</div>
+<!-- javascript
+================================================== -->
+<!-- Placed at the end of the document so the pages load faster -->
+<script type="text/javascript" src="resources/bootstrap2/js/bootstrap.js"></script>
+<script type="text/javascript" src="resources/js/lib/underscore.js"></script>
+<script type="text/javascript" src="resources/js/lib/backbone.js"></script>
+<script type="text/javascript" src="resources/js/lib/purl.js"></script>
+<script type="text/javascript" src="resources/js/lib/bootstrapx-clickover.js"></script>
+<script type="text/javascript" src="resources/js/lib/bootstrap-sheet.js"></script>
+<script type="text/javascript" src="resources/js/lib/bootpag.js"></script>
+<script type="text/javascript" src="resources/js/lib/retina.js"></script>
+<c:if test="${js != null && js != ''}">
+	<script type="text/javascript">
+	
+		// set up a global variable for UI components to hang extensions off of
+		
+		var ui = {
+			templates: ["resources/template/admin.html"], // template files to load for UI
+			routes: [], // routes to add to the UI {path: URI to map to, name: unique name for internal use, callback: function to call when route is activated}
+			init: [] // functions to call after initialization is complete
+		};
+	
+	</script>
+	<c:forEach var="file" items="${ ui.jsFiles }">
+		<script type="text/javascript" src="<c:out value="${ file }" />" ></script>
+	</c:forEach>
+	<script type="text/javascript" src="resources/js/admin.js"></script>
+</c:if>
+<div id="templates" class="hide"></div>
+</body>
+</html>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/header.tag b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/header.tag
new file mode 100644
index 000000000..f4b4430cf
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/header.tag
@@ -0,0 +1,86 @@
+<%@attribute name="title" required="false"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+<%@ tag import="com.google.gson.Gson" %>
+<!DOCTYPE html>
+<html lang="${pageContext.response.locale}">
+<head>
+
+    <base href="${config.issuer}">
+
+    <meta charset="utf-8">
+    <title>${config.topbarTitle} - ${title}</title>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="">
+
+    <!-- stylesheets -->
+    <link href="resources/bootstrap2/css/bootstrap.css" rel="stylesheet">
+    <link href="resources/css/bootstrap-sheet.css" rel="stylesheet">
+    <link href="resources/css/mitreid-connect.css" rel="stylesheet">
+    <link href="resources/css/mitreid-connect-local.css" rel="stylesheet">
+    <link href="resources/bootstrap2/css/bootstrap-responsive.css" rel="stylesheet">
+    <link href="resources/css/mitreid-connect-responsive.css" rel="stylesheet">
+    <link href="resources/css/mitreid-connect-responsive-local.css" rel="stylesheet">
+
+    <!-- HTML5 shim, for IE6-8 support of HTML5 elements -->
+    <!--[if lt IE 9]>
+    <script src="resources/js/lib/html5.js"></script>
+    <![endif]-->
+
+    <!-- favico -->
+    <link rel="shortcut icon" href="resources/images/mitreid-connect.ico">
+
+    <!-- Load jQuery up here so that we can use in-page functions -->
+    <script type="text/javascript" src="resources/js/lib/jquery.js"></script>
+    <script type="text/javascript" charset="UTF-8" src="resources/js/lib/moment-with-locales.js"></script>
+    <script type="text/javascript" src="resources/js/lib/i18next.js"></script>
+    <script type="text/javascript">
+        $.i18n.init({
+            fallbackLng: "en",
+            lng: "${config.locale}",
+            resGetPath: "resources/js/locale/__lng__/__ns__.json",
+            ns: {
+            	namespaces: ${config.languageNamespacesString},
+            	defaultNs: '${config.defaultLanguageNamespace}'
+            },
+            fallbackNS: ${config.languageNamespacesString}
+        });
+        moment.locale("${config.locale}");
+    	// safely set the title of the application
+    	function setPageTitle(title) {
+    		document.title = "${config.topbarTitle} - " + title;
+    	}
+    	
+		// get the info of the current user, if available (null otherwise)
+    	function getUserInfo() {
+    		return ${userInfoJson};
+    	}
+		
+		// get the authorities of the current user, if available (null otherwise)
+		function getUserAuthorities() {
+			return ${userAuthorities};
+		}
+		
+		// is the current user an admin?
+		// NOTE: this is just for  
+		function isAdmin() {
+			var auth = getUserAuthorities();
+			if (auth && _.contains(auth, "ROLE_ADMIN")) {
+				return true;
+			} else {
+				return false;
+			}
+		}
+		
+		var heartMode = ${config.heartMode};
+		
+    </script>    
+</head>
+
+<body>
+
+<div id="wrap">
+
+<!-- Start body -->
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/navmenu.tag b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/navmenu.tag
new file mode 100644
index 000000000..78bfe15cb
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/navmenu.tag
@@ -0,0 +1,39 @@
+<%@attribute name="pageName"%>
+<%@ tag language="java" pageEncoding="UTF-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+<%@ taglib prefix="security"
+	uri="http://www.springframework.org/security/tags"%>
+
+<c:choose>
+	<c:when test="${pageName == 'Home'}">
+		<li class="active"><a href="" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="topbar.home"/></a></li>
+	</c:when>
+	<c:otherwise>
+		<li><a href="" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="topbar.home"/></a></li>
+	</c:otherwise>
+</c:choose>
+<c:choose>
+	<c:when test="${pageName == 'About'}">
+		<li class="active" data-toggle="collapse" data-target=".nav-collapse"><a href=""><spring:message code="topbar.about"/></a></li>
+	</c:when>
+	<c:otherwise>
+		<li><a href="about" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="topbar.about"/></a></li>
+	</c:otherwise>
+</c:choose>
+<c:choose>
+	<c:when test="${pageName == 'Statistics'}">
+		<li class="active" data-toggle="collapse" data-target=".nav-collapse"><a href=""><spring:message code="topbar.statistics"/></a></li>
+	</c:when>
+	<c:otherwise>
+		<li><a href="stats" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="topbar.statistics"/></a></li>
+	</c:otherwise>
+</c:choose>
+<c:choose>
+	<c:when test="${pageName == 'Contact'}">
+		<li class="active" data-toggle="collapse" data-target=".nav-collapse"><a href=""><spring:message code="topbar.contact"/></a></li>
+	</c:when>
+	<c:otherwise>
+		<li><a href="contact" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="topbar.contact"/></a></li>
+	</c:otherwise>
+</c:choose>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/sidebar.tag b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/sidebar.tag
new file mode 100644
index 000000000..93f78c871
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/sidebar.tag
@@ -0,0 +1,18 @@
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+
+
+<security:authorize access="hasRole('ROLE_USER')">
+	<div class="span2 visible-desktop">
+	    <div class="well sidebar-nav">
+	        <ul class="nav nav-list">
+	        	<o:actionmenu />
+	        </ul>
+	    </div><!--/.well -->
+	</div><!--/span-->
+</security:authorize>
+<security:authorize access="!hasRole('ROLE_USER')">
+	<div class="span1">
+		<!-- placeholder for non-logged-in users -->
+	</div><!--/span-->
+</security:authorize>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/topbar.tag b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/topbar.tag
new file mode 100644
index 000000000..1bce4a1c5
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/tags/topbar.tag
@@ -0,0 +1,107 @@
+<%@attribute name="pageName" required="false"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags"%>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<c:choose>
+	<c:when test="${ not empty userInfo.preferredUsername }">
+		<c:set var="shortName" value="${ userInfo.preferredUsername }" />
+	</c:when>
+	<c:otherwise>
+		<c:set var="shortName" value="${ userInfo.sub }" />
+	</c:otherwise>
+</c:choose>
+<c:choose>
+	<c:when test="${ not empty userInfo.name }">
+		<c:set var="longName" value="${ userInfo.name }" />
+	</c:when>
+	<c:otherwise>
+		<c:choose>
+			<c:when test="${ not empty userInfo.givenName || not empty userInfo.familyName }">
+				<c:set var="longName" value="${ userInfo.givenName } ${ userInfo.familyName }" />
+			</c:when>
+			<c:otherwise>
+				<c:set var="longName" value="${ shortName }" />
+			</c:otherwise>
+		</c:choose>
+	</c:otherwise>
+</c:choose>
+<div class="navbar navbar-fixed-top">
+	<div class="navbar-inner">
+		<div class="container">
+			<button class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
+				<span class="icon-bar"></span> 
+				<span class="icon-bar"></span> 
+				<span class="icon-bar"></span>
+			</button>
+			<a class="brand" href="">
+				<img src="${ config.logoImageUrl }" />
+				<span>
+					<span class="visible-phone">${config.shortTopbarTitle}</span> 
+					<span class="hidden-phone">${config.topbarTitle}</span>
+				</span>
+			</a>
+			<c:if test="${ not empty pageName }">
+				<div class="nav-collapse collapse">
+					<ul class="nav">
+						<o:navmenu pageName="${ pageName }" />
+					</ul>
+	
+					<security:authorize access="hasRole('ROLE_USER')">
+	
+						<ul class="nav hidden-desktop">
+						<o:actionmenu />
+						</ul>
+
+					</security:authorize>
+	
+					<!-- use a full user menu and button when not collapsed -->
+					<ul class="nav pull-right visible-desktop">
+	                    <security:authorize access="hasRole('ROLE_USER')">
+						<li class="dropdown">
+							<a id="userButton" class="dropdown-toggle" data-toggle="dropdown" href=""><i class="icon-user icon-white"></i> ${ shortName } <span class="caret"></span></a>
+							<ul class="dropdown-menu pull-right">
+								<li><a href="manage/#user/profile" data-toggle="collapse" data-target=".nav-collapse">${ longName }</a></li>
+								<li class="divider"></li>
+								<li><a href="" data-toggle="collapse" data-target=".nav-collapse" class="logoutLink"><i class="icon-remove"></i> <spring:message code="topbar.logout"/></a></li>
+							</ul>
+						</li>
+	                    </security:authorize>
+	                    <security:authorize access="!hasRole('ROLE_USER')">
+	                    <li>
+	                    	<a id="loginButton" href="login" data-toggle="collapse" data-target=".nav-collapse"><i class="icon-lock icon-white"></i> <spring:message code="topbar.login"/></a>
+	                    </li>
+	                    </security:authorize>
+	                </ul>
+	                
+	                <!--  use a simplified user button system when collapsed -->
+	                <ul class="nav hidden-desktop">
+	                    <security:authorize access="hasRole('ROLE_USER')">
+						<li><a href="manage/#user/profile">${ longName }</a></li>
+						<li class="divider"></li>
+						<li><a href="" class="logoutLink"><i class="icon-remove"></i> <spring:message code="topbar.logout"/></a></li>
+	                    </security:authorize>
+	                    <security:authorize access="!hasRole('ROLE_USER')">
+	                    <li>
+	                    	<a href="login" data-toggle="collapse" data-target=".nav-collapse"><i class="icon-lock"></i> <spring:message code="topbar.login"/></a>
+	                    </li>
+	                    </security:authorize>
+	                </ul>
+	                <form action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }logout" method="POST" class="hidden" id="logoutForm">
+						<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
+					</form>
+	                
+	            </div><!--/.nav-collapse -->
+			</c:if>
+        </div>
+    </div>
+</div>
+
+<script type="text/javascript">
+	$(document).ready(function() {
+		$('.logoutLink').on('click', function(e) {
+			e.preventDefault();
+			$('#logoutForm').submit();
+		});
+	});
+</script>
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/task-config.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/task-config.xml
new file mode 100644
index 000000000..2b7513328
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/task-config.xml
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Portions copyright 2011-2013 The MITRE Corporation
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:task="http://www.springframework.org/schema/task"
+	xsi:schemaLocation="http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task-4.3.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd">
+
+	<!-- Configuration for scheduled tasks -->
+	<task:scheduler id="taskScheduler" pool-size="10" /> 
+	<task:executor id="taskExecutor" pool-size="5" /> 
+	<task:annotation-driven scheduler="taskScheduler" executor="taskExecutor" /> 
+	
+	<!-- Schedule the token service and approved site service to clear out expired tokens and sites every 5 minutes -->
+	<task:scheduled-tasks scheduler="taskScheduler">
+	    <task:scheduled ref="defaultOAuth2ProviderTokenService" method="clearExpiredTokens" fixed-delay="300000" initial-delay="600000"/>
+	    <task:scheduled ref="defaultApprovedSiteService" method="clearExpiredSites" fixed-delay="300000" initial-delay="600000"/>
+	    <task:scheduled ref="defaultOAuth2AuthorizationCodeService" method="clearExpiredAuthorizationCodes" fixed-delay="300000" initial-delay="600000"/>
+	    <task:scheduled ref="defaultDeviceCodeService" method="clearExpiredDeviceCodes" fixed-delay="300000" initial-delay="600000"/>
+	</task:scheduled-tasks>
+
+</beans>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/ui-config.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/ui-config.xml
new file mode 100644
index 000000000..99951d230
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/ui-config.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+
+<!-- This file allows you to define components to the UI -->
+
+	<bean class="org.mitre.openid.connect.config.UIConfiguration" id="uiConfiguration">
+		<property name="jsFiles">
+			<set>
+				<value>resources/js/client.js</value>
+				<value>resources/js/grant.js</value>
+				<value>resources/js/scope.js</value>
+				<value>resources/js/whitelist.js</value>
+				<value>resources/js/dynreg.js</value>
+				<value>resources/js/rsreg.js</value>
+				<value>resources/js/token.js</value>
+				<value>resources/js/blacklist.js</value>
+				<value>resources/js/profile.js</value>
+			</set>
+		</property>
+		
+	</bean>
+
+
+</beans>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/user-context.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/user-context.xml
new file mode 100644
index 000000000..2aff94363
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/user-context.xml
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Portions copyright 2011-2013 The MITRE Corporation
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+	<security:authentication-manager id="authenticationManager">
+		<security:authentication-provider>
+			<security:jdbc-user-service data-source-ref="dataSource"/>
+		</security:authentication-provider>
+	</security:authentication-manager>
+		
+	<mvc:view-controller path="/login" view-name="login" />
+
+	<security:http authentication-manager-ref="authenticationManager"> 
+	
+		<security:intercept-url pattern="/authorize" access="hasRole('ROLE_USER')" />
+		<security:intercept-url pattern="/**" access="permitAll" />
+		
+		<security:form-login login-page="/login" authentication-failure-url="/login?error=failure" authentication-success-handler-ref="authenticationTimeStamper" />
+		<security:custom-filter ref="authRequestFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:logout logout-url="/logout" />
+		<security:anonymous />
+		<security:expression-handler ref="oauthWebExpressionHandler" />
+		<security:headers>
+			<security:frame-options policy="DENY" />
+		</security:headers>
+		<security:csrf />
+	</security:http>	
+
+</beans>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/about.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/about.jsp
new file mode 100644
index 000000000..1bf74f8b5
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/about.jsp
@@ -0,0 +1,29 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags"%>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+
+<!-- TODO: highlight proper section of topbar; what is the right way to do this? -->
+<spring:message code="about.title" var="title"/>
+<o:header title="${title}"/>
+<o:topbar pageName="About"/>
+<div class="container-fluid main">
+	<div class="row-fluid">
+		<o:sidebar />
+		<div class="span10">
+			<!-- Main hero unit for a primary marketing message or call to action -->
+			<div class="hero-unit">
+
+				<h2><spring:message code="about.title"/></h2>
+				<p>
+				<spring:message code="about.body"/>
+				</p>
+
+			</div>
+
+
+		</div>
+	</div>
+</div>
+<o:footer/>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp
new file mode 100644
index 000000000..4d3dda8ce
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approve.jsp
@@ -0,0 +1,320 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ page import="org.springframework.security.core.AuthenticationException"%>
+<%@ page import="org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException"%>
+<%@ page import="org.springframework.security.web.WebAttributes"%>
+<%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+
+<spring:message code="approve.title" var="title"/>
+<o:header title="${title}"/>
+<o:topbar pageName="Approve" />
+<div class="container main">
+	<% if (session.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION) != null && !(session.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION) instanceof UnapprovedClientAuthenticationException)) { %>
+	<div class="alert-message error">
+		<a href="#" class="close">&times;</a>
+
+		<p><strong><spring:message code="approve.error.not_granted"/></strong> 
+			(<%= ((AuthenticationException) session.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION)).getMessage() %>)
+		</p>
+	</div>
+	<% } %>
+	<c:remove scope="session" var="SPRING_SECURITY_LAST_EXCEPTION" />
+
+	<div class="well" style="text-align: center">
+		<h1><spring:message code="approve.required_for"/>&nbsp;
+			<c:choose>
+				<c:when test="${empty client.clientName}">
+					<em><c:out value="${client.clientId}" /></em>
+				</c:when>
+				<c:otherwise>
+					<em><c:out value="${client.clientName}" /></em>
+				</c:otherwise>
+			</c:choose>
+		</h1>
+
+		<form name="confirmationForm"
+			action="${pageContext.request.contextPath.endsWith('/') ? pageContext.request.contextPath : pageContext.request.contextPath.concat('/') }authorize" method="post">
+
+			<div class="row">
+				<div class="span5 offset1 well-small" style="text-align: left">
+					<c:if test="${ client.dynamicallyRegistered }">
+						<c:choose>
+							<c:when test="${ gras }">
+								<!-- client is "generally recognized as safe, display a more muted block -->
+								<div>
+								    <p class="alert alert-info">
+								        <i class="icon-globe"></i>
+								        
+								        <spring:message code="approve.dynamically_registered"/>
+								        
+								   </p>
+								</div>
+							</c:when>
+							<c:otherwise>
+								<!-- client is dynamically registered -->
+								<div class="alert alert-block <c:out value="${ count eq 0 ? 'alert-error' : 'alert-warn' }" />">
+									<h4>
+										<i class="icon-globe"></i> <spring:message code="approve.caution.title"/>:
+									</h4>
+									
+									<p>
+                                    <spring:message code="approve.dynamically_registered" arguments="${ client.createdAt }"/>
+                                    </p>
+                                    <p>
+									<c:choose>
+                                       <c:when test="${count == 0}">
+                                           <spring:message code="approve.caution.message.none" arguments="${count}"/>
+                                       </c:when>
+                                       <c:when test="${count == 1}">
+                                           <spring:message code="approve.caution.message.singular" arguments="${count}"/>
+                                       </c:when>
+									   <c:otherwise>
+                                           <spring:message code="approve.caution.message.plural" arguments="${count}"/>
+									   </c:otherwise>
+								   </c:choose>
+								   </p>
+								</div>
+							</c:otherwise>
+						</c:choose>
+					</c:if>
+
+					<c:if test="${ not empty client.logoUri }">
+						<ul class="thumbnails">
+							<li class="span5">
+								<a class="thumbnail" data-toggle="modal" data-target="#logoModal"><img src="api/clients/${ client.id }/logo" /></a>
+							</li>
+						</ul>
+						<!-- Modal -->
+						<div id="logoModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="logoModalLabel" aria-hidden="true">
+							<div class="modal-header">
+								<button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
+								<h3 id="logoModalLabel">
+									<c:choose>
+										<c:when test="${empty client.clientName}">
+											<em><c:out value="${client.clientId}" /></em>
+										</c:when>
+										<c:otherwise>
+											<em><c:out value="${client.clientName}" /></em>
+										</c:otherwise>
+									</c:choose>
+								</h3>
+							</div>
+							<div class="modal-body">
+								<img src="api/clients/${ client.id }/logo" />
+								<c:if test="${ not empty client.clientUri }">
+									<a href="<c:out value="${ client.clientUri }" />"><c:out value="${ client.clientUri }" /></a>
+								</c:if>
+							</div>
+							<div class="modal-footer">
+								<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
+							</div>
+						</div>
+					</c:if>
+					<c:if test="${ (not empty client.clientDescription) || (not empty client.clientUri) || (not empty client.policyUri) || (not empty client.tosUri) || (not empty contacts) }">
+						<div class="muted moreInformationContainer">
+							<c:out value="${client.clientDescription}" />
+							<c:if test="${ (not empty client.clientUri) || (not empty client.policyUri) || (not empty client.tosUri)  || (not empty contacts) }">
+								<div id="toggleMoreInformation" style="cursor: pointer;">
+									<small><i class="icon-chevron-right"></i> <spring:message code="approve.more_information"/></small>
+								</div>
+								<div id="moreInformation" class="hide">
+									<ul>
+										<c:if test="${ not empty client.clientUri }">
+											<li><spring:message code="approve.home_page"/>: <a href="<c:out value="${ client.clientUri }" />"><c:out value="${ client.clientUri }" /></a></li>
+										</c:if>
+										<c:if test="${ not empty client.policyUri }">
+											<li><spring:message code="Policy"/>: <a href="<c:out value="${ client.policyUri }" />"><c:out value="${ client.policyUri }" /></a></li>
+										</c:if>
+										<c:if test="${ not empty client.tosUri }">
+											<li><spring:message code="approve.terms"/>: <a href="<c:out value="${ client.tosUri }" />"><c:out value="${ client.tosUri }" /></a></li>
+										</c:if>
+										<c:if test="${ (not empty contacts) }">
+											<li><spring:message code="approve.contacts"/>: <c:out value="${ contacts }" /></li>
+										</c:if>
+									</ul>
+								</div>
+							</c:if>
+						</div>
+					</c:if>
+					<div>
+						<c:choose>
+							<c:when test="${ empty client.redirectUris }">
+								<div class="alert alert-block alert-error">
+									<h4>
+										<i class="icon-info-sign"></i> <spring:message code="approve.warning"/>:
+									</h4>
+									<spring:message code="approve.no_redirect_uri"/>
+									<spring:message code="approve.redirect_uri" arguments="${ fn:escapeXml(redirect_uri) }"/>
+								</div>
+							</c:when>
+							<c:otherwise>
+                                <spring:message code="approve.redirect_uri" arguments="${ fn:escapeXml(redirect_uri) }" />
+							</c:otherwise>
+						</c:choose>
+					</div>
+
+					<c:if test="${ client.subjectType == 'PAIRWISE' }">
+						<div class="alert alert-success">
+							<spring:message code="approve.pairwise"/>
+						</div>
+					</c:if>
+
+				</div>
+				<div class="span4">
+					<fieldset style="text-align: left" class="well">
+						<legend style="margin-bottom: 0;"><spring:message code="approve.access_to"/>:</legend>
+
+						<c:if test="${ empty client.scope }">
+								<div class="alert alert-block alert-error">
+									<h4>
+										<i class="icon-info-sign"></i> <spring:message code="approve.warning"/>:
+									</h4>
+									<p>
+									   <spring:message code="approve.no_scopes"/>
+									</p>
+								</div>
+						</c:if>
+
+						<c:forEach var="scope" items="${ scopes }">
+
+							<label for="scope_${ fn:escapeXml(scope.value) }" class="checkbox"> 
+								<input type="checkbox" name="scope_${ fn:escapeXml(scope.value) }" id="scope_${ fn:escapeXml(scope.value) }" value="${ fn:escapeXml(scope.value) }" checked="checked"> 
+								<c:if test="${ not empty scope.icon }">
+									<i class="icon-${ fn:escapeXml(scope.icon) }"></i>
+								</c:if> 
+								<c:choose>
+									<c:when test="${ not empty scope.description }">
+										<c:out value="${ scope.description }" />
+									</c:when>
+									<c:otherwise>
+										<c:out value="${ scope.value }" />
+									</c:otherwise>
+								</c:choose>
+								
+								<c:if test="${ not empty claims[scope.value] }">
+									<span class="claim-tooltip" data-toggle="popover"
+										data-html="true"
+										data-placement="right"
+										data-trigger="hover"
+										data-title="These values will be sent:"
+										data-content="<div style=&quot;text-align: left;&quot;>
+											<ul>
+											<c:forEach var="claim" items="${ claims[scope.value] }">
+												<li>
+												<b><c:out value="${ claim.key }" /></b>: 
+												<c:out value="${ claim.value }" />
+												</li>
+											</c:forEach>
+											</ul>
+											</div>
+										"
+									>
+										<i class="icon-question-sign"></i>
+										
+									</span>
+								</c:if>
+								
+							</label>
+
+						</c:forEach>
+
+					</fieldset>
+
+					<fieldset style="text-align: left" class="well">
+						<legend style="margin-bottom: 0;"><spring:message code="approve.remember.title"/>:</legend>
+						<label for="remember-forever" class="radio"> 
+						<input type="radio" name="remember" id="remember-forever" value="until-revoked"  ${ !consent ? 'checked="checked"' : '' }> 
+							<spring:message code="approve.remember.until_revoke"/>
+						</label> 
+						<label for="remember-hour" class="radio"> 
+						<input type="radio" name="remember" id="remember-hour" value="one-hour">
+							<spring:message code="approve.remember.one_hour"/>
+						</label> 
+						<label for="remember-not" class="radio"> 
+						<input type="radio" name="remember" id="remember-not" value="none" ${ consent ? 'checked="checked"' : '' }>
+							<spring:message code="approve.remember.next_time"/>
+						</label>
+					</fieldset>
+				</div>
+
+			</div>
+
+			<div class="row">
+				<h3>
+						<spring:message code="approve.do_authorize"/> 
+						"<c:choose>
+							<c:when test="${empty client.clientName}">
+								<c:out value="${client.clientId}" />
+							</c:when>
+							<c:otherwise>
+								<c:out value="${client.clientName}" />
+							</c:otherwise>
+						</c:choose>"?
+				</h3>
+                <spring:message code="approve.label.authorize" var="authorize_label"/>
+                <spring:message code="approve.label.deny" var="deny_label"/>
+				<input id="user_oauth_approval" name="user_oauth_approval" value="true" type="hidden" />
+				<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
+				<input name="authorize" value="${authorize_label}" type="submit"
+				onclick="$('#user_oauth_approval').attr('value',true)" class="btn btn-success btn-large" /> 
+				&nbsp; 
+				<input name="deny" value="${deny_label}" type="submit" onclick="$('#user_oauth_approval').attr('value',false)"
+				class="btn btn-secondary btn-large" />
+			</div>
+
+		</form>
+
+	</div>
+</div>
+<script type="text/javascript">
+<!--
+
+$(document).ready(function() {
+		$('.claim-tooltip').popover();
+		$('.claim-tooltip').on('click', function(e) {
+			e.preventDefault();
+			$(this).popover('show');
+		});
+
+		$(document).on('click', '#toggleMoreInformation', function(event) {
+			event.preventDefault();
+			if ($('#moreInformation').is(':visible')) {
+				// hide it
+				$('.moreInformationContainer', this.el).removeClass('alert').removeClass('alert-info').addClass('muted');
+				$('#moreInformation').hide('fast');
+				$('#toggleMoreInformation i').attr('class', 'icon-chevron-right');
+			} else {
+				// show it
+				$('.moreInformationContainer', this.el).addClass('alert').addClass('alert-info').removeClass('muted');
+				$('#moreInformation').show('fast');
+				$('#toggleMoreInformation i').attr('class', 'icon-chevron-down');
+			}
+		});
+		
+    	var creationDate = "<c:out value="${ client.createdAt }" />";
+		var displayCreationDate = $.t('approve.dynamically-registered-unkown');
+		var hoverCreationDate = "";
+		if (creationDate != null && moment(creationDate).isValid()) {
+			creationDate = moment(creationDate);
+			if (moment().diff(creationDate, 'months') < 6) {
+				displayCreationDate = creationDate.fromNow();
+			} else {
+				displayCreationDate = "on " + creationDate.format("LL");
+			}
+			hoverCreationDate = creationDate.format("LLL");
+		}
+		
+		$('#registrationTime').html(displayCreationDate);
+		$('#registrationTime').attr('title', hoverCreationDate);
+
+		
+		
+});
+
+//-->
+</script>
+<o:footer/>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approveDevice.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approveDevice.jsp
new file mode 100644
index 000000000..c49e1e874
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approveDevice.jsp
@@ -0,0 +1,287 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ page import="org.springframework.security.core.AuthenticationException"%>
+<%@ page import="org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException"%>
+<%@ page import="org.springframework.security.web.WebAttributes"%>
+<%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+
+<spring:message code="approve.title" var="title"/>
+<o:header title="${title}"/>
+<o:topbar pageName="Approve" />
+<div class="container main">
+	<% if (session.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION) != null && !(session.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION) instanceof UnapprovedClientAuthenticationException)) { %>
+	<div class="alert-message error">
+		<a href="#" class="close">&times;</a>
+
+		<p><strong><spring:message code="approve.error.not_granted"/></strong> 
+			(<%= ((AuthenticationException) session.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION)).getMessage() %>)
+		</p>
+	</div>
+	<% } %>
+	<c:remove scope="session" var="SPRING_SECURITY_LAST_EXCEPTION" />
+
+	<div class="well" style="text-align: center">
+		<h1><spring:message code="approve.required_for"/>&nbsp;
+			<c:choose>
+				<c:when test="${empty client.clientName}">
+					<em><c:out value="${client.clientId}" /></em>
+				</c:when>
+				<c:otherwise>
+					<em><c:out value="${client.clientName}" /></em>
+				</c:otherwise>
+			</c:choose>
+		</h1>
+
+		<form name="confirmationForm"
+			action="${pageContext.request.contextPath.endsWith('/') ? pageContext.request.contextPath : pageContext.request.contextPath.concat('/') }device/approve" method="post">
+
+			<div class="row">
+				<div class="span5 offset1 well-small" style="text-align: left">
+					<c:if test="${ client.dynamicallyRegistered }">
+						<c:choose>
+							<c:when test="${ gras }">
+								<!-- client is "generally recognized as safe, display a more muted block -->
+								<div>
+								    <p class="alert alert-info">
+								        <i class="icon-globe"></i>
+								        
+								        <spring:message code="approve.dynamically_registered"/>
+								        
+								   </p>
+								</div>
+							</c:when>
+							<c:otherwise>
+								<!-- client is dynamically registered -->
+								<div class="alert alert-block <c:out value="${ count eq 0 ? 'alert-error' : 'alert-warn' }" />">
+									<h4>
+										<i class="icon-globe"></i> <spring:message code="approve.caution.title"/>:
+									</h4>
+									
+									<p>
+                                    <spring:message code="approve.dynamically_registered" arguments="${ client.createdAt }"/>
+                                    </p>
+                                    <p>
+									<c:choose>
+                                       <c:when test="${count == 0}">
+                                           <spring:message code="approve.caution.message.none" arguments="${count}"/>
+                                       </c:when>
+                                       <c:when test="${count == 1}">
+                                           <spring:message code="approve.caution.message.singular" arguments="${count}"/>
+                                       </c:when>
+									   <c:otherwise>
+                                           <spring:message code="approve.caution.message.plural" arguments="${count}"/>
+									   </c:otherwise>
+								   </c:choose>
+								   </p>
+								</div>
+							</c:otherwise>
+						</c:choose>
+					</c:if>
+
+					<c:if test="${ not empty client.logoUri }">
+						<ul class="thumbnails">
+							<li class="span5">
+								<a class="thumbnail" data-toggle="modal" data-target="#logoModal"><img src="api/clients/${ client.id }/logo" /></a>
+							</li>
+						</ul>
+						<!-- Modal -->
+						<div id="logoModal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="logoModalLabel" aria-hidden="true">
+							<div class="modal-header">
+								<button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
+								<h3 id="logoModalLabel">
+									<c:choose>
+										<c:when test="${empty client.clientName}">
+											<em><c:out value="${client.clientId}" /></em>
+										</c:when>
+										<c:otherwise>
+											<em><c:out value="${client.clientName}" /></em>
+										</c:otherwise>
+									</c:choose>
+								</h3>
+							</div>
+							<div class="modal-body">
+								<img src="api/clients/${ client.id }/logo" />
+								<c:if test="${ not empty client.clientUri }">
+									<a href="<c:out value="${ client.clientUri }" />"><c:out value="${ client.clientUri }" /></a>
+								</c:if>
+							</div>
+							<div class="modal-footer">
+								<button class="btn" data-dismiss="modal" aria-hidden="true">Close</button>
+							</div>
+						</div>
+					</c:if>
+					<c:if test="${ (not empty client.clientDescription) || (not empty client.clientUri) || (not empty client.policyUri) || (not empty client.tosUri) || (not empty contacts) }">
+						<div class="muted moreInformationContainer">
+							<c:out value="${client.clientDescription}" />
+							<c:if test="${ (not empty client.clientUri) || (not empty client.policyUri) || (not empty client.tosUri)  || (not empty contacts) }">
+								<div id="toggleMoreInformation" style="cursor: pointer;">
+									<small><i class="icon-chevron-right"></i> <spring:message code="approve.more_information"/></small>
+								</div>
+								<div id="moreInformation" class="hide">
+									<ul>
+										<c:if test="${ not empty client.clientUri }">
+											<li><spring:message code="approve.home_page"/>: <a href="<c:out value="${ client.clientUri }" />"><c:out value="${ client.clientUri }" /></a></li>
+										</c:if>
+										<c:if test="${ not empty client.policyUri }">
+											<li><spring:message code="Policy"/>: <a href="<c:out value="${ client.policyUri }" />"><c:out value="${ client.policyUri }" /></a></li>
+										</c:if>
+										<c:if test="${ not empty client.tosUri }">
+											<li><spring:message code="approve.terms"/>: <a href="<c:out value="${ client.tosUri }" />"><c:out value="${ client.tosUri }" /></a></li>
+										</c:if>
+										<c:if test="${ (not empty contacts) }">
+											<li><spring:message code="approve.contacts"/>: <c:out value="${ contacts }" /></li>
+										</c:if>
+									</ul>
+								</div>
+							</c:if>
+						</div>
+					</c:if>
+
+					<c:if test="${ client.subjectType == 'PAIRWISE' }">
+						<div class="alert alert-success">
+							<spring:message code="approve.pairwise"/>
+						</div>
+					</c:if>
+
+				</div>
+				<div class="span4">
+					<fieldset style="text-align: left" class="well">
+						<legend style="margin-bottom: 0;"><spring:message code="approve.access_to"/>:</legend>
+
+						<c:if test="${ empty client.scope }">
+								<div class="alert alert-block alert-error">
+									<h4>
+										<i class="icon-info-sign"></i> <spring:message code="approve.warning"/>:
+									</h4>
+									<p>
+									   <spring:message code="approve.no_scopes"/>
+									</p>
+								</div>
+						</c:if>
+
+						<ul>
+						<c:forEach var="scope" items="${ scopes }">
+							<li>
+								<c:if test="${ not empty scope.icon }">
+									<i class="icon-${ fn:escapeXml(scope.icon) }"></i>
+								</c:if> 
+								<c:choose>
+									<c:when test="${ not empty scope.description }">
+										<c:out value="${ scope.description }" />
+									</c:when>
+									<c:otherwise>
+										<c:out value="${ scope.value }" />
+									</c:otherwise>
+								</c:choose>
+								
+								<c:if test="${ not empty claims[scope.value] }">
+									<span class="claim-tooltip" data-toggle="popover"
+										data-html="true"
+										data-placement="right"
+										data-trigger="hover"
+										data-title="These values will be sent:"
+										data-content="<div style=&quot;text-align: left;&quot;>
+											<ul>
+											<c:forEach var="claim" items="${ claims[scope.value] }">
+												<li>
+												<b><c:out value="${ claim.key }" /></b>: 
+												<c:out value="${ claim.value }" />
+												</li>
+											</c:forEach>
+											</ul>
+											</div>
+										"
+									>
+										<i class="icon-question-sign"></i>
+										
+									</span>
+								</c:if>
+								</li>
+						</c:forEach>
+						</ul>
+					</fieldset>
+
+				</div>
+
+			</div>
+
+			<div class="row">
+				<h3>
+						<spring:message code="approve.do_authorize"/> 
+						"<c:choose>
+							<c:when test="${empty client.clientName}">
+								<c:out value="${client.clientId}" />
+							</c:when>
+							<c:otherwise>
+								<c:out value="${client.clientName}" />
+							</c:otherwise>
+						</c:choose>"?
+				</h3>
+                <spring:message code="approve.label.authorize" var="authorize_label"/>
+                <spring:message code="approve.label.deny" var="deny_label"/>
+				<input id="user_oauth_approval" name="user_oauth_approval" value="true" type="hidden" />
+				<input type="hidden" name="user_code" value="${ dc.userCode }" />
+				<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
+				<input name="authorize" value="${authorize_label}" type="submit"
+				onclick="$('#user_oauth_approval').attr('value',true)" class="btn btn-success btn-large" /> 
+				&nbsp; 
+				<input name="deny" value="${deny_label}" type="submit" onclick="$('#user_oauth_approval').attr('value',false)"
+				class="btn btn-secondary btn-large" />
+			</div>
+
+		</form>
+
+	</div>
+</div>
+<script type="text/javascript">
+<!--
+
+$(document).ready(function() {
+		$('.claim-tooltip').popover();
+		$('.claim-tooltip').on('click', function(e) {
+			e.preventDefault();
+			$(this).popover('show');
+		});
+
+		$(document).on('click', '#toggleMoreInformation', function(event) {
+			event.preventDefault();
+			if ($('#moreInformation').is(':visible')) {
+				// hide it
+				$('.moreInformationContainer', this.el).removeClass('alert').removeClass('alert-info').addClass('muted');
+				$('#moreInformation').hide('fast');
+				$('#toggleMoreInformation i').attr('class', 'icon-chevron-right');
+			} else {
+				// show it
+				$('.moreInformationContainer', this.el).addClass('alert').addClass('alert-info').removeClass('muted');
+				$('#moreInformation').show('fast');
+				$('#toggleMoreInformation i').attr('class', 'icon-chevron-down');
+			}
+		});
+		
+    	var creationDate = "<c:out value="${ client.createdAt }" />";
+		var displayCreationDate = $.t('approve.dynamically-registered-unkown');
+		var hoverCreationDate = "";
+		if (creationDate != null && moment(creationDate).isValid()) {
+			creationDate = moment(creationDate);
+			if (moment().diff(creationDate, 'months') < 6) {
+				displayCreationDate = creationDate.fromNow();
+			} else {
+				displayCreationDate = "on " + creationDate.format("LL");
+			}
+			hoverCreationDate = creationDate.format("LLL");
+		}
+		
+		$('#registrationTime').html(displayCreationDate);
+		$('#registrationTime').attr('title', hoverCreationDate);
+
+		
+		
+});
+
+//-->
+</script>
+<o:footer/>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/contact.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/contact.jsp
new file mode 100644
index 000000000..cdfcdbcd1
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/contact.jsp
@@ -0,0 +1,29 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags"%>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+
+<!-- TODO: highlight proper section of topbar; what is the right way to do this? -->
+
+<spring:message code="contact.title" var="title"/>
+<o:header title="${title}"/>
+<o:topbar pageName="Contact"/>
+<div class="container-fluid main">
+	<div class="row-fluid">
+		<o:sidebar />
+		<div class="span10">
+			<div class="hero-unit">
+
+				<h2><spring:message code="contact.title"/></h2>
+				<p>
+				<spring:message code="contact.body"/>
+				</p>
+
+			</div>
+
+
+		</div>
+	</div>
+</div>
+<o:footer/>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/deviceApproved.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/deviceApproved.jsp
new file mode 100644
index 000000000..80f601c63
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/deviceApproved.jsp
@@ -0,0 +1,39 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ page import="org.springframework.security.core.AuthenticationException"%>
+<%@ page import="org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException"%>
+<%@ page import="org.springframework.security.web.WebAttributes"%>
+<%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+
+<spring:message code="approve.title" var="title"/>
+<o:header title="${title}"/>
+<o:topbar pageName="Approve" />
+<div class="container main">
+
+	<div class="well" style="text-align: center">
+		<h1><c:choose>
+				<c:when test="${empty client.clientName}">
+					<em><c:out value="${client.clientId}" /></em>
+				</c:when>
+				<c:otherwise>
+					<em><c:out value="${client.clientName}" /></em>
+				</c:otherwise>
+			</c:choose>
+		</h1>
+
+		<c:choose>
+			<c:when test="${ approved }">
+				<div class="text-success"><i class="icon-ok"></i> <spring:message code="device.approve.approved" /></div>
+			</c:when>
+			<c:otherwise>
+				<div class="text-error"><i class="icon-remove"></i> <spring:message code="device.approve.notApproved" /></div>
+			</c:otherwise>
+		</c:choose>
+
+	</div>
+</div>
+<o:footer/>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/error.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/error.jsp
new file mode 100644
index 000000000..66c5f585e
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/error.jsp
@@ -0,0 +1,48 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@page import="org.springframework.http.HttpStatus"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags"%>
+<%@page import="org.springframework.security.oauth2.common.exceptions.OAuth2Exception"%>
+<% 
+
+if (request.getAttribute("error") != null && request.getAttribute("error") instanceof OAuth2Exception) {
+	request.setAttribute("errorCode", ((OAuth2Exception)request.getAttribute("error")).getOAuth2ErrorCode());
+	request.setAttribute("message", ((OAuth2Exception)request.getAttribute("error")).getMessage());
+} else if (request.getAttribute("javax.servlet.error.exception") != null) {
+	Throwable t = (Throwable)request.getAttribute("javax.servlet.error.exception");
+	request.setAttribute("errorCode",  t.getClass().getSimpleName() + " (" + request.getAttribute("javax.servlet.error.status_code") + ")");
+	request.setAttribute("message", t.getMessage());
+} else if (request.getAttribute("javax.servlet.error.status_code") != null) {
+	Integer code = (Integer)request.getAttribute("javax.servlet.error.status_code");
+	HttpStatus status = HttpStatus.valueOf(code);
+	request.setAttribute("errorCode", status.toString() + " " + status.getReasonPhrase());
+	request.setAttribute("message", request.getAttribute("javax.servlet.error.message"));
+} else {
+	request.setAttribute("errorCode", "Server error");
+	request.setAttribute("message", "See the logs for details");
+}
+
+%>
+<spring:message code="error.title" var="title"/>
+<o:header title="${title}" />
+<o:topbar pageName="Error" />
+<div class="container-fluid main">
+	<div class="row-fluid">
+		<div class="offset1 span10">
+			<div class="hero-unit">
+				<h1><span><spring:message code="error.header"/></span>
+					<span class="text-error"><c:out value="${ errorCode }" /></span>
+				</h1>
+				<p>
+					<spring:message code="error.message"/>
+					<blockquote class="text-error"><b><c:out value="${ message }" /></b></blockquote>
+                </p>
+				
+			</div>
+
+		</div>
+	</div>
+</div>
+<o:footer />
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/home.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/home.jsp
new file mode 100644
index 000000000..5fa2495a5
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/home.jsp
@@ -0,0 +1,84 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags"%>
+
+<spring:message code="home.title" var="title"/>
+<o:header title="${title}" />
+<o:topbar pageName="Home" />
+<div class="container-fluid main">
+	<div class="row-fluid">
+		<o:sidebar />
+		<div class="span10">
+			<div class="hero-unit">
+				<div class="row-fluid">
+					<div class="span2 visible-desktop"><img src="resources/images/openid_connect_large.png"/></div>
+					
+					<div class="span10">
+						<h1><spring:message code="home.welcome.title"/></h1>
+						<p><spring:message code="home.welcome.body"/></p>
+					</div>
+				</div>
+			</div>
+			<!-- Example row of columns -->
+			<div class="row-fluid">
+				<div class="span6">
+					<h2><spring:message code="home.about.title"/></h2>
+					
+					<p><spring:message code="home.about.body"/></p>
+					
+					<p><a class="btn" href="http://github.com/mitreid-connect/"><spring:message code="home.more"/> &raquo;</a></p>
+				</div>
+				<div class="span6">
+					<h2><spring:message code="home.contact.title"/></h2>
+					<p>
+					<spring:message code="home.contact.body"/>
+					</p>
+				</div>
+
+			</div>
+			<hr>
+			<!-- Example row of columns -->
+			<div class="row-fluid">
+				<div class="span12">
+					<h2><spring:message code="home.statistics.title"/></h2>
+					
+					<p id="statsloader" class="muted"><spring:message code="home.statistics.loading"/></p>
+					
+					<p id="stats">
+					    <spring:message code="home.statistics.number_users" arguments="?"/>
+					    <spring:message code="home.statistics.number_clients" arguments="?"/>
+					    <spring:message code="home.statistics.number_approvals" arguments="?"/>
+					</p>
+				</div>
+			</div>
+
+		</div>
+	</div>
+</div>
+
+
+<script type="text/javascript">
+// load stats dynamically to make main page render faster
+
+$(document).ready(function() {
+		$('#stats').hide();
+		var base = $('base').attr('href');
+		if (base.substr(-1) !== '/') {
+			base += '/';
+		}
+
+        $.getJSON(base + 'api/stats/summary', function(data) {
+        	var stats = data;
+        	$('#userCount').html(stats.userCount);
+        	$('#clientCount').html(stats.clientCount);
+        	$('#approvalCount').html(stats.approvalCount);
+        	$('#statsloader').hide();
+        	$('#stats').show();
+        	
+        });
+});
+</script>
+
+<o:footer />
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/login.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/login.jsp
new file mode 100644
index 000000000..5be8f9b2a
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/login.jsp
@@ -0,0 +1,51 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+<o:header title="Log In" />
+<script type="text/javascript">
+<!--
+
+$(document).ready(function() {
+	// select the appropriate field based on context
+	$('#<c:out value="${ login_hint != null ? 'j_password' : 'j_username' }" />').focus();
+});
+
+//-->
+</script>
+<o:topbar />
+<div class="container-fluid main">
+
+	<h1><spring:message code="login.login_with_username_and_password"/></h1>
+
+	<c:if test="${ param.error != null }">
+		<div class="alert alert-error"><spring:message code="login.error"/></div>
+	</c:if>
+
+
+	<div class="row-fluid">
+		<div class="span6 offset1 well">
+			<form action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }login" method="POST">
+				<div>
+					<div class="input-prepend input-block-level">
+						<span class="add-on"><i class="icon-user"></i></span>
+						<input type="text" placeholder="<spring:message code="login.username"/>" autocorrect="off" autocapitalize="off" autocomplete="off" spellcheck="false" value="<c:out value="${ login_hint }" />" id="j_username" name="username">
+					</div>
+				</div>
+				<div>
+					<div class="input-prepend input-block-level">
+						<span class="add-on"><i class="icon-lock"></i></span>
+						<input type="password" placeholder="<spring:message code="login.password"/>" autocorrect="off" autocapitalize="off" autocomplete="off" spellcheck="false" id="j_password" name="password">
+					</div>
+				</div>
+				<div>
+					<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
+					<input type="submit" class="btn" value="<spring:message code="login.login-button"/>" name="submit">
+				</div>
+			</form>
+		</div>
+	</div>
+</div>
+
+<o:footer/>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/logoutConfirmation.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/logoutConfirmation.jsp
new file mode 100644
index 000000000..a53199e2f
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/logoutConfirmation.jsp
@@ -0,0 +1,55 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ page import="org.springframework.security.core.AuthenticationException"%>
+<%@ page import="org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException"%>
+<%@ page import="org.springframework.security.web.WebAttributes"%>
+<%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+
+<spring:message code="logout.confirmation.title" var="title"/>
+<o:header title="${title}"/>
+<o:topbar />
+<div class="container main">
+
+	<div class="well" style="text-align: center">
+
+		<h1><spring:message code="logout.confirmation.header"/></h1>
+
+		<form action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }endsession" method="POST">
+
+			<div class="row-fluid">
+				<div class="span12">
+	                <spring:message code="logout.confirmation.submit" var="authorize_label"/>
+	                <spring:message code="logout.confirmation.deny" var="deny_label"/>
+	                <div>
+						<c:if test="${ not empty client }">
+							<!-- display some client information -->
+							<spring:message code="logout.confirmation.requested"/>&nbsp;
+							<c:choose>
+								<c:when test="${empty client.clientName}">
+									<em><c:out value="${client.clientId}" /></em>
+								</c:when>
+								<c:otherwise>
+									<em><c:out value="${client.clientName}" /></em>
+								</c:otherwise>
+							</c:choose>
+						</c:if>
+	                </div>
+	                <div>
+	                	<spring:message code="logout.confirmation.explanation" />
+	                </div>
+					<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
+					<input name="approve" value="${authorize_label}" type="submit" class="btn btn-info btn-large" /> 
+					&nbsp; 
+					<input name="deny" value="${deny_label}" type="submit" class="btn btn-large" />
+				</div>
+			</div>
+
+		</form>
+
+	</div>
+</div>
+<o:footer/>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/manage.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/manage.jsp
new file mode 100644
index 000000000..548819d59
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/manage.jsp
@@ -0,0 +1,47 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+
+<spring:message code="manage.title" var="title"/>
+<o:header title="${title}"/>
+<o:topbar pageName="Home" />
+
+<!-- Modal dialogue for management UI -->
+<div id="modalAlert" class="modal hide fade" tabindex="-1" role="dialog">
+	<div class="modal-header">
+		<button type="button" class="close" data-dismiss="modal">&times;</button>
+		<h3 id="modalAlertLabel"></h3>
+	</div>
+	<div class="modal-body"></div>
+	<div class="modal-footer">
+		<button class="btn btn-primary" data-dismiss="modal"><spring:message code="manage.ok"/></button>
+	</div>
+</div>
+
+<div class="container-fluid main">
+    <div class="row-fluid">
+        <o:sidebar/>
+        <div class="span10">
+            <div class="content span12">
+				<div id="breadcrumbs"></div>
+				<div id="loadingbox" class="sheet hide fade" data-sheet-parent="#breadcrumbs">
+					<div class="sheet-body">
+			                <p><spring:message code="manage.loading"/>:</p>
+			                <p><span id="loading"></span></p>
+	                </div>
+	            </div>
+                <div id="content">
+                	<div class="well">
+	                	<div><h3><spring:message code="manage.loading"/>...</h3></div>
+	               	    <div class="progress progress-striped active">
+							<div class="bar" style="width: 100%;"></div>
+						</div>
+					</div>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<o:footer js="resources/js/admin.js" />
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/postLogout.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/postLogout.jsp
new file mode 100644
index 000000000..03f93974b
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/postLogout.jsp
@@ -0,0 +1,26 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags"%>
+
+<spring:message code="logout.post.title" var="title"/>
+<o:header title="${title}"/>
+<o:topbar />
+<div class="container main">
+
+	<div class="well" style="text-align: center">
+		<h1><spring:message code="logout.post.header" /></h1>
+
+		<security:authorize access="hasRole('ROLE_USER')">
+			<div class=""><spring:message code="logout.post.notLoggedOut" /></div>
+		</security:authorize>
+		<security:authorize access="!hasRole('ROLE_USER')">
+			<div class=""><spring:message code="logout.post.loggedOut" /></div>
+		</security:authorize>
+	</div>
+</div>
+<o:footer/>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/requestUserCode.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/requestUserCode.jsp
new file mode 100644
index 000000000..9551acbff
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/requestUserCode.jsp
@@ -0,0 +1,61 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ page import="org.springframework.security.core.AuthenticationException"%>
+<%@ page import="org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException"%>
+<%@ page import="org.springframework.security.web.WebAttributes"%>
+<%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags"%>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+
+<spring:message code="device.request_code.title" var="title"/>
+<o:header title="${title}"/>
+<o:topbar pageName="Approve" />
+<div class="container main">
+
+	<div class="well" style="text-align: center">
+
+		<h1><spring:message code="device.request_code.header"/></h1>
+
+	<c:if test="${ error != null }">
+		<c:choose>
+			<c:when test="${ error == 'noUserCode' }">
+				<div class="alert alert-error"><spring:message code="device.error.noUserCode"/></div>
+			</c:when>
+			<c:when test="${ error == 'expiredUserCode' }">
+				<div class="alert alert-error"><spring:message code="device.error.expiredUserCode"/></div>
+			</c:when>
+			<c:when test="${ error == 'userCodeAlreadyApproved' }">
+				<div class="alert alert-error"><spring:message code="device.error.userCodeAlreadyApproved"/></div>
+			</c:when>
+			<c:when test="${ error == 'userCodeMismatch' }">
+				<div class="alert alert-error"><spring:message code="device.error.userCodeMismatch"/></div>
+			</c:when>
+			<c:otherwise>
+				<div class="alert alert-error"><spring:message code="device.error.error"/></div>	
+			</c:otherwise>
+		</c:choose>				
+	</c:if>
+
+
+		<form action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }device/verify" method="POST">
+
+			<div class="row-fluid">
+				<div class="span12">
+	                <spring:message code="device.request_code.submit" var="authorize_label"/>
+	                <div>
+		                <div class="input-block-level input-xlarge">
+			                <input type="text" name="user_code" placeholder="code" autocorrect="off" autocapitalize="off" autocomplete="off" spellcheck="false" value="" />
+		                </div>
+	                </div>
+					<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
+					<input name="approve" value="${authorize_label}" type="submit" class="btn btn-info btn-large" /> 
+				</div>
+			</div>
+
+		</form>
+
+	</div>
+</div>
+<o:footer/>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/stats.jsp b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/stats.jsp
new file mode 100644
index 000000000..8e97e6b36
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/stats.jsp
@@ -0,0 +1,28 @@
+<%@ page language="java" contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags"%>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+
+<!-- TODO: highlight proper section of topbar; what is the right way to do this? -->
+
+<spring:message code="statistics.title" var="title"/>
+<o:header title="${title}"/>
+<o:topbar pageName="Statistics"/>
+<div class="container-fluid main">
+    <div class="row-fluid">
+        <o:sidebar/>
+        <div class="span10">
+            <div class="hero-unit">
+				<h2><spring:message code="statistics.title"/></h2>
+				
+				<p>
+				    <spring:message code="statistics.number_users" arguments='${statsSummary["userCount"]}'/>
+				    <spring:message code="statistics.number_clients" arguments='${statsSummary["clientCount"]}'/>
+				    <spring:message code="statistics.number_approvals" arguments='${statsSummary["approvalCount"]}'/>
+				</p>
+            </div>
+        </div>
+    </div>
+</div>
+<o:footer/>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/web.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/web.xml
new file mode 100644
index 000000000..618db1df4
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/web.xml
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Portions copyright 2011-2013 The MITRE Corporation
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
+	metadata-complete="true">
+
+	<absolute-ordering />
+
+	<!-- The definition of the Root Spring Container shared by all Servlets 
+		and Filters -->
+	<context-param>
+		<param-name>contextConfigLocation</param-name>
+		<param-value>
+			/WEB-INF/application-context.xml
+		</param-value>
+	</context-param>
+
+	<!-- Creates the Spring Container shared by all Servlets and Filters -->
+	<listener>
+		<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
+	</listener>
+
+	<!-- filter through Spring Security -->
+
+	<filter>
+		<filter-name>springSecurityFilterChain</filter-name>
+		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
+		<init-param>
+			<param-name>contextAttribute</param-name>
+			<param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.spring</param-value>
+		</init-param>
+	</filter>
+
+	<filter-mapping>
+		<filter-name>springSecurityFilterChain</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
+
+	<!-- Processes application requests -->
+	<servlet>
+		<servlet-name>spring</servlet-name>
+		<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
+		<load-on-startup>1</load-on-startup>
+	</servlet>
+
+	<servlet-mapping>
+		<servlet-name>spring</servlet-name>
+		<url-pattern>/</url-pattern>
+	</servlet-mapping>
+
+	<jsp-config>
+		<jsp-property-group>
+			<url-pattern>*.jsp</url-pattern>
+			<trim-directive-whitespaces>true</trim-directive-whitespaces>
+		</jsp-property-group>
+	</jsp-config>
+	
+	<error-page>
+		<location>/error</location>
+	</error-page>
+	
+</web-app>
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/wro.properties b/openid-connect-server-webapp/src/main/webapp/WEB-INF/wro.properties
new file mode 100644
index 000000000..2bc4d6e62
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/wro.properties
@@ -0,0 +1,17 @@
+###############################################################################
+# Copyright 2018 The MIT Internet Trust Consortium
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+###############################################################################
+preProcessors=cssImport
+postProcessors=lessCss
diff --git a/openid-connect-server-webapp/src/main/webapp/WEB-INF/wro.xml b/openid-connect-server-webapp/src/main/webapp/WEB-INF/wro.xml
new file mode 100644
index 000000000..471fd1843
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/wro.xml
@@ -0,0 +1,23 @@
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<groups xmlns="http://www.isdc.ro/wro">	
+  <group name="bootstrap">
+    <css>/less/bootstrap.less</css>
+  </group>
+  <group name="bootstrap-responsive">
+    <css>/less/bootstrap-responsive.less</css>
+  </group>
+</groups>
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/less/accordion.less b/openid-connect-server-webapp/src/main/webapp/less/accordion.less
new file mode 100644
index 000000000..d63523bc8
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/accordion.less
@@ -0,0 +1,34 @@
+//
+// Accordion
+// --------------------------------------------------
+
+
+// Parent container
+.accordion {
+  margin-bottom: @baseLineHeight;
+}
+
+// Group == heading + body
+.accordion-group {
+  margin-bottom: 2px;
+  border: 1px solid #e5e5e5;
+  .border-radius(@baseBorderRadius);
+}
+.accordion-heading {
+  border-bottom: 0;
+}
+.accordion-heading .accordion-toggle {
+  display: block;
+  padding: 8px 15px;
+}
+
+// General toggle styles
+.accordion-toggle {
+  cursor: pointer;
+}
+
+// Inner needs the styles because you can't animate properly with any styles on the element
+.accordion-inner {
+  padding: 9px 15px;
+  border-top: 1px solid #e5e5e5;
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/alerts.less b/openid-connect-server-webapp/src/main/webapp/less/alerts.less
new file mode 100644
index 000000000..0116b191b
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/alerts.less
@@ -0,0 +1,79 @@
+//
+// Alerts
+// --------------------------------------------------
+
+
+// Base styles
+// -------------------------
+
+.alert {
+  padding: 8px 35px 8px 14px;
+  margin-bottom: @baseLineHeight;
+  text-shadow: 0 1px 0 rgba(255,255,255,.5);
+  background-color: @warningBackground;
+  border: 1px solid @warningBorder;
+  .border-radius(@baseBorderRadius);
+}
+.alert,
+.alert h4 {
+  // Specified for the h4 to prevent conflicts of changing @headingsColor
+  color: @warningText;
+}
+.alert h4 {
+  margin: 0;
+}
+
+// Adjust close link position
+.alert .close {
+  position: relative;
+  top: -2px;
+  right: -21px;
+  line-height: @baseLineHeight;
+}
+
+
+// Alternate styles
+// -------------------------
+
+.alert-success {
+  background-color: @successBackground;
+  border-color: @successBorder;
+  color: @successText;
+}
+.alert-success h4 {
+  color: @successText;
+}
+.alert-danger,
+.alert-error {
+  background-color: @errorBackground;
+  border-color: @errorBorder;
+  color: @errorText;
+}
+.alert-danger h4,
+.alert-error h4 {
+  color: @errorText;
+}
+.alert-info {
+  background-color: @infoBackground;
+  border-color: @infoBorder;
+  color: @infoText;
+}
+.alert-info h4 {
+  color: @infoText;
+}
+
+
+// Block alerts
+// -------------------------
+
+.alert-block {
+  padding-top: 14px;
+  padding-bottom: 14px;
+}
+.alert-block > p,
+.alert-block > ul {
+  margin-bottom: 0;
+}
+.alert-block p + p {
+  margin-top: 5px;
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/bootstrap-responsive.less b/openid-connect-server-webapp/src/main/webapp/less/bootstrap-responsive.less
new file mode 100644
index 000000000..3d4c58cab
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/bootstrap-responsive.less
@@ -0,0 +1,48 @@
+/*!
+ * Bootstrap Responsive v2.3.2
+ *
+ * Copyright 2013 Twitter, Inc
+ * Licensed under the Apache License v2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Designed and built with all the love in the world by @mdo and @fat.
+ */
+
+
+// Responsive.less
+// For phone and tablet devices
+// -------------------------------------------------------------
+
+
+// REPEAT VARIABLES & MIXINS
+// -------------------------
+// Required since we compile the responsive stuff separately
+
+@import "variables.less"; // Modify this for custom colors, font-sizes, etc
+@import "mixins.less";
+
+
+// RESPONSIVE CLASSES
+// ------------------
+
+@import "responsive-utilities.less";
+
+
+// MEDIA QUERIES
+// ------------------
+
+// Large desktops
+@import "responsive-1200px-min.less";
+
+// Tablets to regular desktops
+@import "responsive-768px-979px.less";
+
+// Phones to portrait tablets and narrow desktops
+@import "responsive-767px-max.less";
+
+
+// RESPONSIVE NAVBAR
+// ------------------
+
+// From 979px and below, show a button to toggle navbar contents
+@import "responsive-navbar.less";
diff --git a/openid-connect-server-webapp/src/main/webapp/less/bootstrap.less b/openid-connect-server-webapp/src/main/webapp/less/bootstrap.less
new file mode 100644
index 000000000..3eabae144
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/bootstrap.less
@@ -0,0 +1,63 @@
+/*!
+ * Bootstrap v2.3.2
+ *
+ * Copyright 2013 Twitter, Inc
+ * Licensed under the Apache License v2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Designed and built with all the love in the world by @mdo and @fat.
+ */
+
+// Core variables and mixins
+@import "variables.less"; // Modify this for custom colors, font-sizes, etc
+@import "mixins.less";
+
+// CSS Reset
+@import "reset.less";
+
+// Grid system and page structure
+@import "scaffolding.less";
+@import "grid.less";
+@import "layouts.less";
+
+// Base CSS
+@import "type.less";
+@import "code.less";
+@import "forms.less";
+@import "tables.less";
+
+// Components: common
+@import "sprites.less";
+@import "dropdowns.less";
+@import "wells.less";
+@import "component-animations.less";
+@import "close.less";
+
+// Components: Buttons & Alerts
+@import "buttons.less";
+@import "button-groups.less";
+@import "alerts.less"; // Note: alerts share common CSS with buttons and thus have styles in buttons.less
+
+// Components: Nav
+@import "navs.less";
+@import "navbar.less";
+@import "breadcrumbs.less";
+@import "pagination.less";
+@import "pager.less";
+
+// Components: Popovers
+@import "modals.less";
+@import "tooltip.less";
+@import "popovers.less";
+
+// Components: Misc
+@import "thumbnails.less";
+@import "media.less";
+@import "labels-badges.less";
+@import "progress-bars.less";
+@import "accordion.less";
+@import "carousel.less";
+@import "hero-unit.less";
+
+// Utility classes
+@import "utilities.less"; // Has to be last to override when necessary
diff --git a/openid-connect-server-webapp/src/main/webapp/less/breadcrumbs.less b/openid-connect-server-webapp/src/main/webapp/less/breadcrumbs.less
new file mode 100644
index 000000000..f753df6be
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/breadcrumbs.less
@@ -0,0 +1,24 @@
+//
+// Breadcrumbs
+// --------------------------------------------------
+
+
+.breadcrumb {
+  padding: 8px 15px;
+  margin: 0 0 @baseLineHeight;
+  list-style: none;
+  background-color: #f5f5f5;
+  .border-radius(@baseBorderRadius);
+  > li {
+    display: inline-block;
+    .ie7-inline-block();
+    text-shadow: 0 1px 0 @white;
+    > .divider {
+      padding: 0 5px;
+      color: #ccc;
+    }
+  }
+  > .active {
+    color: @grayLight;
+  }
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/button-groups.less b/openid-connect-server-webapp/src/main/webapp/less/button-groups.less
new file mode 100644
index 000000000..55cdc6033
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/button-groups.less
@@ -0,0 +1,229 @@
+//
+// Button groups
+// --------------------------------------------------
+
+
+// Make the div behave like a button
+.btn-group {
+  position: relative;
+  display: inline-block;
+  .ie7-inline-block();
+  font-size: 0; // remove as part 1 of font-size inline-block hack
+  vertical-align: middle; // match .btn alignment given font-size hack above
+  white-space: nowrap; // prevent buttons from wrapping when in tight spaces (e.g., the table on the tests page)
+  .ie7-restore-left-whitespace();
+}
+
+// Space out series of button groups
+.btn-group + .btn-group {
+  margin-left: 5px;
+}
+
+// Optional: Group multiple button groups together for a toolbar
+.btn-toolbar {
+  font-size: 0; // Hack to remove whitespace that results from using inline-block
+  margin-top: @baseLineHeight / 2;
+  margin-bottom: @baseLineHeight / 2;
+  > .btn + .btn,
+  > .btn-group + .btn,
+  > .btn + .btn-group {
+    margin-left: 5px;
+  }
+}
+
+// Float them, remove border radius, then re-add to first and last elements
+.btn-group > .btn {
+  position: relative;
+  .border-radius(0);
+}
+.btn-group > .btn + .btn {
+  margin-left: -1px;
+}
+.btn-group > .btn,
+.btn-group > .dropdown-menu,
+.btn-group > .popover {
+  font-size: @baseFontSize; // redeclare as part 2 of font-size inline-block hack
+}
+
+// Reset fonts for other sizes
+.btn-group > .btn-mini {
+  font-size: @fontSizeMini;
+}
+.btn-group > .btn-small {
+  font-size: @fontSizeSmall;
+}
+.btn-group > .btn-large {
+  font-size: @fontSizeLarge;
+}
+
+// Set corners individual because sometimes a single button can be in a .btn-group and we need :first-child and :last-child to both match
+.btn-group > .btn:first-child {
+  margin-left: 0;
+  .border-top-left-radius(@baseBorderRadius);
+  .border-bottom-left-radius(@baseBorderRadius);
+}
+// Need .dropdown-toggle since :last-child doesn't apply given a .dropdown-menu immediately after it
+.btn-group > .btn:last-child,
+.btn-group > .dropdown-toggle {
+  .border-top-right-radius(@baseBorderRadius);
+  .border-bottom-right-radius(@baseBorderRadius);
+}
+// Reset corners for large buttons
+.btn-group > .btn.large:first-child {
+  margin-left: 0;
+  .border-top-left-radius(@borderRadiusLarge);
+  .border-bottom-left-radius(@borderRadiusLarge);
+}
+.btn-group > .btn.large:last-child,
+.btn-group > .large.dropdown-toggle {
+  .border-top-right-radius(@borderRadiusLarge);
+  .border-bottom-right-radius(@borderRadiusLarge);
+}
+
+// On hover/focus/active, bring the proper btn to front
+.btn-group > .btn:hover,
+.btn-group > .btn:focus,
+.btn-group > .btn:active,
+.btn-group > .btn.active {
+  z-index: 2;
+}
+
+// On active and open, don't show outline
+.btn-group .dropdown-toggle:active,
+.btn-group.open .dropdown-toggle {
+  outline: 0;
+}
+
+
+
+// Split button dropdowns
+// ----------------------
+
+// Give the line between buttons some depth
+.btn-group > .btn + .dropdown-toggle {
+  padding-left: 8px;
+  padding-right: 8px;
+  .box-shadow(~"inset 1px 0 0 rgba(255,255,255,.125), inset 0 1px 0 rgba(255,255,255,.2), 0 1px 2px rgba(0,0,0,.05)");
+  *padding-top: 5px;
+  *padding-bottom: 5px;
+}
+.btn-group > .btn-mini + .dropdown-toggle {
+  padding-left: 5px;
+  padding-right: 5px;
+  *padding-top: 2px;
+  *padding-bottom: 2px;
+}
+.btn-group > .btn-small + .dropdown-toggle {
+  *padding-top: 5px;
+  *padding-bottom: 4px;
+}
+.btn-group > .btn-large + .dropdown-toggle {
+  padding-left: 12px;
+  padding-right: 12px;
+  *padding-top: 7px;
+  *padding-bottom: 7px;
+}
+
+.btn-group.open {
+
+  // The clickable button for toggling the menu
+  // Remove the gradient and set the same inset shadow as the :active state
+  .dropdown-toggle {
+    background-image: none;
+    .box-shadow(~"inset 0 2px 4px rgba(0,0,0,.15), 0 1px 2px rgba(0,0,0,.05)");
+  }
+
+  // Keep the hover's background when dropdown is open
+  .btn.dropdown-toggle {
+    background-color: @btnBackgroundHighlight;
+  }
+  .btn-primary.dropdown-toggle {
+    background-color: @btnPrimaryBackgroundHighlight;
+  }
+  .btn-warning.dropdown-toggle {
+    background-color: @btnWarningBackgroundHighlight;
+  }
+  .btn-danger.dropdown-toggle {
+    background-color: @btnDangerBackgroundHighlight;
+  }
+  .btn-success.dropdown-toggle {
+    background-color: @btnSuccessBackgroundHighlight;
+  }
+  .btn-info.dropdown-toggle {
+    background-color: @btnInfoBackgroundHighlight;
+  }
+  .btn-inverse.dropdown-toggle {
+    background-color: @btnInverseBackgroundHighlight;
+  }
+}
+
+
+// Reposition the caret
+.btn .caret {
+  margin-top: 8px;
+  margin-left: 0;
+}
+// Carets in other button sizes
+.btn-large .caret {
+  margin-top: 6px;
+}
+.btn-large .caret {
+  border-left-width:  5px;
+  border-right-width: 5px;
+  border-top-width:   5px;
+}
+.btn-mini .caret,
+.btn-small .caret {
+  margin-top: 8px;
+}
+// Upside down carets for .dropup
+.dropup .btn-large .caret {
+  border-bottom-width: 5px;
+}
+
+
+
+// Account for other colors
+.btn-primary,
+.btn-warning,
+.btn-danger,
+.btn-info,
+.btn-success,
+.btn-inverse {
+  .caret {
+    border-top-color: @white;
+    border-bottom-color: @white;
+  }
+}
+
+
+
+// Vertical button groups
+// ----------------------
+
+.btn-group-vertical {
+  display: inline-block; // makes buttons only take up the width they need
+  .ie7-inline-block();
+}
+.btn-group-vertical > .btn {
+  display: block;
+  float: none;
+  max-width: 100%;
+  .border-radius(0);
+}
+.btn-group-vertical > .btn + .btn {
+  margin-left: 0;
+  margin-top: -1px;
+}
+.btn-group-vertical > .btn:first-child {
+  .border-radius(@baseBorderRadius @baseBorderRadius 0 0);
+}
+.btn-group-vertical > .btn:last-child {
+  .border-radius(0 0 @baseBorderRadius @baseBorderRadius);
+}
+.btn-group-vertical > .btn-large:first-child {
+  .border-radius(@borderRadiusLarge @borderRadiusLarge 0 0);
+}
+.btn-group-vertical > .btn-large:last-child {
+  .border-radius(0 0 @borderRadiusLarge @borderRadiusLarge);
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/buttons.less b/openid-connect-server-webapp/src/main/webapp/less/buttons.less
new file mode 100644
index 000000000..4cd4d862b
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/buttons.less
@@ -0,0 +1,228 @@
+//
+// Buttons
+// --------------------------------------------------
+
+
+// Base styles
+// --------------------------------------------------
+
+// Core
+.btn {
+  display: inline-block;
+  .ie7-inline-block();
+  padding: 4px 12px;
+  margin-bottom: 0; // For input.btn
+  font-size: @baseFontSize;
+  line-height: @baseLineHeight;
+  text-align: center;
+  vertical-align: middle;
+  cursor: pointer;
+  .buttonBackground(@btnBackground, @btnBackgroundHighlight, @grayDark, 0 1px 1px rgba(255,255,255,.75));
+  border: 1px solid @btnBorder;
+  *border: 0; // Remove the border to prevent IE7's black border on input:focus
+  border-bottom-color: darken(@btnBorder, 10%);
+  .border-radius(@baseBorderRadius);
+  .ie7-restore-left-whitespace(); // Give IE7 some love
+  .box-shadow(~"inset 0 1px 0 rgba(255,255,255,.2), 0 1px 2px rgba(0,0,0,.05)");
+
+  // Hover/focus state
+  &:hover,
+  &:focus {
+    color: @grayDark;
+    text-decoration: none;
+    background-position: 0 -15px;
+
+    // transition is only when going to hover/focus, otherwise the background
+    // behind the gradient (there for IE<=9 fallback) gets mismatched
+    .transition(background-position .1s linear);
+  }
+
+  // Focus state for keyboard and accessibility
+  &:focus {
+    .tab-focus();
+  }
+
+  // Active state
+  &.active,
+  &:active {
+    background-image: none;
+    outline: 0;
+    .box-shadow(~"inset 0 2px 4px rgba(0,0,0,.15), 0 1px 2px rgba(0,0,0,.05)");
+  }
+
+  // Disabled state
+  &.disabled,
+  &[disabled] {
+    cursor: default;
+    background-image: none;
+    .opacity(65);
+    .box-shadow(none);
+  }
+
+}
+
+
+
+// Button Sizes
+// --------------------------------------------------
+
+// Large
+.btn-large {
+  padding: @paddingLarge;
+  font-size: @fontSizeLarge;
+  .border-radius(@borderRadiusLarge);
+}
+.btn-large [class^="icon-"],
+.btn-large [class*=" icon-"] {
+  margin-top: 4px;
+}
+
+// Small
+.btn-small {
+  padding: @paddingSmall;
+  font-size: @fontSizeSmall;
+  .border-radius(@borderRadiusSmall);
+}
+.btn-small [class^="icon-"],
+.btn-small [class*=" icon-"] {
+  margin-top: 0;
+}
+.btn-mini [class^="icon-"],
+.btn-mini [class*=" icon-"] {
+  margin-top: -1px;
+}
+
+// Mini
+.btn-mini {
+  padding: @paddingMini;
+  font-size: @fontSizeMini;
+  .border-radius(@borderRadiusSmall);
+}
+
+
+// Block button
+// -------------------------
+
+.btn-block {
+  display: block;
+  width: 100%;
+  padding-left: 0;
+  padding-right: 0;
+  .box-sizing(border-box);
+}
+
+// Vertically space out multiple block buttons
+.btn-block + .btn-block {
+  margin-top: 5px;
+}
+
+// Specificity overrides
+input[type="submit"],
+input[type="reset"],
+input[type="button"] {
+  &.btn-block {
+    width: 100%;
+  }
+}
+
+
+
+// Alternate buttons
+// --------------------------------------------------
+
+// Provide *some* extra contrast for those who can get it
+.btn-primary.active,
+.btn-warning.active,
+.btn-danger.active,
+.btn-success.active,
+.btn-info.active,
+.btn-inverse.active {
+  color: rgba(255,255,255,.75);
+}
+
+// Set the backgrounds
+// -------------------------
+.btn-primary {
+  .buttonBackground(@btnPrimaryBackground, @btnPrimaryBackgroundHighlight);
+}
+// Warning appears are orange
+.btn-warning {
+  .buttonBackground(@btnWarningBackground, @btnWarningBackgroundHighlight);
+}
+// Danger and error appear as red
+.btn-danger {
+  .buttonBackground(@btnDangerBackground, @btnDangerBackgroundHighlight);
+}
+// Success appears as green
+.btn-success {
+  .buttonBackground(@btnSuccessBackground, @btnSuccessBackgroundHighlight);
+}
+// Info appears as a neutral blue
+.btn-info {
+  .buttonBackground(@btnInfoBackground, @btnInfoBackgroundHighlight);
+}
+// Inverse appears as dark gray
+.btn-inverse {
+  .buttonBackground(@btnInverseBackground, @btnInverseBackgroundHighlight);
+}
+
+
+// Cross-browser Jank
+// --------------------------------------------------
+
+button.btn,
+input[type="submit"].btn {
+
+  // Firefox 3.6 only I believe
+  &::-moz-focus-inner {
+    padding: 0;
+    border: 0;
+  }
+
+  // IE7 has some default padding on button controls
+  *padding-top: 3px;
+  *padding-bottom: 3px;
+
+  &.btn-large {
+    *padding-top: 7px;
+    *padding-bottom: 7px;
+  }
+  &.btn-small {
+    *padding-top: 3px;
+    *padding-bottom: 3px;
+  }
+  &.btn-mini {
+    *padding-top: 1px;
+    *padding-bottom: 1px;
+  }
+}
+
+
+// Link buttons
+// --------------------------------------------------
+
+// Make a button look and behave like a link
+.btn-link,
+.btn-link:active,
+.btn-link[disabled] {
+  background-color: transparent;
+  background-image: none;
+  .box-shadow(none);
+}
+.btn-link {
+  border-color: transparent;
+  cursor: pointer;
+  color: @linkColor;
+  .border-radius(0);
+}
+.btn-link:hover,
+.btn-link:focus {
+  color: @linkColorHover;
+  text-decoration: underline;
+  background-color: transparent;
+}
+.btn-link[disabled]:hover,
+.btn-link[disabled]:focus {
+  color: @grayDark;
+  text-decoration: none;
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/carousel.less b/openid-connect-server-webapp/src/main/webapp/less/carousel.less
new file mode 100644
index 000000000..55bc05014
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/carousel.less
@@ -0,0 +1,158 @@
+//
+// Carousel
+// --------------------------------------------------
+
+
+.carousel {
+  position: relative;
+  margin-bottom: @baseLineHeight;
+  line-height: 1;
+}
+
+.carousel-inner {
+  overflow: hidden;
+  width: 100%;
+  position: relative;
+}
+
+.carousel-inner {
+
+  > .item {
+    display: none;
+    position: relative;
+    .transition(.6s ease-in-out left);
+
+    // Account for jankitude on images
+    > img,
+    > a > img {
+      display: block;
+      line-height: 1;
+    }
+  }
+
+  > .active,
+  > .next,
+  > .prev { display: block; }
+
+  > .active {
+    left: 0;
+  }
+
+  > .next,
+  > .prev {
+    position: absolute;
+    top: 0;
+    width: 100%;
+  }
+
+  > .next {
+    left: 100%;
+  }
+  > .prev {
+    left: -100%;
+  }
+  > .next.left,
+  > .prev.right {
+    left: 0;
+  }
+
+  > .active.left {
+    left: -100%;
+  }
+  > .active.right {
+    left: 100%;
+  }
+
+}
+
+// Left/right controls for nav
+// ---------------------------
+
+.carousel-control {
+  position: absolute;
+  top: 40%;
+  left: 15px;
+  width: 40px;
+  height: 40px;
+  margin-top: -20px;
+  font-size: 60px;
+  font-weight: 100;
+  line-height: 30px;
+  color: @white;
+  text-align: center;
+  background: @grayDarker;
+  border: 3px solid @white;
+  .border-radius(23px);
+  .opacity(50);
+
+  // we can't have this transition here
+  // because webkit cancels the carousel
+  // animation if you trip this while
+  // in the middle of another animation
+  // ;_;
+  // .transition(opacity .2s linear);
+
+  // Reposition the right one
+  &.right {
+    left: auto;
+    right: 15px;
+  }
+
+  // Hover/focus state
+  &:hover,
+  &:focus {
+    color: @white;
+    text-decoration: none;
+    .opacity(90);
+  }
+}
+
+// Carousel indicator pips
+// -----------------------------
+.carousel-indicators {
+  position: absolute;
+  top: 15px;
+  right: 15px;
+  z-index: 5;
+  margin: 0;
+  list-style: none;
+
+  li {
+    display: block;
+    float: left;
+    width: 10px;
+    height: 10px;
+    margin-left: 5px;
+    text-indent: -999px;
+    background-color: #ccc;
+    background-color: rgba(255,255,255,.25);
+    border-radius: 5px;
+  }
+  .active {
+    background-color: #fff;
+  }
+}
+
+// Caption for text below images
+// -----------------------------
+
+.carousel-caption {
+  position: absolute;
+  left: 0;
+  right: 0;
+  bottom: 0;
+  padding: 15px;
+  background: @grayDark;
+  background: rgba(0,0,0,.75);
+}
+.carousel-caption h4,
+.carousel-caption p {
+  color: @white;
+  line-height: @baseLineHeight;
+}
+.carousel-caption h4 {
+  margin: 0 0 5px;
+}
+.carousel-caption p {
+  margin-bottom: 0;
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/close.less b/openid-connect-server-webapp/src/main/webapp/less/close.less
new file mode 100644
index 000000000..4c626bda6
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/close.less
@@ -0,0 +1,32 @@
+//
+// Close icons
+// --------------------------------------------------
+
+
+.close {
+  float: right;
+  font-size: 20px;
+  font-weight: bold;
+  line-height: @baseLineHeight;
+  color: @black;
+  text-shadow: 0 1px 0 rgba(255,255,255,1);
+  .opacity(20);
+  &:hover,
+  &:focus {
+    color: @black;
+    text-decoration: none;
+    cursor: pointer;
+    .opacity(40);
+  }
+}
+
+// Additional properties for button version
+// iOS requires the button element instead of an anchor tag.
+// If you want the anchor version, it requires `href="#"`.
+button.close {
+  padding: 0;
+  cursor: pointer;
+  background: transparent;
+  border: 0;
+  -webkit-appearance: none;
+}
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/less/code.less b/openid-connect-server-webapp/src/main/webapp/less/code.less
new file mode 100644
index 000000000..266a926e7
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/code.less
@@ -0,0 +1,61 @@
+//
+// Code (inline and blocK)
+// --------------------------------------------------
+
+
+// Inline and block code styles
+code,
+pre {
+  padding: 0 3px 2px;
+  #font > #family > .monospace;
+  font-size: @baseFontSize - 2;
+  color: @grayDark;
+  .border-radius(3px);
+}
+
+// Inline code
+code {
+  padding: 2px 4px;
+  color: #d14;
+  background-color: #f7f7f9;
+  border: 1px solid #e1e1e8;
+  white-space: nowrap;
+}
+
+// Blocks of code
+pre {
+  display: block;
+  padding: (@baseLineHeight - 1) / 2;
+  margin: 0 0 @baseLineHeight / 2;
+  font-size: @baseFontSize - 1; // 14px to 13px
+  line-height: @baseLineHeight;
+  word-break: break-all;
+  word-wrap: break-word;
+  white-space: pre;
+  white-space: pre-wrap;
+  background-color: #f5f5f5;
+  border: 1px solid #ccc; // fallback for IE7-8
+  border: 1px solid rgba(0,0,0,.15);
+  .border-radius(@baseBorderRadius);
+
+  // Make prettyprint styles more spaced out for readability
+  &.prettyprint {
+    margin-bottom: @baseLineHeight;
+  }
+
+  // Account for some code outputs that place code tags in pre tags
+  code {
+    padding: 0;
+    color: inherit;
+    white-space: pre;
+    white-space: pre-wrap;
+    background-color: transparent;
+    border: 0;
+  }
+}
+
+// Enable scrollable blocks of code
+.pre-scrollable {
+  max-height: 340px;
+  overflow-y: scroll;
+}
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/less/component-animations.less b/openid-connect-server-webapp/src/main/webapp/less/component-animations.less
new file mode 100644
index 000000000..d614263a7
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/component-animations.less
@@ -0,0 +1,22 @@
+//
+// Component animations
+// --------------------------------------------------
+
+
+.fade {
+  opacity: 0;
+  .transition(opacity .15s linear);
+  &.in {
+    opacity: 1;
+  }
+}
+
+.collapse {
+  position: relative;
+  height: 0;
+  overflow: hidden;
+  .transition(height .35s ease);
+  &.in {
+    height: auto;
+  }
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/dropdowns.less b/openid-connect-server-webapp/src/main/webapp/less/dropdowns.less
new file mode 100644
index 000000000..9e47b4715
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/dropdowns.less
@@ -0,0 +1,248 @@
+//
+// Dropdown menus
+// --------------------------------------------------
+
+
+// Use the .menu class on any <li> element within the topbar or ul.tabs and you'll get some superfancy dropdowns
+.dropup,
+.dropdown {
+  position: relative;
+}
+.dropdown-toggle {
+  // The caret makes the toggle a bit too tall in IE7
+  *margin-bottom: -3px;
+}
+.dropdown-toggle:active,
+.open .dropdown-toggle {
+  outline: 0;
+}
+
+// Dropdown arrow/caret
+// --------------------
+.caret {
+  display: inline-block;
+  width: 0;
+  height: 0;
+  vertical-align: top;
+  border-top:   4px solid @black;
+  border-right: 4px solid transparent;
+  border-left:  4px solid transparent;
+  content: "";
+}
+
+// Place the caret
+.dropdown .caret {
+  margin-top: 8px;
+  margin-left: 2px;
+}
+
+// The dropdown menu (ul)
+// ----------------------
+.dropdown-menu {
+  position: absolute;
+  top: 100%;
+  left: 0;
+  z-index: @zindexDropdown;
+  display: none; // none by default, but block on "open" of the menu
+  float: left;
+  min-width: 160px;
+  padding: 5px 0;
+  margin: 2px 0 0; // override default ul
+  list-style: none;
+  background-color: @dropdownBackground;
+  border: 1px solid #ccc; // Fallback for IE7-8
+  border: 1px solid @dropdownBorder;
+  *border-right-width: 2px;
+  *border-bottom-width: 2px;
+  .border-radius(6px);
+  .box-shadow(0 5px 10px rgba(0,0,0,.2));
+  -webkit-background-clip: padding-box;
+     -moz-background-clip: padding;
+          background-clip: padding-box;
+
+  // Aligns the dropdown menu to right
+  &.pull-right {
+    right: 0;
+    left: auto;
+  }
+
+  // Dividers (basically an hr) within the dropdown
+  .divider {
+    .nav-divider(@dropdownDividerTop, @dropdownDividerBottom);
+  }
+
+  // Links within the dropdown menu
+  > li > a {
+    display: block;
+    padding: 3px 20px;
+    clear: both;
+    font-weight: normal;
+    line-height: @baseLineHeight;
+    color: @dropdownLinkColor;
+    white-space: nowrap;
+  }
+}
+
+// Hover/Focus state
+// -----------
+.dropdown-menu > li > a:hover,
+.dropdown-menu > li > a:focus,
+.dropdown-submenu:hover > a,
+.dropdown-submenu:focus > a {
+  text-decoration: none;
+  color: @dropdownLinkColorHover;
+  #gradient > .vertical(@dropdownLinkBackgroundHover, darken(@dropdownLinkBackgroundHover, 5%));
+}
+
+// Active state
+// ------------
+.dropdown-menu > .active > a,
+.dropdown-menu > .active > a:hover,
+.dropdown-menu > .active > a:focus {
+  color: @dropdownLinkColorActive;
+  text-decoration: none;
+  outline: 0;
+  #gradient > .vertical(@dropdownLinkBackgroundActive, darken(@dropdownLinkBackgroundActive, 5%));
+}
+
+// Disabled state
+// --------------
+// Gray out text and ensure the hover/focus state remains gray
+.dropdown-menu > .disabled > a,
+.dropdown-menu > .disabled > a:hover,
+.dropdown-menu > .disabled > a:focus {
+  color: @grayLight;
+}
+// Nuke hover/focus effects
+.dropdown-menu > .disabled > a:hover,
+.dropdown-menu > .disabled > a:focus {
+  text-decoration: none;
+  background-color: transparent;
+  background-image: none; // Remove CSS gradient
+  .reset-filter();
+  cursor: default;
+}
+
+// Open state for the dropdown
+// ---------------------------
+.open {
+  // IE7's z-index only goes to the nearest positioned ancestor, which would
+  // make the menu appear below buttons that appeared later on the page
+  *z-index: @zindexDropdown;
+
+  & > .dropdown-menu {
+    display: block;
+  }
+}
+
+// Backdrop to catch body clicks on mobile, etc.
+// ---------------------------
+.dropdown-backdrop {
+  position: fixed;
+  left: 0;
+  right: 0;
+  bottom: 0;
+  top: 0;
+  z-index: @zindexDropdown - 10;
+}
+
+// Right aligned dropdowns
+// ---------------------------
+.pull-right > .dropdown-menu {
+  right: 0;
+  left: auto;
+}
+
+// Allow for dropdowns to go bottom up (aka, dropup-menu)
+// ------------------------------------------------------
+// Just add .dropup after the standard .dropdown class and you're set, bro.
+// TODO: abstract this so that the navbar fixed styles are not placed here?
+.dropup,
+.navbar-fixed-bottom .dropdown {
+  // Reverse the caret
+  .caret {
+    border-top: 0;
+    border-bottom: 4px solid @black;
+    content: "";
+  }
+  // Different positioning for bottom up menu
+  .dropdown-menu {
+    top: auto;
+    bottom: 100%;
+    margin-bottom: 1px;
+  }
+}
+
+// Sub menus
+// ---------------------------
+.dropdown-submenu {
+  position: relative;
+}
+// Default dropdowns
+.dropdown-submenu > .dropdown-menu {
+  top: 0;
+  left: 100%;
+  margin-top: -6px;
+  margin-left: -1px;
+  .border-radius(0 6px 6px 6px);
+}
+.dropdown-submenu:hover > .dropdown-menu {
+  display: block;
+}
+
+// Dropups
+.dropup .dropdown-submenu > .dropdown-menu {
+  top: auto;
+  bottom: 0;
+  margin-top: 0;
+  margin-bottom: -2px;
+  .border-radius(5px 5px 5px 0);
+}
+
+// Caret to indicate there is a submenu
+.dropdown-submenu > a:after {
+  display: block;
+  content: " ";
+  float: right;
+  width: 0;
+  height: 0;
+  border-color: transparent;
+  border-style: solid;
+  border-width: 5px 0 5px 5px;
+  border-left-color: darken(@dropdownBackground, 20%);
+  margin-top: 5px;
+  margin-right: -10px;
+}
+.dropdown-submenu:hover > a:after {
+  border-left-color: @dropdownLinkColorHover;
+}
+
+// Left aligned submenus
+.dropdown-submenu.pull-left {
+  // Undo the float
+  // Yes, this is awkward since .pull-left adds a float, but it sticks to our conventions elsewhere.
+  float: none;
+
+  // Positioning the submenu
+  > .dropdown-menu {
+    left: -100%;
+    margin-left: 10px;
+    .border-radius(6px 0 6px 6px);
+  }
+}
+
+// Tweak nav headers
+// -----------------
+// Increase padding from 15px to 20px on sides
+.dropdown .dropdown-menu .nav-header {
+  padding-left: 20px;
+  padding-right: 20px;
+}
+
+// Typeahead
+// ---------
+.typeahead {
+  z-index: 1051;
+  margin-top: 2px; // give it some space to breathe
+  .border-radius(@baseBorderRadius);
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/forms.less b/openid-connect-server-webapp/src/main/webapp/less/forms.less
new file mode 100644
index 000000000..06767bdd3
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/forms.less
@@ -0,0 +1,690 @@
+//
+// Forms
+// --------------------------------------------------
+
+
+// GENERAL STYLES
+// --------------
+
+// Make all forms have space below them
+form {
+  margin: 0 0 @baseLineHeight;
+}
+
+fieldset {
+  padding: 0;
+  margin: 0;
+  border: 0;
+}
+
+// Groups of fields with labels on top (legends)
+legend {
+  display: block;
+  width: 100%;
+  padding: 0;
+  margin-bottom: @baseLineHeight;
+  font-size: @baseFontSize * 1.5;
+  line-height: @baseLineHeight * 2;
+  color: @grayDark;
+  border: 0;
+  border-bottom: 1px solid #e5e5e5;
+
+  // Small
+  small {
+    font-size: @baseLineHeight * .75;
+    color: @grayLight;
+  }
+}
+
+// Set font for forms
+label,
+input,
+button,
+select,
+textarea {
+  #font > .shorthand(@baseFontSize,normal,@baseLineHeight); // Set size, weight, line-height here
+}
+input,
+button,
+select,
+textarea {
+  font-family: @baseFontFamily; // And only set font-family here for those that need it (note the missing label element)
+}
+
+// Identify controls by their labels
+label {
+  display: block;
+  margin-bottom: 5px;
+}
+
+// Form controls
+// -------------------------
+
+// Shared size and type resets
+select,
+textarea,
+input[type="text"],
+input[type="password"],
+input[type="datetime"],
+input[type="datetime-local"],
+input[type="date"],
+input[type="month"],
+input[type="time"],
+input[type="week"],
+input[type="number"],
+input[type="email"],
+input[type="url"],
+input[type="search"],
+input[type="tel"],
+input[type="color"],
+.uneditable-input {
+  display: inline-block;
+  height: @baseLineHeight;
+  padding: 4px 6px;
+  margin-bottom: @baseLineHeight / 2;
+  font-size: @baseFontSize;
+  line-height: @baseLineHeight;
+  color: @gray;
+  .border-radius(@inputBorderRadius);
+  vertical-align: middle;
+}
+
+// Reset appearance properties for textual inputs and textarea
+// Declare width for legacy (can't be on input[type=*] selectors or it's too specific)
+input,
+textarea,
+.uneditable-input {
+  width: 206px; // plus 12px padding and 2px border
+}
+// Reset height since textareas have rows
+textarea {
+  height: auto;
+}
+// Everything else
+textarea,
+input[type="text"],
+input[type="password"],
+input[type="datetime"],
+input[type="datetime-local"],
+input[type="date"],
+input[type="month"],
+input[type="time"],
+input[type="week"],
+input[type="number"],
+input[type="email"],
+input[type="url"],
+input[type="search"],
+input[type="tel"],
+input[type="color"],
+.uneditable-input {
+  background-color: @inputBackground;
+  border: 1px solid @inputBorder;
+  .box-shadow(inset 0 1px 1px rgba(0,0,0,.075));
+  .transition(~"border linear .2s, box-shadow linear .2s");
+
+  // Focus state
+  &:focus {
+    border-color: rgba(82,168,236,.8);
+    outline: 0;
+    outline: thin dotted \9; /* IE6-9 */
+    .box-shadow(~"inset 0 1px 1px rgba(0,0,0,.075), 0 0 8px rgba(82,168,236,.6)");
+  }
+}
+
+// Position radios and checkboxes better
+input[type="radio"],
+input[type="checkbox"] {
+  margin: 4px 0 0;
+  *margin-top: 0; /* IE7 */
+  margin-top: 1px \9; /* IE8-9 */
+  line-height: normal;
+}
+
+// Reset width of input images, buttons, radios, checkboxes
+input[type="file"],
+input[type="image"],
+input[type="submit"],
+input[type="reset"],
+input[type="button"],
+input[type="radio"],
+input[type="checkbox"] {
+  width: auto; // Override of generic input selector
+}
+
+// Set the height of select and file controls to match text inputs
+select,
+input[type="file"] {
+  height: @inputHeight; /* In IE7, the height of the select element cannot be changed by height, only font-size */
+  *margin-top: 4px; /* For IE7, add top margin to align select with labels */
+  line-height: @inputHeight;
+}
+
+// Make select elements obey height by applying a border
+select {
+  width: 220px; // default input width + 10px of padding that doesn't get applied
+  border: 1px solid @inputBorder;
+  background-color: @inputBackground; // Chrome on Linux and Mobile Safari need background-color
+}
+
+// Make multiple select elements height not fixed
+select[multiple],
+select[size] {
+  height: auto;
+}
+
+// Focus for select, file, radio, and checkbox
+select:focus,
+input[type="file"]:focus,
+input[type="radio"]:focus,
+input[type="checkbox"]:focus {
+  .tab-focus();
+}
+
+
+// Uneditable inputs
+// -------------------------
+
+// Make uneditable inputs look inactive
+.uneditable-input,
+.uneditable-textarea {
+  color: @grayLight;
+  background-color: darken(@inputBackground, 1%);
+  border-color: @inputBorder;
+  .box-shadow(inset 0 1px 2px rgba(0,0,0,.025));
+  cursor: not-allowed;
+}
+
+// For text that needs to appear as an input but should not be an input
+.uneditable-input {
+  overflow: hidden; // prevent text from wrapping, but still cut it off like an input does
+  white-space: nowrap;
+}
+
+// Make uneditable textareas behave like a textarea
+.uneditable-textarea {
+  width: auto;
+  height: auto;
+}
+
+
+// Placeholder
+// -------------------------
+
+// Placeholder text gets special styles because when browsers invalidate entire lines if it doesn't understand a selector
+input,
+textarea {
+  .placeholder();
+}
+
+
+// CHECKBOXES & RADIOS
+// -------------------
+
+// Indent the labels to position radios/checkboxes as hanging
+.radio,
+.checkbox {
+  min-height: @baseLineHeight; // clear the floating input if there is no label text
+  padding-left: 20px;
+}
+.radio input[type="radio"],
+.checkbox input[type="checkbox"] {
+  float: left;
+  margin-left: -20px;
+}
+
+// Move the options list down to align with labels
+.controls > .radio:first-child,
+.controls > .checkbox:first-child {
+  padding-top: 5px; // has to be padding because margin collaspes
+}
+
+// Radios and checkboxes on same line
+// TODO v3: Convert .inline to .control-inline
+.radio.inline,
+.checkbox.inline {
+  display: inline-block;
+  padding-top: 5px;
+  margin-bottom: 0;
+  vertical-align: middle;
+}
+.radio.inline + .radio.inline,
+.checkbox.inline + .checkbox.inline {
+  margin-left: 10px; // space out consecutive inline controls
+}
+
+
+
+// INPUT SIZES
+// -----------
+
+// General classes for quick sizes
+.input-mini       { width: 60px; }
+.input-small      { width: 90px; }
+.input-medium     { width: 150px; }
+.input-large      { width: 210px; }
+.input-xlarge     { width: 270px; }
+.input-xxlarge    { width: 530px; }
+
+// Grid style input sizes
+input[class*="span"],
+select[class*="span"],
+textarea[class*="span"],
+.uneditable-input[class*="span"],
+// Redeclare since the fluid row class is more specific
+.row-fluid input[class*="span"],
+.row-fluid select[class*="span"],
+.row-fluid textarea[class*="span"],
+.row-fluid .uneditable-input[class*="span"] {
+  float: none;
+  margin-left: 0;
+}
+// Ensure input-prepend/append never wraps
+.input-append input[class*="span"],
+.input-append .uneditable-input[class*="span"],
+.input-prepend input[class*="span"],
+.input-prepend .uneditable-input[class*="span"],
+.row-fluid input[class*="span"],
+.row-fluid select[class*="span"],
+.row-fluid textarea[class*="span"],
+.row-fluid .uneditable-input[class*="span"],
+.row-fluid .input-prepend [class*="span"],
+.row-fluid .input-append [class*="span"] {
+  display: inline-block;
+}
+
+
+
+// GRID SIZING FOR INPUTS
+// ----------------------
+
+// Grid sizes
+#grid > .input(@gridColumnWidth, @gridGutterWidth);
+
+// Control row for multiple inputs per line
+.controls-row {
+  .clearfix(); // Clear the float from controls
+}
+
+// Float to collapse white-space for proper grid alignment
+.controls-row [class*="span"],
+// Redeclare the fluid grid collapse since we undo the float for inputs
+.row-fluid .controls-row [class*="span"] {
+  float: left;
+}
+// Explicity set top padding on all checkboxes/radios, not just first-child
+.controls-row .checkbox[class*="span"],
+.controls-row .radio[class*="span"] {
+  padding-top: 5px;
+}
+
+
+
+
+// DISABLED STATE
+// --------------
+
+// Disabled and read-only inputs
+input[disabled],
+select[disabled],
+textarea[disabled],
+input[readonly],
+select[readonly],
+textarea[readonly] {
+  cursor: not-allowed;
+  background-color: @inputDisabledBackground;
+}
+// Explicitly reset the colors here
+input[type="radio"][disabled],
+input[type="checkbox"][disabled],
+input[type="radio"][readonly],
+input[type="checkbox"][readonly] {
+  background-color: transparent;
+}
+
+
+
+
+// FORM FIELD FEEDBACK STATES
+// --------------------------
+
+// Warning
+.control-group.warning {
+  .formFieldState(@warningText, @warningText, @warningBackground);
+}
+// Error
+.control-group.error {
+  .formFieldState(@errorText, @errorText, @errorBackground);
+}
+// Success
+.control-group.success {
+  .formFieldState(@successText, @successText, @successBackground);
+}
+// Success
+.control-group.info {
+  .formFieldState(@infoText, @infoText, @infoBackground);
+}
+
+// HTML5 invalid states
+// Shares styles with the .control-group.error above
+input:focus:invalid,
+textarea:focus:invalid,
+select:focus:invalid {
+  color: #b94a48;
+  border-color: #ee5f5b;
+  &:focus {
+    border-color: darken(#ee5f5b, 10%);
+    @shadow: 0 0 6px lighten(#ee5f5b, 20%);
+    .box-shadow(@shadow);
+  }
+}
+
+
+
+// FORM ACTIONS
+// ------------
+
+.form-actions {
+  padding: (@baseLineHeight - 1) 20px @baseLineHeight;
+  margin-top: @baseLineHeight;
+  margin-bottom: @baseLineHeight;
+  background-color: @formActionsBackground;
+  border-top: 1px solid #e5e5e5;
+  .clearfix(); // Adding clearfix to allow for .pull-right button containers
+}
+
+
+
+// HELP TEXT
+// ---------
+
+.help-block,
+.help-inline {
+  color: lighten(@textColor, 15%); // lighten the text some for contrast
+}
+
+.help-block {
+  display: block; // account for any element using help-block
+  margin-bottom: @baseLineHeight / 2;
+}
+
+.help-inline {
+  display: inline-block;
+  .ie7-inline-block();
+  vertical-align: middle;
+  padding-left: 5px;
+}
+
+
+
+// INPUT GROUPS
+// ------------
+
+// Allow us to put symbols and text within the input field for a cleaner look
+.input-append,
+.input-prepend {
+  display: inline-block;
+  margin-bottom: @baseLineHeight / 2;
+  vertical-align: middle;
+  font-size: 0; // white space collapse hack
+  white-space: nowrap; // Prevent span and input from separating
+
+  // Reset the white space collapse hack
+  input,
+  select,
+  .uneditable-input,
+  .dropdown-menu,
+  .popover {
+    font-size: @baseFontSize;
+  }
+
+  input,
+  select,
+  .uneditable-input {
+    position: relative; // placed here by default so that on :focus we can place the input above the .add-on for full border and box-shadow goodness
+    margin-bottom: 0; // prevent bottom margin from screwing up alignment in stacked forms
+    *margin-left: 0;
+    vertical-align: top;
+    .border-radius(0 @inputBorderRadius @inputBorderRadius 0);
+    // Make input on top when focused so blue border and shadow always show
+    &:focus {
+      z-index: 2;
+    }
+  }
+  .add-on {
+    display: inline-block;
+    width: auto;
+    height: @baseLineHeight;
+    min-width: 16px;
+    padding: 4px 5px;
+    font-size: @baseFontSize;
+    font-weight: normal;
+    line-height: @baseLineHeight;
+    text-align: center;
+    text-shadow: 0 1px 0 @white;
+    background-color: @grayLighter;
+    border: 1px solid #ccc;
+  }
+  .add-on,
+  .btn,
+  .btn-group > .dropdown-toggle {
+    vertical-align: top;
+    .border-radius(0);
+  }
+  .active {
+    background-color: lighten(@green, 30);
+    border-color: @green;
+  }
+}
+
+.input-prepend {
+  .add-on,
+  .btn {
+    margin-right: -1px;
+  }
+  .add-on:first-child,
+  .btn:first-child {
+    // FYI, `.btn:first-child` accounts for a button group that's prepended
+    .border-radius(@inputBorderRadius 0 0 @inputBorderRadius);
+  }
+}
+
+.input-append {
+  input,
+  select,
+  .uneditable-input {
+    .border-radius(@inputBorderRadius 0 0 @inputBorderRadius);
+    + .btn-group .btn:last-child {
+      .border-radius(0 @inputBorderRadius @inputBorderRadius 0);
+    }
+  }
+  .add-on,
+  .btn,
+  .btn-group {
+    margin-left: -1px;
+  }
+  .add-on:last-child,
+  .btn:last-child,
+  .btn-group:last-child > .dropdown-toggle {
+    .border-radius(0 @inputBorderRadius @inputBorderRadius 0);
+  }
+}
+
+// Remove all border-radius for inputs with both prepend and append
+.input-prepend.input-append {
+  input,
+  select,
+  .uneditable-input {
+    .border-radius(0);
+    + .btn-group .btn {
+      .border-radius(0 @inputBorderRadius @inputBorderRadius 0);
+    }
+  }
+  .add-on:first-child,
+  .btn:first-child {
+    margin-right: -1px;
+    .border-radius(@inputBorderRadius 0 0 @inputBorderRadius);
+  }
+  .add-on:last-child,
+  .btn:last-child {
+    margin-left: -1px;
+    .border-radius(0 @inputBorderRadius @inputBorderRadius 0);
+  }
+  .btn-group:first-child {
+    margin-left: 0;
+  }
+}
+
+
+
+
+// SEARCH FORM
+// -----------
+
+input.search-query {
+  padding-right: 14px;
+  padding-right: 4px \9;
+  padding-left: 14px;
+  padding-left: 4px \9; /* IE7-8 doesn't have border-radius, so don't indent the padding */
+  margin-bottom: 0; // Remove the default margin on all inputs
+  .border-radius(15px);
+}
+
+/* Allow for input prepend/append in search forms */
+.form-search .input-append .search-query,
+.form-search .input-prepend .search-query {
+  .border-radius(0); // Override due to specificity
+}
+.form-search .input-append .search-query {
+  .border-radius(14px 0 0 14px);
+}
+.form-search .input-append .btn {
+  .border-radius(0 14px 14px 0);
+}
+.form-search .input-prepend .search-query {
+  .border-radius(0 14px 14px 0);
+}
+.form-search .input-prepend .btn {
+  .border-radius(14px 0 0 14px);
+}
+
+
+
+
+// HORIZONTAL & VERTICAL FORMS
+// ---------------------------
+
+// Common properties
+// -----------------
+
+.form-search,
+.form-inline,
+.form-horizontal {
+  input,
+  textarea,
+  select,
+  .help-inline,
+  .uneditable-input,
+  .input-prepend,
+  .input-append {
+    display: inline-block;
+    .ie7-inline-block();
+    margin-bottom: 0;
+    vertical-align: middle;
+  }
+  // Re-hide hidden elements due to specifity
+  .hide {
+    display: none;
+  }
+}
+.form-search label,
+.form-inline label,
+.form-search .btn-group,
+.form-inline .btn-group {
+  display: inline-block;
+}
+// Remove margin for input-prepend/-append
+.form-search .input-append,
+.form-inline .input-append,
+.form-search .input-prepend,
+.form-inline .input-prepend {
+  margin-bottom: 0;
+}
+// Inline checkbox/radio labels (remove padding on left)
+.form-search .radio,
+.form-search .checkbox,
+.form-inline .radio,
+.form-inline .checkbox {
+  padding-left: 0;
+  margin-bottom: 0;
+  vertical-align: middle;
+}
+// Remove float and margin, set to inline-block
+.form-search .radio input[type="radio"],
+.form-search .checkbox input[type="checkbox"],
+.form-inline .radio input[type="radio"],
+.form-inline .checkbox input[type="checkbox"] {
+  float: left;
+  margin-right: 3px;
+  margin-left: 0;
+}
+
+
+// Margin to space out fieldsets
+.control-group {
+  margin-bottom: @baseLineHeight / 2;
+}
+
+// Legend collapses margin, so next element is responsible for spacing
+legend + .control-group {
+  margin-top: @baseLineHeight;
+  -webkit-margin-top-collapse: separate;
+}
+
+// Horizontal-specific styles
+// --------------------------
+
+.form-horizontal {
+  // Increase spacing between groups
+  .control-group {
+    margin-bottom: @baseLineHeight;
+    .clearfix();
+  }
+  // Float the labels left
+  .control-label {
+    float: left;
+    width: @horizontalComponentOffset - 20;
+    padding-top: 5px;
+    text-align: right;
+  }
+  // Move over all input controls and content
+  .controls {
+    // Super jank IE7 fix to ensure the inputs in .input-append and input-prepend
+    // don't inherit the margin of the parent, in this case .controls
+    *display: inline-block;
+    *padding-left: 20px;
+    margin-left: @horizontalComponentOffset;
+    *margin-left: 0;
+    &:first-child {
+      *padding-left: @horizontalComponentOffset;
+    }
+  }
+  // Remove bottom margin on block level help text since that's accounted for on .control-group
+  .help-block {
+    margin-bottom: 0;
+  }
+  // And apply it only to .help-block instances that follow a form control
+  input,
+  select,
+  textarea,
+  .uneditable-input,
+  .input-prepend,
+  .input-append {
+    + .help-block {
+      margin-top: @baseLineHeight / 2;
+    }
+  }
+  // Move over buttons in .form-actions to align with .controls
+  .form-actions {
+    padding-left: @horizontalComponentOffset;
+  }
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/grid.less b/openid-connect-server-webapp/src/main/webapp/less/grid.less
new file mode 100644
index 000000000..750d20351
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/grid.less
@@ -0,0 +1,21 @@
+//
+// Grid system
+// --------------------------------------------------
+
+
+// Fixed (940px)
+#grid > .core(@gridColumnWidth, @gridGutterWidth);
+
+// Fluid (940px)
+#grid > .fluid(@fluidGridColumnWidth, @fluidGridGutterWidth);
+
+// Reset utility classes due to specificity
+[class*="span"].hide,
+.row-fluid [class*="span"].hide {
+  display: none;
+}
+
+[class*="span"].pull-right,
+.row-fluid [class*="span"].pull-right {
+  float: right;
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/hero-unit.less b/openid-connect-server-webapp/src/main/webapp/less/hero-unit.less
new file mode 100644
index 000000000..763d86aee
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/hero-unit.less
@@ -0,0 +1,25 @@
+//
+// Hero unit
+// --------------------------------------------------
+
+
+.hero-unit {
+  padding: 60px;
+  margin-bottom: 30px;
+  font-size: 18px;
+  font-weight: 200;
+  line-height: @baseLineHeight * 1.5;
+  color: @heroUnitLeadColor;
+  background-color: @heroUnitBackground;
+  .border-radius(6px);
+  h1 {
+    margin-bottom: 0;
+    font-size: 60px;
+    line-height: 1;
+    color: @heroUnitHeadingColor;
+    letter-spacing: -1px;
+  }
+  li {
+    line-height: @baseLineHeight * 1.5; // Reset since we specify in type.less
+  }
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/labels-badges.less b/openid-connect-server-webapp/src/main/webapp/less/labels-badges.less
new file mode 100644
index 000000000..bc321fe5c
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/labels-badges.less
@@ -0,0 +1,84 @@
+//
+// Labels and badges
+// --------------------------------------------------
+
+
+// Base classes
+.label,
+.badge {
+  display: inline-block;
+  padding: 2px 4px;
+  font-size: @baseFontSize * .846;
+  font-weight: bold;
+  line-height: 14px; // ensure proper line-height if floated
+  color: @white;
+  vertical-align: baseline;
+  white-space: nowrap;
+  text-shadow: 0 -1px 0 rgba(0,0,0,.25);
+  background-color: @grayLight;
+}
+// Set unique padding and border-radii
+.label {
+  .border-radius(3px);
+}
+.badge {
+  padding-left: 9px;
+  padding-right: 9px;
+  .border-radius(9px);
+}
+
+// Empty labels/badges collapse
+.label,
+.badge {
+  &:empty {
+    display: none;
+  }
+}
+
+// Hover/focus state, but only for links
+a {
+  &.label:hover,
+  &.label:focus,
+  &.badge:hover,
+  &.badge:focus {
+    color: @white;
+    text-decoration: none;
+    cursor: pointer;
+  }
+}
+
+// Colors
+// Only give background-color difference to links (and to simplify, we don't qualifty with `a` but [href] attribute)
+.label,
+.badge {
+  // Important (red)
+  &-important         { background-color: @errorText; }
+  &-important[href]   { background-color: darken(@errorText, 10%); }
+  // Warnings (orange)
+  &-warning           { background-color: @orange; }
+  &-warning[href]     { background-color: darken(@orange, 10%); }
+  // Success (green)
+  &-success           { background-color: @successText; }
+  &-success[href]     { background-color: darken(@successText, 10%); }
+  // Info (turquoise)
+  &-info              { background-color: @infoText; }
+  &-info[href]        { background-color: darken(@infoText, 10%); }
+  // Inverse (black)
+  &-inverse           { background-color: @grayDark; }
+  &-inverse[href]     { background-color: darken(@grayDark, 10%); }
+}
+
+// Quick fix for labels/badges in buttons
+.btn {
+  .label,
+  .badge {
+    position: relative;
+    top: -1px;
+  }
+}
+.btn-mini {
+  .label,
+  .badge {
+    top: 0;
+  }
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/layouts.less b/openid-connect-server-webapp/src/main/webapp/less/layouts.less
new file mode 100644
index 000000000..24a206211
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/layouts.less
@@ -0,0 +1,16 @@
+//
+// Layouts
+// --------------------------------------------------
+
+
+// Container (centered, fixed-width layouts)
+.container {
+  .container-fixed();
+}
+
+// Fluid layouts (left aligned, with sidebar, min- & max-width content)
+.container-fluid {
+  padding-right: @gridGutterWidth;
+  padding-left: @gridGutterWidth;
+  .clearfix();
+}
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/less/media.less b/openid-connect-server-webapp/src/main/webapp/less/media.less
new file mode 100644
index 000000000..e461e446d
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/media.less
@@ -0,0 +1,55 @@
+// Media objects
+// Source: http://stubbornella.org/content/?p=497
+// --------------------------------------------------
+
+
+// Common styles
+// -------------------------
+
+// Clear the floats
+.media,
+.media-body {
+  overflow: hidden;
+  *overflow: visible;
+  zoom: 1;
+}
+
+// Proper spacing between instances of .media
+.media,
+.media .media {
+  margin-top: 15px;
+}
+.media:first-child {
+  margin-top: 0;
+}
+
+// For images and videos, set to block
+.media-object {
+  display: block;
+}
+
+// Reset margins on headings for tighter default spacing
+.media-heading {
+  margin: 0 0 5px;
+}
+
+
+// Media image alignment
+// -------------------------
+
+.media > .pull-left {
+  margin-right: 10px;
+}
+.media > .pull-right {
+  margin-left: 10px;
+}
+
+
+// Media list variation
+// -------------------------
+
+// Undo default ul/ol styles
+.media-list {
+  margin-left: 0;
+  list-style: none;
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/mixins.less b/openid-connect-server-webapp/src/main/webapp/less/mixins.less
new file mode 100644
index 000000000..857561e9a
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/mixins.less
@@ -0,0 +1,702 @@
+//
+// Mixins
+// --------------------------------------------------
+
+
+// UTILITY MIXINS
+// --------------------------------------------------
+
+// Clearfix
+// --------
+// For clearing floats like a boss h5bp.com/q
+.clearfix {
+  *zoom: 1;
+  &:before,
+  &:after {
+    display: table;
+    content: "";
+    // Fixes Opera/contenteditable bug:
+    // http://nicolasgallagher.com/micro-clearfix-hack/#comment-36952
+    line-height: 0;
+  }
+  &:after {
+    clear: both;
+  }
+}
+
+// Webkit-style focus
+// ------------------
+.tab-focus() {
+  // Default
+  outline: thin dotted #333;
+  // Webkit
+  outline: 5px auto -webkit-focus-ring-color;
+  outline-offset: -2px;
+}
+
+// Center-align a block level element
+// ----------------------------------
+.center-block() {
+  display: block;
+  margin-left: auto;
+  margin-right: auto;
+}
+
+// IE7 inline-block
+// ----------------
+.ie7-inline-block() {
+  *display: inline; /* IE7 inline-block hack */
+  *zoom: 1;
+}
+
+// IE7 likes to collapse whitespace on either side of the inline-block elements.
+// Ems because we're attempting to match the width of a space character. Left
+// version is for form buttons, which typically come after other elements, and
+// right version is for icons, which come before. Applying both is ok, but it will
+// mean that space between those elements will be .6em (~2 space characters) in IE7,
+// instead of the 1 space in other browsers.
+.ie7-restore-left-whitespace() {
+  *margin-left: .3em;
+
+  &:first-child {
+    *margin-left: 0;
+  }
+}
+
+.ie7-restore-right-whitespace() {
+  *margin-right: .3em;
+}
+
+// Sizing shortcuts
+// -------------------------
+.size(@height, @width) {
+  width: @width;
+  height: @height;
+}
+.square(@size) {
+  .size(@size, @size);
+}
+
+// Placeholder text
+// -------------------------
+.placeholder(@color: @placeholderText) {
+  &:-moz-placeholder {
+    color: @color;
+  }
+  &:-ms-input-placeholder {
+    color: @color;
+  }
+  &::-webkit-input-placeholder {
+    color: @color;
+  }
+}
+
+// Text overflow
+// -------------------------
+// Requires inline-block or block for proper styling
+.text-overflow() {
+  overflow: hidden;
+  text-overflow: ellipsis;
+  white-space: nowrap;
+}
+
+// CSS image replacement
+// -------------------------
+// Source: https://github.com/h5bp/html5-boilerplate/commit/aa0396eae757
+.hide-text {
+  font: 0/0 a;
+  color: transparent;
+  text-shadow: none;
+  background-color: transparent;
+  border: 0;
+}
+
+
+// FONTS
+// --------------------------------------------------
+
+#font {
+  #family {
+    .serif() {
+      font-family: @serifFontFamily;
+    }
+    .sans-serif() {
+      font-family: @sansFontFamily;
+    }
+    .monospace() {
+      font-family: @monoFontFamily;
+    }
+  }
+  .shorthand(@size: @baseFontSize, @weight: normal, @lineHeight: @baseLineHeight) {
+    font-size: @size;
+    font-weight: @weight;
+    line-height: @lineHeight;
+  }
+  .serif(@size: @baseFontSize, @weight: normal, @lineHeight: @baseLineHeight) {
+    #font > #family > .serif;
+    #font > .shorthand(@size, @weight, @lineHeight);
+  }
+  .sans-serif(@size: @baseFontSize, @weight: normal, @lineHeight: @baseLineHeight) {
+    #font > #family > .sans-serif;
+    #font > .shorthand(@size, @weight, @lineHeight);
+  }
+  .monospace(@size: @baseFontSize, @weight: normal, @lineHeight: @baseLineHeight) {
+    #font > #family > .monospace;
+    #font > .shorthand(@size, @weight, @lineHeight);
+  }
+}
+
+
+// FORMS
+// --------------------------------------------------
+
+// Block level inputs
+.input-block-level {
+  display: block;
+  width: 100%;
+  min-height: @inputHeight; // Make inputs at least the height of their button counterpart (base line-height + padding + border)
+  .box-sizing(border-box); // Makes inputs behave like true block-level elements
+}
+
+
+
+// Mixin for form field states
+.formFieldState(@textColor: #555, @borderColor: #ccc, @backgroundColor: #f5f5f5) {
+  // Set the text color
+  .control-label,
+  .help-block,
+  .help-inline {
+    color: @textColor;
+  }
+  // Style inputs accordingly
+  .checkbox,
+  .radio,
+  input,
+  select,
+  textarea {
+    color: @textColor;
+  }
+  input,
+  select,
+  textarea {
+    border-color: @borderColor;
+    .box-shadow(inset 0 1px 1px rgba(0,0,0,.075)); // Redeclare so transitions work
+    &:focus {
+      border-color: darken(@borderColor, 10%);
+      @shadow: inset 0 1px 1px rgba(0,0,0,.075), 0 0 6px lighten(@borderColor, 20%);
+      .box-shadow(@shadow);
+    }
+  }
+  // Give a small background color for input-prepend/-append
+  .input-prepend .add-on,
+  .input-append .add-on {
+    color: @textColor;
+    background-color: @backgroundColor;
+    border-color: @textColor;
+  }
+}
+
+
+
+// CSS3 PROPERTIES
+// --------------------------------------------------
+
+// Border Radius
+.border-radius(@radius) {
+  -webkit-border-radius: @radius;
+     -moz-border-radius: @radius;
+          border-radius: @radius;
+}
+
+// Single Corner Border Radius
+.border-top-left-radius(@radius) {
+  -webkit-border-top-left-radius: @radius;
+      -moz-border-radius-topleft: @radius;
+          border-top-left-radius: @radius;
+}
+.border-top-right-radius(@radius) {
+  -webkit-border-top-right-radius: @radius;
+      -moz-border-radius-topright: @radius;
+          border-top-right-radius: @radius;
+}
+.border-bottom-right-radius(@radius) {
+  -webkit-border-bottom-right-radius: @radius;
+      -moz-border-radius-bottomright: @radius;
+          border-bottom-right-radius: @radius;
+}
+.border-bottom-left-radius(@radius) {
+  -webkit-border-bottom-left-radius: @radius;
+      -moz-border-radius-bottomleft: @radius;
+          border-bottom-left-radius: @radius;
+}
+
+// Single Side Border Radius
+.border-top-radius(@radius) {
+  .border-top-right-radius(@radius);
+  .border-top-left-radius(@radius);
+}
+.border-right-radius(@radius) {
+  .border-top-right-radius(@radius);
+  .border-bottom-right-radius(@radius);
+}
+.border-bottom-radius(@radius) {
+  .border-bottom-right-radius(@radius);
+  .border-bottom-left-radius(@radius);
+}
+.border-left-radius(@radius) {
+  .border-top-left-radius(@radius);
+  .border-bottom-left-radius(@radius);
+}
+
+// Drop shadows
+.box-shadow(@shadow) {
+  -webkit-box-shadow: @shadow;
+     -moz-box-shadow: @shadow;
+          box-shadow: @shadow;
+}
+
+// Transitions
+.transition(@transition) {
+  -webkit-transition: @transition;
+     -moz-transition: @transition;
+       -o-transition: @transition;
+          transition: @transition;
+}
+.transition-delay(@transition-delay) {
+  -webkit-transition-delay: @transition-delay;
+     -moz-transition-delay: @transition-delay;
+       -o-transition-delay: @transition-delay;
+          transition-delay: @transition-delay;
+}
+.transition-duration(@transition-duration) {
+  -webkit-transition-duration: @transition-duration;
+     -moz-transition-duration: @transition-duration;
+       -o-transition-duration: @transition-duration;
+          transition-duration: @transition-duration;
+}
+
+// Transformations
+.rotate(@degrees) {
+  -webkit-transform: rotate(@degrees);
+     -moz-transform: rotate(@degrees);
+      -ms-transform: rotate(@degrees);
+       -o-transform: rotate(@degrees);
+          transform: rotate(@degrees);
+}
+.scale(@ratio) {
+  -webkit-transform: scale(@ratio);
+     -moz-transform: scale(@ratio);
+      -ms-transform: scale(@ratio);
+       -o-transform: scale(@ratio);
+          transform: scale(@ratio);
+}
+.translate(@x, @y) {
+  -webkit-transform: translate(@x, @y);
+     -moz-transform: translate(@x, @y);
+      -ms-transform: translate(@x, @y);
+       -o-transform: translate(@x, @y);
+          transform: translate(@x, @y);
+}
+.skew(@x, @y) {
+  -webkit-transform: skew(@x, @y);
+     -moz-transform: skew(@x, @y);
+      -ms-transform: skewX(@x) skewY(@y); // See https://github.com/twbs/bootstrap/issues/4885
+       -o-transform: skew(@x, @y);
+          transform: skew(@x, @y);
+  -webkit-backface-visibility: hidden; // See https://github.com/twbs/bootstrap/issues/5319
+}
+.translate3d(@x, @y, @z) {
+  -webkit-transform: translate3d(@x, @y, @z);
+     -moz-transform: translate3d(@x, @y, @z);
+       -o-transform: translate3d(@x, @y, @z);
+          transform: translate3d(@x, @y, @z);
+}
+
+// Backface visibility
+// Prevent browsers from flickering when using CSS 3D transforms.
+// Default value is `visible`, but can be changed to `hidden
+// See git pull https://github.com/dannykeane/bootstrap.git backface-visibility for examples
+.backface-visibility(@visibility){
+	-webkit-backface-visibility: @visibility;
+	   -moz-backface-visibility: @visibility;
+	        backface-visibility: @visibility;
+}
+
+// Background clipping
+// Heads up: FF 3.6 and under need "padding" instead of "padding-box"
+.background-clip(@clip) {
+  -webkit-background-clip: @clip;
+     -moz-background-clip: @clip;
+          background-clip: @clip;
+}
+
+// Background sizing
+.background-size(@size) {
+  -webkit-background-size: @size;
+     -moz-background-size: @size;
+       -o-background-size: @size;
+          background-size: @size;
+}
+
+
+// Box sizing
+.box-sizing(@boxmodel) {
+  -webkit-box-sizing: @boxmodel;
+     -moz-box-sizing: @boxmodel;
+          box-sizing: @boxmodel;
+}
+
+// User select
+// For selecting text on the page
+.user-select(@select) {
+  -webkit-user-select: @select;
+     -moz-user-select: @select;
+      -ms-user-select: @select;
+       -o-user-select: @select;
+          user-select: @select;
+}
+
+// Resize anything
+.resizable(@direction) {
+  resize: @direction; // Options: horizontal, vertical, both
+  overflow: auto; // Safari fix
+}
+
+// CSS3 Content Columns
+.content-columns(@columnCount, @columnGap: @gridGutterWidth) {
+  -webkit-column-count: @columnCount;
+     -moz-column-count: @columnCount;
+          column-count: @columnCount;
+  -webkit-column-gap: @columnGap;
+     -moz-column-gap: @columnGap;
+          column-gap: @columnGap;
+}
+
+// Optional hyphenation
+.hyphens(@mode: auto) {
+  word-wrap: break-word;
+  -webkit-hyphens: @mode;
+     -moz-hyphens: @mode;
+      -ms-hyphens: @mode;
+       -o-hyphens: @mode;
+          hyphens: @mode;
+}
+
+// Opacity
+.opacity(@opacity) {
+  opacity: @opacity / 100;
+  filter: ~"alpha(opacity=@{opacity})";
+}
+
+
+
+// BACKGROUNDS
+// --------------------------------------------------
+
+// Add an alphatransparency value to any background or border color (via Elyse Holladay)
+#translucent {
+  .background(@color: @white, @alpha: 1) {
+    background-color: hsla(hue(@color), saturation(@color), lightness(@color), @alpha);
+  }
+  .border(@color: @white, @alpha: 1) {
+    border-color: hsla(hue(@color), saturation(@color), lightness(@color), @alpha);
+    .background-clip(padding-box);
+  }
+}
+
+// Gradient Bar Colors for buttons and alerts
+.gradientBar(@primaryColor, @secondaryColor, @textColor: #fff, @textShadow: 0 -1px 0 rgba(0,0,0,.25)) {
+  color: @textColor;
+  text-shadow: @textShadow;
+  #gradient > .vertical(@primaryColor, @secondaryColor);
+  border-color: @secondaryColor @secondaryColor darken(@secondaryColor, 15%);
+  border-color: rgba(0,0,0,.1) rgba(0,0,0,.1) fadein(rgba(0,0,0,.1), 15%);
+}
+
+// Gradients
+#gradient {
+  .horizontal(@startColor: #555, @endColor: #333) {
+    background-color: @endColor;
+    background-image: -moz-linear-gradient(left, @startColor, @endColor); // FF 3.6+
+    background-image: -webkit-gradient(linear, 0 0, 100% 0, from(@startColor), to(@endColor)); // Safari 4+, Chrome 2+
+    background-image: -webkit-linear-gradient(left, @startColor, @endColor); // Safari 5.1+, Chrome 10+
+    background-image: -o-linear-gradient(left, @startColor, @endColor); // Opera 11.10
+    background-image: linear-gradient(to right, @startColor, @endColor); // Standard, IE10
+    background-repeat: repeat-x;
+    filter: e(%("progid:DXImageTransform.Microsoft.gradient(startColorstr='%d', endColorstr='%d', GradientType=1)",argb(@startColor),argb(@endColor))); // IE9 and down
+  }
+  .vertical(@startColor: #555, @endColor: #333) {
+    background-color: mix(@startColor, @endColor, 60%);
+    background-image: -moz-linear-gradient(top, @startColor, @endColor); // FF 3.6+
+    background-image: -webkit-gradient(linear, 0 0, 0 100%, from(@startColor), to(@endColor)); // Safari 4+, Chrome 2+
+    background-image: -webkit-linear-gradient(top, @startColor, @endColor); // Safari 5.1+, Chrome 10+
+    background-image: -o-linear-gradient(top, @startColor, @endColor); // Opera 11.10
+    background-image: linear-gradient(to bottom, @startColor, @endColor); // Standard, IE10
+    background-repeat: repeat-x;
+    filter: e(%("progid:DXImageTransform.Microsoft.gradient(startColorstr='%d', endColorstr='%d', GradientType=0)",argb(@startColor),argb(@endColor))); // IE9 and down
+  }
+  .directional(@startColor: #555, @endColor: #333, @deg: 45deg) {
+    background-color: @endColor;
+    background-repeat: repeat-x;
+    background-image: -moz-linear-gradient(@deg, @startColor, @endColor); // FF 3.6+
+    background-image: -webkit-linear-gradient(@deg, @startColor, @endColor); // Safari 5.1+, Chrome 10+
+    background-image: -o-linear-gradient(@deg, @startColor, @endColor); // Opera 11.10
+    background-image: linear-gradient(@deg, @startColor, @endColor); // Standard, IE10
+  }
+  .horizontal-three-colors(@startColor: #00b3ee, @midColor: #7a43b6, @colorStop: 50%, @endColor: #c3325f) {
+    background-color: mix(@midColor, @endColor, 80%);
+    background-image: -webkit-gradient(left, linear, 0 0, 0 100%, from(@startColor), color-stop(@colorStop, @midColor), to(@endColor));
+    background-image: -webkit-linear-gradient(left, @startColor, @midColor @colorStop, @endColor);
+    background-image: -moz-linear-gradient(left, @startColor, @midColor @colorStop, @endColor);
+    background-image: -o-linear-gradient(left, @startColor, @midColor @colorStop, @endColor);
+    background-image: linear-gradient(to right, @startColor, @midColor @colorStop, @endColor);
+    background-repeat: no-repeat;
+    filter: e(%("progid:DXImageTransform.Microsoft.gradient(startColorstr='%d', endColorstr='%d', GradientType=0)",argb(@startColor),argb(@endColor))); // IE9 and down, gets no color-stop at all for proper fallback
+  }
+
+  .vertical-three-colors(@startColor: #00b3ee, @midColor: #7a43b6, @colorStop: 50%, @endColor: #c3325f) {
+    background-color: mix(@midColor, @endColor, 80%);
+    background-image: -webkit-gradient(linear, 0 0, 0 100%, from(@startColor), color-stop(@colorStop, @midColor), to(@endColor));
+    background-image: -webkit-linear-gradient(@startColor, @midColor @colorStop, @endColor);
+    background-image: -moz-linear-gradient(top, @startColor, @midColor @colorStop, @endColor);
+    background-image: -o-linear-gradient(@startColor, @midColor @colorStop, @endColor);
+    background-image: linear-gradient(@startColor, @midColor @colorStop, @endColor);
+    background-repeat: no-repeat;
+    filter: e(%("progid:DXImageTransform.Microsoft.gradient(startColorstr='%d', endColorstr='%d', GradientType=0)",argb(@startColor),argb(@endColor))); // IE9 and down, gets no color-stop at all for proper fallback
+  }
+  .radial(@innerColor: #555, @outerColor: #333) {
+    background-color: @outerColor;
+    background-image: -webkit-gradient(radial, center center, 0, center center, 460, from(@innerColor), to(@outerColor));
+    background-image: -webkit-radial-gradient(circle, @innerColor, @outerColor);
+    background-image: -moz-radial-gradient(circle, @innerColor, @outerColor);
+    background-image: -o-radial-gradient(circle, @innerColor, @outerColor);
+    background-repeat: no-repeat;
+  }
+  .striped(@color: #555, @angle: 45deg) {
+    background-color: @color;
+    background-image: -webkit-gradient(linear, 0 100%, 100% 0, color-stop(.25, rgba(255,255,255,.15)), color-stop(.25, transparent), color-stop(.5, transparent), color-stop(.5, rgba(255,255,255,.15)), color-stop(.75, rgba(255,255,255,.15)), color-stop(.75, transparent), to(transparent));
+    background-image: -webkit-linear-gradient(@angle, rgba(255,255,255,.15) 25%, transparent 25%, transparent 50%, rgba(255,255,255,.15) 50%, rgba(255,255,255,.15) 75%, transparent 75%, transparent);
+    background-image: -moz-linear-gradient(@angle, rgba(255,255,255,.15) 25%, transparent 25%, transparent 50%, rgba(255,255,255,.15) 50%, rgba(255,255,255,.15) 75%, transparent 75%, transparent);
+    background-image: -o-linear-gradient(@angle, rgba(255,255,255,.15) 25%, transparent 25%, transparent 50%, rgba(255,255,255,.15) 50%, rgba(255,255,255,.15) 75%, transparent 75%, transparent);
+    background-image: linear-gradient(@angle, rgba(255,255,255,.15) 25%, transparent 25%, transparent 50%, rgba(255,255,255,.15) 50%, rgba(255,255,255,.15) 75%, transparent 75%, transparent);
+  }
+}
+// Reset filters for IE
+.reset-filter() {
+  filter: e(%("progid:DXImageTransform.Microsoft.gradient(enabled = false)"));
+}
+
+
+
+// COMPONENT MIXINS
+// --------------------------------------------------
+
+// Horizontal dividers
+// -------------------------
+// Dividers (basically an hr) within dropdowns and nav lists
+.nav-divider(@top: #e5e5e5, @bottom: @white) {
+  // IE7 needs a set width since we gave a height. Restricting just
+  // to IE7 to keep the 1px left/right space in other browsers.
+  // It is unclear where IE is getting the extra space that we need
+  // to negative-margin away, but so it goes.
+  *width: 100%;
+  height: 1px;
+  margin: ((@baseLineHeight / 2) - 1) 1px; // 8px 1px
+  *margin: -5px 0 5px;
+  overflow: hidden;
+  background-color: @top;
+  border-bottom: 1px solid @bottom;
+}
+
+// Button backgrounds
+// ------------------
+.buttonBackground(@startColor, @endColor, @textColor: #fff, @textShadow: 0 -1px 0 rgba(0,0,0,.25)) {
+  // gradientBar will set the background to a pleasing blend of these, to support IE<=9
+  .gradientBar(@startColor, @endColor, @textColor, @textShadow);
+  *background-color: @endColor; /* Darken IE7 buttons by default so they stand out more given they won't have borders */
+  .reset-filter();
+
+  // in these cases the gradient won't cover the background, so we override
+  &:hover, &:focus, &:active, &.active, &.disabled, &[disabled] {
+    color: @textColor;
+    background-color: @endColor;
+    *background-color: darken(@endColor, 5%);
+  }
+
+  // IE 7 + 8 can't handle box-shadow to show active, so we darken a bit ourselves
+  &:active,
+  &.active {
+    background-color: darken(@endColor, 10%) e("\9");
+  }
+}
+
+// Navbar vertical align
+// -------------------------
+// Vertically center elements in the navbar.
+// Example: an element has a height of 30px, so write out `.navbarVerticalAlign(30px);` to calculate the appropriate top margin.
+.navbarVerticalAlign(@elementHeight) {
+  margin-top: (@navbarHeight - @elementHeight) / 2;
+}
+
+
+
+// Grid System
+// -----------
+
+// Centered container element
+.container-fixed() {
+  margin-right: auto;
+  margin-left: auto;
+  .clearfix();
+}
+
+// Table columns
+.tableColumns(@columnSpan: 1) {
+  float: none; // undo default grid column styles
+  width: ((@gridColumnWidth) * @columnSpan) + (@gridGutterWidth * (@columnSpan - 1)) - 16; // 16 is total padding on left and right of table cells
+  margin-left: 0; // undo default grid column styles
+}
+
+// Make a Grid
+// Use .makeRow and .makeColumn to assign semantic layouts grid system behavior
+.makeRow() {
+  margin-left: @gridGutterWidth * -1;
+  .clearfix();
+}
+.makeColumn(@columns: 1, @offset: 0) {
+  float: left;
+  margin-left: (@gridColumnWidth * @offset) + (@gridGutterWidth * (@offset - 1)) + (@gridGutterWidth * 2);
+  width: (@gridColumnWidth * @columns) + (@gridGutterWidth * (@columns - 1));
+}
+
+// The Grid
+#grid {
+
+  .core (@gridColumnWidth, @gridGutterWidth) {
+
+    .spanX (@index) when (@index > 0) {
+      .span@{index} { .span(@index); }
+      .spanX(@index - 1);
+    }
+    .spanX (0) {}
+
+    .offsetX (@index) when (@index > 0) {
+      .offset@{index} { .offset(@index); }
+      .offsetX(@index - 1);
+    }
+    .offsetX (0) {}
+
+    .offset (@columns) {
+      margin-left: (@gridColumnWidth * @columns) + (@gridGutterWidth * (@columns + 1));
+    }
+
+    .span (@columns) {
+      width: (@gridColumnWidth * @columns) + (@gridGutterWidth * (@columns - 1));
+    }
+
+    .row {
+      margin-left: @gridGutterWidth * -1;
+      .clearfix();
+    }
+
+    [class*="span"] {
+      float: left;
+      min-height: 1px; // prevent collapsing columns
+      margin-left: @gridGutterWidth;
+    }
+
+    // Set the container width, and override it for fixed navbars in media queries
+    .container,
+    .navbar-static-top .container,
+    .navbar-fixed-top .container,
+    .navbar-fixed-bottom .container { .span(@gridColumns); }
+
+    // generate .spanX and .offsetX
+    .spanX (@gridColumns);
+    .offsetX (@gridColumns);
+
+  }
+
+  .fluid (@fluidGridColumnWidth, @fluidGridGutterWidth) {
+
+    .spanX (@index) when (@index > 0) {
+      .span@{index} { .span(@index); }
+      .spanX(@index - 1);
+    }
+    .spanX (0) {}
+
+    .offsetX (@index) when (@index > 0) {
+      .offset@{index} { .offset(@index); }
+      .offset@{index}:first-child { .offsetFirstChild(@index); }
+      .offsetX(@index - 1);
+    }
+    .offsetX (0) {}
+
+    .offset (@columns) {
+      margin-left: (@fluidGridColumnWidth * @columns) + (@fluidGridGutterWidth * (@columns - 1)) + (@fluidGridGutterWidth*2);
+  	  *margin-left: (@fluidGridColumnWidth * @columns) + (@fluidGridGutterWidth * (@columns - 1)) - (.5 / @gridRowWidth * 100 * 1%) + (@fluidGridGutterWidth*2) - (.5 / @gridRowWidth * 100 * 1%);
+    }
+
+    .offsetFirstChild (@columns) {
+      margin-left: (@fluidGridColumnWidth * @columns) + (@fluidGridGutterWidth * (@columns - 1)) + (@fluidGridGutterWidth);
+      *margin-left: (@fluidGridColumnWidth * @columns) + (@fluidGridGutterWidth * (@columns - 1)) - (.5 / @gridRowWidth * 100 * 1%) + @fluidGridGutterWidth - (.5 / @gridRowWidth * 100 * 1%);
+    }
+
+    .span (@columns) {
+      width: (@fluidGridColumnWidth * @columns) + (@fluidGridGutterWidth * (@columns - 1));
+      *width: (@fluidGridColumnWidth * @columns) + (@fluidGridGutterWidth * (@columns - 1)) - (.5 / @gridRowWidth * 100 * 1%);
+    }
+
+    .row-fluid {
+      width: 100%;
+      .clearfix();
+      [class*="span"] {
+        .input-block-level();
+        float: left;
+        margin-left: @fluidGridGutterWidth;
+        *margin-left: @fluidGridGutterWidth - (.5 / @gridRowWidth * 100 * 1%);
+      }
+      [class*="span"]:first-child {
+        margin-left: 0;
+      }
+
+      // Space grid-sized controls properly if multiple per line
+      .controls-row [class*="span"] + [class*="span"] {
+        margin-left: @fluidGridGutterWidth;
+      }
+
+      // generate .spanX and .offsetX
+      .spanX (@gridColumns);
+      .offsetX (@gridColumns);
+    }
+
+  }
+
+  .input(@gridColumnWidth, @gridGutterWidth) {
+
+    .spanX (@index) when (@index > 0) {
+      input.span@{index}, textarea.span@{index}, .uneditable-input.span@{index} { .span(@index); }
+      .spanX(@index - 1);
+    }
+    .spanX (0) {}
+
+    .span(@columns) {
+      width: ((@gridColumnWidth) * @columns) + (@gridGutterWidth * (@columns - 1)) - 14;
+    }
+
+    input,
+    textarea,
+    .uneditable-input {
+      margin-left: 0; // override margin-left from core grid system
+    }
+
+    // Space grid-sized controls properly if multiple per line
+    .controls-row [class*="span"] + [class*="span"] {
+      margin-left: @gridGutterWidth;
+    }
+
+    // generate .spanX
+    .spanX (@gridColumns);
+
+  }
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/modals.less b/openid-connect-server-webapp/src/main/webapp/less/modals.less
new file mode 100644
index 000000000..8e272d409
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/modals.less
@@ -0,0 +1,95 @@
+//
+// Modals
+// --------------------------------------------------
+
+// Background
+.modal-backdrop {
+  position: fixed;
+  top: 0;
+  right: 0;
+  bottom: 0;
+  left: 0;
+  z-index: @zindexModalBackdrop;
+  background-color: @black;
+  // Fade for backdrop
+  &.fade { opacity: 0; }
+}
+
+.modal-backdrop,
+.modal-backdrop.fade.in {
+  .opacity(80);
+}
+
+// Base modal
+.modal {
+  position: fixed;
+  top: 10%;
+  left: 50%;
+  z-index: @zindexModal;
+  width: 560px;
+  margin-left: -280px;
+  background-color: @white;
+  border: 1px solid #999;
+  border: 1px solid rgba(0,0,0,.3);
+  *border: 1px solid #999; /* IE6-7 */
+  .border-radius(6px);
+  .box-shadow(0 3px 7px rgba(0,0,0,0.3));
+  .background-clip(padding-box);
+  // Remove focus outline from opened modal
+  outline: none;
+
+  &.fade {
+    .transition(e('opacity .3s linear, top .3s ease-out'));
+    top: -25%;
+  }
+  &.fade.in { top: 10%; }
+}
+.modal-header {
+  padding: 9px 15px;
+  border-bottom: 1px solid #eee;
+  // Close icon
+  .close { margin-top: 2px; }
+  // Heading
+  h3 {
+    margin: 0;
+    line-height: 30px;
+  }
+}
+
+// Body (where all modal content resides)
+.modal-body {
+  position: relative;
+  overflow-y: auto;
+  max-height: 400px;
+  padding: 15px;
+}
+// Remove bottom margin if need be
+.modal-form {
+  margin-bottom: 0;
+}
+
+// Footer (for actions)
+.modal-footer {
+  padding: 14px 15px 15px;
+  margin-bottom: 0;
+  text-align: right; // right align buttons
+  background-color: #f5f5f5;
+  border-top: 1px solid #ddd;
+  .border-radius(0 0 6px 6px);
+  .box-shadow(inset 0 1px 0 @white);
+  .clearfix(); // clear it in case folks use .pull-* classes on buttons
+
+  // Properly space out buttons
+  .btn + .btn {
+    margin-left: 5px;
+    margin-bottom: 0; // account for input[type="submit"] which gets the bottom margin like all other inputs
+  }
+  // but override that for button groups
+  .btn-group .btn + .btn {
+    margin-left: -1px;
+  }
+  // and override it for block buttons as well
+  .btn-block + .btn-block {
+    margin-left: 0;
+  }
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/navbar.less b/openid-connect-server-webapp/src/main/webapp/less/navbar.less
new file mode 100644
index 000000000..93d09bcad
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/navbar.less
@@ -0,0 +1,497 @@
+//
+// Navbars (Redux)
+// --------------------------------------------------
+
+
+// COMMON STYLES
+// -------------
+
+// Base class and wrapper
+.navbar {
+  overflow: visible;
+  margin-bottom: @baseLineHeight;
+
+  // Fix for IE7's bad z-indexing so dropdowns don't appear below content that follows the navbar
+  *position: relative;
+  *z-index: 2;
+}
+
+// Inner for background effects
+// Gradient is applied to its own element because overflow visible is not honored by IE when filter is present
+.navbar-inner {
+  min-height: @navbarHeight;
+  padding-left:  20px;
+  padding-right: 20px;
+  #gradient > .vertical(@navbarBackgroundHighlight, @navbarBackground);
+  border: 1px solid @navbarBorder;
+  .border-radius(@baseBorderRadius);
+  .box-shadow(0 1px 4px rgba(0,0,0,.065));
+
+  // Prevent floats from breaking the navbar
+  .clearfix();
+}
+
+// Set width to auto for default container
+// We then reset it for fixed navbars in the #gridSystem mixin
+.navbar .container {
+  width: auto;
+}
+
+// Override the default collapsed state
+.nav-collapse.collapse {
+  height: auto;
+  overflow: visible;
+}
+
+
+// Brand: website or project name
+// -------------------------
+.navbar .brand {
+  float: left;
+  display: block;
+  // Vertically center the text given @navbarHeight
+  padding: ((@navbarHeight - @baseLineHeight) / 2) 20px ((@navbarHeight - @baseLineHeight) / 2);
+  margin-left: -20px; // negative indent to left-align the text down the page
+  font-size: 20px;
+  font-weight: 200;
+  color: @navbarBrandColor;
+  text-shadow: 0 1px 0 @navbarBackgroundHighlight;
+  &:hover,
+  &:focus {
+    text-decoration: none;
+  }
+}
+
+// Plain text in topbar
+// -------------------------
+.navbar-text {
+  margin-bottom: 0;
+  line-height: @navbarHeight;
+  color: @navbarText;
+}
+
+// Janky solution for now to account for links outside the .nav
+// -------------------------
+.navbar-link {
+  color: @navbarLinkColor;
+  &:hover,
+  &:focus {
+    color: @navbarLinkColorHover;
+  }
+}
+
+// Dividers in navbar
+// -------------------------
+.navbar .divider-vertical {
+  height: @navbarHeight;
+  margin: 0 9px;
+  border-left: 1px solid @navbarBackground;
+  border-right: 1px solid @navbarBackgroundHighlight;
+}
+
+// Buttons in navbar
+// -------------------------
+.navbar .btn,
+.navbar .btn-group {
+  .navbarVerticalAlign(30px); // Vertically center in navbar
+}
+.navbar .btn-group .btn,
+.navbar .input-prepend .btn,
+.navbar .input-append .btn,
+.navbar .input-prepend .btn-group,
+.navbar .input-append .btn-group {
+  margin-top: 0; // then undo the margin here so we don't accidentally double it
+}
+
+// Navbar forms
+// -------------------------
+.navbar-form {
+  margin-bottom: 0; // remove default bottom margin
+  .clearfix();
+  input,
+  select,
+  .radio,
+  .checkbox {
+    .navbarVerticalAlign(30px); // Vertically center in navbar
+  }
+  input,
+  select,
+  .btn {
+    display: inline-block;
+    margin-bottom: 0;
+  }
+  input[type="image"],
+  input[type="checkbox"],
+  input[type="radio"] {
+    margin-top: 3px;
+  }
+  .input-append,
+  .input-prepend {
+    margin-top: 5px;
+    white-space: nowrap; // preven two  items from separating within a .navbar-form that has .pull-left
+    input {
+      margin-top: 0; // remove the margin on top since it's on the parent
+    }
+  }
+}
+
+// Navbar search
+// -------------------------
+.navbar-search {
+  position: relative;
+  float: left;
+  .navbarVerticalAlign(30px); // Vertically center in navbar
+  margin-bottom: 0;
+  .search-query {
+    margin-bottom: 0;
+    padding: 4px 14px;
+    #font > .sans-serif(13px, normal, 1);
+    .border-radius(15px); // redeclare because of specificity of the type attribute
+  }
+}
+
+
+
+// Static navbar
+// -------------------------
+
+.navbar-static-top {
+  position: static;
+  margin-bottom: 0; // remove 18px margin for default navbar
+  .navbar-inner {
+    .border-radius(0);
+  }
+}
+
+
+
+// Fixed navbar
+// -------------------------
+
+// Shared (top/bottom) styles
+.navbar-fixed-top,
+.navbar-fixed-bottom {
+  position: fixed;
+  right: 0;
+  left: 0;
+  z-index: @zindexFixedNavbar;
+  margin-bottom: 0; // remove 18px margin for default navbar
+}
+.navbar-fixed-top .navbar-inner,
+.navbar-static-top .navbar-inner {
+  border-width: 0 0 1px;
+}
+.navbar-fixed-bottom .navbar-inner {
+  border-width: 1px 0 0;
+}
+.navbar-fixed-top .navbar-inner,
+.navbar-fixed-bottom .navbar-inner {
+  padding-left:  0;
+  padding-right: 0;
+  .border-radius(0);
+}
+
+// Reset container width
+// Required here as we reset the width earlier on and the grid mixins don't override early enough
+.navbar-static-top .container,
+.navbar-fixed-top .container,
+.navbar-fixed-bottom .container {
+  #grid > .core > .span(@gridColumns);
+}
+
+// Fixed to top
+.navbar-fixed-top {
+  top: 0;
+}
+.navbar-fixed-top,
+.navbar-static-top {
+  .navbar-inner {
+    .box-shadow(~"0 1px 10px rgba(0,0,0,.1)");
+  }
+}
+
+// Fixed to bottom
+.navbar-fixed-bottom {
+  bottom: 0;
+  .navbar-inner {
+    .box-shadow(~"0 -1px 10px rgba(0,0,0,.1)");
+  }
+}
+
+
+
+// NAVIGATION
+// ----------
+
+.navbar .nav {
+  position: relative;
+  left: 0;
+  display: block;
+  float: left;
+  margin: 0 10px 0 0;
+}
+.navbar .nav.pull-right {
+  float: right; // redeclare due to specificity
+  margin-right: 0; // remove margin on float right nav
+}
+.navbar .nav > li {
+  float: left;
+}
+
+// Links
+.navbar .nav > li > a {
+  float: none;
+  // Vertically center the text given @navbarHeight
+  padding: ((@navbarHeight - @baseLineHeight) / 2) 15px ((@navbarHeight - @baseLineHeight) / 2);
+  color: @navbarLinkColor;
+  text-decoration: none;
+  text-shadow: 0 1px 0 @navbarBackgroundHighlight;
+}
+.navbar .nav .dropdown-toggle .caret {
+  margin-top: 8px;
+}
+
+// Hover/focus
+.navbar .nav > li > a:focus,
+.navbar .nav > li > a:hover {
+  background-color: @navbarLinkBackgroundHover; // "transparent" is default to differentiate :hover/:focus from .active
+  color: @navbarLinkColorHover;
+  text-decoration: none;
+}
+
+// Active nav items
+.navbar .nav > .active > a,
+.navbar .nav > .active > a:hover,
+.navbar .nav > .active > a:focus {
+  color: @navbarLinkColorActive;
+  text-decoration: none;
+  background-color: @navbarLinkBackgroundActive;
+  .box-shadow(inset 0 3px 8px rgba(0,0,0,.125));
+}
+
+// Navbar button for toggling navbar items in responsive layouts
+// These definitions need to come after '.navbar .btn'
+.navbar .btn-navbar {
+  display: none;
+  float: right;
+  padding: 7px 10px;
+  margin-left: 5px;
+  margin-right: 5px;
+  .buttonBackground(darken(@navbarBackgroundHighlight, 5%), darken(@navbarBackground, 5%));
+  .box-shadow(~"inset 0 1px 0 rgba(255,255,255,.1), 0 1px 0 rgba(255,255,255,.075)");
+}
+.navbar .btn-navbar .icon-bar {
+  display: block;
+  width: 18px;
+  height: 2px;
+  background-color: #f5f5f5;
+  .border-radius(1px);
+  .box-shadow(0 1px 0 rgba(0,0,0,.25));
+}
+.btn-navbar .icon-bar + .icon-bar {
+  margin-top: 3px;
+}
+
+
+
+// Dropdown menus
+// --------------
+
+// Menu position and menu carets
+.navbar .nav > li > .dropdown-menu {
+  &:before {
+    content: '';
+    display: inline-block;
+    border-left:   7px solid transparent;
+    border-right:  7px solid transparent;
+    border-bottom: 7px solid #ccc;
+    border-bottom-color: @dropdownBorder;
+    position: absolute;
+    top: -7px;
+    left: 9px;
+  }
+  &:after {
+    content: '';
+    display: inline-block;
+    border-left:   6px solid transparent;
+    border-right:  6px solid transparent;
+    border-bottom: 6px solid @dropdownBackground;
+    position: absolute;
+    top: -6px;
+    left: 10px;
+  }
+}
+// Menu position and menu caret support for dropups via extra dropup class
+.navbar-fixed-bottom .nav > li > .dropdown-menu {
+  &:before {
+    border-top: 7px solid #ccc;
+    border-top-color: @dropdownBorder;
+    border-bottom: 0;
+    bottom: -7px;
+    top: auto;
+  }
+  &:after {
+    border-top: 6px solid @dropdownBackground;
+    border-bottom: 0;
+    bottom: -6px;
+    top: auto;
+  }
+}
+
+// Caret should match text color on hover/focus
+.navbar .nav li.dropdown > a:hover .caret,
+.navbar .nav li.dropdown > a:focus .caret {
+  border-top-color: @navbarLinkColorHover;
+  border-bottom-color: @navbarLinkColorHover;
+}
+
+// Remove background color from open dropdown
+.navbar .nav li.dropdown.open > .dropdown-toggle,
+.navbar .nav li.dropdown.active > .dropdown-toggle,
+.navbar .nav li.dropdown.open.active > .dropdown-toggle {
+  background-color: @navbarLinkBackgroundActive;
+  color: @navbarLinkColorActive;
+}
+.navbar .nav li.dropdown > .dropdown-toggle .caret {
+  border-top-color: @navbarLinkColor;
+  border-bottom-color: @navbarLinkColor;
+}
+.navbar .nav li.dropdown.open > .dropdown-toggle .caret,
+.navbar .nav li.dropdown.active > .dropdown-toggle .caret,
+.navbar .nav li.dropdown.open.active > .dropdown-toggle .caret {
+  border-top-color: @navbarLinkColorActive;
+  border-bottom-color: @navbarLinkColorActive;
+}
+
+// Right aligned menus need alt position
+.navbar .pull-right > li > .dropdown-menu,
+.navbar .nav > li > .dropdown-menu.pull-right {
+  left: auto;
+  right: 0;
+  &:before {
+    left: auto;
+    right: 12px;
+  }
+  &:after {
+    left: auto;
+    right: 13px;
+  }
+  .dropdown-menu {
+    left: auto;
+    right: 100%;
+    margin-left: 0;
+    margin-right: -1px;
+    .border-radius(6px 0 6px 6px);
+  }
+}
+
+
+// Inverted navbar
+// -------------------------
+
+.navbar-inverse {
+
+  .navbar-inner {
+    #gradient > .vertical(@navbarInverseBackgroundHighlight, @navbarInverseBackground);
+    border-color: @navbarInverseBorder;
+  }
+
+  .brand,
+  .nav > li > a {
+    color: @navbarInverseLinkColor;
+    text-shadow: 0 -1px 0 rgba(0,0,0,.25);
+    &:hover,
+    &:focus {
+      color: @navbarInverseLinkColorHover;
+    }
+  }
+
+  .brand {
+    color: @navbarInverseBrandColor;
+  }
+
+  .navbar-text {
+    color: @navbarInverseText;
+  }
+
+  .nav > li > a:focus,
+  .nav > li > a:hover {
+    background-color: @navbarInverseLinkBackgroundHover;
+    color: @navbarInverseLinkColorHover;
+  }
+
+  .nav .active > a,
+  .nav .active > a:hover,
+  .nav .active > a:focus {
+    color: @navbarInverseLinkColorActive;
+    background-color: @navbarInverseLinkBackgroundActive;
+  }
+
+  // Inline text links
+  .navbar-link {
+    color: @navbarInverseLinkColor;
+    &:hover,
+    &:focus {
+      color: @navbarInverseLinkColorHover;
+    }
+  }
+
+  // Dividers in navbar
+  .divider-vertical {
+    border-left-color: @navbarInverseBackground;
+    border-right-color: @navbarInverseBackgroundHighlight;
+  }
+
+  // Dropdowns
+  .nav li.dropdown.open > .dropdown-toggle,
+  .nav li.dropdown.active > .dropdown-toggle,
+  .nav li.dropdown.open.active > .dropdown-toggle {
+    background-color: @navbarInverseLinkBackgroundActive;
+    color: @navbarInverseLinkColorActive;
+  }
+  .nav li.dropdown > a:hover .caret,
+  .nav li.dropdown > a:focus .caret {
+    border-top-color: @navbarInverseLinkColorActive;
+    border-bottom-color: @navbarInverseLinkColorActive;
+  }
+  .nav li.dropdown > .dropdown-toggle .caret {
+    border-top-color: @navbarInverseLinkColor;
+    border-bottom-color: @navbarInverseLinkColor;
+  }
+  .nav li.dropdown.open > .dropdown-toggle .caret,
+  .nav li.dropdown.active > .dropdown-toggle .caret,
+  .nav li.dropdown.open.active > .dropdown-toggle .caret {
+    border-top-color: @navbarInverseLinkColorActive;
+    border-bottom-color: @navbarInverseLinkColorActive;
+  }
+
+  // Navbar search
+  .navbar-search {
+    .search-query {
+      color: @white;
+      background-color: @navbarInverseSearchBackground;
+      border-color: @navbarInverseSearchBorder;
+      .box-shadow(~"inset 0 1px 2px rgba(0,0,0,.1), 0 1px 0 rgba(255,255,255,.15)");
+      .transition(none);
+      .placeholder(@navbarInverseSearchPlaceholderColor);
+
+      // Focus states (we use .focused since IE7-8 and down doesn't support :focus)
+      &:focus,
+      &.focused {
+        padding: 5px 15px;
+        color: @grayDark;
+        text-shadow: 0 1px 0 @white;
+        background-color: @navbarInverseSearchBackgroundFocus;
+        border: 0;
+        .box-shadow(0 0 3px rgba(0,0,0,.15));
+        outline: 0;
+      }
+    }
+  }
+
+  // Navbar collapse button
+  .btn-navbar {
+    .buttonBackground(darken(@navbarInverseBackgroundHighlight, 5%), darken(@navbarInverseBackground, 5%));
+  }
+
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/navs.less b/openid-connect-server-webapp/src/main/webapp/less/navs.less
new file mode 100644
index 000000000..01cd805bd
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/navs.less
@@ -0,0 +1,409 @@
+//
+// Navs
+// --------------------------------------------------
+
+
+// BASE CLASS
+// ----------
+
+.nav {
+  margin-left: 0;
+  margin-bottom: @baseLineHeight;
+  list-style: none;
+}
+
+// Make links block level
+.nav > li > a {
+  display: block;
+}
+.nav > li > a:hover,
+.nav > li > a:focus {
+  text-decoration: none;
+  background-color: @grayLighter;
+}
+
+// Prevent IE8 from misplacing imgs
+// See https://github.com/h5bp/html5-boilerplate/issues/984#issuecomment-3985989
+.nav > li > a > img {
+  max-width: none;
+}
+
+// Redeclare pull classes because of specifity
+.nav > .pull-right {
+  float: right;
+}
+
+// Nav headers (for dropdowns and lists)
+.nav-header {
+  display: block;
+  padding: 3px 15px;
+  font-size: 11px;
+  font-weight: bold;
+  line-height: @baseLineHeight;
+  color: @grayLight;
+  text-shadow: 0 1px 0 rgba(255,255,255,.5);
+  text-transform: uppercase;
+}
+// Space them out when they follow another list item (link)
+.nav li + .nav-header {
+  margin-top: 9px;
+}
+
+
+
+// NAV LIST
+// --------
+
+.nav-list {
+  padding-left: 15px;
+  padding-right: 15px;
+  margin-bottom: 0;
+}
+.nav-list > li > a,
+.nav-list .nav-header {
+  margin-left:  -15px;
+  margin-right: -15px;
+  text-shadow: 0 1px 0 rgba(255,255,255,.5);
+}
+.nav-list > li > a {
+  padding: 3px 15px;
+}
+.nav-list > .active > a,
+.nav-list > .active > a:hover,
+.nav-list > .active > a:focus {
+  color: @white;
+  text-shadow: 0 -1px 0 rgba(0,0,0,.2);
+  background-color: @linkColor;
+}
+.nav-list [class^="icon-"],
+.nav-list [class*=" icon-"] {
+  margin-right: 2px;
+}
+// Dividers (basically an hr) within the dropdown
+.nav-list .divider {
+  .nav-divider();
+}
+
+
+
+// TABS AND PILLS
+// -------------
+
+// Common styles
+.nav-tabs,
+.nav-pills {
+  .clearfix();
+}
+.nav-tabs > li,
+.nav-pills > li {
+  float: left;
+}
+.nav-tabs > li > a,
+.nav-pills > li > a {
+  padding-right: 12px;
+  padding-left: 12px;
+  margin-right: 2px;
+  line-height: 14px; // keeps the overall height an even number
+}
+
+// TABS
+// ----
+
+// Give the tabs something to sit on
+.nav-tabs {
+  border-bottom: 1px solid #ddd;
+}
+// Make the list-items overlay the bottom border
+.nav-tabs > li {
+  margin-bottom: -1px;
+}
+// Actual tabs (as links)
+.nav-tabs > li > a {
+  padding-top: 8px;
+  padding-bottom: 8px;
+  line-height: @baseLineHeight;
+  border: 1px solid transparent;
+  .border-radius(4px 4px 0 0);
+  &:hover,
+  &:focus {
+    border-color: @grayLighter @grayLighter #ddd;
+  }
+}
+// Active state, and it's :hover/:focus to override normal :hover/:focus
+.nav-tabs > .active > a,
+.nav-tabs > .active > a:hover,
+.nav-tabs > .active > a:focus {
+  color: @gray;
+  background-color: @bodyBackground;
+  border: 1px solid #ddd;
+  border-bottom-color: transparent;
+  cursor: default;
+}
+
+
+// PILLS
+// -----
+
+// Links rendered as pills
+.nav-pills > li > a {
+  padding-top: 8px;
+  padding-bottom: 8px;
+  margin-top: 2px;
+  margin-bottom: 2px;
+  .border-radius(5px);
+}
+
+// Active state
+.nav-pills > .active > a,
+.nav-pills > .active > a:hover,
+.nav-pills > .active > a:focus {
+  color: @white;
+  background-color: @linkColor;
+}
+
+
+
+// STACKED NAV
+// -----------
+
+// Stacked tabs and pills
+.nav-stacked > li {
+  float: none;
+}
+.nav-stacked > li > a {
+  margin-right: 0; // no need for the gap between nav items
+}
+
+// Tabs
+.nav-tabs.nav-stacked {
+  border-bottom: 0;
+}
+.nav-tabs.nav-stacked > li > a {
+  border: 1px solid #ddd;
+  .border-radius(0);
+}
+.nav-tabs.nav-stacked > li:first-child > a {
+  .border-top-radius(4px);
+}
+.nav-tabs.nav-stacked > li:last-child > a {
+  .border-bottom-radius(4px);
+}
+.nav-tabs.nav-stacked > li > a:hover,
+.nav-tabs.nav-stacked > li > a:focus {
+  border-color: #ddd;
+  z-index: 2;
+}
+
+// Pills
+.nav-pills.nav-stacked > li > a {
+  margin-bottom: 3px;
+}
+.nav-pills.nav-stacked > li:last-child > a {
+  margin-bottom: 1px; // decrease margin to match sizing of stacked tabs
+}
+
+
+
+// DROPDOWNS
+// ---------
+
+.nav-tabs .dropdown-menu {
+  .border-radius(0 0 6px 6px); // remove the top rounded corners here since there is a hard edge above the menu
+}
+.nav-pills .dropdown-menu {
+  .border-radius(6px); // make rounded corners match the pills
+}
+
+// Default dropdown links
+// -------------------------
+// Make carets use linkColor to start
+.nav .dropdown-toggle .caret {
+  border-top-color: @linkColor;
+  border-bottom-color: @linkColor;
+  margin-top: 6px;
+}
+.nav .dropdown-toggle:hover .caret,
+.nav .dropdown-toggle:focus .caret {
+  border-top-color: @linkColorHover;
+  border-bottom-color: @linkColorHover;
+}
+/* move down carets for tabs */
+.nav-tabs .dropdown-toggle .caret {
+  margin-top: 8px;
+}
+
+// Active dropdown links
+// -------------------------
+.nav .active .dropdown-toggle .caret {
+  border-top-color: #fff;
+  border-bottom-color: #fff;
+}
+.nav-tabs .active .dropdown-toggle .caret {
+  border-top-color: @gray;
+  border-bottom-color: @gray;
+}
+
+// Active:hover/:focus dropdown links
+// -------------------------
+.nav > .dropdown.active > a:hover,
+.nav > .dropdown.active > a:focus {
+  cursor: pointer;
+}
+
+// Open dropdowns
+// -------------------------
+.nav-tabs .open .dropdown-toggle,
+.nav-pills .open .dropdown-toggle,
+.nav > li.dropdown.open.active > a:hover,
+.nav > li.dropdown.open.active > a:focus {
+  color: @white;
+  background-color: @grayLight;
+  border-color: @grayLight;
+}
+.nav li.dropdown.open .caret,
+.nav li.dropdown.open.active .caret,
+.nav li.dropdown.open a:hover .caret,
+.nav li.dropdown.open a:focus .caret {
+  border-top-color: @white;
+  border-bottom-color: @white;
+  .opacity(100);
+}
+
+// Dropdowns in stacked tabs
+.tabs-stacked .open > a:hover,
+.tabs-stacked .open > a:focus {
+  border-color: @grayLight;
+}
+
+
+
+// TABBABLE
+// --------
+
+
+// COMMON STYLES
+// -------------
+
+// Clear any floats
+.tabbable {
+  .clearfix();
+}
+.tab-content {
+  overflow: auto; // prevent content from running below tabs
+}
+
+// Remove border on bottom, left, right
+.tabs-below > .nav-tabs,
+.tabs-right > .nav-tabs,
+.tabs-left > .nav-tabs {
+  border-bottom: 0;
+}
+
+// Show/hide tabbable areas
+.tab-content > .tab-pane,
+.pill-content > .pill-pane {
+  display: none;
+}
+.tab-content > .active,
+.pill-content > .active {
+  display: block;
+}
+
+
+// BOTTOM
+// ------
+
+.tabs-below > .nav-tabs {
+  border-top: 1px solid #ddd;
+}
+.tabs-below > .nav-tabs > li {
+  margin-top: -1px;
+  margin-bottom: 0;
+}
+.tabs-below > .nav-tabs > li > a {
+  .border-radius(0 0 4px 4px);
+  &:hover,
+  &:focus {
+    border-bottom-color: transparent;
+    border-top-color: #ddd;
+  }
+}
+.tabs-below > .nav-tabs > .active > a,
+.tabs-below > .nav-tabs > .active > a:hover,
+.tabs-below > .nav-tabs > .active > a:focus {
+  border-color: transparent #ddd #ddd #ddd;
+}
+
+// LEFT & RIGHT
+// ------------
+
+// Common styles
+.tabs-left > .nav-tabs > li,
+.tabs-right > .nav-tabs > li {
+  float: none;
+}
+.tabs-left > .nav-tabs > li > a,
+.tabs-right > .nav-tabs > li > a {
+  min-width: 74px;
+  margin-right: 0;
+  margin-bottom: 3px;
+}
+
+// Tabs on the left
+.tabs-left > .nav-tabs {
+  float: left;
+  margin-right: 19px;
+  border-right: 1px solid #ddd;
+}
+.tabs-left > .nav-tabs > li > a {
+  margin-right: -1px;
+  .border-radius(4px 0 0 4px);
+}
+.tabs-left > .nav-tabs > li > a:hover,
+.tabs-left > .nav-tabs > li > a:focus {
+  border-color: @grayLighter #ddd @grayLighter @grayLighter;
+}
+.tabs-left > .nav-tabs .active > a,
+.tabs-left > .nav-tabs .active > a:hover,
+.tabs-left > .nav-tabs .active > a:focus {
+  border-color: #ddd transparent #ddd #ddd;
+  *border-right-color: @white;
+}
+
+// Tabs on the right
+.tabs-right > .nav-tabs {
+  float: right;
+  margin-left: 19px;
+  border-left: 1px solid #ddd;
+}
+.tabs-right > .nav-tabs > li > a {
+  margin-left: -1px;
+  .border-radius(0 4px 4px 0);
+}
+.tabs-right > .nav-tabs > li > a:hover,
+.tabs-right > .nav-tabs > li > a:focus {
+  border-color: @grayLighter @grayLighter @grayLighter #ddd;
+}
+.tabs-right > .nav-tabs .active > a,
+.tabs-right > .nav-tabs .active > a:hover,
+.tabs-right > .nav-tabs .active > a:focus {
+  border-color: #ddd #ddd #ddd transparent;
+  *border-left-color: @white;
+}
+
+
+
+// DISABLED STATES
+// ---------------
+
+// Gray out text
+.nav > .disabled > a {
+  color: @grayLight;
+}
+// Nuke hover/focus effects
+.nav > .disabled > a:hover,
+.nav > .disabled > a:focus {
+  text-decoration: none;
+  background-color: transparent;
+  cursor: default;
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/pager.less b/openid-connect-server-webapp/src/main/webapp/less/pager.less
new file mode 100644
index 000000000..147618829
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/pager.less
@@ -0,0 +1,43 @@
+//
+// Pager pagination
+// --------------------------------------------------
+
+
+.pager {
+  margin: @baseLineHeight 0;
+  list-style: none;
+  text-align: center;
+  .clearfix();
+}
+.pager li {
+  display: inline;
+}
+.pager li > a,
+.pager li > span {
+  display: inline-block;
+  padding: 5px 14px;
+  background-color: #fff;
+  border: 1px solid #ddd;
+  .border-radius(15px);
+}
+.pager li > a:hover,
+.pager li > a:focus {
+  text-decoration: none;
+  background-color: #f5f5f5;
+}
+.pager .next > a,
+.pager .next > span {
+  float: right;
+}
+.pager .previous > a,
+.pager .previous > span {
+  float: left;
+}
+.pager .disabled > a,
+.pager .disabled > a:hover,
+.pager .disabled > a:focus,
+.pager .disabled > span {
+  color: @grayLight;
+  background-color: #fff;
+  cursor: default;
+}
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/less/pagination.less b/openid-connect-server-webapp/src/main/webapp/less/pagination.less
new file mode 100644
index 000000000..a789db2d2
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/pagination.less
@@ -0,0 +1,123 @@
+//
+// Pagination (multiple pages)
+// --------------------------------------------------
+
+// Space out pagination from surrounding content
+.pagination {
+  margin: @baseLineHeight 0;
+}
+
+.pagination ul {
+  // Allow for text-based alignment
+  display: inline-block;
+  .ie7-inline-block();
+  // Reset default ul styles
+  margin-left: 0;
+  margin-bottom: 0;
+  // Visuals
+  .border-radius(@baseBorderRadius);
+  .box-shadow(0 1px 2px rgba(0,0,0,.05));
+}
+.pagination ul > li {
+  display: inline; // Remove list-style and block-level defaults
+}
+.pagination ul > li > a,
+.pagination ul > li > span {
+  float: left; // Collapse white-space
+  padding: 4px 12px;
+  line-height: @baseLineHeight;
+  text-decoration: none;
+  background-color: @paginationBackground;
+  border: 1px solid @paginationBorder;
+  border-left-width: 0;
+}
+.pagination ul > li > a:hover,
+.pagination ul > li > a:focus,
+.pagination ul > .active > a,
+.pagination ul > .active > span {
+  background-color: @paginationActiveBackground;
+}
+.pagination ul > .active > a,
+.pagination ul > .active > span {
+  color: @grayLight;
+  cursor: default;
+}
+.pagination ul > .disabled > span,
+.pagination ul > .disabled > a,
+.pagination ul > .disabled > a:hover,
+.pagination ul > .disabled > a:focus {
+  color: @grayLight;
+  background-color: transparent;
+  cursor: default;
+}
+.pagination ul > li:first-child > a,
+.pagination ul > li:first-child > span {
+  border-left-width: 1px;
+  .border-left-radius(@baseBorderRadius);
+}
+.pagination ul > li:last-child > a,
+.pagination ul > li:last-child > span {
+  .border-right-radius(@baseBorderRadius);
+}
+
+
+// Alignment
+// --------------------------------------------------
+
+.pagination-centered {
+  text-align: center;
+}
+.pagination-right {
+  text-align: right;
+}
+
+
+// Sizing
+// --------------------------------------------------
+
+// Large
+.pagination-large {
+  ul > li > a,
+  ul > li > span {
+    padding: @paddingLarge;
+    font-size: @fontSizeLarge;
+  }
+  ul > li:first-child > a,
+  ul > li:first-child > span {
+    .border-left-radius(@borderRadiusLarge);
+  }
+  ul > li:last-child > a,
+  ul > li:last-child > span {
+    .border-right-radius(@borderRadiusLarge);
+  }
+}
+
+// Small and mini
+.pagination-mini,
+.pagination-small {
+  ul > li:first-child > a,
+  ul > li:first-child > span {
+    .border-left-radius(@borderRadiusSmall);
+  }
+  ul > li:last-child > a,
+  ul > li:last-child > span {
+    .border-right-radius(@borderRadiusSmall);
+  }
+}
+
+// Small
+.pagination-small {
+  ul > li > a,
+  ul > li > span {
+    padding: @paddingSmall;
+    font-size: @fontSizeSmall;
+  }
+}
+// Mini
+.pagination-mini {
+  ul > li > a,
+  ul > li > span {
+    padding: @paddingMini;
+    font-size: @fontSizeMini;
+  }
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/popovers.less b/openid-connect-server-webapp/src/main/webapp/less/popovers.less
new file mode 100644
index 000000000..aae35c8cd
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/popovers.less
@@ -0,0 +1,133 @@
+//
+// Popovers
+// --------------------------------------------------
+
+
+.popover {
+  position: absolute;
+  top: 0;
+  left: 0;
+  z-index: @zindexPopover;
+  display: none;
+  max-width: 276px;
+  padding: 1px;
+  text-align: left; // Reset given new insertion method
+  background-color: @popoverBackground;
+  -webkit-background-clip: padding-box;
+     -moz-background-clip: padding;
+          background-clip: padding-box;
+  border: 1px solid #ccc;
+  border: 1px solid rgba(0,0,0,.2);
+  .border-radius(6px);
+  .box-shadow(0 5px 10px rgba(0,0,0,.2));
+
+  // Overrides for proper insertion
+  white-space: normal;
+
+  // Offset the popover to account for the popover arrow
+  &.top     { margin-top: -10px; }
+  &.right   { margin-left: 10px; }
+  &.bottom  { margin-top: 10px; }
+  &.left    { margin-left: -10px; }
+}
+
+.popover-title {
+  margin: 0; // reset heading margin
+  padding: 8px 14px;
+  font-size: 14px;
+  font-weight: normal;
+  line-height: 18px;
+  background-color: @popoverTitleBackground;
+  border-bottom: 1px solid darken(@popoverTitleBackground, 5%);
+  .border-radius(5px 5px 0 0);
+
+  &:empty {
+    display: none;
+  }
+}
+
+.popover-content {
+  padding: 9px 14px;
+}
+
+// Arrows
+//
+// .arrow is outer, .arrow:after is inner
+
+.popover .arrow,
+.popover .arrow:after {
+  position: absolute;
+  display: block;
+  width: 0;
+  height: 0;
+  border-color: transparent;
+  border-style: solid;
+}
+.popover .arrow {
+  border-width: @popoverArrowOuterWidth;
+}
+.popover .arrow:after {
+  border-width: @popoverArrowWidth;
+  content: "";
+}
+
+.popover {
+  &.top .arrow {
+    left: 50%;
+    margin-left: -@popoverArrowOuterWidth;
+    border-bottom-width: 0;
+    border-top-color: #999; // IE8 fallback
+    border-top-color: @popoverArrowOuterColor;
+    bottom: -@popoverArrowOuterWidth;
+    &:after {
+      bottom: 1px;
+      margin-left: -@popoverArrowWidth;
+      border-bottom-width: 0;
+      border-top-color: @popoverArrowColor;
+    }
+  }
+  &.right .arrow {
+    top: 50%;
+    left: -@popoverArrowOuterWidth;
+    margin-top: -@popoverArrowOuterWidth;
+    border-left-width: 0;
+    border-right-color: #999; // IE8 fallback
+    border-right-color: @popoverArrowOuterColor;
+    &:after {
+      left: 1px;
+      bottom: -@popoverArrowWidth;
+      border-left-width: 0;
+      border-right-color: @popoverArrowColor;
+    }
+  }
+  &.bottom .arrow {
+    left: 50%;
+    margin-left: -@popoverArrowOuterWidth;
+    border-top-width: 0;
+    border-bottom-color: #999; // IE8 fallback
+    border-bottom-color: @popoverArrowOuterColor;
+    top: -@popoverArrowOuterWidth;
+    &:after {
+      top: 1px;
+      margin-left: -@popoverArrowWidth;
+      border-top-width: 0;
+      border-bottom-color: @popoverArrowColor;
+    }
+  }
+
+  &.left .arrow {
+    top: 50%;
+    right: -@popoverArrowOuterWidth;
+    margin-top: -@popoverArrowOuterWidth;
+    border-right-width: 0;
+    border-left-color: #999; // IE8 fallback
+    border-left-color: @popoverArrowOuterColor;
+    &:after {
+      right: 1px;
+      border-right-width: 0;
+      border-left-color: @popoverArrowColor;
+      bottom: -@popoverArrowWidth;
+    }
+  }
+
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/progress-bars.less b/openid-connect-server-webapp/src/main/webapp/less/progress-bars.less
new file mode 100644
index 000000000..5e0c3dda0
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/progress-bars.less
@@ -0,0 +1,122 @@
+//
+// Progress bars
+// --------------------------------------------------
+
+
+// ANIMATIONS
+// ----------
+
+// Webkit
+@-webkit-keyframes progress-bar-stripes {
+  from  { background-position: 40px 0; }
+  to    { background-position: 0 0; }
+}
+
+// Firefox
+@-moz-keyframes progress-bar-stripes {
+  from  { background-position: 40px 0; }
+  to    { background-position: 0 0; }
+}
+
+// IE9
+@-ms-keyframes progress-bar-stripes {
+  from  { background-position: 40px 0; }
+  to    { background-position: 0 0; }
+}
+
+// Opera
+@-o-keyframes progress-bar-stripes {
+  from  { background-position: 0 0; }
+  to    { background-position: 40px 0; }
+}
+
+// Spec
+@keyframes progress-bar-stripes {
+  from  { background-position: 40px 0; }
+  to    { background-position: 0 0; }
+}
+
+
+
+// THE BARS
+// --------
+
+// Outer container
+.progress {
+  overflow: hidden;
+  height: @baseLineHeight;
+  margin-bottom: @baseLineHeight;
+  #gradient > .vertical(#f5f5f5, #f9f9f9);
+  .box-shadow(inset 0 1px 2px rgba(0,0,0,.1));
+  .border-radius(@baseBorderRadius);
+}
+
+// Bar of progress
+.progress .bar {
+  width: 0%;
+  height: 100%;
+  color: @white;
+  float: left;
+  font-size: 12px;
+  text-align: center;
+  text-shadow: 0 -1px 0 rgba(0,0,0,.25);
+  #gradient > .vertical(#149bdf, #0480be);
+  .box-shadow(inset 0 -1px 0 rgba(0,0,0,.15));
+  .box-sizing(border-box);
+  .transition(width .6s ease);
+}
+.progress .bar + .bar {
+  .box-shadow(~"inset 1px 0 0 rgba(0,0,0,.15), inset 0 -1px 0 rgba(0,0,0,.15)");
+}
+
+// Striped bars
+.progress-striped .bar {
+  #gradient > .striped(#149bdf);
+  .background-size(40px 40px);
+}
+
+// Call animation for the active one
+.progress.active .bar {
+  -webkit-animation: progress-bar-stripes 2s linear infinite;
+     -moz-animation: progress-bar-stripes 2s linear infinite;
+      -ms-animation: progress-bar-stripes 2s linear infinite;
+       -o-animation: progress-bar-stripes 2s linear infinite;
+          animation: progress-bar-stripes 2s linear infinite;
+}
+
+
+
+// COLORS
+// ------
+
+// Danger (red)
+.progress-danger .bar, .progress .bar-danger {
+  #gradient > .vertical(#ee5f5b, #c43c35);
+}
+.progress-danger.progress-striped .bar, .progress-striped .bar-danger {
+  #gradient > .striped(#ee5f5b);
+}
+
+// Success (green)
+.progress-success .bar, .progress .bar-success {
+  #gradient > .vertical(#62c462, #57a957);
+}
+.progress-success.progress-striped .bar, .progress-striped .bar-success {
+  #gradient > .striped(#62c462);
+}
+
+// Info (teal)
+.progress-info .bar, .progress .bar-info {
+  #gradient > .vertical(#5bc0de, #339bb9);
+}
+.progress-info.progress-striped .bar, .progress-striped .bar-info {
+  #gradient > .striped(#5bc0de);
+}
+
+// Warning (orange)
+.progress-warning .bar, .progress .bar-warning {
+  #gradient > .vertical(lighten(@orange, 15%), @orange);
+}
+.progress-warning.progress-striped .bar, .progress-striped .bar-warning {
+  #gradient > .striped(lighten(@orange, 15%));
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/reset.less b/openid-connect-server-webapp/src/main/webapp/less/reset.less
new file mode 100644
index 000000000..4806bd5e5
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/reset.less
@@ -0,0 +1,216 @@
+//
+// Reset CSS
+// Adapted from http://github.com/necolas/normalize.css
+// --------------------------------------------------
+
+
+// Display in IE6-9 and FF3
+// -------------------------
+
+article,
+aside,
+details,
+figcaption,
+figure,
+footer,
+header,
+hgroup,
+nav,
+section {
+  display: block;
+}
+
+// Display block in IE6-9 and FF3
+// -------------------------
+
+audio,
+canvas,
+video {
+  display: inline-block;
+  *display: inline;
+  *zoom: 1;
+}
+
+// Prevents modern browsers from displaying 'audio' without controls
+// -------------------------
+
+audio:not([controls]) {
+    display: none;
+}
+
+// Base settings
+// -------------------------
+
+html {
+  font-size: 100%;
+  -webkit-text-size-adjust: 100%;
+      -ms-text-size-adjust: 100%;
+}
+// Focus states
+a:focus {
+  .tab-focus();
+}
+// Hover & Active
+a:hover,
+a:active {
+  outline: 0;
+}
+
+// Prevents sub and sup affecting line-height in all browsers
+// -------------------------
+
+sub,
+sup {
+  position: relative;
+  font-size: 75%;
+  line-height: 0;
+  vertical-align: baseline;
+}
+sup {
+  top: -0.5em;
+}
+sub {
+  bottom: -0.25em;
+}
+
+// Img border in a's and image quality
+// -------------------------
+
+img {
+  /* Responsive images (ensure images don't scale beyond their parents) */
+  max-width: 100%; /* Part 1: Set a maxium relative to the parent */
+  width: auto\9; /* IE7-8 need help adjusting responsive images */
+  height: auto; /* Part 2: Scale the height according to the width, otherwise you get stretching */
+
+  vertical-align: middle;
+  border: 0;
+  -ms-interpolation-mode: bicubic;
+}
+
+// Prevent max-width from affecting Google Maps
+#map_canvas img,
+.google-maps img {
+  max-width: none;
+}
+
+// Forms
+// -------------------------
+
+// Font size in all browsers, margin changes, misc consistency
+button,
+input,
+select,
+textarea {
+  margin: 0;
+  font-size: 100%;
+  vertical-align: middle;
+}
+button,
+input {
+  *overflow: visible; // Inner spacing ie IE6/7
+  line-height: normal; // FF3/4 have !important on line-height in UA stylesheet
+}
+button::-moz-focus-inner,
+input::-moz-focus-inner { // Inner padding and border oddities in FF3/4
+  padding: 0;
+  border: 0;
+}
+button,
+html input[type="button"], // Avoid the WebKit bug in Android 4.0.* where (2) destroys native `audio` and `video` controls.
+input[type="reset"],
+input[type="submit"] {
+    -webkit-appearance: button; // Corrects inability to style clickable `input` types in iOS.
+    cursor: pointer; // Improves usability and consistency of cursor style between image-type `input` and others.
+}
+label,
+select,
+button,
+input[type="button"],
+input[type="reset"],
+input[type="submit"],
+input[type="radio"],
+input[type="checkbox"] {
+    cursor: pointer; // Improves usability and consistency of cursor style between image-type `input` and others.
+}
+input[type="search"] { // Appearance in Safari/Chrome
+  .box-sizing(content-box);
+  -webkit-appearance: textfield;
+}
+input[type="search"]::-webkit-search-decoration,
+input[type="search"]::-webkit-search-cancel-button {
+  -webkit-appearance: none; // Inner-padding issues in Chrome OSX, Safari 5
+}
+textarea {
+  overflow: auto; // Remove vertical scrollbar in IE6-9
+  vertical-align: top; // Readability and alignment cross-browser
+}
+
+
+// Printing
+// -------------------------
+// Source: https://github.com/h5bp/html5-boilerplate/blob/master/css/main.css
+
+@media print {
+
+  * {
+    text-shadow: none !important;
+    color: #000 !important; // Black prints faster: h5bp.com/s
+    background: transparent !important;
+    box-shadow: none !important;
+  }
+
+  a,
+  a:visited {
+    text-decoration: underline;
+  }
+
+  a[href]:after {
+    content: " (" attr(href) ")";
+  }
+
+  abbr[title]:after {
+    content: " (" attr(title) ")";
+  }
+
+  // Don't show links for images, or javascript/internal links
+  .ir a:after,
+  a[href^="javascript:"]:after,
+  a[href^="#"]:after {
+    content: "";
+  }
+
+  pre,
+  blockquote {
+    border: 1px solid #999;
+    page-break-inside: avoid;
+  }
+
+  thead {
+    display: table-header-group; // h5bp.com/t
+  }
+
+  tr,
+  img {
+    page-break-inside: avoid;
+  }
+
+  img {
+    max-width: 100% !important;
+  }
+
+  @page {
+    margin: 0.5cm;
+  }
+
+  p,
+  h2,
+  h3 {
+    orphans: 3;
+    widows: 3;
+  }
+
+  h2,
+  h3 {
+    page-break-after: avoid;
+  }
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/responsive-1200px-min.less b/openid-connect-server-webapp/src/main/webapp/less/responsive-1200px-min.less
new file mode 100644
index 000000000..4f35ba6ca
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/responsive-1200px-min.less
@@ -0,0 +1,28 @@
+//
+// Responsive: Large desktop and up
+// --------------------------------------------------
+
+
+@media (min-width: 1200px) {
+
+  // Fixed grid
+  #grid > .core(@gridColumnWidth1200, @gridGutterWidth1200);
+
+  // Fluid grid
+  #grid > .fluid(@fluidGridColumnWidth1200, @fluidGridGutterWidth1200);
+
+  // Input grid
+  #grid > .input(@gridColumnWidth1200, @gridGutterWidth1200);
+
+  // Thumbnails
+  .thumbnails {
+    margin-left: -@gridGutterWidth1200;
+  }
+  .thumbnails > li {
+    margin-left: @gridGutterWidth1200;
+  }
+  .row-fluid .thumbnails {
+    margin-left: 0;
+  }
+
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/responsive-767px-max.less b/openid-connect-server-webapp/src/main/webapp/less/responsive-767px-max.less
new file mode 100644
index 000000000..128f4ce30
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/responsive-767px-max.less
@@ -0,0 +1,193 @@
+//
+// Responsive: Landscape phone to desktop/tablet
+// --------------------------------------------------
+
+
+@media (max-width: 767px) {
+
+  // Padding to set content in a bit
+  body {
+    padding-left: 20px;
+    padding-right: 20px;
+  }
+  // Negative indent the now static "fixed" navbar
+  .navbar-fixed-top,
+  .navbar-fixed-bottom,
+  .navbar-static-top {
+    margin-left: -20px;
+    margin-right: -20px;
+  }
+  // Remove padding on container given explicit padding set on body
+  .container-fluid {
+    padding: 0;
+  }
+
+  // TYPOGRAPHY
+  // ----------
+  // Reset horizontal dl
+  .dl-horizontal {
+    dt {
+      float: none;
+      clear: none;
+      width: auto;
+      text-align: left;
+    }
+    dd {
+      margin-left: 0;
+    }
+  }
+
+  // GRID & CONTAINERS
+  // -----------------
+  // Remove width from containers
+  .container {
+    width: auto;
+  }
+  // Fluid rows
+  .row-fluid {
+    width: 100%;
+  }
+  // Undo negative margin on rows and thumbnails
+  .row,
+  .thumbnails {
+    margin-left: 0;
+  }
+  .thumbnails > li {
+    float: none;
+    margin-left: 0; // Reset the default margin for all li elements when no .span* classes are present
+  }
+  // Make all grid-sized elements block level again
+  [class*="span"],
+  .uneditable-input[class*="span"], // Makes uneditable inputs full-width when using grid sizing
+  .row-fluid [class*="span"] {
+    float: none;
+    display: block;
+    width: 100%;
+    margin-left: 0;
+    .box-sizing(border-box);
+  }
+  .span12,
+  .row-fluid .span12 {
+    width: 100%;
+    .box-sizing(border-box);
+  }
+  .row-fluid [class*="offset"]:first-child {
+    margin-left: 0;
+  }
+
+  // FORM FIELDS
+  // -----------
+  // Make span* classes full width
+  .input-large,
+  .input-xlarge,
+  .input-xxlarge,
+  input[class*="span"],
+  select[class*="span"],
+  textarea[class*="span"],
+  .uneditable-input {
+    .input-block-level();
+  }
+  // But don't let it screw up prepend/append inputs
+  .input-prepend input,
+  .input-append input,
+  .input-prepend input[class*="span"],
+  .input-append input[class*="span"] {
+    display: inline-block; // redeclare so they don't wrap to new lines
+    width: auto;
+  }
+  .controls-row [class*="span"] + [class*="span"] {
+    margin-left: 0;
+  }
+
+  // Modals
+  .modal {
+    position: fixed;
+    top:   20px;
+    left:  20px;
+    right: 20px;
+    width: auto;
+    margin: 0;
+    &.fade  { top: -100px; }
+    &.fade.in { top: 20px; }
+  }
+
+}
+
+
+
+// UP TO LANDSCAPE PHONE
+// ---------------------
+
+@media (max-width: 480px) {
+
+  // Smooth out the collapsing/expanding nav
+  .nav-collapse {
+    -webkit-transform: translate3d(0, 0, 0); // activate the GPU
+  }
+
+  // Block level the page header small tag for readability
+  .page-header h1 small {
+    display: block;
+    line-height: @baseLineHeight;
+  }
+
+  // Update checkboxes for iOS
+  input[type="checkbox"],
+  input[type="radio"] {
+    border: 1px solid #ccc;
+  }
+
+  // Remove the horizontal form styles
+  .form-horizontal {
+    .control-label {
+      float: none;
+      width: auto;
+      padding-top: 0;
+      text-align: left;
+    }
+    // Move over all input controls and content
+    .controls {
+      margin-left: 0;
+    }
+    // Move the options list down to align with labels
+    .control-list {
+      padding-top: 0; // has to be padding because margin collaspes
+    }
+    // Move over buttons in .form-actions to align with .controls
+    .form-actions {
+      padding-left: 10px;
+      padding-right: 10px;
+    }
+  }
+
+  // Medias
+  // Reset float and spacing to stack
+  .media .pull-left,
+  .media .pull-right  {
+    float: none;
+    display: block;
+    margin-bottom: 10px;
+  }
+  // Remove side margins since we stack instead of indent
+  .media-object {
+    margin-right: 0;
+    margin-left: 0;
+  }
+
+  // Modals
+  .modal {
+    top:   10px;
+    left:  10px;
+    right: 10px;
+  }
+  .modal-header .close {
+    padding: 10px;
+    margin: -10px;
+  }
+
+  // Carousel
+  .carousel-caption {
+    position: static;
+  }
+
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/responsive-768px-979px.less b/openid-connect-server-webapp/src/main/webapp/less/responsive-768px-979px.less
new file mode 100644
index 000000000..8e8c486a0
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/responsive-768px-979px.less
@@ -0,0 +1,19 @@
+//
+// Responsive: Tablet to desktop
+// --------------------------------------------------
+
+
+@media (min-width: 768px) and (max-width: 979px) {
+
+  // Fixed grid
+  #grid > .core(@gridColumnWidth768, @gridGutterWidth768);
+
+  // Fluid grid
+  #grid > .fluid(@fluidGridColumnWidth768, @fluidGridGutterWidth768);
+
+  // Input grid
+  #grid > .input(@gridColumnWidth768, @gridGutterWidth768);
+
+  // No need to reset .thumbnails here since it's the same @gridGutterWidth
+
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/responsive-navbar.less b/openid-connect-server-webapp/src/main/webapp/less/responsive-navbar.less
new file mode 100644
index 000000000..21cd3ba67
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/responsive-navbar.less
@@ -0,0 +1,189 @@
+//
+// Responsive: Navbar
+// --------------------------------------------------
+
+
+// TABLETS AND BELOW
+// -----------------
+@media (max-width: @navbarCollapseWidth) {
+
+  // UNFIX THE TOPBAR
+  // ----------------
+  // Remove any padding from the body
+  body {
+    padding-top: 0;
+  }
+  // Unfix the navbars
+  .navbar-fixed-top,
+  .navbar-fixed-bottom {
+    position: static;
+  }
+  .navbar-fixed-top {
+    margin-bottom: @baseLineHeight;
+  }
+  .navbar-fixed-bottom {
+    margin-top: @baseLineHeight;
+  }
+  .navbar-fixed-top .navbar-inner,
+  .navbar-fixed-bottom .navbar-inner {
+    padding: 5px;
+  }
+  .navbar .container {
+    width: auto;
+    padding: 0;
+  }
+  // Account for brand name
+  .navbar .brand {
+    padding-left: 10px;
+    padding-right: 10px;
+    margin: 0 0 0 -5px;
+  }
+
+  // COLLAPSIBLE NAVBAR
+  // ------------------
+  // Nav collapse clears brand
+  .nav-collapse {
+    clear: both;
+  }
+  // Block-level the nav
+  .nav-collapse .nav {
+    float: none;
+    margin: 0 0 (@baseLineHeight / 2);
+  }
+  .nav-collapse .nav > li {
+    float: none;
+  }
+  .nav-collapse .nav > li > a {
+    margin-bottom: 2px;
+  }
+  .nav-collapse .nav > .divider-vertical {
+    display: none;
+  }
+  .nav-collapse .nav .nav-header {
+    color: @navbarText;
+    text-shadow: none;
+  }
+  // Nav and dropdown links in navbar
+  .nav-collapse .nav > li > a,
+  .nav-collapse .dropdown-menu a {
+    padding: 9px 15px;
+    font-weight: bold;
+    color: @navbarLinkColor;
+    .border-radius(3px);
+  }
+  // Buttons
+  .nav-collapse .btn {
+    padding: 4px 10px 4px;
+    font-weight: normal;
+    .border-radius(@baseBorderRadius);
+  }
+  .nav-collapse .dropdown-menu li + li a {
+    margin-bottom: 2px;
+  }
+  .nav-collapse .nav > li > a:hover,
+  .nav-collapse .nav > li > a:focus,
+  .nav-collapse .dropdown-menu a:hover,
+  .nav-collapse .dropdown-menu a:focus {
+    background-color: @navbarBackground;
+  }
+  .navbar-inverse .nav-collapse .nav > li > a,
+  .navbar-inverse .nav-collapse .dropdown-menu a {
+    color: @navbarInverseLinkColor;
+  }
+  .navbar-inverse .nav-collapse .nav > li > a:hover,
+  .navbar-inverse .nav-collapse .nav > li > a:focus,
+  .navbar-inverse .nav-collapse .dropdown-menu a:hover,
+  .navbar-inverse .nav-collapse .dropdown-menu a:focus {
+    background-color: @navbarInverseBackground;
+  }
+  // Buttons in the navbar
+  .nav-collapse.in .btn-group {
+    margin-top: 5px;
+    padding: 0;
+  }
+  // Dropdowns in the navbar
+  .nav-collapse .dropdown-menu {
+    position: static;
+    top: auto;
+    left: auto;
+    float: none;
+    display: none;
+    max-width: none;
+    margin: 0 15px;
+    padding: 0;
+    background-color: transparent;
+    border: none;
+    .border-radius(0);
+    .box-shadow(none);
+  }
+  .nav-collapse .open > .dropdown-menu { 
+    display: block; 
+  }
+
+  .nav-collapse .dropdown-menu:before,
+  .nav-collapse .dropdown-menu:after {
+    display: none;
+  }
+  .nav-collapse .dropdown-menu .divider {
+    display: none;
+  }
+  .nav-collapse .nav > li > .dropdown-menu {
+    &:before,
+    &:after {
+      display: none;
+    }
+  }
+  // Forms in navbar
+  .nav-collapse .navbar-form,
+  .nav-collapse .navbar-search {
+    float: none;
+    padding: (@baseLineHeight / 2) 15px;
+    margin: (@baseLineHeight / 2) 0;
+    border-top: 1px solid @navbarBackground;
+    border-bottom: 1px solid @navbarBackground;
+    .box-shadow(~"inset 0 1px 0 rgba(255,255,255,.1), 0 1px 0 rgba(255,255,255,.1)");
+  }
+  .navbar-inverse .nav-collapse .navbar-form,
+  .navbar-inverse .nav-collapse .navbar-search {
+    border-top-color: @navbarInverseBackground;
+    border-bottom-color: @navbarInverseBackground;
+  }
+  // Pull right (secondary) nav content
+  .navbar .nav-collapse .nav.pull-right {
+    float: none;
+    margin-left: 0;
+  }
+  // Hide everything in the navbar save .brand and toggle button */
+  .nav-collapse,
+  .nav-collapse.collapse {
+    overflow: hidden;
+    height: 0;
+  }
+  // Navbar button
+  .navbar .btn-navbar {
+    display: block;
+  }
+
+  // STATIC NAVBAR
+  // -------------
+  .navbar-static .navbar-inner {
+    padding-left:  10px;
+    padding-right: 10px;
+  }
+
+
+}
+
+
+// DEFAULT DESKTOP
+// ---------------
+
+@media (min-width: @navbarCollapseDesktopWidth) {
+
+  // Required to make the collapsing navbar work on regular desktops
+  .nav-collapse.collapse {
+    height: auto !important;
+    overflow: visible !important;
+  }
+
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/responsive-utilities.less b/openid-connect-server-webapp/src/main/webapp/less/responsive-utilities.less
new file mode 100644
index 000000000..bf43e8ef7
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/responsive-utilities.less
@@ -0,0 +1,59 @@
+//
+// Responsive: Utility classes
+// --------------------------------------------------
+
+
+// IE10 Metro responsive
+// Required for Windows 8 Metro split-screen snapping with IE10
+// Source: http://timkadlec.com/2012/10/ie10-snap-mode-and-responsive-design/
+@-ms-viewport{
+  width: device-width;
+}
+
+// Hide from screenreaders and browsers
+// Credit: HTML5 Boilerplate
+.hidden {
+  display: none;
+  visibility: hidden;
+}
+
+// Visibility utilities
+
+// For desktops
+.visible-phone     { display: none !important; }
+.visible-tablet    { display: none !important; }
+.hidden-phone      { }
+.hidden-tablet     { }
+.hidden-desktop    { display: none !important; }
+.visible-desktop   { display: inherit !important; }
+
+// Tablets & small desktops only
+@media (min-width: 768px) and (max-width: 979px) {
+  // Hide everything else
+  .hidden-desktop    { display: inherit !important; }
+  .visible-desktop   { display: none !important ; }
+  // Show
+  .visible-tablet    { display: inherit !important; }
+  // Hide
+  .hidden-tablet     { display: none !important; }
+}
+
+// Phones only
+@media (max-width: 767px) {
+  // Hide everything else
+  .hidden-desktop    { display: inherit !important; }
+  .visible-desktop   { display: none !important; }
+  // Show
+  .visible-phone     { display: inherit !important; } // Use inherit to restore previous behavior
+  // Hide
+  .hidden-phone      { display: none !important; }
+}
+
+// Print utilities
+.visible-print    { display: none !important; }
+.hidden-print     { }
+
+@media print {
+  .visible-print  { display: inherit !important; }
+  .hidden-print   { display: none !important; }
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/scaffolding.less b/openid-connect-server-webapp/src/main/webapp/less/scaffolding.less
new file mode 100644
index 000000000..f17e8cadb
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/scaffolding.less
@@ -0,0 +1,53 @@
+//
+// Scaffolding
+// --------------------------------------------------
+
+
+// Body reset
+// -------------------------
+
+body {
+  margin: 0;
+  font-family: @baseFontFamily;
+  font-size: @baseFontSize;
+  line-height: @baseLineHeight;
+  color: @textColor;
+  background-color: @bodyBackground;
+}
+
+
+// Links
+// -------------------------
+
+a {
+  color: @linkColor;
+  text-decoration: none;
+}
+a:hover,
+a:focus {
+  color: @linkColorHover;
+  text-decoration: underline;
+}
+
+
+// Images
+// -------------------------
+
+// Rounded corners
+.img-rounded {
+  .border-radius(6px);
+}
+
+// Add polaroid-esque trim
+.img-polaroid {
+  padding: 4px;
+  background-color: #fff;
+  border: 1px solid #ccc;
+  border: 1px solid rgba(0,0,0,.2);
+  .box-shadow(0 1px 3px rgba(0,0,0,.1));
+}
+
+// Perfect circle
+.img-circle {
+  .border-radius(500px); // crank the border-radius so it works with most reasonably sized images
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/sprites.less b/openid-connect-server-webapp/src/main/webapp/less/sprites.less
new file mode 100644
index 000000000..1812bf71a
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/sprites.less
@@ -0,0 +1,197 @@
+//
+// Sprites
+// --------------------------------------------------
+
+
+// ICONS
+// -----
+
+// All icons receive the styles of the <i> tag with a base class
+// of .i and are then given a unique class to add width, height,
+// and background-position. Your resulting HTML will look like
+// <i class="icon-inbox"></i>.
+
+// For the white version of the icons, just add the .icon-white class:
+// <i class="icon-inbox icon-white"></i>
+
+[class^="icon-"],
+[class*=" icon-"] {
+  display: inline-block;
+  width: 14px;
+  height: 14px;
+  .ie7-restore-right-whitespace();
+  line-height: 14px;
+  vertical-align: text-top;
+  background-image: url("@{iconSpritePath}");
+  background-position: 14px 14px;
+  background-repeat: no-repeat;
+  margin-top: 1px;
+}
+
+/* White icons with optional class, or on hover/focus/active states of certain elements */
+.icon-white,
+.nav-pills > .active > a > [class^="icon-"],
+.nav-pills > .active > a > [class*=" icon-"],
+.nav-list > .active > a > [class^="icon-"],
+.nav-list > .active > a > [class*=" icon-"],
+.navbar-inverse .nav > .active > a > [class^="icon-"],
+.navbar-inverse .nav > .active > a > [class*=" icon-"],
+.dropdown-menu > li > a:hover > [class^="icon-"],
+.dropdown-menu > li > a:focus > [class^="icon-"],
+.dropdown-menu > li > a:hover > [class*=" icon-"],
+.dropdown-menu > li > a:focus > [class*=" icon-"],
+.dropdown-menu > .active > a > [class^="icon-"],
+.dropdown-menu > .active > a > [class*=" icon-"],
+.dropdown-submenu:hover > a > [class^="icon-"],
+.dropdown-submenu:focus > a > [class^="icon-"],
+.dropdown-submenu:hover > a > [class*=" icon-"],
+.dropdown-submenu:focus > a > [class*=" icon-"] {
+  background-image: url("@{iconWhiteSpritePath}");
+}
+
+.icon-glass              { background-position: 0      0; }
+.icon-music              { background-position: -24px  0; }
+.icon-search             { background-position: -48px  0; }
+.icon-envelope           { background-position: -72px  0; }
+.icon-heart              { background-position: -96px  0; }
+.icon-star               { background-position: -120px 0; }
+.icon-star-empty         { background-position: -144px 0; }
+.icon-user               { background-position: -168px 0; }
+.icon-film               { background-position: -192px 0; }
+.icon-th-large           { background-position: -216px 0; }
+.icon-th                 { background-position: -240px 0; }
+.icon-th-list            { background-position: -264px 0; }
+.icon-ok                 { background-position: -288px 0; }
+.icon-remove             { background-position: -312px 0; }
+.icon-zoom-in            { background-position: -336px 0; }
+.icon-zoom-out           { background-position: -360px 0; }
+.icon-off                { background-position: -384px 0; }
+.icon-signal             { background-position: -408px 0; }
+.icon-cog                { background-position: -432px 0; }
+.icon-trash              { background-position: -456px 0; }
+
+.icon-home               { background-position: 0      -24px; }
+.icon-file               { background-position: -24px  -24px; }
+.icon-time               { background-position: -48px  -24px; }
+.icon-road               { background-position: -72px  -24px; }
+.icon-download-alt       { background-position: -96px  -24px; }
+.icon-download           { background-position: -120px -24px; }
+.icon-upload             { background-position: -144px -24px; }
+.icon-inbox              { background-position: -168px -24px; }
+.icon-play-circle        { background-position: -192px -24px; }
+.icon-repeat             { background-position: -216px -24px; }
+.icon-refresh            { background-position: -240px -24px; }
+.icon-list-alt           { background-position: -264px -24px; }
+.icon-lock               { background-position: -287px -24px; } // 1px off
+.icon-flag               { background-position: -312px -24px; }
+.icon-headphones         { background-position: -336px -24px; }
+.icon-volume-off         { background-position: -360px -24px; }
+.icon-volume-down        { background-position: -384px -24px; }
+.icon-volume-up          { background-position: -408px -24px; }
+.icon-qrcode             { background-position: -432px -24px; }
+.icon-barcode            { background-position: -456px -24px; }
+
+.icon-tag                { background-position: 0      -48px; }
+.icon-tags               { background-position: -25px  -48px; } // 1px off
+.icon-book               { background-position: -48px  -48px; }
+.icon-bookmark           { background-position: -72px  -48px; }
+.icon-print              { background-position: -96px  -48px; }
+.icon-camera             { background-position: -120px -48px; }
+.icon-font               { background-position: -144px -48px; }
+.icon-bold               { background-position: -167px -48px; } // 1px off
+.icon-italic             { background-position: -192px -48px; }
+.icon-text-height        { background-position: -216px -48px; }
+.icon-text-width         { background-position: -240px -48px; }
+.icon-align-left         { background-position: -264px -48px; }
+.icon-align-center       { background-position: -288px -48px; }
+.icon-align-right        { background-position: -312px -48px; }
+.icon-align-justify      { background-position: -336px -48px; }
+.icon-list               { background-position: -360px -48px; }
+.icon-indent-left        { background-position: -384px -48px; }
+.icon-indent-right       { background-position: -408px -48px; }
+.icon-facetime-video     { background-position: -432px -48px; }
+.icon-picture            { background-position: -456px -48px; }
+
+.icon-pencil             { background-position: 0      -72px; }
+.icon-map-marker         { background-position: -24px  -72px; }
+.icon-adjust             { background-position: -48px  -72px; }
+.icon-tint               { background-position: -72px  -72px; }
+.icon-edit               { background-position: -96px  -72px; }
+.icon-share              { background-position: -120px -72px; }
+.icon-check              { background-position: -144px -72px; }
+.icon-move               { background-position: -168px -72px; }
+.icon-step-backward      { background-position: -192px -72px; }
+.icon-fast-backward      { background-position: -216px -72px; }
+.icon-backward           { background-position: -240px -72px; }
+.icon-play               { background-position: -264px -72px; }
+.icon-pause              { background-position: -288px -72px; }
+.icon-stop               { background-position: -312px -72px; }
+.icon-forward            { background-position: -336px -72px; }
+.icon-fast-forward       { background-position: -360px -72px; }
+.icon-step-forward       { background-position: -384px -72px; }
+.icon-eject              { background-position: -408px -72px; }
+.icon-chevron-left       { background-position: -432px -72px; }
+.icon-chevron-right      { background-position: -456px -72px; }
+
+.icon-plus-sign          { background-position: 0      -96px; }
+.icon-minus-sign         { background-position: -24px  -96px; }
+.icon-remove-sign        { background-position: -48px  -96px; }
+.icon-ok-sign            { background-position: -72px  -96px; }
+.icon-question-sign      { background-position: -96px  -96px; }
+.icon-info-sign          { background-position: -120px -96px; }
+.icon-screenshot         { background-position: -144px -96px; }
+.icon-remove-circle      { background-position: -168px -96px; }
+.icon-ok-circle          { background-position: -192px -96px; }
+.icon-ban-circle         { background-position: -216px -96px; }
+.icon-arrow-left         { background-position: -240px -96px; }
+.icon-arrow-right        { background-position: -264px -96px; }
+.icon-arrow-up           { background-position: -289px -96px; } // 1px off
+.icon-arrow-down         { background-position: -312px -96px; }
+.icon-share-alt          { background-position: -336px -96px; }
+.icon-resize-full        { background-position: -360px -96px; }
+.icon-resize-small       { background-position: -384px -96px; }
+.icon-plus               { background-position: -408px -96px; }
+.icon-minus              { background-position: -433px -96px; }
+.icon-asterisk           { background-position: -456px -96px; }
+
+.icon-exclamation-sign   { background-position: 0      -120px; }
+.icon-gift               { background-position: -24px  -120px; }
+.icon-leaf               { background-position: -48px  -120px; }
+.icon-fire               { background-position: -72px  -120px; }
+.icon-eye-open           { background-position: -96px  -120px; }
+.icon-eye-close          { background-position: -120px -120px; }
+.icon-warning-sign       { background-position: -144px -120px; }
+.icon-plane              { background-position: -168px -120px; }
+.icon-calendar           { background-position: -192px -120px; }
+.icon-random             { background-position: -216px -120px; width: 16px; }
+.icon-comment            { background-position: -240px -120px; }
+.icon-magnet             { background-position: -264px -120px; }
+.icon-chevron-up         { background-position: -288px -120px; }
+.icon-chevron-down       { background-position: -313px -119px; } // 1px, 1px off
+.icon-retweet            { background-position: -336px -120px; }
+.icon-shopping-cart      { background-position: -360px -120px; }
+.icon-folder-close       { background-position: -384px -120px; width: 16px; }
+.icon-folder-open        { background-position: -408px -120px; width: 16px; }
+.icon-resize-vertical    { background-position: -432px -119px; } // 1px, 1px off
+.icon-resize-horizontal  { background-position: -456px -118px; } // 1px, 2px off
+
+.icon-hdd                     { background-position: 0      -144px; }
+.icon-bullhorn                { background-position: -24px  -144px; }
+.icon-bell                    { background-position: -48px  -144px; }
+.icon-certificate             { background-position: -72px  -144px; }
+.icon-thumbs-up               { background-position: -96px  -144px; }
+.icon-thumbs-down             { background-position: -120px -144px; }
+.icon-hand-right              { background-position: -144px -144px; }
+.icon-hand-left               { background-position: -168px -144px; }
+.icon-hand-up                 { background-position: -192px -144px; }
+.icon-hand-down               { background-position: -216px -144px; }
+.icon-circle-arrow-right      { background-position: -240px -144px; }
+.icon-circle-arrow-left       { background-position: -264px -144px; }
+.icon-circle-arrow-up         { background-position: -288px -144px; }
+.icon-circle-arrow-down       { background-position: -312px -144px; }
+.icon-globe                   { background-position: -336px -144px; }
+.icon-wrench                  { background-position: -360px -144px; }
+.icon-tasks                   { background-position: -384px -144px; }
+.icon-filter                  { background-position: -408px -144px; }
+.icon-briefcase               { background-position: -432px -144px; }
+.icon-fullscreen              { background-position: -456px -144px; }
diff --git a/openid-connect-server-webapp/src/main/webapp/less/tables.less b/openid-connect-server-webapp/src/main/webapp/less/tables.less
new file mode 100644
index 000000000..0e35271e1
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/tables.less
@@ -0,0 +1,244 @@
+//
+// Tables
+// --------------------------------------------------
+
+
+// BASE TABLES
+// -----------------
+
+table {
+  max-width: 100%;
+  background-color: @tableBackground;
+  border-collapse: collapse;
+  border-spacing: 0;
+}
+
+// BASELINE STYLES
+// ---------------
+
+.table {
+  width: 100%;
+  margin-bottom: @baseLineHeight;
+  // Cells
+  th,
+  td {
+    padding: 8px;
+    line-height: @baseLineHeight;
+    text-align: left;
+    vertical-align: top;
+    border-top: 1px solid @tableBorder;
+  }
+  th {
+    font-weight: bold;
+  }
+  // Bottom align for column headings
+  thead th {
+    vertical-align: bottom;
+  }
+  // Remove top border from thead by default
+  caption + thead tr:first-child th,
+  caption + thead tr:first-child td,
+  colgroup + thead tr:first-child th,
+  colgroup + thead tr:first-child td,
+  thead:first-child tr:first-child th,
+  thead:first-child tr:first-child td {
+    border-top: 0;
+  }
+  // Account for multiple tbody instances
+  tbody + tbody {
+    border-top: 2px solid @tableBorder;
+  }
+
+  // Nesting
+  .table {
+    background-color: @bodyBackground;
+  }
+}
+
+
+
+// CONDENSED TABLE W/ HALF PADDING
+// -------------------------------
+
+.table-condensed {
+  th,
+  td {
+    padding: 4px 5px;
+  }
+}
+
+
+// BORDERED VERSION
+// ----------------
+
+.table-bordered {
+  border: 1px solid @tableBorder;
+  border-collapse: separate; // Done so we can round those corners!
+  *border-collapse: collapse; // IE7 can't round corners anyway
+  border-left: 0;
+  .border-radius(@baseBorderRadius);
+  th,
+  td {
+    border-left: 1px solid @tableBorder;
+  }
+  // Prevent a double border
+  caption + thead tr:first-child th,
+  caption + tbody tr:first-child th,
+  caption + tbody tr:first-child td,
+  colgroup + thead tr:first-child th,
+  colgroup + tbody tr:first-child th,
+  colgroup + tbody tr:first-child td,
+  thead:first-child tr:first-child th,
+  tbody:first-child tr:first-child th,
+  tbody:first-child tr:first-child td {
+    border-top: 0;
+  }
+  // For first th/td in the first row in the first thead or tbody
+  thead:first-child tr:first-child > th:first-child,
+  tbody:first-child tr:first-child > td:first-child,
+  tbody:first-child tr:first-child > th:first-child {
+    .border-top-left-radius(@baseBorderRadius);
+  }
+  // For last th/td in the first row in the first thead or tbody
+  thead:first-child tr:first-child > th:last-child,
+  tbody:first-child tr:first-child > td:last-child,
+  tbody:first-child tr:first-child > th:last-child {
+    .border-top-right-radius(@baseBorderRadius);
+  }
+  // For first th/td (can be either) in the last row in the last thead, tbody, and tfoot
+  thead:last-child tr:last-child > th:first-child,
+  tbody:last-child tr:last-child > td:first-child,
+  tbody:last-child tr:last-child > th:first-child,
+  tfoot:last-child tr:last-child > td:first-child,
+  tfoot:last-child tr:last-child > th:first-child {
+    .border-bottom-left-radius(@baseBorderRadius);
+  }
+  // For last th/td (can be either) in the last row in the last thead, tbody, and tfoot
+  thead:last-child tr:last-child > th:last-child,
+  tbody:last-child tr:last-child > td:last-child,
+  tbody:last-child tr:last-child > th:last-child,
+  tfoot:last-child tr:last-child > td:last-child,
+  tfoot:last-child tr:last-child > th:last-child {
+    .border-bottom-right-radius(@baseBorderRadius);
+  }
+
+  // Clear border-radius for first and last td in the last row in the last tbody for table with tfoot
+  tfoot + tbody:last-child tr:last-child td:first-child {
+    .border-bottom-left-radius(0);
+  }
+  tfoot + tbody:last-child tr:last-child td:last-child {
+    .border-bottom-right-radius(0);
+  }
+
+  // Special fixes to round the left border on the first td/th
+  caption + thead tr:first-child th:first-child,
+  caption + tbody tr:first-child td:first-child,
+  colgroup + thead tr:first-child th:first-child,
+  colgroup + tbody tr:first-child td:first-child {
+    .border-top-left-radius(@baseBorderRadius);
+  }
+  caption + thead tr:first-child th:last-child,
+  caption + tbody tr:first-child td:last-child,
+  colgroup + thead tr:first-child th:last-child,
+  colgroup + tbody tr:first-child td:last-child {
+    .border-top-right-radius(@baseBorderRadius);
+  }
+
+}
+
+
+
+
+// ZEBRA-STRIPING
+// --------------
+
+// Default zebra-stripe styles (alternating gray and transparent backgrounds)
+.table-striped {
+  tbody {
+    > tr:nth-child(odd) > td,
+    > tr:nth-child(odd) > th {
+      background-color: @tableBackgroundAccent;
+    }
+  }
+}
+
+
+// HOVER EFFECT
+// ------------
+// Placed here since it has to come after the potential zebra striping
+.table-hover {
+  tbody {
+    tr:hover > td,
+    tr:hover > th {
+      background-color: @tableBackgroundHover;
+    }
+  }
+}
+
+
+// TABLE CELL SIZING
+// -----------------
+
+// Reset default grid behavior
+table td[class*="span"],
+table th[class*="span"],
+.row-fluid table td[class*="span"],
+.row-fluid table th[class*="span"] {
+  display: table-cell;
+  float: none; // undo default grid column styles
+  margin-left: 0; // undo default grid column styles
+}
+
+// Change the column widths to account for td/th padding
+.table td,
+.table th {
+  &.span1     { .tableColumns(1); }
+  &.span2     { .tableColumns(2); }
+  &.span3     { .tableColumns(3); }
+  &.span4     { .tableColumns(4); }
+  &.span5     { .tableColumns(5); }
+  &.span6     { .tableColumns(6); }
+  &.span7     { .tableColumns(7); }
+  &.span8     { .tableColumns(8); }
+  &.span9     { .tableColumns(9); }
+  &.span10    { .tableColumns(10); }
+  &.span11    { .tableColumns(11); }
+  &.span12    { .tableColumns(12); }
+}
+
+
+
+// TABLE BACKGROUNDS
+// -----------------
+// Exact selectors below required to override .table-striped
+
+.table tbody tr {
+  &.success > td {
+    background-color: @successBackground;
+  }
+  &.error > td {
+    background-color: @errorBackground;
+  }
+  &.warning > td {
+    background-color: @warningBackground;
+  }
+  &.info > td {
+    background-color: @infoBackground;
+  }
+}
+
+// Hover states for .table-hover
+.table-hover tbody tr {
+  &.success:hover > td {
+    background-color: darken(@successBackground, 5%);
+  }
+  &.error:hover > td {
+    background-color: darken(@errorBackground, 5%);
+  }
+  &.warning:hover > td {
+    background-color: darken(@warningBackground, 5%);
+  }
+  &.info:hover > td {
+    background-color: darken(@infoBackground, 5%);
+  }
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/thumbnails.less b/openid-connect-server-webapp/src/main/webapp/less/thumbnails.less
new file mode 100644
index 000000000..4fd07d253
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/thumbnails.less
@@ -0,0 +1,53 @@
+//
+// Thumbnails
+// --------------------------------------------------
+
+
+// Note: `.thumbnails` and `.thumbnails > li` are overriden in responsive files
+
+// Make wrapper ul behave like the grid
+.thumbnails {
+  margin-left: -@gridGutterWidth;
+  list-style: none;
+  .clearfix();
+}
+// Fluid rows have no left margin
+.row-fluid .thumbnails {
+  margin-left: 0;
+}
+
+// Float li to make thumbnails appear in a row
+.thumbnails > li {
+  float: left; // Explicity set the float since we don't require .span* classes
+  margin-bottom: @baseLineHeight;
+  margin-left: @gridGutterWidth;
+}
+
+// The actual thumbnail (can be `a` or `div`)
+.thumbnail {
+  display: block;
+  padding: 4px;
+  line-height: @baseLineHeight;
+  border: 1px solid #ddd;
+  .border-radius(@baseBorderRadius);
+  .box-shadow(0 1px 3px rgba(0,0,0,.055));
+  .transition(all .2s ease-in-out);
+}
+// Add a hover/focus state for linked versions only
+a.thumbnail:hover,
+a.thumbnail:focus {
+  border-color: @linkColor;
+  .box-shadow(0 1px 4px rgba(0,105,214,.25));
+}
+
+// Images and captions
+.thumbnail > img {
+  display: block;
+  max-width: 100%;
+  margin-left: auto;
+  margin-right: auto;
+}
+.thumbnail .caption {
+  padding: 9px;
+  color: @gray;
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/tooltip.less b/openid-connect-server-webapp/src/main/webapp/less/tooltip.less
new file mode 100644
index 000000000..83d5f2bd7
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/tooltip.less
@@ -0,0 +1,70 @@
+//
+// Tooltips
+// --------------------------------------------------
+
+
+// Base class
+.tooltip {
+  position: absolute;
+  z-index: @zindexTooltip;
+  display: block;
+  visibility: visible;
+  font-size: 11px;
+  line-height: 1.4;
+  .opacity(0);
+  &.in     { .opacity(80); }
+  &.top    { margin-top:  -3px; padding: 5px 0; }
+  &.right  { margin-left:  3px; padding: 0 5px; }
+  &.bottom { margin-top:   3px; padding: 5px 0; }
+  &.left   { margin-left: -3px; padding: 0 5px; }
+}
+
+// Wrapper for the tooltip content
+.tooltip-inner {
+  max-width: 200px;
+  padding: 8px;
+  color: @tooltipColor;
+  text-align: center;
+  text-decoration: none;
+  background-color: @tooltipBackground;
+  .border-radius(@baseBorderRadius);
+}
+
+// Arrows
+.tooltip-arrow {
+  position: absolute;
+  width: 0;
+  height: 0;
+  border-color: transparent;
+  border-style: solid;
+}
+.tooltip {
+  &.top .tooltip-arrow {
+    bottom: 0;
+    left: 50%;
+    margin-left: -@tooltipArrowWidth;
+    border-width: @tooltipArrowWidth @tooltipArrowWidth 0;
+    border-top-color: @tooltipArrowColor;
+  }
+  &.right .tooltip-arrow {
+    top: 50%;
+    left: 0;
+    margin-top: -@tooltipArrowWidth;
+    border-width: @tooltipArrowWidth @tooltipArrowWidth @tooltipArrowWidth 0;
+    border-right-color: @tooltipArrowColor;
+  }
+  &.left .tooltip-arrow {
+    top: 50%;
+    right: 0;
+    margin-top: -@tooltipArrowWidth;
+    border-width: @tooltipArrowWidth 0 @tooltipArrowWidth @tooltipArrowWidth;
+    border-left-color: @tooltipArrowColor;
+  }
+  &.bottom .tooltip-arrow {
+    top: 0;
+    left: 50%;
+    margin-left: -@tooltipArrowWidth;
+    border-width: 0 @tooltipArrowWidth @tooltipArrowWidth;
+    border-bottom-color: @tooltipArrowColor;
+  }
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/type.less b/openid-connect-server-webapp/src/main/webapp/less/type.less
new file mode 100644
index 000000000..6a472db49
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/type.less
@@ -0,0 +1,247 @@
+//
+// Typography
+// --------------------------------------------------
+
+
+// Body text
+// -------------------------
+
+p {
+  margin: 0 0 @baseLineHeight / 2;
+}
+.lead {
+  margin-bottom: @baseLineHeight;
+  font-size: @baseFontSize * 1.5;
+  font-weight: 200;
+  line-height: @baseLineHeight * 1.5;
+}
+
+
+// Emphasis & misc
+// -------------------------
+
+// Ex: 14px base font * 85% = about 12px
+small   { font-size: 85%; }
+
+strong  { font-weight: bold; }
+em      { font-style: italic; }
+cite    { font-style: normal; }
+
+// Utility classes
+.muted               { color: @grayLight; }
+a.muted:hover,
+a.muted:focus        { color: darken(@grayLight, 10%); }
+
+.text-warning        { color: @warningText; }
+a.text-warning:hover,
+a.text-warning:focus { color: darken(@warningText, 10%); }
+
+.text-error          { color: @errorText; }
+a.text-error:hover,
+a.text-error:focus   { color: darken(@errorText, 10%); }
+
+.text-info           { color: @infoText; }
+a.text-info:hover,
+a.text-info:focus    { color: darken(@infoText, 10%); }
+
+.text-success        { color: @successText; }
+a.text-success:hover,
+a.text-success:focus { color: darken(@successText, 10%); }
+
+.text-left           { text-align: left; }
+.text-right          { text-align: right; }
+.text-center         { text-align: center; }
+
+
+// Headings
+// -------------------------
+
+h1, h2, h3, h4, h5, h6 {
+  margin: (@baseLineHeight / 2) 0;
+  font-family: @headingsFontFamily;
+  font-weight: @headingsFontWeight;
+  line-height: @baseLineHeight;
+  color: @headingsColor;
+  text-rendering: optimizelegibility; // Fix the character spacing for headings
+  small {
+    font-weight: normal;
+    line-height: 1;
+    color: @grayLight;
+  }
+}
+
+h1,
+h2,
+h3 { line-height: @baseLineHeight * 2; }
+
+h1 { font-size: @baseFontSize * 2.75; } // ~38px
+h2 { font-size: @baseFontSize * 2.25; } // ~32px
+h3 { font-size: @baseFontSize * 1.75; } // ~24px
+h4 { font-size: @baseFontSize * 1.25; } // ~18px
+h5 { font-size: @baseFontSize; }
+h6 { font-size: @baseFontSize * 0.85; } // ~12px
+
+h1 small { font-size: @baseFontSize * 1.75; } // ~24px
+h2 small { font-size: @baseFontSize * 1.25; } // ~18px
+h3 small { font-size: @baseFontSize; }
+h4 small { font-size: @baseFontSize; }
+
+
+// Page header
+// -------------------------
+
+.page-header {
+  padding-bottom: (@baseLineHeight / 2) - 1;
+  margin: @baseLineHeight 0 (@baseLineHeight * 1.5);
+  border-bottom: 1px solid @grayLighter;
+}
+
+
+
+// Lists
+// --------------------------------------------------
+
+// Unordered and Ordered lists
+ul, ol {
+  padding: 0;
+  margin: 0 0 @baseLineHeight / 2 25px;
+}
+ul ul,
+ul ol,
+ol ol,
+ol ul {
+  margin-bottom: 0;
+}
+li {
+  line-height: @baseLineHeight;
+}
+
+// Remove default list styles
+ul.unstyled,
+ol.unstyled {
+  margin-left: 0;
+  list-style: none;
+}
+
+// Single-line list items
+ul.inline,
+ol.inline {
+  margin-left: 0;
+  list-style: none;
+  > li {
+    display: inline-block;
+    .ie7-inline-block();
+    padding-left: 5px;
+    padding-right: 5px;
+  }
+}
+
+// Description Lists
+dl {
+  margin-bottom: @baseLineHeight;
+}
+dt,
+dd {
+  line-height: @baseLineHeight;
+}
+dt {
+  font-weight: bold;
+}
+dd {
+  margin-left: @baseLineHeight / 2;
+}
+// Horizontal layout (like forms)
+.dl-horizontal {
+  .clearfix(); // Ensure dl clears floats if empty dd elements present
+  dt {
+    float: left;
+    width: @horizontalComponentOffset - 20;
+    clear: left;
+    text-align: right;
+    .text-overflow();
+  }
+  dd {
+    margin-left: @horizontalComponentOffset;
+  }
+}
+
+// MISC
+// ----
+
+// Horizontal rules
+hr {
+  margin: @baseLineHeight 0;
+  border: 0;
+  border-top: 1px solid @hrBorder;
+  border-bottom: 1px solid @white;
+}
+
+// Abbreviations and acronyms
+abbr[title],
+// Added data-* attribute to help out our tooltip plugin, per https://github.com/twbs/bootstrap/issues/5257
+abbr[data-original-title] {
+  cursor: help;
+  border-bottom: 1px dotted @grayLight;
+}
+abbr.initialism {
+  font-size: 90%;
+  text-transform: uppercase;
+}
+
+// Blockquotes
+blockquote {
+  padding: 0 0 0 15px;
+  margin: 0 0 @baseLineHeight;
+  border-left: 5px solid @grayLighter;
+  p {
+    margin-bottom: 0;
+    font-size: @baseFontSize * 1.25;
+    font-weight: 300;
+    line-height: 1.25;
+  }
+  small {
+    display: block;
+    line-height: @baseLineHeight;
+    color: @grayLight;
+    &:before {
+      content: '\2014 \00A0';
+    }
+  }
+
+  // Float right with text-align: right
+  &.pull-right {
+    float: right;
+    padding-right: 15px;
+    padding-left: 0;
+    border-right: 5px solid @grayLighter;
+    border-left: 0;
+    p,
+    small {
+      text-align: right;
+    }
+    small {
+      &:before {
+        content: '';
+      }
+      &:after {
+        content: '\00A0 \2014';
+      }
+    }
+  }
+}
+
+// Quotes
+q:before,
+q:after,
+blockquote:before,
+blockquote:after {
+  content: "";
+}
+
+// Addresses
+address {
+  display: block;
+  margin-bottom: @baseLineHeight;
+  font-style: normal;
+  line-height: @baseLineHeight;
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/utilities.less b/openid-connect-server-webapp/src/main/webapp/less/utilities.less
new file mode 100644
index 000000000..314b4ffdb
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/utilities.less
@@ -0,0 +1,30 @@
+//
+// Utility classes
+// --------------------------------------------------
+
+
+// Quick floats
+.pull-right {
+  float: right;
+}
+.pull-left {
+  float: left;
+}
+
+// Toggling content
+.hide {
+  display: none;
+}
+.show {
+  display: block;
+}
+
+// Visibility
+.invisible {
+  visibility: hidden;
+}
+
+// For Affix plugin
+.affix {
+  position: fixed;
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/less/variables.less b/openid-connect-server-webapp/src/main/webapp/less/variables.less
new file mode 100644
index 000000000..31c131b1e
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/variables.less
@@ -0,0 +1,301 @@
+//
+// Variables
+// --------------------------------------------------
+
+
+// Global values
+// --------------------------------------------------
+
+
+// Grays
+// -------------------------
+@black:                 #000;
+@grayDarker:            #222;
+@grayDark:              #333;
+@gray:                  #555;
+@grayLight:             #999;
+@grayLighter:           #eee;
+@white:                 #fff;
+
+
+// Accent colors
+// -------------------------
+@blue:                  #049cdb;
+@blueDark:              #0064cd;
+@green:                 #46a546;
+@red:                   #9d261d;
+@yellow:                #ffc40d;
+@orange:                #f89406;
+@pink:                  #c3325f;
+@purple:                #7a43b6;
+
+
+// Scaffolding
+// -------------------------
+@bodyBackground:        @white;
+@textColor:             @grayDark;
+
+
+// Links
+// -------------------------
+@linkColor:             #08c;
+@linkColorHover:        darken(@linkColor, 15%);
+
+
+// Typography
+// -------------------------
+@sansFontFamily:        "Helvetica Neue", Helvetica, Arial, sans-serif;
+@serifFontFamily:       Georgia, "Times New Roman", Times, serif;
+@monoFontFamily:        Monaco, Menlo, Consolas, "Courier New", monospace;
+
+@baseFontSize:          14px;
+@baseFontFamily:        @sansFontFamily;
+@baseLineHeight:        20px;
+@altFontFamily:         @serifFontFamily;
+
+@headingsFontFamily:    inherit; // empty to use BS default, @baseFontFamily
+@headingsFontWeight:    bold;    // instead of browser default, bold
+@headingsColor:         inherit; // empty to use BS default, @textColor
+
+
+// Component sizing
+// -------------------------
+// Based on 14px font-size and 20px line-height
+
+@fontSizeLarge:         @baseFontSize * 1.25; // ~18px
+@fontSizeSmall:         @baseFontSize * 0.85; // ~12px
+@fontSizeMini:          @baseFontSize * 0.75; // ~11px
+
+@paddingLarge:          11px 19px; // 44px
+@paddingSmall:          2px 10px;  // 26px
+@paddingMini:           0 6px;   // 22px
+
+@baseBorderRadius:      4px;
+@borderRadiusLarge:     6px;
+@borderRadiusSmall:     3px;
+
+
+// Tables
+// -------------------------
+@tableBackground:                   transparent; // overall background-color
+@tableBackgroundAccent:             #f9f9f9; // for striping
+@tableBackgroundHover:              #f5f5f5; // for hover
+@tableBorder:                       #ddd; // table and cell border
+
+// Buttons
+// -------------------------
+@btnBackground:                     @white;
+@btnBackgroundHighlight:            darken(@white, 10%);
+@btnBorder:                         #ccc;
+
+@btnPrimaryBackground:              @linkColor;
+@btnPrimaryBackgroundHighlight:     spin(@btnPrimaryBackground, 20%);
+
+@btnInfoBackground:                 #5bc0de;
+@btnInfoBackgroundHighlight:        #2f96b4;
+
+@btnSuccessBackground:              #62c462;
+@btnSuccessBackgroundHighlight:     #51a351;
+
+@btnWarningBackground:              lighten(@orange, 15%);
+@btnWarningBackgroundHighlight:     @orange;
+
+@btnDangerBackground:               #ee5f5b;
+@btnDangerBackgroundHighlight:      #bd362f;
+
+@btnInverseBackground:              #444;
+@btnInverseBackgroundHighlight:     @grayDarker;
+
+
+// Forms
+// -------------------------
+@inputBackground:               @white;
+@inputBorder:                   #ccc;
+@inputBorderRadius:             @baseBorderRadius;
+@inputDisabledBackground:       @grayLighter;
+@formActionsBackground:         #f5f5f5;
+@inputHeight:                   @baseLineHeight + 10px; // base line-height + 8px vertical padding + 2px top/bottom border
+
+
+// Dropdowns
+// -------------------------
+@dropdownBackground:            @white;
+@dropdownBorder:                rgba(0,0,0,.2);
+@dropdownDividerTop:            #e5e5e5;
+@dropdownDividerBottom:         @white;
+
+@dropdownLinkColor:             @grayDark;
+@dropdownLinkColorHover:        @white;
+@dropdownLinkColorActive:       @white;
+
+@dropdownLinkBackgroundActive:  @linkColor;
+@dropdownLinkBackgroundHover:   @dropdownLinkBackgroundActive;
+
+
+
+// COMPONENT VARIABLES
+// --------------------------------------------------
+
+
+// Z-index master list
+// -------------------------
+// Used for a bird's eye view of components dependent on the z-axis
+// Try to avoid customizing these :)
+@zindexDropdown:          1000;
+@zindexPopover:           1010;
+@zindexTooltip:           1030;
+@zindexFixedNavbar:       1030;
+@zindexModalBackdrop:     1040;
+@zindexModal:             1050;
+
+
+// Sprite icons path
+// -------------------------
+@iconSpritePath:          "../img/glyphicons-halflings.png";
+@iconWhiteSpritePath:     "../img/glyphicons-halflings-white.png";
+
+
+// Input placeholder text color
+// -------------------------
+@placeholderText:         @grayLight;
+
+
+// Hr border color
+// -------------------------
+@hrBorder:                @grayLighter;
+
+
+// Horizontal forms & lists
+// -------------------------
+@horizontalComponentOffset:       180px;
+
+
+// Wells
+// -------------------------
+@wellBackground:                  #f5f5f5;
+
+
+// Navbar
+// -------------------------
+@navbarCollapseWidth:             979px;
+@navbarCollapseDesktopWidth:      @navbarCollapseWidth + 1;
+
+@navbarHeight:                    40px;
+@navbarBackgroundHighlight:       #ffffff;
+@navbarBackground:                darken(@navbarBackgroundHighlight, 5%);
+@navbarBorder:                    darken(@navbarBackground, 12%);
+
+@navbarText:                      #777;
+@navbarLinkColor:                 #777;
+@navbarLinkColorHover:            @grayDark;
+@navbarLinkColorActive:           @gray;
+@navbarLinkBackgroundHover:       transparent;
+@navbarLinkBackgroundActive:      darken(@navbarBackground, 5%);
+
+@navbarBrandColor:                @navbarLinkColor;
+
+// Inverted navbar
+@navbarInverseBackground:                #111111;
+@navbarInverseBackgroundHighlight:       #222222;
+@navbarInverseBorder:                    #252525;
+
+@navbarInverseText:                      @grayLight;
+@navbarInverseLinkColor:                 @grayLight;
+@navbarInverseLinkColorHover:            @white;
+@navbarInverseLinkColorActive:           @navbarInverseLinkColorHover;
+@navbarInverseLinkBackgroundHover:       transparent;
+@navbarInverseLinkBackgroundActive:      @navbarInverseBackground;
+
+@navbarInverseSearchBackground:          lighten(@navbarInverseBackground, 25%);
+@navbarInverseSearchBackgroundFocus:     @white;
+@navbarInverseSearchBorder:              @navbarInverseBackground;
+@navbarInverseSearchPlaceholderColor:    #ccc;
+
+@navbarInverseBrandColor:                @navbarInverseLinkColor;
+
+
+// Pagination
+// -------------------------
+@paginationBackground:                #fff;
+@paginationBorder:                    #ddd;
+@paginationActiveBackground:          #f5f5f5;
+
+
+// Hero unit
+// -------------------------
+@heroUnitBackground:              @grayLighter;
+@heroUnitHeadingColor:            inherit;
+@heroUnitLeadColor:               inherit;
+
+
+// Form states and alerts
+// -------------------------
+@warningText:             #c09853;
+@warningBackground:       #fcf8e3;
+@warningBorder:           darken(spin(@warningBackground, -10), 3%);
+
+@errorText:               #b94a48;
+@errorBackground:         #f2dede;
+@errorBorder:             darken(spin(@errorBackground, -10), 3%);
+
+@successText:             #468847;
+@successBackground:       #dff0d8;
+@successBorder:           darken(spin(@successBackground, -10), 5%);
+
+@infoText:                #3a87ad;
+@infoBackground:          #d9edf7;
+@infoBorder:              darken(spin(@infoBackground, -10), 7%);
+
+
+// Tooltips and popovers
+// -------------------------
+@tooltipColor:            #fff;
+@tooltipBackground:       #000;
+@tooltipArrowWidth:       5px;
+@tooltipArrowColor:       @tooltipBackground;
+
+@popoverBackground:       #fff;
+@popoverArrowWidth:       10px;
+@popoverArrowColor:       #fff;
+@popoverTitleBackground:  darken(@popoverBackground, 3%);
+
+// Special enhancement for popovers
+@popoverArrowOuterWidth:  @popoverArrowWidth + 1;
+@popoverArrowOuterColor:  rgba(0,0,0,.25);
+
+
+
+// GRID
+// --------------------------------------------------
+
+
+// Default 940px grid
+// -------------------------
+@gridColumns:             12;
+@gridColumnWidth:         60px;
+@gridGutterWidth:         20px;
+@gridRowWidth:            (@gridColumns * @gridColumnWidth) + (@gridGutterWidth * (@gridColumns - 1));
+
+// 1200px min
+@gridColumnWidth1200:     70px;
+@gridGutterWidth1200:     30px;
+@gridRowWidth1200:        (@gridColumns * @gridColumnWidth1200) + (@gridGutterWidth1200 * (@gridColumns - 1));
+
+// 768px-979px
+@gridColumnWidth768:      42px;
+@gridGutterWidth768:      20px;
+@gridRowWidth768:         (@gridColumns * @gridColumnWidth768) + (@gridGutterWidth768 * (@gridColumns - 1));
+
+
+// Fluid grid
+// -------------------------
+@fluidGridColumnWidth:    percentage(@gridColumnWidth/@gridRowWidth);
+@fluidGridGutterWidth:    percentage(@gridGutterWidth/@gridRowWidth);
+
+// 1200px min
+@fluidGridColumnWidth1200:     percentage(@gridColumnWidth1200/@gridRowWidth1200);
+@fluidGridGutterWidth1200:     percentage(@gridGutterWidth1200/@gridRowWidth1200);
+
+// 768px-979px
+@fluidGridColumnWidth768:      percentage(@gridColumnWidth768/@gridRowWidth768);
+@fluidGridGutterWidth768:      percentage(@gridGutterWidth768/@gridRowWidth768);
diff --git a/openid-connect-server-webapp/src/main/webapp/less/wells.less b/openid-connect-server-webapp/src/main/webapp/less/wells.less
new file mode 100644
index 000000000..84a744b1c
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/less/wells.less
@@ -0,0 +1,29 @@
+//
+// Wells
+// --------------------------------------------------
+
+
+// Base class
+.well {
+  min-height: 20px;
+  padding: 19px;
+  margin-bottom: 20px;
+  background-color: @wellBackground;
+  border: 1px solid darken(@wellBackground, 7%);
+  .border-radius(@baseBorderRadius);
+  .box-shadow(inset 0 1px 1px rgba(0,0,0,.05));
+  blockquote {
+    border-color: #ddd;
+    border-color: rgba(0,0,0,.15);
+  }
+}
+
+// Sizes
+.well-large {
+  padding: 24px;
+  .border-radius(@borderRadiusLarge);
+}
+.well-small {
+  padding: 9px;
+  .border-radius(@borderRadiusSmall);
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/bootstrap2/img/glyphicons-halflings-white.png b/openid-connect-server-webapp/src/main/webapp/resources/bootstrap2/img/glyphicons-halflings-white.png
new file mode 100644
index 000000000..3bf6484a2
Binary files /dev/null and b/openid-connect-server-webapp/src/main/webapp/resources/bootstrap2/img/glyphicons-halflings-white.png differ
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/bootstrap2/img/glyphicons-halflings.png b/openid-connect-server-webapp/src/main/webapp/resources/bootstrap2/img/glyphicons-halflings.png
new file mode 100644
index 000000000..a99699932
Binary files /dev/null and b/openid-connect-server-webapp/src/main/webapp/resources/bootstrap2/img/glyphicons-halflings.png differ
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/bootstrap2/js/bootstrap.js b/openid-connect-server-webapp/src/main/webapp/resources/bootstrap2/js/bootstrap.js
new file mode 100644
index 000000000..44109f62d
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/bootstrap2/js/bootstrap.js
@@ -0,0 +1,2280 @@
+/* ===================================================
+ * bootstrap-transition.js v2.3.2
+ * http://getbootstrap.com/2.3.2/javascript.html#transitions
+ * ===================================================
+ * Copyright 2013 Twitter, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ========================================================== */
+
+
+!function ($) {
+
+  "use strict"; // jshint ;_;
+
+
+  /* CSS TRANSITION SUPPORT (http://www.modernizr.com/)
+   * ======================================================= */
+
+  $(function () {
+
+    $.support.transition = (function () {
+
+      var transitionEnd = (function () {
+
+        var el = document.createElement('bootstrap')
+          , transEndEventNames = {
+               'WebkitTransition' : 'webkitTransitionEnd'
+            ,  'MozTransition'    : 'transitionend'
+            ,  'OTransition'      : 'oTransitionEnd otransitionend'
+            ,  'transition'       : 'transitionend'
+            }
+          , name
+
+        for (name in transEndEventNames){
+          if (el.style[name] !== undefined) {
+            return transEndEventNames[name]
+          }
+        }
+
+      }())
+
+      return transitionEnd && {
+        end: transitionEnd
+      }
+
+    })()
+
+  })
+
+}(window.jQuery);/* ==========================================================
+ * bootstrap-alert.js v2.3.2
+ * http://getbootstrap.com/2.3.2/javascript.html#alerts
+ * ==========================================================
+ * Copyright 2013 Twitter, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ========================================================== */
+
+
+!function ($) {
+
+  "use strict"; // jshint ;_;
+
+
+ /* ALERT CLASS DEFINITION
+  * ====================== */
+
+  var dismiss = '[data-dismiss="alert"]'
+    , Alert = function (el) {
+        $(el).on('click', dismiss, this.close)
+      }
+
+  Alert.prototype.close = function (e) {
+    var $this = $(this)
+      , selector = $this.attr('data-target')
+      , $parent
+
+    if (!selector) {
+      selector = $this.attr('href')
+      selector = selector && selector.replace(/.*(?=#[^\s]*$)/, '') //strip for ie7
+    }
+
+    $parent = $(selector)
+
+    e && e.preventDefault()
+
+    $parent.length || ($parent = $this.hasClass('alert') ? $this : $this.parent())
+
+    $parent.trigger(e = $.Event('close'))
+
+    if (e.isDefaultPrevented()) return
+
+    $parent.removeClass('in')
+
+    function removeElement() {
+      $parent
+        .trigger('closed')
+        .remove()
+    }
+
+    $.support.transition && $parent.hasClass('fade') ?
+      $parent.on($.support.transition.end, removeElement) :
+      removeElement()
+  }
+
+
+ /* ALERT PLUGIN DEFINITION
+  * ======================= */
+
+  var old = $.fn.alert
+
+  $.fn.alert = function (option) {
+    return this.each(function () {
+      var $this = $(this)
+        , data = $this.data('alert')
+      if (!data) $this.data('alert', (data = new Alert(this)))
+      if (typeof option == 'string') data[option].call($this)
+    })
+  }
+
+  $.fn.alert.Constructor = Alert
+
+
+ /* ALERT NO CONFLICT
+  * ================= */
+
+  $.fn.alert.noConflict = function () {
+    $.fn.alert = old
+    return this
+  }
+
+
+ /* ALERT DATA-API
+  * ============== */
+
+  $(document).on('click.alert.data-api', dismiss, Alert.prototype.close)
+
+}(window.jQuery);/* ============================================================
+ * bootstrap-button.js v2.3.2
+ * http://getbootstrap.com/2.3.2/javascript.html#buttons
+ * ============================================================
+ * Copyright 2013 Twitter, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============================================================ */
+
+
+!function ($) {
+
+  "use strict"; // jshint ;_;
+
+
+ /* BUTTON PUBLIC CLASS DEFINITION
+  * ============================== */
+
+  var Button = function (element, options) {
+    this.$element = $(element)
+    this.options = $.extend({}, $.fn.button.defaults, options)
+  }
+
+  Button.prototype.setState = function (state) {
+    var d = 'disabled'
+      , $el = this.$element
+      , data = $el.data()
+      , val = $el.is('input') ? 'val' : 'html'
+
+    state = state + 'Text'
+    data.resetText || $el.data('resetText', $el[val]())
+
+    $el[val](data[state] || this.options[state])
+
+    // push to event loop to allow forms to submit
+    setTimeout(function () {
+      state == 'loadingText' ?
+        $el.addClass(d).attr(d, d) :
+        $el.removeClass(d).removeAttr(d)
+    }, 0)
+  }
+
+  Button.prototype.toggle = function () {
+    var $parent = this.$element.closest('[data-toggle="buttons-radio"]')
+
+    $parent && $parent
+      .find('.active')
+      .removeClass('active')
+
+    this.$element.toggleClass('active')
+  }
+
+
+ /* BUTTON PLUGIN DEFINITION
+  * ======================== */
+
+  var old = $.fn.button
+
+  $.fn.button = function (option) {
+    return this.each(function () {
+      var $this = $(this)
+        , data = $this.data('button')
+        , options = typeof option == 'object' && option
+      if (!data) $this.data('button', (data = new Button(this, options)))
+      if (option == 'toggle') data.toggle()
+      else if (option) data.setState(option)
+    })
+  }
+
+  $.fn.button.defaults = {
+    loadingText: 'loading...'
+  }
+
+  $.fn.button.Constructor = Button
+
+
+ /* BUTTON NO CONFLICT
+  * ================== */
+
+  $.fn.button.noConflict = function () {
+    $.fn.button = old
+    return this
+  }
+
+
+ /* BUTTON DATA-API
+  * =============== */
+
+  $(document).on('click.button.data-api', '[data-toggle^=button]', function (e) {
+    var $btn = $(e.target)
+    if (!$btn.hasClass('btn')) $btn = $btn.closest('.btn')
+    $btn.button('toggle')
+  })
+
+}(window.jQuery);/* ==========================================================
+ * bootstrap-carousel.js v2.3.2
+ * http://getbootstrap.com/2.3.2/javascript.html#carousel
+ * ==========================================================
+ * Copyright 2013 Twitter, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ========================================================== */
+
+
+!function ($) {
+
+  "use strict"; // jshint ;_;
+
+
+ /* CAROUSEL CLASS DEFINITION
+  * ========================= */
+
+  var Carousel = function (element, options) {
+    this.$element = $(element)
+    this.$indicators = this.$element.find('.carousel-indicators')
+    this.options = options
+    this.options.pause == 'hover' && this.$element
+      .on('mouseenter', $.proxy(this.pause, this))
+      .on('mouseleave', $.proxy(this.cycle, this))
+  }
+
+  Carousel.prototype = {
+
+    cycle: function (e) {
+      if (!e) this.paused = false
+      if (this.interval) clearInterval(this.interval);
+      this.options.interval
+        && !this.paused
+        && (this.interval = setInterval($.proxy(this.next, this), this.options.interval))
+      return this
+    }
+
+  , getActiveIndex: function () {
+      this.$active = this.$element.find('.item.active')
+      this.$items = this.$active.parent().children()
+      return this.$items.index(this.$active)
+    }
+
+  , to: function (pos) {
+      var activeIndex = this.getActiveIndex()
+        , that = this
+
+      if (pos > (this.$items.length - 1) || pos < 0) return
+
+      if (this.sliding) {
+        return this.$element.one('slid', function () {
+          that.to(pos)
+        })
+      }
+
+      if (activeIndex == pos) {
+        return this.pause().cycle()
+      }
+
+      return this.slide(pos > activeIndex ? 'next' : 'prev', $(this.$items[pos]))
+    }
+
+  , pause: function (e) {
+      if (!e) this.paused = true
+      if (this.$element.find('.next, .prev').length && $.support.transition.end) {
+        this.$element.trigger($.support.transition.end)
+        this.cycle(true)
+      }
+      clearInterval(this.interval)
+      this.interval = null
+      return this
+    }
+
+  , next: function () {
+      if (this.sliding) return
+      return this.slide('next')
+    }
+
+  , prev: function () {
+      if (this.sliding) return
+      return this.slide('prev')
+    }
+
+  , slide: function (type, next) {
+      var $active = this.$element.find('.item.active')
+        , $next = next || $active[type]()
+        , isCycling = this.interval
+        , direction = type == 'next' ? 'left' : 'right'
+        , fallback  = type == 'next' ? 'first' : 'last'
+        , that = this
+        , e
+
+      this.sliding = true
+
+      isCycling && this.pause()
+
+      $next = $next.length ? $next : this.$element.find('.item')[fallback]()
+
+      e = $.Event('slide', {
+        relatedTarget: $next[0]
+      , direction: direction
+      })
+
+      if ($next.hasClass('active')) return
+
+      if (this.$indicators.length) {
+        this.$indicators.find('.active').removeClass('active')
+        this.$element.one('slid', function () {
+          var $nextIndicator = $(that.$indicators.children()[that.getActiveIndex()])
+          $nextIndicator && $nextIndicator.addClass('active')
+        })
+      }
+
+      if ($.support.transition && this.$element.hasClass('slide')) {
+        this.$element.trigger(e)
+        if (e.isDefaultPrevented()) return
+        $next.addClass(type)
+        $next[0].offsetWidth // force reflow
+        $active.addClass(direction)
+        $next.addClass(direction)
+        this.$element.one($.support.transition.end, function () {
+          $next.removeClass([type, direction].join(' ')).addClass('active')
+          $active.removeClass(['active', direction].join(' '))
+          that.sliding = false
+          setTimeout(function () { that.$element.trigger('slid') }, 0)
+        })
+      } else {
+        this.$element.trigger(e)
+        if (e.isDefaultPrevented()) return
+        $active.removeClass('active')
+        $next.addClass('active')
+        this.sliding = false
+        this.$element.trigger('slid')
+      }
+
+      isCycling && this.cycle()
+
+      return this
+    }
+
+  }
+
+
+ /* CAROUSEL PLUGIN DEFINITION
+  * ========================== */
+
+  var old = $.fn.carousel
+
+  $.fn.carousel = function (option) {
+    return this.each(function () {
+      var $this = $(this)
+        , data = $this.data('carousel')
+        , options = $.extend({}, $.fn.carousel.defaults, typeof option == 'object' && option)
+        , action = typeof option == 'string' ? option : options.slide
+      if (!data) $this.data('carousel', (data = new Carousel(this, options)))
+      if (typeof option == 'number') data.to(option)
+      else if (action) data[action]()
+      else if (options.interval) data.pause().cycle()
+    })
+  }
+
+  $.fn.carousel.defaults = {
+    interval: 5000
+  , pause: 'hover'
+  }
+
+  $.fn.carousel.Constructor = Carousel
+
+
+ /* CAROUSEL NO CONFLICT
+  * ==================== */
+
+  $.fn.carousel.noConflict = function () {
+    $.fn.carousel = old
+    return this
+  }
+
+ /* CAROUSEL DATA-API
+  * ================= */
+
+  $(document).on('click.carousel.data-api', '[data-slide], [data-slide-to]', function (e) {
+    var $this = $(this), href
+      , $target = $($this.attr('data-target') || (href = $this.attr('href')) && href.replace(/.*(?=#[^\s]+$)/, '')) //strip for ie7
+      , options = $.extend({}, $target.data(), $this.data())
+      , slideIndex
+
+    $target.carousel(options)
+
+    if (slideIndex = $this.attr('data-slide-to')) {
+      $target.data('carousel').pause().to(slideIndex).cycle()
+    }
+
+    e.preventDefault()
+  })
+
+}(window.jQuery);/* =============================================================
+ * bootstrap-collapse.js v2.3.2
+ * http://getbootstrap.com/2.3.2/javascript.html#collapse
+ * =============================================================
+ * Copyright 2013 Twitter, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============================================================ */
+
+
+!function ($) {
+
+  "use strict"; // jshint ;_;
+
+
+ /* COLLAPSE PUBLIC CLASS DEFINITION
+  * ================================ */
+
+  var Collapse = function (element, options) {
+    this.$element = $(element)
+    this.options = $.extend({}, $.fn.collapse.defaults, options)
+
+    if (this.options.parent) {
+      this.$parent = $(this.options.parent)
+    }
+
+    this.options.toggle && this.toggle()
+  }
+
+  Collapse.prototype = {
+
+    constructor: Collapse
+
+  , dimension: function () {
+      var hasWidth = this.$element.hasClass('width')
+      return hasWidth ? 'width' : 'height'
+    }
+
+  , show: function () {
+      var dimension
+        , scroll
+        , actives
+        , hasData
+
+      if (this.transitioning || this.$element.hasClass('in')) return
+
+      dimension = this.dimension()
+      scroll = $.camelCase(['scroll', dimension].join('-'))
+      actives = this.$parent && this.$parent.find('> .accordion-group > .in')
+
+      if (actives && actives.length) {
+        hasData = actives.data('collapse')
+        if (hasData && hasData.transitioning) return
+        actives.collapse('hide')
+        hasData || actives.data('collapse', null)
+      }
+
+      this.$element[dimension](0)
+      this.transition('addClass', $.Event('show'), 'shown')
+      $.support.transition && this.$element[dimension](this.$element[0][scroll])
+    }
+
+  , hide: function () {
+      var dimension
+      if (this.transitioning || !this.$element.hasClass('in')) return
+      dimension = this.dimension()
+      this.reset(this.$element[dimension]())
+      this.transition('removeClass', $.Event('hide'), 'hidden')
+      this.$element[dimension](0)
+    }
+
+  , reset: function (size) {
+      var dimension = this.dimension()
+
+      this.$element
+        .removeClass('collapse')
+        [dimension](size || 'auto')
+        [0].offsetWidth
+
+      this.$element[size !== null ? 'addClass' : 'removeClass']('collapse')
+
+      return this
+    }
+
+  , transition: function (method, startEvent, completeEvent) {
+      var that = this
+        , complete = function () {
+            if (startEvent.type == 'show') that.reset()
+            that.transitioning = 0
+            that.$element.trigger(completeEvent)
+          }
+
+      this.$element.trigger(startEvent)
+
+      if (startEvent.isDefaultPrevented()) return
+
+      this.transitioning = 1
+
+      this.$element[method]('in')
+
+      $.support.transition && this.$element.hasClass('collapse') ?
+        this.$element.one($.support.transition.end, complete) :
+        complete()
+    }
+
+  , toggle: function () {
+      this[this.$element.hasClass('in') ? 'hide' : 'show']()
+    }
+
+  }
+
+
+ /* COLLAPSE PLUGIN DEFINITION
+  * ========================== */
+
+  var old = $.fn.collapse
+
+  $.fn.collapse = function (option) {
+    return this.each(function () {
+      var $this = $(this)
+        , data = $this.data('collapse')
+        , options = $.extend({}, $.fn.collapse.defaults, $this.data(), typeof option == 'object' && option)
+      if (!data) $this.data('collapse', (data = new Collapse(this, options)))
+      if (typeof option == 'string') data[option]()
+    })
+  }
+
+  $.fn.collapse.defaults = {
+    toggle: true
+  }
+
+  $.fn.collapse.Constructor = Collapse
+
+
+ /* COLLAPSE NO CONFLICT
+  * ==================== */
+
+  $.fn.collapse.noConflict = function () {
+    $.fn.collapse = old
+    return this
+  }
+
+
+ /* COLLAPSE DATA-API
+  * ================= */
+
+  $(document).on('click.collapse.data-api', '[data-toggle=collapse]', function (e) {
+    var $this = $(this), href
+      , target = $this.attr('data-target')
+        || e.preventDefault()
+        || (href = $this.attr('href')) && href.replace(/.*(?=#[^\s]+$)/, '') //strip for ie7
+      , option = $(target).data('collapse') ? 'toggle' : $this.data()
+    $this[$(target).hasClass('in') ? 'addClass' : 'removeClass']('collapsed')
+    $(target).collapse(option)
+  })
+
+}(window.jQuery);/* ============================================================
+ * bootstrap-dropdown.js v2.3.2
+ * http://getbootstrap.com/2.3.2/javascript.html#dropdowns
+ * ============================================================
+ * Copyright 2013 Twitter, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============================================================ */
+
+
+!function ($) {
+
+  "use strict"; // jshint ;_;
+
+
+ /* DROPDOWN CLASS DEFINITION
+  * ========================= */
+
+  var toggle = '[data-toggle=dropdown]'
+    , Dropdown = function (element) {
+        var $el = $(element).on('click.dropdown.data-api', this.toggle)
+        $('html').on('click.dropdown.data-api', function () {
+          $el.parent().removeClass('open')
+        })
+      }
+
+  Dropdown.prototype = {
+
+    constructor: Dropdown
+
+  , toggle: function (e) {
+      var $this = $(this)
+        , $parent
+        , isActive
+
+      if ($this.is('.disabled, :disabled')) return
+
+      $parent = getParent($this)
+
+      isActive = $parent.hasClass('open')
+
+      clearMenus()
+
+      if (!isActive) {
+        if ('ontouchstart' in document.documentElement) {
+          // if mobile we we use a backdrop because click events don't delegate
+          $('<div class="dropdown-backdrop"/>').insertBefore($(this)).on('click', clearMenus)
+        }
+        $parent.toggleClass('open')
+      }
+
+      $this.focus()
+
+      return false
+    }
+
+  , keydown: function (e) {
+      var $this
+        , $items
+        , $active
+        , $parent
+        , isActive
+        , index
+
+      if (!/(38|40|27)/.test(e.keyCode)) return
+
+      $this = $(this)
+
+      e.preventDefault()
+      e.stopPropagation()
+
+      if ($this.is('.disabled, :disabled')) return
+
+      $parent = getParent($this)
+
+      isActive = $parent.hasClass('open')
+
+      if (!isActive || (isActive && e.keyCode == 27)) {
+        if (e.which == 27) $parent.find(toggle).focus()
+        return $this.click()
+      }
+
+      $items = $('[role=menu] li:not(.divider):visible a', $parent)
+
+      if (!$items.length) return
+
+      index = $items.index($items.filter(':focus'))
+
+      if (e.keyCode == 38 && index > 0) index--                                        // up
+      if (e.keyCode == 40 && index < $items.length - 1) index++                        // down
+      if (!~index) index = 0
+
+      $items
+        .eq(index)
+        .focus()
+    }
+
+  }
+
+  function clearMenus() {
+    $('.dropdown-backdrop').remove()
+    $(toggle).each(function () {
+      getParent($(this)).removeClass('open')
+    })
+  }
+
+  function getParent($this) {
+    var selector = $this.attr('data-target')
+      , $parent
+
+    if (!selector) {
+      selector = $this.attr('href')
+      selector = selector && /#/.test(selector) && selector.replace(/.*(?=#[^\s]*$)/, '') //strip for ie7
+    }
+
+    $parent = selector && $(selector)
+
+    if (!$parent || !$parent.length) $parent = $this.parent()
+
+    return $parent
+  }
+
+
+  /* DROPDOWN PLUGIN DEFINITION
+   * ========================== */
+
+  var old = $.fn.dropdown
+
+  $.fn.dropdown = function (option) {
+    return this.each(function () {
+      var $this = $(this)
+        , data = $this.data('dropdown')
+      if (!data) $this.data('dropdown', (data = new Dropdown(this)))
+      if (typeof option == 'string') data[option].call($this)
+    })
+  }
+
+  $.fn.dropdown.Constructor = Dropdown
+
+
+ /* DROPDOWN NO CONFLICT
+  * ==================== */
+
+  $.fn.dropdown.noConflict = function () {
+    $.fn.dropdown = old
+    return this
+  }
+
+
+  /* APPLY TO STANDARD DROPDOWN ELEMENTS
+   * =================================== */
+
+  $(document)
+    .on('click.dropdown.data-api', clearMenus)
+    .on('click.dropdown.data-api', '.dropdown form', function (e) { e.stopPropagation() })
+    .on('click.dropdown.data-api'  , toggle, Dropdown.prototype.toggle)
+    .on('keydown.dropdown.data-api', toggle + ', [role=menu]' , Dropdown.prototype.keydown)
+
+}(window.jQuery);
+/* =========================================================
+ * bootstrap-modal.js v2.3.2
+ * http://getbootstrap.com/2.3.2/javascript.html#modals
+ * =========================================================
+ * Copyright 2013 Twitter, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ========================================================= */
+
+
+!function ($) {
+
+  "use strict"; // jshint ;_;
+
+
+ /* MODAL CLASS DEFINITION
+  * ====================== */
+
+  var Modal = function (element, options) {
+    this.options = options
+    this.$element = $(element)
+      .delegate('[data-dismiss="modal"]', 'click.dismiss.modal', $.proxy(this.hide, this))
+    this.options.remote && this.$element.find('.modal-body').load(this.options.remote)
+  }
+
+  Modal.prototype = {
+
+      constructor: Modal
+
+    , toggle: function () {
+        return this[!this.isShown ? 'show' : 'hide']()
+      }
+
+    , show: function () {
+        var that = this
+          , e = $.Event('show')
+
+        this.$element.trigger(e)
+
+        if (this.isShown || e.isDefaultPrevented()) return
+
+        this.isShown = true
+
+        this.escape()
+
+        this.backdrop(function () {
+          var transition = $.support.transition && that.$element.hasClass('fade')
+
+          if (!that.$element.parent().length) {
+            that.$element.appendTo(document.body) //don't move modals dom position
+          }
+
+          that.$element.show()
+
+          if (transition) {
+            that.$element[0].offsetWidth // force reflow
+          }
+
+          that.$element
+            .addClass('in')
+            .attr('aria-hidden', false)
+
+          that.enforceFocus()
+
+          transition ?
+            that.$element.one($.support.transition.end, function () { that.$element.focus().trigger('shown') }) :
+            that.$element.focus().trigger('shown')
+
+        })
+      }
+
+    , hide: function (e) {
+        e && e.preventDefault()
+
+        var that = this
+
+        e = $.Event('hide')
+
+        this.$element.trigger(e)
+
+        if (!this.isShown || e.isDefaultPrevented()) return
+
+        this.isShown = false
+
+        this.escape()
+
+        $(document).off('focusin.modal')
+
+        this.$element
+          .removeClass('in')
+          .attr('aria-hidden', true)
+
+        $.support.transition && this.$element.hasClass('fade') ?
+          this.hideWithTransition() :
+          this.hideModal()
+      }
+
+    , enforceFocus: function () {
+        var that = this
+        $(document).on('focusin.modal', function (e) {
+          if (that.$element[0] !== e.target && !that.$element.has(e.target).length) {
+            that.$element.focus()
+          }
+        })
+      }
+
+    , escape: function () {
+        var that = this
+        if (this.isShown && this.options.keyboard) {
+          this.$element.on('keyup.dismiss.modal', function ( e ) {
+            e.which == 27 && that.hide()
+          })
+        } else if (!this.isShown) {
+          this.$element.off('keyup.dismiss.modal')
+        }
+      }
+
+    , hideWithTransition: function () {
+        var that = this
+          , timeout = setTimeout(function () {
+              that.$element.off($.support.transition.end)
+              that.hideModal()
+            }, 500)
+
+        this.$element.one($.support.transition.end, function () {
+          clearTimeout(timeout)
+          that.hideModal()
+        })
+      }
+
+    , hideModal: function () {
+        var that = this
+        this.$element.hide()
+        this.backdrop(function () {
+          that.removeBackdrop()
+          that.$element.trigger('hidden')
+        })
+      }
+
+    , removeBackdrop: function () {
+        this.$backdrop && this.$backdrop.remove()
+        this.$backdrop = null
+      }
+
+    , backdrop: function (callback) {
+        var that = this
+          , animate = this.$element.hasClass('fade') ? 'fade' : ''
+
+        if (this.isShown && this.options.backdrop) {
+          var doAnimate = $.support.transition && animate
+
+          this.$backdrop = $('<div class="modal-backdrop ' + animate + '" />')
+            .appendTo(document.body)
+
+          this.$backdrop.click(
+            this.options.backdrop == 'static' ?
+              $.proxy(this.$element[0].focus, this.$element[0])
+            : $.proxy(this.hide, this)
+          )
+
+          if (doAnimate) this.$backdrop[0].offsetWidth // force reflow
+
+          this.$backdrop.addClass('in')
+
+          if (!callback) return
+
+          doAnimate ?
+            this.$backdrop.one($.support.transition.end, callback) :
+            callback()
+
+        } else if (!this.isShown && this.$backdrop) {
+          this.$backdrop.removeClass('in')
+
+          $.support.transition && this.$element.hasClass('fade')?
+            this.$backdrop.one($.support.transition.end, callback) :
+            callback()
+
+        } else if (callback) {
+          callback()
+        }
+      }
+  }
+
+
+ /* MODAL PLUGIN DEFINITION
+  * ======================= */
+
+  var old = $.fn.modal
+
+  $.fn.modal = function (option) {
+    return this.each(function () {
+      var $this = $(this)
+        , data = $this.data('modal')
+        , options = $.extend({}, $.fn.modal.defaults, $this.data(), typeof option == 'object' && option)
+      if (!data) $this.data('modal', (data = new Modal(this, options)))
+      if (typeof option == 'string') data[option]()
+      else if (options.show) data.show()
+    })
+  }
+
+  $.fn.modal.defaults = {
+      backdrop: true
+    , keyboard: true
+    , show: true
+  }
+
+  $.fn.modal.Constructor = Modal
+
+
+ /* MODAL NO CONFLICT
+  * ================= */
+
+  $.fn.modal.noConflict = function () {
+    $.fn.modal = old
+    return this
+  }
+
+
+ /* MODAL DATA-API
+  * ============== */
+
+  $(document).on('click.modal.data-api', '[data-toggle="modal"]', function (e) {
+    var $this = $(this)
+      , href = $this.attr('href')
+      , $target = $($this.attr('data-target') || (href && href.replace(/.*(?=#[^\s]+$)/, ''))) //strip for ie7
+      , option = $target.data('modal') ? 'toggle' : $.extend({ remote:!/#/.test(href) && href }, $target.data(), $this.data())
+
+    e.preventDefault()
+
+    $target
+      .modal(option)
+      .one('hide', function () {
+        $this.focus()
+      })
+  })
+
+}(window.jQuery);
+/* ===========================================================
+ * bootstrap-tooltip.js v2.3.2
+ * http://getbootstrap.com/2.3.2/javascript.html#tooltips
+ * Inspired by the original jQuery.tipsy by Jason Frame
+ * ===========================================================
+ * Copyright 2013 Twitter, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ========================================================== */
+
+
+!function ($) {
+
+  "use strict"; // jshint ;_;
+
+
+ /* TOOLTIP PUBLIC CLASS DEFINITION
+  * =============================== */
+
+  var Tooltip = function (element, options) {
+    this.init('tooltip', element, options)
+  }
+
+  Tooltip.prototype = {
+
+    constructor: Tooltip
+
+  , init: function (type, element, options) {
+      var eventIn
+        , eventOut
+        , triggers
+        , trigger
+        , i
+
+      this.type = type
+      this.$element = $(element)
+      this.options = this.getOptions(options)
+      this.enabled = true
+
+      triggers = this.options.trigger.split(' ')
+
+      for (i = triggers.length; i--;) {
+        trigger = triggers[i]
+        if (trigger == 'click') {
+          this.$element.on('click.' + this.type, this.options.selector, $.proxy(this.toggle, this))
+        } else if (trigger != 'manual') {
+          eventIn = trigger == 'hover' ? 'mouseenter' : 'focus'
+          eventOut = trigger == 'hover' ? 'mouseleave' : 'blur'
+          this.$element.on(eventIn + '.' + this.type, this.options.selector, $.proxy(this.enter, this))
+          this.$element.on(eventOut + '.' + this.type, this.options.selector, $.proxy(this.leave, this))
+        }
+      }
+
+      this.options.selector ?
+        (this._options = $.extend({}, this.options, { trigger: 'manual', selector: '' })) :
+        this.fixTitle()
+    }
+
+  , getOptions: function (options) {
+      options = $.extend({}, $.fn[this.type].defaults, this.$element.data(), options)
+
+      if (options.delay && typeof options.delay == 'number') {
+        options.delay = {
+          show: options.delay
+        , hide: options.delay
+        }
+      }
+
+      return options
+    }
+
+  , enter: function (e) {
+      var defaults = $.fn[this.type].defaults
+        , options = {}
+        , self
+
+      this._options && $.each(this._options, function (key, value) {
+        if (defaults[key] != value) options[key] = value
+      }, this)
+
+      self = $(e.currentTarget)[this.type](options).data(this.type)
+
+      if (!self.options.delay || !self.options.delay.show) return self.show()
+
+      clearTimeout(this.timeout)
+      self.hoverState = 'in'
+      this.timeout = setTimeout(function() {
+        if (self.hoverState == 'in') self.show()
+      }, self.options.delay.show)
+    }
+
+  , leave: function (e) {
+      var self = $(e.currentTarget)[this.type](this._options).data(this.type)
+
+      if (this.timeout) clearTimeout(this.timeout)
+      if (!self.options.delay || !self.options.delay.hide) return self.hide()
+
+      self.hoverState = 'out'
+      this.timeout = setTimeout(function() {
+        if (self.hoverState == 'out') self.hide()
+      }, self.options.delay.hide)
+    }
+
+  , show: function () {
+      var $tip
+        , pos
+        , actualWidth
+        , actualHeight
+        , placement
+        , tp
+        , e = $.Event('show')
+
+      if (this.hasContent() && this.enabled) {
+        this.$element.trigger(e)
+        if (e.isDefaultPrevented()) return
+        $tip = this.tip()
+        this.setContent()
+
+        if (this.options.animation) {
+          $tip.addClass('fade')
+        }
+
+        placement = typeof this.options.placement == 'function' ?
+          this.options.placement.call(this, $tip[0], this.$element[0]) :
+          this.options.placement
+
+        $tip
+          .detach()
+          .css({ top: 0, left: 0, display: 'block' })
+
+        this.options.container ? $tip.appendTo(this.options.container) : $tip.insertAfter(this.$element)
+
+        pos = this.getPosition()
+
+        actualWidth = $tip[0].offsetWidth
+        actualHeight = $tip[0].offsetHeight
+
+        switch (placement) {
+          case 'bottom':
+            tp = {top: pos.top + pos.height, left: pos.left + pos.width / 2 - actualWidth / 2}
+            break
+          case 'top':
+            tp = {top: pos.top - actualHeight, left: pos.left + pos.width / 2 - actualWidth / 2}
+            break
+          case 'left':
+            tp = {top: pos.top + pos.height / 2 - actualHeight / 2, left: pos.left - actualWidth}
+            break
+          case 'right':
+            tp = {top: pos.top + pos.height / 2 - actualHeight / 2, left: pos.left + pos.width}
+            break
+        }
+
+        this.applyPlacement(tp, placement)
+        this.$element.trigger('shown')
+      }
+    }
+
+  , applyPlacement: function(offset, placement){
+      var $tip = this.tip()
+        , width = $tip[0].offsetWidth
+        , height = $tip[0].offsetHeight
+        , actualWidth
+        , actualHeight
+        , delta
+        , replace
+
+      $tip
+        .offset(offset)
+        .addClass(placement)
+        .addClass('in')
+
+      actualWidth = $tip[0].offsetWidth
+      actualHeight = $tip[0].offsetHeight
+
+      if (placement == 'top' && actualHeight != height) {
+        offset.top = offset.top + height - actualHeight
+        replace = true
+      }
+
+      if (placement == 'bottom' || placement == 'top') {
+        delta = 0
+
+        if (offset.left < 0){
+          delta = offset.left * -2
+          offset.left = 0
+          $tip.offset(offset)
+          actualWidth = $tip[0].offsetWidth
+          actualHeight = $tip[0].offsetHeight
+        }
+
+        this.replaceArrow(delta - width + actualWidth, actualWidth, 'left')
+      } else {
+        this.replaceArrow(actualHeight - height, actualHeight, 'top')
+      }
+
+      if (replace) $tip.offset(offset)
+    }
+
+  , replaceArrow: function(delta, dimension, position){
+      this
+        .arrow()
+        .css(position, delta ? (50 * (1 - delta / dimension) + "%") : '')
+    }
+
+  , setContent: function () {
+      var $tip = this.tip()
+        , title = this.getTitle()
+
+      $tip.find('.tooltip-inner')[this.options.html ? 'html' : 'text'](title)
+      $tip.removeClass('fade in top bottom left right')
+    }
+
+  , hide: function () {
+      var that = this
+        , $tip = this.tip()
+        , e = $.Event('hide')
+
+      this.$element.trigger(e)
+      if (e.isDefaultPrevented()) return
+
+      $tip.removeClass('in')
+
+      function removeWithAnimation() {
+        var timeout = setTimeout(function () {
+          $tip.off($.support.transition.end).detach()
+        }, 500)
+
+        $tip.one($.support.transition.end, function () {
+          clearTimeout(timeout)
+          $tip.detach()
+        })
+      }
+
+      $.support.transition && this.$tip.hasClass('fade') ?
+        removeWithAnimation() :
+        $tip.detach()
+
+      this.$element.trigger('hidden')
+
+      return this
+    }
+
+  , fixTitle: function () {
+      var $e = this.$element
+      if ($e.attr('title') || typeof($e.attr('data-original-title')) != 'string') {
+        $e.attr('data-original-title', $e.attr('title') || '').attr('title', '')
+      }
+    }
+
+  , hasContent: function () {
+      return this.getTitle()
+    }
+
+  , getPosition: function () {
+      var el = this.$element[0]
+      return $.extend({}, (typeof el.getBoundingClientRect == 'function') ? el.getBoundingClientRect() : {
+        width: el.offsetWidth
+      , height: el.offsetHeight
+      }, this.$element.offset())
+    }
+
+  , getTitle: function () {
+      var title
+        , $e = this.$element
+        , o = this.options
+
+      title = $e.attr('data-original-title')
+        || (typeof o.title == 'function' ? o.title.call($e[0]) :  o.title)
+
+      return title
+    }
+
+  , tip: function () {
+      return this.$tip = this.$tip || $(this.options.template)
+    }
+
+  , arrow: function(){
+      return this.$arrow = this.$arrow || this.tip().find(".tooltip-arrow")
+    }
+
+  , validate: function () {
+      if (!this.$element[0].parentNode) {
+        this.hide()
+        this.$element = null
+        this.options = null
+      }
+    }
+
+  , enable: function () {
+      this.enabled = true
+    }
+
+  , disable: function () {
+      this.enabled = false
+    }
+
+  , toggleEnabled: function () {
+      this.enabled = !this.enabled
+    }
+
+  , toggle: function (e) {
+      var self = e ? $(e.currentTarget)[this.type](this._options).data(this.type) : this
+      self.tip().hasClass('in') ? self.hide() : self.show()
+    }
+
+  , destroy: function () {
+      this.hide().$element.off('.' + this.type).removeData(this.type)
+    }
+
+  }
+
+
+ /* TOOLTIP PLUGIN DEFINITION
+  * ========================= */
+
+  var old = $.fn.tooltip
+
+  $.fn.tooltip = function ( option ) {
+    return this.each(function () {
+      var $this = $(this)
+        , data = $this.data('tooltip')
+        , options = typeof option == 'object' && option
+      if (!data) $this.data('tooltip', (data = new Tooltip(this, options)))
+      if (typeof option == 'string') data[option]()
+    })
+  }
+
+  $.fn.tooltip.Constructor = Tooltip
+
+  $.fn.tooltip.defaults = {
+    animation: true
+  , placement: 'top'
+  , selector: false
+  , template: '<div class="tooltip"><div class="tooltip-arrow"></div><div class="tooltip-inner"></div></div>'
+  , trigger: 'hover focus'
+  , title: ''
+  , delay: 0
+  , html: false
+  , container: false
+  }
+
+
+ /* TOOLTIP NO CONFLICT
+  * =================== */
+
+  $.fn.tooltip.noConflict = function () {
+    $.fn.tooltip = old
+    return this
+  }
+
+}(window.jQuery);
+/* ===========================================================
+ * bootstrap-popover.js v2.3.2
+ * http://getbootstrap.com/2.3.2/javascript.html#popovers
+ * ===========================================================
+ * Copyright 2013 Twitter, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================================================== */
+
+
+!function ($) {
+
+  "use strict"; // jshint ;_;
+
+
+ /* POPOVER PUBLIC CLASS DEFINITION
+  * =============================== */
+
+  var Popover = function (element, options) {
+    this.init('popover', element, options)
+  }
+
+
+  /* NOTE: POPOVER EXTENDS BOOTSTRAP-TOOLTIP.js
+     ========================================== */
+
+  Popover.prototype = $.extend({}, $.fn.tooltip.Constructor.prototype, {
+
+    constructor: Popover
+
+  , setContent: function () {
+      var $tip = this.tip()
+        , title = this.getTitle()
+        , content = this.getContent()
+
+      $tip.find('.popover-title')[this.options.html ? 'html' : 'text'](title)
+      $tip.find('.popover-content')[this.options.html ? 'html' : 'text'](content)
+
+      $tip.removeClass('fade top bottom left right in')
+    }
+
+  , hasContent: function () {
+      return this.getTitle() || this.getContent()
+    }
+
+  , getContent: function () {
+      var content
+        , $e = this.$element
+        , o = this.options
+
+      content = (typeof o.content == 'function' ? o.content.call($e[0]) :  o.content)
+        || $e.attr('data-content')
+
+      return content
+    }
+
+  , tip: function () {
+      if (!this.$tip) {
+        this.$tip = $(this.options.template)
+      }
+      return this.$tip
+    }
+
+  , destroy: function () {
+      this.hide().$element.off('.' + this.type).removeData(this.type)
+    }
+
+  })
+
+
+ /* POPOVER PLUGIN DEFINITION
+  * ======================= */
+
+  var old = $.fn.popover
+
+  $.fn.popover = function (option) {
+    return this.each(function () {
+      var $this = $(this)
+        , data = $this.data('popover')
+        , options = typeof option == 'object' && option
+      if (!data) $this.data('popover', (data = new Popover(this, options)))
+      if (typeof option == 'string') data[option]()
+    })
+  }
+
+  $.fn.popover.Constructor = Popover
+
+  $.fn.popover.defaults = $.extend({} , $.fn.tooltip.defaults, {
+    placement: 'right'
+  , trigger: 'click'
+  , content: ''
+  , template: '<div class="popover"><div class="arrow"></div><h3 class="popover-title"></h3><div class="popover-content"></div></div>'
+  })
+
+
+ /* POPOVER NO CONFLICT
+  * =================== */
+
+  $.fn.popover.noConflict = function () {
+    $.fn.popover = old
+    return this
+  }
+
+}(window.jQuery);
+/* =============================================================
+ * bootstrap-scrollspy.js v2.3.2
+ * http://getbootstrap.com/2.3.2/javascript.html#scrollspy
+ * =============================================================
+ * Copyright 2013 Twitter, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============================================================== */
+
+
+!function ($) {
+
+  "use strict"; // jshint ;_;
+
+
+ /* SCROLLSPY CLASS DEFINITION
+  * ========================== */
+
+  function ScrollSpy(element, options) {
+    var process = $.proxy(this.process, this)
+      , $element = $(element).is('body') ? $(window) : $(element)
+      , href
+    this.options = $.extend({}, $.fn.scrollspy.defaults, options)
+    this.$scrollElement = $element.on('scroll.scroll-spy.data-api', process)
+    this.selector = (this.options.target
+      || ((href = $(element).attr('href')) && href.replace(/.*(?=#[^\s]+$)/, '')) //strip for ie7
+      || '') + ' .nav li > a'
+    this.$body = $('body')
+    this.refresh()
+    this.process()
+  }
+
+  ScrollSpy.prototype = {
+
+      constructor: ScrollSpy
+
+    , refresh: function () {
+        var self = this
+          , $targets
+
+        this.offsets = $([])
+        this.targets = $([])
+
+        $targets = this.$body
+          .find(this.selector)
+          .map(function () {
+            var $el = $(this)
+              , href = $el.data('target') || $el.attr('href')
+              , $href = /^#\w/.test(href) && $(href)
+            return ( $href
+              && $href.length
+              && [[ $href.position().top + (!$.isWindow(self.$scrollElement.get(0)) && self.$scrollElement.scrollTop()), href ]] ) || null
+          })
+          .sort(function (a, b) { return a[0] - b[0] })
+          .each(function () {
+            self.offsets.push(this[0])
+            self.targets.push(this[1])
+          })
+      }
+
+    , process: function () {
+        var scrollTop = this.$scrollElement.scrollTop() + this.options.offset
+          , scrollHeight = this.$scrollElement[0].scrollHeight || this.$body[0].scrollHeight
+          , maxScroll = scrollHeight - this.$scrollElement.height()
+          , offsets = this.offsets
+          , targets = this.targets
+          , activeTarget = this.activeTarget
+          , i
+
+        if (scrollTop >= maxScroll) {
+          return activeTarget != (i = targets.last()[0])
+            && this.activate ( i )
+        }
+
+        for (i = offsets.length; i--;) {
+          activeTarget != targets[i]
+            && scrollTop >= offsets[i]
+            && (!offsets[i + 1] || scrollTop <= offsets[i + 1])
+            && this.activate( targets[i] )
+        }
+      }
+
+    , activate: function (target) {
+        var active
+          , selector
+
+        this.activeTarget = target
+
+        $(this.selector)
+          .parent('.active')
+          .removeClass('active')
+
+        selector = this.selector
+          + '[data-target="' + target + '"],'
+          + this.selector + '[href="' + target + '"]'
+
+        active = $(selector)
+          .parent('li')
+          .addClass('active')
+
+        if (active.parent('.dropdown-menu').length)  {
+          active = active.closest('li.dropdown').addClass('active')
+        }
+
+        active.trigger('activate')
+      }
+
+  }
+
+
+ /* SCROLLSPY PLUGIN DEFINITION
+  * =========================== */
+
+  var old = $.fn.scrollspy
+
+  $.fn.scrollspy = function (option) {
+    return this.each(function () {
+      var $this = $(this)
+        , data = $this.data('scrollspy')
+        , options = typeof option == 'object' && option
+      if (!data) $this.data('scrollspy', (data = new ScrollSpy(this, options)))
+      if (typeof option == 'string') data[option]()
+    })
+  }
+
+  $.fn.scrollspy.Constructor = ScrollSpy
+
+  $.fn.scrollspy.defaults = {
+    offset: 10
+  }
+
+
+ /* SCROLLSPY NO CONFLICT
+  * ===================== */
+
+  $.fn.scrollspy.noConflict = function () {
+    $.fn.scrollspy = old
+    return this
+  }
+
+
+ /* SCROLLSPY DATA-API
+  * ================== */
+
+  $(window).on('load', function () {
+    $('[data-spy="scroll"]').each(function () {
+      var $spy = $(this)
+      $spy.scrollspy($spy.data())
+    })
+  })
+
+}(window.jQuery);/* ========================================================
+ * bootstrap-tab.js v2.3.2
+ * http://getbootstrap.com/2.3.2/javascript.html#tabs
+ * ========================================================
+ * Copyright 2013 Twitter, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ======================================================== */
+
+
+!function ($) {
+
+  "use strict"; // jshint ;_;
+
+
+ /* TAB CLASS DEFINITION
+  * ==================== */
+
+  var Tab = function (element) {
+    this.element = $(element)
+  }
+
+  Tab.prototype = {
+
+    constructor: Tab
+
+  , show: function () {
+      var $this = this.element
+        , $ul = $this.closest('ul:not(.dropdown-menu)')
+        , selector = $this.attr('data-target')
+        , previous
+        , $target
+        , e
+
+      if (!selector) {
+        selector = $this.attr('href')
+        selector = selector && selector.replace(/.*(?=#[^\s]*$)/, '') //strip for ie7
+      }
+
+      if ( $this.parent('li').hasClass('active') ) return
+
+      previous = $ul.find('.active:last a')[0]
+
+      e = $.Event('show', {
+        relatedTarget: previous
+      })
+
+      $this.trigger(e)
+
+      if (e.isDefaultPrevented()) return
+
+      $target = $(selector)
+
+      this.activate($this.parent('li'), $ul)
+      this.activate($target, $target.parent(), function () {
+        $this.trigger({
+          type: 'shown'
+        , relatedTarget: previous
+        })
+      })
+    }
+
+  , activate: function ( element, container, callback) {
+      var $active = container.find('> .active')
+        , transition = callback
+            && $.support.transition
+            && $active.hasClass('fade')
+
+      function next() {
+        $active
+          .removeClass('active')
+          .find('> .dropdown-menu > .active')
+          .removeClass('active')
+
+        element.addClass('active')
+
+        if (transition) {
+          element[0].offsetWidth // reflow for transition
+          element.addClass('in')
+        } else {
+          element.removeClass('fade')
+        }
+
+        if ( element.parent('.dropdown-menu') ) {
+          element.closest('li.dropdown').addClass('active')
+        }
+
+        callback && callback()
+      }
+
+      transition ?
+        $active.one($.support.transition.end, next) :
+        next()
+
+      $active.removeClass('in')
+    }
+  }
+
+
+ /* TAB PLUGIN DEFINITION
+  * ===================== */
+
+  var old = $.fn.tab
+
+  $.fn.tab = function ( option ) {
+    return this.each(function () {
+      var $this = $(this)
+        , data = $this.data('tab')
+      if (!data) $this.data('tab', (data = new Tab(this)))
+      if (typeof option == 'string') data[option]()
+    })
+  }
+
+  $.fn.tab.Constructor = Tab
+
+
+ /* TAB NO CONFLICT
+  * =============== */
+
+  $.fn.tab.noConflict = function () {
+    $.fn.tab = old
+    return this
+  }
+
+
+ /* TAB DATA-API
+  * ============ */
+
+  $(document).on('click.tab.data-api', '[data-toggle="tab"], [data-toggle="pill"]', function (e) {
+    e.preventDefault()
+    $(this).tab('show')
+  })
+
+}(window.jQuery);/* =============================================================
+ * bootstrap-typeahead.js v2.3.2
+ * http://getbootstrap.com/2.3.2/javascript.html#typeahead
+ * =============================================================
+ * Copyright 2013 Twitter, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============================================================ */
+
+
+!function($){
+
+  "use strict"; // jshint ;_;
+
+
+ /* TYPEAHEAD PUBLIC CLASS DEFINITION
+  * ================================= */
+
+  var Typeahead = function (element, options) {
+    this.$element = $(element)
+    this.options = $.extend({}, $.fn.typeahead.defaults, options)
+    this.matcher = this.options.matcher || this.matcher
+    this.sorter = this.options.sorter || this.sorter
+    this.highlighter = this.options.highlighter || this.highlighter
+    this.updater = this.options.updater || this.updater
+    this.source = this.options.source
+    this.$menu = $(this.options.menu)
+    this.shown = false
+    this.listen()
+  }
+
+  Typeahead.prototype = {
+
+    constructor: Typeahead
+
+  , select: function () {
+      var val = this.$menu.find('.active').attr('data-value')
+      this.$element
+        .val(this.updater(val))
+        .change()
+      return this.hide()
+    }
+
+  , updater: function (item) {
+      return item
+    }
+
+  , show: function () {
+      var pos = $.extend({}, this.$element.position(), {
+        height: this.$element[0].offsetHeight
+      })
+
+      this.$menu
+        .insertAfter(this.$element)
+        .css({
+          top: pos.top + pos.height
+        , left: pos.left
+        })
+        .show()
+
+      this.shown = true
+      return this
+    }
+
+  , hide: function () {
+      this.$menu.hide()
+      this.shown = false
+      return this
+    }
+
+  , lookup: function (event) {
+      var items
+
+      this.query = this.$element.val()
+
+      if (!this.query || this.query.length < this.options.minLength) {
+        return this.shown ? this.hide() : this
+      }
+
+      items = $.isFunction(this.source) ? this.source(this.query, $.proxy(this.process, this)) : this.source
+
+      return items ? this.process(items) : this
+    }
+
+  , process: function (items) {
+      var that = this
+
+      items = $.grep(items, function (item) {
+        return that.matcher(item)
+      })
+
+      items = this.sorter(items)
+
+      if (!items.length) {
+        return this.shown ? this.hide() : this
+      }
+
+      return this.render(items.slice(0, this.options.items)).show()
+    }
+
+  , matcher: function (item) {
+      return ~item.toLowerCase().indexOf(this.query.toLowerCase())
+    }
+
+  , sorter: function (items) {
+      var beginswith = []
+        , caseSensitive = []
+        , caseInsensitive = []
+        , item
+
+      while (item = items.shift()) {
+        if (!item.toLowerCase().indexOf(this.query.toLowerCase())) beginswith.push(item)
+        else if (~item.indexOf(this.query)) caseSensitive.push(item)
+        else caseInsensitive.push(item)
+      }
+
+      return beginswith.concat(caseSensitive, caseInsensitive)
+    }
+
+  , highlighter: function (item) {
+      var query = this.query.replace(/[\-\[\]{}()*+?.,\\\^$|#\s]/g, '\\$&')
+      return item.replace(new RegExp('(' + query + ')', 'ig'), function ($1, match) {
+        return '<strong>' + match + '</strong>'
+      })
+    }
+
+  , render: function (items) {
+      var that = this
+
+      items = $(items).map(function (i, item) {
+        i = $(that.options.item).attr('data-value', item)
+        i.find('a').html(that.highlighter(item))
+        return i[0]
+      })
+
+      items.first().addClass('active')
+      this.$menu.html(items)
+      return this
+    }
+
+  , next: function (event) {
+      var active = this.$menu.find('.active').removeClass('active')
+        , next = active.next()
+
+      if (!next.length) {
+        next = $(this.$menu.find('li')[0])
+      }
+
+      next.addClass('active')
+    }
+
+  , prev: function (event) {
+      var active = this.$menu.find('.active').removeClass('active')
+        , prev = active.prev()
+
+      if (!prev.length) {
+        prev = this.$menu.find('li').last()
+      }
+
+      prev.addClass('active')
+    }
+
+  , listen: function () {
+      this.$element
+        .on('focus',    $.proxy(this.focus, this))
+        .on('blur',     $.proxy(this.blur, this))
+        .on('keypress', $.proxy(this.keypress, this))
+        .on('keyup',    $.proxy(this.keyup, this))
+
+      if (this.eventSupported('keydown')) {
+        this.$element.on('keydown', $.proxy(this.keydown, this))
+      }
+
+      this.$menu
+        .on('click', $.proxy(this.click, this))
+        .on('mouseenter', 'li', $.proxy(this.mouseenter, this))
+        .on('mouseleave', 'li', $.proxy(this.mouseleave, this))
+    }
+
+  , eventSupported: function(eventName) {
+      var isSupported = eventName in this.$element
+      if (!isSupported) {
+        this.$element.setAttribute(eventName, 'return;')
+        isSupported = typeof this.$element[eventName] === 'function'
+      }
+      return isSupported
+    }
+
+  , move: function (e) {
+      if (!this.shown) return
+
+      switch(e.keyCode) {
+        case 9: // tab
+        case 13: // enter
+        case 27: // escape
+          e.preventDefault()
+          break
+
+        case 38: // up arrow
+          e.preventDefault()
+          this.prev()
+          break
+
+        case 40: // down arrow
+          e.preventDefault()
+          this.next()
+          break
+      }
+
+      e.stopPropagation()
+    }
+
+  , keydown: function (e) {
+      this.suppressKeyPressRepeat = ~$.inArray(e.keyCode, [40,38,9,13,27])
+      this.move(e)
+    }
+
+  , keypress: function (e) {
+      if (this.suppressKeyPressRepeat) return
+      this.move(e)
+    }
+
+  , keyup: function (e) {
+      switch(e.keyCode) {
+        case 40: // down arrow
+        case 38: // up arrow
+        case 16: // shift
+        case 17: // ctrl
+        case 18: // alt
+          break
+
+        case 9: // tab
+        case 13: // enter
+          if (!this.shown) return
+          this.select()
+          break
+
+        case 27: // escape
+          if (!this.shown) return
+          this.hide()
+          break
+
+        default:
+          this.lookup()
+      }
+
+      e.stopPropagation()
+      e.preventDefault()
+  }
+
+  , focus: function (e) {
+      this.focused = true
+    }
+
+  , blur: function (e) {
+      this.focused = false
+      if (!this.mousedover && this.shown) this.hide()
+    }
+
+  , click: function (e) {
+      e.stopPropagation()
+      e.preventDefault()
+      this.select()
+      this.$element.focus()
+    }
+
+  , mouseenter: function (e) {
+      this.mousedover = true
+      this.$menu.find('.active').removeClass('active')
+      $(e.currentTarget).addClass('active')
+    }
+
+  , mouseleave: function (e) {
+      this.mousedover = false
+      if (!this.focused && this.shown) this.hide()
+    }
+
+  }
+
+
+  /* TYPEAHEAD PLUGIN DEFINITION
+   * =========================== */
+
+  var old = $.fn.typeahead
+
+  $.fn.typeahead = function (option) {
+    return this.each(function () {
+      var $this = $(this)
+        , data = $this.data('typeahead')
+        , options = typeof option == 'object' && option
+      if (!data) $this.data('typeahead', (data = new Typeahead(this, options)))
+      if (typeof option == 'string') data[option]()
+    })
+  }
+
+  $.fn.typeahead.defaults = {
+    source: []
+  , items: 8
+  , menu: '<ul class="typeahead dropdown-menu"></ul>'
+  , item: '<li><a href="#"></a></li>'
+  , minLength: 1
+  }
+
+  $.fn.typeahead.Constructor = Typeahead
+
+
+ /* TYPEAHEAD NO CONFLICT
+  * =================== */
+
+  $.fn.typeahead.noConflict = function () {
+    $.fn.typeahead = old
+    return this
+  }
+
+
+ /* TYPEAHEAD DATA-API
+  * ================== */
+
+  $(document).on('focus.typeahead.data-api', '[data-provide="typeahead"]', function (e) {
+    var $this = $(this)
+    if ($this.data('typeahead')) return
+    $this.typeahead($this.data())
+  })
+
+}(window.jQuery);
+/* ==========================================================
+ * bootstrap-affix.js v2.3.2
+ * http://getbootstrap.com/2.3.2/javascript.html#affix
+ * ==========================================================
+ * Copyright 2013 Twitter, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ========================================================== */
+
+
+!function ($) {
+
+  "use strict"; // jshint ;_;
+
+
+ /* AFFIX CLASS DEFINITION
+  * ====================== */
+
+  var Affix = function (element, options) {
+    this.options = $.extend({}, $.fn.affix.defaults, options)
+    this.$window = $(window)
+      .on('scroll.affix.data-api', $.proxy(this.checkPosition, this))
+      .on('click.affix.data-api',  $.proxy(function () { setTimeout($.proxy(this.checkPosition, this), 1) }, this))
+    this.$element = $(element)
+    this.checkPosition()
+  }
+
+  Affix.prototype.checkPosition = function () {
+    if (!this.$element.is(':visible')) return
+
+    var scrollHeight = $(document).height()
+      , scrollTop = this.$window.scrollTop()
+      , position = this.$element.offset()
+      , offset = this.options.offset
+      , offsetBottom = offset.bottom
+      , offsetTop = offset.top
+      , reset = 'affix affix-top affix-bottom'
+      , affix
+
+    if (typeof offset != 'object') offsetBottom = offsetTop = offset
+    if (typeof offsetTop == 'function') offsetTop = offset.top()
+    if (typeof offsetBottom == 'function') offsetBottom = offset.bottom()
+
+    affix = this.unpin != null && (scrollTop + this.unpin <= position.top) ?
+      false    : offsetBottom != null && (position.top + this.$element.height() >= scrollHeight - offsetBottom) ?
+      'bottom' : offsetTop != null && scrollTop <= offsetTop ?
+      'top'    : false
+
+    if (this.affixed === affix) return
+
+    this.affixed = affix
+    this.unpin = affix == 'bottom' ? position.top - scrollTop : null
+
+    this.$element.removeClass(reset).addClass('affix' + (affix ? '-' + affix : ''))
+  }
+
+
+ /* AFFIX PLUGIN DEFINITION
+  * ======================= */
+
+  var old = $.fn.affix
+
+  $.fn.affix = function (option) {
+    return this.each(function () {
+      var $this = $(this)
+        , data = $this.data('affix')
+        , options = typeof option == 'object' && option
+      if (!data) $this.data('affix', (data = new Affix(this, options)))
+      if (typeof option == 'string') data[option]()
+    })
+  }
+
+  $.fn.affix.Constructor = Affix
+
+  $.fn.affix.defaults = {
+    offset: 0
+  }
+
+
+ /* AFFIX NO CONFLICT
+  * ================= */
+
+  $.fn.affix.noConflict = function () {
+    $.fn.affix = old
+    return this
+  }
+
+
+ /* AFFIX DATA-API
+  * ============== */
+
+  $(window).on('load', function () {
+    $('[data-spy="affix"]').each(function () {
+      var $spy = $(this)
+        , data = $spy.data()
+
+      data.offset = data.offset || {}
+
+      data.offsetBottom && (data.offset.bottom = data.offsetBottom)
+      data.offsetTop && (data.offset.top = data.offsetTop)
+
+      $spy.affix(data)
+    })
+  })
+
+
+}(window.jQuery);
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/bootstrap2/js/bootstrap.min.js b/openid-connect-server-webapp/src/main/webapp/resources/bootstrap2/js/bootstrap.min.js
new file mode 100644
index 000000000..848258d38
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/bootstrap2/js/bootstrap.min.js
@@ -0,0 +1,6 @@
+/*!
+* Bootstrap.js by @fat & @mdo
+* Copyright 2013 Twitter, Inc.
+* http://www.apache.org/licenses/LICENSE-2.0.txt
+*/
+!function(e){"use strict";e(function(){e.support.transition=function(){var e=function(){var e=document.createElement("bootstrap"),t={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"},n;for(n in t)if(e.style[n]!==undefined)return t[n]}();return e&&{end:e}}()})}(window.jQuery),!function(e){"use strict";var t='[data-dismiss="alert"]',n=function(n){e(n).on("click",t,this.close)};n.prototype.close=function(t){function s(){i.trigger("closed").remove()}var n=e(this),r=n.attr("data-target"),i;r||(r=n.attr("href"),r=r&&r.replace(/.*(?=#[^\s]*$)/,"")),i=e(r),t&&t.preventDefault(),i.length||(i=n.hasClass("alert")?n:n.parent()),i.trigger(t=e.Event("close"));if(t.isDefaultPrevented())return;i.removeClass("in"),e.support.transition&&i.hasClass("fade")?i.on(e.support.transition.end,s):s()};var r=e.fn.alert;e.fn.alert=function(t){return this.each(function(){var r=e(this),i=r.data("alert");i||r.data("alert",i=new n(this)),typeof t=="string"&&i[t].call(r)})},e.fn.alert.Constructor=n,e.fn.alert.noConflict=function(){return e.fn.alert=r,this},e(document).on("click.alert.data-api",t,n.prototype.close)}(window.jQuery),!function(e){"use strict";var t=function(t,n){this.$element=e(t),this.options=e.extend({},e.fn.button.defaults,n)};t.prototype.setState=function(e){var t="disabled",n=this.$element,r=n.data(),i=n.is("input")?"val":"html";e+="Text",r.resetText||n.data("resetText",n[i]()),n[i](r[e]||this.options[e]),setTimeout(function(){e=="loadingText"?n.addClass(t).attr(t,t):n.removeClass(t).removeAttr(t)},0)},t.prototype.toggle=function(){var e=this.$element.closest('[data-toggle="buttons-radio"]');e&&e.find(".active").removeClass("active"),this.$element.toggleClass("active")};var n=e.fn.button;e.fn.button=function(n){return this.each(function(){var r=e(this),i=r.data("button"),s=typeof n=="object"&&n;i||r.data("button",i=new t(this,s)),n=="toggle"?i.toggle():n&&i.setState(n)})},e.fn.button.defaults={loadingText:"loading..."},e.fn.button.Constructor=t,e.fn.button.noConflict=function(){return e.fn.button=n,this},e(document).on("click.button.data-api","[data-toggle^=button]",function(t){var n=e(t.target);n.hasClass("btn")||(n=n.closest(".btn")),n.button("toggle")})}(window.jQuery),!function(e){"use strict";var t=function(t,n){this.$element=e(t),this.$indicators=this.$element.find(".carousel-indicators"),this.options=n,this.options.pause=="hover"&&this.$element.on("mouseenter",e.proxy(this.pause,this)).on("mouseleave",e.proxy(this.cycle,this))};t.prototype={cycle:function(t){return t||(this.paused=!1),this.interval&&clearInterval(this.interval),this.options.interval&&!this.paused&&(this.interval=setInterval(e.proxy(this.next,this),this.options.interval)),this},getActiveIndex:function(){return this.$active=this.$element.find(".item.active"),this.$items=this.$active.parent().children(),this.$items.index(this.$active)},to:function(t){var n=this.getActiveIndex(),r=this;if(t>this.$items.length-1||t<0)return;return this.sliding?this.$element.one("slid",function(){r.to(t)}):n==t?this.pause().cycle():this.slide(t>n?"next":"prev",e(this.$items[t]))},pause:function(t){return t||(this.paused=!0),this.$element.find(".next, .prev").length&&e.support.transition.end&&(this.$element.trigger(e.support.transition.end),this.cycle(!0)),clearInterval(this.interval),this.interval=null,this},next:function(){if(this.sliding)return;return this.slide("next")},prev:function(){if(this.sliding)return;return this.slide("prev")},slide:function(t,n){var r=this.$element.find(".item.active"),i=n||r[t](),s=this.interval,o=t=="next"?"left":"right",u=t=="next"?"first":"last",a=this,f;this.sliding=!0,s&&this.pause(),i=i.length?i:this.$element.find(".item")[u](),f=e.Event("slide",{relatedTarget:i[0],direction:o});if(i.hasClass("active"))return;this.$indicators.length&&(this.$indicators.find(".active").removeClass("active"),this.$element.one("slid",function(){var t=e(a.$indicators.children()[a.getActiveIndex()]);t&&t.addClass("active")}));if(e.support.transition&&this.$element.hasClass("slide")){this.$element.trigger(f);if(f.isDefaultPrevented())return;i.addClass(t),i[0].offsetWidth,r.addClass(o),i.addClass(o),this.$element.one(e.support.transition.end,function(){i.removeClass([t,o].join(" ")).addClass("active"),r.removeClass(["active",o].join(" ")),a.sliding=!1,setTimeout(function(){a.$element.trigger("slid")},0)})}else{this.$element.trigger(f);if(f.isDefaultPrevented())return;r.removeClass("active"),i.addClass("active"),this.sliding=!1,this.$element.trigger("slid")}return s&&this.cycle(),this}};var n=e.fn.carousel;e.fn.carousel=function(n){return this.each(function(){var r=e(this),i=r.data("carousel"),s=e.extend({},e.fn.carousel.defaults,typeof n=="object"&&n),o=typeof n=="string"?n:s.slide;i||r.data("carousel",i=new t(this,s)),typeof n=="number"?i.to(n):o?i[o]():s.interval&&i.pause().cycle()})},e.fn.carousel.defaults={interval:5e3,pause:"hover"},e.fn.carousel.Constructor=t,e.fn.carousel.noConflict=function(){return e.fn.carousel=n,this},e(document).on("click.carousel.data-api","[data-slide], [data-slide-to]",function(t){var n=e(this),r,i=e(n.attr("data-target")||(r=n.attr("href"))&&r.replace(/.*(?=#[^\s]+$)/,"")),s=e.extend({},i.data(),n.data()),o;i.carousel(s),(o=n.attr("data-slide-to"))&&i.data("carousel").pause().to(o).cycle(),t.preventDefault()})}(window.jQuery),!function(e){"use strict";var t=function(t,n){this.$element=e(t),this.options=e.extend({},e.fn.collapse.defaults,n),this.options.parent&&(this.$parent=e(this.options.parent)),this.options.toggle&&this.toggle()};t.prototype={constructor:t,dimension:function(){var e=this.$element.hasClass("width");return e?"width":"height"},show:function(){var t,n,r,i;if(this.transitioning||this.$element.hasClass("in"))return;t=this.dimension(),n=e.camelCase(["scroll",t].join("-")),r=this.$parent&&this.$parent.find("> .accordion-group > .in");if(r&&r.length){i=r.data("collapse");if(i&&i.transitioning)return;r.collapse("hide"),i||r.data("collapse",null)}this.$element[t](0),this.transition("addClass",e.Event("show"),"shown"),e.support.transition&&this.$element[t](this.$element[0][n])},hide:function(){var t;if(this.transitioning||!this.$element.hasClass("in"))return;t=this.dimension(),this.reset(this.$element[t]()),this.transition("removeClass",e.Event("hide"),"hidden"),this.$element[t](0)},reset:function(e){var t=this.dimension();return this.$element.removeClass("collapse")[t](e||"auto")[0].offsetWidth,this.$element[e!==null?"addClass":"removeClass"]("collapse"),this},transition:function(t,n,r){var i=this,s=function(){n.type=="show"&&i.reset(),i.transitioning=0,i.$element.trigger(r)};this.$element.trigger(n);if(n.isDefaultPrevented())return;this.transitioning=1,this.$element[t]("in"),e.support.transition&&this.$element.hasClass("collapse")?this.$element.one(e.support.transition.end,s):s()},toggle:function(){this[this.$element.hasClass("in")?"hide":"show"]()}};var n=e.fn.collapse;e.fn.collapse=function(n){return this.each(function(){var r=e(this),i=r.data("collapse"),s=e.extend({},e.fn.collapse.defaults,r.data(),typeof n=="object"&&n);i||r.data("collapse",i=new t(this,s)),typeof n=="string"&&i[n]()})},e.fn.collapse.defaults={toggle:!0},e.fn.collapse.Constructor=t,e.fn.collapse.noConflict=function(){return e.fn.collapse=n,this},e(document).on("click.collapse.data-api","[data-toggle=collapse]",function(t){var n=e(this),r,i=n.attr("data-target")||t.preventDefault()||(r=n.attr("href"))&&r.replace(/.*(?=#[^\s]+$)/,""),s=e(i).data("collapse")?"toggle":n.data();n[e(i).hasClass("in")?"addClass":"removeClass"]("collapsed"),e(i).collapse(s)})}(window.jQuery),!function(e){"use strict";function r(){e(".dropdown-backdrop").remove(),e(t).each(function(){i(e(this)).removeClass("open")})}function i(t){var n=t.attr("data-target"),r;n||(n=t.attr("href"),n=n&&/#/.test(n)&&n.replace(/.*(?=#[^\s]*$)/,"")),r=n&&e(n);if(!r||!r.length)r=t.parent();return r}var t="[data-toggle=dropdown]",n=function(t){var n=e(t).on("click.dropdown.data-api",this.toggle);e("html").on("click.dropdown.data-api",function(){n.parent().removeClass("open")})};n.prototype={constructor:n,toggle:function(t){var n=e(this),s,o;if(n.is(".disabled, :disabled"))return;return s=i(n),o=s.hasClass("open"),r(),o||("ontouchstart"in document.documentElement&&e('<div class="dropdown-backdrop"/>').insertBefore(e(this)).on("click",r),s.toggleClass("open")),n.focus(),!1},keydown:function(n){var r,s,o,u,a,f;if(!/(38|40|27)/.test(n.keyCode))return;r=e(this),n.preventDefault(),n.stopPropagation();if(r.is(".disabled, :disabled"))return;u=i(r),a=u.hasClass("open");if(!a||a&&n.keyCode==27)return n.which==27&&u.find(t).focus(),r.click();s=e("[role=menu] li:not(.divider):visible a",u);if(!s.length)return;f=s.index(s.filter(":focus")),n.keyCode==38&&f>0&&f--,n.keyCode==40&&f<s.length-1&&f++,~f||(f=0),s.eq(f).focus()}};var s=e.fn.dropdown;e.fn.dropdown=function(t){return this.each(function(){var r=e(this),i=r.data("dropdown");i||r.data("dropdown",i=new n(this)),typeof t=="string"&&i[t].call(r)})},e.fn.dropdown.Constructor=n,e.fn.dropdown.noConflict=function(){return e.fn.dropdown=s,this},e(document).on("click.dropdown.data-api",r).on("click.dropdown.data-api",".dropdown form",function(e){e.stopPropagation()}).on("click.dropdown.data-api",t,n.prototype.toggle).on("keydown.dropdown.data-api",t+", [role=menu]",n.prototype.keydown)}(window.jQuery),!function(e){"use strict";var t=function(t,n){this.options=n,this.$element=e(t).delegate('[data-dismiss="modal"]',"click.dismiss.modal",e.proxy(this.hide,this)),this.options.remote&&this.$element.find(".modal-body").load(this.options.remote)};t.prototype={constructor:t,toggle:function(){return this[this.isShown?"hide":"show"]()},show:function(){var t=this,n=e.Event("show");this.$element.trigger(n);if(this.isShown||n.isDefaultPrevented())return;this.isShown=!0,this.escape(),this.backdrop(function(){var n=e.support.transition&&t.$element.hasClass("fade");t.$element.parent().length||t.$element.appendTo(document.body),t.$element.show(),n&&t.$element[0].offsetWidth,t.$element.addClass("in").attr("aria-hidden",!1),t.enforceFocus(),n?t.$element.one(e.support.transition.end,function(){t.$element.focus().trigger("shown")}):t.$element.focus().trigger("shown")})},hide:function(t){t&&t.preventDefault();var n=this;t=e.Event("hide"),this.$element.trigger(t);if(!this.isShown||t.isDefaultPrevented())return;this.isShown=!1,this.escape(),e(document).off("focusin.modal"),this.$element.removeClass("in").attr("aria-hidden",!0),e.support.transition&&this.$element.hasClass("fade")?this.hideWithTransition():this.hideModal()},enforceFocus:function(){var t=this;e(document).on("focusin.modal",function(e){t.$element[0]!==e.target&&!t.$element.has(e.target).length&&t.$element.focus()})},escape:function(){var e=this;this.isShown&&this.options.keyboard?this.$element.on("keyup.dismiss.modal",function(t){t.which==27&&e.hide()}):this.isShown||this.$element.off("keyup.dismiss.modal")},hideWithTransition:function(){var t=this,n=setTimeout(function(){t.$element.off(e.support.transition.end),t.hideModal()},500);this.$element.one(e.support.transition.end,function(){clearTimeout(n),t.hideModal()})},hideModal:function(){var e=this;this.$element.hide(),this.backdrop(function(){e.removeBackdrop(),e.$element.trigger("hidden")})},removeBackdrop:function(){this.$backdrop&&this.$backdrop.remove(),this.$backdrop=null},backdrop:function(t){var n=this,r=this.$element.hasClass("fade")?"fade":"";if(this.isShown&&this.options.backdrop){var i=e.support.transition&&r;this.$backdrop=e('<div class="modal-backdrop '+r+'" />').appendTo(document.body),this.$backdrop.click(this.options.backdrop=="static"?e.proxy(this.$element[0].focus,this.$element[0]):e.proxy(this.hide,this)),i&&this.$backdrop[0].offsetWidth,this.$backdrop.addClass("in");if(!t)return;i?this.$backdrop.one(e.support.transition.end,t):t()}else!this.isShown&&this.$backdrop?(this.$backdrop.removeClass("in"),e.support.transition&&this.$element.hasClass("fade")?this.$backdrop.one(e.support.transition.end,t):t()):t&&t()}};var n=e.fn.modal;e.fn.modal=function(n){return this.each(function(){var r=e(this),i=r.data("modal"),s=e.extend({},e.fn.modal.defaults,r.data(),typeof n=="object"&&n);i||r.data("modal",i=new t(this,s)),typeof n=="string"?i[n]():s.show&&i.show()})},e.fn.modal.defaults={backdrop:!0,keyboard:!0,show:!0},e.fn.modal.Constructor=t,e.fn.modal.noConflict=function(){return e.fn.modal=n,this},e(document).on("click.modal.data-api",'[data-toggle="modal"]',function(t){var n=e(this),r=n.attr("href"),i=e(n.attr("data-target")||r&&r.replace(/.*(?=#[^\s]+$)/,"")),s=i.data("modal")?"toggle":e.extend({remote:!/#/.test(r)&&r},i.data(),n.data());t.preventDefault(),i.modal(s).one("hide",function(){n.focus()})})}(window.jQuery),!function(e){"use strict";var t=function(e,t){this.init("tooltip",e,t)};t.prototype={constructor:t,init:function(t,n,r){var i,s,o,u,a;this.type=t,this.$element=e(n),this.options=this.getOptions(r),this.enabled=!0,o=this.options.trigger.split(" ");for(a=o.length;a--;)u=o[a],u=="click"?this.$element.on("click."+this.type,this.options.selector,e.proxy(this.toggle,this)):u!="manual"&&(i=u=="hover"?"mouseenter":"focus",s=u=="hover"?"mouseleave":"blur",this.$element.on(i+"."+this.type,this.options.selector,e.proxy(this.enter,this)),this.$element.on(s+"."+this.type,this.options.selector,e.proxy(this.leave,this)));this.options.selector?this._options=e.extend({},this.options,{trigger:"manual",selector:""}):this.fixTitle()},getOptions:function(t){return t=e.extend({},e.fn[this.type].defaults,this.$element.data(),t),t.delay&&typeof t.delay=="number"&&(t.delay={show:t.delay,hide:t.delay}),t},enter:function(t){var n=e.fn[this.type].defaults,r={},i;this._options&&e.each(this._options,function(e,t){n[e]!=t&&(r[e]=t)},this),i=e(t.currentTarget)[this.type](r).data(this.type);if(!i.options.delay||!i.options.delay.show)return i.show();clearTimeout(this.timeout),i.hoverState="in",this.timeout=setTimeout(function(){i.hoverState=="in"&&i.show()},i.options.delay.show)},leave:function(t){var n=e(t.currentTarget)[this.type](this._options).data(this.type);this.timeout&&clearTimeout(this.timeout);if(!n.options.delay||!n.options.delay.hide)return n.hide();n.hoverState="out",this.timeout=setTimeout(function(){n.hoverState=="out"&&n.hide()},n.options.delay.hide)},show:function(){var t,n,r,i,s,o,u=e.Event("show");if(this.hasContent()&&this.enabled){this.$element.trigger(u);if(u.isDefaultPrevented())return;t=this.tip(),this.setContent(),this.options.animation&&t.addClass("fade"),s=typeof this.options.placement=="function"?this.options.placement.call(this,t[0],this.$element[0]):this.options.placement,t.detach().css({top:0,left:0,display:"block"}),this.options.container?t.appendTo(this.options.container):t.insertAfter(this.$element),n=this.getPosition(),r=t[0].offsetWidth,i=t[0].offsetHeight;switch(s){case"bottom":o={top:n.top+n.height,left:n.left+n.width/2-r/2};break;case"top":o={top:n.top-i,left:n.left+n.width/2-r/2};break;case"left":o={top:n.top+n.height/2-i/2,left:n.left-r};break;case"right":o={top:n.top+n.height/2-i/2,left:n.left+n.width}}this.applyPlacement(o,s),this.$element.trigger("shown")}},applyPlacement:function(e,t){var n=this.tip(),r=n[0].offsetWidth,i=n[0].offsetHeight,s,o,u,a;n.offset(e).addClass(t).addClass("in"),s=n[0].offsetWidth,o=n[0].offsetHeight,t=="top"&&o!=i&&(e.top=e.top+i-o,a=!0),t=="bottom"||t=="top"?(u=0,e.left<0&&(u=e.left*-2,e.left=0,n.offset(e),s=n[0].offsetWidth,o=n[0].offsetHeight),this.replaceArrow(u-r+s,s,"left")):this.replaceArrow(o-i,o,"top"),a&&n.offset(e)},replaceArrow:function(e,t,n){this.arrow().css(n,e?50*(1-e/t)+"%":"")},setContent:function(){var e=this.tip(),t=this.getTitle();e.find(".tooltip-inner")[this.options.html?"html":"text"](t),e.removeClass("fade in top bottom left right")},hide:function(){function i(){var t=setTimeout(function(){n.off(e.support.transition.end).detach()},500);n.one(e.support.transition.end,function(){clearTimeout(t),n.detach()})}var t=this,n=this.tip(),r=e.Event("hide");this.$element.trigger(r);if(r.isDefaultPrevented())return;return n.removeClass("in"),e.support.transition&&this.$tip.hasClass("fade")?i():n.detach(),this.$element.trigger("hidden"),this},fixTitle:function(){var e=this.$element;(e.attr("title")||typeof e.attr("data-original-title")!="string")&&e.attr("data-original-title",e.attr("title")||"").attr("title","")},hasContent:function(){return this.getTitle()},getPosition:function(){var t=this.$element[0];return e.extend({},typeof t.getBoundingClientRect=="function"?t.getBoundingClientRect():{width:t.offsetWidth,height:t.offsetHeight},this.$element.offset())},getTitle:function(){var e,t=this.$element,n=this.options;return e=t.attr("data-original-title")||(typeof n.title=="function"?n.title.call(t[0]):n.title),e},tip:function(){return this.$tip=this.$tip||e(this.options.template)},arrow:function(){return this.$arrow=this.$arrow||this.tip().find(".tooltip-arrow")},validate:function(){this.$element[0].parentNode||(this.hide(),this.$element=null,this.options=null)},enable:function(){this.enabled=!0},disable:function(){this.enabled=!1},toggleEnabled:function(){this.enabled=!this.enabled},toggle:function(t){var n=t?e(t.currentTarget)[this.type](this._options).data(this.type):this;n.tip().hasClass("in")?n.hide():n.show()},destroy:function(){this.hide().$element.off("."+this.type).removeData(this.type)}};var n=e.fn.tooltip;e.fn.tooltip=function(n){return this.each(function(){var r=e(this),i=r.data("tooltip"),s=typeof n=="object"&&n;i||r.data("tooltip",i=new t(this,s)),typeof n=="string"&&i[n]()})},e.fn.tooltip.Constructor=t,e.fn.tooltip.defaults={animation:!0,placement:"top",selector:!1,template:'<div class="tooltip"><div class="tooltip-arrow"></div><div class="tooltip-inner"></div></div>',trigger:"hover focus",title:"",delay:0,html:!1,container:!1},e.fn.tooltip.noConflict=function(){return e.fn.tooltip=n,this}}(window.jQuery),!function(e){"use strict";var t=function(e,t){this.init("popover",e,t)};t.prototype=e.extend({},e.fn.tooltip.Constructor.prototype,{constructor:t,setContent:function(){var e=this.tip(),t=this.getTitle(),n=this.getContent();e.find(".popover-title")[this.options.html?"html":"text"](t),e.find(".popover-content")[this.options.html?"html":"text"](n),e.removeClass("fade top bottom left right in")},hasContent:function(){return this.getTitle()||this.getContent()},getContent:function(){var e,t=this.$element,n=this.options;return e=(typeof n.content=="function"?n.content.call(t[0]):n.content)||t.attr("data-content"),e},tip:function(){return this.$tip||(this.$tip=e(this.options.template)),this.$tip},destroy:function(){this.hide().$element.off("."+this.type).removeData(this.type)}});var n=e.fn.popover;e.fn.popover=function(n){return this.each(function(){var r=e(this),i=r.data("popover"),s=typeof n=="object"&&n;i||r.data("popover",i=new t(this,s)),typeof n=="string"&&i[n]()})},e.fn.popover.Constructor=t,e.fn.popover.defaults=e.extend({},e.fn.tooltip.defaults,{placement:"right",trigger:"click",content:"",template:'<div class="popover"><div class="arrow"></div><h3 class="popover-title"></h3><div class="popover-content"></div></div>'}),e.fn.popover.noConflict=function(){return e.fn.popover=n,this}}(window.jQuery),!function(e){"use strict";function t(t,n){var r=e.proxy(this.process,this),i=e(t).is("body")?e(window):e(t),s;this.options=e.extend({},e.fn.scrollspy.defaults,n),this.$scrollElement=i.on("scroll.scroll-spy.data-api",r),this.selector=(this.options.target||(s=e(t).attr("href"))&&s.replace(/.*(?=#[^\s]+$)/,"")||"")+" .nav li > a",this.$body=e("body"),this.refresh(),this.process()}t.prototype={constructor:t,refresh:function(){var t=this,n;this.offsets=e([]),this.targets=e([]),n=this.$body.find(this.selector).map(function(){var n=e(this),r=n.data("target")||n.attr("href"),i=/^#\w/.test(r)&&e(r);return i&&i.length&&[[i.position().top+(!e.isWindow(t.$scrollElement.get(0))&&t.$scrollElement.scrollTop()),r]]||null}).sort(function(e,t){return e[0]-t[0]}).each(function(){t.offsets.push(this[0]),t.targets.push(this[1])})},process:function(){var e=this.$scrollElement.scrollTop()+this.options.offset,t=this.$scrollElement[0].scrollHeight||this.$body[0].scrollHeight,n=t-this.$scrollElement.height(),r=this.offsets,i=this.targets,s=this.activeTarget,o;if(e>=n)return s!=(o=i.last()[0])&&this.activate(o);for(o=r.length;o--;)s!=i[o]&&e>=r[o]&&(!r[o+1]||e<=r[o+1])&&this.activate(i[o])},activate:function(t){var n,r;this.activeTarget=t,e(this.selector).parent(".active").removeClass("active"),r=this.selector+'[data-target="'+t+'"],'+this.selector+'[href="'+t+'"]',n=e(r).parent("li").addClass("active"),n.parent(".dropdown-menu").length&&(n=n.closest("li.dropdown").addClass("active")),n.trigger("activate")}};var n=e.fn.scrollspy;e.fn.scrollspy=function(n){return this.each(function(){var r=e(this),i=r.data("scrollspy"),s=typeof n=="object"&&n;i||r.data("scrollspy",i=new t(this,s)),typeof n=="string"&&i[n]()})},e.fn.scrollspy.Constructor=t,e.fn.scrollspy.defaults={offset:10},e.fn.scrollspy.noConflict=function(){return e.fn.scrollspy=n,this},e(window).on("load",function(){e('[data-spy="scroll"]').each(function(){var t=e(this);t.scrollspy(t.data())})})}(window.jQuery),!function(e){"use strict";var t=function(t){this.element=e(t)};t.prototype={constructor:t,show:function(){var t=this.element,n=t.closest("ul:not(.dropdown-menu)"),r=t.attr("data-target"),i,s,o;r||(r=t.attr("href"),r=r&&r.replace(/.*(?=#[^\s]*$)/,""));if(t.parent("li").hasClass("active"))return;i=n.find(".active:last a")[0],o=e.Event("show",{relatedTarget:i}),t.trigger(o);if(o.isDefaultPrevented())return;s=e(r),this.activate(t.parent("li"),n),this.activate(s,s.parent(),function(){t.trigger({type:"shown",relatedTarget:i})})},activate:function(t,n,r){function o(){i.removeClass("active").find("> .dropdown-menu > .active").removeClass("active"),t.addClass("active"),s?(t[0].offsetWidth,t.addClass("in")):t.removeClass("fade"),t.parent(".dropdown-menu")&&t.closest("li.dropdown").addClass("active"),r&&r()}var i=n.find("> .active"),s=r&&e.support.transition&&i.hasClass("fade");s?i.one(e.support.transition.end,o):o(),i.removeClass("in")}};var n=e.fn.tab;e.fn.tab=function(n){return this.each(function(){var r=e(this),i=r.data("tab");i||r.data("tab",i=new t(this)),typeof n=="string"&&i[n]()})},e.fn.tab.Constructor=t,e.fn.tab.noConflict=function(){return e.fn.tab=n,this},e(document).on("click.tab.data-api",'[data-toggle="tab"], [data-toggle="pill"]',function(t){t.preventDefault(),e(this).tab("show")})}(window.jQuery),!function(e){"use strict";var t=function(t,n){this.$element=e(t),this.options=e.extend({},e.fn.typeahead.defaults,n),this.matcher=this.options.matcher||this.matcher,this.sorter=this.options.sorter||this.sorter,this.highlighter=this.options.highlighter||this.highlighter,this.updater=this.options.updater||this.updater,this.source=this.options.source,this.$menu=e(this.options.menu),this.shown=!1,this.listen()};t.prototype={constructor:t,select:function(){var e=this.$menu.find(".active").attr("data-value");return this.$element.val(this.updater(e)).change(),this.hide()},updater:function(e){return e},show:function(){var t=e.extend({},this.$element.position(),{height:this.$element[0].offsetHeight});return this.$menu.insertAfter(this.$element).css({top:t.top+t.height,left:t.left}).show(),this.shown=!0,this},hide:function(){return this.$menu.hide(),this.shown=!1,this},lookup:function(t){var n;return this.query=this.$element.val(),!this.query||this.query.length<this.options.minLength?this.shown?this.hide():this:(n=e.isFunction(this.source)?this.source(this.query,e.proxy(this.process,this)):this.source,n?this.process(n):this)},process:function(t){var n=this;return t=e.grep(t,function(e){return n.matcher(e)}),t=this.sorter(t),t.length?this.render(t.slice(0,this.options.items)).show():this.shown?this.hide():this},matcher:function(e){return~e.toLowerCase().indexOf(this.query.toLowerCase())},sorter:function(e){var t=[],n=[],r=[],i;while(i=e.shift())i.toLowerCase().indexOf(this.query.toLowerCase())?~i.indexOf(this.query)?n.push(i):r.push(i):t.push(i);return t.concat(n,r)},highlighter:function(e){var t=this.query.replace(/[\-\[\]{}()*+?.,\\\^$|#\s]/g,"\\$&");return e.replace(new RegExp("("+t+")","ig"),function(e,t){return"<strong>"+t+"</strong>"})},render:function(t){var n=this;return t=e(t).map(function(t,r){return t=e(n.options.item).attr("data-value",r),t.find("a").html(n.highlighter(r)),t[0]}),t.first().addClass("active"),this.$menu.html(t),this},next:function(t){var n=this.$menu.find(".active").removeClass("active"),r=n.next();r.length||(r=e(this.$menu.find("li")[0])),r.addClass("active")},prev:function(e){var t=this.$menu.find(".active").removeClass("active"),n=t.prev();n.length||(n=this.$menu.find("li").last()),n.addClass("active")},listen:function(){this.$element.on("focus",e.proxy(this.focus,this)).on("blur",e.proxy(this.blur,this)).on("keypress",e.proxy(this.keypress,this)).on("keyup",e.proxy(this.keyup,this)),this.eventSupported("keydown")&&this.$element.on("keydown",e.proxy(this.keydown,this)),this.$menu.on("click",e.proxy(this.click,this)).on("mouseenter","li",e.proxy(this.mouseenter,this)).on("mouseleave","li",e.proxy(this.mouseleave,this))},eventSupported:function(e){var t=e in this.$element;return t||(this.$element.setAttribute(e,"return;"),t=typeof this.$element[e]=="function"),t},move:function(e){if(!this.shown)return;switch(e.keyCode){case 9:case 13:case 27:e.preventDefault();break;case 38:e.preventDefault(),this.prev();break;case 40:e.preventDefault(),this.next()}e.stopPropagation()},keydown:function(t){this.suppressKeyPressRepeat=~e.inArray(t.keyCode,[40,38,9,13,27]),this.move(t)},keypress:function(e){if(this.suppressKeyPressRepeat)return;this.move(e)},keyup:function(e){switch(e.keyCode){case 40:case 38:case 16:case 17:case 18:break;case 9:case 13:if(!this.shown)return;this.select();break;case 27:if(!this.shown)return;this.hide();break;default:this.lookup()}e.stopPropagation(),e.preventDefault()},focus:function(e){this.focused=!0},blur:function(e){this.focused=!1,!this.mousedover&&this.shown&&this.hide()},click:function(e){e.stopPropagation(),e.preventDefault(),this.select(),this.$element.focus()},mouseenter:function(t){this.mousedover=!0,this.$menu.find(".active").removeClass("active"),e(t.currentTarget).addClass("active")},mouseleave:function(e){this.mousedover=!1,!this.focused&&this.shown&&this.hide()}};var n=e.fn.typeahead;e.fn.typeahead=function(n){return this.each(function(){var r=e(this),i=r.data("typeahead"),s=typeof n=="object"&&n;i||r.data("typeahead",i=new t(this,s)),typeof n=="string"&&i[n]()})},e.fn.typeahead.defaults={source:[],items:8,menu:'<ul class="typeahead dropdown-menu"></ul>',item:'<li><a href="#"></a></li>',minLength:1},e.fn.typeahead.Constructor=t,e.fn.typeahead.noConflict=function(){return e.fn.typeahead=n,this},e(document).on("focus.typeahead.data-api",'[data-provide="typeahead"]',function(t){var n=e(this);if(n.data("typeahead"))return;n.typeahead(n.data())})}(window.jQuery),!function(e){"use strict";var t=function(t,n){this.options=e.extend({},e.fn.affix.defaults,n),this.$window=e(window).on("scroll.affix.data-api",e.proxy(this.checkPosition,this)).on("click.affix.data-api",e.proxy(function(){setTimeout(e.proxy(this.checkPosition,this),1)},this)),this.$element=e(t),this.checkPosition()};t.prototype.checkPosition=function(){if(!this.$element.is(":visible"))return;var t=e(document).height(),n=this.$window.scrollTop(),r=this.$element.offset(),i=this.options.offset,s=i.bottom,o=i.top,u="affix affix-top affix-bottom",a;typeof i!="object"&&(s=o=i),typeof o=="function"&&(o=i.top()),typeof s=="function"&&(s=i.bottom()),a=this.unpin!=null&&n+this.unpin<=r.top?!1:s!=null&&r.top+this.$element.height()>=t-s?"bottom":o!=null&&n<=o?"top":!1;if(this.affixed===a)return;this.affixed=a,this.unpin=a=="bottom"?r.top-n:null,this.$element.removeClass(u).addClass("affix"+(a?"-"+a:""))};var n=e.fn.affix;e.fn.affix=function(n){return this.each(function(){var r=e(this),i=r.data("affix"),s=typeof n=="object"&&n;i||r.data("affix",i=new t(this,s)),typeof n=="string"&&i[n]()})},e.fn.affix.Constructor=t,e.fn.affix.defaults={offset:0},e.fn.affix.noConflict=function(){return e.fn.affix=n,this},e(window).on("load",function(){e('[data-spy="affix"]').each(function(){var t=e(this),n=t.data();n.offset=n.offset||{},n.offsetBottom&&(n.offset.bottom=n.offsetBottom),n.offsetTop&&(n.offset.top=n.offsetTop),t.affix(n)})})}(window.jQuery);
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/css/bootstrap-sheet.css b/openid-connect-server-webapp/src/main/webapp/resources/css/bootstrap-sheet.css
new file mode 100644
index 000000000..ad9e44d60
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/css/bootstrap-sheet.css
@@ -0,0 +1,57 @@
+/*!
+ * Bootstrap modal sheet
+ *
+ * Author: Michaël Perrin
+ * https://github.com/michaelperrin/bootstrap-modal-sheet
+ */
+
+.sheet form {
+  margin: 0;
+}
+
+.sheet .form-actions {
+  margin-top: 10px;
+  margin-bottom: 0;
+  padding: 10px 20px 10px;
+  text-align: right;
+}
+
+.sheet {
+  position: absolute;
+  z-index: 1050;
+
+  width: 600px;
+  background: rgba(240, 240, 240, 0.9);
+  border-color: #909090;
+  border-style: solid;
+  border-width: 0 1px 1px 1px;
+  box-shadow: inset 0 15px 12px -10px rgba(0, 0, 0, 0.4), 0 5px 12px rgba(0, 0, 0, 0.4);
+  padding-top: 15px;
+}
+
+.sheet.hide {
+  display: none;
+}
+
+.sheet .sheet-body {
+  padding-left: 15px;
+  padding-right: 15px;
+}
+
+.sheet .sheet-footer {
+  margin-top: 10px;
+  margin-bottom: 0;
+  padding: 10px 20px 10px;
+  text-align: right;
+  background-color: #f5f5f5;
+  border-top: 1px solid #e5e5e5;
+}
+
+.sheet-backdrop {
+  position: fixed;
+  top: 0;
+  right: 0;
+  bottom: 0;
+  left: 0;
+  z-index: 1040;
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect-local.css b/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect-local.css
new file mode 100644
index 000000000..266f8b379
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect-local.css
@@ -0,0 +1,3 @@
+/*
+ * Overlay this file to provide local style overrides.
+ */
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect-responsive-local.css b/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect-responsive-local.css
new file mode 100644
index 000000000..266f8b379
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect-responsive-local.css
@@ -0,0 +1,3 @@
+/*
+ * Overlay this file to provide local style overrides.
+ */
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect-responsive.css b/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect-responsive.css
new file mode 100644
index 000000000..cc5e32cfe
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect-responsive.css
@@ -0,0 +1,16 @@
+/* size-responsive CSS to be loaded after bootstrap-responsive */
+
+@media ( min-width : 768px) and (max-width: 979px) {
+	.main {
+		padding-top: 0px;
+	}
+}
+
+@media ( max-width : 767px) {
+	#footer {
+		margin-left: -20px;
+		margin-right: -20px;
+		padding-left: 20px;
+		padding-right: 20px;
+	}
+}
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect.css b/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect.css
new file mode 100644
index 000000000..21d823f22
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/css/mitreid-connect.css
@@ -0,0 +1,202 @@
+/* Stylesheet for the MITREid Connect server web application */
+
+html,body {
+	height: 100%;
+	/* The html and body elements cannot have any padding or margin. */
+}
+
+.sidebar-nav {
+	padding: 9px 0;
+}
+
+h1,label {
+	text-shadow: 1px 1px 1px #FFFFFF;
+}
+
+.navbar .brand {
+	max-height: 20px;
+}
+
+.navbar .brand img {
+	max-height: 24px;
+	width: auto;
+	position: relative;
+	top: -2px;
+	left: -6px;
+}
+
+/* login button */
+
+.navbar #userButton,
+.navbar #loginButton {
+    background-repeat: repeat-x;
+    border-color: rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);
+    color: #ffffff;
+    text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.25);
+    box-shadow: 0 3px 8px rgba(255, 255, 255, 0.125) inset;
+    font-size: 0.9em;
+}
+
+.navbar #userButton {
+    background-color: #006dcc;
+    background-image: linear-gradient(to bottom, #0088cc, #0044cc);
+}
+.navbar #loginButton {
+	background-color: #5bb75b;
+	background-image: linear-gradient(to bottom, #62c462, #51a351);
+}
+
+.navbar #userButton:focus, .navbar #userButton:hover,
+.navbar #loginButton:focus, .navbar #loginButton:hover {
+    color: #ffffff;
+    background-position: 0 -15px;
+    text-decoration: none;
+    transition: background-position 0.1s linear 0s;
+}
+
+.navbar #userButton:focus, .navbar #userButton:hover {
+	background-color: #0044cc;
+}
+.navbar #loginButton:focus, .navbar #loginButton:hover {
+	background-color: #51a351;
+}
+
+.navbar #userButton:active,
+.navbar #loginButton:active {
+    color: #ffffff;
+	background-image: none;
+    box-shadow: 0 2px 4px rgba(0, 0, 0, 0.15) inset, 0 1px 2px rgba(0, 0, 0, 0.05);
+    outline: 0 none;
+}
+
+.navbar #userButton:active {
+	background-color: #0044cc;
+}
+
+.navbar #loginButton:active {
+	background-color: #51a351;
+}
+
+.navbar #userButton .caret {
+    border-bottom-color: #ffffff;
+    border-top-color: #ffffff;
+}
+
+/* Wrapper for page content to push down footer */
+#wrap {
+	min-height: 100%;
+	height: auto !important;
+	height: 100%;
+	/* Negative indent footer by its height */
+	margin: 0 auto -60px;
+}
+
+/* Set the fixed height of the footer here */
+#push,#footer {
+	min-height: 60px;
+}
+
+#footer {
+	background-color: #f5f5f5;
+}
+
+.main {
+	padding-top: 60px;
+}
+
+.credit {
+	margin: 20px 0;
+}
+
+.inputError {
+	border: 1px solid #b94a48 !important;
+}
+
+/* Fix for wonky forms */
+
+.input-append.input-block-level,
+.input-prepend.input-block-level {
+  display: table;
+}
+
+.input-append.input-block-level .add-on,
+.input-prepend.input-block-level .add-on {
+  display: table-cell;
+  width: 1%; /* remove this if you want default bootstrap button width */
+}
+
+.input-append.input-block-level > input,
+.input-prepend.input-block-level > input {
+  box-sizing: border-box; /* use bootstrap mixin or include vendor variants */
+  -moz-box-sizing: border-box; /* for Firefox */
+  min-height: inherit;
+  width: 100%;
+}
+
+/* This block applies to Chrome only */
+@media screen and (-webkit-min-device-pixel-ratio:0) {
+  .input-append.input-block-level > input,
+  .input-prepend.input-block-level > input {
+    display: table; /* table-cell is not working well in Chrome for small widths */
+  }
+}
+
+.input-append.input-block-level > input {
+  border-right: 0;
+}
+
+.input-prepend.input-block-level > input {
+  border-left: 0;
+}
+
+.label-matched, .badge-matched {
+	background-color: #D1D1FF;
+}
+
+/* get rid of extraneous outline on tabs */
+
+.nav-tabs > .active > a, .nav-tabs > .active > a:hover {
+	outline: 0;
+}
+
+.control-group .controls div {
+    display: block;
+}
+
+.control-group .controls div {
+    padding-top: 5px;
+    margin-bottom: 5px;
+}
+
+.control-group .controls div label.checkbox,
+.control-group .controls div label.radio {
+  display: inline-block;
+  padding: 0 5px 0 5px;
+  line-height: 20px;
+}
+
+.control-group .controls div input[type=checkbox],
+.control-group .controls div input[type=radio] {
+  line-height: 20px;
+  vertical-align: middle;
+  margin: 0;
+}
+
+/* User profile claims alignment */
+.user-profile dd, .user-profile dt {
+    height: 20px;
+}
+
+/* Client table images */
+.client-logo {
+	max-width: 64px; 
+	max-height: 64px
+}
+
+/* Modal and sheet fight for the same z-index otherwise */
+.modal-backdrop {
+  z-index: 2040;
+}
+.modal {
+  z-index: 2050;
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/images/heart_mode.png b/openid-connect-server-webapp/src/main/webapp/resources/images/heart_mode.png
new file mode 100644
index 000000000..bae99657e
Binary files /dev/null and b/openid-connect-server-webapp/src/main/webapp/resources/images/heart_mode.png differ
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/images/heart_mode@2x.png b/openid-connect-server-webapp/src/main/webapp/resources/images/heart_mode@2x.png
new file mode 100644
index 000000000..8f65e47a5
Binary files /dev/null and b/openid-connect-server-webapp/src/main/webapp/resources/images/heart_mode@2x.png differ
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/images/logo_placeholder.gif b/openid-connect-server-webapp/src/main/webapp/resources/images/logo_placeholder.gif
new file mode 100644
index 000000000..035747694
Binary files /dev/null and b/openid-connect-server-webapp/src/main/webapp/resources/images/logo_placeholder.gif differ
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/images/mitreid-connect.ico b/openid-connect-server-webapp/src/main/webapp/resources/images/mitreid-connect.ico
new file mode 100644
index 000000000..3dfafe812
Binary files /dev/null and b/openid-connect-server-webapp/src/main/webapp/resources/images/mitreid-connect.ico differ
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/images/openid_connect_large.png b/openid-connect-server-webapp/src/main/webapp/resources/images/openid_connect_large.png
new file mode 100644
index 000000000..33eb16eed
Binary files /dev/null and b/openid-connect-server-webapp/src/main/webapp/resources/images/openid_connect_large.png differ
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/images/openid_connect_large@2x.png b/openid-connect-server-webapp/src/main/webapp/resources/images/openid_connect_large@2x.png
new file mode 100644
index 000000000..04c094dd0
Binary files /dev/null and b/openid-connect-server-webapp/src/main/webapp/resources/images/openid_connect_large@2x.png differ
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/images/openid_connect_small.png b/openid-connect-server-webapp/src/main/webapp/resources/images/openid_connect_small.png
new file mode 100644
index 000000000..09bbaadc6
Binary files /dev/null and b/openid-connect-server-webapp/src/main/webapp/resources/images/openid_connect_small.png differ
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/images/openid_connect_small@2x.png b/openid-connect-server-webapp/src/main/webapp/resources/images/openid_connect_small@2x.png
new file mode 100644
index 000000000..6b845e2bf
Binary files /dev/null and b/openid-connect-server-webapp/src/main/webapp/resources/images/openid_connect_small@2x.png differ
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/admin.js b/openid-connect-server-webapp/src/main/webapp/resources/js/admin.js
new file mode 100644
index 000000000..e6d5d9a76
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/admin.js
@@ -0,0 +1,580 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Portions copyright 2011-2013 The MITRE Corporation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+Backbone.Model.prototype.fetchIfNeeded = function(options) {
+	var _self = this;
+	if (!options) {
+		options = {};
+	}
+	var success = options.success;
+	options.success = function(c, r) {
+		_self.isFetched = true;
+		if (success) {
+			success(c, r);
+		}
+	};
+	if (!this.isFetched) {
+		return this.fetch(options);
+	} else {
+		return options.success(this, null);
+	}
+};
+
+Backbone.Collection.prototype.fetchIfNeeded = function(options) {
+	var _self = this;
+	if (!options) {
+		options = {};
+	}
+	var success = options.success;
+	options.success = function(c, r) {
+		_self.isFetched = true;
+		if (success) {
+			success(c, r);
+		}
+	};
+	if (!this.isFetched) {
+		return this.fetch(options);
+	} else {
+		return options.success(this, null);
+	}
+};
+
+var URIModel = Backbone.Model
+		.extend({
+
+			validate: function(attrs) {
+
+				var expression = /^(?:([a-z0-9+.-]+:\/\/)((?:(?:[a-z0-9-._~!$&'()*+,;=:]|%[0-9A-F]{2})*)@)?((?:[a-z0-9-._~!$&'()*+,;=]|%[0-9A-F]{2})*)(:(?:\d*))?(\/(?:[a-z0-9-._~!$&'()*+,;=:@\/]|%[0-9A-F]{2})*)?|([a-z0-9+.-]+:)(\/?(?:[a-z0-9-._~!$&'()*+,;=:@]|%[0-9A-F]{2})+(?:[a-z0-9-._~!$&'()*+,;=:@\/]|%[0-9A-F]{2})*)?)(\?(?:[a-z0-9-._~!$&'()*+,;=:\/?@]|%[0-9A-F]{2})*)?(#(?:[a-z0-9-._~!$&'()*+,;=:\/?@]|%[0-9A-F]{2})*)?$/i;
+				var regex = new RegExp(expression);
+
+				if (attrs.item == null || !attrs.item.match(regex)) {
+					return "Invalid URI";
+				}
+			}
+
+		});
+
+/*
+ * Backbone JS Reusable ListWidget Options { collection: Backbone JS Collection
+ * type: ('uri'|'default') autocomplete: ['item1','item2'] List of auto complete
+ * items }
+ * 
+ */
+var ListWidgetChildView = Backbone.View.extend({
+
+	tagName: 'tr',
+
+	events: {
+		"click .btn-delete-list-item": 'deleteItem',
+		"change .checkbox-list-item": 'toggleCheckbox'
+	},
+
+	deleteItem: function(e) {
+		e.preventDefault();
+		e.stopImmediatePropagation();
+		// this.$el.tooltip('delete');
+
+		this.model.destroy({
+			dataType: false,
+			processData: false,
+			error: app.errorHandlerView.handleError()
+		});
+
+	},
+
+	toggleCheckbox: function(e) {
+		e.preventDefault();
+		e.stopImmediatePropagation();
+		if ($(e.target).is(':checked')) {
+			this.options.collection.add(this.model);
+		} else {
+			this.options.collection.remove(this.model);
+		}
+
+	},
+
+	initialize: function(options) {
+		this.options = {
+			toggle: false,
+			checked: false
+		};
+		_.extend(this.options, options);
+		if (!this.template) {
+			this.template = _.template($('#tmpl-list-widget-child').html());
+		}
+	},
+
+	render: function() {
+
+		var data = {
+			model: this.model.toJSON(),
+			opt: this.options
+		};
+
+		this.$el.html(this.template(data));
+
+		$('.item-full', this.el).hide();
+
+		if (this.model.get('item').length > 30) {
+			this.$el.tooltip({
+				title: $.t('admin.list-widget.tooltip')
+			});
+
+			var _self = this;
+
+			// added span to enable checkbox also
+			$(this.el).find('span').click(function(event) {
+				event.preventDefault();
+				$('.item-short', _self.el).hide();
+				$('.item-full', _self.el).show();
+				_self.$el.tooltip('destroy');
+			});
+		}
+
+		$(this.el).i18n();
+		return this;
+	}
+});
+
+var ListWidgetView = Backbone.View.extend({
+
+	tagName: "div",
+
+	events: {
+		"click .btn-add-list-item": "addItem",
+		"keypress": function(e) {
+			// trap the enter key
+			if (e.which == 13) {
+				e.preventDefault();
+				this.addItem(e);
+				$("input", this.$el).focus();
+			}
+		}
+	},
+
+	initialize: function(options) {
+		this.options = options;
+
+		if (!this.template) {
+			this.template = _.template($('#tmpl-list-widget').html());
+		}
+
+		this.collection.bind('add', this.render, this);
+		this.collection.bind('remove', this.render, this);
+	},
+
+	addItem: function(e) {
+		e.preventDefault();
+
+		var input_value = $("input", this.el).val().trim();
+
+		if (input_value === "") {
+			return;
+		}
+
+		var model;
+
+		if (this.options.type == 'uri') {
+			model = new URIModel({
+				item: input_value
+			});
+		} else {
+			model = new Backbone.Model({
+				item: input_value
+			});
+			model.validate = function(attrs) {
+				if (!attrs.item) {
+					return "value can't be null";
+				}
+			};
+		}
+
+		// if it's valid and doesn't already exist
+		if (model.get("item") != null && this.collection.where({
+			item: input_value
+		}).length < 1) {
+			this.collection.add(model);
+		} else {
+			// else add a visual error indicator
+			$(".control-group", this.el).addClass('error');
+		}
+	},
+
+	render: function(eventName) {
+
+		this.$el.html(this.template({
+			placeholder: this.options.placeholder,
+			helpBlockText: this.options.helpBlockText
+		}));
+
+		var _self = this;
+
+		if (_.size(this.collection.models) == 0 && _.size(this.options.autocomplete) == 0) {
+			$("tbody", _self.el).html($('#tmpl-list-widget-child-empty').html());
+		} else {
+
+			// make a copy of our collection to work from
+			var values = this.collection.clone();
+
+			// look through our autocomplete values (if we have them) and render
+			// them all as checkboxes
+			if (this.options.autocomplete) {
+				_.each(this.options.autocomplete, function(option) {
+					var found = _.find(values.models, function(element) {
+						return element.get('item') == option;
+					});
+
+					var model = null;
+					var checked = false;
+
+					if (found) {
+						// if we found the element, check the box
+						model = found;
+						checked = true;
+						// and remove it from the list of items to be rendered
+						// later
+						values.remove(found, {
+							silent: true
+						});
+					} else {
+						model = new Backbone.Model({
+							item: option
+						});
+						checked = false;
+					}
+
+					var el = new ListWidgetChildView({
+						model: model,
+						toggle: true,
+						checked: checked,
+						collection: _self.collection
+					}).render().el;
+					$("tbody", _self.el).append(el);
+
+				}, this);
+			}
+
+			// now render everything not in the autocomplete list
+			_.each(values.models, function(model) {
+				var el = new ListWidgetChildView({
+					model: model,
+					collection: _self.collection
+				}).render().el;
+				$("tbody", _self.el).append(el);
+			}, this);
+		}
+
+		$(this.el).i18n();
+		return this;
+	}
+
+});
+
+var BreadCrumbView = Backbone.View.extend({
+
+	tagName: 'ul',
+
+	initialize: function(options) {
+		this.options = options;
+
+		if (!this.template) {
+			this.template = _.template($('#tmpl-breadcrumbs').html());
+		}
+
+		this.$el.addClass('breadcrumb');
+
+		this.collection.bind('add', this.render, this);
+	},
+
+	render: function() {
+
+		this.$el.empty();
+		var parent = this;
+
+		// go through each of the breadcrumb models
+		_.each(this.collection.models, function(crumb, index) {
+
+			// if it's the last index in the crumbs then render the link
+			// inactive
+			if (index == parent.collection.size() - 1) {
+				crumb.set({
+					active: true
+				}, {
+					silent: true
+				});
+			} else {
+				crumb.set({
+					active: false
+				}, {
+					silent: true
+				});
+			}
+
+			this.$el.append(this.template(crumb.toJSON()));
+		}, this);
+
+		$('#breadcrumbs').html(this.el);
+		$(this.el).i18n();
+	}
+});
+
+// User Profile
+
+var UserProfileView = Backbone.View.extend({
+	tagName: 'span',
+
+	initialize: function(options) {
+		this.options = options;
+		if (!this.template) {
+			this.template = _.template($('#tmpl-user-profile-element').html());
+		}
+	},
+
+	render: function() {
+
+		$(this.el).html($('#tmpl-user-profile').html());
+
+		var t = this.template;
+
+		_.each(this.model, function(value, key) {
+			if (key && value) {
+
+				if (typeof (value) === 'object') {
+
+					var el = this.el;
+					var k = key;
+
+					_.each(value, function(value, key) {
+						$('dl', el).append(t({
+							key: key,
+							value: value,
+							category: k
+						}));
+					});
+				} else if (typeof (value) === 'array') {
+					// TODO: handle array types
+				} else {
+					$('dl', this.el).append(t({
+						key: key,
+						value: value
+					}));
+				}
+			}
+		}, this);
+
+		$(this.el).i18n();
+		return this;
+	}
+});
+
+// error handler
+var ErrorHandlerView = Backbone.View.extend({
+
+	initialize: function(options) {
+		this.options = options;
+		if (!this.template) {
+			this.template = _.template($('#tmpl-error-box').html());
+		}
+		if (!this.headerTemplate) {
+			this.headerTemplate = _.template($('#tmpl-error-header').html());
+		}
+	},
+
+	reloadPage: function(event) {
+		event.preventDefault();
+		window.location.reload(true);
+	},
+
+	handleError: function(message) {
+
+		if (!message) {
+			message = {};
+		}
+
+		var _self = this;
+
+		return function(model, response, options) {
+
+			if (message.log) {
+				console.log(message.log);
+			}
+
+			_self.showErrorMessage(_self.headerTemplate({
+				message: message,
+				model: model,
+				response: response,
+				options: options
+			}), _self.template({
+				message: message,
+				model: model,
+				response: response,
+				options: options
+			}));
+
+			$('#modalAlert .modal-body .page-reload').on('click', _self.reloadPage);
+
+		}
+	},
+
+	showErrorMessage: function(header, message) {
+		// hide the sheet if it's visible
+		$('#loadingbox').sheet('hide');
+
+		$('#modalAlert').i18n();
+		$('#modalAlert div.modal-header').html(header);
+		$('#modalAlert .modal-body').html(message);
+
+		$('#modalAlert').modal({
+			'backdrop': 'static',
+			'keyboard': true,
+			'show': true
+		});
+
+	}
+});
+
+// Router
+var AppRouter = Backbone.Router.extend({
+
+	routes: {
+
+		"": "root"
+
+	},
+
+	root: function() {
+		if (isAdmin()) {
+			this.navigate('admin/clients', {
+				trigger: true
+			});
+		} else {
+			this.navigate('user/approved', {
+				trigger: true
+			});
+		}
+	},
+
+	initialize: function() {
+
+		this.breadCrumbView = new BreadCrumbView({
+			collection: new Backbone.Collection()
+		});
+
+		this.breadCrumbView.render();
+
+		this.errorHandlerView = new ErrorHandlerView();
+
+		// call all the extra initialization functions
+		var app = this;
+		_.each(ui.init, function(fn) {
+			fn(app);
+		});
+
+	},
+
+	notImplemented: function() {
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}]);
+
+		this.updateSidebar('none');
+
+		$('#content').html("<h2>Not implemented yet.</h2>");
+	},
+
+	updateSidebar: function(item) {
+		$('.sidebar-nav li.active').removeClass('active');
+
+		$('.sidebar-nav li a[href^="manage/#' + item + '"]').parent().addClass('active');
+	}
+});
+
+// holds the global app.
+// this gets init after the templates load
+var app = null;
+
+// main
+$(function() {
+
+	var loader = function(source) {
+		return $.get(source, function(templates) {
+			console.log('Loading file: ' + source);
+			$('#templates').append(templates);
+		});
+	};
+
+	// load templates and append them to the body
+	$.when.apply(null, ui.templates.map(loader)).done(function() {
+		console.log('done');
+		$.ajaxSetup({
+			cache: false
+		});
+		app = new AppRouter();
+
+		_.each(ui.routes.reverse(), function(route) {
+			console.log("Adding route: " + route.name);
+			app.route(route.path, route.name, route.callback);
+		});
+
+		app.on('route', function(name, args) {
+			// scroll to top of page on new route selection
+			$("html, body").animate({
+				scrollTop: 0
+			}, "slow");
+		});
+
+		// grab all hashed URLs and send them through the app router instead
+		$(document).on('click', 'a[href^="manage/#"]', function(event) {
+			event.preventDefault();
+			app.navigate(this.hash.slice(1), {
+				trigger: true
+			});
+		});
+
+		var base = $('base').attr('href');
+		if (base.substr(-1) !== '/') {
+			base += '/';
+		}
+		$.getJSON(base + '.well-known/openid-configuration', function(data) {
+			app.serverConfiguration = data;
+			var baseUrl = $.url(app.serverConfiguration.issuer);
+			Backbone.history.start({
+				pushState: true,
+				root: baseUrl.attr('relative') + 'manage/'
+			});
+		});
+	});
+
+	window.onerror = function(message, filename, lineno, colno, error) {
+		console.log(message);
+		// Display an alert with an error message
+		$('#modalAlert div.modal-header').html($.t('error.title'));
+		$('#modalAlert div.modal-body').html($.t('error.message') + message + ' <br /> ' + [filename, lineno, colno, error]);
+
+		$("#modalAlert").modal({ // wire up the actual modal functionality
+									// and show the dialog
+			"backdrop": "static",
+			"keyboard": true,
+			"show": true
+		// ensure the modal is shown immediately
+		});
+
+	}
+});
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/blacklist.js b/openid-connect-server-webapp/src/main/webapp/resources/js/blacklist.js
new file mode 100644
index 000000000..502cd7c79
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/blacklist.js
@@ -0,0 +1,223 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+var BlackListModel = Backbone.Model.extend({
+	idAttribute: 'id',
+
+	urlRoot: 'api/blacklist'
+});
+
+var BlackListCollection = Backbone.Collection.extend({
+	initialize: function() {
+	},
+
+	url: "api/blacklist"
+});
+
+var BlackListListView = Backbone.View.extend({
+	tagName: 'span',
+
+	initialize: function(options) {
+		this.options = options;
+	},
+
+	load: function(callback) {
+		if (this.collection.isFetched) {
+			callback();
+			return;
+		}
+
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-blacklist">' + $.t('admin.blacklist') + '</span> ');
+
+		$.when(this.collection.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-blacklist').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			callback();
+		});
+	},
+
+	events: {
+		"click .refresh-table": "refreshTable",
+		"click .btn-add": "addItem",
+		"submit #add-blacklist form": "addItem"
+	},
+
+	refreshTable: function(e) {
+		e.preventDefault();
+
+		var _self = this;
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-blacklist">' + $.t('admin.blacklist') + '</span> ');
+
+		$.when(this.collection.fetch()).done(function() {
+			$('#loadingbox').sheet('hide');
+			_self.render();
+		});
+	},
+
+	togglePlaceholder: function() {
+		if (this.collection.length > 0) {
+			$('#blacklist-table', this.el).show();
+			$('#blacklist-table-empty', this.el).hide();
+		} else {
+			$('#blacklist-table', this.el).hide();
+			$('#blacklist-table-empty', this.el).show();
+		}
+	},
+
+	render: function(eventName) {
+
+		$(this.el).html($('#tmpl-blacklist-table').html());
+
+		var _self = this;
+		_.each(this.collection.models, function(blacklist) {
+			var view = new BlackListWidgetView({
+				model: blacklist
+			});
+			view.parentView = _self;
+			$("#blacklist-table", _self.el).append(view.render().el);
+		}, this);
+
+		this.togglePlaceholder();
+
+		$(this.el).i18n();
+		return this;
+	},
+
+	addItem: function(e) {
+		e.preventDefault();
+
+		var input_value = $("#blacklist-uri", this.el).val().trim();
+
+		if (input_value === "") {
+			return;
+		}
+
+		// TODO: URI/pattern validation, check against existing clients
+
+		var item = new BlackListModel({
+			uri: input_value
+		});
+
+		var _self = this; // closures...
+
+		item.save({}, {
+			success: function() {
+				_self.collection.add(item);
+				_self.render();
+			},
+			error: app.errorHandlerView.handleError()
+		});
+
+	}
+
+});
+
+var BlackListWidgetView = Backbone.View.extend({
+
+	tagName: 'tr',
+
+	initialize: function(options) {
+		this.options = options;
+
+		if (!this.template) {
+			this.template = _.template($('#tmpl-blacklist-item').html());
+		}
+	},
+
+	render: function() {
+
+		this.$el.html(this.template(this.model.toJSON()));
+
+		return this;
+
+	},
+
+	events: {
+		'click .btn-delete': 'deleteBlacklist'
+	},
+
+	deleteBlacklist: function(e) {
+		e.preventDefault();
+
+		if (confirm($.t("blacklist.confirm"))) {
+			var _self = this;
+
+			this.model.destroy({
+				dataType: false,
+				processData: false,
+				success: function() {
+
+					_self.$el.fadeTo("fast", 0.00, function() { // fade
+						$(this).slideUp("fast", function() { // slide up
+							$(this).remove(); // then remove from the DOM
+							_self.parentView.togglePlaceholder();
+						});
+					});
+				},
+				error: app.errorHandlerView.handleError()
+			});
+
+			_self.parentView.delegateEvents();
+		}
+
+		return false;
+	}
+
+});
+
+ui.routes.push({
+	path: "admin/blacklist",
+	name: "blackList",
+	callback: function() {
+
+		if (!isAdmin()) {
+			this.root();
+			return;
+		}
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('admin.manage-blacklist'),
+			href: "manage/#admin/blacklist"
+		}]);
+
+		this.updateSidebar('admin/blacklist');
+
+		var view = new BlackListListView({
+			collection: this.blackListList
+		});
+
+		view.load(function(collection, response, options) {
+			$('#content').html(view.render().el);
+			setPageTitle($.t('admin.manage-blacklist'));
+		});
+	}
+
+});
+
+ui.templates.push('resources/template/blacklist.html');
+
+ui.init.push(function(app) {
+	app.blackListList = new BlackListCollection();
+});
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/client.js b/openid-connect-server-webapp/src/main/webapp/resources/js/client.js
new file mode 100644
index 000000000..a4c8097b0
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/client.js
@@ -0,0 +1,1558 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Portions copyright 2011-2013 The MITRE Corporation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+var ClientModel = Backbone.Model.extend({
+
+	idAttribute: "id",
+
+	initialize: function() {
+
+		// bind validation errors to dom elements
+		// this will display form elements in red if they are not valid
+		this.bind('error', function(model, errs) {
+			_.map(errs, function(val, elID) {
+				$('#' + elID).addClass('error');
+			});
+		});
+
+	},
+
+	// We can pass it default values.
+	defaults: {
+		id: null,
+
+		clientId: null,
+		clientSecret: null,
+		redirectUris: [],
+		clientName: null,
+		clientUri: null,
+		logoUri: null,
+		contacts: [],
+		tosUri: null,
+		tokenEndpointAuthMethod: null,
+		scope: [],
+		grantTypes: [],
+		responseTypes: [],
+		policyUri: null,
+
+		jwksUri: null,
+		jwks: null,
+		jwksType: "URI",
+
+		applicationType: null,
+		sectorIdentifierUri: null,
+		subjectType: null,
+
+		requestObjectSigningAlg: null,
+
+		userInfoSignedResponseAlg: null,
+		userInfoEncryptedResponseAlg: null,
+		userInfoEncryptedResponseEnc: null,
+
+		idTokenSignedResponseAlg: null,
+		idTokenEncryptedResponseAlg: null,
+		idTokenEncryptedResponseEnc: null,
+
+		tokenEndpointAuthSigningAlg: null,
+
+		defaultMaxAge: null,
+		requireAuthTime: false,
+		defaultACRvalues: null,
+
+		initiateLoginUri: null,
+		postLogoutRedirectUris: [],
+
+		requestUris: [],
+
+		softwareStatement: null,
+		softwareId: null,
+		softwareVersion: null,
+
+		codeChallengeMethod: null,
+
+		authorities: [],
+		accessTokenValiditySeconds: null,
+		refreshTokenValiditySeconds: null,
+		resourceIds: [],
+		// additionalInformation?
+
+		claimsRedirectUris: [],
+
+		clientDescription: null,
+		reuseRefreshToken: true,
+		clearAccessTokensOnRefresh: true,
+		dynamicallyRegistered: false,
+		allowIntrospection: false,
+		idTokenValiditySeconds: null,
+		deviceCodeValiditySeconds: null,
+		createdAt: null,
+
+		allowRefresh: false,
+		displayClientSecret: false,
+		generateClientSecret: false,
+	},
+
+	urlRoot: "api/clients",
+
+	matches: function(term) {
+
+		var matches = [];
+
+		if (term) {
+			if (this.get('clientId').toLowerCase().indexOf(term.toLowerCase()) != -1) {
+				matches.push($.t('client.client-table.match.id'));
+			}
+			if (this.get('clientName') != null && this.get('clientName').toLowerCase().indexOf(term.toLowerCase()) != -1) {
+				matches.push($.t('client.client-table.match.name'));
+			}
+			if (this.get('clientDescription') != null && this.get('clientDescription').toLowerCase().indexOf(term.toLowerCase()) != -1) {
+				matches.push($.t('client.client-table.match.description'));
+			}
+			if (this.get('clientUri') != null && this.get('clientUri').toLowerCase().indexOf(term.toLowerCase()) != -1) {
+				matches.push($.t('client.client-table.match.homepage'));
+			}
+			if (this.get('policyUri') != null && this.get('policyUri').toLowerCase().indexOf(term.toLowerCase()) != -1) {
+				matches.push($.t('client.client-table.match.policy'));
+			}
+			if (this.get('tosUri') != null && this.get('tosUri').toLowerCase().indexOf(term.toLowerCase()) != -1) {
+				matches.push($.t('client.client-table.match.terms'));
+			}
+			if (this.get('logoUri') != null && this.get('logoUri').toLowerCase().indexOf(term.toLowerCase()) != -1) {
+				matches.push($.t('client.client-table.match.logo'));
+			}
+			if (this.get('contacts') != null) {
+				var f = _.filter(this.get('contacts'), function(item) {
+					return item.toLowerCase().indexOf(term.toLowerCase()) != -1;
+				});
+				if (f.length > 0) {
+					matches.push($.t('client.client-table.match.contacts'));
+				}
+			}
+			if (this.get('redirectUris') != null) {
+				var f = _.filter(this.get('redirectUris'), function(item) {
+					return item.toLowerCase().indexOf(term.toLowerCase()) != -1;
+				});
+				if (f.length > 0) {
+					matches.push($.t('client.client-table.match.redirect'));
+				}
+			}
+			if (this.get('scope') != null) {
+				var f = _.filter(this.get('scope'), function(item) {
+					return item.toLowerCase().indexOf(term.toLowerCase()) != -1;
+				});
+				if (f.length > 0) {
+					matches.push($.t('client.client-table.match.scope'));
+				}
+			}
+			if (this.get('softwareId') != null && this.get('softwareId').toLowerCase().indexOf(term.toLowerCase()) != -1) {
+				matches.push($.t('client.client-table.match.software-id'));
+			}
+			if (this.get('softwareVersion') != null && this.get('softwareVersion').toLowerCase().indexOf(term.toLowerCase()) != -1) {
+				matches.push($.t('client.client-table.match.software-version'));
+			}
+		} else {
+			// there's no search term, we always match
+
+			this.unset('matches', {
+				silent: true
+			});
+			// console.log('no term');
+			return true;
+		}
+
+		var matchString = matches.join(' | ');
+
+		if (matches.length > 0) {
+			this.set({
+				matches: matchString
+			}, {
+				silent: true
+			});
+
+			return true;
+		} else {
+			this.unset('matches', {
+				silent: true
+			});
+
+			return false;
+		}
+	}
+
+});
+
+var RegistrationTokenModel = Backbone.Model.extend({
+	idAttribute: 'clientId',
+	urlRoot: 'api/tokens/registration'
+});
+
+var ClientStatsModel = Backbone.Model.extend({
+	urlRoot: 'api/stats/byclientid'
+});
+
+var ClientCollection = Backbone.Collection.extend({
+
+	initialize: function() {
+		// this.fetch();
+	},
+
+	model: ClientModel,
+	url: "api/clients",
+
+	getByClientId: function(clientId) {
+		var clients = this.where({
+			clientId: clientId
+		});
+		if (clients.length == 1) {
+			return clients[0];
+		} else {
+			return null;
+		}
+	}
+});
+
+var ClientView = Backbone.View.extend({
+
+	tagName: 'tr',
+
+	isRendered: false,
+
+	initialize: function(options) {
+		this.options = options;
+
+		if (!this.template) {
+			this.template = _.template($('#tmpl-client-table-item').html());
+		}
+
+		if (!this.scopeTemplate) {
+			this.scopeTemplate = _.template($('#tmpl-scope-list').html());
+		}
+
+		if (!this.moreInfoTemplate) {
+			this.moreInfoTemplate = _.template($('#tmpl-client-more-info-block').html());
+		}
+
+		if (!this.registrationTokenTemplate) {
+			this.registrationTokenTemplate = _.template($('#tmpl-client-registration-token').html());
+		}
+
+		if (!this.countTemplate) {
+			this.countTemplate = _.template($('#tmpl-client-count').html());
+		}
+
+		this.model.bind('change', this.render, this);
+
+	},
+
+	render: function(eventName) {
+
+		var creationDate = this.model.get('createdAt');
+		var displayCreationDate = $.t('client.client-table.unknown');
+		var hoverCreationDate = "";
+		if (creationDate == null || !moment(creationDate).isValid()) {
+			displayCreationDate = $.t('client.client-table.unknown');
+			hoverCreationDate = "";
+		} else {
+			creationDate = moment(creationDate);
+			if (moment().diff(creationDate, 'months') < 6) {
+				displayCreationDate = creationDate.fromNow();
+			} else {
+				displayCreationDate = "on " + creationDate.format("LL");
+			}
+			hoverCreationDate = creationDate.format("LLL");
+		}
+
+		var json = {
+			client: this.model.toJSON(),
+			whiteList: this.options.whiteList,
+			displayCreationDate: displayCreationDate,
+			hoverCreationDate: hoverCreationDate
+		};
+		this.$el.html(this.template(json));
+
+		$('.scope-list', this.el).html(this.scopeTemplate({
+			scopes: this.model.get('scope'),
+			systemScopes: this.options.systemScopeList
+		}));
+
+		$('.client-more-info-block', this.el).html(this.moreInfoTemplate({
+			client: this.model.toJSON()
+		}));
+
+		$('.clientid-full', this.el).hide();
+
+		this.$('.dynamically-registered').tooltip({
+			title: $.t('client.client-table.dynamically-registered-tooltip')
+		});
+		this.$('.allow-introspection').tooltip({
+			title: $.t('client.client-table.allow-introspection-tooltip')
+		});
+
+		this.updateMatched();
+		this.updateStats();
+
+		$(this.el).i18n();
+
+		this.isRendered = true;
+
+		return this;
+	},
+
+	updateStats: function(eventName) {
+		$('.count', this.el).html(this.countTemplate({
+			count: this.options.clientStat.get('approvedSiteCount')
+		}));
+	},
+
+	showRegistrationToken: function(e) {
+		e.preventDefault();
+
+		$('#modalAlertLabel').html($.t('client.client-form.registration-access-token'));
+
+		var token = new RegistrationTokenModel({
+			clientId: this.model.get('clientId')
+		});
+
+		var _self = this;
+		token.fetch({
+			success: function() {
+				var savedModel = {
+					clientId: _self.model.get('clientId'),
+					registrationToken: token.get('value')
+				};
+
+				$('#modalAlert .modal-body').html(_self.registrationTokenTemplate(savedModel));
+
+				$('#modalAlert .modal-body #rotate-token').click(function(e) {
+					if (confirm($.t('client.client-form.rotate-registration-token-confirm'))) {
+						token.save(null, {
+							success: function() {
+								console.log('token:' + token.get('value'));
+								$('#modalAlert .modal-body #registrationToken').val(token.get('value'));
+							},
+							error: app.errorHandlerView.handleError({
+								message: $.t('client.client-form.rotate-registration-token-error')
+							})
+						});
+					}
+				});
+
+				$('#modalAlert').i18n();
+				$('#modalAlert').modal({
+					'backdrop': 'static',
+					'keyboard': true,
+					'show': true
+				});
+
+			},
+			error: app.errorHandlerView.handleError({
+				log: "An error occurred when fetching the registration token",
+				message: $.t('client.client-form.registration-token-error')
+			})
+		});
+
+	},
+
+	updateMatched: function() {
+
+		// console.log(this.model.get('matches'));
+
+		if (this.model.get('matches')) {
+			$('.matched', this.el).show();
+			$('.matched span', this.el).html(this.model.get('matches'));
+		} else {
+			$('.matched', this.el).hide();
+		}
+	},
+
+	events: {
+		"click .btn-edit": "editClient",
+		"click .btn-delete": "deleteClient",
+		"click .btn-whitelist": "whiteListClient",
+		'click .toggleMoreInformation': 'toggleMoreInformation',
+		"click .clientid-substring": "showClientId",
+		"click .dynamically-registered": 'showRegistrationToken'
+	},
+
+	editClient: function(e) {
+		e.preventDefault();
+		app.navigate('admin/client/' + this.model.id, {
+			trigger: true
+		});
+	},
+
+	whiteListClient: function(e) {
+		e.preventDefault();
+		if (this.options.whiteList == null) {
+			// create a new one
+			app.navigate('admin/whitelist/new/' + this.model.get('id'), {
+				trigger: true
+			});
+		} else {
+			// edit the existing one
+			app.navigate('admin/whitelist/' + this.options.whiteList.get('id'), {
+				trigger: true
+			});
+		}
+	},
+
+	deleteClient: function(e) {
+		e.preventDefault();
+
+		if (confirm($.t('client.client-table.confirm'))) {
+			var _self = this;
+
+			this.model.destroy({
+				dataType: false,
+				processData: false,
+				success: function() {
+					_self.$el.fadeTo("fast", 0.00, function() { // fade
+						$(this).slideUp("fast", function() { // slide up
+							$(this).remove(); // then remove from the DOM
+							_self.parentView.togglePlaceholder();
+						});
+					});
+				},
+				error: app.errorHandlerView.handleError({
+					log: "An error occurred when deleting a client"
+				})
+			});
+
+			_self.parentView.delegateEvents();
+		}
+
+		return false;
+	},
+
+	toggleMoreInformation: function(e) {
+		e.preventDefault();
+		if ($('.moreInformation', this.el).is(':visible')) {
+			// hide it
+			$('.moreInformationContainer', this.el).removeClass('alert').removeClass('alert-info').addClass('muted');
+			$('.moreInformation', this.el).hide('fast');
+			$('.toggleMoreInformation i', this.el).attr('class', 'icon-chevron-right');
+
+		} else {
+			// show it
+			$('.moreInformationContainer', this.el).addClass('alert').addClass('alert-info').removeClass('muted');
+			$('.moreInformation', this.el).show('fast');
+			$('.toggleMoreInformation i', this.el).attr('class', 'icon-chevron-down');
+		}
+	},
+
+	showClientId: function(e) {
+		e.preventDefault();
+
+		$('.clientid-full', this.el).show();
+
+	},
+
+	close: function() {
+		$(this.el).unbind();
+		$(this.el).empty();
+	}
+});
+
+var ClientListView = Backbone.View.extend({
+
+	tagName: 'span',
+
+	stats: {},
+
+	initialize: function(options) {
+		this.options = options;
+		this.filteredModel = this.model;
+	},
+
+	load: function(callback) {
+		if (this.model.isFetched && this.options.whiteListList.isFetched && this.options.systemScopeList.isFetched) {
+			callback();
+			return;
+		}
+
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-clients">' + $.t("common.clients") + '</span> ' + '<span class="label" id="loading-whitelist">' + $.t("whitelist.whitelist") + '</span> ' + '<span class="label" id="loading-scopes">' + $.t("common.scopes") + '</span> ');
+
+		$.when(this.model.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-clients').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.whiteListList.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-whitelist').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.systemScopeList.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			callback();
+		});
+
+	},
+
+	events: {
+		"click .new-client": "newClient",
+		"click .refresh-table": "refreshTable",
+		'keyup .search-query': 'searchTable',
+		'click .form-search button': 'clearSearch',
+		'page .paginator': 'changePage'
+	},
+
+	newClient: function(e) {
+		e.preventDefault();
+		this.remove();
+		app.navigate('admin/client/new', {
+			trigger: true
+		});
+	},
+
+	render: function(eventName) {
+
+		// append and render table structure
+		$(this.el).html($('#tmpl-client-table').html());
+
+		this.renderInner();
+		$(this.el).i18n();
+		return this;
+	},
+
+	renderInner: function(eventName) {
+
+		// set up the rows to render
+		// (note that this doesn't render until visibility is determined in
+		// togglePlaceholder)
+
+		_.each(this.filteredModel.models, function(client, index) {
+			var clientStat = this.getStat(client.get('clientId'));
+			var view = new ClientView({
+				model: client,
+				clientStat: clientStat,
+				systemScopeList: this.options.systemScopeList,
+				whiteList: this.options.whiteListList.getByClientId(client.get('clientId'))
+			});
+			view.parentView = this;
+			// var element = view.render().el;
+			var element = view.el;
+			$("#client-table", this.el).append(element);
+			this.addView(client.get('id'), view);
+		}, this);
+
+		this.togglePlaceholder();
+	},
+
+	views: {},
+
+	addView: function(index, view) {
+		this.views[index] = view;
+	},
+
+	getView: function(index) {
+		return this.views[index];
+	},
+
+	getStat: function(index) {
+		if (!this.stats[index]) {
+			this.stats[index] = new ClientStatsModel({
+				id: index
+			});
+		}
+		return this.stats[index];
+	},
+
+	togglePlaceholder: function() {
+		// set up pagination
+		var numPages = Math.ceil(this.filteredModel.length / 10);
+		if (numPages > 1) {
+			$('.paginator', this.el).show();
+			$('.paginator', this.el).bootpag({
+				total: numPages,
+				maxVisible: 10,
+				leaps: false,
+				page: 1
+			});
+		} else {
+			$('.paginator', this.el).hide();
+		}
+
+		if (this.filteredModel.length > 0) {
+			this.changePage(undefined, 1);
+			$('#client-table', this.el).show();
+			$('#client-table-empty', this.el).hide();
+			$('#client-table-search-empty', this.el).hide();
+		} else {
+			if (this.model.length > 0) {
+				// there's stuff in the model but it's been filtered out
+				$('#client-table', this.el).hide();
+				$('#client-table-empty', this.el).hide();
+				$('#client-table-search-empty', this.el).show();
+			} else {
+				// we're empty
+				$('#client-table', this.el).hide();
+				$('#client-table-empty', this.el).show();
+				$('#client-table-search-empty', this.el).hide();
+			}
+		}
+	},
+
+	changePage: function(event, num) {
+		console.log('Page changed: ' + num);
+
+		$('.paginator', this.el).bootpag({
+			page: num
+		});
+		var _self = this;
+
+		_.each(this.filteredModel.models, function(client, index) {
+			var view = _self.getView(client.get('id'));
+			if (!view) {
+				console.log('Error: no view for client ' + client.get('id'));
+				return;
+			}
+
+			// only show/render clients on the current page
+
+			console.log(':: ' + index + ' ' + num + ' ' + Math.ceil((index + 1) / 10) != num);
+
+			if (Math.ceil((index + 1) / 10) != num) {
+				$(view.el).hide();
+			} else {
+				if (!view.isRendered) {
+					view.render();
+					var clientStat = view.options.clientStat;
+
+					// load and display the stats
+					$.when(clientStat.fetchIfNeeded({
+						success: function(e) {
+
+						},
+						error: app.errorHandlerView.handleError()
+					})).done(function(e) {
+						view.updateStats();
+					});
+				}
+				$(view.el).show();
+			}
+		});
+
+		/*
+		 * $('#client-table tbody tr', this.el).each(function(index, element) {
+		 * if (Math.ceil((index + 1) / 10) != num) { // hide the element
+		 * $(element).hide(); } else { // show the element $(element).show(); }
+		 * });
+		 */
+	},
+
+	refreshTable: function(e) {
+		e.preventDefault();
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-clients">' + $.t("common.clients") + '</span> ' + '<span class="label" id="loading-whitelist">' + $.t("whitelist.whitelist") + '</span> ' + '<span class="label" id="loading-scopes">' + $.t("common.scopes") + '</span> ');
+
+		var _self = this;
+		$.when(this.model.fetch({
+			success: function(e) {
+				$('#loading-clients').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.whiteListList.fetch({
+			success: function(e) {
+				$('#loading-whitelist').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.systemScopeList.fetch({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			_self.render();
+		});
+	},
+
+	searchTable: function(e) {
+		var term = $('.search-query', this.el).val();
+
+		this.filteredModel = new ClientCollection(this.model.filter(function(client) {
+			return client.matches(term);
+		}));
+
+		// clear out the table
+		$('tbody', this.el).html('');
+
+		// re-render the table
+		this.renderInner();
+
+	},
+
+	clearSearch: function(e) {
+		$('.search-query', this.el).val('');
+		this.searchTable();
+	}
+
+});
+
+var ClientFormView = Backbone.View.extend({
+
+	tagName: "span",
+
+	initialize: function(options) {
+		this.options = options;
+
+		if (!this.template) {
+			this.template = _.template($('#tmpl-client-form').html());
+		}
+
+		if (!this.clientSavedTemplate) {
+			this.clientSavedTemplate = _.template($('#tmpl-client-saved').html());
+		}
+
+		this.redirectUrisCollection = new Backbone.Collection();
+		this.scopeCollection = new Backbone.Collection();
+		this.contactsCollection = new Backbone.Collection();
+		this.defaultACRvaluesCollection = new Backbone.Collection();
+		this.requestUrisCollection = new Backbone.Collection();
+		this.postLogoutRedirectUrisCollection = new Backbone.Collection();
+		this.claimsRedirectUrisCollection = new Backbone.Collection();
+		// TODO: add Spring authorities collection and resource IDs collection?
+
+		// collection of sub-views that need to be sync'd on save
+		this.listWidgetViews = [];
+	},
+
+	events: {
+		"click .btn-save": "saveClient",
+		"click #allowRefresh": "toggleRefreshTokenTimeout",
+		"click #disableAccessTokenTimeout": function() {
+			$("#access-token-timeout-time", this.$el).prop('disabled', !$("#access-token-timeout-time", this.$el).prop('disabled'));
+			$("#access-token-timeout-unit", this.$el).prop('disabled', !$("#access-token-timeout-unit", this.$el).prop('disabled'));
+			document.getElementById("access-token-timeout-time").value = '';
+		},
+		"click #disableRefreshTokenTimeout": function() {
+			$("#refresh-token-timeout-time", this.$el).prop('disabled', !$("#refresh-token-timeout-time", this.$el).prop('disabled'));
+			$("#refresh-token-timeout-unit", this.$el).prop('disabled', !$("#refresh-token-timeout-unit", this.$el).prop('disabled'));
+			document.getElementById("refresh-token-timeout-time").value = '';
+		},
+		"click .btn-cancel": "cancel",
+		"change #tokenEndpointAuthMethod input:radio": "toggleClientCredentials",
+		"change #displayClientSecret": "toggleDisplayClientSecret",
+		"change #generateClientSecret": "toggleGenerateClientSecret",
+		"change #logoUri input": "previewLogo",
+		"change #jwkSelector input:radio": "toggleJWKSetType"
+	},
+
+	cancel: function(e) {
+		e.preventDefault();
+		app.navigate('admin/clients', {
+			trigger: true
+		});
+	},
+
+	load: function(callback) {
+		if (this.model.isFetched && this.options.systemScopeList.isFetched) {
+			callback();
+			return;
+		}
+
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-clients">' + $.t('common.clients') + '</span> ' + '<span class="label" id="loading-scopes">' + $.t("common.scopes") + '</span> ');
+
+		$.when(this.options.systemScopeList.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.model.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-clients').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			callback();
+		});
+	},
+
+	toggleRefreshTokenTimeout: function() {
+		$("#refreshTokenValidityTime", this.$el).toggle();
+	},
+
+	previewLogo: function() {
+		if ($('#logoUri input', this.el).val()) {
+			$('#logoPreview', this.el).empty();
+			$('#logoPreview', this.el).attr('src', $('#logoUri input', this.el).val());
+		} else {
+			// $('#logoBlock', this.el).hide();
+			$('#logoPreview', this.el).attr('src', 'resources/images/logo_placeholder.gif');
+		}
+	},
+
+	/**
+	 * Set up the form based on the current state of the tokenEndpointAuthMethod
+	 * parameter
+	 * 
+	 * @param event
+	 */
+	toggleClientCredentials: function() {
+
+		var tokenEndpointAuthMethod = $('#tokenEndpointAuthMethod input', this.el).filter(':checked').val();
+
+		if (tokenEndpointAuthMethod == 'SECRET_BASIC' || tokenEndpointAuthMethod == 'SECRET_POST' || tokenEndpointAuthMethod == 'SECRET_JWT') {
+
+			// client secret is required, show all the bits
+			$('#clientSecretPanel', this.el).show();
+			// this function sets up the display portions
+			this.toggleGenerateClientSecret();
+		} else {
+			// no client secret, hide all the bits
+			$('#clientSecretPanel', this.el).hide();
+		}
+
+		// show or hide the signing algorithm method depending on what's
+		// selected
+		if (tokenEndpointAuthMethod == 'PRIVATE_KEY' || tokenEndpointAuthMethod == 'SECRET_JWT') {
+			$('#tokenEndpointAuthSigningAlg', this.el).show();
+		} else {
+			$('#tokenEndpointAuthSigningAlg', this.el).hide();
+		}
+	},
+
+	/**
+	 * Set up the form based on the JWK Set selector
+	 */
+	toggleJWKSetType: function() {
+		var jwkSelector = $('#jwkSelector input:radio', this.el).filter(':checked').val();
+
+		if (jwkSelector == 'URI') {
+			$('#jwksUri', this.el).show();
+			$('#jwks', this.el).hide();
+		} else if (jwkSelector == 'VAL') {
+			$('#jwksUri', this.el).hide();
+			$('#jwks', this.el).show();
+		} else {
+			$('#jwksUri', this.el).hide();
+			$('#jwks', this.el).hide();
+		}
+
+	},
+
+	/**
+	 * Set up the form based on the "Generate" checkbox
+	 * 
+	 * @param event
+	 */
+	toggleGenerateClientSecret: function() {
+
+		if ($('#generateClientSecret input', this.el).is(':checked')) {
+			// show the "generated" block, hide the "display" checkbox
+			$('#displayClientSecret', this.el).hide();
+			$('#clientSecret', this.el).hide();
+			$('#clientSecretGenerated', this.el).show();
+			$('#clientSecretHidden', this.el).hide();
+		} else {
+			// show the display checkbox, fall back to the "display" logic
+			$('#displayClientSecret', this.el).show();
+			this.toggleDisplayClientSecret();
+		}
+	},
+
+	/**
+	 * Handle whether or not to display the client secret
+	 * 
+	 * @param event
+	 */
+	toggleDisplayClientSecret: function() {
+
+		if ($('#displayClientSecret input').is(':checked')) {
+			// want to display it
+			$('#clientSecret', this.el).show();
+			$('#clientSecretHidden', this.el).hide();
+			$('#clientSecretGenerated', this.el).hide();
+		} else {
+			// want to hide it
+			$('#clientSecret', this.el).hide();
+			$('#clientSecretHidden', this.el).show();
+			$('#clientSecretGenerated', this.el).hide();
+		}
+	},
+
+	// rounds down to the nearest integer value in seconds.
+	getFormTokenNumberValue: function(value, timeUnit) {
+		if (value == "") {
+			return null;
+		} else if (timeUnit == 'hours') {
+			return parseInt(parseFloat(value) * 3600);
+		} else if (timeUnit == 'minutes') {
+			return parseInt(parseFloat(value) * 60);
+		} else { // seconds
+			return parseInt(value);
+		}
+	},
+
+	// returns "null" if given the value "default" as a string, otherwise
+	// returns input value. useful for parsing the JOSE algorithm dropdowns
+	defaultToNull: function(value) {
+		if (value == 'default') {
+			return null;
+		} else {
+			return value;
+		}
+	},
+
+	// returns "null" if the given value is falsy
+	emptyToNull: function(value) {
+		if (value) {
+			return value;
+		} else {
+			return null;
+		}
+	},
+
+	disableUnsupportedJOSEItems: function(serverSupported, query) {
+		var supported = ['default'];
+		if (serverSupported) {
+			supported = _.union(supported, serverSupported);
+		}
+		$(query, this.$el).each(function(idx) {
+			if (_.contains(supported, $(this).val())) {
+				$(this).prop('disabled', false);
+			} else {
+				$(this).prop('disabled', true);
+			}
+		});
+
+	},
+
+	// maps from a form-friendly name to the real grant parameter name
+	grantMap: {
+		'authorization_code': 'authorization_code',
+		'password': 'password',
+		'implicit': 'implicit',
+		'client_credentials': 'client_credentials',
+		'redelegate': 'urn:ietf:params:oauth:grant_type:redelegate',
+		'refresh_token': 'refresh_token',
+		'device': 'urn:ietf:params:oauth:grant-type:device_code'
+	},
+
+	// maps from a form-friendly name to the real response type parameter name
+	responseMap: {
+		'code': 'code',
+		'token': 'token',
+		'idtoken': 'id_token',
+		'token-idtoken': 'token id_token',
+		'code-idtoken': 'code id_token',
+		'code-token': 'code token',
+		'code-token-idtoken': 'code token id_token'
+	},
+
+	saveClient: function(event) {
+
+		$('.control-group').removeClass('error');
+
+		// sync any leftover collection items
+		_.each(this.listWidgetViews, function(v) {
+			v.addItem($.Event('click'));
+		});
+
+		// build the scope object
+		var scopes = this.scopeCollection.pluck("item");
+
+		// build the grant type object
+		var grantTypes = [];
+		$.each(this.grantMap, function(index, type) {
+			if ($('#grantTypes-' + index).is(':checked')) {
+				grantTypes.push(type);
+			}
+		});
+
+		// build the response type object
+		var responseTypes = [];
+		$.each(this.responseMap, function(index, type) {
+			if ($('#responseTypes-' + index).is(':checked')) {
+				responseTypes.push(type);
+			}
+		});
+
+		var generateClientSecret = $('#generateClientSecret input').is(':checked');
+		var clientSecret = null;
+
+		var tokenEndpointAuthMethod = $('#tokenEndpointAuthMethod input').filter(':checked').val();
+
+		// whether or not the client secret changed
+		var secretChanged = false;
+
+		if (tokenEndpointAuthMethod == 'SECRET_BASIC' || tokenEndpointAuthMethod == 'SECRET_POST' || tokenEndpointAuthMethod == 'SECRET_JWT') {
+
+			if (!generateClientSecret) {
+				// if it's required but we're not generating it, send the value
+				// to preserve it
+				clientSecret = $('#clientSecret input').val();
+
+				// if it's not the same as before, offer to display it
+				if (clientSecret != this.model.get('clientSecret')) {
+					secretChanged = true;
+				}
+			} else {
+				// it's being generated anew
+				secretChanged = true;
+			}
+		}
+
+		var accessTokenValiditySeconds = null;
+		if (!$('disableAccessTokenTimeout').is(':checked')) {
+			accessTokenValiditySeconds = this.getFormTokenNumberValue($('#accessTokenValidityTime input[type=text]').val(), $('#accessTokenValidityTime select').val());
+		}
+
+		var idTokenValiditySeconds = this.getFormTokenNumberValue($('#idTokenValidityTime input[type=text]').val(), $('#idTokenValidityTime select').val());
+
+		var deviceCodeValiditySeconds = this.getFormTokenNumberValue($('#deviceCodeValidityTime input[type=text]').val(), $('#deviceCodeValidityTime select').val());
+
+		var refreshTokenValiditySeconds = null;
+		if ($('#allowRefresh').is(':checked')) {
+
+			if ($.inArray('refresh_token', grantTypes) == -1) {
+				grantTypes.push('refresh_token');
+			}
+
+			if ($.inArray('offline_access', scopes) == -1) {
+				scopes.push("offline_access");
+			}
+
+			if (!$('disableRefreshTokenTimeout').is(':checked')) {
+				refreshTokenValiditySeconds = this.getFormTokenNumberValue($('#refreshTokenValidityTime input[type=text]').val(), $('#refreshTokenValidityTime select').val());
+			}
+		}
+
+		// make sure that the subject identifier is consistent with the redirect
+		// URIs
+		var subjectType = $('#subjectType input').filter(':checked').val();
+		var redirectUris = this.redirectUrisCollection.pluck("item");
+		var sectorIdentifierUri = $('#sectorIdentifierUri input').val();
+		if (subjectType == 'PAIRWISE' && redirectUris.length > 1 && sectorIdentifierUri == '') {
+			// Display an alert with an error message
+			app.errorHandlerView.showErrorMessage($.t("client.client-form.error.consistency"), $.t("client.client-form.error.pairwise-sector"));
+			return false;
+
+		}
+
+		// process the JWKS
+		var jwksUri = null;
+		var jwks = null;
+		var jwkSelector = $('#jwkSelector input:radio', this.el).filter(':checked').val();
+
+		if (jwkSelector == 'URI') {
+			jwksUri = $('#jwksUri input').val();
+			jwks = null;
+		} else if (jwkSelector == 'VAL') {
+			jwksUri = null;
+			try {
+				jwks = JSON.parse($('#jwks textarea').val());
+			} catch (e) {
+				console.log("An error occurred when parsing the JWK Set");
+				app.errorHandlerView.showErrorMessage($.t("client.client-form.error.jwk-set"), $.t("client.client-form.error.jwk-set-parse"));
+				return false;
+			}
+		} else {
+			jwksUri = null;
+			jwks = null;
+		}
+
+		var attrs = {
+			clientName: this.emptyToNull($('#clientName input').val()),
+			clientId: this.emptyToNull($('#clientId input').val()),
+			clientSecret: clientSecret,
+			generateClientSecret: generateClientSecret,
+			redirectUris: redirectUris,
+			clientDescription: this.emptyToNull($('#clientDescription textarea').val()),
+			logoUri: this.emptyToNull($('#logoUri input').val()),
+			grantTypes: grantTypes,
+			accessTokenValiditySeconds: accessTokenValiditySeconds,
+			refreshTokenValiditySeconds: refreshTokenValiditySeconds,
+			idTokenValiditySeconds: idTokenValiditySeconds,
+			deviceCodeValiditySeconds: deviceCodeValiditySeconds,
+			allowRefresh: $('#allowRefresh').is(':checked'),
+			allowIntrospection: $('#allowIntrospection input').is(':checked'),
+			scope: scopes,
+			tosUri: this.emptyToNull($('#tosUri input').val()),
+			policyUri: this.emptyToNull($('#policyUri input').val()),
+			clientUri: this.emptyToNull($('#clientUri input').val()),
+			applicationType: $('#applicationType input').filter(':checked').val(),
+			jwksUri: jwksUri,
+			jwks: jwks,
+			subjectType: subjectType,
+			softwareStatement: this.emptyToNull($('#softwareStatement textarea').val()),
+			softwareId: this.emptyToNull($('#softwareId input').val()),
+			softwareVersion: this.emptyToNull($('#softwareVersion input').val()),
+			tokenEndpointAuthMethod: tokenEndpointAuthMethod,
+			responseTypes: responseTypes,
+			sectorIdentifierUri: sectorIdentifierUri,
+			initiateLoginUri: this.emptyToNull($('#initiateLoginUri input').val()),
+			postLogoutRedirectUris: this.postLogoutRedirectUrisCollection.pluck('item'),
+			claimsRedirectUris: this.claimsRedirectUrisCollection.pluck('item'),
+			reuseRefreshToken: $('#reuseRefreshToken').is(':checked'),
+			clearAccessTokensOnRefresh: $('#clearAccessTokensOnRefresh').is(':checked'),
+			requireAuthTime: $('#requireAuthTime input').is(':checked'),
+			defaultMaxAge: parseInt($('#defaultMaxAge input').val()),
+			contacts: this.contactsCollection.pluck('item'),
+			requestUris: this.requestUrisCollection.pluck('item'),
+			defaultACRvalues: this.defaultACRvaluesCollection.pluck('item'),
+			requestObjectSigningAlg: this.defaultToNull($('#requestObjectSigningAlg select').val()),
+			userInfoSignedResponseAlg: this.defaultToNull($('#userInfoSignedResponseAlg select').val()),
+			userInfoEncryptedResponseAlg: this.defaultToNull($('#userInfoEncryptedResponseAlg select').val()),
+			userInfoEncryptedResponseEnc: this.defaultToNull($('#userInfoEncryptedResponseEnc select').val()),
+			idTokenSignedResponseAlg: this.defaultToNull($('#idTokenSignedResponseAlg select').val()),
+			idTokenEncryptedResponseAlg: this.defaultToNull($('#idTokenEncryptedResponseAlg select').val()),
+			idTokenEncryptedResponseEnc: this.defaultToNull($('#idTokenEncryptedResponseEnc select').val()),
+			tokenEndpointAuthSigningAlg: this.defaultToNull($('#tokenEndpointAuthSigningAlg select').val()),
+			codeChallengeMethod: this.defaultToNull($('#codeChallengeMethod select').val())
+		};
+
+		// post-validate
+		if (attrs["allowRefresh"] == false) {
+			attrs["refreshTokenValiditySeconds"] = null;
+		}
+
+		if ($('#disableAccessTokenTimeout').is(':checked')) {
+			attrs["accessTokenValiditySeconds"] = null;
+		}
+
+		if ($('#disableRefreshTokenTimeout').is(':checked')) {
+			attrs["refreshTokenValiditySeconds"] = null;
+		}
+
+		// set all empty strings to nulls
+		for ( var key in attrs) {
+			if (attrs[key] === "") {
+				attrs[key] = null;
+			}
+		}
+
+		var _self = this;
+		this.model.save(attrs, {
+			success: function() {
+
+				$('#modalAlertLabel').html($.t('client.client-form.saved.saved'));
+
+				var savedModel = {
+					clientId: _self.model.get('clientId'),
+					clientSecret: _self.model.get('clientSecret'),
+					secretChanged: secretChanged
+				};
+
+				$('#modalAlert div.modal-header').html($.t('client.client-form.saved.saved'));
+
+				$('#modalAlert .modal-body').html(_self.clientSavedTemplate(savedModel));
+
+				$('#modalAlert .modal-body #savedClientSecret').hide();
+
+				$('#modalAlert').on('click', '#clientSaveShow', function(event) {
+					event.preventDefault();
+					$('#clientSaveShow').hide();
+					$('#savedClientSecret').show();
+				});
+
+				$('#modalAlert').i18n();
+				$('#modalAlert').modal({
+					'backdrop': 'static',
+					'keyboard': true,
+					'show': true
+				});
+
+				app.clientList.add(_self.model);
+				app.navigate('admin/clients', {
+					trigger: true
+				});
+			},
+			error: app.errorHandlerView.handleError({
+				log: "An error occurred when saving a client"
+			})
+		});
+
+		return false;
+	},
+
+	render: function(eventName) {
+
+		var data = {
+			client: this.model.toJSON(),
+			heartMode: heartMode
+		};
+		$(this.el).html(this.template(data));
+
+		var _self = this;
+
+		// clear the sub-view collection
+		this.listWidgetViews = [];
+
+		// build and bind registered redirect URI collection and view
+		_.each(this.model.get("redirectUris"), function(redirectUri) {
+			_self.redirectUrisCollection.add(new URIModel({
+				item: redirectUri
+			}));
+		});
+
+		var redirUriView = new ListWidgetView({
+			type: 'uri',
+			placeholder: 'https://',
+			helpBlockText: $.t('client.client-form.redirect-uris-help'),
+			collection: this.redirectUrisCollection
+		});
+		$("#redirectUris .controls", this.el).html(redirUriView.render().el);
+		this.listWidgetViews.push(redirUriView);
+
+		// build and bind scopes
+		_.each(this.model.get("scope"), function(scope) {
+			_self.scopeCollection.add(new Backbone.Model({
+				item: scope
+			}));
+		});
+
+		var scopeView = new ListWidgetView({
+			placeholder: $.t('client.client-form.scope-placeholder'),
+			autocomplete: _.uniq(_.flatten(this.options.systemScopeList.pluck("value"))),
+			helpBlockText: $.t('client.client-form.scope-help'),
+			collection: this.scopeCollection
+		});
+		$("#scope .controls", this.el).html(scopeView.render().el);
+		this.listWidgetViews.push(scopeView);
+
+		// build and bind contacts
+		_.each(this.model.get('contacts'), function(contact) {
+			_self.contactsCollection.add(new Backbone.Model({
+				item: contact
+			}));
+		});
+
+		var contactsView = new ListWidgetView({
+			placeholder: $.t("client.client-form.contacts-placeholder"),
+			helpBlockText: $.t("client.client-form.contacts-help"),
+			collection: this.contactsCollection
+		});
+		$("#contacts .controls", this.el).html(contactsView.render().el);
+		this.listWidgetViews.push(contactsView);
+
+		// build and bind post-logout redirect URIs
+		_.each(this.model.get('postLogoutRedirectUris'), function(postLogoutRedirectUri) {
+			_self.postLogoutRedirectUrisCollection.add(new URIModel({
+				item: postLogoutRedirectUri
+			}));
+		});
+
+		var postLogoutRedirectUrisView = new ListWidgetView({
+			type: 'uri',
+			placeholder: 'https://',
+			helpBlockText: $.t('client.client-form.post-logout-help'),
+			collection: this.postLogoutRedirectUrisCollection
+		});
+		$('#postLogoutRedirectUris .controls', this.el).html(postLogoutRedirectUrisView.render().el);
+		this.listWidgetViews.push(postLogoutRedirectUrisView);
+
+		// build and bind claims redirect URIs
+		_.each(this.model.get('claimsRedirectUris'), function(claimsRedirectUri) {
+			_self.claimsRedirectUrisCollection.add(new URIModel({
+				item: claimsRedirectUri
+			}));
+		});
+
+		var claimsRedirectUrisView = new ListWidgetView({
+			type: 'uri',
+			placeholder: 'https://',
+			helpBlockText: $.t('client.client-form.claims-redirect-uris-help'),
+			collection: this.claimsRedirectUrisCollection
+		});
+		$('#claimsRedirectUris .controls', this.el).html(claimsRedirectUrisView.render().el);
+		this.listWidgetViews.push(claimsRedirectUrisView);
+
+		// build and bind request URIs
+		_.each(this.model.get('requestUris'), function(requestUri) {
+			_self.requestUrisCollection.add(new URIModel({
+				item: requestUri
+			}));
+		});
+
+		var requestUriView = new ListWidgetView({
+			type: 'uri',
+			placeholder: 'https://',
+			helpBlockText: $.t('client.client-form.request-uri-help'),
+			collection: this.requestUrisCollection
+		});
+		$('#requestUris .controls', this.el).html(requestUriView.render().el);
+		this.listWidgetViews.push(requestUriView);
+
+		// build and bind default ACR values
+		_.each(this.model.get('defaultACRvalues'), function(defaultACRvalue) {
+			_self.defaultACRvaluesCollection.add(new Backbone.Model({
+				item: defaultACRvalue
+			}));
+		});
+
+		var defaultAcrView = new ListWidgetView({
+			placeholder: $.t('client.client-form.acr-values-placeholder'),
+			// TODO: autocomplete from spec
+			helpBlockText: $.t('client.client-form.acr-values-help'),
+			collection: this.defaultACRvaluesCollection
+		});
+		$('#defaultAcrValues .controls', this.el).html(defaultAcrView.render().el);
+		this.listWidgetViews.push(defaultAcrView);
+
+		// build and bind
+
+		// set up token fields
+		if (!this.model.get("allowRefresh")) {
+			$("#refreshTokenValidityTime", this.$el).hide();
+		}
+
+		if (this.model.get("accessTokenValiditySeconds") == null) {
+			$("#access-token-timeout-time", this.$el).prop('disabled', true);
+			$("#access-token-timeout-unit", this.$el).prop('disabled', true);
+		}
+
+		if (this.model.get("refreshTokenValiditySeconds") == null) {
+			$("#refresh-token-timeout-time", this.$el).prop('disabled', true);
+			$("#refresh-token-timeout-unit", this.$el).prop('disabled', true);
+		}
+
+		// toggle other dynamic fields
+		this.toggleClientCredentials();
+		this.previewLogo();
+		this.toggleJWKSetType();
+
+		// disable unsupported JOSE algorithms
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.request_object_signing_alg_values_supported, '#requestObjectSigningAlg option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.userinfo_signing_alg_values_supported, '#userInfoSignedResponseAlg option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.userinfo_encryption_alg_values_supported, '#userInfoEncryptedResponseAlg option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.userinfo_encryption_enc_values_supported, '#userInfoEncryptedResponseEnc option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.id_token_signing_alg_values_supported, '#idTokenSignedResponseAlg option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.id_token_encryption_alg_values_supported, '#idTokenEncryptedResponseAlg option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.id_token_encryption_enc_values_supported, '#idTokenEncryptedResponseEnc option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.token_endpoint_auth_signing_alg_values_supported, '#tokenEndpointAuthSigningAlg option');
+
+		this.$('.nyi').clickover({
+			placement: 'right',
+			title: $.t('common.not-yet-implemented'),
+			content: $.t('common.not-yet-implemented-content')
+		});
+
+		$(this.el).i18n();
+		return this;
+	}
+});
+
+ui.routes.push({
+	path: "admin/clients",
+	name: "listClients",
+	callback: function() {
+
+		if (!isAdmin()) {
+			this.root();
+			return;
+		}
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('client.manage'),
+			href: "manage/#admin/clients"
+		}]);
+
+		this.updateSidebar('admin/clients');
+
+		var view = new ClientListView({
+			model: this.clientList,
+			systemScopeList: this.systemScopeList,
+			whiteListList: this.whiteListList
+		});
+		view.load(function() {
+			$('#content').html(view.render().el);
+			view.delegateEvents();
+			setPageTitle($.t('client.manage'));
+		});
+
+	}
+
+});
+
+ui.routes.push({
+	path: "admin/client/new",
+	name: "newClient",
+	callback: function() {
+		console.log("newClient");
+		if (!isAdmin()) {
+			this.root();
+			return;
+		}
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('client.manage'),
+			href: "manage/#admin/clients"
+		}, {
+			text: $.t('client.client-form.new'),
+			href: ""
+		}]);
+
+		this.updateSidebar('admin/clients');
+
+		var client = new ClientModel();
+
+		var view = new ClientFormView({
+			model: client,
+			systemScopeList: this.systemScopeList
+		});
+		view.load(function() {
+			var userInfo = getUserInfo();
+			var contacts = [];
+			if (userInfo != null && userInfo.email != null) {
+				contacts.push(userInfo.email);
+			}
+
+			// use a different set of defaults based on heart mode flag
+			if (heartMode) {
+				client.set({
+					tokenEndpointAuthMethod: "PRIVATE_KEY",
+					generateClientSecret: false,
+					displayClientSecret: false,
+					requireAuthTime: true,
+					defaultMaxAge: 60000,
+					scope: _.uniq(_.flatten(app.systemScopeList.defaultScopes().pluck("value"))),
+					accessTokenValiditySeconds: 3600,
+					refreshTokenValiditySeconds: 24 * 3600,
+					idTokenValiditySeconds: 300,
+					deviceCodeValiditySeconds: 30 * 60,
+					grantTypes: ["authorization_code"],
+					responseTypes: ["code"],
+					subjectType: "PUBLIC",
+					jwksType: "URI",
+					contacts: contacts
+				}, {
+					silent: true
+				});
+			} else {
+				// set up this new client to require a secret and have us
+				// autogenerate one
+				client.set({
+					tokenEndpointAuthMethod: "SECRET_BASIC",
+					generateClientSecret: true,
+					displayClientSecret: false,
+					requireAuthTime: true,
+					defaultMaxAge: 60000,
+					scope: _.uniq(_.flatten(app.systemScopeList.defaultScopes().pluck("value"))),
+					accessTokenValiditySeconds: 3600,
+					idTokenValiditySeconds: 600,
+					deviceCodeValiditySeconds: 30 * 60,
+					grantTypes: ["authorization_code"],
+					responseTypes: ["code"],
+					subjectType: "PUBLIC",
+					jwksType: "URI",
+					contacts: contacts
+				}, {
+					silent: true
+				});
+			}
+
+			$('#content').html(view.render().el);
+			setPageTitle($.t('client.client-form.new'));
+		});
+	}
+});
+
+ui.routes.push({
+	path: "admin/client/:id",
+	name: "editClient",
+	callback: function(id) {
+		console.log("editClient " + id);
+		if (!isAdmin()) {
+			this.root();
+			return;
+		}
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('client.manage'),
+			href: "manage/#admin/clients"
+		}, {
+			text: $.t('client.client-form.edit'),
+			href: "manage/#admin/client/" + id
+		}]);
+
+		this.updateSidebar('admin/clients');
+
+		var client = this.clientList.get(id);
+		if (!client) {
+			client = new ClientModel({
+				id: id
+			});
+		}
+
+		var view = new ClientFormView({
+			model: client,
+			systemScopeList: app.systemScopeList
+		});
+		view.load(function() {
+			if ($.inArray("refresh_token", client.get("grantTypes")) != -1) {
+				client.set({
+					allowRefresh: true
+				}, {
+					silent: true
+				});
+			}
+
+			if (client.get("jwks")) {
+				client.set({
+					jwksType: "VAL"
+				}, {
+					silent: true
+				});
+			} else {
+				client.set({
+					jwksType: "URI"
+				}, {
+					silent: true
+				});
+			}
+
+			client.set({
+				generateClientSecret: false,
+				displayClientSecret: false
+			}, {
+				silent: true
+			});
+
+			$('#content').html(view.render().el);
+			setPageTitle($.t('client.client-form.edit'));
+		});
+
+	}
+});
+
+ui.templates.push('resources/template/client.html');
+
+ui.init.push(function(app) {
+	app.clientList = new ClientCollection();
+});
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js b/openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js
new file mode 100644
index 000000000..0bae62621
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/dynreg.js
@@ -0,0 +1,832 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Portions copyright 2011-2013 The MITRE Corporation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+var DynRegClient = Backbone.Model.extend({
+	idAttribute: "client_id",
+
+	defaults: {
+		client_id: null,
+		client_secret: null,
+		redirect_uris: [],
+		client_name: null,
+		client_uri: null,
+		logo_uri: null,
+		contacts: [],
+		tos_uri: null,
+		token_endpoint_auth_method: null,
+		scope: null,
+		grant_types: [],
+		response_types: [],
+		policy_uri: null,
+
+		jwks_uri: null,
+		jwks: null,
+		jwksType: 'URI',
+
+		application_type: null,
+		sector_identifier_uri: null,
+		subject_type: null,
+
+		request_object_signing_alg: null,
+
+		userinfo_signed_response_alg: null,
+		userinfo_encrypted_response_alg: null,
+		userinfo_encrypted_response_enc: null,
+
+		id_token_signed_response_alg: null,
+		id_token_encrypted_response_alg: null,
+		id_token_encrypted_response_enc: null,
+
+		default_max_age: null,
+		require_auth_time: false,
+		default_acr_values: null,
+
+		initiate_login_uri: null,
+		post_logout_redirect_uris: null,
+
+		claims_redirect_uris: [],
+
+		request_uris: [],
+
+		software_statement: null,
+		software_id: null,
+		software_version: null,
+
+		code_challenge_method: null,
+
+		registration_access_token: null,
+		registration_client_uri: null
+	},
+
+	sync: function(method, model, options) {
+		if (model.get('registration_access_token')) {
+			var headers = options.headers ? options.headers : {};
+			headers['Authorization'] = 'Bearer ' + model.get('registration_access_token');
+			options.headers = headers;
+		}
+
+		return this.constructor.__super__.sync(method, model, options);
+	},
+
+	urlRoot: 'register'
+
+});
+
+var DynRegRootView = Backbone.View.extend({
+
+	tagName: 'span',
+
+	initialize: function(options) {
+		this.options = options;
+
+	},
+
+	events: {
+		"click #newreg": "newReg",
+		"click #editreg": "editReg"
+	},
+
+	load: function(callback) {
+		if (this.options.systemScopeList.isFetched) {
+			callback();
+			return;
+		}
+
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> ');
+
+		$.when(this.options.systemScopeList.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			callback();
+		});
+	},
+
+	render: function() {
+		$(this.el).html($('#tmpl-dynreg').html());
+		$(this.el).i18n();
+		return this;
+	},
+
+	newReg: function(e) {
+		e.preventDefault();
+		this.remove();
+		app.navigate('dev/dynreg/new', {
+			trigger: true
+		});
+	},
+
+	editReg: function(e) {
+		e.preventDefault();
+		var clientId = $('#clientId').val();
+		var token = $('#regtoken').val();
+
+		var client = new DynRegClient({
+			client_id: clientId,
+			registration_access_token: token
+		});
+
+		var self = this;
+
+		client.fetch({
+			success: function() {
+
+				var userInfo = getUserInfo();
+				var contacts = client.get("contacts");
+				if (userInfo != null && userInfo.email != null && !_.contains(contacts, userInfo.email)) {
+					contacts.push(userInfo.email);
+				}
+				client.set({
+					contacts: contacts
+				}, {
+					silent: true
+				});
+
+				if (client.get("jwks")) {
+					client.set({
+						jwksType: "VAL"
+					}, {
+						silent: true
+					});
+				} else {
+					client.set({
+						jwksType: "URI"
+					}, {
+						silent: true
+					});
+				}
+
+				var view = new DynRegEditView({
+					model: client,
+					systemScopeList: app.systemScopeList
+				});
+
+				view.load(function() {
+					$('#content').html(view.render().el);
+					view.delegateEvents();
+					setPageTitle($.t('dynreg.edit-dynamically-registered'));
+					app.navigate('dev/dynreg/edit', {
+						trigger: true
+					});
+					self.remove();
+				});
+			},
+			error: app.errorHandlerView.handleError({
+				message: $.t('dynreg.invalid-access-token')
+			})
+		});
+	}
+
+});
+
+var DynRegEditView = Backbone.View.extend({
+
+	tagName: 'span',
+
+	initialize: function(options) {
+		this.options = options;
+		if (!this.template) {
+			this.template = _.template($('#tmpl-dynreg-client-form').html());
+		}
+
+		this.redirectUrisCollection = new Backbone.Collection();
+		this.scopeCollection = new Backbone.Collection();
+		this.contactsCollection = new Backbone.Collection();
+		this.defaultAcrValuesCollection = new Backbone.Collection();
+		this.requestUrisCollection = new Backbone.Collection();
+		this.postLogoutRedirectUrisCollection = new Backbone.Collection();
+		this.claimsRedirectUrisCollection = new Backbone.Collection();
+
+		this.listWidgetViews = [];
+	},
+
+	load: function(callback) {
+		if (this.options.systemScopeList.isFetched) {
+			callback();
+			return;
+		}
+
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> ');
+
+		$.when(this.options.systemScopeList.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			callback();
+		});
+	},
+
+	events: {
+		"click .btn-save": "saveClient",
+		"click .btn-cancel": "cancel",
+		"click .btn-delete": "deleteClient",
+		"change #logoUri input": "previewLogo",
+		"change #tokenEndpointAuthMethod input:radio": "toggleClientCredentials",
+		"change #jwkSelector input:radio": "toggleJWKSetType"
+	},
+
+	cancel: function(e) {
+		e.preventDefault();
+		app.navigate('dev/dynreg', {
+			trigger: true
+		});
+	},
+
+	deleteClient: function(e) {
+		e.preventDefault();
+
+		if (confirm($.t('client.client-table.confirm'))) {
+			var self = this;
+
+			this.model.destroy({
+				dataType: false,
+				processData: false,
+				success: function() {
+					self.remove();
+					app.navigate('dev/dynreg', {
+						trigger: true
+					});
+				},
+				error: app.errorHandlerView.handleError({
+					"log": "An error occurred when deleting a client"
+				})
+			});
+
+		}
+
+		return false;
+	},
+
+	previewLogo: function() {
+		if ($('#logoUri input', this.el).val()) {
+			$('#logoPreview', this.el).empty();
+			$('#logoPreview', this.el).attr('src', $('#logoUri input', this.el).val());
+		} else {
+			// $('#logoBlock', this.el).hide();
+			$('#logoPreview', this.el).attr('src', 'resources/images/logo_placeholder.gif');
+		}
+	},
+
+	/**
+	 * Set up the form based on the current state of the tokenEndpointAuthMethod
+	 * parameter
+	 * 
+	 * @param event
+	 */
+	toggleClientCredentials: function() {
+
+		var tokenEndpointAuthMethod = $('#tokenEndpointAuthMethod input', this.el).filter(':checked').val();
+
+		// show or hide the signing algorithm method depending on what's
+		// selected
+		if (tokenEndpointAuthMethod == 'private_key_jwt' || tokenEndpointAuthMethod == 'client_secret_jwt') {
+			$('#tokenEndpointAuthSigningAlg', this.el).show();
+		} else {
+			$('#tokenEndpointAuthSigningAlg', this.el).hide();
+		}
+	},
+
+	/**
+	 * Set up the form based on the JWK Set selector
+	 */
+	toggleJWKSetType: function() {
+		var jwkSelector = $('#jwkSelector input:radio', this.el).filter(':checked').val();
+
+		if (jwkSelector == 'URI') {
+			$('#jwksUri', this.el).show();
+			$('#jwks', this.el).hide();
+		} else if (jwkSelector == 'VAL') {
+			$('#jwksUri', this.el).hide();
+			$('#jwks', this.el).show();
+		} else {
+			$('#jwksUri', this.el).hide();
+			$('#jwks', this.el).hide();
+		}
+
+	},
+
+	disableUnsupportedJOSEItems: function(serverSupported, query) {
+		var supported = ['default'];
+		if (serverSupported) {
+			supported = _.union(supported, serverSupported);
+		}
+		$(query, this.$el).each(function(idx) {
+			if (_.contains(supported, $(this).val())) {
+				$(this).prop('disabled', false);
+			} else {
+				$(this).prop('disabled', true);
+			}
+		});
+
+	},
+
+	// returns "null" if given the value "default" as a string,
+	// otherwise returns input value. useful for parsing the JOSE
+	// algorithm dropdowns
+	defaultToNull: function(value) {
+		if (value == 'default') {
+			return null;
+		} else {
+			return value;
+		}
+	},
+
+	// returns "null" if the given value is falsy
+	emptyToNull: function(value) {
+		if (value) {
+			return value;
+		} else {
+			return null;
+		}
+	},
+
+	// maps from a form-friendly name to the real grant parameter name
+	grantMap: {
+		'authorization_code': 'authorization_code',
+		'password': 'password',
+		'implicit': 'implicit',
+		'client_credentials': 'client_credentials',
+		'redelegate': 'urn:ietf:params:oauth:grant_type:redelegate',
+		'refresh_token': 'refresh_token'
+	},
+
+	// maps from a form-friendly name to the real response type
+	// parameter name
+	responseMap: {
+		'code': 'code',
+		'token': 'token',
+		'idtoken': 'id_token',
+		'token-idtoken': 'token id_token',
+		'code-idtoken': 'code id_token',
+		'code-token': 'code token',
+		'code-token-idtoken': 'code token id_token'
+	},
+
+	saveClient: function(e) {
+		e.preventDefault();
+
+		$('.control-group').removeClass('error');
+
+		// sync any leftover collection items
+		_.each(this.listWidgetViews, function(v) {
+			v.addItem($.Event('click'));
+		});
+
+		// build the scope object
+		var scopes = this.scopeCollection.pluck("item").join(" ");
+
+		// build the grant type object
+		var grantTypes = [];
+		$.each(this.grantMap, function(index, type) {
+			if ($('#grantTypes-' + index).is(':checked')) {
+				grantTypes.push(type);
+			}
+		});
+
+		// build the response type object
+		var responseTypes = [];
+		$.each(this.responseMap, function(index, type) {
+			if ($('#responseTypes-' + index).is(':checked')) {
+				responseTypes.push(type);
+			}
+		});
+
+		var contacts = this.contactsCollection.pluck('item');
+		var userInfo = getUserInfo();
+		if (userInfo && userInfo.email) {
+			if (!_.contains(contacts, userInfo.email)) {
+				contacts.push(userInfo.email);
+			}
+		}
+
+		// make sure that the subject identifier is consistent with the
+		// redirect URIs
+		var subjectType = $('#subjectType input').filter(':checked').val();
+		var redirectUris = this.redirectUrisCollection.pluck("item");
+		var sectorIdentifierUri = $('#sectorIdentifierUri input').val();
+		if (subjectType == 'PAIRWISE' && redirectUris.length > 1 && sectorIdentifierUri == '') {
+			// Display an alert with an error message
+			app.errorHandlerView.showErrorMessage($.t("client.client-form.error.consistency"), $.t("client.client-form.error.pairwise-sector"));
+			return false;
+
+		}
+
+		// process the JWKS
+		var jwksUri = null;
+		var jwks = null;
+		var jwkSelector = $('#jwkSelector input:radio', this.el).filter(':checked').val();
+
+		if (jwkSelector == 'URI') {
+			jwksUri = $('#jwksUri input').val();
+			jwks = null;
+		} else if (jwkSelector == 'VAL') {
+			jwksUri = null;
+			try {
+				jwks = JSON.parse($('#jwks textarea').val());
+			} catch (e) {
+				console.log("An error occurred when parsing the JWK Set");
+				app.errorHandlerView.showErrorMessage($.t("client.client-form.error.jwk-set"), $.t("client.client-form.error.jwk-set-parse"));
+				return false;
+			}
+		} else {
+			jwksUri = null;
+			jwks = null;
+		}
+
+		var attrs = {
+			client_name: this.emptyToNull($('#clientName input').val()),
+			redirect_uris: redirectUris,
+			logo_uri: this.emptyToNull($('#logoUri input').val()),
+			grant_types: grantTypes,
+			scope: scopes,
+			client_secret: null, // never send a client secret
+			tos_uri: this.emptyToNull($('#tosUri input').val()),
+			policy_uri: this.emptyToNull($('#policyUri input').val()),
+			client_uri: this.emptyToNull($('#clientUri input').val()),
+			application_type: $('#applicationType input').filter(':checked').val(),
+			jwks_uri: jwksUri,
+			jwks: jwks,
+			subject_type: subjectType,
+			software_statement: this.emptyToNull($('#softwareStatement textarea').val()),
+			softwareId: this.emptyToNull($('#softwareId input').val()),
+			softwareVersion: this.emptyToNull($('#softwareVersion input').val()),
+			token_endpoint_auth_method: $('#tokenEndpointAuthMethod input').filter(':checked').val(),
+			response_types: responseTypes,
+			sector_identifier_uri: sectorIdentifierUri,
+			initiate_login_uri: this.emptyToNull($('#initiateLoginUri input').val()),
+			post_logout_redirect_uris: this.postLogoutRedirectUrisCollection.pluck('item'),
+			claims_redirect_uris: this.claimsRedirectUrisCollection.pluck('item'),
+			require_auth_time: $('#requireAuthTime input').is(':checked'),
+			default_max_age: parseInt($('#defaultMaxAge input').val()),
+			contacts: contacts,
+			request_uris: this.requestUrisCollection.pluck('item'),
+			default_acr_values: this.defaultAcrValuesCollection.pluck('item'),
+			request_object_signing_alg: this.defaultToNull($('#requestObjectSigningAlg select').val()),
+			userinfo_signed_response_alg: this.defaultToNull($('#userInfoSignedResponseAlg select').val()),
+			userinfo_encrypted_response_alg: this.defaultToNull($('#userInfoEncryptedResponseAlg select').val()),
+			userinfo_encrypted_response_enc: this.defaultToNull($('#userInfoEncryptedResponseEnc select').val()),
+			id_token_signed_response_alg: this.defaultToNull($('#idTokenSignedResponseAlg select').val()),
+			id_token_encrypted_response_alg: this.defaultToNull($('#idTokenEncryptedResponseAlg select').val()),
+			id_token_encrypted_response_enc: this.defaultToNull($('#idTokenEncryptedResponseEnc select').val()),
+			token_endpoint_auth_signing_alg: this.defaultToNull($('#tokenEndpointAuthSigningAlg select').val()),
+			code_challenge_method: this.defaultToNull($('#codeChallengeMethod select').val())
+		};
+
+		// set all empty strings to nulls
+		for ( var key in attrs) {
+			if (attrs[key] === "") {
+				attrs[key] = null;
+			}
+		}
+
+		var _self = this;
+		this.model.save(attrs, {
+			success: function() {
+				// switch to an "edit" view
+				app.navigate('dev/dynreg/edit', {
+					trigger: true
+				});
+				_self.remove();
+
+				var userInfo = getUserInfo();
+				var contacts = _self.model.get("contacts");
+				if (userInfo != null && userInfo.email != null && !_.contains(contacts, userInfo.email)) {
+					contacts.push(userInfo.email);
+				}
+				_self.model.set({
+					contacts: contacts
+				}, {
+					silent: true
+				});
+
+				if (_self.model.get("jwks")) {
+					_self.model.set({
+						jwksType: "VAL"
+					}, {
+						silent: true
+					});
+				} else {
+					_self.model.set({
+						jwksType: "URI"
+					}, {
+						silent: true
+					});
+				}
+
+				var view = new DynRegEditView({
+					model: _self.model,
+					systemScopeList: _self.options.systemScopeList
+				});
+
+				view.load(function() {
+					// reload
+					$('#content').html(view.render().el);
+					view.delegateEvents();
+				});
+			},
+			error: app.errorHandlerView.handleError({
+				log: "An error occurred when saving a client"
+			})
+		});
+
+		return false;
+	},
+
+	render: function() {
+		var data = {
+			client: this.model.toJSON(),
+			userInfo: getUserInfo(),
+			heartMode: heartMode
+		};
+		$(this.el).html(this.template(data));
+
+		this.listWidgetViews = [];
+
+		var _self = this;
+
+		// build and bind registered redirect URI collection and view
+		_.each(this.model.get("redirect_uris"), function(redirectUri) {
+			_self.redirectUrisCollection.add(new URIModel({
+				item: redirectUri
+			}));
+		});
+
+		var redirectUriView = new ListWidgetView({
+			type: 'uri',
+			placeholder: 'https://',
+			helpBlockText: $.t('client.client-form.redirect-uris-help'),
+			collection: this.redirectUrisCollection
+		});
+		$("#redirectUris .controls", this.el).html(redirectUriView.render().el);
+		this.listWidgetViews.push(redirectUriView);
+
+		// build and bind scopes
+		var scopes = this.model.get("scope");
+		var scopeSet = scopes ? scopes.split(" ") : [];
+		_.each(scopeSet, function(scope) {
+			_self.scopeCollection.add(new Backbone.Model({
+				item: scope
+			}));
+		});
+
+		var scopeView = new ListWidgetView({
+			placeholder: $.t('client.client-form.scope-placeholder'),
+			autocomplete: _.uniq(_.flatten(this.options.systemScopeList.unrestrictedScopes().pluck("value"))),
+			helpBlockText: $.t('client.client-form.scope-help'),
+			collection: this.scopeCollection
+		});
+		$("#scope .controls", this.el).html(scopeView.render().el);
+		this.listWidgetViews.push(scopeView);
+
+		// build and bind contacts
+		_.each(this.model.get('contacts'), function(contact) {
+			_self.contactsCollection.add(new Backbone.Model({
+				item: contact
+			}));
+		});
+
+		var contactView = new ListWidgetView({
+			placeholder: $.t('client.client-form.contacts-placeholder'),
+			helpBlockText: $.t('client.client-form.contacts-help'),
+			collection: this.contactsCollection
+		});
+		$("#contacts .controls div", this.el).html(contactView.render().el);
+		this.listWidgetViews.push(contactView);
+
+		// build and bind post-logout redirect URIs
+		_.each(this.model.get('post_logout_redirect_uris'), function(postLogoutRedirectUri) {
+			_self.postLogoutRedirectUrisCollection.add(new URIModel({
+				item: postLogoutRedirectUri
+			}));
+		});
+
+		var postLogoutRedirectUrisView = new ListWidgetView({
+			type: 'uri',
+			placeholder: 'https://',
+			helpBlockText: $.t('client.client-form.post-logout-help'),
+			collection: this.postLogoutRedirectUrisCollection
+		});
+		$('#postLogoutRedirectUris .controls', this.el).html(postLogoutRedirectUrisView.render().el);
+		this.listWidgetViews.push(postLogoutRedirectUrisView);
+
+		// build and bind claims redirect URIs
+		_.each(this.model.get('claimsRedirectUris'), function(claimsRedirectUri) {
+			_self.claimsRedirectUrisCollection.add(new URIModel({
+				item: claimsRedirectUri
+			}));
+		});
+
+		var claimsRedirectUrisView = new ListWidgetView({
+			type: 'uri',
+			placeholder: 'https://',
+			helpBlockText: $.t('client.client-form.claims-redirect-uris-help'),
+			collection: this.claimsRedirectUrisCollection
+		});
+		$('#claimsRedirectUris .controls', this.el).html(claimsRedirectUrisView.render().el);
+		this.listWidgetViews.push(claimsRedirectUrisView);
+
+		// build and bind request URIs
+		_.each(this.model.get('request_uris'), function(requestUri) {
+			_self.requestUrisCollection.add(new URIModel({
+				item: requestUri
+			}));
+		});
+
+		var requestUriView = new ListWidgetView({
+			type: 'uri',
+			placeholder: 'https://',
+			helpBlockText: $.t('client.client-form.request-uri-help'),
+			collection: this.requestUrisCollection
+		});
+		$('#requestUris .controls', this.el).html(requestUriView.render().el);
+		this.listWidgetViews.push(requestUriView);
+
+		// build and bind default ACR values
+		_.each(this.model.get('default_acr_values'), function(defaultAcrValue) {
+			_self.defaultAcrValuesCollection.add(new Backbone.Model({
+				item: defaultAcrValue
+			}));
+		});
+
+		var defaultAcrView = new ListWidgetView({
+			placeholder: $.t('client.client-form.acr-values-placeholder'),
+			// TODO: autocomplete from spec
+			helpBlockText: $.t('client.client-form.acr-values-help'),
+			collection: this.defaultAcrValuesCollection
+		});
+		$('#defaultAcrValues .controls', this.el).html(defaultAcrView.render().el);
+		this.listWidgetViews.push(defaultAcrView);
+
+		this.toggleClientCredentials();
+		this.previewLogo();
+		this.toggleJWKSetType();
+
+		// disable unsupported JOSE algorithms
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.request_object_signing_alg_values_supported, '#requestObjectSigningAlg option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.userinfo_signing_alg_values_supported, '#userInfoSignedResponseAlg option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.userinfo_encryption_alg_values_supported, '#userInfoEncryptedResponseAlg option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.userinfo_encryption_enc_values_supported, '#userInfoEncryptedResponseEnc option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.id_token_signing_alg_values_supported, '#idTokenSignedResponseAlg option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.id_token_encryption_alg_values_supported, '#idTokenEncryptedResponseAlg option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.id_token_encryption_enc_values_supported, '#idTokenEncryptedResponseEnc option');
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.token_endpoint_auth_signing_alg_values_supported, '#tokenEndpointAuthSigningAlg option');
+
+		this.$('.nyi').clickover({
+			placement: 'right',
+			title: $.t('common.not-yet-implemented'),
+			content: $.t('common.not-yet-implemented-content')
+		});
+
+		$(this.el).i18n();
+		return this;
+	}
+
+});
+
+ui.routes.push({
+	path: "dev/dynreg",
+	name: "dynReg",
+	callback: function() {
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('admin.self-service-client'),
+			href: "manage/#dev/dynreg"
+		}]);
+
+		var view = new DynRegRootView({
+			systemScopeList: this.systemScopeList
+		});
+
+		this.updateSidebar('dev/dynreg');
+
+		view.load(function() {
+			$('#content').html(view.render().el);
+
+			setPageTitle($.t('admin.self-service-client'));
+		});
+
+	}
+});
+
+ui.routes.push({
+	path: "dev/dynreg/new",
+	name: "newDynReg",
+	callback: function() {
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('admin.self-service-client'),
+			href: "manage/#dev/dynreg"
+		}, {
+			text: $.t('dynreg.new-client'),
+			href: "manage/#dev/dynreg/new"
+		}]);
+
+		this.updateSidebar('dev/dynreg');
+
+		var client = new DynRegClient();
+		var view = new DynRegEditView({
+			model: client,
+			systemScopeList: this.systemScopeList
+		});
+
+		view.load(function() {
+
+			var userInfo = getUserInfo();
+			var contacts = [];
+			if (userInfo != null && userInfo.email != null) {
+				contacts.push(userInfo.email);
+			}
+
+			if (heartMode) {
+				client.set({
+					require_auth_time: true,
+					default_max_age: 60000,
+					scope: _.uniq(_.flatten(app.systemScopeList.defaultUnrestrictedScopes().pluck("value"))).join(" "),
+					token_endpoint_auth_method: 'private_key_jwt',
+					grant_types: ["authorization_code"],
+					response_types: ["code"],
+					subject_type: "public",
+					contacts: contacts
+				}, {
+					silent: true
+				});
+			} else {
+				client.set({
+					require_auth_time: true,
+					default_max_age: 60000,
+					scope: _.uniq(_.flatten(app.systemScopeList.defaultUnrestrictedScopes().pluck("value"))).join(" "),
+					token_endpoint_auth_method: 'client_secret_basic',
+					grant_types: ["authorization_code"],
+					response_types: ["code"],
+					subject_type: "public",
+					contacts: contacts
+				}, {
+					silent: true
+				});
+			}
+
+			$('#content').html(view.render().el);
+			view.delegateEvents();
+			setPageTitle($.t('dynreg.new-client'));
+
+		});
+
+	}
+});
+
+ui.routes.push({
+	path: "dev/dynreg/edit",
+	name: "editDynReg",
+	callback: function() {
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('admin.self-service-client'),
+			href: "manage/#dev/dynreg"
+		}, {
+			text: $.t('dynreg.edit-existing'),
+			href: "manage/#dev/dynreg/edit"
+		}]);
+
+		this.updateSidebar('dev/dynreg');
+
+		setPageTitle($.t('dynreg.edit-existing'));
+		// note that this doesn't actually load the client, that's supposed to
+		// happen elsewhere...
+	}
+});
+
+ui.templates.push('resources/template/dynreg.html');
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/grant.js b/openid-connect-server-webapp/src/main/webapp/resources/js/grant.js
new file mode 100644
index 000000000..f21a1694b
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/grant.js
@@ -0,0 +1,332 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Portions copyright 2011-2013 The MITRE Corporation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+var ApprovedSiteModel = Backbone.Model.extend({
+	idAttribute: 'id',
+
+	initialize: function() {
+	},
+
+	urlRoot: 'api/approved'
+
+});
+
+var ApprovedSiteCollection = Backbone.Collection.extend({
+	initialize: function() {
+	},
+
+	model: ApprovedSiteModel,
+	url: 'api/approved'
+});
+
+var ApprovedSiteListView = Backbone.View.extend({
+	tagName: 'span',
+
+	initialize: function(options) {
+		this.options = options;
+	},
+
+	load: function(callback) {
+		if (this.model.isFetched && this.options.clientList.isFetched && this.options.systemScopeList.isFetched) {
+			callback();
+			return;
+		}
+
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-grants">' + $.t('grant.grant-table.approved-sites') + '</span> ' + '<span class="label" id="loading-clients">' + $.t('common.clients') + '</span> ' + '<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> ');
+
+		$.when(this.model.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-grants').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.clientList.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-clients').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.systemScopeList.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			callback();
+		});
+	},
+
+	events: {
+		"click .refresh-table": "refreshTable"
+	},
+
+	render: function(eventName) {
+		$(this.el).html($('#tmpl-grant-table').html());
+
+		var approvedSiteCount = 0;
+
+		var _self = this;
+
+		_.each(this.model.models, function(approvedSite) {
+			// look up client
+			var client = this.options.clientList.getByClientId(approvedSite.get('clientId'));
+
+			if (client != null) {
+
+				var view = new ApprovedSiteView({
+					model: approvedSite,
+					client: client,
+					systemScopeList: this.options.systemScopeList
+				});
+				view.parentView = _self;
+				$('#grant-table', this.el).append(view.render().el);
+				approvedSiteCount = approvedSiteCount + 1;
+
+			}
+
+		}, this);
+
+		this.togglePlaceholder();
+		$(this.el).i18n();
+		return this;
+	},
+
+	togglePlaceholder: function() {
+		// count entries
+		if (this.model.length > 0) {
+			$('#grant-table', this.el).show();
+			$('#grant-table-empty', this.el).hide();
+		} else {
+			$('#grant-table', this.el).hide();
+			$('#grant-table-empty', this.el).show();
+		}
+
+	},
+
+	refreshTable: function(e) {
+		e.preventDefault();
+		var _self = this;
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-grants">' + $.t('grant.grant-table.approved-sites') + '</span> ' + '<span class="label" id="loading-clients">' + $.t('common.clients') + '</span> ' + '<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> ');
+
+		$.when(this.model.fetch({
+			success: function(e) {
+				$('#loading-grants').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.clientList.fetch({
+			success: function(e) {
+				$('#loading-clients').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.systemScopeList.fetch({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			_self.render();
+		});
+	}
+
+});
+
+var ApprovedSiteView = Backbone.View.extend({
+	tagName: 'tr',
+
+	initialize: function(options) {
+		this.options = options;
+		if (!this.template) {
+			this.template = _.template($('#tmpl-grant').html());
+		}
+		if (!this.scopeTemplate) {
+			this.scopeTemplate = _.template($('#tmpl-scope-list').html());
+		}
+
+		if (!this.moreInfoTemplate) {
+			this.moreInfoTemplate = _.template($('#tmpl-client-more-info-block').html());
+		}
+
+	},
+
+	render: function() {
+
+		var creationDate = this.model.get("creationDate");
+		var accessDate = this.model.get("accessDate");
+		var timeoutDate = this.model.get("timeoutDate");
+
+		var displayCreationDate = $.t('grant.grant-table.unknown');
+		var hoverCreationDate = "";
+		if ((creationDate != null) && moment(creationDate).isValid()) {
+			creationDate = moment(creationDate);
+			if (moment().diff(creationDate, 'months') < 6) {
+				displayCreationDate = creationDate.fromNow();
+			} else {
+				displayCreationDate = creationDate.format("LL");
+			}
+			hoverCreationDate = creationDate.format("LLL");
+		}
+
+		var displayAccessDate = $.t('grant.grant-table.unknown');
+		var hoverAccessDate = "";
+		if ((accessDate != null) && moment(accessDate).isValid()) {
+			accessDate = moment(accessDate);
+			if (moment().diff(accessDate, 'months') < 6) {
+				displayAccessDate = accessDate.fromNow();
+			} else {
+				displayAccessDate = accessDate.format("LL");
+			}
+			hoverAccessDate = accessDate.format("LLL");
+		}
+
+		var displayTimeoutDate = $.t('grant.grant-table.unknown');
+		var hoverTimeoutDate = "";
+		if (timeoutDate == null) {
+			displayTimeoutDate = $.t('grant.grant-table.never');
+		} else if (moment(timeoutDate).isValid()) {
+			timeoutDate = moment(timeoutDate);
+			if (moment().diff(timeoutDate, 'months') < 6) {
+				displayTimeoutDate = timeoutDate.fromNow();
+			} else {
+				displayTimeoutDate = timeoutDate.format("LL");
+			}
+			hoverTimeoutDate = timeoutDate.format("LLL");
+		}
+
+		var formattedDate = {
+			displayCreationDate: displayCreationDate,
+			hoverCreationDate: hoverCreationDate,
+			displayAccessDate: displayAccessDate,
+			hoverAccessDate: hoverAccessDate,
+			displayTimeoutDate: displayTimeoutDate,
+			hoverTimeoutDate: hoverTimeoutDate
+		};
+
+		var json = {
+			grant: this.model.toJSON(),
+			client: this.options.client.toJSON(),
+			formattedDate: formattedDate
+		};
+
+		this.$el.html(this.template(json));
+
+		$('.scope-list', this.el).html(this.scopeTemplate({
+			scopes: this.model.get('allowedScopes'),
+			systemScopes: this.options.systemScopeList
+		}));
+
+		$('.client-more-info-block', this.el).html(this.moreInfoTemplate({
+			client: this.options.client.toJSON()
+		}));
+
+		this.$('.dynamically-registered').tooltip({
+			title: $.t('grant.grant-table.dynamically-registered')
+		});
+		this.$('.tokens').tooltip({
+			title: $.t('grant.grant-table.active-tokens')
+		});
+		$(this.el).i18n();
+		return this;
+	},
+
+	events: {
+		'click .btn-delete': 'deleteApprovedSite',
+		'click .toggleMoreInformation': 'toggleMoreInformation'
+	},
+
+	deleteApprovedSite: function(e) {
+		e.preventDefault();
+		if (confirm("Are you sure you want to revoke access to this site?")) {
+			var self = this;
+
+			this.model.destroy({
+				dataType: false,
+				processData: false,
+				success: function() {
+					self.$el.fadeTo("fast", 0.00, function() { // fade
+						$(this).slideUp("fast", function() { // slide up
+							$(this).remove(); // then remove from the DOM
+							self.parentView.togglePlaceholder();
+						});
+					});
+				},
+				error: app.errorHandlerView.handleError()
+			});
+
+			this.parentView.delegateEvents();
+		}
+
+		return false;
+	},
+
+	toggleMoreInformation: function(e) {
+		e.preventDefault();
+		if ($('.moreInformation', this.el).is(':visible')) {
+			// hide it
+			$('.moreInformation', this.el).hide('fast');
+			$('.toggleMoreInformation i', this.el).attr('class', 'icon-chevron-right');
+			$('.moreInformationContainer', this.el).removeClass('alert').removeClass('alert-info').addClass('muted');
+
+		} else {
+			// show it
+			$('.moreInformation', this.el).show('fast');
+			$('.toggleMoreInformation i', this.el).attr('class', 'icon-chevron-down');
+			$('.moreInformationContainer', this.el).addClass('alert').addClass('alert-info').removeClass('muted');
+		}
+	},
+
+	close: function() {
+		$(this.el).unbind();
+		$(this.el).empty();
+	}
+});
+
+ui.routes.push({
+	path: "user/approved",
+	name: "approvedSites",
+	callback:
+
+	function() {
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('grant.manage-approved-sites'),
+			href: "manage/#user/approve"
+		}]);
+
+		this.updateSidebar('user/approved');
+
+		var view = new ApprovedSiteListView({
+			model: this.approvedSiteList,
+			clientList: this.clientList,
+			systemScopeList: this.systemScopeList
+		});
+		view.load(function(collection, response, options) {
+			$('#content').html(view.render().el);
+			setPageTitle($.t('grant.manage-approved-sites'));
+		});
+	}
+});
+
+ui.templates.push('resources/template/grant.html');
+
+ui.init.push(function(app) {
+	app.approvedSiteList = new ApprovedSiteCollection();
+});
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/lib/backbone.js b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/backbone.js
new file mode 100644
index 000000000..58800425c
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/backbone.js
@@ -0,0 +1,1873 @@
+//     Backbone.js 1.2.1
+
+//     (c) 2010-2015 Jeremy Ashkenas, DocumentCloud and Investigative Reporters & Editors
+//     Backbone may be freely distributed under the MIT license.
+//     For all details and documentation:
+//     http://backbonejs.org
+
+(function(factory) {
+
+  // Establish the root object, `window` (`self`) in the browser, or `global` on the server.
+  // We use `self` instead of `window` for `WebWorker` support.
+  var root = (typeof self == 'object' && self.self == self && self) ||
+            (typeof global == 'object' && global.global == global && global);
+
+  // Set up Backbone appropriately for the environment. Start with AMD.
+  if (typeof define === 'function' && define.amd) {
+    define(['underscore', 'jquery', 'exports'], function(_, $, exports) {
+      // Export global even in AMD case in case this script is loaded with
+      // others that may still expect a global Backbone.
+      root.Backbone = factory(root, exports, _, $);
+    });
+
+  // Next for Node.js or CommonJS. jQuery may not be needed as a module.
+  } else if (typeof exports !== 'undefined') {
+    var _ = require('underscore'), $;
+    try { $ = require('jquery'); } catch(e) {}
+    factory(root, exports, _, $);
+
+  // Finally, as a browser global.
+  } else {
+    root.Backbone = factory(root, {}, root._, (root.jQuery || root.Zepto || root.ender || root.$));
+  }
+
+}(function(root, Backbone, _, $) {
+
+  // Initial Setup
+  // -------------
+
+  // Save the previous value of the `Backbone` variable, so that it can be
+  // restored later on, if `noConflict` is used.
+  var previousBackbone = root.Backbone;
+
+  // Create a local reference to a common array method we'll want to use later.
+  var slice = [].slice;
+
+  // Current version of the library. Keep in sync with `package.json`.
+  Backbone.VERSION = '1.2.1';
+
+  // For Backbone's purposes, jQuery, Zepto, Ender, or My Library (kidding) owns
+  // the `$` variable.
+  Backbone.$ = $;
+
+  // Runs Backbone.js in *noConflict* mode, returning the `Backbone` variable
+  // to its previous owner. Returns a reference to this Backbone object.
+  Backbone.noConflict = function() {
+    root.Backbone = previousBackbone;
+    return this;
+  };
+
+  // Turn on `emulateHTTP` to support legacy HTTP servers. Setting this option
+  // will fake `"PATCH"`, `"PUT"` and `"DELETE"` requests via the `_method` parameter and
+  // set a `X-Http-Method-Override` header.
+  Backbone.emulateHTTP = false;
+
+  // Turn on `emulateJSON` to support legacy servers that can't deal with direct
+  // `application/json` requests ... this will encode the body as
+  // `application/x-www-form-urlencoded` instead and will send the model in a
+  // form param named `model`.
+  Backbone.emulateJSON = false;
+
+  // Proxy Underscore methods to a Backbone class' prototype using a
+  // particular attribute as the data argument
+  var addMethod = function(length, method, attribute) {
+    switch (length) {
+      case 1: return function() {
+        return _[method](this[attribute]);
+      };
+      case 2: return function(value) {
+        return _[method](this[attribute], value);
+      };
+      case 3: return function(iteratee, context) {
+        return _[method](this[attribute], iteratee, context);
+      };
+      case 4: return function(iteratee, defaultVal, context) {
+        return _[method](this[attribute], iteratee, defaultVal, context);
+      };
+      default: return function() {
+        var args = slice.call(arguments);
+        args.unshift(this[attribute]);
+        return _[method].apply(_, args);
+      };
+    }
+  };
+  var addUnderscoreMethods = function(Class, methods, attribute) {
+    _.each(methods, function(length, method) {
+      if (_[method]) Class.prototype[method] = addMethod(length, method, attribute);
+    });
+  };
+
+  // Backbone.Events
+  // ---------------
+
+  // A module that can be mixed in to *any object* in order to provide it with
+  // custom events. You may bind with `on` or remove with `off` callback
+  // functions to an event; `trigger`-ing an event fires all callbacks in
+  // succession.
+  //
+  //     var object = {};
+  //     _.extend(object, Backbone.Events);
+  //     object.on('expand', function(){ alert('expanded'); });
+  //     object.trigger('expand');
+  //
+  var Events = Backbone.Events = {};
+
+  // Regular expression used to split event strings.
+  var eventSplitter = /\s+/;
+
+  // Iterates over the standard `event, callback` (as well as the fancy multiple
+  // space-separated events `"change blur", callback` and jQuery-style event
+  // maps `{event: callback}`), reducing them by manipulating `memo`.
+  // Passes a normalized single event name and callback, as well as any
+  // optional `opts`.
+  var eventsApi = function(iteratee, memo, name, callback, opts) {
+    var i = 0, names;
+    if (name && typeof name === 'object') {
+      // Handle event maps.
+      if (callback !== void 0 && 'context' in opts && opts.context === void 0) opts.context = callback;
+      for (names = _.keys(name); i < names.length ; i++) {
+        memo = iteratee(memo, names[i], name[names[i]], opts);
+      }
+    } else if (name && eventSplitter.test(name)) {
+      // Handle space separated event names.
+      for (names = name.split(eventSplitter); i < names.length; i++) {
+        memo = iteratee(memo, names[i], callback, opts);
+      }
+    } else {
+      memo = iteratee(memo, name, callback, opts);
+    }
+    return memo;
+  };
+
+  // Bind an event to a `callback` function. Passing `"all"` will bind
+  // the callback to all events fired.
+  Events.on = function(name, callback, context) {
+    return internalOn(this, name, callback, context);
+  };
+
+  // An internal use `on` function, used to guard the `listening` argument from
+  // the public API.
+  var internalOn = function(obj, name, callback, context, listening) {
+    obj._events = eventsApi(onApi, obj._events || {}, name, callback, {
+        context: context,
+        ctx: obj,
+        listening: listening
+    });
+
+    if (listening) {
+      var listeners = obj._listeners || (obj._listeners = {});
+      listeners[listening.id] = listening;
+    }
+
+    return obj;
+  };
+
+  // Inversion-of-control versions of `on`. Tell *this* object to listen to
+  // an event in another object... keeping track of what it's listening to.
+  Events.listenTo =  function(obj, name, callback) {
+    if (!obj) return this;
+    var id = obj._listenId || (obj._listenId = _.uniqueId('l'));
+    var listeningTo = this._listeningTo || (this._listeningTo = {});
+    var listening = listeningTo[id];
+
+    // This object is not listening to any other events on `obj` yet.
+    // Setup the necessary references to track the listening callbacks.
+    if (!listening) {
+      var thisId = this._listenId || (this._listenId = _.uniqueId('l'));
+      listening = listeningTo[id] = {obj: obj, objId: id, id: thisId, listeningTo: listeningTo, count: 0};
+    }
+
+    // Bind callbacks on obj, and keep track of them on listening.
+    internalOn(obj, name, callback, this, listening);
+    return this;
+  };
+
+  // The reducing API that adds a callback to the `events` object.
+  var onApi = function(events, name, callback, options) {
+    if (callback) {
+      var handlers = events[name] || (events[name] = []);
+      var context = options.context, ctx = options.ctx, listening = options.listening;
+      if (listening) listening.count++;
+
+      handlers.push({ callback: callback, context: context, ctx: context || ctx, listening: listening });
+    }
+    return events;
+  };
+
+  // Remove one or many callbacks. If `context` is null, removes all
+  // callbacks with that function. If `callback` is null, removes all
+  // callbacks for the event. If `name` is null, removes all bound
+  // callbacks for all events.
+  Events.off =  function(name, callback, context) {
+    if (!this._events) return this;
+    this._events = eventsApi(offApi, this._events, name, callback, {
+        context: context,
+        listeners: this._listeners
+    });
+    return this;
+  };
+
+  // Tell this object to stop listening to either specific events ... or
+  // to every object it's currently listening to.
+  Events.stopListening =  function(obj, name, callback) {
+    var listeningTo = this._listeningTo;
+    if (!listeningTo) return this;
+
+    var ids = obj ? [obj._listenId] : _.keys(listeningTo);
+
+    for (var i = 0; i < ids.length; i++) {
+      var listening = listeningTo[ids[i]];
+
+      // If listening doesn't exist, this object is not currently
+      // listening to obj. Break out early.
+      if (!listening) break;
+
+      listening.obj.off(name, callback, this);
+    }
+    if (_.isEmpty(listeningTo)) this._listeningTo = void 0;
+
+    return this;
+  };
+
+  // The reducing API that removes a callback from the `events` object.
+  var offApi = function(events, name, callback, options) {
+    // No events to consider.
+    if (!events) return;
+
+    var i = 0, listening;
+    var context = options.context, listeners = options.listeners;
+
+    // Delete all events listeners and "drop" events.
+    if (!name && !callback && !context) {
+      var ids = _.keys(listeners);
+      for (; i < ids.length; i++) {
+        listening = listeners[ids[i]];
+        delete listeners[listening.id];
+        delete listening.listeningTo[listening.objId];
+      }
+      return;
+    }
+
+    var names = name ? [name] : _.keys(events);
+    for (; i < names.length; i++) {
+      name = names[i];
+      var handlers = events[name];
+
+      // Bail out if there are no events stored.
+      if (!handlers) break;
+
+      // Replace events if there are any remaining.  Otherwise, clean up.
+      var remaining = [];
+      for (var j = 0; j < handlers.length; j++) {
+        var handler = handlers[j];
+        if (
+          callback && callback !== handler.callback &&
+            callback !== handler.callback._callback ||
+              context && context !== handler.context
+        ) {
+          remaining.push(handler);
+        } else {
+          listening = handler.listening;
+          if (listening && --listening.count === 0) {
+            delete listeners[listening.id];
+            delete listening.listeningTo[listening.objId];
+          }
+        }
+      }
+
+      // Update tail event if the list has any events.  Otherwise, clean up.
+      if (remaining.length) {
+        events[name] = remaining;
+      } else {
+        delete events[name];
+      }
+    }
+    if (_.size(events)) return events;
+  };
+
+  // Bind an event to only be triggered a single time. After the first time
+  // the callback is invoked, it will be removed. When multiple events are
+  // passed in using the space-separated syntax, the event will fire once for every
+  // event you passed in, not once for a combination of all events
+  Events.once =  function(name, callback, context) {
+    // Map the event into a `{event: once}` object.
+    var events = eventsApi(onceMap, {}, name, callback, _.bind(this.off, this));
+    return this.on(events, void 0, context);
+  };
+
+  // Inversion-of-control versions of `once`.
+  Events.listenToOnce =  function(obj, name, callback) {
+    // Map the event into a `{event: once}` object.
+    var events = eventsApi(onceMap, {}, name, callback, _.bind(this.stopListening, this, obj));
+    return this.listenTo(obj, events);
+  };
+
+  // Reduces the event callbacks into a map of `{event: onceWrapper}`.
+  // `offer` unbinds the `onceWrapper` after it has been called.
+  var onceMap = function(map, name, callback, offer) {
+    if (callback) {
+      var once = map[name] = _.once(function() {
+        offer(name, once);
+        callback.apply(this, arguments);
+      });
+      once._callback = callback;
+    }
+    return map;
+  };
+
+  // Trigger one or many events, firing all bound callbacks. Callbacks are
+  // passed the same arguments as `trigger` is, apart from the event name
+  // (unless you're listening on `"all"`, which will cause your callback to
+  // receive the true name of the event as the first argument).
+  Events.trigger =  function(name) {
+    if (!this._events) return this;
+
+    var length = Math.max(0, arguments.length - 1);
+    var args = Array(length);
+    for (var i = 0; i < length; i++) args[i] = arguments[i + 1];
+
+    eventsApi(triggerApi, this._events, name, void 0, args);
+    return this;
+  };
+
+  // Handles triggering the appropriate event callbacks.
+  var triggerApi = function(objEvents, name, cb, args) {
+    if (objEvents) {
+      var events = objEvents[name];
+      var allEvents = objEvents.all;
+      if (events && allEvents) allEvents = allEvents.slice();
+      if (events) triggerEvents(events, args);
+      if (allEvents) triggerEvents(allEvents, [name].concat(args));
+    }
+    return objEvents;
+  };
+
+  // A difficult-to-believe, but optimized internal dispatch function for
+  // triggering events. Tries to keep the usual cases speedy (most internal
+  // Backbone events have 3 arguments).
+  var triggerEvents = function(events, args) {
+    var ev, i = -1, l = events.length, a1 = args[0], a2 = args[1], a3 = args[2];
+    switch (args.length) {
+      case 0: while (++i < l) (ev = events[i]).callback.call(ev.ctx); return;
+      case 1: while (++i < l) (ev = events[i]).callback.call(ev.ctx, a1); return;
+      case 2: while (++i < l) (ev = events[i]).callback.call(ev.ctx, a1, a2); return;
+      case 3: while (++i < l) (ev = events[i]).callback.call(ev.ctx, a1, a2, a3); return;
+      default: while (++i < l) (ev = events[i]).callback.apply(ev.ctx, args); return;
+    }
+  };
+
+  // Aliases for backwards compatibility.
+  Events.bind   = Events.on;
+  Events.unbind = Events.off;
+
+  // Allow the `Backbone` object to serve as a global event bus, for folks who
+  // want global "pubsub" in a convenient place.
+  _.extend(Backbone, Events);
+
+  // Backbone.Model
+  // --------------
+
+  // Backbone **Models** are the basic data object in the framework --
+  // frequently representing a row in a table in a database on your server.
+  // A discrete chunk of data and a bunch of useful, related methods for
+  // performing computations and transformations on that data.
+
+  // Create a new model with the specified attributes. A client id (`cid`)
+  // is automatically generated and assigned for you.
+  var Model = Backbone.Model = function(attributes, options) {
+    var attrs = attributes || {};
+    options || (options = {});
+    this.cid = _.uniqueId(this.cidPrefix);
+    this.attributes = {};
+    if (options.collection) this.collection = options.collection;
+    if (options.parse) attrs = this.parse(attrs, options) || {};
+    attrs = _.defaults({}, attrs, _.result(this, 'defaults'));
+    this.set(attrs, options);
+    this.changed = {};
+    this.initialize.apply(this, arguments);
+  };
+
+  // Attach all inheritable methods to the Model prototype.
+  _.extend(Model.prototype, Events, {
+
+    // A hash of attributes whose current and previous value differ.
+    changed: null,
+
+    // The value returned during the last failed validation.
+    validationError: null,
+
+    // The default name for the JSON `id` attribute is `"id"`. MongoDB and
+    // CouchDB users may want to set this to `"_id"`.
+    idAttribute: 'id',
+
+    // The prefix is used to create the client id which is used to identify models locally.
+    // You may want to override this if you're experiencing name clashes with model ids.
+    cidPrefix: 'c',
+
+    // Initialize is an empty function by default. Override it with your own
+    // initialization logic.
+    initialize: function(){},
+
+    // Return a copy of the model's `attributes` object.
+    toJSON: function(options) {
+      return _.clone(this.attributes);
+    },
+
+    // Proxy `Backbone.sync` by default -- but override this if you need
+    // custom syncing semantics for *this* particular model.
+    sync: function() {
+      return Backbone.sync.apply(this, arguments);
+    },
+
+    // Get the value of an attribute.
+    get: function(attr) {
+      return this.attributes[attr];
+    },
+
+    // Get the HTML-escaped value of an attribute.
+    escape: function(attr) {
+      return _.escape(this.get(attr));
+    },
+
+    // Returns `true` if the attribute contains a value that is not null
+    // or undefined.
+    has: function(attr) {
+      return this.get(attr) != null;
+    },
+
+    // Special-cased proxy to underscore's `_.matches` method.
+    matches: function(attrs) {
+      return !!_.iteratee(attrs, this)(this.attributes);
+    },
+
+    // Set a hash of model attributes on the object, firing `"change"`. This is
+    // the core primitive operation of a model, updating the data and notifying
+    // anyone who needs to know about the change in state. The heart of the beast.
+    set: function(key, val, options) {
+      if (key == null) return this;
+
+      // Handle both `"key", value` and `{key: value}` -style arguments.
+      var attrs;
+      if (typeof key === 'object') {
+        attrs = key;
+        options = val;
+      } else {
+        (attrs = {})[key] = val;
+      }
+
+      options || (options = {});
+
+      // Run validation.
+      if (!this._validate(attrs, options)) return false;
+
+      // Extract attributes and options.
+      var unset      = options.unset;
+      var silent     = options.silent;
+      var changes    = [];
+      var changing   = this._changing;
+      this._changing = true;
+
+      if (!changing) {
+        this._previousAttributes = _.clone(this.attributes);
+        this.changed = {};
+      }
+
+      var current = this.attributes;
+      var changed = this.changed;
+      var prev    = this._previousAttributes;
+
+      // Check for changes of `id`.
+      if (this.idAttribute in attrs) this.id = attrs[this.idAttribute];
+
+      // For each `set` attribute, update or delete the current value.
+      for (var attr in attrs) {
+        val = attrs[attr];
+        if (!_.isEqual(current[attr], val)) changes.push(attr);
+        if (!_.isEqual(prev[attr], val)) {
+          changed[attr] = val;
+        } else {
+          delete changed[attr];
+        }
+        unset ? delete current[attr] : current[attr] = val;
+      }
+
+      // Trigger all relevant attribute changes.
+      if (!silent) {
+        if (changes.length) this._pending = options;
+        for (var i = 0; i < changes.length; i++) {
+          this.trigger('change:' + changes[i], this, current[changes[i]], options);
+        }
+      }
+
+      // You might be wondering why there's a `while` loop here. Changes can
+      // be recursively nested within `"change"` events.
+      if (changing) return this;
+      if (!silent) {
+        while (this._pending) {
+          options = this._pending;
+          this._pending = false;
+          this.trigger('change', this, options);
+        }
+      }
+      this._pending = false;
+      this._changing = false;
+      return this;
+    },
+
+    // Remove an attribute from the model, firing `"change"`. `unset` is a noop
+    // if the attribute doesn't exist.
+    unset: function(attr, options) {
+      return this.set(attr, void 0, _.extend({}, options, {unset: true}));
+    },
+
+    // Clear all attributes on the model, firing `"change"`.
+    clear: function(options) {
+      var attrs = {};
+      for (var key in this.attributes) attrs[key] = void 0;
+      return this.set(attrs, _.extend({}, options, {unset: true}));
+    },
+
+    // Determine if the model has changed since the last `"change"` event.
+    // If you specify an attribute name, determine if that attribute has changed.
+    hasChanged: function(attr) {
+      if (attr == null) return !_.isEmpty(this.changed);
+      return _.has(this.changed, attr);
+    },
+
+    // Return an object containing all the attributes that have changed, or
+    // false if there are no changed attributes. Useful for determining what
+    // parts of a view need to be updated and/or what attributes need to be
+    // persisted to the server. Unset attributes will be set to undefined.
+    // You can also pass an attributes object to diff against the model,
+    // determining if there *would be* a change.
+    changedAttributes: function(diff) {
+      if (!diff) return this.hasChanged() ? _.clone(this.changed) : false;
+      var old = this._changing ? this._previousAttributes : this.attributes;
+      var changed = {};
+      for (var attr in diff) {
+        var val = diff[attr];
+        if (_.isEqual(old[attr], val)) continue;
+        changed[attr] = val;
+      }
+      return _.size(changed) ? changed : false;
+    },
+
+    // Get the previous value of an attribute, recorded at the time the last
+    // `"change"` event was fired.
+    previous: function(attr) {
+      if (attr == null || !this._previousAttributes) return null;
+      return this._previousAttributes[attr];
+    },
+
+    // Get all of the attributes of the model at the time of the previous
+    // `"change"` event.
+    previousAttributes: function() {
+      return _.clone(this._previousAttributes);
+    },
+
+    // Fetch the model from the server, merging the response with the model's
+    // local attributes. Any changed attributes will trigger a "change" event.
+    fetch: function(options) {
+      options = _.extend({parse: true}, options);
+      var model = this;
+      var success = options.success;
+      options.success = function(resp) {
+        var serverAttrs = options.parse ? model.parse(resp, options) : resp;
+        if (!model.set(serverAttrs, options)) return false;
+        if (success) success.call(options.context, model, resp, options);
+        model.trigger('sync', model, resp, options);
+      };
+      wrapError(this, options);
+      return this.sync('read', this, options);
+    },
+
+    // Set a hash of model attributes, and sync the model to the server.
+    // If the server returns an attributes hash that differs, the model's
+    // state will be `set` again.
+    save: function(key, val, options) {
+      // Handle both `"key", value` and `{key: value}` -style arguments.
+      var attrs;
+      if (key == null || typeof key === 'object') {
+        attrs = key;
+        options = val;
+      } else {
+        (attrs = {})[key] = val;
+      }
+
+      options = _.extend({validate: true, parse: true}, options);
+      var wait = options.wait;
+
+      // If we're not waiting and attributes exist, save acts as
+      // `set(attr).save(null, opts)` with validation. Otherwise, check if
+      // the model will be valid when the attributes, if any, are set.
+      if (attrs && !wait) {
+        if (!this.set(attrs, options)) return false;
+      } else {
+        if (!this._validate(attrs, options)) return false;
+      }
+
+      // After a successful server-side save, the client is (optionally)
+      // updated with the server-side state.
+      var model = this;
+      var success = options.success;
+      var attributes = this.attributes;
+      options.success = function(resp) {
+        // Ensure attributes are restored during synchronous saves.
+        model.attributes = attributes;
+        var serverAttrs = options.parse ? model.parse(resp, options) : resp;
+        if (wait) serverAttrs = _.extend({}, attrs, serverAttrs);
+        if (serverAttrs && !model.set(serverAttrs, options)) return false;
+        if (success) success.call(options.context, model, resp, options);
+        model.trigger('sync', model, resp, options);
+      };
+      wrapError(this, options);
+
+      // Set temporary attributes if `{wait: true}` to properly find new ids.
+      if (attrs && wait) this.attributes = _.extend({}, attributes, attrs);
+
+      var method = this.isNew() ? 'create' : (options.patch ? 'patch' : 'update');
+      if (method === 'patch' && !options.attrs) options.attrs = attrs;
+      var xhr = this.sync(method, this, options);
+
+      // Restore attributes.
+      this.attributes = attributes;
+
+      return xhr;
+    },
+
+    // Destroy this model on the server if it was already persisted.
+    // Optimistically removes the model from its collection, if it has one.
+    // If `wait: true` is passed, waits for the server to respond before removal.
+    destroy: function(options) {
+      options = options ? _.clone(options) : {};
+      var model = this;
+      var success = options.success;
+      var wait = options.wait;
+
+      var destroy = function() {
+        model.stopListening();
+        model.trigger('destroy', model, model.collection, options);
+      };
+
+      options.success = function(resp) {
+        if (wait) destroy();
+        if (success) success.call(options.context, model, resp, options);
+        if (!model.isNew()) model.trigger('sync', model, resp, options);
+      };
+
+      var xhr = false;
+      if (this.isNew()) {
+        _.defer(options.success);
+      } else {
+        wrapError(this, options);
+        xhr = this.sync('delete', this, options);
+      }
+      if (!wait) destroy();
+      return xhr;
+    },
+
+    // Default URL for the model's representation on the server -- if you're
+    // using Backbone's restful methods, override this to change the endpoint
+    // that will be called.
+    url: function() {
+      var base =
+        _.result(this, 'urlRoot') ||
+        _.result(this.collection, 'url') ||
+        urlError();
+      if (this.isNew()) return base;
+      var id = this.get(this.idAttribute);
+      return base.replace(/[^\/]$/, '$&/') + encodeURIComponent(id);
+    },
+
+    // **parse** converts a response into the hash of attributes to be `set` on
+    // the model. The default implementation is just to pass the response along.
+    parse: function(resp, options) {
+      return resp;
+    },
+
+    // Create a new model with identical attributes to this one.
+    clone: function() {
+      return new this.constructor(this.attributes);
+    },
+
+    // A model is new if it has never been saved to the server, and lacks an id.
+    isNew: function() {
+      return !this.has(this.idAttribute);
+    },
+
+    // Check if the model is currently in a valid state.
+    isValid: function(options) {
+      return this._validate({}, _.defaults({validate: true}, options));
+    },
+
+    // Run validation against the next complete set of model attributes,
+    // returning `true` if all is well. Otherwise, fire an `"invalid"` event.
+    _validate: function(attrs, options) {
+      if (!options.validate || !this.validate) return true;
+      attrs = _.extend({}, this.attributes, attrs);
+      var error = this.validationError = this.validate(attrs, options) || null;
+      if (!error) return true;
+      this.trigger('invalid', this, error, _.extend(options, {validationError: error}));
+      return false;
+    }
+
+  });
+
+  // Underscore methods that we want to implement on the Model.
+  var modelMethods = { keys: 1, values: 1, pairs: 1, invert: 1, pick: 0,
+      omit: 0, chain: 1, isEmpty: 1 };
+
+  // Mix in each Underscore method as a proxy to `Model#attributes`.
+  addUnderscoreMethods(Model, modelMethods, 'attributes');
+
+  // Backbone.Collection
+  // -------------------
+
+  // If models tend to represent a single row of data, a Backbone Collection is
+  // more analogous to a table full of data ... or a small slice or page of that
+  // table, or a collection of rows that belong together for a particular reason
+  // -- all of the messages in this particular folder, all of the documents
+  // belonging to this particular author, and so on. Collections maintain
+  // indexes of their models, both in order, and for lookup by `id`.
+
+  // Create a new **Collection**, perhaps to contain a specific type of `model`.
+  // If a `comparator` is specified, the Collection will maintain
+  // its models in sort order, as they're added and removed.
+  var Collection = Backbone.Collection = function(models, options) {
+    options || (options = {});
+    if (options.model) this.model = options.model;
+    if (options.comparator !== void 0) this.comparator = options.comparator;
+    this._reset();
+    this.initialize.apply(this, arguments);
+    if (models) this.reset(models, _.extend({silent: true}, options));
+  };
+
+  // Default options for `Collection#set`.
+  var setOptions = {add: true, remove: true, merge: true};
+  var addOptions = {add: true, remove: false};
+
+  // Define the Collection's inheritable methods.
+  _.extend(Collection.prototype, Events, {
+
+    // The default model for a collection is just a **Backbone.Model**.
+    // This should be overridden in most cases.
+    model: Model,
+
+    // Initialize is an empty function by default. Override it with your own
+    // initialization logic.
+    initialize: function(){},
+
+    // The JSON representation of a Collection is an array of the
+    // models' attributes.
+    toJSON: function(options) {
+      return this.map(function(model) { return model.toJSON(options); });
+    },
+
+    // Proxy `Backbone.sync` by default.
+    sync: function() {
+      return Backbone.sync.apply(this, arguments);
+    },
+
+    // Add a model, or list of models to the set.
+    add: function(models, options) {
+      return this.set(models, _.extend({merge: false}, options, addOptions));
+    },
+
+    // Remove a model, or a list of models from the set.
+    remove: function(models, options) {
+      options = _.extend({}, options);
+      var singular = !_.isArray(models);
+      models = singular ? [models] : _.clone(models);
+      var removed = this._removeModels(models, options);
+      if (!options.silent && removed) this.trigger('update', this, options);
+      return singular ? removed[0] : removed;
+    },
+
+    // Update a collection by `set`-ing a new list of models, adding new ones,
+    // removing models that are no longer present, and merging models that
+    // already exist in the collection, as necessary. Similar to **Model#set**,
+    // the core operation for updating the data contained by the collection.
+    set: function(models, options) {
+      options = _.defaults({}, options, setOptions);
+      if (options.parse && !this._isModel(models)) models = this.parse(models, options);
+      var singular = !_.isArray(models);
+      models = singular ? (models ? [models] : []) : models.slice();
+      var id, model, attrs, existing, sort;
+      var at = options.at;
+      if (at != null) at = +at;
+      if (at < 0) at += this.length + 1;
+      var sortable = this.comparator && (at == null) && options.sort !== false;
+      var sortAttr = _.isString(this.comparator) ? this.comparator : null;
+      var toAdd = [], toRemove = [], modelMap = {};
+      var add = options.add, merge = options.merge, remove = options.remove;
+      var order = !sortable && add && remove ? [] : false;
+      var orderChanged = false;
+
+      // Turn bare objects into model references, and prevent invalid models
+      // from being added.
+      for (var i = 0; i < models.length; i++) {
+        attrs = models[i];
+
+        // If a duplicate is found, prevent it from being added and
+        // optionally merge it into the existing model.
+        if (existing = this.get(attrs)) {
+          if (remove) modelMap[existing.cid] = true;
+          if (merge && attrs !== existing) {
+            attrs = this._isModel(attrs) ? attrs.attributes : attrs;
+            if (options.parse) attrs = existing.parse(attrs, options);
+            existing.set(attrs, options);
+            if (sortable && !sort && existing.hasChanged(sortAttr)) sort = true;
+          }
+          models[i] = existing;
+
+        // If this is a new, valid model, push it to the `toAdd` list.
+        } else if (add) {
+          model = models[i] = this._prepareModel(attrs, options);
+          if (!model) continue;
+          toAdd.push(model);
+          this._addReference(model, options);
+        }
+
+        // Do not add multiple models with the same `id`.
+        model = existing || model;
+        if (!model) continue;
+        id = this.modelId(model.attributes);
+        if (order && (model.isNew() || !modelMap[id])) {
+          order.push(model);
+
+          // Check to see if this is actually a new model at this index.
+          orderChanged = orderChanged || !this.models[i] || model.cid !== this.models[i].cid;
+        }
+
+        modelMap[id] = true;
+      }
+
+      // Remove nonexistent models if appropriate.
+      if (remove) {
+        for (var i = 0; i < this.length; i++) {
+          if (!modelMap[(model = this.models[i]).cid]) toRemove.push(model);
+        }
+        if (toRemove.length) this._removeModels(toRemove, options);
+      }
+
+      // See if sorting is needed, update `length` and splice in new models.
+      if (toAdd.length || orderChanged) {
+        if (sortable) sort = true;
+        this.length += toAdd.length;
+        if (at != null) {
+          for (var i = 0; i < toAdd.length; i++) {
+            this.models.splice(at + i, 0, toAdd[i]);
+          }
+        } else {
+          if (order) this.models.length = 0;
+          var orderedModels = order || toAdd;
+          for (var i = 0; i < orderedModels.length; i++) {
+            this.models.push(orderedModels[i]);
+          }
+        }
+      }
+
+      // Silently sort the collection if appropriate.
+      if (sort) this.sort({silent: true});
+
+      // Unless silenced, it's time to fire all appropriate add/sort events.
+      if (!options.silent) {
+        var addOpts = at != null ? _.clone(options) : options;
+        for (var i = 0; i < toAdd.length; i++) {
+          if (at != null) addOpts.index = at + i;
+          (model = toAdd[i]).trigger('add', model, this, addOpts);
+        }
+        if (sort || orderChanged) this.trigger('sort', this, options);
+        if (toAdd.length || toRemove.length) this.trigger('update', this, options);
+      }
+
+      // Return the added (or merged) model (or models).
+      return singular ? models[0] : models;
+    },
+
+    // When you have more items than you want to add or remove individually,
+    // you can reset the entire set with a new list of models, without firing
+    // any granular `add` or `remove` events. Fires `reset` when finished.
+    // Useful for bulk operations and optimizations.
+    reset: function(models, options) {
+      options = options ? _.clone(options) : {};
+      for (var i = 0; i < this.models.length; i++) {
+        this._removeReference(this.models[i], options);
+      }
+      options.previousModels = this.models;
+      this._reset();
+      models = this.add(models, _.extend({silent: true}, options));
+      if (!options.silent) this.trigger('reset', this, options);
+      return models;
+    },
+
+    // Add a model to the end of the collection.
+    push: function(model, options) {
+      return this.add(model, _.extend({at: this.length}, options));
+    },
+
+    // Remove a model from the end of the collection.
+    pop: function(options) {
+      var model = this.at(this.length - 1);
+      return this.remove(model, options);
+    },
+
+    // Add a model to the beginning of the collection.
+    unshift: function(model, options) {
+      return this.add(model, _.extend({at: 0}, options));
+    },
+
+    // Remove a model from the beginning of the collection.
+    shift: function(options) {
+      var model = this.at(0);
+      return this.remove(model, options);
+    },
+
+    // Slice out a sub-array of models from the collection.
+    slice: function() {
+      return slice.apply(this.models, arguments);
+    },
+
+    // Get a model from the set by id.
+    get: function(obj) {
+      if (obj == null) return void 0;
+      var id = this.modelId(this._isModel(obj) ? obj.attributes : obj);
+      return this._byId[obj] || this._byId[id] || this._byId[obj.cid];
+    },
+
+    // Get the model at the given index.
+    at: function(index) {
+      if (index < 0) index += this.length;
+      return this.models[index];
+    },
+
+    // Return models with matching attributes. Useful for simple cases of
+    // `filter`.
+    where: function(attrs, first) {
+      var matches = _.matches(attrs);
+      return this[first ? 'find' : 'filter'](function(model) {
+        return matches(model.attributes);
+      });
+    },
+
+    // Return the first model with matching attributes. Useful for simple cases
+    // of `find`.
+    findWhere: function(attrs) {
+      return this.where(attrs, true);
+    },
+
+    // Force the collection to re-sort itself. You don't need to call this under
+    // normal circumstances, as the set will maintain sort order as each item
+    // is added.
+    sort: function(options) {
+      if (!this.comparator) throw new Error('Cannot sort a set without a comparator');
+      options || (options = {});
+
+      // Run sort based on type of `comparator`.
+      if (_.isString(this.comparator) || this.comparator.length === 1) {
+        this.models = this.sortBy(this.comparator, this);
+      } else {
+        this.models.sort(_.bind(this.comparator, this));
+      }
+
+      if (!options.silent) this.trigger('sort', this, options);
+      return this;
+    },
+
+    // Pluck an attribute from each model in the collection.
+    pluck: function(attr) {
+      return _.invoke(this.models, 'get', attr);
+    },
+
+    // Fetch the default set of models for this collection, resetting the
+    // collection when they arrive. If `reset: true` is passed, the response
+    // data will be passed through the `reset` method instead of `set`.
+    fetch: function(options) {
+      options = _.extend({parse: true}, options);
+      var success = options.success;
+      var collection = this;
+      options.success = function(resp) {
+        var method = options.reset ? 'reset' : 'set';
+        collection[method](resp, options);
+        if (success) success.call(options.context, collection, resp, options);
+        collection.trigger('sync', collection, resp, options);
+      };
+      wrapError(this, options);
+      return this.sync('read', this, options);
+    },
+
+    // Create a new instance of a model in this collection. Add the model to the
+    // collection immediately, unless `wait: true` is passed, in which case we
+    // wait for the server to agree.
+    create: function(model, options) {
+      options = options ? _.clone(options) : {};
+      var wait = options.wait;
+      model = this._prepareModel(model, options);
+      if (!model) return false;
+      if (!wait) this.add(model, options);
+      var collection = this;
+      var success = options.success;
+      options.success = function(model, resp, callbackOpts) {
+        if (wait) collection.add(model, callbackOpts);
+        if (success) success.call(callbackOpts.context, model, resp, callbackOpts);
+      };
+      model.save(null, options);
+      return model;
+    },
+
+    // **parse** converts a response into a list of models to be added to the
+    // collection. The default implementation is just to pass it through.
+    parse: function(resp, options) {
+      return resp;
+    },
+
+    // Create a new collection with an identical list of models as this one.
+    clone: function() {
+      return new this.constructor(this.models, {
+        model: this.model,
+        comparator: this.comparator
+      });
+    },
+
+    // Define how to uniquely identify models in the collection.
+    modelId: function (attrs) {
+      return attrs[this.model.prototype.idAttribute || 'id'];
+    },
+
+    // Private method to reset all internal state. Called when the collection
+    // is first initialized or reset.
+    _reset: function() {
+      this.length = 0;
+      this.models = [];
+      this._byId  = {};
+    },
+
+    // Prepare a hash of attributes (or other model) to be added to this
+    // collection.
+    _prepareModel: function(attrs, options) {
+      if (this._isModel(attrs)) {
+        if (!attrs.collection) attrs.collection = this;
+        return attrs;
+      }
+      options = options ? _.clone(options) : {};
+      options.collection = this;
+      var model = new this.model(attrs, options);
+      if (!model.validationError) return model;
+      this.trigger('invalid', this, model.validationError, options);
+      return false;
+    },
+
+    // Internal method called by both remove and set.
+    // Returns removed models, or false if nothing is removed.
+    _removeModels: function(models, options) {
+      var removed = [];
+      for (var i = 0; i < models.length; i++) {
+        var model = this.get(models[i]);
+        if (!model) continue;
+
+        var index = this.indexOf(model);
+        this.models.splice(index, 1);
+        this.length--;
+
+        if (!options.silent) {
+          options.index = index;
+          model.trigger('remove', model, this, options);
+        }
+
+        removed.push(model);
+        this._removeReference(model, options);
+      }
+      return removed.length ? removed : false;
+    },
+
+    // Method for checking whether an object should be considered a model for
+    // the purposes of adding to the collection.
+    _isModel: function (model) {
+      return model instanceof Model;
+    },
+
+    // Internal method to create a model's ties to a collection.
+    _addReference: function(model, options) {
+      this._byId[model.cid] = model;
+      var id = this.modelId(model.attributes);
+      if (id != null) this._byId[id] = model;
+      model.on('all', this._onModelEvent, this);
+    },
+
+    // Internal method to sever a model's ties to a collection.
+    _removeReference: function(model, options) {
+      delete this._byId[model.cid];
+      var id = this.modelId(model.attributes);
+      if (id != null) delete this._byId[id];
+      if (this === model.collection) delete model.collection;
+      model.off('all', this._onModelEvent, this);
+    },
+
+    // Internal method called every time a model in the set fires an event.
+    // Sets need to update their indexes when models change ids. All other
+    // events simply proxy through. "add" and "remove" events that originate
+    // in other collections are ignored.
+    _onModelEvent: function(event, model, collection, options) {
+      if ((event === 'add' || event === 'remove') && collection !== this) return;
+      if (event === 'destroy') this.remove(model, options);
+      if (event === 'change') {
+        var prevId = this.modelId(model.previousAttributes());
+        var id = this.modelId(model.attributes);
+        if (prevId !== id) {
+          if (prevId != null) delete this._byId[prevId];
+          if (id != null) this._byId[id] = model;
+        }
+      }
+      this.trigger.apply(this, arguments);
+    }
+
+  });
+
+  // Underscore methods that we want to implement on the Collection.
+  // 90% of the core usefulness of Backbone Collections is actually implemented
+  // right here:
+  var collectionMethods = { forEach: 3, each: 3, map: 3, collect: 3, reduce: 4,
+      foldl: 4, inject: 4, reduceRight: 4, foldr: 4, find: 3, detect: 3, filter: 3,
+      select: 3, reject: 3, every: 3, all: 3, some: 3, any: 3, include: 2,
+      contains: 2, invoke: 0, max: 3, min: 3, toArray: 1, size: 1, first: 3,
+      head: 3, take: 3, initial: 3, rest: 3, tail: 3, drop: 3, last: 3,
+      without: 0, difference: 0, indexOf: 3, shuffle: 1, lastIndexOf: 3,
+      isEmpty: 1, chain: 1, sample: 3, partition: 3 };
+
+  // Mix in each Underscore method as a proxy to `Collection#models`.
+  addUnderscoreMethods(Collection, collectionMethods, 'models');
+
+  // Underscore methods that take a property name as an argument.
+  var attributeMethods = ['groupBy', 'countBy', 'sortBy', 'indexBy'];
+
+  // Use attributes instead of properties.
+  _.each(attributeMethods, function(method) {
+    if (!_[method]) return;
+    Collection.prototype[method] = function(value, context) {
+      var iterator = _.isFunction(value) ? value : function(model) {
+        return model.get(value);
+      };
+      return _[method](this.models, iterator, context);
+    };
+  });
+
+  // Backbone.View
+  // -------------
+
+  // Backbone Views are almost more convention than they are actual code. A View
+  // is simply a JavaScript object that represents a logical chunk of UI in the
+  // DOM. This might be a single item, an entire list, a sidebar or panel, or
+  // even the surrounding frame which wraps your whole app. Defining a chunk of
+  // UI as a **View** allows you to define your DOM events declaratively, without
+  // having to worry about render order ... and makes it easy for the view to
+  // react to specific changes in the state of your models.
+
+  // Creating a Backbone.View creates its initial element outside of the DOM,
+  // if an existing element is not provided...
+  var View = Backbone.View = function(options) {
+    this.cid = _.uniqueId('view');
+    _.extend(this, _.pick(options, viewOptions));
+    this._ensureElement();
+    this.initialize.apply(this, arguments);
+  };
+
+  // Cached regex to split keys for `delegate`.
+  var delegateEventSplitter = /^(\S+)\s*(.*)$/;
+
+  // List of view options to be merged as properties.
+  var viewOptions = ['model', 'collection', 'el', 'id', 'attributes', 'className', 'tagName', 'events'];
+
+  // Set up all inheritable **Backbone.View** properties and methods.
+  _.extend(View.prototype, Events, {
+
+    // The default `tagName` of a View's element is `"div"`.
+    tagName: 'div',
+
+    // jQuery delegate for element lookup, scoped to DOM elements within the
+    // current view. This should be preferred to global lookups where possible.
+    $: function(selector) {
+      return this.$el.find(selector);
+    },
+
+    // Initialize is an empty function by default. Override it with your own
+    // initialization logic.
+    initialize: function(){},
+
+    // **render** is the core function that your view should override, in order
+    // to populate its element (`this.el`), with the appropriate HTML. The
+    // convention is for **render** to always return `this`.
+    render: function() {
+      return this;
+    },
+
+    // Remove this view by taking the element out of the DOM, and removing any
+    // applicable Backbone.Events listeners.
+    remove: function() {
+      this._removeElement();
+      this.stopListening();
+      return this;
+    },
+
+    // Remove this view's element from the document and all event listeners
+    // attached to it. Exposed for subclasses using an alternative DOM
+    // manipulation API.
+    _removeElement: function() {
+      this.$el.remove();
+    },
+
+    // Change the view's element (`this.el` property) and re-delegate the
+    // view's events on the new element.
+    setElement: function(element) {
+      this.undelegateEvents();
+      this._setElement(element);
+      this.delegateEvents();
+      return this;
+    },
+
+    // Creates the `this.el` and `this.$el` references for this view using the
+    // given `el`. `el` can be a CSS selector or an HTML string, a jQuery
+    // context or an element. Subclasses can override this to utilize an
+    // alternative DOM manipulation API and are only required to set the
+    // `this.el` property.
+    _setElement: function(el) {
+      this.$el = el instanceof Backbone.$ ? el : Backbone.$(el);
+      this.el = this.$el[0];
+    },
+
+    // Set callbacks, where `this.events` is a hash of
+    //
+    // *{"event selector": "callback"}*
+    //
+    //     {
+    //       'mousedown .title':  'edit',
+    //       'click .button':     'save',
+    //       'click .open':       function(e) { ... }
+    //     }
+    //
+    // pairs. Callbacks will be bound to the view, with `this` set properly.
+    // Uses event delegation for efficiency.
+    // Omitting the selector binds the event to `this.el`.
+    delegateEvents: function(events) {
+      events || (events = _.result(this, 'events'));
+      if (!events) return this;
+      this.undelegateEvents();
+      for (var key in events) {
+        var method = events[key];
+        if (!_.isFunction(method)) method = this[method];
+        if (!method) continue;
+        var match = key.match(delegateEventSplitter);
+        this.delegate(match[1], match[2], _.bind(method, this));
+      }
+      return this;
+    },
+
+    // Add a single event listener to the view's element (or a child element
+    // using `selector`). This only works for delegate-able events: not `focus`,
+    // `blur`, and not `change`, `submit`, and `reset` in Internet Explorer.
+    delegate: function(eventName, selector, listener) {
+      this.$el.on(eventName + '.delegateEvents' + this.cid, selector, listener);
+      return this;
+    },
+
+    // Clears all callbacks previously bound to the view by `delegateEvents`.
+    // You usually don't need to use this, but may wish to if you have multiple
+    // Backbone views attached to the same DOM element.
+    undelegateEvents: function() {
+      if (this.$el) this.$el.off('.delegateEvents' + this.cid);
+      return this;
+    },
+
+    // A finer-grained `undelegateEvents` for removing a single delegated event.
+    // `selector` and `listener` are both optional.
+    undelegate: function(eventName, selector, listener) {
+      this.$el.off(eventName + '.delegateEvents' + this.cid, selector, listener);
+      return this;
+    },
+
+    // Produces a DOM element to be assigned to your view. Exposed for
+    // subclasses using an alternative DOM manipulation API.
+    _createElement: function(tagName) {
+      return document.createElement(tagName);
+    },
+
+    // Ensure that the View has a DOM element to render into.
+    // If `this.el` is a string, pass it through `$()`, take the first
+    // matching element, and re-assign it to `el`. Otherwise, create
+    // an element from the `id`, `className` and `tagName` properties.
+    _ensureElement: function() {
+      if (!this.el) {
+        var attrs = _.extend({}, _.result(this, 'attributes'));
+        if (this.id) attrs.id = _.result(this, 'id');
+        if (this.className) attrs['class'] = _.result(this, 'className');
+        this.setElement(this._createElement(_.result(this, 'tagName')));
+        this._setAttributes(attrs);
+      } else {
+        this.setElement(_.result(this, 'el'));
+      }
+    },
+
+    // Set attributes from a hash on this view's element.  Exposed for
+    // subclasses using an alternative DOM manipulation API.
+    _setAttributes: function(attributes) {
+      this.$el.attr(attributes);
+    }
+
+  });
+
+  // Backbone.sync
+  // -------------
+
+  // Override this function to change the manner in which Backbone persists
+  // models to the server. You will be passed the type of request, and the
+  // model in question. By default, makes a RESTful Ajax request
+  // to the model's `url()`. Some possible customizations could be:
+  //
+  // * Use `setTimeout` to batch rapid-fire updates into a single request.
+  // * Send up the models as XML instead of JSON.
+  // * Persist models via WebSockets instead of Ajax.
+  //
+  // Turn on `Backbone.emulateHTTP` in order to send `PUT` and `DELETE` requests
+  // as `POST`, with a `_method` parameter containing the true HTTP method,
+  // as well as all requests with the body as `application/x-www-form-urlencoded`
+  // instead of `application/json` with the model in a param named `model`.
+  // Useful when interfacing with server-side languages like **PHP** that make
+  // it difficult to read the body of `PUT` requests.
+  Backbone.sync = function(method, model, options) {
+    var type = methodMap[method];
+
+    // Default options, unless specified.
+    _.defaults(options || (options = {}), {
+      emulateHTTP: Backbone.emulateHTTP,
+      emulateJSON: Backbone.emulateJSON
+    });
+
+    // Default JSON-request options.
+    var params = {type: type, dataType: 'json'};
+
+    // Ensure that we have a URL.
+    if (!options.url) {
+      params.url = _.result(model, 'url') || urlError();
+    }
+
+    // Ensure that we have the appropriate request data.
+    if (options.data == null && model && (method === 'create' || method === 'update' || method === 'patch')) {
+      params.contentType = 'application/json';
+      params.data = JSON.stringify(options.attrs || model.toJSON(options));
+    }
+
+    // For older servers, emulate JSON by encoding the request into an HTML-form.
+    if (options.emulateJSON) {
+      params.contentType = 'application/x-www-form-urlencoded';
+      params.data = params.data ? {model: params.data} : {};
+    }
+
+    // For older servers, emulate HTTP by mimicking the HTTP method with `_method`
+    // And an `X-HTTP-Method-Override` header.
+    if (options.emulateHTTP && (type === 'PUT' || type === 'DELETE' || type === 'PATCH')) {
+      params.type = 'POST';
+      if (options.emulateJSON) params.data._method = type;
+      var beforeSend = options.beforeSend;
+      options.beforeSend = function(xhr) {
+        xhr.setRequestHeader('X-HTTP-Method-Override', type);
+        if (beforeSend) return beforeSend.apply(this, arguments);
+      };
+    }
+
+    // Don't process data on a non-GET request.
+    if (params.type !== 'GET' && !options.emulateJSON) {
+      params.processData = false;
+    }
+
+    // Pass along `textStatus` and `errorThrown` from jQuery.
+    var error = options.error;
+    options.error = function(xhr, textStatus, errorThrown) {
+      options.textStatus = textStatus;
+      options.errorThrown = errorThrown;
+      if (error) error.call(options.context, xhr, textStatus, errorThrown);
+    };
+
+    // Make the request, allowing the user to override any Ajax options.
+    var xhr = options.xhr = Backbone.ajax(_.extend(params, options));
+    model.trigger('request', model, xhr, options);
+    return xhr;
+  };
+
+  // Map from CRUD to HTTP for our default `Backbone.sync` implementation.
+  var methodMap = {
+    'create': 'POST',
+    'update': 'PUT',
+    'patch':  'PATCH',
+    'delete': 'DELETE',
+    'read':   'GET'
+  };
+
+  // Set the default implementation of `Backbone.ajax` to proxy through to `$`.
+  // Override this if you'd like to use a different library.
+  Backbone.ajax = function() {
+    return Backbone.$.ajax.apply(Backbone.$, arguments);
+  };
+
+  // Backbone.Router
+  // ---------------
+
+  // Routers map faux-URLs to actions, and fire events when routes are
+  // matched. Creating a new one sets its `routes` hash, if not set statically.
+  var Router = Backbone.Router = function(options) {
+    options || (options = {});
+    if (options.routes) this.routes = options.routes;
+    this._bindRoutes();
+    this.initialize.apply(this, arguments);
+  };
+
+  // Cached regular expressions for matching named param parts and splatted
+  // parts of route strings.
+  var optionalParam = /\((.*?)\)/g;
+  var namedParam    = /(\(\?)?:\w+/g;
+  var splatParam    = /\*\w+/g;
+  var escapeRegExp  = /[\-{}\[\]+?.,\\\^$|#\s]/g;
+
+  // Set up all inheritable **Backbone.Router** properties and methods.
+  _.extend(Router.prototype, Events, {
+
+    // Initialize is an empty function by default. Override it with your own
+    // initialization logic.
+    initialize: function(){},
+
+    // Manually bind a single named route to a callback. For example:
+    //
+    //     this.route('search/:query/p:num', 'search', function(query, num) {
+    //       ...
+    //     });
+    //
+    route: function(route, name, callback) {
+      if (!_.isRegExp(route)) route = this._routeToRegExp(route);
+      if (_.isFunction(name)) {
+        callback = name;
+        name = '';
+      }
+      if (!callback) callback = this[name];
+      var router = this;
+      Backbone.history.route(route, function(fragment) {
+        var args = router._extractParameters(route, fragment);
+        if (router.execute(callback, args, name) !== false) {
+          router.trigger.apply(router, ['route:' + name].concat(args));
+          router.trigger('route', name, args);
+          Backbone.history.trigger('route', router, name, args);
+        }
+      });
+      return this;
+    },
+
+    // Execute a route handler with the provided parameters.  This is an
+    // excellent place to do pre-route setup or post-route cleanup.
+    execute: function(callback, args, name) {
+      if (callback) callback.apply(this, args);
+    },
+
+    // Simple proxy to `Backbone.history` to save a fragment into the history.
+    navigate: function(fragment, options) {
+      Backbone.history.navigate(fragment, options);
+      return this;
+    },
+
+    // Bind all defined routes to `Backbone.history`. We have to reverse the
+    // order of the routes here to support behavior where the most general
+    // routes can be defined at the bottom of the route map.
+    _bindRoutes: function() {
+      if (!this.routes) return;
+      this.routes = _.result(this, 'routes');
+      var route, routes = _.keys(this.routes);
+      while ((route = routes.pop()) != null) {
+        this.route(route, this.routes[route]);
+      }
+    },
+
+    // Convert a route string into a regular expression, suitable for matching
+    // against the current location hash.
+    _routeToRegExp: function(route) {
+      route = route.replace(escapeRegExp, '\\$&')
+                   .replace(optionalParam, '(?:$1)?')
+                   .replace(namedParam, function(match, optional) {
+                     return optional ? match : '([^/?]+)';
+                   })
+                   .replace(splatParam, '([^?]*?)');
+      return new RegExp('^' + route + '(?:\\?([\\s\\S]*))?$');
+    },
+
+    // Given a route, and a URL fragment that it matches, return the array of
+    // extracted decoded parameters. Empty or unmatched parameters will be
+    // treated as `null` to normalize cross-browser behavior.
+    _extractParameters: function(route, fragment) {
+      var params = route.exec(fragment).slice(1);
+      return _.map(params, function(param, i) {
+        // Don't decode the search params.
+        if (i === params.length - 1) return param || null;
+        return param ? decodeURIComponent(param) : null;
+      });
+    }
+
+  });
+
+  // Backbone.History
+  // ----------------
+
+  // Handles cross-browser history management, based on either
+  // [pushState](http://diveintohtml5.info/history.html) and real URLs, or
+  // [onhashchange](https://developer.mozilla.org/en-US/docs/DOM/window.onhashchange)
+  // and URL fragments. If the browser supports neither (old IE, natch),
+  // falls back to polling.
+  var History = Backbone.History = function() {
+    this.handlers = [];
+    _.bindAll(this, 'checkUrl');
+
+    // Ensure that `History` can be used outside of the browser.
+    if (typeof window !== 'undefined') {
+      this.location = window.location;
+      this.history = window.history;
+    }
+  };
+
+  // Cached regex for stripping a leading hash/slash and trailing space.
+  var routeStripper = /^[#\/]|\s+$/g;
+
+  // Cached regex for stripping leading and trailing slashes.
+  var rootStripper = /^\/+|\/+$/g;
+
+  // Cached regex for stripping urls of hash.
+  var pathStripper = /#.*$/;
+
+  // Has the history handling already been started?
+  History.started = false;
+
+  // Set up all inheritable **Backbone.History** properties and methods.
+  _.extend(History.prototype, Events, {
+
+    // The default interval to poll for hash changes, if necessary, is
+    // twenty times a second.
+    interval: 50,
+
+    // Are we at the app root?
+    atRoot: function() {
+      var path = this.location.pathname.replace(/[^\/]$/, '$&/');
+      return path === this.root && !this.getSearch();
+    },
+
+    // Does the pathname match the root?
+    matchRoot: function() {
+      var path = this.decodeFragment(this.location.pathname);
+      var root = path.slice(0, this.root.length - 1) + '/';
+      return root === this.root;
+    },
+
+    // Unicode characters in `location.pathname` are percent encoded so they're
+    // decoded for comparison. `%25` should not be decoded since it may be part
+    // of an encoded parameter.
+    decodeFragment: function(fragment) {
+      return decodeURI(fragment.replace(/%25/g, '%2525'));
+    },
+
+    // In IE6, the hash fragment and search params are incorrect if the
+    // fragment contains `?`.
+    getSearch: function() {
+      var match = this.location.href.replace(/#.*/, '').match(/\?.+/);
+      return match ? match[0] : '';
+    },
+
+    // Gets the true hash value. Cannot use location.hash directly due to bug
+    // in Firefox where location.hash will always be decoded.
+    getHash: function(window) {
+      var match = (window || this).location.href.match(/#(.*)$/);
+      return match ? match[1] : '';
+    },
+
+    // Get the pathname and search params, without the root.
+    getPath: function() {
+      var path = this.decodeFragment(
+        this.location.pathname + this.getSearch()
+      ).slice(this.root.length - 1);
+      return path.charAt(0) === '/' ? path.slice(1) : path;
+    },
+
+    // Get the cross-browser normalized URL fragment from the path or hash.
+    getFragment: function(fragment) {
+      if (fragment == null) {
+        if (this._usePushState || !this._wantsHashChange) {
+          fragment = this.getPath();
+        } else {
+          fragment = this.getHash();
+        }
+      }
+      return fragment.replace(routeStripper, '');
+    },
+
+    // Start the hash change handling, returning `true` if the current URL matches
+    // an existing route, and `false` otherwise.
+    start: function(options) {
+      if (History.started) throw new Error('Backbone.history has already been started');
+      History.started = true;
+
+      // Figure out the initial configuration. Do we need an iframe?
+      // Is pushState desired ... is it available?
+      this.options          = _.extend({root: '/'}, this.options, options);
+      this.root             = this.options.root;
+      this._wantsHashChange = this.options.hashChange !== false;
+      this._hasHashChange   = 'onhashchange' in window;
+      this._useHashChange   = this._wantsHashChange && this._hasHashChange;
+      this._wantsPushState  = !!this.options.pushState;
+      this._hasPushState    = !!(this.history && this.history.pushState);
+      this._usePushState    = this._wantsPushState && this._hasPushState;
+      this.fragment         = this.getFragment();
+
+      // Normalize root to always include a leading and trailing slash.
+      this.root = ('/' + this.root + '/').replace(rootStripper, '/');
+
+      // Transition from hashChange to pushState or vice versa if both are
+      // requested.
+      if (this._wantsHashChange && this._wantsPushState) {
+
+        // If we've started off with a route from a `pushState`-enabled
+        // browser, but we're currently in a browser that doesn't support it...
+        if (!this._hasPushState && !this.atRoot()) {
+          var root = this.root.slice(0, -1) || '/';
+          this.location.replace(root + '#' + this.getPath());
+          // Return immediately as browser will do redirect to new url
+          return true;
+
+        // Or if we've started out with a hash-based route, but we're currently
+        // in a browser where it could be `pushState`-based instead...
+        } else if (this._hasPushState && this.atRoot()) {
+          this.navigate(this.getHash(), {replace: true});
+        }
+
+      }
+
+      // Proxy an iframe to handle location events if the browser doesn't
+      // support the `hashchange` event, HTML5 history, or the user wants
+      // `hashChange` but not `pushState`.
+      if (!this._hasHashChange && this._wantsHashChange && !this._usePushState) {
+        this.iframe = document.createElement('iframe');
+        this.iframe.src = 'javascript:0';
+        this.iframe.style.display = 'none';
+        this.iframe.tabIndex = -1;
+        var body = document.body;
+        // Using `appendChild` will throw on IE < 9 if the document is not ready.
+        var iWindow = body.insertBefore(this.iframe, body.firstChild).contentWindow;
+        iWindow.document.open();
+        iWindow.document.close();
+        iWindow.location.hash = '#' + this.fragment;
+      }
+
+      // Add a cross-platform `addEventListener` shim for older browsers.
+      var addEventListener = window.addEventListener || function (eventName, listener) {
+        return attachEvent('on' + eventName, listener);
+      };
+
+      // Depending on whether we're using pushState or hashes, and whether
+      // 'onhashchange' is supported, determine how we check the URL state.
+      if (this._usePushState) {
+        addEventListener('popstate', this.checkUrl, false);
+      } else if (this._useHashChange && !this.iframe) {
+        addEventListener('hashchange', this.checkUrl, false);
+      } else if (this._wantsHashChange) {
+        this._checkUrlInterval = setInterval(this.checkUrl, this.interval);
+      }
+
+      if (!this.options.silent) return this.loadUrl();
+    },
+
+    // Disable Backbone.history, perhaps temporarily. Not useful in a real app,
+    // but possibly useful for unit testing Routers.
+    stop: function() {
+      // Add a cross-platform `removeEventListener` shim for older browsers.
+      var removeEventListener = window.removeEventListener || function (eventName, listener) {
+        return detachEvent('on' + eventName, listener);
+      };
+
+      // Remove window listeners.
+      if (this._usePushState) {
+        removeEventListener('popstate', this.checkUrl, false);
+      } else if (this._useHashChange && !this.iframe) {
+        removeEventListener('hashchange', this.checkUrl, false);
+      }
+
+      // Clean up the iframe if necessary.
+      if (this.iframe) {
+        document.body.removeChild(this.iframe);
+        this.iframe = null;
+      }
+
+      // Some environments will throw when clearing an undefined interval.
+      if (this._checkUrlInterval) clearInterval(this._checkUrlInterval);
+      History.started = false;
+    },
+
+    // Add a route to be tested when the fragment changes. Routes added later
+    // may override previous routes.
+    route: function(route, callback) {
+      this.handlers.unshift({route: route, callback: callback});
+    },
+
+    // Checks the current URL to see if it has changed, and if it has,
+    // calls `loadUrl`, normalizing across the hidden iframe.
+    checkUrl: function(e) {
+      var current = this.getFragment();
+
+      // If the user pressed the back button, the iframe's hash will have
+      // changed and we should use that for comparison.
+      if (current === this.fragment && this.iframe) {
+        current = this.getHash(this.iframe.contentWindow);
+      }
+
+      if (current === this.fragment) return false;
+      if (this.iframe) this.navigate(current);
+      this.loadUrl();
+    },
+
+    // Attempt to load the current URL fragment. If a route succeeds with a
+    // match, returns `true`. If no defined routes matches the fragment,
+    // returns `false`.
+    loadUrl: function(fragment) {
+      // If the root doesn't match, no routes can match either.
+      if (!this.matchRoot()) return false;
+      fragment = this.fragment = this.getFragment(fragment);
+      return _.any(this.handlers, function(handler) {
+        if (handler.route.test(fragment)) {
+          handler.callback(fragment);
+          return true;
+        }
+      });
+    },
+
+    // Save a fragment into the hash history, or replace the URL state if the
+    // 'replace' option is passed. You are responsible for properly URL-encoding
+    // the fragment in advance.
+    //
+    // The options object can contain `trigger: true` if you wish to have the
+    // route callback be fired (not usually desirable), or `replace: true`, if
+    // you wish to modify the current URL without adding an entry to the history.
+    navigate: function(fragment, options) {
+      if (!History.started) return false;
+      if (!options || options === true) options = {trigger: !!options};
+
+      // Normalize the fragment.
+      fragment = this.getFragment(fragment || '');
+
+      // Don't include a trailing slash on the root.
+      var root = this.root;
+      if (fragment === '' || fragment.charAt(0) === '?') {
+        root = root.slice(0, -1) || '/';
+      }
+      var url = root + fragment;
+
+      // Strip the hash and decode for matching.
+      fragment = this.decodeFragment(fragment.replace(pathStripper, ''));
+
+      if (this.fragment === fragment) return;
+      this.fragment = fragment;
+
+      // If pushState is available, we use it to set the fragment as a real URL.
+      if (this._usePushState) {
+        this.history[options.replace ? 'replaceState' : 'pushState']({}, document.title, url);
+
+      // If hash changes haven't been explicitly disabled, update the hash
+      // fragment to store history.
+      } else if (this._wantsHashChange) {
+        this._updateHash(this.location, fragment, options.replace);
+        if (this.iframe && (fragment !== this.getHash(this.iframe.contentWindow))) {
+          var iWindow = this.iframe.contentWindow;
+
+          // Opening and closing the iframe tricks IE7 and earlier to push a
+          // history entry on hash-tag change.  When replace is true, we don't
+          // want this.
+          if (!options.replace) {
+            iWindow.document.open();
+            iWindow.document.close();
+          }
+
+          this._updateHash(iWindow.location, fragment, options.replace);
+        }
+
+      // If you've told us that you explicitly don't want fallback hashchange-
+      // based history, then `navigate` becomes a page refresh.
+      } else {
+        return this.location.assign(url);
+      }
+      if (options.trigger) return this.loadUrl(fragment);
+    },
+
+    // Update the hash location, either replacing the current entry, or adding
+    // a new one to the browser history.
+    _updateHash: function(location, fragment, replace) {
+      if (replace) {
+        var href = location.href.replace(/(javascript:|#).*$/, '');
+        location.replace(href + '#' + fragment);
+      } else {
+        // Some browsers require that `hash` contains a leading #.
+        location.hash = '#' + fragment;
+      }
+    }
+
+  });
+
+  // Create the default Backbone.history.
+  Backbone.history = new History;
+
+  // Helpers
+  // -------
+
+  // Helper function to correctly set up the prototype chain for subclasses.
+  // Similar to `goog.inherits`, but uses a hash of prototype properties and
+  // class properties to be extended.
+  var extend = function(protoProps, staticProps) {
+    var parent = this;
+    var child;
+
+    // The constructor function for the new subclass is either defined by you
+    // (the "constructor" property in your `extend` definition), or defaulted
+    // by us to simply call the parent constructor.
+    if (protoProps && _.has(protoProps, 'constructor')) {
+      child = protoProps.constructor;
+    } else {
+      child = function(){ return parent.apply(this, arguments); };
+    }
+
+    // Add static properties to the constructor function, if supplied.
+    _.extend(child, parent, staticProps);
+
+    // Set the prototype chain to inherit from `parent`, without calling
+    // `parent` constructor function.
+    var Surrogate = function(){ this.constructor = child; };
+    Surrogate.prototype = parent.prototype;
+    child.prototype = new Surrogate;
+
+    // Add prototype properties (instance properties) to the subclass,
+    // if supplied.
+    if (protoProps) _.extend(child.prototype, protoProps);
+
+    // Set a convenience property in case the parent's prototype is needed
+    // later.
+    child.__super__ = parent.prototype;
+
+    return child;
+  };
+
+  // Set up inheritance for the model, collection, router, view and history.
+  Model.extend = Collection.extend = Router.extend = View.extend = History.extend = extend;
+
+  // Throw an error when a URL is needed, and none is supplied.
+  var urlError = function() {
+    throw new Error('A "url" property or function must be specified');
+  };
+
+  // Wrap an optional error callback with a fallback error event.
+  var wrapError = function(model, options) {
+    var error = options.error;
+    options.error = function(resp) {
+      if (error) error.call(options.context, model, resp, options);
+      model.trigger('error', model, resp, options);
+    };
+  };
+
+  return Backbone;
+
+}));
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/lib/backbone.validations.js b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/backbone.validations.js
new file mode 100644
index 000000000..78499b06d
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/backbone.validations.js
@@ -0,0 +1,303 @@
+// Copyright (C) 2011 Neal Stewart
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy of
+// this software and associated documentation files (the "Software"), to deal in
+// the Software without restriction, including without limitation the rights to
+// use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+// of the Software, and to permit persons to whom the Software is furnished to do
+// so, subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in all
+// copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+// SOFTWARE.
+
+
+(function(Backbone) {
+
+// Require Underscore and Backbone if there's a `require` function.
+// This makes `backbone.validations` work on the server or when using
+// `browserify`.
+if (typeof require !== 'undefined') {
+  _ = require('underscore');
+  Backbone = require('backbone');
+}
+
+// Premade Validators
+Backbone.Validations = {};
+
+var validators = {
+  "custom" : function(methodName, attributeName, model, valueToSet) {
+    return model[methodName](attributeName, valueToSet);
+  },
+
+  "required" : function(isRequired, attributeName, model, valueToSet) {
+    if (isRequired && (_.isNull(valueToSet) || _.isUndefined(valueToSet) || valueToSet === "")) {
+      return "required";
+    } else {
+      return false;
+    }
+  },
+
+  "in" : function(whitelist, attributeName, model, valueToSet) {
+    return _.include(whitelist, valueToSet) ? undefined : "in";
+  },
+
+  "email" : function(type, attributeName, model, valueToSet) {
+    var emailRegex = new RegExp("[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?", "i");
+
+    if (_.isString(valueToSet) && !valueToSet.match(emailRegex)) {
+      return "email";
+    }
+  },
+
+  "url" : function(type, attributeName, model, valueToSet) {
+    // taken from jQuery UI validation
+    var urlRegex = /^(https?|ftp):\/\/(((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:)*@)?(((\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]))|((([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.)+(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.?)(:\d*)?)(\/((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)+(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)*)*)?)?(\?((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|[\uE000-\uF8FF]|\/|\?)*)?(\#((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|\/|\?)*)?$/i;
+    if (_.isString(valueToSet) && !valueToSet.match(urlRegex)) {
+      return "url";
+    }
+  },
+
+  "number" : function(type, attributeName, model, valueToSet) {
+    return isNaN(valueToSet) ? 'number' : undefined;
+  },
+
+  "Array": function(type, attributeName, model, valueToSet) {
+    return _.isArray(valueToSet) ? undefined : 'Array';
+  },
+
+  "Boolean": function(type, attributeName, model, valueToSet) {
+    return _.isBoolean(valueToSet) ? undefined : 'Boolean';
+  },
+
+  "String": function(type, attributeName, model, valueToSet) {
+    return _.isString(valueToSet) ? undefined : 'String';
+  },
+
+  "digits": function (type, attributeName, model, valueToSet) {
+    var isBeingSet = !_.isUndefined(valueToSet);
+    return (!/^\d+$/.test(valueToSet) && isBeingSet) ? 'digits' : undefined;
+  },
+
+  "pattern" : function(pattern, attributeName, model, valueToSet) {
+    if (_.isString(valueToSet)) {
+      if (pattern.test(valueToSet)) {
+        return false;
+      } else {
+        return "pattern";
+      }
+    }
+  },
+
+  "min" : function(minimumValue, attributeName, model, valueToSet) {
+    if (valueToSet < minimumValue) {
+      return "min";
+    }
+  },
+
+  "max" : function(maximumValue, attributeName, model, valueToSet) {
+    if (valueToSet > maximumValue) {
+      return "max";
+    }
+  },
+
+  "minlength" : function(minlength, attributeName, model, valueToSet) {
+    if (_.isString(valueToSet)) {
+      if (valueToSet.length < minlength) { return "minlength"; }
+    }
+  },
+
+  "maxlength" : function(maxlength, attributeName, model, valueToSet) {
+    if (_.isString(valueToSet)) {
+      if (valueToSet.length > maxlength) { return "maxlength"; }
+    }
+  },
+
+  "arrayElem": function(validator, attributeName, model, valueToSet) {
+    if (_.isArray(valueToSet) && !_.all(valueToSet, validator)) {
+      return "validElem";
+    } else return false;
+  }
+};
+
+var customValidators = {};
+var getCustomValidator = function(name) {
+  var cv = customValidators[name];
+  if (!cv) { throw "custom validator '"+name+"' could not be found."; }
+  return cv;
+};
+
+Backbone.Validations.addValidator = function(name, validator) {
+  if (validators.hasOwnProperty(name) || customValidators.hasOwnProperty(name)) {
+    throw "existing validator";
+  }
+  customValidators[name] = validator;
+};
+
+
+/*
+  The newValidate method overrides validate in Backbone.Model.
+  It has the same interface as the validate function which you
+  would provide.
+
+  The returned object looks like this:
+
+    {
+      attributeName : ["required", "of", "errors"],
+      otherAttributeName: ["and", "so", "on"]
+    }
+
+  */
+function newValidate(attributes) {
+  var errorsForAttribute,
+      errorHasOccured,
+      errors = {};
+
+  for (var attrName in this._attributeValidators) {
+    var valueToSet = attributes[attrName];
+    var validateAttribute = this._attributeValidators[attrName];
+    if (validateAttribute)  {
+      errorsForAttribute = validateAttribute(this, valueToSet);
+    }
+    if (errorsForAttribute) {
+      errorHasOccured = true;
+      errors[attrName] = errorsForAttribute;
+    }
+  }
+
+  return errorHasOccured ? errors : false;
+}
+
+function createMinValidator(attributeName, minimumValue) {
+  return _.bind(validators.min, null, minimumValue);
+}
+
+function createMaxValidator(attributeName, maximumValue) {
+  return _.bind(validators.max, null, maximumValue);
+}
+
+
+/* createValidator takes in:
+    - the model
+    - the name of the attribute
+    - the type of validation
+    - the description of the validation
+
+   returns a function that takes in:
+     - the value being set for the attribute
+
+     and either returns nothing (undefined),
+     or the error name (string).
+  */
+function createValidator(attributeName, type, description) {
+  var validator,
+      validatorMethod,
+      customValidator;
+
+  if (type === "type") {
+    type = description;
+  }
+  validator = validators[type];
+
+  if (!validator) { validator = getCustomValidator(type); }
+
+  if (!validator) { throw "Improper validation type '"+type+"'" ; }
+
+  return _.bind(validator, null, description, attributeName);
+}
+
+function createAttributeValidator(attributeName, attributeDescription) {
+  var validatorsForAttribute = [],
+      type,
+      desc;
+
+  for (type in attributeDescription) {
+    desc = attributeDescription[type];
+    validatorsForAttribute.push(createValidator(attributeName, type, desc));
+  }
+
+  return function(model, valueToSet, hasOverridenError, options) {
+    var validator,
+        result,
+        errors = [];
+
+    for (var i = 0, length = validatorsForAttribute.length; i < length; i++) {
+      validator = validatorsForAttribute[i];
+      result = validator(model, valueToSet);
+      if (result) {
+        if (_.isArray(result)) {
+          errors = errors.concat(result);
+        } else {
+          errors.push(result);
+        }
+      }
+    }
+
+    if (errors.length) {
+      return errors;
+    } else {
+      return false;
+    }
+  };
+}
+
+function createValidators(modelValidations) {
+  var attributeValidations,
+      attributeValidators = {};
+
+  for (var attrName in modelValidations) {
+    attributeValidations = modelValidations[attrName];
+    attributeValidators[attrName] = createAttributeValidator(attrName, attributeValidations);
+  }
+
+  return attributeValidators;
+}
+
+var oldValidate = Backbone.Model.prototype._validate;
+function newPerformValidation(attrs, options) {
+  var result = oldValidate.apply(this, arguments);
+
+  if(!result){
+    _.each(this.validationError, function(error, name) {
+      this.trigger('invalid:' + name, this, this.validationError, options);
+    }, this);
+  }
+  return result;
+}
+
+// save the old backbone
+var oldModel = Backbone.Model;
+
+// Constructor for our new Validations Model
+Backbone.Validations.Model = Backbone.Model.extend({
+  constructor : function() {
+    // if they pass an object, construct the new validations
+    if (typeof this.validate === "object" && this.validate !== null) {
+      if (!this.constructor.prototype._attributeValidators) {
+        this.constructor.prototype._attributeValidators = createValidators(this.validate);
+        this.constructor.prototype.validate = newValidate;
+        this.constructor.prototype._validate = newPerformValidation;
+      }
+    }
+
+    oldModel.apply(this, arguments);
+  }
+});
+
+// Override Backbone.Model with our new Model
+Backbone.Model = Backbone.Validations.Model;
+
+
+// Requisite noConflict
+Backbone.Validations.Model.noConflict =  function() {
+  Backbone.Model = oldModel;
+};
+
+}(typeof Backbone === 'undefined' ? null : Backbone));
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/lib/bootpag.js b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/bootpag.js
new file mode 100644
index 000000000..d5d101f8c
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/bootpag.js
@@ -0,0 +1,179 @@
+/**
+ * @preserve
+ * bootpag - jQuery plugin for dynamic pagination
+ *
+ * Copyright (c) 2015 botmonster@7items.com
+ *
+ * Licensed under the MIT license:
+ *   http://www.opensource.org/licenses/mit-license.php
+ *
+ * Project home:
+ *   http://botmonster.com/jquery-bootpag/
+ *
+ * Version:  1.0.7
+ *
+ */
+(function($, window) {
+
+    $.fn.bootpag = function(options){
+
+        var $owner = this,
+            settings = $.extend({
+                total: 0,
+                page: 1,
+                maxVisible: null,
+                leaps: true,
+                href: 'javascript:void(0);',
+                hrefVariable: '{{number}}',
+                next: '&raquo;',
+                prev: '&laquo;',
+				firstLastUse: false,
+                first: '<span aria-hidden="true">&larr;</span>',
+                last: '<span aria-hidden="true">&rarr;</span>',
+                wrapClass: 'pagination',
+                activeClass: 'active',
+                disabledClass: 'disabled',
+                nextClass: 'next',
+                prevClass: 'prev',
+		        lastClass: 'last',
+                firstClass: 'first'
+            },
+            $owner.data('settings') || {},
+            options || {});
+
+        if(settings.total <= 0)
+            return this;
+
+          if(!$.isNumeric(settings.maxVisible) && !settings.maxVisible){
+            settings.maxVisible = parseInt(settings.total, 10);
+        }
+
+        $owner.data('settings', settings);
+
+        function renderPage($bootpag, page){
+
+            page = parseInt(page, 10);
+            var lp,
+                maxV = settings.maxVisible == 0 ? 1 : settings.maxVisible,
+                step = settings.maxVisible == 1 ? 0 : 1,
+                vis = Math.floor((page - 1) / maxV) * maxV,
+                $page = $bootpag.find('li');
+            settings.page = page = page < 0 ? 0 : page > settings.total ? settings.total : page;
+            $page.removeClass(settings.activeClass);
+            lp = page - 1 < 1 ? 1 :
+                    settings.leaps && page - 1 >= settings.maxVisible ?
+                        Math.floor((page - 1) / maxV) * maxV : page - 1;
+
+			if(settings.firstLastUse) {
+				$page
+					.first()
+					.toggleClass(settings.disabledClass, page === 1);
+			}
+
+			var lfirst = $page.first();
+			if(settings.firstLastUse) {
+				lfirst = lfirst.next();
+			}
+
+			lfirst
+                .toggleClass(settings.disabledClass, page === 1)
+                .attr('data-lp', lp)
+                .find('a').attr('href', href(lp));
+
+            var step = settings.maxVisible == 1 ? 0 : 1;
+
+            lp = page + 1 > settings.total ? settings.total :
+                    settings.leaps && page + 1 < settings.total - settings.maxVisible ?
+                        vis + settings.maxVisible + step: page + 1;
+
+			var llast = $page.last();
+			if(settings.firstLastUse) {
+				llast = llast.prev();
+			}
+
+			llast
+                .toggleClass(settings.disabledClass, page === settings.total)
+                .attr('data-lp', lp)
+                .find('a').attr('href', href(lp));
+
+			$page
+				.last()
+				.toggleClass(settings.disabledClass, page === settings.total);
+
+
+            var $currPage = $page.filter('[data-lp='+page+']');
+
+			var clist = "." + [settings.nextClass,
+							   settings.prevClass,
+                               settings.firstClass,
+                               settings.lastClass].join(",.");
+            if(!$currPage.not(clist).length){
+                var d = page <= vis ? -settings.maxVisible : 0;
+                $page.not(clist).each(function(index){
+                    lp = index + 1 + vis + d;
+                    $(this)
+                        .attr('data-lp', lp)
+                        .toggle(lp <= settings.total)
+                        .find('a').html(lp).attr('href', href(lp));
+                });
+                $currPage = $page.filter('[data-lp='+page+']');
+            }
+            $currPage.not(clist).addClass(settings.activeClass);
+            $owner.data('settings', settings);
+        }
+
+        function href(c){
+
+            return settings.href.replace(settings.hrefVariable, c);
+        }
+
+        return this.each(function(){
+
+            var $bootpag, lp, me = $(this),
+                p = ['<ul class="', settings.wrapClass, ' bootpag">'];
+
+            if(settings.firstLastUse){
+                p = p.concat(['<li data-lp="1" class="', settings.firstClass,
+                       '"><a href="', href(1), '">', settings.first, '</a></li>']);
+            }
+            if(settings.prev){
+                p = p.concat(['<li data-lp="1" class="', settings.prevClass,
+                       '"><a href="', href(1), '">', settings.prev, '</a></li>']);
+            }
+            for(var c = 1; c <= Math.min(settings.total, settings.maxVisible); c++){
+                p = p.concat(['<li data-lp="', c, '"><a href="', href(c), '">', c, '</a></li>']);
+            }
+            if(settings.next){
+                lp = settings.leaps && settings.total > settings.maxVisible
+                    ? Math.min(settings.maxVisible + 1, settings.total) : 2;
+                p = p.concat(['<li data-lp="', lp, '" class="',
+                             settings.nextClass, '"><a href="', href(lp),
+                             '">', settings.next, '</a></li>']);
+            }
+            if(settings.firstLastUse){
+                p = p.concat(['<li data-lp="', settings.total, '" class="last"><a href="',
+                             href(settings.total),'">', settings.last, '</a></li>']);
+            }
+            p.push('</ul>');
+            me.find('ul.bootpag').remove();
+            me.append(p.join(''));
+            $bootpag = me.find('ul.bootpag');
+
+            me.find('li').click(function paginationClick(){
+
+                var me = $(this);
+                if(me.hasClass(settings.disabledClass) || me.hasClass(settings.activeClass)){
+                    return;
+                }
+                var page = parseInt(me.attr('data-lp'), 10);
+                $owner.find('ul.bootpag').each(function(){
+                    renderPage($(this), page);
+                });
+
+                $owner.trigger('page', page);
+            });
+            renderPage($bootpag, settings.page);
+        });
+    }
+
+})(jQuery, window);
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/lib/bootstrap-sheet.js b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/bootstrap-sheet.js
new file mode 100644
index 000000000..349a46fee
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/bootstrap-sheet.js
@@ -0,0 +1,205 @@
+/**
+ * Bootstrap modal sheet
+ * 
+ * Author: Michaël Perrin
+ * https://github.com/michaelperrin/bootstrap-modal-sheet
+ */
+ 
+(function () {
+  "use strict";
+
+  /*
+   * Sheet class definition
+   */
+
+  var Sheet = function (element, options) {
+    this.options = options;
+    this.$element = $(element)
+      .delegate('[data-dismiss="sheet"]', 'click.dismiss.sheet', $.proxy(this.hide, this));
+    this.options.remote && this.$element.find('.sheet-body').load(this.options.remote);
+  };
+
+  Sheet.prototype = {
+    constructor: Sheet,
+
+    toggle: function () {
+      return this[!this.isShown ? 'show' : 'hide']();
+    },
+
+    show: function () {
+      var e = $.Event('show');
+      var that = this;
+
+      this.$element.trigger(e);
+
+      if (this.isShown || e.isDefaultPrevented()) {
+        return;
+      }
+
+      this.isShown = true;
+
+      this.escape();
+
+      var transition = this.$element.hasClass('fade');
+
+      if (!this.$element.parent().length) {
+        this.$element.appendTo(document.body); //don't move modals dom position
+      }
+
+      this.placeBelowParent();
+
+      if (this.options.backdrop) {
+        this.$backdrop = $('<div class="sheet-backdrop" />')
+          .appendTo(document.body)
+        ;
+
+        this.$backdrop.click(
+          this.options.backdrop == 'static' ?
+            $.proxy(this.$element[0].focus, this.$element[0])
+          : $.proxy(this.hide, this)
+        );
+
+        this.$backdrop.addClass('in');
+      }
+
+      transition ?
+        this.$element.slideDown('fast', function() { that.$element.focus().trigger('shown'); }) :
+        this.$element.show().focus().trigger('shown')
+      ;
+
+      this.$element
+        .addClass('in')
+        .attr('aria-hidden', false)
+        .focus()
+      ;
+    },
+
+    placeBelowParent: function() {
+      if ( ! this.options.sheetParent) {
+        return;
+      }
+
+      var $parent = $(this.options.sheetParent);
+
+      if ( ! $parent) {
+        return;
+      }
+
+      // Compute vertical position
+      var sheetPosition = $parent.offset().top + $parent.height();
+      this.$element.css('top', sheetPosition + 'px');
+
+      // Compute horizontal position (make the sheet centered)
+      var margin = ($parent.width() - this.$element.width()) / 2;
+      var leftPosition = $parent.offset().left + margin;
+
+      this.$element.css('left', leftPosition + 'px');
+    },
+
+    hide: function (e) {
+      e && e.preventDefault();
+
+      var that = this;
+
+      e = $.Event('hide');
+
+      this.$element.trigger(e);
+
+      if (!this.isShown || e.isDefaultPrevented()) {
+        return;
+      }
+
+      this.isShown = false;
+
+      this.escape();
+
+      $(document).off('focusin.sheet');
+
+      this.$element
+        .removeClass('in')
+        .attr('aria-hidden', true)
+      ;
+
+      this.hideSheet();
+    },
+
+    hideSheet: function () {
+      var transition = this.$element.hasClass('fade');
+
+      transition ? this.$element.slideUp('fast') : this.$element.hide();
+      this.removeBackdrop();
+      this.$element.trigger('hidden');
+    },
+
+    removeBackdrop: function () {
+      if ( ! this.options.backdrop) {
+        return;
+      }
+
+      this.$backdrop.remove();
+      this.$backdrop = null;
+    },
+
+    escape: function () {
+      var that = this;
+
+      if (this.isShown && this.options.keyboard) {
+        this.$element.on('keyup.dismiss.sheet', function (e) {
+          e.which == 27 && that.hide();
+        });
+      } else if (!this.isShown) {
+        this.$element.off('keyup.dismiss.sheet');
+      }
+    }
+  };
+
+  /*
+   * jQuery Sheet plugin definition
+   */
+
+  $.fn.sheet = function (option) {
+    return this.each(function () {
+      var $this = $(this);
+
+      var data = $this.data('sheet');
+
+      var options = $.extend({}, $.fn.sheet.defaults, $this.data(), typeof option == 'object' && option);
+
+      if (!data) {
+        $this.data('sheet', (data = new Sheet(this, options)));
+      }
+
+      if (typeof option == 'string') {
+        data[option]();
+      } else if (options.show) {
+        data.show();
+      }
+    });
+  };
+
+  $.fn.sheet.defaults = {
+    keyboard: true,
+    show: true,
+    backdrop: true
+  };
+
+  $.fn.sheet.Constructor = Sheet;
+
+ /* SHEET DATA-API
+  * ============== */
+
+  $(document).on('click.sheet.data-api', '[data-toggle="sheet"]', function (e) {
+    var $this = $(this);
+    var href = $this.attr('href');
+    var $target = $($this.attr('data-target') || (href && href.replace(/.*(?=#[^\s]+$)/, ''))); //strip for ie7
+    var option = $target.data('sheet') ? 'toggle' : $.extend({ remote:!/#/.test(href) && href }, $target.data(), $this.data());
+
+    e.preventDefault();
+
+    $target
+      .sheet(option)
+      .one('hide', function () {
+        $this.focus();
+      });
+  });
+}).call(this);
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/lib/bootstrapx-clickover.js b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/bootstrapx-clickover.js
new file mode 100644
index 000000000..c98ae01f2
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/bootstrapx-clickover.js
@@ -0,0 +1,208 @@
+/* ==========================================================
+ * bootstrapx-clickover.js
+ * https://github.com/lecar-red/bootstrapx-clickover
+ * version: 1.0
+ * ==========================================================
+ *
+ * Based on work from Twitter Bootstrap and 
+ * from Popover library http://twitter.github.com/bootstrap/javascript.html#popover
+ * from the great guys at Twitter.
+ *
+ * Untested with 2.1.0 but should worked with 2.0.x
+ *
+ * ========================================================== */
+!function($) {
+  "use strict"
+
+  /* class definition */
+  var Clickover = function ( element, options ) {
+    // local init
+    this.cinit('clickover', element, options );
+  }
+
+  Clickover.prototype = $.extend({}, $.fn.popover.Constructor.prototype, {
+
+    constructor: Clickover
+
+    , cinit: function( type, element, options ) {
+      this.attr = {};
+
+      // choose random attrs instead of timestamp ones
+      this.attr.me = ((Math.random() * 10) + "").replace(/\D/g, '');
+      this.attr.click_event_ns = "click." + this.attr.me + " touchstart." + this.attr.me;
+
+      if (!options) options = {};
+
+      options.trigger = 'manual';
+
+      // call parent
+      this.init( type, element, options );
+
+      // setup our own handlers
+      this.$element.on( 'click', this.options.selector, $.proxy(this.clickery, this) );
+
+      // soon add click hanlder to body to close this element
+      // will need custom handler inside here
+    }
+    , clickery: function(e) {
+      // clickery isn't only run by event handlers can be called by timeout or manually
+      // only run our click handler and  
+      // need to stop progration or body click handler would fire right away
+      if (e) {
+        e.preventDefault();
+        e.stopPropagation();
+      }
+
+      // set popover's dim's
+      this.options.width  && this.tip().width(  this.options.width  );
+      this.options.height && this.tip().height( this.options.height );
+
+      // set popover's tip 'id' for greater control of rendering or css rules
+      this.options.tip_id     && this.tip().attr('id', this.options.tip_id );
+
+      // add a custom class
+      this.options.class_name && this.tip().addClass(this.options.class_name);
+
+      // we could override this to provide show and hide hooks 
+      this[ this.isShown() ? 'hide' : 'show' ]();
+
+      // if shown add global click closer
+      if ( this.isShown() ) {
+        var that = this;
+
+        // close on global request, exclude clicks inside clickover
+        this.options.global_close &&
+          $('body').on( this.attr.click_event_ns, function(e) {
+            if ( !that.tip().has(e.target).length ) { that.clickery(); }
+          });
+
+        this.options.esc_close && $(document).bind('keyup.clickery', function(e) {
+            if (e.keyCode == 27) { that.clickery(); }
+            return;
+        });
+
+        // first check for others that might be open
+        // wanted to use 'click' but might accidently trigger other custom click handlers
+        // on clickover elements 
+        !this.options.allow_multiple &&
+            $('[data-clickover-open=1]').each( function() { 
+                $(this).data('clickover') && $(this).data('clickover').clickery(); });
+
+        // help us track elements w/ open clickovers using html5
+        this.$element.attr('data-clickover-open', 1);
+
+        // if element has close button then make that work, like to
+        // add option close_selector
+        this.tip().on('click', '[data-dismiss="clickover"]', $.proxy(this.clickery, this));
+
+        // trigger timeout hide
+        if ( this.options.auto_close && this.options.auto_close > 0 ) {
+          this.attr.tid = 
+            setTimeout( $.proxy(this.clickery, this), this.options.auto_close );  
+        }
+
+        // provide callback hooks for post shown event
+        typeof this.options.onShown == 'function' && this.options.onShown.call(this);
+        this.$element.trigger('shown');
+      }
+      else {
+        this.$element.removeAttr('data-clickover-open');
+
+        this.options.esc_close && $(document).unbind('keyup.clickery');
+
+        $('body').off( this.attr.click_event_ns ); 
+
+        if ( typeof this.attr.tid == "number" ) {
+          clearTimeout(this.attr.tid);
+          delete this.attr.tid;
+        }
+
+		// provide some callback hooks
+        typeof this.options.onHidden == 'function' && this.options.onHidden.call(this);
+        this.$element.trigger('hidden');
+      }
+    }
+    , isShown: function() {
+      return this.tip().hasClass('in');
+    }
+    , resetPosition: function() {
+        var $tip
+        , inside
+        , pos
+        , actualWidth
+        , actualHeight
+        , placement
+        , tp
+
+      if (this.hasContent() && this.enabled) {
+        $tip = this.tip()
+
+        placement = typeof this.options.placement == 'function' ?
+          this.options.placement.call(this, $tip[0], this.$element[0]) :
+          this.options.placement
+
+        inside = /in/.test(placement)
+
+        pos = this.getPosition(inside)
+
+        actualWidth = $tip[0].offsetWidth
+        actualHeight = $tip[0].offsetHeight
+
+        switch (inside ? placement.split(' ')[1] : placement) {
+          case 'bottom':
+            tp = {top: pos.top + pos.height, left: pos.left + pos.width / 2 - actualWidth / 2}
+            break
+          case 'top':
+            tp = {top: pos.top - actualHeight, left: pos.left + pos.width / 2 - actualWidth / 2}
+            break
+          case 'left':
+            tp = {top: pos.top + pos.height / 2 - actualHeight / 2, left: pos.left - actualWidth}
+            break
+          case 'right':
+            tp = {top: pos.top + pos.height / 2 - actualHeight / 2, left: pos.left + pos.width}
+            break
+        }
+
+        $tip.css(tp)
+      }
+    }
+    , debughide: function() {
+      var dt = new Date().toString();
+
+      console.log(dt + ": clickover hide");
+      this.hide();
+    }
+  })
+
+  /* plugin definition */
+  /* stolen from bootstrap tooltip.js */
+  $.fn.clickover = function( option ) {
+    return this.each(function() {
+      var $this = $(this)
+        , data = $this.data('clickover')
+        , options = typeof option == 'object' && option
+
+      if (!data) $this.data('clickover', (data = new Clickover(this, options)))
+      if (typeof option == 'string') data[option]()
+    })
+  }
+
+  $.fn.clickover.Constructor = Clickover
+
+  // these defaults are passed directly to parent classes
+  $.fn.clickover.defaults = $.extend({}, $.fn.popover.defaults, {
+    trigger: 'manual',
+    auto_close:   0, /* ms to auto close clickover, 0 means none */
+    global_close: 1, /* allow close when clicked away from clickover */
+    esc_close:    1, /* allow clickover to close when esc key is pressed */
+    onShown:  null,  /* function to be run once clickover has been shown */
+    onHidden: null,  /* function to be run once clickover has been hidden */
+    width:  null, /* number is px (don't add px), null or 0 - don't set anything */
+    height: null, /* number is px (don't add px), null or 0 - don't set anything */
+    tip_id: null,  /* id of popover container */
+    class_name: 'clickover', /* default class name in addition to other classes */
+    allow_multiple: 0 /* enable to allow for multiple clickovers to be open at the same time */
+  })
+
+}( window.jQuery );
+
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/lib/html5.js b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/html5.js
new file mode 100644
index 000000000..77dace490
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/html5.js
@@ -0,0 +1,322 @@
+/**
+* @preserve HTML5 Shiv 3.7.2 | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed
+*/
+;(function(window, document) {
+/*jshint evil:true */
+  /** version */
+  var version = '3.7.2';
+
+  /** Preset options */
+  var options = window.html5 || {};
+
+  /** Used to skip problem elements */
+  var reSkip = /^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i;
+
+  /** Not all elements can be cloned in IE **/
+  var saveClones = /^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i;
+
+  /** Detect whether the browser supports default html5 styles */
+  var supportsHtml5Styles;
+
+  /** Name of the expando, to work with multiple documents or to re-shiv one document */
+  var expando = '_html5shiv';
+
+  /** The id for the the documents expando */
+  var expanID = 0;
+
+  /** Cached data for each document */
+  var expandoData = {};
+
+  /** Detect whether the browser supports unknown elements */
+  var supportsUnknownElements;
+
+  (function() {
+    try {
+        var a = document.createElement('a');
+        a.innerHTML = '<xyz></xyz>';
+        //if the hidden property is implemented we can assume, that the browser supports basic HTML5 Styles
+        supportsHtml5Styles = ('hidden' in a);
+
+        supportsUnknownElements = a.childNodes.length == 1 || (function() {
+          // assign a false positive if unable to shiv
+          (document.createElement)('a');
+          var frag = document.createDocumentFragment();
+          return (
+            typeof frag.cloneNode == 'undefined' ||
+            typeof frag.createDocumentFragment == 'undefined' ||
+            typeof frag.createElement == 'undefined'
+          );
+        }());
+    } catch(e) {
+      // assign a false positive if detection fails => unable to shiv
+      supportsHtml5Styles = true;
+      supportsUnknownElements = true;
+    }
+
+  }());
+
+  /*--------------------------------------------------------------------------*/
+
+  /**
+   * Creates a style sheet with the given CSS text and adds it to the document.
+   * @private
+   * @param {Document} ownerDocument The document.
+   * @param {String} cssText The CSS text.
+   * @returns {StyleSheet} The style element.
+   */
+  function addStyleSheet(ownerDocument, cssText) {
+    var p = ownerDocument.createElement('p'),
+        parent = ownerDocument.getElementsByTagName('head')[0] || ownerDocument.documentElement;
+
+    p.innerHTML = 'x<style>' + cssText + '</style>';
+    return parent.insertBefore(p.lastChild, parent.firstChild);
+  }
+
+  /**
+   * Returns the value of `html5.elements` as an array.
+   * @private
+   * @returns {Array} An array of shived element node names.
+   */
+  function getElements() {
+    var elements = html5.elements;
+    return typeof elements == 'string' ? elements.split(' ') : elements;
+  }
+
+  /**
+   * Extends the built-in list of html5 elements
+   * @memberOf html5
+   * @param {String|Array} newElements whitespace separated list or array of new element names to shiv
+   * @param {Document} ownerDocument The context document.
+   */
+  function addElements(newElements, ownerDocument) {
+    var elements = html5.elements;
+    if(typeof elements != 'string'){
+      elements = elements.join(' ');
+    }
+    if(typeof newElements != 'string'){
+      newElements = newElements.join(' ');
+    }
+    html5.elements = elements +' '+ newElements;
+    shivDocument(ownerDocument);
+  }
+
+   /**
+   * Returns the data associated to the given document
+   * @private
+   * @param {Document} ownerDocument The document.
+   * @returns {Object} An object of data.
+   */
+  function getExpandoData(ownerDocument) {
+    var data = expandoData[ownerDocument[expando]];
+    if (!data) {
+        data = {};
+        expanID++;
+        ownerDocument[expando] = expanID;
+        expandoData[expanID] = data;
+    }
+    return data;
+  }
+
+  /**
+   * returns a shived element for the given nodeName and document
+   * @memberOf html5
+   * @param {String} nodeName name of the element
+   * @param {Document} ownerDocument The context document.
+   * @returns {Object} The shived element.
+   */
+  function createElement(nodeName, ownerDocument, data){
+    if (!ownerDocument) {
+        ownerDocument = document;
+    }
+    if(supportsUnknownElements){
+        return ownerDocument.createElement(nodeName);
+    }
+    if (!data) {
+        data = getExpandoData(ownerDocument);
+    }
+    var node;
+
+    if (data.cache[nodeName]) {
+        node = data.cache[nodeName].cloneNode();
+    } else if (saveClones.test(nodeName)) {
+        node = (data.cache[nodeName] = data.createElem(nodeName)).cloneNode();
+    } else {
+        node = data.createElem(nodeName);
+    }
+
+    // Avoid adding some elements to fragments in IE < 9 because
+    // * Attributes like `name` or `type` cannot be set/changed once an element
+    //   is inserted into a document/fragment
+    // * Link elements with `src` attributes that are inaccessible, as with
+    //   a 403 response, will cause the tab/window to crash
+    // * Script elements appended to fragments will execute when their `src`
+    //   or `text` property is set
+    return node.canHaveChildren && !reSkip.test(nodeName) && !node.tagUrn ? data.frag.appendChild(node) : node;
+  }
+
+  /**
+   * returns a shived DocumentFragment for the given document
+   * @memberOf html5
+   * @param {Document} ownerDocument The context document.
+   * @returns {Object} The shived DocumentFragment.
+   */
+  function createDocumentFragment(ownerDocument, data){
+    if (!ownerDocument) {
+        ownerDocument = document;
+    }
+    if(supportsUnknownElements){
+        return ownerDocument.createDocumentFragment();
+    }
+    data = data || getExpandoData(ownerDocument);
+    var clone = data.frag.cloneNode(),
+        i = 0,
+        elems = getElements(),
+        l = elems.length;
+    for(;i<l;i++){
+        clone.createElement(elems[i]);
+    }
+    return clone;
+  }
+
+  /**
+   * Shivs the `createElement` and `createDocumentFragment` methods of the document.
+   * @private
+   * @param {Document|DocumentFragment} ownerDocument The document.
+   * @param {Object} data of the document.
+   */
+  function shivMethods(ownerDocument, data) {
+    if (!data.cache) {
+        data.cache = {};
+        data.createElem = ownerDocument.createElement;
+        data.createFrag = ownerDocument.createDocumentFragment;
+        data.frag = data.createFrag();
+    }
+
+
+    ownerDocument.createElement = function(nodeName) {
+      //abort shiv
+      if (!html5.shivMethods) {
+          return data.createElem(nodeName);
+      }
+      return createElement(nodeName, ownerDocument, data);
+    };
+
+    ownerDocument.createDocumentFragment = Function('h,f', 'return function(){' +
+      'var n=f.cloneNode(),c=n.createElement;' +
+      'h.shivMethods&&(' +
+        // unroll the `createElement` calls
+        getElements().join().replace(/[\w\-:]+/g, function(nodeName) {
+          data.createElem(nodeName);
+          data.frag.createElement(nodeName);
+          return 'c("' + nodeName + '")';
+        }) +
+      ');return n}'
+    )(html5, data.frag);
+  }
+
+  /*--------------------------------------------------------------------------*/
+
+  /**
+   * Shivs the given document.
+   * @memberOf html5
+   * @param {Document} ownerDocument The document to shiv.
+   * @returns {Document} The shived document.
+   */
+  function shivDocument(ownerDocument) {
+    if (!ownerDocument) {
+        ownerDocument = document;
+    }
+    var data = getExpandoData(ownerDocument);
+
+    if (html5.shivCSS && !supportsHtml5Styles && !data.hasCSS) {
+      data.hasCSS = !!addStyleSheet(ownerDocument,
+        // corrects block display not defined in IE6/7/8/9
+        'article,aside,dialog,figcaption,figure,footer,header,hgroup,main,nav,section{display:block}' +
+        // adds styling not present in IE6/7/8/9
+        'mark{background:#FF0;color:#000}' +
+        // hides non-rendered elements
+        'template{display:none}'
+      );
+    }
+    if (!supportsUnknownElements) {
+      shivMethods(ownerDocument, data);
+    }
+    return ownerDocument;
+  }
+
+  /*--------------------------------------------------------------------------*/
+
+  /**
+   * The `html5` object is exposed so that more elements can be shived and
+   * existing shiving can be detected on iframes.
+   * @type Object
+   * @example
+   *
+   * // options can be changed before the script is included
+   * html5 = { 'elements': 'mark section', 'shivCSS': false, 'shivMethods': false };
+   */
+  var html5 = {
+
+    /**
+     * An array or space separated string of node names of the elements to shiv.
+     * @memberOf html5
+     * @type Array|String
+     */
+    'elements': options.elements || 'abbr article aside audio bdi canvas data datalist details dialog figcaption figure footer header hgroup main mark meter nav output picture progress section summary template time video',
+
+    /**
+     * current version of html5shiv
+     */
+    'version': version,
+
+    /**
+     * A flag to indicate that the HTML5 style sheet should be inserted.
+     * @memberOf html5
+     * @type Boolean
+     */
+    'shivCSS': (options.shivCSS !== false),
+
+    /**
+     * Is equal to true if a browser supports creating unknown/HTML5 elements
+     * @memberOf html5
+     * @type boolean
+     */
+    'supportsUnknownElements': supportsUnknownElements,
+
+    /**
+     * A flag to indicate that the document's `createElement` and `createDocumentFragment`
+     * methods should be overwritten.
+     * @memberOf html5
+     * @type Boolean
+     */
+    'shivMethods': (options.shivMethods !== false),
+
+    /**
+     * A string to describe the type of `html5` object ("default" or "default print").
+     * @memberOf html5
+     * @type String
+     */
+    'type': 'default',
+
+    // shivs the document according to the specified `html5` object options
+    'shivDocument': shivDocument,
+
+    //creates a shived element
+    createElement: createElement,
+
+    //creates a shived documentFragment
+    createDocumentFragment: createDocumentFragment,
+
+    //extends list of elements
+    addElements: addElements
+  };
+
+  /*--------------------------------------------------------------------------*/
+
+  // expose html5
+  window.html5 = html5;
+
+  // shiv the document
+  shivDocument(document);
+
+}(this, document));
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/lib/i18next.js b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/i18next.js
new file mode 100644
index 000000000..d24196184
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/i18next.js
@@ -0,0 +1,2281 @@
+// i18next, v1.10.1
+// Copyright (c)2015 Jan Mühlemann (jamuhl).
+// Distributed under MIT license
+// http://i18next.com
+(function(root) {
+
+    // add indexOf to non ECMA-262 standard compliant browsers
+    if (!Array.prototype.indexOf) {
+        Array.prototype.indexOf = function (searchElement /*, fromIndex */ ) {
+            "use strict";
+            if (this == null) {
+                throw new TypeError();
+            }
+            var t = Object(this);
+            var len = t.length >>> 0;
+            if (len === 0) {
+                return -1;
+            }
+            var n = 0;
+            if (arguments.length > 0) {
+                n = Number(arguments[1]);
+                if (n != n) { // shortcut for verifying if it's NaN
+                    n = 0;
+                } else if (n != 0 && n != Infinity && n != -Infinity) {
+                    n = (n > 0 || -1) * Math.floor(Math.abs(n));
+                }
+            }
+            if (n >= len) {
+                return -1;
+            }
+            var k = n >= 0 ? n : Math.max(len - Math.abs(n), 0);
+            for (; k < len; k++) {
+                if (k in t && t[k] === searchElement) {
+                    return k;
+                }
+            }
+            return -1;
+        }
+    }
+    
+    // add lastIndexOf to non ECMA-262 standard compliant browsers
+    if (!Array.prototype.lastIndexOf) {
+        Array.prototype.lastIndexOf = function(searchElement /*, fromIndex*/) {
+            "use strict";
+            if (this == null) {
+                throw new TypeError();
+            }
+            var t = Object(this);
+            var len = t.length >>> 0;
+            if (len === 0) {
+                return -1;
+            }
+            var n = len;
+            if (arguments.length > 1) {
+                n = Number(arguments[1]);
+                if (n != n) {
+                    n = 0;
+                } else if (n != 0 && n != (1 / 0) && n != -(1 / 0)) {
+                    n = (n > 0 || -1) * Math.floor(Math.abs(n));
+                }
+            }
+            var k = n >= 0 ? Math.min(n, len - 1) : len - Math.abs(n);
+            for (; k >= 0; k--) {
+                if (k in t && t[k] === searchElement) {
+                    return k;
+                }
+            }
+            return -1;
+        };
+    }
+    
+    // Add string trim for IE8.
+    if (typeof String.prototype.trim !== 'function') {
+        String.prototype.trim = function() {
+            return this.replace(/^\s+|\s+$/g, ''); 
+        }
+    }
+
+    var $ = root.jQuery || root.Zepto
+      , i18n = {}
+      , resStore = {}
+      , currentLng
+      , replacementCounter = 0
+      , languages = []
+      , initialized = false
+      , sync = {}
+      , conflictReference = null;
+
+
+
+    // Export the i18next object for **CommonJS**. 
+    // If we're not in CommonJS, add `i18n` to the
+    // global object or to jquery.
+    if (typeof module !== 'undefined' && module.exports) {
+        module.exports = i18n;
+    } else {
+        if ($) {
+            $.i18n = $.i18n || i18n;
+        }
+        
+        if (root.i18n) {
+        	conflictReference = root.i18n;
+        }
+        root.i18n = i18n;
+    }
+    sync = {
+    
+        load: function(lngs, options, cb) {
+            if (options.useLocalStorage) {
+                sync._loadLocal(lngs, options, function(err, store) {
+                    var missingLngs = [];
+                    for (var i = 0, len = lngs.length; i < len; i++) {
+                        if (!store[lngs[i]]) missingLngs.push(lngs[i]);
+                    }
+    
+                    if (missingLngs.length > 0) {
+                        sync._fetch(missingLngs, options, function(err, fetched) {
+                            f.extend(store, fetched);
+                            sync._storeLocal(fetched);
+    
+                            cb(err, store);
+                        });
+                    } else {
+                        cb(err, store);
+                    }
+                });
+            } else {
+                sync._fetch(lngs, options, function(err, store){
+                    cb(err, store);
+                });
+            }
+        },
+    
+        _loadLocal: function(lngs, options, cb) {
+            var store = {}
+              , nowMS = new Date().getTime();
+    
+            if(window.localStorage) {
+    
+                var todo = lngs.length;
+    
+                f.each(lngs, function(key, lng) {
+                    var local = f.localStorage.getItem('res_' + lng);
+    
+                    if (local) {
+                        local = JSON.parse(local);
+    
+                        if (local.i18nStamp && local.i18nStamp + options.localStorageExpirationTime > nowMS) {
+                            store[lng] = local;
+                        }
+                    }
+    
+                    todo--; // wait for all done befor callback
+                    if (todo === 0) cb(null, store);
+                });
+            }
+        },
+    
+        _storeLocal: function(store) {
+            if(window.localStorage) {
+                for (var m in store) {
+                    store[m].i18nStamp = new Date().getTime();
+                    f.localStorage.setItem('res_' + m, JSON.stringify(store[m]));
+                }
+            }
+            return;
+        },
+    
+        _fetch: function(lngs, options, cb) {
+            var ns = options.ns
+              , store = {};
+            
+            if (!options.dynamicLoad) {
+                var todo = ns.namespaces.length * lngs.length
+                  , errors;
+    
+                // load each file individual
+                f.each(ns.namespaces, function(nsIndex, nsValue) {
+                    f.each(lngs, function(lngIndex, lngValue) {
+                        
+                        // Call this once our translation has returned.
+                        var loadComplete = function(err, data) {
+                            if (err) {
+                                errors = errors || [];
+                                errors.push(err);
+                            }
+                            store[lngValue] = store[lngValue] || {};
+                            store[lngValue][nsValue] = data;
+    
+                            todo--; // wait for all done befor callback
+                            if (todo === 0) cb(errors, store);
+                        };
+                        
+                        if(typeof options.customLoad == 'function'){
+                            // Use the specified custom callback.
+                            options.customLoad(lngValue, nsValue, options, loadComplete);
+                        } else {
+                            //~ // Use our inbuilt sync.
+                            sync._fetchOne(lngValue, nsValue, options, loadComplete);
+                        }
+                    });
+                });
+            } else {
+                // Call this once our translation has returned.
+                var loadComplete = function(err, data) {
+                    cb(err, data);
+                };
+    
+                if(typeof options.customLoad == 'function'){
+                    // Use the specified custom callback.
+                    options.customLoad(lngs, ns.namespaces, options, loadComplete);
+                } else {
+                    var url = applyReplacement(options.resGetPath, { lng: lngs.join('+'), ns: ns.namespaces.join('+') });
+                    // load all needed stuff once
+                    f.ajax({
+                        url: url,
+                        cache: options.cache,
+                        success: function(data, status, xhr) {
+                            f.log('loaded: ' + url);
+                            loadComplete(null, data);
+                        },
+                        error : function(xhr, status, error) {
+                            f.log('failed loading: ' + url);
+                            loadComplete('failed loading resource.json error: ' + error);
+                        },
+                        dataType: "json",
+                        async : options.getAsync,
+                        timeout: options.ajaxTimeout
+                    });
+                }    
+            }
+        },
+    
+        _fetchOne: function(lng, ns, options, done) {
+            var url = applyReplacement(options.resGetPath, { lng: lng, ns: ns });
+            f.ajax({
+                url: url,
+                cache: options.cache,
+                success: function(data, status, xhr) {
+                    f.log('loaded: ' + url);
+                    done(null, data);
+                },
+                error : function(xhr, status, error) {
+                    if ((status && status == 200) || (xhr && xhr.status && xhr.status == 200)) {
+                        // file loaded but invalid json, stop waste time !
+                        f.error('There is a typo in: ' + url);
+                    } else if ((status && status == 404) || (xhr && xhr.status && xhr.status == 404)) {
+                        f.log('Does not exist: ' + url);
+                    } else {
+                        var theStatus = status ? status : ((xhr && xhr.status) ? xhr.status : null);
+                        f.log(theStatus + ' when loading ' + url);
+                    }
+                    
+                    done(error, {});
+                },
+                dataType: "json",
+                async : options.getAsync,
+                timeout: options.ajaxTimeout
+            });
+        },
+    
+        postMissing: function(lng, ns, key, defaultValue, lngs) {
+            var payload = {};
+            payload[key] = defaultValue;
+    
+            var urls = [];
+    
+            if (o.sendMissingTo === 'fallback' && o.fallbackLng[0] !== false) {
+                for (var i = 0; i < o.fallbackLng.length; i++) {
+                    urls.push({lng: o.fallbackLng[i], url: applyReplacement(o.resPostPath, { lng: o.fallbackLng[i], ns: ns })});
+                }
+            } else if (o.sendMissingTo === 'current' || (o.sendMissingTo === 'fallback' && o.fallbackLng[0] === false) ) {
+                urls.push({lng: lng, url: applyReplacement(o.resPostPath, { lng: lng, ns: ns })});
+            } else if (o.sendMissingTo === 'all') {
+                for (var i = 0, l = lngs.length; i < l; i++) {
+                    urls.push({lng: lngs[i], url: applyReplacement(o.resPostPath, { lng: lngs[i], ns: ns })});
+                }
+            }
+    
+            for (var y = 0, len = urls.length; y < len; y++) {
+                var item = urls[y];
+                f.ajax({
+                    url: item.url,
+                    type: o.sendType,
+                    data: payload,
+                    success: function(data, status, xhr) {
+                        f.log('posted missing key \'' + key + '\' to: ' + item.url);
+    
+                        // add key to resStore
+                        var keys = key.split('.');
+                        var x = 0;
+                        var value = resStore[item.lng][ns];
+                        while (keys[x]) {
+                            if (x === keys.length - 1) {
+                                value = value[keys[x]] = defaultValue;
+                            } else {
+                                value = value[keys[x]] = value[keys[x]] || {};
+                            }
+                            x++;
+                        }
+                    },
+                    error : function(xhr, status, error) {
+                        f.log('failed posting missing key \'' + key + '\' to: ' + item.url);
+                    },
+                    dataType: "json",
+                    async : o.postAsync,
+                    timeout: o.ajaxTimeout
+                });
+            }
+        },
+    
+        reload: reload
+    };
+    // defaults
+    var o = {
+        lng: undefined,
+        load: 'all',
+        preload: [],
+        lowerCaseLng: false,
+        returnObjectTrees: false,
+        fallbackLng: ['dev'],
+        fallbackNS: [],
+        detectLngQS: 'setLng',
+        detectLngFromLocalStorage: false,
+        ns: {
+            namespaces: ['translation'],
+            defaultNs: 'translation'
+        },
+        fallbackOnNull: true,
+        fallbackOnEmpty: false,
+        fallbackToDefaultNS: false,
+        showKeyIfEmpty: false,
+        nsseparator: ':',
+        keyseparator: '.',
+        selectorAttr: 'data-i18n',
+        debug: false,
+    
+        resGetPath: 'locales/__lng__/__ns__.json',
+        resPostPath: 'locales/add/__lng__/__ns__',
+    
+        getAsync: true,
+        postAsync: true,
+    
+        resStore: undefined,
+        useLocalStorage: false,
+        localStorageExpirationTime: 7*24*60*60*1000,
+    
+        dynamicLoad: false,
+        sendMissing: false,
+        sendMissingTo: 'fallback', // current | all
+        sendType: 'POST',
+    
+        interpolationPrefix: '__',
+        interpolationSuffix: '__',
+        defaultVariables: false,
+        reusePrefix: '$t(',
+        reuseSuffix: ')',
+        pluralSuffix: '_plural',
+        pluralNotFound: ['plural_not_found', Math.random()].join(''),
+        contextNotFound: ['context_not_found', Math.random()].join(''),
+        escapeInterpolation: false,
+        indefiniteSuffix: '_indefinite',
+        indefiniteNotFound: ['indefinite_not_found', Math.random()].join(''),
+    
+        setJqueryExt: true,
+        defaultValueFromContent: true,
+        useDataAttrOptions: false,
+        cookieExpirationTime: undefined,
+        useCookie: true,
+        cookieName: 'i18next',
+        cookieDomain: undefined,
+    
+        objectTreeKeyHandler: undefined,
+        postProcess: undefined,
+        parseMissingKey: undefined,
+        missingKeyHandler: sync.postMissing,
+        ajaxTimeout: 0,
+    
+        shortcutFunction: 'sprintf' // or: defaultValue
+    };
+    function _extend(target, source) {
+        if (!source || typeof source === 'function') {
+            return target;
+        }
+    
+        for (var attr in source) { target[attr] = source[attr]; }
+        return target;
+    }
+    
+    function _deepExtend(target, source) {
+        for (var prop in source)
+            if (prop in target)
+                _deepExtend(target[prop], source[prop]);
+            else
+                target[prop] = source[prop];
+        return target;
+    }
+    
+    function _each(object, callback, args) {
+        var name, i = 0,
+            length = object.length,
+            isObj = length === undefined || Object.prototype.toString.apply(object) !== '[object Array]' || typeof object === "function";
+    
+        if (args) {
+            if (isObj) {
+                for (name in object) {
+                    if (callback.apply(object[name], args) === false) {
+                        break;
+                    }
+                }
+            } else {
+                for ( ; i < length; ) {
+                    if (callback.apply(object[i++], args) === false) {
+                        break;
+                    }
+                }
+            }
+    
+        // A special, fast, case for the most common use of each
+        } else {
+            if (isObj) {
+                for (name in object) {
+                    if (callback.call(object[name], name, object[name]) === false) {
+                        break;
+                    }
+                }
+            } else {
+                for ( ; i < length; ) {
+                    if (callback.call(object[i], i, object[i++]) === false) {
+                        break;
+                    }
+                }
+            }
+        }
+    
+        return object;
+    }
+    
+    var _entityMap = {
+        "&": "&amp;",
+        "<": "&lt;",
+        ">": "&gt;",
+        '"': '&quot;',
+        "'": '&#39;',
+        "/": '&#x2F;'
+    };
+    
+    function _escape(data) {
+        if (typeof data === 'string') {
+            return data.replace(/[&<>"'\/]/g, function (s) {
+                return _entityMap[s];
+            });
+        }else{
+            return data;
+        }
+    }
+    
+    function _ajax(options) {
+    
+        // v0.5.0 of https://github.com/goloroden/http.js
+        var getXhr = function (callback) {
+            // Use the native XHR object if the browser supports it.
+            if (window.XMLHttpRequest) {
+                return callback(null, new XMLHttpRequest());
+            } else if (window.ActiveXObject) {
+                // In Internet Explorer check for ActiveX versions of the XHR object.
+                try {
+                    return callback(null, new ActiveXObject("Msxml2.XMLHTTP"));
+                } catch (e) {
+                    return callback(null, new ActiveXObject("Microsoft.XMLHTTP"));
+                }
+            }
+    
+            // If no XHR support was found, throw an error.
+            return callback(new Error());
+        };
+    
+        var encodeUsingUrlEncoding = function (data) {
+            if(typeof data === 'string') {
+                return data;
+            }
+    
+            var result = [];
+            for(var dataItem in data) {
+                if(data.hasOwnProperty(dataItem)) {
+                    result.push(encodeURIComponent(dataItem) + '=' + encodeURIComponent(data[dataItem]));
+                }
+            }
+    
+            return result.join('&');
+        };
+    
+        var utf8 = function (text) {
+            text = text.replace(/\r\n/g, '\n');
+            var result = '';
+    
+            for(var i = 0; i < text.length; i++) {
+                var c = text.charCodeAt(i);
+    
+                if(c < 128) {
+                        result += String.fromCharCode(c);
+                } else if((c > 127) && (c < 2048)) {
+                        result += String.fromCharCode((c >> 6) | 192);
+                        result += String.fromCharCode((c & 63) | 128);
+                } else {
+                        result += String.fromCharCode((c >> 12) | 224);
+                        result += String.fromCharCode(((c >> 6) & 63) | 128);
+                        result += String.fromCharCode((c & 63) | 128);
+                }
+            }
+    
+            return result;
+        };
+    
+        var base64 = function (text) {
+            var keyStr = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';
+    
+            text = utf8(text);
+            var result = '',
+                    chr1, chr2, chr3,
+                    enc1, enc2, enc3, enc4,
+                    i = 0;
+    
+            do {
+                chr1 = text.charCodeAt(i++);
+                chr2 = text.charCodeAt(i++);
+                chr3 = text.charCodeAt(i++);
+    
+                enc1 = chr1 >> 2;
+                enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
+                enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
+                enc4 = chr3 & 63;
+    
+                if(isNaN(chr2)) {
+                    enc3 = enc4 = 64;
+                } else if(isNaN(chr3)) {
+                    enc4 = 64;
+                }
+    
+                result +=
+                    keyStr.charAt(enc1) +
+                    keyStr.charAt(enc2) +
+                    keyStr.charAt(enc3) +
+                    keyStr.charAt(enc4);
+                chr1 = chr2 = chr3 = '';
+                enc1 = enc2 = enc3 = enc4 = '';
+            } while(i < text.length);
+    
+            return result;
+        };
+    
+        var mergeHeaders = function () {
+            // Use the first header object as base.
+            var result = arguments[0];
+    
+            // Iterate through the remaining header objects and add them.
+            for(var i = 1; i < arguments.length; i++) {
+                var currentHeaders = arguments[i];
+                for(var header in currentHeaders) {
+                    if(currentHeaders.hasOwnProperty(header)) {
+                        result[header] = currentHeaders[header];
+                    }
+                }
+            }
+    
+            // Return the merged headers.
+            return result;
+        };
+    
+        var ajax = function (method, url, options, callback) {
+            // Adjust parameters.
+            if(typeof options === 'function') {
+                callback = options;
+                options = {};
+            }
+    
+            // Set default parameter values.
+            options.cache = options.cache || false;
+            options.data = options.data || {};
+            options.headers = options.headers || {};
+            options.jsonp = options.jsonp || false;
+            options.async = options.async === undefined ? true : options.async;
+    
+            // Merge the various header objects.
+            var headers = mergeHeaders({
+                'accept': '*/*',
+                'content-type': 'application/x-www-form-urlencoded;charset=UTF-8'
+            }, ajax.headers, options.headers);
+    
+            // Encode the data according to the content-type.
+            var payload;
+            if (headers['content-type'] === 'application/json') {
+                payload = JSON.stringify(options.data);
+            } else {
+                payload = encodeUsingUrlEncoding(options.data);
+            }
+    
+            // Specially prepare GET requests: Setup the query string, handle caching and make a JSONP call
+            // if neccessary.
+            if(method === 'GET') {
+                // Setup the query string.
+                var queryString = [];
+                if(payload) {
+                    queryString.push(payload);
+                    payload = null;
+                }
+    
+                // Handle caching.
+                if(!options.cache) {
+                    queryString.push('_=' + (new Date()).getTime());
+                }
+    
+                // If neccessary prepare the query string for a JSONP call.
+                if(options.jsonp) {
+                    queryString.push('callback=' + options.jsonp);
+                    queryString.push('jsonp=' + options.jsonp);
+                }
+    
+                // Merge the query string and attach it to the url.
+                queryString = queryString.join('&');
+                if (queryString.length > 1) {
+                    if (url.indexOf('?') > -1) {
+                        url += '&' + queryString;
+                    } else {
+                        url += '?' + queryString;
+                    }
+                }
+    
+                // Make a JSONP call if neccessary.
+                if(options.jsonp) {
+                    var head = document.getElementsByTagName('head')[0];
+                    var script = document.createElement('script');
+                    script.type = 'text/javascript';
+                    script.src = url;
+                    head.appendChild(script);
+                    return;
+                }
+            }
+    
+            // Since we got here, it is no JSONP request, so make a normal XHR request.
+            getXhr(function (err, xhr) {
+                if(err) return callback(err);
+    
+                // Open the request.
+                xhr.open(method, url, options.async);
+    
+                // Set the request headers.
+                for(var header in headers) {
+                    if(headers.hasOwnProperty(header)) {
+                        xhr.setRequestHeader(header, headers[header]);
+                    }
+                }
+    
+                // Handle the request events.
+                xhr.onreadystatechange = function () {
+                    if(xhr.readyState === 4) {
+                        var data = xhr.responseText || '';
+    
+                        // If no callback is given, return.
+                        if(!callback) {
+                            return;
+                        }
+    
+                        // Return an object that provides access to the data as text and JSON.
+                        callback(xhr.status, {
+                            text: function () {
+                                return data;
+                            },
+    
+                            json: function () {
+                                try {
+                                    return JSON.parse(data)
+                                } catch (e) {
+                                    f.error('Can not parse JSON. URL: ' + url);
+                                    return {};
+                                }
+                            }
+                        });
+                    }
+                };
+    
+                // Actually send the XHR request.
+                xhr.send(payload);
+            });
+        };
+    
+        // Define the external interface.
+        var http = {
+            authBasic: function (username, password) {
+                ajax.headers['Authorization'] = 'Basic ' + base64(username + ':' + password);
+            },
+    
+            connect: function (url, options, callback) {
+                return ajax('CONNECT', url, options, callback);
+            },
+    
+            del: function (url, options, callback) {
+                return ajax('DELETE', url, options, callback);
+            },
+    
+            get: function (url, options, callback) {
+                return ajax('GET', url, options, callback);
+            },
+    
+            head: function (url, options, callback) {
+                return ajax('HEAD', url, options, callback);
+            },
+    
+            headers: function (headers) {
+                ajax.headers = headers || {};
+            },
+    
+            isAllowed: function (url, verb, callback) {
+                this.options(url, function (status, data) {
+                    callback(data.text().indexOf(verb) !== -1);
+                });
+            },
+    
+            options: function (url, options, callback) {
+                return ajax('OPTIONS', url, options, callback);
+            },
+    
+            patch: function (url, options, callback) {
+                return ajax('PATCH', url, options, callback);
+            },
+    
+            post: function (url, options, callback) {
+                return ajax('POST', url, options, callback);
+            },
+    
+            put: function (url, options, callback) {
+                return ajax('PUT', url, options, callback);
+            },
+    
+            trace: function (url, options, callback) {
+                return ajax('TRACE', url, options, callback);
+            }
+        };
+    
+    
+        var methode = options.type ? options.type.toLowerCase() : 'get';
+    
+        http[methode](options.url, options, function (status, data) {
+            // file: protocol always gives status code 0, so check for data
+            if (status === 200 || (status === 0 && data.text())) {
+                options.success(data.json(), status, null);
+            } else {
+                options.error(data.text(), status, null);
+            }
+        });
+    }
+    
+    var _cookie = {
+        create: function(name,value,minutes,domain) {
+            var expires;
+            if (minutes) {
+                var date = new Date();
+                date.setTime(date.getTime()+(minutes*60*1000));
+                expires = "; expires="+date.toGMTString();
+            }
+            else expires = "";
+            domain = (domain)? "domain="+domain+";" : "";
+            document.cookie = name+"="+value+expires+";"+domain+"path=/";
+        },
+    
+        read: function(name) {
+            var nameEQ = name + "=";
+            var ca = document.cookie.split(';');
+            for(var i=0;i < ca.length;i++) {
+                var c = ca[i];
+                while (c.charAt(0)==' ') c = c.substring(1,c.length);
+                if (c.indexOf(nameEQ) === 0) return c.substring(nameEQ.length,c.length);
+            }
+            return null;
+        },
+    
+        remove: function(name) {
+            this.create(name,"",-1);
+        }
+    };
+    
+    var cookie_noop = {
+        create: function(name,value,minutes,domain) {},
+        read: function(name) { return null; },
+        remove: function(name) {}
+    };
+    
+    
+    
+    // move dependent functions to a container so that
+    // they can be overriden easier in no jquery environment (node.js)
+    var f = {
+        extend: $ ? $.extend : _extend,
+        deepExtend: _deepExtend,
+        each: $ ? $.each : _each,
+        ajax: $ ? $.ajax : (typeof document !== 'undefined' ? _ajax : function() {}),
+        cookie: typeof document !== 'undefined' ? _cookie : cookie_noop,
+        detectLanguage: detectLanguage,
+        escape: _escape,
+        log: function(str) {
+            if (o.debug && typeof console !== "undefined") console.log(str);
+        },
+        error: function(str) {
+            if (typeof console !== "undefined") console.error(str);
+        },
+        getCountyIndexOfLng: function(lng) {
+            var lng_index = 0;
+            if (lng === 'nb-NO' || lng === 'nn-NO' || lng === 'nb-no' || lng === 'nn-no') lng_index = 1;
+            return lng_index;
+        },
+        toLanguages: function(lng, fallbackLng) {
+            var log = this.log;
+    
+            fallbackLng = fallbackLng || o.fallbackLng;
+            if (typeof fallbackLng === 'string')
+                fallbackLng = [fallbackLng];
+    
+            function applyCase(l) {
+                var ret = l;
+    
+                if (typeof l === 'string' && l.indexOf('-') > -1) {
+                    var parts = l.split('-');
+    
+                    ret = o.lowerCaseLng ?
+                        parts[0].toLowerCase() +  '-' + parts[1].toLowerCase() :
+                        parts[0].toLowerCase() +  '-' + parts[1].toUpperCase();
+                } else {
+                    ret = o.lowerCaseLng ? l.toLowerCase() : l;
+                }
+    
+                return ret;
+            }
+    
+            var languages = [];
+            var whitelist = o.lngWhitelist || false;
+            var addLanguage = function(language){
+              //reject langs not whitelisted
+              if(!whitelist || whitelist.indexOf(language) > -1){
+                languages.push(language);
+              }else{
+                log('rejecting non-whitelisted language: ' + language);
+              }
+            };
+            if (typeof lng === 'string' && lng.indexOf('-') > -1) {
+                var parts = lng.split('-');
+    
+                if (o.load !== 'unspecific') addLanguage(applyCase(lng));
+                if (o.load !== 'current') addLanguage(applyCase(parts[this.getCountyIndexOfLng(lng)]));
+            } else {
+                addLanguage(applyCase(lng));
+            }
+    
+            for (var i = 0; i < fallbackLng.length; i++) {
+                if (languages.indexOf(fallbackLng[i]) === -1 && fallbackLng[i]) languages.push(applyCase(fallbackLng[i]));
+            }
+            return languages;
+        },
+        regexEscape: function(str) {
+            return str.replace(/[\-\[\]\/\{\}\(\)\*\+\?\.\\\^\$\|]/g, "\\$&");
+        },
+        regexReplacementEscape: function(strOrFn) {
+            if (typeof strOrFn === 'string') {
+                return strOrFn.replace(/\$/g, "$$$$");
+            } else {
+                return strOrFn;
+            }
+        },
+        localStorage: {
+            setItem: function(key, value) {
+                if (window.localStorage) {
+                    try {
+                        window.localStorage.setItem(key, value);
+                    } catch (e) {
+                        f.log('failed to set value for key "' + key + '" to localStorage.');
+                    }
+                }
+            },
+            getItem: function(key, value) {
+                if (window.localStorage) {
+                    try {
+                        return window.localStorage.getItem(key, value);
+                    } catch (e) {
+                        f.log('failed to get value for key "' + key + '" from localStorage.');
+                        return undefined;
+                    }
+                }
+            }
+        }
+    };
+    function init(options, cb) {
+    
+        if (typeof options === 'function') {
+            cb = options;
+            options = {};
+        }
+        options = options || {};
+    
+        // override defaults with passed in options
+        f.extend(o, options);
+        delete o.fixLng; /* passed in each time */
+    
+        // override functions: .log(), .detectLanguage(), etc
+        if (o.functions) {
+            delete o.functions;
+            f.extend(f, options.functions);
+        }
+    
+        // create namespace object if namespace is passed in as string
+        if (typeof o.ns == 'string') {
+            o.ns = { namespaces: [o.ns], defaultNs: o.ns};
+        }
+    
+        // fallback namespaces
+        if (typeof o.fallbackNS == 'string') {
+            o.fallbackNS = [o.fallbackNS];
+        }
+    
+        // fallback languages
+        if (typeof o.fallbackLng == 'string' || typeof o.fallbackLng == 'boolean') {
+            o.fallbackLng = [o.fallbackLng];
+        }
+    
+        // escape prefix/suffix
+        o.interpolationPrefixEscaped = f.regexEscape(o.interpolationPrefix);
+        o.interpolationSuffixEscaped = f.regexEscape(o.interpolationSuffix);
+    
+        if (!o.lng) o.lng = f.detectLanguage();
+    
+        languages = f.toLanguages(o.lng);
+        currentLng = languages[0];
+        f.log('currentLng set to: ' + currentLng);
+    
+        if (o.useCookie && f.cookie.read(o.cookieName) !== currentLng){ //cookie is unset or invalid
+            f.cookie.create(o.cookieName, currentLng, o.cookieExpirationTime, o.cookieDomain);
+        }
+        if (o.detectLngFromLocalStorage && typeof document !== 'undefined' && window.localStorage) {
+            f.localStorage.setItem('i18next_lng', currentLng);
+        }
+    
+        var lngTranslate = translate;
+        if (options.fixLng) {
+            lngTranslate = function(key, options) {
+                options = options || {};
+                options.lng = options.lng || lngTranslate.lng;
+                return translate(key, options);
+            };
+            lngTranslate.lng = currentLng;
+        }
+    
+        pluralExtensions.setCurrentLng(currentLng);
+    
+        // add JQuery extensions
+        if ($ && o.setJqueryExt) {
+            addJqueryFunct && addJqueryFunct();
+        } else {
+           addJqueryLikeFunctionality && addJqueryLikeFunctionality();
+        }
+    
+        // jQuery deferred
+        var deferred;
+        if ($ && $.Deferred) {
+            deferred = $.Deferred();
+        }
+    
+        // return immidiatly if res are passed in
+        if (o.resStore) {
+            resStore = o.resStore;
+            initialized = true;
+            if (cb) cb(lngTranslate);
+            if (deferred) deferred.resolve(lngTranslate);
+            if (deferred) return deferred.promise();
+            return;
+        }
+    
+        // languages to load
+        var lngsToLoad = f.toLanguages(o.lng);
+        if (typeof o.preload === 'string') o.preload = [o.preload];
+        for (var i = 0, l = o.preload.length; i < l; i++) {
+            var pres = f.toLanguages(o.preload[i]);
+            for (var y = 0, len = pres.length; y < len; y++) {
+                if (lngsToLoad.indexOf(pres[y]) < 0) {
+                    lngsToLoad.push(pres[y]);
+                }
+            }
+        }
+    
+        // else load them
+        i18n.sync.load(lngsToLoad, o, function(err, store) {
+            resStore = store;
+            initialized = true;
+    
+            if (cb) cb(err, lngTranslate);
+            if (deferred) (!err ? deferred.resolve : deferred.reject)(err || lngTranslate);
+        });
+    
+        if (deferred) return deferred.promise();
+    }
+    
+    function isInitialized() {
+        return initialized;
+    }
+    function preload(lngs, cb) {
+        if (typeof lngs === 'string') lngs = [lngs];
+        for (var i = 0, l = lngs.length; i < l; i++) {
+            if (o.preload.indexOf(lngs[i]) < 0) {
+                o.preload.push(lngs[i]);
+            }
+        }
+        return init(cb);
+    }
+    
+    function addResourceBundle(lng, ns, resources, deep) {
+        if (typeof ns !== 'string') {
+            resources = ns;
+            ns = o.ns.defaultNs;
+        } else if (o.ns.namespaces.indexOf(ns) < 0) {
+            o.ns.namespaces.push(ns);
+        }
+    
+        resStore[lng] = resStore[lng] || {};
+        resStore[lng][ns] = resStore[lng][ns] || {};
+    
+        if (deep) {
+            f.deepExtend(resStore[lng][ns], resources);
+        } else {
+            f.extend(resStore[lng][ns], resources);
+        }
+        if (o.useLocalStorage) {
+            sync._storeLocal(resStore);
+        }
+    }
+    
+    function hasResourceBundle(lng, ns) {
+        if (typeof ns !== 'string') {
+            ns = o.ns.defaultNs;
+        }
+    
+        resStore[lng] = resStore[lng] || {};
+        var res = resStore[lng][ns] || {};
+    
+        var hasValues = false;
+        for(var prop in res) {
+            if (res.hasOwnProperty(prop)) {
+                hasValues = true;
+            }
+        }
+    
+        return hasValues;
+    }
+    
+    function getResourceBundle(lng, ns) {
+        if (typeof ns !== 'string') {
+            ns = o.ns.defaultNs;
+        }
+    
+        resStore[lng] = resStore[lng] || {};
+        return f.extend({}, resStore[lng][ns]);
+    }
+    
+    function removeResourceBundle(lng, ns) {
+        if (typeof ns !== 'string') {
+            ns = o.ns.defaultNs;
+        }
+    
+        resStore[lng] = resStore[lng] || {};
+        resStore[lng][ns] = {};
+        if (o.useLocalStorage) {
+            sync._storeLocal(resStore);
+        }
+    }
+    
+    function addResource(lng, ns, key, value) {
+        if (typeof ns !== 'string') {
+            resource = ns;
+            ns = o.ns.defaultNs;
+        } else if (o.ns.namespaces.indexOf(ns) < 0) {
+            o.ns.namespaces.push(ns);
+        }
+    
+        resStore[lng] = resStore[lng] || {};
+        resStore[lng][ns] = resStore[lng][ns] || {};
+    
+        var keys = key.split(o.keyseparator);
+        var x = 0;
+        var node = resStore[lng][ns];
+        var origRef = node;
+    
+        while (keys[x]) {
+            if (x == keys.length - 1)
+                node[keys[x]] = value;
+            else {
+                if (node[keys[x]] == null)
+                    node[keys[x]] = {};
+    
+                node = node[keys[x]];
+            }
+            x++;
+        }
+        if (o.useLocalStorage) {
+            sync._storeLocal(resStore);
+        }
+    }
+    
+    function addResources(lng, ns, resources) {
+        if (typeof ns !== 'string') {
+            resource = ns;
+            ns = o.ns.defaultNs;
+        } else if (o.ns.namespaces.indexOf(ns) < 0) {
+            o.ns.namespaces.push(ns);
+        }
+    
+        for (var m in resources) {
+            if (typeof resources[m] === 'string') addResource(lng, ns, m, resources[m]);
+        }
+    }
+    
+    function setDefaultNamespace(ns) {
+        o.ns.defaultNs = ns;
+    }
+    
+    function loadNamespace(namespace, cb) {
+        loadNamespaces([namespace], cb);
+    }
+    
+    function loadNamespaces(namespaces, cb) {
+        var opts = {
+            dynamicLoad: o.dynamicLoad,
+            resGetPath: o.resGetPath,
+            getAsync: o.getAsync,
+            customLoad: o.customLoad,
+            ns: { namespaces: namespaces, defaultNs: ''} /* new namespaces to load */
+        };
+    
+        // languages to load
+        var lngsToLoad = f.toLanguages(o.lng);
+        if (typeof o.preload === 'string') o.preload = [o.preload];
+        for (var i = 0, l = o.preload.length; i < l; i++) {
+            var pres = f.toLanguages(o.preload[i]);
+            for (var y = 0, len = pres.length; y < len; y++) {
+                if (lngsToLoad.indexOf(pres[y]) < 0) {
+                    lngsToLoad.push(pres[y]);
+                }
+            }
+        }
+    
+        // check if we have to load
+        var lngNeedLoad = [];
+        for (var a = 0, lenA = lngsToLoad.length; a < lenA; a++) {
+            var needLoad = false;
+            var resSet = resStore[lngsToLoad[a]];
+            if (resSet) {
+                for (var b = 0, lenB = namespaces.length; b < lenB; b++) {
+                    if (!resSet[namespaces[b]]) needLoad = true;
+                }
+            } else {
+                needLoad = true;
+            }
+    
+            if (needLoad) lngNeedLoad.push(lngsToLoad[a]);
+        }
+    
+        if (lngNeedLoad.length) {
+            i18n.sync._fetch(lngNeedLoad, opts, function(err, store) {
+                var todo = namespaces.length * lngNeedLoad.length;
+    
+                // load each file individual
+                f.each(namespaces, function(nsIndex, nsValue) {
+    
+                    // append namespace to namespace array
+                    if (o.ns.namespaces.indexOf(nsValue) < 0) {
+                        o.ns.namespaces.push(nsValue);
+                    }
+    
+                    f.each(lngNeedLoad, function(lngIndex, lngValue) {
+                        resStore[lngValue] = resStore[lngValue] || {};
+                        resStore[lngValue][nsValue] = store[lngValue][nsValue];
+    
+                        todo--; // wait for all done befor callback
+                        if (todo === 0 && cb) {
+                            if (o.useLocalStorage) i18n.sync._storeLocal(resStore);
+                            cb();
+                        }
+                    });
+                });
+            });
+        } else {
+            if (cb) cb();
+        }
+    }
+    
+    function setLng(lng, options, cb) {
+        if (typeof options === 'function') {
+            cb = options;
+            options = {};
+        } else if (!options) {
+            options = {};
+        }
+    
+        options.lng = lng;
+        return init(options, cb);
+    }
+    
+    function lng() {
+        return currentLng;
+    }
+    
+    function reload(cb) {
+        resStore = {};
+        setLng(currentLng, cb);
+    }
+    
+    function noConflict() {
+        
+        window.i18next = window.i18n;
+    
+        if (conflictReference) {
+            window.i18n = conflictReference;
+        } else {
+            delete window.i18n;
+        }
+    }
+    function addJqueryFunct() {
+        // $.t shortcut
+        $.t = $.t || translate;
+    
+        function parse(ele, key, options) {
+            if (key.length === 0) return;
+    
+            var attr = 'text';
+    
+            if (key.indexOf('[') === 0) {
+                var parts = key.split(']');
+                key = parts[1];
+                attr = parts[0].substr(1, parts[0].length-1);
+            }
+    
+            if (key.indexOf(';') === key.length-1) {
+                key = key.substr(0, key.length-2);
+            }
+    
+            var optionsToUse;
+            if (attr === 'html') {
+                optionsToUse = o.defaultValueFromContent ? $.extend({ defaultValue: ele.html() }, options) : options;
+                ele.html($.t(key, optionsToUse));
+            } else if (attr === 'text') {
+                optionsToUse = o.defaultValueFromContent ? $.extend({ defaultValue: ele.text() }, options) : options;
+                ele.text($.t(key, optionsToUse));
+            } else if (attr === 'prepend') {
+                optionsToUse = o.defaultValueFromContent ? $.extend({ defaultValue: ele.html() }, options) : options;
+                ele.prepend($.t(key, optionsToUse));
+            } else if (attr === 'append') {
+                optionsToUse = o.defaultValueFromContent ? $.extend({ defaultValue: ele.html() }, options) : options;
+                ele.append($.t(key, optionsToUse));
+            } else if (attr.indexOf("data-") === 0) {
+                var dataAttr = attr.substr(("data-").length);
+                optionsToUse = o.defaultValueFromContent ? $.extend({ defaultValue: ele.data(dataAttr) }, options) : options;
+                var translated = $.t(key, optionsToUse);
+                //we change into the data cache
+                ele.data(dataAttr, translated);
+                //we change into the dom
+                ele.attr(attr, translated);
+            } else {
+                optionsToUse = o.defaultValueFromContent ? $.extend({ defaultValue: ele.attr(attr) }, options) : options;
+                ele.attr(attr, $.t(key, optionsToUse));
+            }
+        }
+    
+        function localize(ele, options) {
+            var key = ele.attr(o.selectorAttr);
+            if (!key && typeof key !== 'undefined' && key !== false) key = ele.text() || ele.val();
+            if (!key) return;
+    
+            var target = ele
+              , targetSelector = ele.data("i18n-target");
+            if (targetSelector) {
+                target = ele.find(targetSelector) || ele;
+            }
+    
+            if (!options && o.useDataAttrOptions === true) {
+                options = ele.data("i18n-options");
+            }
+            options = options || {};
+    
+            if (key.indexOf(';') >= 0) {
+                var keys = key.split(';');
+    
+                $.each(keys, function(m, k) {
+                    if (k !== '') parse(target, k, options);
+                });
+    
+            } else {
+                parse(target, key, options);
+            }
+    
+            if (o.useDataAttrOptions === true) ele.data("i18n-options", options);
+        }
+    
+        // fn
+        $.fn.i18n = function (options) {
+            return this.each(function() {
+                // localize element itself
+                localize($(this), options);
+    
+                // localize childs
+                var elements =  $(this).find('[' + o.selectorAttr + ']');
+                elements.each(function() { 
+                    localize($(this), options);
+                });
+            });
+        };
+    }
+    function addJqueryLikeFunctionality() {
+    
+        function parse(ele, key, options) {
+            if (key.length === 0) return;
+    
+            var attr = 'text';
+    
+            if (key.indexOf('[') === 0) {
+                var parts = key.split(']');
+                key = parts[1];
+                attr = parts[0].substr(1, parts[0].length-1);
+            }
+    
+            if (key.indexOf(';') === key.length-1) {
+                key = key.substr(0, key.length-2);
+            }
+    
+            if (attr === 'html') {
+                ele.innerHTML = translate(key, options);
+            } else if (attr === 'text') {
+                ele.textContent = translate(key, options);
+            } else if (attr === 'prepend') {
+                ele.insertAdjacentHTML(translate(key, options), 'afterbegin');
+            } else if (attr === 'append') {
+                ele.insertAdjacentHTML(translate(key, options), 'beforeend');
+            } else {
+                ele.setAttribute(attr, translate(key, options));
+            }
+        }
+    
+        function localize(ele, options) {
+            var key = ele.getAttribute(o.selectorAttr);
+            if (!key && typeof key !== 'undefined' && key !== false) key = ele.textContent || ele.value;
+            if (!key) return;
+    
+            var target = ele
+              , targetSelector = ele.getAttribute("i18n-target");
+            if (targetSelector) {
+                target = ele.querySelector(targetSelector) || ele;
+            }
+            
+            if (key.indexOf(';') >= 0) {
+                var keys = key.split(';'), index = 0, length = keys.length;
+                
+                for ( ; index < length; index++) {
+                    if (keys[index] !== '') parse(target, keys[index], options);
+                }
+    
+            } else {
+                parse(target, key, options);
+            }
+        }
+    
+        // fn
+        i18n.translateObject = function (object, options) {
+            // localize childs
+            var elements =  object.querySelectorAll('[' + o.selectorAttr + ']');
+            var index = 0, length = elements.length;
+            for ( ; index < length; index++) {
+                localize(elements[index], options);
+            }
+        };
+    }
+    function applyReplacement(str, replacementHash, nestedKey, options) {
+        if (!str) return str;
+    
+        options = options || replacementHash; // first call uses replacement hash combined with options
+        if (str.indexOf(options.interpolationPrefix || o.interpolationPrefix) < 0) return str;
+    
+        var prefix = options.interpolationPrefix ? f.regexEscape(options.interpolationPrefix) : o.interpolationPrefixEscaped
+          , suffix = options.interpolationSuffix ? f.regexEscape(options.interpolationSuffix) : o.interpolationSuffixEscaped
+          , unEscapingSuffix = 'HTML'+suffix;
+    
+        var hash = replacementHash.replace && typeof replacementHash.replace === 'object' ? replacementHash.replace : replacementHash;
+        f.each(hash, function(key, value) {
+            var nextKey = nestedKey ? nestedKey + o.keyseparator + key : key;
+            if (typeof value === 'object' && value !== null) {
+                str = applyReplacement(str, value, nextKey, options);
+            } else {
+                if (options.escapeInterpolation || o.escapeInterpolation) {
+                    str = str.replace(new RegExp([prefix, nextKey, unEscapingSuffix].join(''), 'g'), f.regexReplacementEscape(value));
+                    str = str.replace(new RegExp([prefix, nextKey, suffix].join(''), 'g'), f.regexReplacementEscape(f.escape(value)));
+                } else {
+                    str = str.replace(new RegExp([prefix, nextKey, suffix].join(''), 'g'), f.regexReplacementEscape(value));
+                }
+                // str = options.escapeInterpolation;
+            }
+        });
+        return str;
+    }
+    
+    // append it to functions
+    f.applyReplacement = applyReplacement;
+    
+    function applyReuse(translated, options) {
+        var comma = ',';
+        var options_open = '{';
+        var options_close = '}';
+    
+        var opts = f.extend({}, options);
+        delete opts.postProcess;
+    
+        while (translated.indexOf(o.reusePrefix) != -1) {
+            replacementCounter++;
+            if (replacementCounter > o.maxRecursion) { break; } // safety net for too much recursion
+            var index_of_opening = translated.lastIndexOf(o.reusePrefix);
+            var index_of_end_of_closing = translated.indexOf(o.reuseSuffix, index_of_opening) + o.reuseSuffix.length;
+            var token = translated.substring(index_of_opening, index_of_end_of_closing);
+            var token_without_symbols = token.replace(o.reusePrefix, '').replace(o.reuseSuffix, '');
+    
+            if (index_of_end_of_closing <= index_of_opening) {
+                f.error('there is an missing closing in following translation value', translated);
+                return '';
+            }
+    
+            if (token_without_symbols.indexOf(comma) != -1) {
+                var index_of_token_end_of_closing = token_without_symbols.indexOf(comma);
+                if (token_without_symbols.indexOf(options_open, index_of_token_end_of_closing) != -1 && token_without_symbols.indexOf(options_close, index_of_token_end_of_closing) != -1) {
+                    var index_of_opts_opening = token_without_symbols.indexOf(options_open, index_of_token_end_of_closing);
+                    var index_of_opts_end_of_closing = token_without_symbols.indexOf(options_close, index_of_opts_opening) + options_close.length;
+                    try {
+                        opts = f.extend(opts, JSON.parse(token_without_symbols.substring(index_of_opts_opening, index_of_opts_end_of_closing)));
+                        token_without_symbols = token_without_symbols.substring(0, index_of_token_end_of_closing);
+                    } catch (e) {
+                    }
+                }
+            }
+    
+            var translated_token = _translate(token_without_symbols, opts);
+            translated = translated.replace(token, f.regexReplacementEscape(translated_token));
+        }
+        return translated;
+    }
+    
+    function hasContext(options) {
+        return (options.context && (typeof options.context == 'string' || typeof options.context == 'number'));
+    }
+    
+    function needsPlural(options, lng) {
+        return (options.count !== undefined && typeof options.count != 'string'/* && pluralExtensions.needsPlural(lng, options.count)*/);
+    }
+    
+    function needsIndefiniteArticle(options) {
+        return (options.indefinite_article !== undefined && typeof options.indefinite_article != 'string' && options.indefinite_article);
+    }
+    
+    function exists(key, options) {
+        options = options || {};
+    
+        var notFound = _getDefaultValue(key, options)
+            , found = _find(key, options);
+    
+        return found !== undefined || found === notFound;
+    }
+    
+    function translate(key, options) {
+        options = options || {};
+    
+        if (!initialized) {
+            f.log('i18next not finished initialization. you might have called t function before loading resources finished.')
+            return options.defaultValue || '';
+        };
+        replacementCounter = 0;
+        return _translate.apply(null, arguments);
+    }
+    
+    function _getDefaultValue(key, options) {
+        return (options.defaultValue !== undefined) ? options.defaultValue : key;
+    }
+    
+    function _injectSprintfProcessor() {
+    
+        var values = [];
+    
+        // mh: build array from second argument onwards
+        for (var i = 1; i < arguments.length; i++) {
+            values.push(arguments[i]);
+        }
+    
+        return {
+            postProcess: 'sprintf',
+            sprintf:     values
+        };
+    }
+    
+    function _translate(potentialKeys, options) {
+        if (options && typeof options !== 'object') {
+            if (o.shortcutFunction === 'sprintf') {
+                // mh: gettext like sprintf syntax found, automatically create sprintf processor
+                options = _injectSprintfProcessor.apply(null, arguments);
+            } else if (o.shortcutFunction === 'defaultValue') {
+                options = {
+                    defaultValue: options
+                }
+            }
+        } else {
+            options = options || {};
+        }
+    
+        if (typeof o.defaultVariables === 'object') {
+            options = f.extend({}, o.defaultVariables, options);
+        }
+    
+        if (potentialKeys === undefined || potentialKeys === null || potentialKeys === '') return '';
+    
+        if (typeof potentialKeys === 'number') {
+            potentialKeys = String(potentialKeys);
+        }
+    
+        if (typeof potentialKeys === 'string') {
+            potentialKeys = [potentialKeys];
+        }
+    
+        var key = potentialKeys[0];
+    
+        if (potentialKeys.length > 1) {
+            for (var i = 0; i < potentialKeys.length; i++) {
+                key = potentialKeys[i];
+                if (exists(key, options)) {
+                    break;
+                }
+            }
+        }
+    
+        var notFound = _getDefaultValue(key, options)
+            , found = _find(key, options)
+            , lngs = options.lng ? f.toLanguages(options.lng, options.fallbackLng) : languages
+            , ns = options.ns || o.ns.defaultNs
+            , parts;
+    
+        // split ns and key
+        if (key.indexOf(o.nsseparator) > -1) {
+            parts = key.split(o.nsseparator);
+            ns = parts[0];
+            key = parts[1];
+        }
+    
+        if (found === undefined && o.sendMissing && typeof o.missingKeyHandler === 'function') {
+            if (options.lng) {
+                o.missingKeyHandler(lngs[0], ns, key, notFound, lngs);
+            } else {
+                o.missingKeyHandler(o.lng, ns, key, notFound, lngs);
+            }
+        }
+    
+        var postProcessorsToApply;
+        if (typeof o.postProcess === 'string' && o.postProcess !== '') {
+            postProcessorsToApply = [o.postProcess];
+        } else if (typeof o.postProcess === 'array' || typeof o.postProcess === 'object') {
+            postProcessorsToApply = o.postProcess;
+        } else {
+            postProcessorsToApply = [];
+        }
+    
+        if (typeof options.postProcess === 'string' && options.postProcess !== '') {
+            postProcessorsToApply = postProcessorsToApply.concat([options.postProcess]);
+        } else if (typeof options.postProcess === 'array' || typeof options.postProcess === 'object') {
+            postProcessorsToApply = postProcessorsToApply.concat(options.postProcess);
+        }
+    
+        if (found !== undefined && postProcessorsToApply.length) {
+            postProcessorsToApply.forEach(function(postProcessor) {
+                if (postProcessors[postProcessor]) {
+                    found = postProcessors[postProcessor](found, key, options);
+                }
+            });
+        }
+    
+        // process notFound if function exists
+        var splitNotFound = notFound;
+        if (notFound.indexOf(o.nsseparator) > -1) {
+            parts = notFound.split(o.nsseparator);
+            splitNotFound = parts[1];
+        }
+        if (splitNotFound === key && o.parseMissingKey) {
+            notFound = o.parseMissingKey(notFound);
+        }
+    
+        if (found === undefined) {
+            notFound = applyReplacement(notFound, options);
+            notFound = applyReuse(notFound, options);
+    
+            if (postProcessorsToApply.length) {
+                var val = _getDefaultValue(key, options);
+                postProcessorsToApply.forEach(function(postProcessor) {
+                    if (postProcessors[postProcessor]) {
+                        found = postProcessors[postProcessor](val, key, options);
+                    }
+                });
+            }
+        }
+    
+        return (found !== undefined) ? found : notFound;
+    }
+    
+    function _find(key, options) {
+        options = options || {};
+    
+        var optionWithoutCount, translated
+            , notFound = _getDefaultValue(key, options)
+            , lngs = languages;
+    
+        if (!resStore) { return notFound; } // no resStore to translate from
+    
+        // CI mode
+        if (lngs[0].toLowerCase() === 'cimode') return notFound;
+    
+        // passed in lng
+        if (options.lngs) lngs = options.lngs;
+        if (options.lng) {
+            lngs = f.toLanguages(options.lng, options.fallbackLng);
+    
+            if (!resStore[lngs[0]]) {
+                var oldAsync = o.getAsync;
+                o.getAsync = false;
+    
+                i18n.sync.load(lngs, o, function(err, store) {
+                    f.extend(resStore, store);
+                    o.getAsync = oldAsync;
+                });
+            }
+        }
+    
+        var ns = options.ns || o.ns.defaultNs;
+        if (key.indexOf(o.nsseparator) > -1) {
+            var parts = key.split(o.nsseparator);
+            ns = parts[0];
+            key = parts[1];
+        }
+    
+        if (hasContext(options)) {
+            optionWithoutCount = f.extend({}, options);
+            delete optionWithoutCount.context;
+            optionWithoutCount.defaultValue = o.contextNotFound;
+    
+            var contextKey = ns + o.nsseparator + key + '_' + options.context;
+    
+            translated = translate(contextKey, optionWithoutCount);
+            if (translated != o.contextNotFound) {
+                return applyReplacement(translated, { context: options.context }); // apply replacement for context only
+            } // else continue translation with original/nonContext key
+        }
+    
+        if (needsPlural(options, lngs[0])) {
+            optionWithoutCount = f.extend({ lngs: [lngs[0]]}, options);
+            delete optionWithoutCount.count;
+            optionWithoutCount._origLng = optionWithoutCount._origLng || optionWithoutCount.lng || lngs[0];
+            delete optionWithoutCount.lng;
+            optionWithoutCount.defaultValue = o.pluralNotFound;
+    
+            var pluralKey;
+            if (!pluralExtensions.needsPlural(lngs[0], options.count)) {
+                pluralKey = ns + o.nsseparator + key;
+            } else {
+                pluralKey = ns + o.nsseparator + key + o.pluralSuffix;
+                var pluralExtension = pluralExtensions.get(lngs[0], options.count);
+                if (pluralExtension >= 0) {
+                    pluralKey = pluralKey + '_' + pluralExtension;
+                } else if (pluralExtension === 1) {
+                    pluralKey = ns + o.nsseparator + key; // singular
+                }
+            }
+    
+            translated = translate(pluralKey, optionWithoutCount);
+    
+            if (translated != o.pluralNotFound) {
+                return applyReplacement(translated, {
+                    count: options.count,
+                    interpolationPrefix: options.interpolationPrefix,
+                    interpolationSuffix: options.interpolationSuffix
+                }); // apply replacement for count only
+            } else if (lngs.length > 1) {
+                // remove failed lng
+                var clone = lngs.slice();
+                clone.shift();
+                options = f.extend(options, { lngs: clone });
+                options._origLng = optionWithoutCount._origLng;
+                delete options.lng;
+                // retry with fallbacks
+                translated = translate(ns + o.nsseparator + key, options);
+                if (translated != o.pluralNotFound) return translated;
+            } else {
+                optionWithoutCount.lng = optionWithoutCount._origLng;
+                delete optionWithoutCount._origLng;
+                translated = translate(ns + o.nsseparator + key, optionWithoutCount);
+    
+                return applyReplacement(translated, {
+                    count: options.count,
+                    interpolationPrefix: options.interpolationPrefix,
+                    interpolationSuffix: options.interpolationSuffix
+                });
+            }
+        }
+    
+        if (needsIndefiniteArticle(options)) {
+            var optionsWithoutIndef = f.extend({}, options);
+            delete optionsWithoutIndef.indefinite_article;
+            optionsWithoutIndef.defaultValue = o.indefiniteNotFound;
+            // If we don't have a count, we want the indefinite, if we do have a count, and needsPlural is false
+            var indefiniteKey = ns + o.nsseparator + key + (((options.count && !needsPlural(options, lngs[0])) || !options.count) ? o.indefiniteSuffix : "");
+            translated = translate(indefiniteKey, optionsWithoutIndef);
+            if (translated != o.indefiniteNotFound) {
+                return translated;
+            }
+        }
+    
+        var found;
+        var keys = key.split(o.keyseparator);
+        for (var i = 0, len = lngs.length; i < len; i++ ) {
+            if (found !== undefined) break;
+    
+            var l = lngs[i];
+    
+            var x = 0;
+            var value = resStore[l] && resStore[l][ns];
+            while (keys[x]) {
+                value = value && value[keys[x]];
+                x++;
+            }
+            if (value !== undefined && (!o.showKeyIfEmpty || value !== '')) {
+                var valueType = Object.prototype.toString.apply(value);
+                if (typeof value === 'string') {
+                    value = applyReplacement(value, options);
+                    value = applyReuse(value, options);
+                } else if (valueType === '[object Array]' && !o.returnObjectTrees && !options.returnObjectTrees) {
+                    value = value.join('\n');
+                    value = applyReplacement(value, options);
+                    value = applyReuse(value, options);
+                } else if (value === null && o.fallbackOnNull === true) {
+                    value = undefined;
+                } else if (value !== null) {
+                    if (!o.returnObjectTrees && !options.returnObjectTrees) {
+                        if (o.objectTreeKeyHandler && typeof o.objectTreeKeyHandler == 'function') {
+                            value = o.objectTreeKeyHandler(key, value, l, ns, options);
+                        } else {
+                            value = 'key \'' + ns + ':' + key + ' (' + l + ')\' ' +
+                                'returned an object instead of string.';
+                            f.log(value);
+                        }
+                    } else if (valueType !== '[object Number]' && valueType !== '[object Function]' && valueType !== '[object RegExp]') {
+                        var copy = (valueType === '[object Array]') ? [] : {}; // apply child translation on a copy
+                        f.each(value, function(m) {
+                            copy[m] = _translate(ns + o.nsseparator + key + o.keyseparator + m, options);
+                        });
+                        value = copy;
+                    }
+                }
+    
+                if (typeof value === 'string' && value.trim() === '' && o.fallbackOnEmpty === true)
+                    value = undefined;
+    
+                found = value;
+            }
+        }
+    
+        if (found === undefined && !options.isFallbackLookup && (o.fallbackToDefaultNS === true || (o.fallbackNS && o.fallbackNS.length > 0))) {
+            // set flag for fallback lookup - avoid recursion
+            options.isFallbackLookup = true;
+    
+            if (o.fallbackNS.length) {
+    
+                for (var y = 0, lenY = o.fallbackNS.length; y < lenY; y++) {
+                    found = _find(o.fallbackNS[y] + o.nsseparator + key, options);
+    
+                    if (found || (found==="" && o.fallbackOnEmpty === false)) {
+                        /* compare value without namespace */
+                        var foundValue = found.indexOf(o.nsseparator) > -1 ? found.split(o.nsseparator)[1] : found
+                          , notFoundValue = notFound.indexOf(o.nsseparator) > -1 ? notFound.split(o.nsseparator)[1] : notFound;
+    
+                        if (foundValue !== notFoundValue) break;
+                    }
+                }
+            } else {
+                options.ns = o.ns.defaultNs;
+                found = _find(key, options); // fallback to default NS
+            }
+            options.isFallbackLookup = false;
+        }
+    
+        return found;
+    }
+    function detectLanguage() {
+        var detectedLng;
+        var whitelist = o.lngWhitelist || [];
+        var userLngChoices = [];
+    
+        // get from qs
+        var qsParm = [];
+        if (typeof window !== 'undefined') {
+            (function() {
+                var query = window.location.search.substring(1);
+                var params = query.split('&');
+                for (var i=0; i<params.length; i++) {
+                    var pos = params[i].indexOf('=');
+                    if (pos > 0) {
+                        var key = params[i].substring(0,pos);
+                        if (key == o.detectLngQS) {
+                            userLngChoices.push(params[i].substring(pos+1));
+                        }
+                    }
+                }
+            })();
+        }
+    
+        // get from cookie
+        if (o.useCookie && typeof document !== 'undefined') {
+            var c = f.cookie.read(o.cookieName);
+            if (c) userLngChoices.push(c);
+        }
+    
+        // get from localStorage
+        if (o.detectLngFromLocalStorage && typeof window !== 'undefined' && window.localStorage) {
+            var lang = f.localStorage.getItem('i18next_lng');
+            if (lang) {
+                userLngChoices.push(lang);
+            }
+        }
+    
+        // get from navigator
+        if (typeof navigator !== 'undefined') {
+            if (navigator.languages) { // chrome only; not an array, so can't use .push.apply instead of iterating
+                for (var i=0;i<navigator.languages.length;i++) {
+                    userLngChoices.push(navigator.languages[i]);
+                }
+            }
+            if (navigator.userLanguage) {
+                userLngChoices.push(navigator.userLanguage);
+            }
+            if (navigator.language) {
+                userLngChoices.push(navigator.language);
+            }
+        }
+    
+        (function() {
+            for (var i=0;i<userLngChoices.length;i++) {
+                var lng = userLngChoices[i];
+    
+                if (lng.indexOf('-') > -1) {
+                    var parts = lng.split('-');
+                    lng = o.lowerCaseLng ?
+                        parts[0].toLowerCase() +  '-' + parts[1].toLowerCase() :
+                        parts[0].toLowerCase() +  '-' + parts[1].toUpperCase();
+                }
+    
+                if (whitelist.length === 0 || whitelist.indexOf(lng) > -1) {
+                    detectedLng = lng;
+                    break;
+                }
+            }
+        })();
+    
+        //fallback
+        if (!detectedLng){
+          detectedLng = o.fallbackLng[0];
+        }
+        
+        return detectedLng;
+    }
+    // definition http://translate.sourceforge.net/wiki/l10n/pluralforms
+    
+    /* [code, name, numbers, pluralsType] */
+    var _rules = [
+        ["ach", "Acholi", [1,2], 1],
+        ["af", "Afrikaans",[1,2], 2],
+        ["ak", "Akan", [1,2], 1],
+        ["am", "Amharic", [1,2], 1],
+        ["an", "Aragonese",[1,2], 2],
+        ["ar", "Arabic", [0,1,2,3,11,100],5],
+        ["arn", "Mapudungun",[1,2], 1],
+        ["ast", "Asturian", [1,2], 2],
+        ["ay", "Aymará", [1], 3],
+        ["az", "Azerbaijani",[1,2],2],
+        ["be", "Belarusian",[1,2,5],4],
+        ["bg", "Bulgarian",[1,2], 2],
+        ["bn", "Bengali", [1,2], 2],
+        ["bo", "Tibetan", [1], 3],
+        ["br", "Breton", [1,2], 1],
+        ["bs", "Bosnian", [1,2,5],4],
+        ["ca", "Catalan", [1,2], 2],
+        ["cgg", "Chiga", [1], 3],
+        ["cs", "Czech", [1,2,5],6],
+        ["csb", "Kashubian",[1,2,5],7],
+        ["cy", "Welsh", [1,2,3,8],8],
+        ["da", "Danish", [1,2], 2],
+        ["de", "German", [1,2], 2],
+        ["dev", "Development Fallback", [1,2], 2],
+        ["dz", "Dzongkha", [1], 3],
+        ["el", "Greek", [1,2], 2],
+        ["en", "English", [1,2], 2],
+        ["eo", "Esperanto",[1,2], 2],
+        ["es", "Spanish", [1,2], 2],
+        ["es_ar","Argentinean Spanish", [1,2], 2],
+        ["et", "Estonian", [1,2], 2],
+        ["eu", "Basque", [1,2], 2],
+        ["fa", "Persian", [1], 3],
+        ["fi", "Finnish", [1,2], 2],
+        ["fil", "Filipino", [1,2], 1],
+        ["fo", "Faroese", [1,2], 2],
+        ["fr", "French", [1,2], 9],
+        ["fur", "Friulian", [1,2], 2],
+        ["fy", "Frisian", [1,2], 2],
+        ["ga", "Irish", [1,2,3,7,11],10],
+        ["gd", "Scottish Gaelic",[1,2,3,20],11],
+        ["gl", "Galician", [1,2], 2],
+        ["gu", "Gujarati", [1,2], 2],
+        ["gun", "Gun", [1,2], 1],
+        ["ha", "Hausa", [1,2], 2],
+        ["he", "Hebrew", [1,2], 2],
+        ["hi", "Hindi", [1,2], 2],
+        ["hr", "Croatian", [1,2,5],4],
+        ["hu", "Hungarian",[1,2], 2],
+        ["hy", "Armenian", [1,2], 2],
+        ["ia", "Interlingua",[1,2],2],
+        ["id", "Indonesian",[1], 3],
+        ["is", "Icelandic",[1,2], 12],
+        ["it", "Italian", [1,2], 2],
+        ["ja", "Japanese", [1], 3],
+        ["jbo", "Lojban", [1], 3],
+        ["jv", "Javanese", [0,1], 13],
+        ["ka", "Georgian", [1], 3],
+        ["kk", "Kazakh", [1], 3],
+        ["km", "Khmer", [1], 3],
+        ["kn", "Kannada", [1,2], 2],
+        ["ko", "Korean", [1], 3],
+        ["ku", "Kurdish", [1,2], 2],
+        ["kw", "Cornish", [1,2,3,4],14],
+        ["ky", "Kyrgyz", [1], 3],
+        ["lb", "Letzeburgesch",[1,2],2],
+        ["ln", "Lingala", [1,2], 1],
+        ["lo", "Lao", [1], 3],
+        ["lt", "Lithuanian",[1,2,10],15],
+        ["lv", "Latvian", [1,2,0],16],
+        ["mai", "Maithili", [1,2], 2],
+        ["mfe", "Mauritian Creole",[1,2],1],
+        ["mg", "Malagasy", [1,2], 1],
+        ["mi", "Maori", [1,2], 1],
+        ["mk", "Macedonian",[1,2],17],
+        ["ml", "Malayalam",[1,2], 2],
+        ["mn", "Mongolian",[1,2], 2],
+        ["mnk", "Mandinka", [0,1,2],18],
+        ["mr", "Marathi", [1,2], 2],
+        ["ms", "Malay", [1], 3],
+        ["mt", "Maltese", [1,2,11,20],19],
+        ["nah", "Nahuatl", [1,2], 2],
+        ["nap", "Neapolitan",[1,2], 2],
+        ["nb", "Norwegian Bokmal",[1,2],2],
+        ["ne", "Nepali", [1,2], 2],
+        ["nl", "Dutch", [1,2], 2],
+        ["nn", "Norwegian Nynorsk",[1,2],2],
+        ["no", "Norwegian",[1,2], 2],
+        ["nso", "Northern Sotho",[1,2],2],
+        ["oc", "Occitan", [1,2], 1],
+        ["or", "Oriya", [2,1], 2],
+        ["pa", "Punjabi", [1,2], 2],
+        ["pap", "Papiamento",[1,2], 2],
+        ["pl", "Polish", [1,2,5],7],
+        ["pms", "Piemontese",[1,2], 2],
+        ["ps", "Pashto", [1,2], 2],
+        ["pt", "Portuguese",[1,2], 2],
+        ["pt_br","Brazilian Portuguese",[1,2], 2],
+        ["rm", "Romansh", [1,2], 2],
+        ["ro", "Romanian", [1,2,20],20],
+        ["ru", "Russian", [1,2,5],4],
+        ["sah", "Yakut", [1], 3],
+        ["sco", "Scots", [1,2], 2],
+        ["se", "Northern Sami",[1,2], 2],
+        ["si", "Sinhala", [1,2], 2],
+        ["sk", "Slovak", [1,2,5],6],
+        ["sl", "Slovenian",[5,1,2,3],21],
+        ["so", "Somali", [1,2], 2],
+        ["son", "Songhay", [1,2], 2],
+        ["sq", "Albanian", [1,2], 2],
+        ["sr", "Serbian", [1,2,5],4],
+        ["su", "Sundanese",[1], 3],
+        ["sv", "Swedish", [1,2], 2],
+        ["sw", "Swahili", [1,2], 2],
+        ["ta", "Tamil", [1,2], 2],
+        ["te", "Telugu", [1,2], 2],
+        ["tg", "Tajik", [1,2], 1],
+        ["th", "Thai", [1], 3],
+        ["ti", "Tigrinya", [1,2], 1],
+        ["tk", "Turkmen", [1,2], 2],
+        ["tr", "Turkish", [1,2], 1],
+        ["tt", "Tatar", [1], 3],
+        ["ug", "Uyghur", [1], 3],
+        ["uk", "Ukrainian",[1,2,5],4],
+        ["ur", "Urdu", [1,2], 2],
+        ["uz", "Uzbek", [1,2], 1],
+        ["vi", "Vietnamese",[1], 3],
+        ["wa", "Walloon", [1,2], 1],
+        ["wo", "Wolof", [1], 3],
+        ["yo", "Yoruba", [1,2], 2],
+        ["zh", "Chinese", [1], 3]
+    ];
+    
+    var _rulesPluralsTypes = {
+        1: function(n) {return Number(n > 1);},
+        2: function(n) {return Number(n != 1);},
+        3: function(n) {return 0;},
+        4: function(n) {return Number(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);},
+        5: function(n) {return Number(n===0 ? 0 : n==1 ? 1 : n==2 ? 2 : n%100>=3 && n%100<=10 ? 3 : n%100>=11 ? 4 : 5);},
+        6: function(n) {return Number((n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2);},
+        7: function(n) {return Number(n==1 ? 0 : n%10>=2 && n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);},
+        8: function(n) {return Number((n==1) ? 0 : (n==2) ? 1 : (n != 8 && n != 11) ? 2 : 3);},
+        9: function(n) {return Number(n >= 2);},
+        10: function(n) {return Number(n==1 ? 0 : n==2 ? 1 : n<7 ? 2 : n<11 ? 3 : 4) ;},
+        11: function(n) {return Number((n==1 || n==11) ? 0 : (n==2 || n==12) ? 1 : (n > 2 && n < 20) ? 2 : 3);},
+        12: function(n) {return Number(n%10!=1 || n%100==11);},
+        13: function(n) {return Number(n !== 0);},
+        14: function(n) {return Number((n==1) ? 0 : (n==2) ? 1 : (n == 3) ? 2 : 3);},
+        15: function(n) {return Number(n%10==1 && n%100!=11 ? 0 : n%10>=2 && (n%100<10 || n%100>=20) ? 1 : 2);},
+        16: function(n) {return Number(n%10==1 && n%100!=11 ? 0 : n !== 0 ? 1 : 2);},
+        17: function(n) {return Number(n==1 || n%10==1 ? 0 : 1);},
+        18: function(n) {return Number(0 ? 0 : n==1 ? 1 : 2);},
+        19: function(n) {return Number(n==1 ? 0 : n===0 || ( n%100>1 && n%100<11) ? 1 : (n%100>10 && n%100<20 ) ? 2 : 3);},
+        20: function(n) {return Number(n==1 ? 0 : (n===0 || (n%100 > 0 && n%100 < 20)) ? 1 : 2);},
+        21: function(n) {return Number(n%100==1 ? 1 : n%100==2 ? 2 : n%100==3 || n%100==4 ? 3 : 0); }
+    };
+    
+    var pluralExtensions = {
+    
+        rules: (function () {
+            var l, rules = {};
+            for (l=_rules.length; l-- ;) {
+                rules[_rules[l][0]] = {
+                    name: _rules[l][1],
+                    numbers: _rules[l][2],
+                    plurals: _rulesPluralsTypes[_rules[l][3]]
+                }
+            }
+            return rules;
+        }()),
+    
+        // you can add your own pluralExtensions
+        addRule: function(lng, obj) {
+            pluralExtensions.rules[lng] = obj;
+        },
+    
+        setCurrentLng: function(lng) {
+            if (!pluralExtensions.currentRule || pluralExtensions.currentRule.lng !== lng) {
+                var parts = lng.split('-');
+    
+                pluralExtensions.currentRule = {
+                    lng: lng,
+                    rule: pluralExtensions.rules[parts[0]]
+                };
+            }
+        },
+    
+        needsPlural: function(lng, count) {
+            var parts = lng.split('-');
+    
+            var ext;
+            if (pluralExtensions.currentRule && pluralExtensions.currentRule.lng === lng) {
+                ext = pluralExtensions.currentRule.rule; 
+            } else {
+                ext = pluralExtensions.rules[parts[f.getCountyIndexOfLng(lng)]];
+            }
+    
+            if (ext && ext.numbers.length <= 1) {
+                return false;
+            } else {
+                return this.get(lng, count) !== 1;
+            }
+        },
+    
+        get: function(lng, count) {
+            var parts = lng.split('-');
+    
+            function getResult(l, c) {
+                var ext;
+                if (pluralExtensions.currentRule && pluralExtensions.currentRule.lng === lng) {
+                    ext = pluralExtensions.currentRule.rule; 
+                } else {
+                    ext = pluralExtensions.rules[l];
+                }
+                if (ext) {
+                    var i;
+                    if (ext.noAbs) {
+                        i = ext.plurals(c);
+                    } else {
+                        i = ext.plurals(Math.abs(c));
+                    }
+                    
+                    var number = ext.numbers[i];
+                    if (ext.numbers.length === 2 && ext.numbers[0] === 1) {
+                        if (number === 2) { 
+                            number = -1; // regular plural
+                        } else if (number === 1) {
+                            number = 1; // singular
+                        }
+                    }//console.log(count + '-' + number);
+                    return number;
+                } else {
+                    return c === 1 ? '1' : '-1';
+                }
+            }
+                        
+            return getResult(parts[f.getCountyIndexOfLng(lng)], count);
+        }
+    
+    };
+    var postProcessors = {};
+    var addPostProcessor = function(name, fc) {
+        postProcessors[name] = fc;
+    };
+    // sprintf support
+    var sprintf = (function() {
+        function get_type(variable) {
+            return Object.prototype.toString.call(variable).slice(8, -1).toLowerCase();
+        }
+        function str_repeat(input, multiplier) {
+            for (var output = []; multiplier > 0; output[--multiplier] = input) {/* do nothing */}
+            return output.join('');
+        }
+    
+        var str_format = function() {
+            if (!str_format.cache.hasOwnProperty(arguments[0])) {
+                str_format.cache[arguments[0]] = str_format.parse(arguments[0]);
+            }
+            return str_format.format.call(null, str_format.cache[arguments[0]], arguments);
+        };
+    
+        str_format.format = function(parse_tree, argv) {
+            var cursor = 1, tree_length = parse_tree.length, node_type = '', arg, output = [], i, k, match, pad, pad_character, pad_length;
+            for (i = 0; i < tree_length; i++) {
+                node_type = get_type(parse_tree[i]);
+                if (node_type === 'string') {
+                    output.push(parse_tree[i]);
+                }
+                else if (node_type === 'array') {
+                    match = parse_tree[i]; // convenience purposes only
+                    if (match[2]) { // keyword argument
+                        arg = argv[cursor];
+                        for (k = 0; k < match[2].length; k++) {
+                            if (!arg.hasOwnProperty(match[2][k])) {
+                                throw(sprintf('[sprintf] property "%s" does not exist', match[2][k]));
+                            }
+                            arg = arg[match[2][k]];
+                        }
+                    }
+                    else if (match[1]) { // positional argument (explicit)
+                        arg = argv[match[1]];
+                    }
+                    else { // positional argument (implicit)
+                        arg = argv[cursor++];
+                    }
+    
+                    if (/[^s]/.test(match[8]) && (get_type(arg) != 'number')) {
+                        throw(sprintf('[sprintf] expecting number but found %s', get_type(arg)));
+                    }
+                    switch (match[8]) {
+                        case 'b': arg = arg.toString(2); break;
+                        case 'c': arg = String.fromCharCode(arg); break;
+                        case 'd': arg = parseInt(arg, 10); break;
+                        case 'e': arg = match[7] ? arg.toExponential(match[7]) : arg.toExponential(); break;
+                        case 'f': arg = match[7] ? parseFloat(arg).toFixed(match[7]) : parseFloat(arg); break;
+                        case 'o': arg = arg.toString(8); break;
+                        case 's': arg = ((arg = String(arg)) && match[7] ? arg.substring(0, match[7]) : arg); break;
+                        case 'u': arg = Math.abs(arg); break;
+                        case 'x': arg = arg.toString(16); break;
+                        case 'X': arg = arg.toString(16).toUpperCase(); break;
+                    }
+                    arg = (/[def]/.test(match[8]) && match[3] && arg >= 0 ? '+'+ arg : arg);
+                    pad_character = match[4] ? match[4] == '0' ? '0' : match[4].charAt(1) : ' ';
+                    pad_length = match[6] - String(arg).length;
+                    pad = match[6] ? str_repeat(pad_character, pad_length) : '';
+                    output.push(match[5] ? arg + pad : pad + arg);
+                }
+            }
+            return output.join('');
+        };
+    
+        str_format.cache = {};
+    
+        str_format.parse = function(fmt) {
+            var _fmt = fmt, match = [], parse_tree = [], arg_names = 0;
+            while (_fmt) {
+                if ((match = /^[^\x25]+/.exec(_fmt)) !== null) {
+                    parse_tree.push(match[0]);
+                }
+                else if ((match = /^\x25{2}/.exec(_fmt)) !== null) {
+                    parse_tree.push('%');
+                }
+                else if ((match = /^\x25(?:([1-9]\d*)\$|\(([^\)]+)\))?(\+)?(0|'[^$])?(-)?(\d+)?(?:\.(\d+))?([b-fosuxX])/.exec(_fmt)) !== null) {
+                    if (match[2]) {
+                        arg_names |= 1;
+                        var field_list = [], replacement_field = match[2], field_match = [];
+                        if ((field_match = /^([a-z_][a-z_\d]*)/i.exec(replacement_field)) !== null) {
+                            field_list.push(field_match[1]);
+                            while ((replacement_field = replacement_field.substring(field_match[0].length)) !== '') {
+                                if ((field_match = /^\.([a-z_][a-z_\d]*)/i.exec(replacement_field)) !== null) {
+                                    field_list.push(field_match[1]);
+                                }
+                                else if ((field_match = /^\[(\d+)\]/.exec(replacement_field)) !== null) {
+                                    field_list.push(field_match[1]);
+                                }
+                                else {
+                                    throw('[sprintf] huh?');
+                                }
+                            }
+                        }
+                        else {
+                            throw('[sprintf] huh?');
+                        }
+                        match[2] = field_list;
+                    }
+                    else {
+                        arg_names |= 2;
+                    }
+                    if (arg_names === 3) {
+                        throw('[sprintf] mixing positional and named placeholders is not (yet) supported');
+                    }
+                    parse_tree.push(match);
+                }
+                else {
+                    throw('[sprintf] huh?');
+                }
+                _fmt = _fmt.substring(match[0].length);
+            }
+            return parse_tree;
+        };
+    
+        return str_format;
+    })();
+    
+    var vsprintf = function(fmt, argv) {
+        argv.unshift(fmt);
+        return sprintf.apply(null, argv);
+    };
+    
+    addPostProcessor("sprintf", function(val, key, opts) {
+        if (!opts.sprintf) return val;
+    
+        if (Object.prototype.toString.apply(opts.sprintf) === '[object Array]') {
+            return vsprintf(val, opts.sprintf);
+        } else if (typeof opts.sprintf === 'object') {
+            return sprintf(val, opts.sprintf);
+        }
+    
+        return val;
+    });
+    // public api interface
+    i18n.init = init;
+    i18n.isInitialized = isInitialized;
+    i18n.setLng = setLng;
+    i18n.preload = preload;
+    i18n.addResourceBundle = addResourceBundle;
+    i18n.hasResourceBundle = hasResourceBundle;
+    i18n.getResourceBundle = getResourceBundle;
+    i18n.addResource = addResource;
+    i18n.addResources = addResources;
+    i18n.removeResourceBundle = removeResourceBundle;
+    i18n.loadNamespace = loadNamespace;
+    i18n.loadNamespaces = loadNamespaces;
+    i18n.setDefaultNamespace = setDefaultNamespace;
+    i18n.t = translate;
+    i18n.translate = translate;
+    i18n.exists = exists;
+    i18n.detectLanguage = f.detectLanguage;
+    i18n.pluralExtensions = pluralExtensions;
+    i18n.sync = sync;
+    i18n.functions = f;
+    i18n.lng = lng;
+    i18n.addPostProcessor = addPostProcessor;
+    i18n.applyReplacement = f.applyReplacement;
+    i18n.options = o;
+    i18n.noConflict = noConflict;
+
+})(typeof exports === 'undefined' ? window : exports);
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/lib/jquery.js b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/jquery.js
new file mode 100644
index 000000000..6feb11086
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/jquery.js
@@ -0,0 +1,10351 @@
+/*!
+ * jQuery JavaScript Library v1.11.3
+ * http://jquery.com/
+ *
+ * Includes Sizzle.js
+ * http://sizzlejs.com/
+ *
+ * Copyright 2005, 2014 jQuery Foundation, Inc. and other contributors
+ * Released under the MIT license
+ * http://jquery.org/license
+ *
+ * Date: 2015-04-28T16:19Z
+ */
+
+(function( global, factory ) {
+
+	if ( typeof module === "object" && typeof module.exports === "object" ) {
+		// For CommonJS and CommonJS-like environments where a proper window is present,
+		// execute the factory and get jQuery
+		// For environments that do not inherently posses a window with a document
+		// (such as Node.js), expose a jQuery-making factory as module.exports
+		// This accentuates the need for the creation of a real window
+		// e.g. var jQuery = require("jquery")(window);
+		// See ticket #14549 for more info
+		module.exports = global.document ?
+			factory( global, true ) :
+			function( w ) {
+				if ( !w.document ) {
+					throw new Error( "jQuery requires a window with a document" );
+				}
+				return factory( w );
+			};
+	} else {
+		factory( global );
+	}
+
+// Pass this if window is not defined yet
+}(typeof window !== "undefined" ? window : this, function( window, noGlobal ) {
+
+// Can't do this because several apps including ASP.NET trace
+// the stack via arguments.caller.callee and Firefox dies if
+// you try to trace through "use strict" call chains. (#13335)
+// Support: Firefox 18+
+//
+
+var deletedIds = [];
+
+var slice = deletedIds.slice;
+
+var concat = deletedIds.concat;
+
+var push = deletedIds.push;
+
+var indexOf = deletedIds.indexOf;
+
+var class2type = {};
+
+var toString = class2type.toString;
+
+var hasOwn = class2type.hasOwnProperty;
+
+var support = {};
+
+
+
+var
+	version = "1.11.3",
+
+	// Define a local copy of jQuery
+	jQuery = function( selector, context ) {
+		// The jQuery object is actually just the init constructor 'enhanced'
+		// Need init if jQuery is called (just allow error to be thrown if not included)
+		return new jQuery.fn.init( selector, context );
+	},
+
+	// Support: Android<4.1, IE<9
+	// Make sure we trim BOM and NBSP
+	rtrim = /^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g,
+
+	// Matches dashed string for camelizing
+	rmsPrefix = /^-ms-/,
+	rdashAlpha = /-([\da-z])/gi,
+
+	// Used by jQuery.camelCase as callback to replace()
+	fcamelCase = function( all, letter ) {
+		return letter.toUpperCase();
+	};
+
+jQuery.fn = jQuery.prototype = {
+	// The current version of jQuery being used
+	jquery: version,
+
+	constructor: jQuery,
+
+	// Start with an empty selector
+	selector: "",
+
+	// The default length of a jQuery object is 0
+	length: 0,
+
+	toArray: function() {
+		return slice.call( this );
+	},
+
+	// Get the Nth element in the matched element set OR
+	// Get the whole matched element set as a clean array
+	get: function( num ) {
+		return num != null ?
+
+			// Return just the one element from the set
+			( num < 0 ? this[ num + this.length ] : this[ num ] ) :
+
+			// Return all the elements in a clean array
+			slice.call( this );
+	},
+
+	// Take an array of elements and push it onto the stack
+	// (returning the new matched element set)
+	pushStack: function( elems ) {
+
+		// Build a new jQuery matched element set
+		var ret = jQuery.merge( this.constructor(), elems );
+
+		// Add the old object onto the stack (as a reference)
+		ret.prevObject = this;
+		ret.context = this.context;
+
+		// Return the newly-formed element set
+		return ret;
+	},
+
+	// Execute a callback for every element in the matched set.
+	// (You can seed the arguments with an array of args, but this is
+	// only used internally.)
+	each: function( callback, args ) {
+		return jQuery.each( this, callback, args );
+	},
+
+	map: function( callback ) {
+		return this.pushStack( jQuery.map(this, function( elem, i ) {
+			return callback.call( elem, i, elem );
+		}));
+	},
+
+	slice: function() {
+		return this.pushStack( slice.apply( this, arguments ) );
+	},
+
+	first: function() {
+		return this.eq( 0 );
+	},
+
+	last: function() {
+		return this.eq( -1 );
+	},
+
+	eq: function( i ) {
+		var len = this.length,
+			j = +i + ( i < 0 ? len : 0 );
+		return this.pushStack( j >= 0 && j < len ? [ this[j] ] : [] );
+	},
+
+	end: function() {
+		return this.prevObject || this.constructor(null);
+	},
+
+	// For internal use only.
+	// Behaves like an Array's method, not like a jQuery method.
+	push: push,
+	sort: deletedIds.sort,
+	splice: deletedIds.splice
+};
+
+jQuery.extend = jQuery.fn.extend = function() {
+	var src, copyIsArray, copy, name, options, clone,
+		target = arguments[0] || {},
+		i = 1,
+		length = arguments.length,
+		deep = false;
+
+	// Handle a deep copy situation
+	if ( typeof target === "boolean" ) {
+		deep = target;
+
+		// skip the boolean and the target
+		target = arguments[ i ] || {};
+		i++;
+	}
+
+	// Handle case when target is a string or something (possible in deep copy)
+	if ( typeof target !== "object" && !jQuery.isFunction(target) ) {
+		target = {};
+	}
+
+	// extend jQuery itself if only one argument is passed
+	if ( i === length ) {
+		target = this;
+		i--;
+	}
+
+	for ( ; i < length; i++ ) {
+		// Only deal with non-null/undefined values
+		if ( (options = arguments[ i ]) != null ) {
+			// Extend the base object
+			for ( name in options ) {
+				src = target[ name ];
+				copy = options[ name ];
+
+				// Prevent never-ending loop
+				if ( target === copy ) {
+					continue;
+				}
+
+				// Recurse if we're merging plain objects or arrays
+				if ( deep && copy && ( jQuery.isPlainObject(copy) || (copyIsArray = jQuery.isArray(copy)) ) ) {
+					if ( copyIsArray ) {
+						copyIsArray = false;
+						clone = src && jQuery.isArray(src) ? src : [];
+
+					} else {
+						clone = src && jQuery.isPlainObject(src) ? src : {};
+					}
+
+					// Never move original objects, clone them
+					target[ name ] = jQuery.extend( deep, clone, copy );
+
+				// Don't bring in undefined values
+				} else if ( copy !== undefined ) {
+					target[ name ] = copy;
+				}
+			}
+		}
+	}
+
+	// Return the modified object
+	return target;
+};
+
+jQuery.extend({
+	// Unique for each copy of jQuery on the page
+	expando: "jQuery" + ( version + Math.random() ).replace( /\D/g, "" ),
+
+	// Assume jQuery is ready without the ready module
+	isReady: true,
+
+	error: function( msg ) {
+		throw new Error( msg );
+	},
+
+	noop: function() {},
+
+	// See test/unit/core.js for details concerning isFunction.
+	// Since version 1.3, DOM methods and functions like alert
+	// aren't supported. They return false on IE (#2968).
+	isFunction: function( obj ) {
+		return jQuery.type(obj) === "function";
+	},
+
+	isArray: Array.isArray || function( obj ) {
+		return jQuery.type(obj) === "array";
+	},
+
+	isWindow: function( obj ) {
+		/* jshint eqeqeq: false */
+		return obj != null && obj == obj.window;
+	},
+
+	isNumeric: function( obj ) {
+		// parseFloat NaNs numeric-cast false positives (null|true|false|"")
+		// ...but misinterprets leading-number strings, particularly hex literals ("0x...")
+		// subtraction forces infinities to NaN
+		// adding 1 corrects loss of precision from parseFloat (#15100)
+		return !jQuery.isArray( obj ) && (obj - parseFloat( obj ) + 1) >= 0;
+	},
+
+	isEmptyObject: function( obj ) {
+		var name;
+		for ( name in obj ) {
+			return false;
+		}
+		return true;
+	},
+
+	isPlainObject: function( obj ) {
+		var key;
+
+		// Must be an Object.
+		// Because of IE, we also have to check the presence of the constructor property.
+		// Make sure that DOM nodes and window objects don't pass through, as well
+		if ( !obj || jQuery.type(obj) !== "object" || obj.nodeType || jQuery.isWindow( obj ) ) {
+			return false;
+		}
+
+		try {
+			// Not own constructor property must be Object
+			if ( obj.constructor &&
+				!hasOwn.call(obj, "constructor") &&
+				!hasOwn.call(obj.constructor.prototype, "isPrototypeOf") ) {
+				return false;
+			}
+		} catch ( e ) {
+			// IE8,9 Will throw exceptions on certain host objects #9897
+			return false;
+		}
+
+		// Support: IE<9
+		// Handle iteration over inherited properties before own properties.
+		if ( support.ownLast ) {
+			for ( key in obj ) {
+				return hasOwn.call( obj, key );
+			}
+		}
+
+		// Own properties are enumerated firstly, so to speed up,
+		// if last one is own, then all properties are own.
+		for ( key in obj ) {}
+
+		return key === undefined || hasOwn.call( obj, key );
+	},
+
+	type: function( obj ) {
+		if ( obj == null ) {
+			return obj + "";
+		}
+		return typeof obj === "object" || typeof obj === "function" ?
+			class2type[ toString.call(obj) ] || "object" :
+			typeof obj;
+	},
+
+	// Evaluates a script in a global context
+	// Workarounds based on findings by Jim Driscoll
+	// http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context
+	globalEval: function( data ) {
+		if ( data && jQuery.trim( data ) ) {
+			// We use execScript on Internet Explorer
+			// We use an anonymous function so that context is window
+			// rather than jQuery in Firefox
+			( window.execScript || function( data ) {
+				window[ "eval" ].call( window, data );
+			} )( data );
+		}
+	},
+
+	// Convert dashed to camelCase; used by the css and data modules
+	// Microsoft forgot to hump their vendor prefix (#9572)
+	camelCase: function( string ) {
+		return string.replace( rmsPrefix, "ms-" ).replace( rdashAlpha, fcamelCase );
+	},
+
+	nodeName: function( elem, name ) {
+		return elem.nodeName && elem.nodeName.toLowerCase() === name.toLowerCase();
+	},
+
+	// args is for internal usage only
+	each: function( obj, callback, args ) {
+		var value,
+			i = 0,
+			length = obj.length,
+			isArray = isArraylike( obj );
+
+		if ( args ) {
+			if ( isArray ) {
+				for ( ; i < length; i++ ) {
+					value = callback.apply( obj[ i ], args );
+
+					if ( value === false ) {
+						break;
+					}
+				}
+			} else {
+				for ( i in obj ) {
+					value = callback.apply( obj[ i ], args );
+
+					if ( value === false ) {
+						break;
+					}
+				}
+			}
+
+		// A special, fast, case for the most common use of each
+		} else {
+			if ( isArray ) {
+				for ( ; i < length; i++ ) {
+					value = callback.call( obj[ i ], i, obj[ i ] );
+
+					if ( value === false ) {
+						break;
+					}
+				}
+			} else {
+				for ( i in obj ) {
+					value = callback.call( obj[ i ], i, obj[ i ] );
+
+					if ( value === false ) {
+						break;
+					}
+				}
+			}
+		}
+
+		return obj;
+	},
+
+	// Support: Android<4.1, IE<9
+	trim: function( text ) {
+		return text == null ?
+			"" :
+			( text + "" ).replace( rtrim, "" );
+	},
+
+	// results is for internal usage only
+	makeArray: function( arr, results ) {
+		var ret = results || [];
+
+		if ( arr != null ) {
+			if ( isArraylike( Object(arr) ) ) {
+				jQuery.merge( ret,
+					typeof arr === "string" ?
+					[ arr ] : arr
+				);
+			} else {
+				push.call( ret, arr );
+			}
+		}
+
+		return ret;
+	},
+
+	inArray: function( elem, arr, i ) {
+		var len;
+
+		if ( arr ) {
+			if ( indexOf ) {
+				return indexOf.call( arr, elem, i );
+			}
+
+			len = arr.length;
+			i = i ? i < 0 ? Math.max( 0, len + i ) : i : 0;
+
+			for ( ; i < len; i++ ) {
+				// Skip accessing in sparse arrays
+				if ( i in arr && arr[ i ] === elem ) {
+					return i;
+				}
+			}
+		}
+
+		return -1;
+	},
+
+	merge: function( first, second ) {
+		var len = +second.length,
+			j = 0,
+			i = first.length;
+
+		while ( j < len ) {
+			first[ i++ ] = second[ j++ ];
+		}
+
+		// Support: IE<9
+		// Workaround casting of .length to NaN on otherwise arraylike objects (e.g., NodeLists)
+		if ( len !== len ) {
+			while ( second[j] !== undefined ) {
+				first[ i++ ] = second[ j++ ];
+			}
+		}
+
+		first.length = i;
+
+		return first;
+	},
+
+	grep: function( elems, callback, invert ) {
+		var callbackInverse,
+			matches = [],
+			i = 0,
+			length = elems.length,
+			callbackExpect = !invert;
+
+		// Go through the array, only saving the items
+		// that pass the validator function
+		for ( ; i < length; i++ ) {
+			callbackInverse = !callback( elems[ i ], i );
+			if ( callbackInverse !== callbackExpect ) {
+				matches.push( elems[ i ] );
+			}
+		}
+
+		return matches;
+	},
+
+	// arg is for internal usage only
+	map: function( elems, callback, arg ) {
+		var value,
+			i = 0,
+			length = elems.length,
+			isArray = isArraylike( elems ),
+			ret = [];
+
+		// Go through the array, translating each of the items to their new values
+		if ( isArray ) {
+			for ( ; i < length; i++ ) {
+				value = callback( elems[ i ], i, arg );
+
+				if ( value != null ) {
+					ret.push( value );
+				}
+			}
+
+		// Go through every key on the object,
+		} else {
+			for ( i in elems ) {
+				value = callback( elems[ i ], i, arg );
+
+				if ( value != null ) {
+					ret.push( value );
+				}
+			}
+		}
+
+		// Flatten any nested arrays
+		return concat.apply( [], ret );
+	},
+
+	// A global GUID counter for objects
+	guid: 1,
+
+	// Bind a function to a context, optionally partially applying any
+	// arguments.
+	proxy: function( fn, context ) {
+		var args, proxy, tmp;
+
+		if ( typeof context === "string" ) {
+			tmp = fn[ context ];
+			context = fn;
+			fn = tmp;
+		}
+
+		// Quick check to determine if target is callable, in the spec
+		// this throws a TypeError, but we will just return undefined.
+		if ( !jQuery.isFunction( fn ) ) {
+			return undefined;
+		}
+
+		// Simulated bind
+		args = slice.call( arguments, 2 );
+		proxy = function() {
+			return fn.apply( context || this, args.concat( slice.call( arguments ) ) );
+		};
+
+		// Set the guid of unique handler to the same of original handler, so it can be removed
+		proxy.guid = fn.guid = fn.guid || jQuery.guid++;
+
+		return proxy;
+	},
+
+	now: function() {
+		return +( new Date() );
+	},
+
+	// jQuery.support is not used in Core but other projects attach their
+	// properties to it so it needs to exist.
+	support: support
+});
+
+// Populate the class2type map
+jQuery.each("Boolean Number String Function Array Date RegExp Object Error".split(" "), function(i, name) {
+	class2type[ "[object " + name + "]" ] = name.toLowerCase();
+});
+
+function isArraylike( obj ) {
+
+	// Support: iOS 8.2 (not reproducible in simulator)
+	// `in` check used to prevent JIT error (gh-2145)
+	// hasOwn isn't used here due to false negatives
+	// regarding Nodelist length in IE
+	var length = "length" in obj && obj.length,
+		type = jQuery.type( obj );
+
+	if ( type === "function" || jQuery.isWindow( obj ) ) {
+		return false;
+	}
+
+	if ( obj.nodeType === 1 && length ) {
+		return true;
+	}
+
+	return type === "array" || length === 0 ||
+		typeof length === "number" && length > 0 && ( length - 1 ) in obj;
+}
+var Sizzle =
+/*!
+ * Sizzle CSS Selector Engine v2.2.0-pre
+ * http://sizzlejs.com/
+ *
+ * Copyright 2008, 2014 jQuery Foundation, Inc. and other contributors
+ * Released under the MIT license
+ * http://jquery.org/license
+ *
+ * Date: 2014-12-16
+ */
+(function( window ) {
+
+var i,
+	support,
+	Expr,
+	getText,
+	isXML,
+	tokenize,
+	compile,
+	select,
+	outermostContext,
+	sortInput,
+	hasDuplicate,
+
+	// Local document vars
+	setDocument,
+	document,
+	docElem,
+	documentIsHTML,
+	rbuggyQSA,
+	rbuggyMatches,
+	matches,
+	contains,
+
+	// Instance-specific data
+	expando = "sizzle" + 1 * new Date(),
+	preferredDoc = window.document,
+	dirruns = 0,
+	done = 0,
+	classCache = createCache(),
+	tokenCache = createCache(),
+	compilerCache = createCache(),
+	sortOrder = function( a, b ) {
+		if ( a === b ) {
+			hasDuplicate = true;
+		}
+		return 0;
+	},
+
+	// General-purpose constants
+	MAX_NEGATIVE = 1 << 31,
+
+	// Instance methods
+	hasOwn = ({}).hasOwnProperty,
+	arr = [],
+	pop = arr.pop,
+	push_native = arr.push,
+	push = arr.push,
+	slice = arr.slice,
+	// Use a stripped-down indexOf as it's faster than native
+	// http://jsperf.com/thor-indexof-vs-for/5
+	indexOf = function( list, elem ) {
+		var i = 0,
+			len = list.length;
+		for ( ; i < len; i++ ) {
+			if ( list[i] === elem ) {
+				return i;
+			}
+		}
+		return -1;
+	},
+
+	booleans = "checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",
+
+	// Regular expressions
+
+	// Whitespace characters http://www.w3.org/TR/css3-selectors/#whitespace
+	whitespace = "[\\x20\\t\\r\\n\\f]",
+	// http://www.w3.org/TR/css3-syntax/#characters
+	characterEncoding = "(?:\\\\.|[\\w-]|[^\\x00-\\xa0])+",
+
+	// Loosely modeled on CSS identifier characters
+	// An unquoted value should be a CSS identifier http://www.w3.org/TR/css3-selectors/#attribute-selectors
+	// Proper syntax: http://www.w3.org/TR/CSS21/syndata.html#value-def-identifier
+	identifier = characterEncoding.replace( "w", "w#" ),
+
+	// Attribute selectors: http://www.w3.org/TR/selectors/#attribute-selectors
+	attributes = "\\[" + whitespace + "*(" + characterEncoding + ")(?:" + whitespace +
+		// Operator (capture 2)
+		"*([*^$|!~]?=)" + whitespace +
+		// "Attribute values must be CSS identifiers [capture 5] or strings [capture 3 or capture 4]"
+		"*(?:'((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\"|(" + identifier + "))|)" + whitespace +
+		"*\\]",
+
+	pseudos = ":(" + characterEncoding + ")(?:\\((" +
+		// To reduce the number of selectors needing tokenize in the preFilter, prefer arguments:
+		// 1. quoted (capture 3; capture 4 or capture 5)
+		"('((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\")|" +
+		// 2. simple (capture 6)
+		"((?:\\\\.|[^\\\\()[\\]]|" + attributes + ")*)|" +
+		// 3. anything else (capture 2)
+		".*" +
+		")\\)|)",
+
+	// Leading and non-escaped trailing whitespace, capturing some non-whitespace characters preceding the latter
+	rwhitespace = new RegExp( whitespace + "+", "g" ),
+	rtrim = new RegExp( "^" + whitespace + "+|((?:^|[^\\\\])(?:\\\\.)*)" + whitespace + "+$", "g" ),
+
+	rcomma = new RegExp( "^" + whitespace + "*," + whitespace + "*" ),
+	rcombinators = new RegExp( "^" + whitespace + "*([>+~]|" + whitespace + ")" + whitespace + "*" ),
+
+	rattributeQuotes = new RegExp( "=" + whitespace + "*([^\\]'\"]*?)" + whitespace + "*\\]", "g" ),
+
+	rpseudo = new RegExp( pseudos ),
+	ridentifier = new RegExp( "^" + identifier + "$" ),
+
+	matchExpr = {
+		"ID": new RegExp( "^#(" + characterEncoding + ")" ),
+		"CLASS": new RegExp( "^\\.(" + characterEncoding + ")" ),
+		"TAG": new RegExp( "^(" + characterEncoding.replace( "w", "w*" ) + ")" ),
+		"ATTR": new RegExp( "^" + attributes ),
+		"PSEUDO": new RegExp( "^" + pseudos ),
+		"CHILD": new RegExp( "^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\(" + whitespace +
+			"*(even|odd|(([+-]|)(\\d*)n|)" + whitespace + "*(?:([+-]|)" + whitespace +
+			"*(\\d+)|))" + whitespace + "*\\)|)", "i" ),
+		"bool": new RegExp( "^(?:" + booleans + ")$", "i" ),
+		// For use in libraries implementing .is()
+		// We use this for POS matching in `select`
+		"needsContext": new RegExp( "^" + whitespace + "*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\(" +
+			whitespace + "*((?:-\\d)?\\d*)" + whitespace + "*\\)|)(?=[^-]|$)", "i" )
+	},
+
+	rinputs = /^(?:input|select|textarea|button)$/i,
+	rheader = /^h\d$/i,
+
+	rnative = /^[^{]+\{\s*\[native \w/,
+
+	// Easily-parseable/retrievable ID or TAG or CLASS selectors
+	rquickExpr = /^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,
+
+	rsibling = /[+~]/,
+	rescape = /'|\\/g,
+
+	// CSS escapes http://www.w3.org/TR/CSS21/syndata.html#escaped-characters
+	runescape = new RegExp( "\\\\([\\da-f]{1,6}" + whitespace + "?|(" + whitespace + ")|.)", "ig" ),
+	funescape = function( _, escaped, escapedWhitespace ) {
+		var high = "0x" + escaped - 0x10000;
+		// NaN means non-codepoint
+		// Support: Firefox<24
+		// Workaround erroneous numeric interpretation of +"0x"
+		return high !== high || escapedWhitespace ?
+			escaped :
+			high < 0 ?
+				// BMP codepoint
+				String.fromCharCode( high + 0x10000 ) :
+				// Supplemental Plane codepoint (surrogate pair)
+				String.fromCharCode( high >> 10 | 0xD800, high & 0x3FF | 0xDC00 );
+	},
+
+	// Used for iframes
+	// See setDocument()
+	// Removing the function wrapper causes a "Permission Denied"
+	// error in IE
+	unloadHandler = function() {
+		setDocument();
+	};
+
+// Optimize for push.apply( _, NodeList )
+try {
+	push.apply(
+		(arr = slice.call( preferredDoc.childNodes )),
+		preferredDoc.childNodes
+	);
+	// Support: Android<4.0
+	// Detect silently failing push.apply
+	arr[ preferredDoc.childNodes.length ].nodeType;
+} catch ( e ) {
+	push = { apply: arr.length ?
+
+		// Leverage slice if possible
+		function( target, els ) {
+			push_native.apply( target, slice.call(els) );
+		} :
+
+		// Support: IE<9
+		// Otherwise append directly
+		function( target, els ) {
+			var j = target.length,
+				i = 0;
+			// Can't trust NodeList.length
+			while ( (target[j++] = els[i++]) ) {}
+			target.length = j - 1;
+		}
+	};
+}
+
+function Sizzle( selector, context, results, seed ) {
+	var match, elem, m, nodeType,
+		// QSA vars
+		i, groups, old, nid, newContext, newSelector;
+
+	if ( ( context ? context.ownerDocument || context : preferredDoc ) !== document ) {
+		setDocument( context );
+	}
+
+	context = context || document;
+	results = results || [];
+	nodeType = context.nodeType;
+
+	if ( typeof selector !== "string" || !selector ||
+		nodeType !== 1 && nodeType !== 9 && nodeType !== 11 ) {
+
+		return results;
+	}
+
+	if ( !seed && documentIsHTML ) {
+
+		// Try to shortcut find operations when possible (e.g., not under DocumentFragment)
+		if ( nodeType !== 11 && (match = rquickExpr.exec( selector )) ) {
+			// Speed-up: Sizzle("#ID")
+			if ( (m = match[1]) ) {
+				if ( nodeType === 9 ) {
+					elem = context.getElementById( m );
+					// Check parentNode to catch when Blackberry 4.6 returns
+					// nodes that are no longer in the document (jQuery #6963)
+					if ( elem && elem.parentNode ) {
+						// Handle the case where IE, Opera, and Webkit return items
+						// by name instead of ID
+						if ( elem.id === m ) {
+							results.push( elem );
+							return results;
+						}
+					} else {
+						return results;
+					}
+				} else {
+					// Context is not a document
+					if ( context.ownerDocument && (elem = context.ownerDocument.getElementById( m )) &&
+						contains( context, elem ) && elem.id === m ) {
+						results.push( elem );
+						return results;
+					}
+				}
+
+			// Speed-up: Sizzle("TAG")
+			} else if ( match[2] ) {
+				push.apply( results, context.getElementsByTagName( selector ) );
+				return results;
+
+			// Speed-up: Sizzle(".CLASS")
+			} else if ( (m = match[3]) && support.getElementsByClassName ) {
+				push.apply( results, context.getElementsByClassName( m ) );
+				return results;
+			}
+		}
+
+		// QSA path
+		if ( support.qsa && (!rbuggyQSA || !rbuggyQSA.test( selector )) ) {
+			nid = old = expando;
+			newContext = context;
+			newSelector = nodeType !== 1 && selector;
+
+			// qSA works strangely on Element-rooted queries
+			// We can work around this by specifying an extra ID on the root
+			// and working up from there (Thanks to Andrew Dupont for the technique)
+			// IE 8 doesn't work on object elements
+			if ( nodeType === 1 && context.nodeName.toLowerCase() !== "object" ) {
+				groups = tokenize( selector );
+
+				if ( (old = context.getAttribute("id")) ) {
+					nid = old.replace( rescape, "\\$&" );
+				} else {
+					context.setAttribute( "id", nid );
+				}
+				nid = "[id='" + nid + "'] ";
+
+				i = groups.length;
+				while ( i-- ) {
+					groups[i] = nid + toSelector( groups[i] );
+				}
+				newContext = rsibling.test( selector ) && testContext( context.parentNode ) || context;
+				newSelector = groups.join(",");
+			}
+
+			if ( newSelector ) {
+				try {
+					push.apply( results,
+						newContext.querySelectorAll( newSelector )
+					);
+					return results;
+				} catch(qsaError) {
+				} finally {
+					if ( !old ) {
+						context.removeAttribute("id");
+					}
+				}
+			}
+		}
+	}
+
+	// All others
+	return select( selector.replace( rtrim, "$1" ), context, results, seed );
+}
+
+/**
+ * Create key-value caches of limited size
+ * @returns {Function(string, Object)} Returns the Object data after storing it on itself with
+ *	property name the (space-suffixed) string and (if the cache is larger than Expr.cacheLength)
+ *	deleting the oldest entry
+ */
+function createCache() {
+	var keys = [];
+
+	function cache( key, value ) {
+		// Use (key + " ") to avoid collision with native prototype properties (see Issue #157)
+		if ( keys.push( key + " " ) > Expr.cacheLength ) {
+			// Only keep the most recent entries
+			delete cache[ keys.shift() ];
+		}
+		return (cache[ key + " " ] = value);
+	}
+	return cache;
+}
+
+/**
+ * Mark a function for special use by Sizzle
+ * @param {Function} fn The function to mark
+ */
+function markFunction( fn ) {
+	fn[ expando ] = true;
+	return fn;
+}
+
+/**
+ * Support testing using an element
+ * @param {Function} fn Passed the created div and expects a boolean result
+ */
+function assert( fn ) {
+	var div = document.createElement("div");
+
+	try {
+		return !!fn( div );
+	} catch (e) {
+		return false;
+	} finally {
+		// Remove from its parent by default
+		if ( div.parentNode ) {
+			div.parentNode.removeChild( div );
+		}
+		// release memory in IE
+		div = null;
+	}
+}
+
+/**
+ * Adds the same handler for all of the specified attrs
+ * @param {String} attrs Pipe-separated list of attributes
+ * @param {Function} handler The method that will be applied
+ */
+function addHandle( attrs, handler ) {
+	var arr = attrs.split("|"),
+		i = attrs.length;
+
+	while ( i-- ) {
+		Expr.attrHandle[ arr[i] ] = handler;
+	}
+}
+
+/**
+ * Checks document order of two siblings
+ * @param {Element} a
+ * @param {Element} b
+ * @returns {Number} Returns less than 0 if a precedes b, greater than 0 if a follows b
+ */
+function siblingCheck( a, b ) {
+	var cur = b && a,
+		diff = cur && a.nodeType === 1 && b.nodeType === 1 &&
+			( ~b.sourceIndex || MAX_NEGATIVE ) -
+			( ~a.sourceIndex || MAX_NEGATIVE );
+
+	// Use IE sourceIndex if available on both nodes
+	if ( diff ) {
+		return diff;
+	}
+
+	// Check if b follows a
+	if ( cur ) {
+		while ( (cur = cur.nextSibling) ) {
+			if ( cur === b ) {
+				return -1;
+			}
+		}
+	}
+
+	return a ? 1 : -1;
+}
+
+/**
+ * Returns a function to use in pseudos for input types
+ * @param {String} type
+ */
+function createInputPseudo( type ) {
+	return function( elem ) {
+		var name = elem.nodeName.toLowerCase();
+		return name === "input" && elem.type === type;
+	};
+}
+
+/**
+ * Returns a function to use in pseudos for buttons
+ * @param {String} type
+ */
+function createButtonPseudo( type ) {
+	return function( elem ) {
+		var name = elem.nodeName.toLowerCase();
+		return (name === "input" || name === "button") && elem.type === type;
+	};
+}
+
+/**
+ * Returns a function to use in pseudos for positionals
+ * @param {Function} fn
+ */
+function createPositionalPseudo( fn ) {
+	return markFunction(function( argument ) {
+		argument = +argument;
+		return markFunction(function( seed, matches ) {
+			var j,
+				matchIndexes = fn( [], seed.length, argument ),
+				i = matchIndexes.length;
+
+			// Match elements found at the specified indexes
+			while ( i-- ) {
+				if ( seed[ (j = matchIndexes[i]) ] ) {
+					seed[j] = !(matches[j] = seed[j]);
+				}
+			}
+		});
+	});
+}
+
+/**
+ * Checks a node for validity as a Sizzle context
+ * @param {Element|Object=} context
+ * @returns {Element|Object|Boolean} The input node if acceptable, otherwise a falsy value
+ */
+function testContext( context ) {
+	return context && typeof context.getElementsByTagName !== "undefined" && context;
+}
+
+// Expose support vars for convenience
+support = Sizzle.support = {};
+
+/**
+ * Detects XML nodes
+ * @param {Element|Object} elem An element or a document
+ * @returns {Boolean} True iff elem is a non-HTML XML node
+ */
+isXML = Sizzle.isXML = function( elem ) {
+	// documentElement is verified for cases where it doesn't yet exist
+	// (such as loading iframes in IE - #4833)
+	var documentElement = elem && (elem.ownerDocument || elem).documentElement;
+	return documentElement ? documentElement.nodeName !== "HTML" : false;
+};
+
+/**
+ * Sets document-related variables once based on the current document
+ * @param {Element|Object} [doc] An element or document object to use to set the document
+ * @returns {Object} Returns the current document
+ */
+setDocument = Sizzle.setDocument = function( node ) {
+	var hasCompare, parent,
+		doc = node ? node.ownerDocument || node : preferredDoc;
+
+	// If no document and documentElement is available, return
+	if ( doc === document || doc.nodeType !== 9 || !doc.documentElement ) {
+		return document;
+	}
+
+	// Set our document
+	document = doc;
+	docElem = doc.documentElement;
+	parent = doc.defaultView;
+
+	// Support: IE>8
+	// If iframe document is assigned to "document" variable and if iframe has been reloaded,
+	// IE will throw "permission denied" error when accessing "document" variable, see jQuery #13936
+	// IE6-8 do not support the defaultView property so parent will be undefined
+	if ( parent && parent !== parent.top ) {
+		// IE11 does not have attachEvent, so all must suffer
+		if ( parent.addEventListener ) {
+			parent.addEventListener( "unload", unloadHandler, false );
+		} else if ( parent.attachEvent ) {
+			parent.attachEvent( "onunload", unloadHandler );
+		}
+	}
+
+	/* Support tests
+	---------------------------------------------------------------------- */
+	documentIsHTML = !isXML( doc );
+
+	/* Attributes
+	---------------------------------------------------------------------- */
+
+	// Support: IE<8
+	// Verify that getAttribute really returns attributes and not properties
+	// (excepting IE8 booleans)
+	support.attributes = assert(function( div ) {
+		div.className = "i";
+		return !div.getAttribute("className");
+	});
+
+	/* getElement(s)By*
+	---------------------------------------------------------------------- */
+
+	// Check if getElementsByTagName("*") returns only elements
+	support.getElementsByTagName = assert(function( div ) {
+		div.appendChild( doc.createComment("") );
+		return !div.getElementsByTagName("*").length;
+	});
+
+	// Support: IE<9
+	support.getElementsByClassName = rnative.test( doc.getElementsByClassName );
+
+	// Support: IE<10
+	// Check if getElementById returns elements by name
+	// The broken getElementById methods don't pick up programatically-set names,
+	// so use a roundabout getElementsByName test
+	support.getById = assert(function( div ) {
+		docElem.appendChild( div ).id = expando;
+		return !doc.getElementsByName || !doc.getElementsByName( expando ).length;
+	});
+
+	// ID find and filter
+	if ( support.getById ) {
+		Expr.find["ID"] = function( id, context ) {
+			if ( typeof context.getElementById !== "undefined" && documentIsHTML ) {
+				var m = context.getElementById( id );
+				// Check parentNode to catch when Blackberry 4.6 returns
+				// nodes that are no longer in the document #6963
+				return m && m.parentNode ? [ m ] : [];
+			}
+		};
+		Expr.filter["ID"] = function( id ) {
+			var attrId = id.replace( runescape, funescape );
+			return function( elem ) {
+				return elem.getAttribute("id") === attrId;
+			};
+		};
+	} else {
+		// Support: IE6/7
+		// getElementById is not reliable as a find shortcut
+		delete Expr.find["ID"];
+
+		Expr.filter["ID"] =  function( id ) {
+			var attrId = id.replace( runescape, funescape );
+			return function( elem ) {
+				var node = typeof elem.getAttributeNode !== "undefined" && elem.getAttributeNode("id");
+				return node && node.value === attrId;
+			};
+		};
+	}
+
+	// Tag
+	Expr.find["TAG"] = support.getElementsByTagName ?
+		function( tag, context ) {
+			if ( typeof context.getElementsByTagName !== "undefined" ) {
+				return context.getElementsByTagName( tag );
+
+			// DocumentFragment nodes don't have gEBTN
+			} else if ( support.qsa ) {
+				return context.querySelectorAll( tag );
+			}
+		} :
+
+		function( tag, context ) {
+			var elem,
+				tmp = [],
+				i = 0,
+				// By happy coincidence, a (broken) gEBTN appears on DocumentFragment nodes too
+				results = context.getElementsByTagName( tag );
+
+			// Filter out possible comments
+			if ( tag === "*" ) {
+				while ( (elem = results[i++]) ) {
+					if ( elem.nodeType === 1 ) {
+						tmp.push( elem );
+					}
+				}
+
+				return tmp;
+			}
+			return results;
+		};
+
+	// Class
+	Expr.find["CLASS"] = support.getElementsByClassName && function( className, context ) {
+		if ( documentIsHTML ) {
+			return context.getElementsByClassName( className );
+		}
+	};
+
+	/* QSA/matchesSelector
+	---------------------------------------------------------------------- */
+
+	// QSA and matchesSelector support
+
+	// matchesSelector(:active) reports false when true (IE9/Opera 11.5)
+	rbuggyMatches = [];
+
+	// qSa(:focus) reports false when true (Chrome 21)
+	// We allow this because of a bug in IE8/9 that throws an error
+	// whenever `document.activeElement` is accessed on an iframe
+	// So, we allow :focus to pass through QSA all the time to avoid the IE error
+	// See http://bugs.jquery.com/ticket/13378
+	rbuggyQSA = [];
+
+	if ( (support.qsa = rnative.test( doc.querySelectorAll )) ) {
+		// Build QSA regex
+		// Regex strategy adopted from Diego Perini
+		assert(function( div ) {
+			// Select is set to empty string on purpose
+			// This is to test IE's treatment of not explicitly
+			// setting a boolean content attribute,
+			// since its presence should be enough
+			// http://bugs.jquery.com/ticket/12359
+			docElem.appendChild( div ).innerHTML = "<a id='" + expando + "'></a>" +
+				"<select id='" + expando + "-\f]' msallowcapture=''>" +
+				"<option selected=''></option></select>";
+
+			// Support: IE8, Opera 11-12.16
+			// Nothing should be selected when empty strings follow ^= or $= or *=
+			// The test attribute must be unknown in Opera but "safe" for WinRT
+			// http://msdn.microsoft.com/en-us/library/ie/hh465388.aspx#attribute_section
+			if ( div.querySelectorAll("[msallowcapture^='']").length ) {
+				rbuggyQSA.push( "[*^$]=" + whitespace + "*(?:''|\"\")" );
+			}
+
+			// Support: IE8
+			// Boolean attributes and "value" are not treated correctly
+			if ( !div.querySelectorAll("[selected]").length ) {
+				rbuggyQSA.push( "\\[" + whitespace + "*(?:value|" + booleans + ")" );
+			}
+
+			// Support: Chrome<29, Android<4.2+, Safari<7.0+, iOS<7.0+, PhantomJS<1.9.7+
+			if ( !div.querySelectorAll( "[id~=" + expando + "-]" ).length ) {
+				rbuggyQSA.push("~=");
+			}
+
+			// Webkit/Opera - :checked should return selected option elements
+			// http://www.w3.org/TR/2011/REC-css3-selectors-20110929/#checked
+			// IE8 throws error here and will not see later tests
+			if ( !div.querySelectorAll(":checked").length ) {
+				rbuggyQSA.push(":checked");
+			}
+
+			// Support: Safari 8+, iOS 8+
+			// https://bugs.webkit.org/show_bug.cgi?id=136851
+			// In-page `selector#id sibing-combinator selector` fails
+			if ( !div.querySelectorAll( "a#" + expando + "+*" ).length ) {
+				rbuggyQSA.push(".#.+[+~]");
+			}
+		});
+
+		assert(function( div ) {
+			// Support: Windows 8 Native Apps
+			// The type and name attributes are restricted during .innerHTML assignment
+			var input = doc.createElement("input");
+			input.setAttribute( "type", "hidden" );
+			div.appendChild( input ).setAttribute( "name", "D" );
+
+			// Support: IE8
+			// Enforce case-sensitivity of name attribute
+			if ( div.querySelectorAll("[name=d]").length ) {
+				rbuggyQSA.push( "name" + whitespace + "*[*^$|!~]?=" );
+			}
+
+			// FF 3.5 - :enabled/:disabled and hidden elements (hidden elements are still enabled)
+			// IE8 throws error here and will not see later tests
+			if ( !div.querySelectorAll(":enabled").length ) {
+				rbuggyQSA.push( ":enabled", ":disabled" );
+			}
+
+			// Opera 10-11 does not throw on post-comma invalid pseudos
+			div.querySelectorAll("*,:x");
+			rbuggyQSA.push(",.*:");
+		});
+	}
+
+	if ( (support.matchesSelector = rnative.test( (matches = docElem.matches ||
+		docElem.webkitMatchesSelector ||
+		docElem.mozMatchesSelector ||
+		docElem.oMatchesSelector ||
+		docElem.msMatchesSelector) )) ) {
+
+		assert(function( div ) {
+			// Check to see if it's possible to do matchesSelector
+			// on a disconnected node (IE 9)
+			support.disconnectedMatch = matches.call( div, "div" );
+
+			// This should fail with an exception
+			// Gecko does not error, returns false instead
+			matches.call( div, "[s!='']:x" );
+			rbuggyMatches.push( "!=", pseudos );
+		});
+	}
+
+	rbuggyQSA = rbuggyQSA.length && new RegExp( rbuggyQSA.join("|") );
+	rbuggyMatches = rbuggyMatches.length && new RegExp( rbuggyMatches.join("|") );
+
+	/* Contains
+	---------------------------------------------------------------------- */
+	hasCompare = rnative.test( docElem.compareDocumentPosition );
+
+	// Element contains another
+	// Purposefully does not implement inclusive descendent
+	// As in, an element does not contain itself
+	contains = hasCompare || rnative.test( docElem.contains ) ?
+		function( a, b ) {
+			var adown = a.nodeType === 9 ? a.documentElement : a,
+				bup = b && b.parentNode;
+			return a === bup || !!( bup && bup.nodeType === 1 && (
+				adown.contains ?
+					adown.contains( bup ) :
+					a.compareDocumentPosition && a.compareDocumentPosition( bup ) & 16
+			));
+		} :
+		function( a, b ) {
+			if ( b ) {
+				while ( (b = b.parentNode) ) {
+					if ( b === a ) {
+						return true;
+					}
+				}
+			}
+			return false;
+		};
+
+	/* Sorting
+	---------------------------------------------------------------------- */
+
+	// Document order sorting
+	sortOrder = hasCompare ?
+	function( a, b ) {
+
+		// Flag for duplicate removal
+		if ( a === b ) {
+			hasDuplicate = true;
+			return 0;
+		}
+
+		// Sort on method existence if only one input has compareDocumentPosition
+		var compare = !a.compareDocumentPosition - !b.compareDocumentPosition;
+		if ( compare ) {
+			return compare;
+		}
+
+		// Calculate position if both inputs belong to the same document
+		compare = ( a.ownerDocument || a ) === ( b.ownerDocument || b ) ?
+			a.compareDocumentPosition( b ) :
+
+			// Otherwise we know they are disconnected
+			1;
+
+		// Disconnected nodes
+		if ( compare & 1 ||
+			(!support.sortDetached && b.compareDocumentPosition( a ) === compare) ) {
+
+			// Choose the first element that is related to our preferred document
+			if ( a === doc || a.ownerDocument === preferredDoc && contains(preferredDoc, a) ) {
+				return -1;
+			}
+			if ( b === doc || b.ownerDocument === preferredDoc && contains(preferredDoc, b) ) {
+				return 1;
+			}
+
+			// Maintain original order
+			return sortInput ?
+				( indexOf( sortInput, a ) - indexOf( sortInput, b ) ) :
+				0;
+		}
+
+		return compare & 4 ? -1 : 1;
+	} :
+	function( a, b ) {
+		// Exit early if the nodes are identical
+		if ( a === b ) {
+			hasDuplicate = true;
+			return 0;
+		}
+
+		var cur,
+			i = 0,
+			aup = a.parentNode,
+			bup = b.parentNode,
+			ap = [ a ],
+			bp = [ b ];
+
+		// Parentless nodes are either documents or disconnected
+		if ( !aup || !bup ) {
+			return a === doc ? -1 :
+				b === doc ? 1 :
+				aup ? -1 :
+				bup ? 1 :
+				sortInput ?
+				( indexOf( sortInput, a ) - indexOf( sortInput, b ) ) :
+				0;
+
+		// If the nodes are siblings, we can do a quick check
+		} else if ( aup === bup ) {
+			return siblingCheck( a, b );
+		}
+
+		// Otherwise we need full lists of their ancestors for comparison
+		cur = a;
+		while ( (cur = cur.parentNode) ) {
+			ap.unshift( cur );
+		}
+		cur = b;
+		while ( (cur = cur.parentNode) ) {
+			bp.unshift( cur );
+		}
+
+		// Walk down the tree looking for a discrepancy
+		while ( ap[i] === bp[i] ) {
+			i++;
+		}
+
+		return i ?
+			// Do a sibling check if the nodes have a common ancestor
+			siblingCheck( ap[i], bp[i] ) :
+
+			// Otherwise nodes in our document sort first
+			ap[i] === preferredDoc ? -1 :
+			bp[i] === preferredDoc ? 1 :
+			0;
+	};
+
+	return doc;
+};
+
+Sizzle.matches = function( expr, elements ) {
+	return Sizzle( expr, null, null, elements );
+};
+
+Sizzle.matchesSelector = function( elem, expr ) {
+	// Set document vars if needed
+	if ( ( elem.ownerDocument || elem ) !== document ) {
+		setDocument( elem );
+	}
+
+	// Make sure that attribute selectors are quoted
+	expr = expr.replace( rattributeQuotes, "='$1']" );
+
+	if ( support.matchesSelector && documentIsHTML &&
+		( !rbuggyMatches || !rbuggyMatches.test( expr ) ) &&
+		( !rbuggyQSA     || !rbuggyQSA.test( expr ) ) ) {
+
+		try {
+			var ret = matches.call( elem, expr );
+
+			// IE 9's matchesSelector returns false on disconnected nodes
+			if ( ret || support.disconnectedMatch ||
+					// As well, disconnected nodes are said to be in a document
+					// fragment in IE 9
+					elem.document && elem.document.nodeType !== 11 ) {
+				return ret;
+			}
+		} catch (e) {}
+	}
+
+	return Sizzle( expr, document, null, [ elem ] ).length > 0;
+};
+
+Sizzle.contains = function( context, elem ) {
+	// Set document vars if needed
+	if ( ( context.ownerDocument || context ) !== document ) {
+		setDocument( context );
+	}
+	return contains( context, elem );
+};
+
+Sizzle.attr = function( elem, name ) {
+	// Set document vars if needed
+	if ( ( elem.ownerDocument || elem ) !== document ) {
+		setDocument( elem );
+	}
+
+	var fn = Expr.attrHandle[ name.toLowerCase() ],
+		// Don't get fooled by Object.prototype properties (jQuery #13807)
+		val = fn && hasOwn.call( Expr.attrHandle, name.toLowerCase() ) ?
+			fn( elem, name, !documentIsHTML ) :
+			undefined;
+
+	return val !== undefined ?
+		val :
+		support.attributes || !documentIsHTML ?
+			elem.getAttribute( name ) :
+			(val = elem.getAttributeNode(name)) && val.specified ?
+				val.value :
+				null;
+};
+
+Sizzle.error = function( msg ) {
+	throw new Error( "Syntax error, unrecognized expression: " + msg );
+};
+
+/**
+ * Document sorting and removing duplicates
+ * @param {ArrayLike} results
+ */
+Sizzle.uniqueSort = function( results ) {
+	var elem,
+		duplicates = [],
+		j = 0,
+		i = 0;
+
+	// Unless we *know* we can detect duplicates, assume their presence
+	hasDuplicate = !support.detectDuplicates;
+	sortInput = !support.sortStable && results.slice( 0 );
+	results.sort( sortOrder );
+
+	if ( hasDuplicate ) {
+		while ( (elem = results[i++]) ) {
+			if ( elem === results[ i ] ) {
+				j = duplicates.push( i );
+			}
+		}
+		while ( j-- ) {
+			results.splice( duplicates[ j ], 1 );
+		}
+	}
+
+	// Clear input after sorting to release objects
+	// See https://github.com/jquery/sizzle/pull/225
+	sortInput = null;
+
+	return results;
+};
+
+/**
+ * Utility function for retrieving the text value of an array of DOM nodes
+ * @param {Array|Element} elem
+ */
+getText = Sizzle.getText = function( elem ) {
+	var node,
+		ret = "",
+		i = 0,
+		nodeType = elem.nodeType;
+
+	if ( !nodeType ) {
+		// If no nodeType, this is expected to be an array
+		while ( (node = elem[i++]) ) {
+			// Do not traverse comment nodes
+			ret += getText( node );
+		}
+	} else if ( nodeType === 1 || nodeType === 9 || nodeType === 11 ) {
+		// Use textContent for elements
+		// innerText usage removed for consistency of new lines (jQuery #11153)
+		if ( typeof elem.textContent === "string" ) {
+			return elem.textContent;
+		} else {
+			// Traverse its children
+			for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) {
+				ret += getText( elem );
+			}
+		}
+	} else if ( nodeType === 3 || nodeType === 4 ) {
+		return elem.nodeValue;
+	}
+	// Do not include comment or processing instruction nodes
+
+	return ret;
+};
+
+Expr = Sizzle.selectors = {
+
+	// Can be adjusted by the user
+	cacheLength: 50,
+
+	createPseudo: markFunction,
+
+	match: matchExpr,
+
+	attrHandle: {},
+
+	find: {},
+
+	relative: {
+		">": { dir: "parentNode", first: true },
+		" ": { dir: "parentNode" },
+		"+": { dir: "previousSibling", first: true },
+		"~": { dir: "previousSibling" }
+	},
+
+	preFilter: {
+		"ATTR": function( match ) {
+			match[1] = match[1].replace( runescape, funescape );
+
+			// Move the given value to match[3] whether quoted or unquoted
+			match[3] = ( match[3] || match[4] || match[5] || "" ).replace( runescape, funescape );
+
+			if ( match[2] === "~=" ) {
+				match[3] = " " + match[3] + " ";
+			}
+
+			return match.slice( 0, 4 );
+		},
+
+		"CHILD": function( match ) {
+			/* matches from matchExpr["CHILD"]
+				1 type (only|nth|...)
+				2 what (child|of-type)
+				3 argument (even|odd|\d*|\d*n([+-]\d+)?|...)
+				4 xn-component of xn+y argument ([+-]?\d*n|)
+				5 sign of xn-component
+				6 x of xn-component
+				7 sign of y-component
+				8 y of y-component
+			*/
+			match[1] = match[1].toLowerCase();
+
+			if ( match[1].slice( 0, 3 ) === "nth" ) {
+				// nth-* requires argument
+				if ( !match[3] ) {
+					Sizzle.error( match[0] );
+				}
+
+				// numeric x and y parameters for Expr.filter.CHILD
+				// remember that false/true cast respectively to 0/1
+				match[4] = +( match[4] ? match[5] + (match[6] || 1) : 2 * ( match[3] === "even" || match[3] === "odd" ) );
+				match[5] = +( ( match[7] + match[8] ) || match[3] === "odd" );
+
+			// other types prohibit arguments
+			} else if ( match[3] ) {
+				Sizzle.error( match[0] );
+			}
+
+			return match;
+		},
+
+		"PSEUDO": function( match ) {
+			var excess,
+				unquoted = !match[6] && match[2];
+
+			if ( matchExpr["CHILD"].test( match[0] ) ) {
+				return null;
+			}
+
+			// Accept quoted arguments as-is
+			if ( match[3] ) {
+				match[2] = match[4] || match[5] || "";
+
+			// Strip excess characters from unquoted arguments
+			} else if ( unquoted && rpseudo.test( unquoted ) &&
+				// Get excess from tokenize (recursively)
+				(excess = tokenize( unquoted, true )) &&
+				// advance to the next closing parenthesis
+				(excess = unquoted.indexOf( ")", unquoted.length - excess ) - unquoted.length) ) {
+
+				// excess is a negative index
+				match[0] = match[0].slice( 0, excess );
+				match[2] = unquoted.slice( 0, excess );
+			}
+
+			// Return only captures needed by the pseudo filter method (type and argument)
+			return match.slice( 0, 3 );
+		}
+	},
+
+	filter: {
+
+		"TAG": function( nodeNameSelector ) {
+			var nodeName = nodeNameSelector.replace( runescape, funescape ).toLowerCase();
+			return nodeNameSelector === "*" ?
+				function() { return true; } :
+				function( elem ) {
+					return elem.nodeName && elem.nodeName.toLowerCase() === nodeName;
+				};
+		},
+
+		"CLASS": function( className ) {
+			var pattern = classCache[ className + " " ];
+
+			return pattern ||
+				(pattern = new RegExp( "(^|" + whitespace + ")" + className + "(" + whitespace + "|$)" )) &&
+				classCache( className, function( elem ) {
+					return pattern.test( typeof elem.className === "string" && elem.className || typeof elem.getAttribute !== "undefined" && elem.getAttribute("class") || "" );
+				});
+		},
+
+		"ATTR": function( name, operator, check ) {
+			return function( elem ) {
+				var result = Sizzle.attr( elem, name );
+
+				if ( result == null ) {
+					return operator === "!=";
+				}
+				if ( !operator ) {
+					return true;
+				}
+
+				result += "";
+
+				return operator === "=" ? result === check :
+					operator === "!=" ? result !== check :
+					operator === "^=" ? check && result.indexOf( check ) === 0 :
+					operator === "*=" ? check && result.indexOf( check ) > -1 :
+					operator === "$=" ? check && result.slice( -check.length ) === check :
+					operator === "~=" ? ( " " + result.replace( rwhitespace, " " ) + " " ).indexOf( check ) > -1 :
+					operator === "|=" ? result === check || result.slice( 0, check.length + 1 ) === check + "-" :
+					false;
+			};
+		},
+
+		"CHILD": function( type, what, argument, first, last ) {
+			var simple = type.slice( 0, 3 ) !== "nth",
+				forward = type.slice( -4 ) !== "last",
+				ofType = what === "of-type";
+
+			return first === 1 && last === 0 ?
+
+				// Shortcut for :nth-*(n)
+				function( elem ) {
+					return !!elem.parentNode;
+				} :
+
+				function( elem, context, xml ) {
+					var cache, outerCache, node, diff, nodeIndex, start,
+						dir = simple !== forward ? "nextSibling" : "previousSibling",
+						parent = elem.parentNode,
+						name = ofType && elem.nodeName.toLowerCase(),
+						useCache = !xml && !ofType;
+
+					if ( parent ) {
+
+						// :(first|last|only)-(child|of-type)
+						if ( simple ) {
+							while ( dir ) {
+								node = elem;
+								while ( (node = node[ dir ]) ) {
+									if ( ofType ? node.nodeName.toLowerCase() === name : node.nodeType === 1 ) {
+										return false;
+									}
+								}
+								// Reverse direction for :only-* (if we haven't yet done so)
+								start = dir = type === "only" && !start && "nextSibling";
+							}
+							return true;
+						}
+
+						start = [ forward ? parent.firstChild : parent.lastChild ];
+
+						// non-xml :nth-child(...) stores cache data on `parent`
+						if ( forward && useCache ) {
+							// Seek `elem` from a previously-cached index
+							outerCache = parent[ expando ] || (parent[ expando ] = {});
+							cache = outerCache[ type ] || [];
+							nodeIndex = cache[0] === dirruns && cache[1];
+							diff = cache[0] === dirruns && cache[2];
+							node = nodeIndex && parent.childNodes[ nodeIndex ];
+
+							while ( (node = ++nodeIndex && node && node[ dir ] ||
+
+								// Fallback to seeking `elem` from the start
+								(diff = nodeIndex = 0) || start.pop()) ) {
+
+								// When found, cache indexes on `parent` and break
+								if ( node.nodeType === 1 && ++diff && node === elem ) {
+									outerCache[ type ] = [ dirruns, nodeIndex, diff ];
+									break;
+								}
+							}
+
+						// Use previously-cached element index if available
+						} else if ( useCache && (cache = (elem[ expando ] || (elem[ expando ] = {}))[ type ]) && cache[0] === dirruns ) {
+							diff = cache[1];
+
+						// xml :nth-child(...) or :nth-last-child(...) or :nth(-last)?-of-type(...)
+						} else {
+							// Use the same loop as above to seek `elem` from the start
+							while ( (node = ++nodeIndex && node && node[ dir ] ||
+								(diff = nodeIndex = 0) || start.pop()) ) {
+
+								if ( ( ofType ? node.nodeName.toLowerCase() === name : node.nodeType === 1 ) && ++diff ) {
+									// Cache the index of each encountered element
+									if ( useCache ) {
+										(node[ expando ] || (node[ expando ] = {}))[ type ] = [ dirruns, diff ];
+									}
+
+									if ( node === elem ) {
+										break;
+									}
+								}
+							}
+						}
+
+						// Incorporate the offset, then check against cycle size
+						diff -= last;
+						return diff === first || ( diff % first === 0 && diff / first >= 0 );
+					}
+				};
+		},
+
+		"PSEUDO": function( pseudo, argument ) {
+			// pseudo-class names are case-insensitive
+			// http://www.w3.org/TR/selectors/#pseudo-classes
+			// Prioritize by case sensitivity in case custom pseudos are added with uppercase letters
+			// Remember that setFilters inherits from pseudos
+			var args,
+				fn = Expr.pseudos[ pseudo ] || Expr.setFilters[ pseudo.toLowerCase() ] ||
+					Sizzle.error( "unsupported pseudo: " + pseudo );
+
+			// The user may use createPseudo to indicate that
+			// arguments are needed to create the filter function
+			// just as Sizzle does
+			if ( fn[ expando ] ) {
+				return fn( argument );
+			}
+
+			// But maintain support for old signatures
+			if ( fn.length > 1 ) {
+				args = [ pseudo, pseudo, "", argument ];
+				return Expr.setFilters.hasOwnProperty( pseudo.toLowerCase() ) ?
+					markFunction(function( seed, matches ) {
+						var idx,
+							matched = fn( seed, argument ),
+							i = matched.length;
+						while ( i-- ) {
+							idx = indexOf( seed, matched[i] );
+							seed[ idx ] = !( matches[ idx ] = matched[i] );
+						}
+					}) :
+					function( elem ) {
+						return fn( elem, 0, args );
+					};
+			}
+
+			return fn;
+		}
+	},
+
+	pseudos: {
+		// Potentially complex pseudos
+		"not": markFunction(function( selector ) {
+			// Trim the selector passed to compile
+			// to avoid treating leading and trailing
+			// spaces as combinators
+			var input = [],
+				results = [],
+				matcher = compile( selector.replace( rtrim, "$1" ) );
+
+			return matcher[ expando ] ?
+				markFunction(function( seed, matches, context, xml ) {
+					var elem,
+						unmatched = matcher( seed, null, xml, [] ),
+						i = seed.length;
+
+					// Match elements unmatched by `matcher`
+					while ( i-- ) {
+						if ( (elem = unmatched[i]) ) {
+							seed[i] = !(matches[i] = elem);
+						}
+					}
+				}) :
+				function( elem, context, xml ) {
+					input[0] = elem;
+					matcher( input, null, xml, results );
+					// Don't keep the element (issue #299)
+					input[0] = null;
+					return !results.pop();
+				};
+		}),
+
+		"has": markFunction(function( selector ) {
+			return function( elem ) {
+				return Sizzle( selector, elem ).length > 0;
+			};
+		}),
+
+		"contains": markFunction(function( text ) {
+			text = text.replace( runescape, funescape );
+			return function( elem ) {
+				return ( elem.textContent || elem.innerText || getText( elem ) ).indexOf( text ) > -1;
+			};
+		}),
+
+		// "Whether an element is represented by a :lang() selector
+		// is based solely on the element's language value
+		// being equal to the identifier C,
+		// or beginning with the identifier C immediately followed by "-".
+		// The matching of C against the element's language value is performed case-insensitively.
+		// The identifier C does not have to be a valid language name."
+		// http://www.w3.org/TR/selectors/#lang-pseudo
+		"lang": markFunction( function( lang ) {
+			// lang value must be a valid identifier
+			if ( !ridentifier.test(lang || "") ) {
+				Sizzle.error( "unsupported lang: " + lang );
+			}
+			lang = lang.replace( runescape, funescape ).toLowerCase();
+			return function( elem ) {
+				var elemLang;
+				do {
+					if ( (elemLang = documentIsHTML ?
+						elem.lang :
+						elem.getAttribute("xml:lang") || elem.getAttribute("lang")) ) {
+
+						elemLang = elemLang.toLowerCase();
+						return elemLang === lang || elemLang.indexOf( lang + "-" ) === 0;
+					}
+				} while ( (elem = elem.parentNode) && elem.nodeType === 1 );
+				return false;
+			};
+		}),
+
+		// Miscellaneous
+		"target": function( elem ) {
+			var hash = window.location && window.location.hash;
+			return hash && hash.slice( 1 ) === elem.id;
+		},
+
+		"root": function( elem ) {
+			return elem === docElem;
+		},
+
+		"focus": function( elem ) {
+			return elem === document.activeElement && (!document.hasFocus || document.hasFocus()) && !!(elem.type || elem.href || ~elem.tabIndex);
+		},
+
+		// Boolean properties
+		"enabled": function( elem ) {
+			return elem.disabled === false;
+		},
+
+		"disabled": function( elem ) {
+			return elem.disabled === true;
+		},
+
+		"checked": function( elem ) {
+			// In CSS3, :checked should return both checked and selected elements
+			// http://www.w3.org/TR/2011/REC-css3-selectors-20110929/#checked
+			var nodeName = elem.nodeName.toLowerCase();
+			return (nodeName === "input" && !!elem.checked) || (nodeName === "option" && !!elem.selected);
+		},
+
+		"selected": function( elem ) {
+			// Accessing this property makes selected-by-default
+			// options in Safari work properly
+			if ( elem.parentNode ) {
+				elem.parentNode.selectedIndex;
+			}
+
+			return elem.selected === true;
+		},
+
+		// Contents
+		"empty": function( elem ) {
+			// http://www.w3.org/TR/selectors/#empty-pseudo
+			// :empty is negated by element (1) or content nodes (text: 3; cdata: 4; entity ref: 5),
+			//   but not by others (comment: 8; processing instruction: 7; etc.)
+			// nodeType < 6 works because attributes (2) do not appear as children
+			for ( elem = elem.firstChild; elem; elem = elem.nextSibling ) {
+				if ( elem.nodeType < 6 ) {
+					return false;
+				}
+			}
+			return true;
+		},
+
+		"parent": function( elem ) {
+			return !Expr.pseudos["empty"]( elem );
+		},
+
+		// Element/input types
+		"header": function( elem ) {
+			return rheader.test( elem.nodeName );
+		},
+
+		"input": function( elem ) {
+			return rinputs.test( elem.nodeName );
+		},
+
+		"button": function( elem ) {
+			var name = elem.nodeName.toLowerCase();
+			return name === "input" && elem.type === "button" || name === "button";
+		},
+
+		"text": function( elem ) {
+			var attr;
+			return elem.nodeName.toLowerCase() === "input" &&
+				elem.type === "text" &&
+
+				// Support: IE<8
+				// New HTML5 attribute values (e.g., "search") appear with elem.type === "text"
+				( (attr = elem.getAttribute("type")) == null || attr.toLowerCase() === "text" );
+		},
+
+		// Position-in-collection
+		"first": createPositionalPseudo(function() {
+			return [ 0 ];
+		}),
+
+		"last": createPositionalPseudo(function( matchIndexes, length ) {
+			return [ length - 1 ];
+		}),
+
+		"eq": createPositionalPseudo(function( matchIndexes, length, argument ) {
+			return [ argument < 0 ? argument + length : argument ];
+		}),
+
+		"even": createPositionalPseudo(function( matchIndexes, length ) {
+			var i = 0;
+			for ( ; i < length; i += 2 ) {
+				matchIndexes.push( i );
+			}
+			return matchIndexes;
+		}),
+
+		"odd": createPositionalPseudo(function( matchIndexes, length ) {
+			var i = 1;
+			for ( ; i < length; i += 2 ) {
+				matchIndexes.push( i );
+			}
+			return matchIndexes;
+		}),
+
+		"lt": createPositionalPseudo(function( matchIndexes, length, argument ) {
+			var i = argument < 0 ? argument + length : argument;
+			for ( ; --i >= 0; ) {
+				matchIndexes.push( i );
+			}
+			return matchIndexes;
+		}),
+
+		"gt": createPositionalPseudo(function( matchIndexes, length, argument ) {
+			var i = argument < 0 ? argument + length : argument;
+			for ( ; ++i < length; ) {
+				matchIndexes.push( i );
+			}
+			return matchIndexes;
+		})
+	}
+};
+
+Expr.pseudos["nth"] = Expr.pseudos["eq"];
+
+// Add button/input type pseudos
+for ( i in { radio: true, checkbox: true, file: true, password: true, image: true } ) {
+	Expr.pseudos[ i ] = createInputPseudo( i );
+}
+for ( i in { submit: true, reset: true } ) {
+	Expr.pseudos[ i ] = createButtonPseudo( i );
+}
+
+// Easy API for creating new setFilters
+function setFilters() {}
+setFilters.prototype = Expr.filters = Expr.pseudos;
+Expr.setFilters = new setFilters();
+
+tokenize = Sizzle.tokenize = function( selector, parseOnly ) {
+	var matched, match, tokens, type,
+		soFar, groups, preFilters,
+		cached = tokenCache[ selector + " " ];
+
+	if ( cached ) {
+		return parseOnly ? 0 : cached.slice( 0 );
+	}
+
+	soFar = selector;
+	groups = [];
+	preFilters = Expr.preFilter;
+
+	while ( soFar ) {
+
+		// Comma and first run
+		if ( !matched || (match = rcomma.exec( soFar )) ) {
+			if ( match ) {
+				// Don't consume trailing commas as valid
+				soFar = soFar.slice( match[0].length ) || soFar;
+			}
+			groups.push( (tokens = []) );
+		}
+
+		matched = false;
+
+		// Combinators
+		if ( (match = rcombinators.exec( soFar )) ) {
+			matched = match.shift();
+			tokens.push({
+				value: matched,
+				// Cast descendant combinators to space
+				type: match[0].replace( rtrim, " " )
+			});
+			soFar = soFar.slice( matched.length );
+		}
+
+		// Filters
+		for ( type in Expr.filter ) {
+			if ( (match = matchExpr[ type ].exec( soFar )) && (!preFilters[ type ] ||
+				(match = preFilters[ type ]( match ))) ) {
+				matched = match.shift();
+				tokens.push({
+					value: matched,
+					type: type,
+					matches: match
+				});
+				soFar = soFar.slice( matched.length );
+			}
+		}
+
+		if ( !matched ) {
+			break;
+		}
+	}
+
+	// Return the length of the invalid excess
+	// if we're just parsing
+	// Otherwise, throw an error or return tokens
+	return parseOnly ?
+		soFar.length :
+		soFar ?
+			Sizzle.error( selector ) :
+			// Cache the tokens
+			tokenCache( selector, groups ).slice( 0 );
+};
+
+function toSelector( tokens ) {
+	var i = 0,
+		len = tokens.length,
+		selector = "";
+	for ( ; i < len; i++ ) {
+		selector += tokens[i].value;
+	}
+	return selector;
+}
+
+function addCombinator( matcher, combinator, base ) {
+	var dir = combinator.dir,
+		checkNonElements = base && dir === "parentNode",
+		doneName = done++;
+
+	return combinator.first ?
+		// Check against closest ancestor/preceding element
+		function( elem, context, xml ) {
+			while ( (elem = elem[ dir ]) ) {
+				if ( elem.nodeType === 1 || checkNonElements ) {
+					return matcher( elem, context, xml );
+				}
+			}
+		} :
+
+		// Check against all ancestor/preceding elements
+		function( elem, context, xml ) {
+			var oldCache, outerCache,
+				newCache = [ dirruns, doneName ];
+
+			// We can't set arbitrary data on XML nodes, so they don't benefit from dir caching
+			if ( xml ) {
+				while ( (elem = elem[ dir ]) ) {
+					if ( elem.nodeType === 1 || checkNonElements ) {
+						if ( matcher( elem, context, xml ) ) {
+							return true;
+						}
+					}
+				}
+			} else {
+				while ( (elem = elem[ dir ]) ) {
+					if ( elem.nodeType === 1 || checkNonElements ) {
+						outerCache = elem[ expando ] || (elem[ expando ] = {});
+						if ( (oldCache = outerCache[ dir ]) &&
+							oldCache[ 0 ] === dirruns && oldCache[ 1 ] === doneName ) {
+
+							// Assign to newCache so results back-propagate to previous elements
+							return (newCache[ 2 ] = oldCache[ 2 ]);
+						} else {
+							// Reuse newcache so results back-propagate to previous elements
+							outerCache[ dir ] = newCache;
+
+							// A match means we're done; a fail means we have to keep checking
+							if ( (newCache[ 2 ] = matcher( elem, context, xml )) ) {
+								return true;
+							}
+						}
+					}
+				}
+			}
+		};
+}
+
+function elementMatcher( matchers ) {
+	return matchers.length > 1 ?
+		function( elem, context, xml ) {
+			var i = matchers.length;
+			while ( i-- ) {
+				if ( !matchers[i]( elem, context, xml ) ) {
+					return false;
+				}
+			}
+			return true;
+		} :
+		matchers[0];
+}
+
+function multipleContexts( selector, contexts, results ) {
+	var i = 0,
+		len = contexts.length;
+	for ( ; i < len; i++ ) {
+		Sizzle( selector, contexts[i], results );
+	}
+	return results;
+}
+
+function condense( unmatched, map, filter, context, xml ) {
+	var elem,
+		newUnmatched = [],
+		i = 0,
+		len = unmatched.length,
+		mapped = map != null;
+
+	for ( ; i < len; i++ ) {
+		if ( (elem = unmatched[i]) ) {
+			if ( !filter || filter( elem, context, xml ) ) {
+				newUnmatched.push( elem );
+				if ( mapped ) {
+					map.push( i );
+				}
+			}
+		}
+	}
+
+	return newUnmatched;
+}
+
+function setMatcher( preFilter, selector, matcher, postFilter, postFinder, postSelector ) {
+	if ( postFilter && !postFilter[ expando ] ) {
+		postFilter = setMatcher( postFilter );
+	}
+	if ( postFinder && !postFinder[ expando ] ) {
+		postFinder = setMatcher( postFinder, postSelector );
+	}
+	return markFunction(function( seed, results, context, xml ) {
+		var temp, i, elem,
+			preMap = [],
+			postMap = [],
+			preexisting = results.length,
+
+			// Get initial elements from seed or context
+			elems = seed || multipleContexts( selector || "*", context.nodeType ? [ context ] : context, [] ),
+
+			// Prefilter to get matcher input, preserving a map for seed-results synchronization
+			matcherIn = preFilter && ( seed || !selector ) ?
+				condense( elems, preMap, preFilter, context, xml ) :
+				elems,
+
+			matcherOut = matcher ?
+				// If we have a postFinder, or filtered seed, or non-seed postFilter or preexisting results,
+				postFinder || ( seed ? preFilter : preexisting || postFilter ) ?
+
+					// ...intermediate processing is necessary
+					[] :
+
+					// ...otherwise use results directly
+					results :
+				matcherIn;
+
+		// Find primary matches
+		if ( matcher ) {
+			matcher( matcherIn, matcherOut, context, xml );
+		}
+
+		// Apply postFilter
+		if ( postFilter ) {
+			temp = condense( matcherOut, postMap );
+			postFilter( temp, [], context, xml );
+
+			// Un-match failing elements by moving them back to matcherIn
+			i = temp.length;
+			while ( i-- ) {
+				if ( (elem = temp[i]) ) {
+					matcherOut[ postMap[i] ] = !(matcherIn[ postMap[i] ] = elem);
+				}
+			}
+		}
+
+		if ( seed ) {
+			if ( postFinder || preFilter ) {
+				if ( postFinder ) {
+					// Get the final matcherOut by condensing this intermediate into postFinder contexts
+					temp = [];
+					i = matcherOut.length;
+					while ( i-- ) {
+						if ( (elem = matcherOut[i]) ) {
+							// Restore matcherIn since elem is not yet a final match
+							temp.push( (matcherIn[i] = elem) );
+						}
+					}
+					postFinder( null, (matcherOut = []), temp, xml );
+				}
+
+				// Move matched elements from seed to results to keep them synchronized
+				i = matcherOut.length;
+				while ( i-- ) {
+					if ( (elem = matcherOut[i]) &&
+						(temp = postFinder ? indexOf( seed, elem ) : preMap[i]) > -1 ) {
+
+						seed[temp] = !(results[temp] = elem);
+					}
+				}
+			}
+
+		// Add elements to results, through postFinder if defined
+		} else {
+			matcherOut = condense(
+				matcherOut === results ?
+					matcherOut.splice( preexisting, matcherOut.length ) :
+					matcherOut
+			);
+			if ( postFinder ) {
+				postFinder( null, results, matcherOut, xml );
+			} else {
+				push.apply( results, matcherOut );
+			}
+		}
+	});
+}
+
+function matcherFromTokens( tokens ) {
+	var checkContext, matcher, j,
+		len = tokens.length,
+		leadingRelative = Expr.relative[ tokens[0].type ],
+		implicitRelative = leadingRelative || Expr.relative[" "],
+		i = leadingRelative ? 1 : 0,
+
+		// The foundational matcher ensures that elements are reachable from top-level context(s)
+		matchContext = addCombinator( function( elem ) {
+			return elem === checkContext;
+		}, implicitRelative, true ),
+		matchAnyContext = addCombinator( function( elem ) {
+			return indexOf( checkContext, elem ) > -1;
+		}, implicitRelative, true ),
+		matchers = [ function( elem, context, xml ) {
+			var ret = ( !leadingRelative && ( xml || context !== outermostContext ) ) || (
+				(checkContext = context).nodeType ?
+					matchContext( elem, context, xml ) :
+					matchAnyContext( elem, context, xml ) );
+			// Avoid hanging onto element (issue #299)
+			checkContext = null;
+			return ret;
+		} ];
+
+	for ( ; i < len; i++ ) {
+		if ( (matcher = Expr.relative[ tokens[i].type ]) ) {
+			matchers = [ addCombinator(elementMatcher( matchers ), matcher) ];
+		} else {
+			matcher = Expr.filter[ tokens[i].type ].apply( null, tokens[i].matches );
+
+			// Return special upon seeing a positional matcher
+			if ( matcher[ expando ] ) {
+				// Find the next relative operator (if any) for proper handling
+				j = ++i;
+				for ( ; j < len; j++ ) {
+					if ( Expr.relative[ tokens[j].type ] ) {
+						break;
+					}
+				}
+				return setMatcher(
+					i > 1 && elementMatcher( matchers ),
+					i > 1 && toSelector(
+						// If the preceding token was a descendant combinator, insert an implicit any-element `*`
+						tokens.slice( 0, i - 1 ).concat({ value: tokens[ i - 2 ].type === " " ? "*" : "" })
+					).replace( rtrim, "$1" ),
+					matcher,
+					i < j && matcherFromTokens( tokens.slice( i, j ) ),
+					j < len && matcherFromTokens( (tokens = tokens.slice( j )) ),
+					j < len && toSelector( tokens )
+				);
+			}
+			matchers.push( matcher );
+		}
+	}
+
+	return elementMatcher( matchers );
+}
+
+function matcherFromGroupMatchers( elementMatchers, setMatchers ) {
+	var bySet = setMatchers.length > 0,
+		byElement = elementMatchers.length > 0,
+		superMatcher = function( seed, context, xml, results, outermost ) {
+			var elem, j, matcher,
+				matchedCount = 0,
+				i = "0",
+				unmatched = seed && [],
+				setMatched = [],
+				contextBackup = outermostContext,
+				// We must always have either seed elements or outermost context
+				elems = seed || byElement && Expr.find["TAG"]( "*", outermost ),
+				// Use integer dirruns iff this is the outermost matcher
+				dirrunsUnique = (dirruns += contextBackup == null ? 1 : Math.random() || 0.1),
+				len = elems.length;
+
+			if ( outermost ) {
+				outermostContext = context !== document && context;
+			}
+
+			// Add elements passing elementMatchers directly to results
+			// Keep `i` a string if there are no elements so `matchedCount` will be "00" below
+			// Support: IE<9, Safari
+			// Tolerate NodeList properties (IE: "length"; Safari: <number>) matching elements by id
+			for ( ; i !== len && (elem = elems[i]) != null; i++ ) {
+				if ( byElement && elem ) {
+					j = 0;
+					while ( (matcher = elementMatchers[j++]) ) {
+						if ( matcher( elem, context, xml ) ) {
+							results.push( elem );
+							break;
+						}
+					}
+					if ( outermost ) {
+						dirruns = dirrunsUnique;
+					}
+				}
+
+				// Track unmatched elements for set filters
+				if ( bySet ) {
+					// They will have gone through all possible matchers
+					if ( (elem = !matcher && elem) ) {
+						matchedCount--;
+					}
+
+					// Lengthen the array for every element, matched or not
+					if ( seed ) {
+						unmatched.push( elem );
+					}
+				}
+			}
+
+			// Apply set filters to unmatched elements
+			matchedCount += i;
+			if ( bySet && i !== matchedCount ) {
+				j = 0;
+				while ( (matcher = setMatchers[j++]) ) {
+					matcher( unmatched, setMatched, context, xml );
+				}
+
+				if ( seed ) {
+					// Reintegrate element matches to eliminate the need for sorting
+					if ( matchedCount > 0 ) {
+						while ( i-- ) {
+							if ( !(unmatched[i] || setMatched[i]) ) {
+								setMatched[i] = pop.call( results );
+							}
+						}
+					}
+
+					// Discard index placeholder values to get only actual matches
+					setMatched = condense( setMatched );
+				}
+
+				// Add matches to results
+				push.apply( results, setMatched );
+
+				// Seedless set matches succeeding multiple successful matchers stipulate sorting
+				if ( outermost && !seed && setMatched.length > 0 &&
+					( matchedCount + setMatchers.length ) > 1 ) {
+
+					Sizzle.uniqueSort( results );
+				}
+			}
+
+			// Override manipulation of globals by nested matchers
+			if ( outermost ) {
+				dirruns = dirrunsUnique;
+				outermostContext = contextBackup;
+			}
+
+			return unmatched;
+		};
+
+	return bySet ?
+		markFunction( superMatcher ) :
+		superMatcher;
+}
+
+compile = Sizzle.compile = function( selector, match /* Internal Use Only */ ) {
+	var i,
+		setMatchers = [],
+		elementMatchers = [],
+		cached = compilerCache[ selector + " " ];
+
+	if ( !cached ) {
+		// Generate a function of recursive functions that can be used to check each element
+		if ( !match ) {
+			match = tokenize( selector );
+		}
+		i = match.length;
+		while ( i-- ) {
+			cached = matcherFromTokens( match[i] );
+			if ( cached[ expando ] ) {
+				setMatchers.push( cached );
+			} else {
+				elementMatchers.push( cached );
+			}
+		}
+
+		// Cache the compiled function
+		cached = compilerCache( selector, matcherFromGroupMatchers( elementMatchers, setMatchers ) );
+
+		// Save selector and tokenization
+		cached.selector = selector;
+	}
+	return cached;
+};
+
+/**
+ * A low-level selection function that works with Sizzle's compiled
+ *  selector functions
+ * @param {String|Function} selector A selector or a pre-compiled
+ *  selector function built with Sizzle.compile
+ * @param {Element} context
+ * @param {Array} [results]
+ * @param {Array} [seed] A set of elements to match against
+ */
+select = Sizzle.select = function( selector, context, results, seed ) {
+	var i, tokens, token, type, find,
+		compiled = typeof selector === "function" && selector,
+		match = !seed && tokenize( (selector = compiled.selector || selector) );
+
+	results = results || [];
+
+	// Try to minimize operations if there is no seed and only one group
+	if ( match.length === 1 ) {
+
+		// Take a shortcut and set the context if the root selector is an ID
+		tokens = match[0] = match[0].slice( 0 );
+		if ( tokens.length > 2 && (token = tokens[0]).type === "ID" &&
+				support.getById && context.nodeType === 9 && documentIsHTML &&
+				Expr.relative[ tokens[1].type ] ) {
+
+			context = ( Expr.find["ID"]( token.matches[0].replace(runescape, funescape), context ) || [] )[0];
+			if ( !context ) {
+				return results;
+
+			// Precompiled matchers will still verify ancestry, so step up a level
+			} else if ( compiled ) {
+				context = context.parentNode;
+			}
+
+			selector = selector.slice( tokens.shift().value.length );
+		}
+
+		// Fetch a seed set for right-to-left matching
+		i = matchExpr["needsContext"].test( selector ) ? 0 : tokens.length;
+		while ( i-- ) {
+			token = tokens[i];
+
+			// Abort if we hit a combinator
+			if ( Expr.relative[ (type = token.type) ] ) {
+				break;
+			}
+			if ( (find = Expr.find[ type ]) ) {
+				// Search, expanding context for leading sibling combinators
+				if ( (seed = find(
+					token.matches[0].replace( runescape, funescape ),
+					rsibling.test( tokens[0].type ) && testContext( context.parentNode ) || context
+				)) ) {
+
+					// If seed is empty or no tokens remain, we can return early
+					tokens.splice( i, 1 );
+					selector = seed.length && toSelector( tokens );
+					if ( !selector ) {
+						push.apply( results, seed );
+						return results;
+					}
+
+					break;
+				}
+			}
+		}
+	}
+
+	// Compile and execute a filtering function if one is not provided
+	// Provide `match` to avoid retokenization if we modified the selector above
+	( compiled || compile( selector, match ) )(
+		seed,
+		context,
+		!documentIsHTML,
+		results,
+		rsibling.test( selector ) && testContext( context.parentNode ) || context
+	);
+	return results;
+};
+
+// One-time assignments
+
+// Sort stability
+support.sortStable = expando.split("").sort( sortOrder ).join("") === expando;
+
+// Support: Chrome 14-35+
+// Always assume duplicates if they aren't passed to the comparison function
+support.detectDuplicates = !!hasDuplicate;
+
+// Initialize against the default document
+setDocument();
+
+// Support: Webkit<537.32 - Safari 6.0.3/Chrome 25 (fixed in Chrome 27)
+// Detached nodes confoundingly follow *each other*
+support.sortDetached = assert(function( div1 ) {
+	// Should return 1, but returns 4 (following)
+	return div1.compareDocumentPosition( document.createElement("div") ) & 1;
+});
+
+// Support: IE<8
+// Prevent attribute/property "interpolation"
+// http://msdn.microsoft.com/en-us/library/ms536429%28VS.85%29.aspx
+if ( !assert(function( div ) {
+	div.innerHTML = "<a href='#'></a>";
+	return div.firstChild.getAttribute("href") === "#" ;
+}) ) {
+	addHandle( "type|href|height|width", function( elem, name, isXML ) {
+		if ( !isXML ) {
+			return elem.getAttribute( name, name.toLowerCase() === "type" ? 1 : 2 );
+		}
+	});
+}
+
+// Support: IE<9
+// Use defaultValue in place of getAttribute("value")
+if ( !support.attributes || !assert(function( div ) {
+	div.innerHTML = "<input/>";
+	div.firstChild.setAttribute( "value", "" );
+	return div.firstChild.getAttribute( "value" ) === "";
+}) ) {
+	addHandle( "value", function( elem, name, isXML ) {
+		if ( !isXML && elem.nodeName.toLowerCase() === "input" ) {
+			return elem.defaultValue;
+		}
+	});
+}
+
+// Support: IE<9
+// Use getAttributeNode to fetch booleans when getAttribute lies
+if ( !assert(function( div ) {
+	return div.getAttribute("disabled") == null;
+}) ) {
+	addHandle( booleans, function( elem, name, isXML ) {
+		var val;
+		if ( !isXML ) {
+			return elem[ name ] === true ? name.toLowerCase() :
+					(val = elem.getAttributeNode( name )) && val.specified ?
+					val.value :
+				null;
+		}
+	});
+}
+
+return Sizzle;
+
+})( window );
+
+
+
+jQuery.find = Sizzle;
+jQuery.expr = Sizzle.selectors;
+jQuery.expr[":"] = jQuery.expr.pseudos;
+jQuery.unique = Sizzle.uniqueSort;
+jQuery.text = Sizzle.getText;
+jQuery.isXMLDoc = Sizzle.isXML;
+jQuery.contains = Sizzle.contains;
+
+
+
+var rneedsContext = jQuery.expr.match.needsContext;
+
+var rsingleTag = (/^<(\w+)\s*\/?>(?:<\/\1>|)$/);
+
+
+
+var risSimple = /^.[^:#\[\.,]*$/;
+
+// Implement the identical functionality for filter and not
+function winnow( elements, qualifier, not ) {
+	if ( jQuery.isFunction( qualifier ) ) {
+		return jQuery.grep( elements, function( elem, i ) {
+			/* jshint -W018 */
+			return !!qualifier.call( elem, i, elem ) !== not;
+		});
+
+	}
+
+	if ( qualifier.nodeType ) {
+		return jQuery.grep( elements, function( elem ) {
+			return ( elem === qualifier ) !== not;
+		});
+
+	}
+
+	if ( typeof qualifier === "string" ) {
+		if ( risSimple.test( qualifier ) ) {
+			return jQuery.filter( qualifier, elements, not );
+		}
+
+		qualifier = jQuery.filter( qualifier, elements );
+	}
+
+	return jQuery.grep( elements, function( elem ) {
+		return ( jQuery.inArray( elem, qualifier ) >= 0 ) !== not;
+	});
+}
+
+jQuery.filter = function( expr, elems, not ) {
+	var elem = elems[ 0 ];
+
+	if ( not ) {
+		expr = ":not(" + expr + ")";
+	}
+
+	return elems.length === 1 && elem.nodeType === 1 ?
+		jQuery.find.matchesSelector( elem, expr ) ? [ elem ] : [] :
+		jQuery.find.matches( expr, jQuery.grep( elems, function( elem ) {
+			return elem.nodeType === 1;
+		}));
+};
+
+jQuery.fn.extend({
+	find: function( selector ) {
+		var i,
+			ret = [],
+			self = this,
+			len = self.length;
+
+		if ( typeof selector !== "string" ) {
+			return this.pushStack( jQuery( selector ).filter(function() {
+				for ( i = 0; i < len; i++ ) {
+					if ( jQuery.contains( self[ i ], this ) ) {
+						return true;
+					}
+				}
+			}) );
+		}
+
+		for ( i = 0; i < len; i++ ) {
+			jQuery.find( selector, self[ i ], ret );
+		}
+
+		// Needed because $( selector, context ) becomes $( context ).find( selector )
+		ret = this.pushStack( len > 1 ? jQuery.unique( ret ) : ret );
+		ret.selector = this.selector ? this.selector + " " + selector : selector;
+		return ret;
+	},
+	filter: function( selector ) {
+		return this.pushStack( winnow(this, selector || [], false) );
+	},
+	not: function( selector ) {
+		return this.pushStack( winnow(this, selector || [], true) );
+	},
+	is: function( selector ) {
+		return !!winnow(
+			this,
+
+			// If this is a positional/relative selector, check membership in the returned set
+			// so $("p:first").is("p:last") won't return true for a doc with two "p".
+			typeof selector === "string" && rneedsContext.test( selector ) ?
+				jQuery( selector ) :
+				selector || [],
+			false
+		).length;
+	}
+});
+
+
+// Initialize a jQuery object
+
+
+// A central reference to the root jQuery(document)
+var rootjQuery,
+
+	// Use the correct document accordingly with window argument (sandbox)
+	document = window.document,
+
+	// A simple way to check for HTML strings
+	// Prioritize #id over <tag> to avoid XSS via location.hash (#9521)
+	// Strict HTML recognition (#11290: must start with <)
+	rquickExpr = /^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]*))$/,
+
+	init = jQuery.fn.init = function( selector, context ) {
+		var match, elem;
+
+		// HANDLE: $(""), $(null), $(undefined), $(false)
+		if ( !selector ) {
+			return this;
+		}
+
+		// Handle HTML strings
+		if ( typeof selector === "string" ) {
+			if ( selector.charAt(0) === "<" && selector.charAt( selector.length - 1 ) === ">" && selector.length >= 3 ) {
+				// Assume that strings that start and end with <> are HTML and skip the regex check
+				match = [ null, selector, null ];
+
+			} else {
+				match = rquickExpr.exec( selector );
+			}
+
+			// Match html or make sure no context is specified for #id
+			if ( match && (match[1] || !context) ) {
+
+				// HANDLE: $(html) -> $(array)
+				if ( match[1] ) {
+					context = context instanceof jQuery ? context[0] : context;
+
+					// scripts is true for back-compat
+					// Intentionally let the error be thrown if parseHTML is not present
+					jQuery.merge( this, jQuery.parseHTML(
+						match[1],
+						context && context.nodeType ? context.ownerDocument || context : document,
+						true
+					) );
+
+					// HANDLE: $(html, props)
+					if ( rsingleTag.test( match[1] ) && jQuery.isPlainObject( context ) ) {
+						for ( match in context ) {
+							// Properties of context are called as methods if possible
+							if ( jQuery.isFunction( this[ match ] ) ) {
+								this[ match ]( context[ match ] );
+
+							// ...and otherwise set as attributes
+							} else {
+								this.attr( match, context[ match ] );
+							}
+						}
+					}
+
+					return this;
+
+				// HANDLE: $(#id)
+				} else {
+					elem = document.getElementById( match[2] );
+
+					// Check parentNode to catch when Blackberry 4.6 returns
+					// nodes that are no longer in the document #6963
+					if ( elem && elem.parentNode ) {
+						// Handle the case where IE and Opera return items
+						// by name instead of ID
+						if ( elem.id !== match[2] ) {
+							return rootjQuery.find( selector );
+						}
+
+						// Otherwise, we inject the element directly into the jQuery object
+						this.length = 1;
+						this[0] = elem;
+					}
+
+					this.context = document;
+					this.selector = selector;
+					return this;
+				}
+
+			// HANDLE: $(expr, $(...))
+			} else if ( !context || context.jquery ) {
+				return ( context || rootjQuery ).find( selector );
+
+			// HANDLE: $(expr, context)
+			// (which is just equivalent to: $(context).find(expr)
+			} else {
+				return this.constructor( context ).find( selector );
+			}
+
+		// HANDLE: $(DOMElement)
+		} else if ( selector.nodeType ) {
+			this.context = this[0] = selector;
+			this.length = 1;
+			return this;
+
+		// HANDLE: $(function)
+		// Shortcut for document ready
+		} else if ( jQuery.isFunction( selector ) ) {
+			return typeof rootjQuery.ready !== "undefined" ?
+				rootjQuery.ready( selector ) :
+				// Execute immediately if ready is not present
+				selector( jQuery );
+		}
+
+		if ( selector.selector !== undefined ) {
+			this.selector = selector.selector;
+			this.context = selector.context;
+		}
+
+		return jQuery.makeArray( selector, this );
+	};
+
+// Give the init function the jQuery prototype for later instantiation
+init.prototype = jQuery.fn;
+
+// Initialize central reference
+rootjQuery = jQuery( document );
+
+
+var rparentsprev = /^(?:parents|prev(?:Until|All))/,
+	// methods guaranteed to produce a unique set when starting from a unique set
+	guaranteedUnique = {
+		children: true,
+		contents: true,
+		next: true,
+		prev: true
+	};
+
+jQuery.extend({
+	dir: function( elem, dir, until ) {
+		var matched = [],
+			cur = elem[ dir ];
+
+		while ( cur && cur.nodeType !== 9 && (until === undefined || cur.nodeType !== 1 || !jQuery( cur ).is( until )) ) {
+			if ( cur.nodeType === 1 ) {
+				matched.push( cur );
+			}
+			cur = cur[dir];
+		}
+		return matched;
+	},
+
+	sibling: function( n, elem ) {
+		var r = [];
+
+		for ( ; n; n = n.nextSibling ) {
+			if ( n.nodeType === 1 && n !== elem ) {
+				r.push( n );
+			}
+		}
+
+		return r;
+	}
+});
+
+jQuery.fn.extend({
+	has: function( target ) {
+		var i,
+			targets = jQuery( target, this ),
+			len = targets.length;
+
+		return this.filter(function() {
+			for ( i = 0; i < len; i++ ) {
+				if ( jQuery.contains( this, targets[i] ) ) {
+					return true;
+				}
+			}
+		});
+	},
+
+	closest: function( selectors, context ) {
+		var cur,
+			i = 0,
+			l = this.length,
+			matched = [],
+			pos = rneedsContext.test( selectors ) || typeof selectors !== "string" ?
+				jQuery( selectors, context || this.context ) :
+				0;
+
+		for ( ; i < l; i++ ) {
+			for ( cur = this[i]; cur && cur !== context; cur = cur.parentNode ) {
+				// Always skip document fragments
+				if ( cur.nodeType < 11 && (pos ?
+					pos.index(cur) > -1 :
+
+					// Don't pass non-elements to Sizzle
+					cur.nodeType === 1 &&
+						jQuery.find.matchesSelector(cur, selectors)) ) {
+
+					matched.push( cur );
+					break;
+				}
+			}
+		}
+
+		return this.pushStack( matched.length > 1 ? jQuery.unique( matched ) : matched );
+	},
+
+	// Determine the position of an element within
+	// the matched set of elements
+	index: function( elem ) {
+
+		// No argument, return index in parent
+		if ( !elem ) {
+			return ( this[0] && this[0].parentNode ) ? this.first().prevAll().length : -1;
+		}
+
+		// index in selector
+		if ( typeof elem === "string" ) {
+			return jQuery.inArray( this[0], jQuery( elem ) );
+		}
+
+		// Locate the position of the desired element
+		return jQuery.inArray(
+			// If it receives a jQuery object, the first element is used
+			elem.jquery ? elem[0] : elem, this );
+	},
+
+	add: function( selector, context ) {
+		return this.pushStack(
+			jQuery.unique(
+				jQuery.merge( this.get(), jQuery( selector, context ) )
+			)
+		);
+	},
+
+	addBack: function( selector ) {
+		return this.add( selector == null ?
+			this.prevObject : this.prevObject.filter(selector)
+		);
+	}
+});
+
+function sibling( cur, dir ) {
+	do {
+		cur = cur[ dir ];
+	} while ( cur && cur.nodeType !== 1 );
+
+	return cur;
+}
+
+jQuery.each({
+	parent: function( elem ) {
+		var parent = elem.parentNode;
+		return parent && parent.nodeType !== 11 ? parent : null;
+	},
+	parents: function( elem ) {
+		return jQuery.dir( elem, "parentNode" );
+	},
+	parentsUntil: function( elem, i, until ) {
+		return jQuery.dir( elem, "parentNode", until );
+	},
+	next: function( elem ) {
+		return sibling( elem, "nextSibling" );
+	},
+	prev: function( elem ) {
+		return sibling( elem, "previousSibling" );
+	},
+	nextAll: function( elem ) {
+		return jQuery.dir( elem, "nextSibling" );
+	},
+	prevAll: function( elem ) {
+		return jQuery.dir( elem, "previousSibling" );
+	},
+	nextUntil: function( elem, i, until ) {
+		return jQuery.dir( elem, "nextSibling", until );
+	},
+	prevUntil: function( elem, i, until ) {
+		return jQuery.dir( elem, "previousSibling", until );
+	},
+	siblings: function( elem ) {
+		return jQuery.sibling( ( elem.parentNode || {} ).firstChild, elem );
+	},
+	children: function( elem ) {
+		return jQuery.sibling( elem.firstChild );
+	},
+	contents: function( elem ) {
+		return jQuery.nodeName( elem, "iframe" ) ?
+			elem.contentDocument || elem.contentWindow.document :
+			jQuery.merge( [], elem.childNodes );
+	}
+}, function( name, fn ) {
+	jQuery.fn[ name ] = function( until, selector ) {
+		var ret = jQuery.map( this, fn, until );
+
+		if ( name.slice( -5 ) !== "Until" ) {
+			selector = until;
+		}
+
+		if ( selector && typeof selector === "string" ) {
+			ret = jQuery.filter( selector, ret );
+		}
+
+		if ( this.length > 1 ) {
+			// Remove duplicates
+			if ( !guaranteedUnique[ name ] ) {
+				ret = jQuery.unique( ret );
+			}
+
+			// Reverse order for parents* and prev-derivatives
+			if ( rparentsprev.test( name ) ) {
+				ret = ret.reverse();
+			}
+		}
+
+		return this.pushStack( ret );
+	};
+});
+var rnotwhite = (/\S+/g);
+
+
+
+// String to Object options format cache
+var optionsCache = {};
+
+// Convert String-formatted options into Object-formatted ones and store in cache
+function createOptions( options ) {
+	var object = optionsCache[ options ] = {};
+	jQuery.each( options.match( rnotwhite ) || [], function( _, flag ) {
+		object[ flag ] = true;
+	});
+	return object;
+}
+
+/*
+ * Create a callback list using the following parameters:
+ *
+ *	options: an optional list of space-separated options that will change how
+ *			the callback list behaves or a more traditional option object
+ *
+ * By default a callback list will act like an event callback list and can be
+ * "fired" multiple times.
+ *
+ * Possible options:
+ *
+ *	once:			will ensure the callback list can only be fired once (like a Deferred)
+ *
+ *	memory:			will keep track of previous values and will call any callback added
+ *					after the list has been fired right away with the latest "memorized"
+ *					values (like a Deferred)
+ *
+ *	unique:			will ensure a callback can only be added once (no duplicate in the list)
+ *
+ *	stopOnFalse:	interrupt callings when a callback returns false
+ *
+ */
+jQuery.Callbacks = function( options ) {
+
+	// Convert options from String-formatted to Object-formatted if needed
+	// (we check in cache first)
+	options = typeof options === "string" ?
+		( optionsCache[ options ] || createOptions( options ) ) :
+		jQuery.extend( {}, options );
+
+	var // Flag to know if list is currently firing
+		firing,
+		// Last fire value (for non-forgettable lists)
+		memory,
+		// Flag to know if list was already fired
+		fired,
+		// End of the loop when firing
+		firingLength,
+		// Index of currently firing callback (modified by remove if needed)
+		firingIndex,
+		// First callback to fire (used internally by add and fireWith)
+		firingStart,
+		// Actual callback list
+		list = [],
+		// Stack of fire calls for repeatable lists
+		stack = !options.once && [],
+		// Fire callbacks
+		fire = function( data ) {
+			memory = options.memory && data;
+			fired = true;
+			firingIndex = firingStart || 0;
+			firingStart = 0;
+			firingLength = list.length;
+			firing = true;
+			for ( ; list && firingIndex < firingLength; firingIndex++ ) {
+				if ( list[ firingIndex ].apply( data[ 0 ], data[ 1 ] ) === false && options.stopOnFalse ) {
+					memory = false; // To prevent further calls using add
+					break;
+				}
+			}
+			firing = false;
+			if ( list ) {
+				if ( stack ) {
+					if ( stack.length ) {
+						fire( stack.shift() );
+					}
+				} else if ( memory ) {
+					list = [];
+				} else {
+					self.disable();
+				}
+			}
+		},
+		// Actual Callbacks object
+		self = {
+			// Add a callback or a collection of callbacks to the list
+			add: function() {
+				if ( list ) {
+					// First, we save the current length
+					var start = list.length;
+					(function add( args ) {
+						jQuery.each( args, function( _, arg ) {
+							var type = jQuery.type( arg );
+							if ( type === "function" ) {
+								if ( !options.unique || !self.has( arg ) ) {
+									list.push( arg );
+								}
+							} else if ( arg && arg.length && type !== "string" ) {
+								// Inspect recursively
+								add( arg );
+							}
+						});
+					})( arguments );
+					// Do we need to add the callbacks to the
+					// current firing batch?
+					if ( firing ) {
+						firingLength = list.length;
+					// With memory, if we're not firing then
+					// we should call right away
+					} else if ( memory ) {
+						firingStart = start;
+						fire( memory );
+					}
+				}
+				return this;
+			},
+			// Remove a callback from the list
+			remove: function() {
+				if ( list ) {
+					jQuery.each( arguments, function( _, arg ) {
+						var index;
+						while ( ( index = jQuery.inArray( arg, list, index ) ) > -1 ) {
+							list.splice( index, 1 );
+							// Handle firing indexes
+							if ( firing ) {
+								if ( index <= firingLength ) {
+									firingLength--;
+								}
+								if ( index <= firingIndex ) {
+									firingIndex--;
+								}
+							}
+						}
+					});
+				}
+				return this;
+			},
+			// Check if a given callback is in the list.
+			// If no argument is given, return whether or not list has callbacks attached.
+			has: function( fn ) {
+				return fn ? jQuery.inArray( fn, list ) > -1 : !!( list && list.length );
+			},
+			// Remove all callbacks from the list
+			empty: function() {
+				list = [];
+				firingLength = 0;
+				return this;
+			},
+			// Have the list do nothing anymore
+			disable: function() {
+				list = stack = memory = undefined;
+				return this;
+			},
+			// Is it disabled?
+			disabled: function() {
+				return !list;
+			},
+			// Lock the list in its current state
+			lock: function() {
+				stack = undefined;
+				if ( !memory ) {
+					self.disable();
+				}
+				return this;
+			},
+			// Is it locked?
+			locked: function() {
+				return !stack;
+			},
+			// Call all callbacks with the given context and arguments
+			fireWith: function( context, args ) {
+				if ( list && ( !fired || stack ) ) {
+					args = args || [];
+					args = [ context, args.slice ? args.slice() : args ];
+					if ( firing ) {
+						stack.push( args );
+					} else {
+						fire( args );
+					}
+				}
+				return this;
+			},
+			// Call all the callbacks with the given arguments
+			fire: function() {
+				self.fireWith( this, arguments );
+				return this;
+			},
+			// To know if the callbacks have already been called at least once
+			fired: function() {
+				return !!fired;
+			}
+		};
+
+	return self;
+};
+
+
+jQuery.extend({
+
+	Deferred: function( func ) {
+		var tuples = [
+				// action, add listener, listener list, final state
+				[ "resolve", "done", jQuery.Callbacks("once memory"), "resolved" ],
+				[ "reject", "fail", jQuery.Callbacks("once memory"), "rejected" ],
+				[ "notify", "progress", jQuery.Callbacks("memory") ]
+			],
+			state = "pending",
+			promise = {
+				state: function() {
+					return state;
+				},
+				always: function() {
+					deferred.done( arguments ).fail( arguments );
+					return this;
+				},
+				then: function( /* fnDone, fnFail, fnProgress */ ) {
+					var fns = arguments;
+					return jQuery.Deferred(function( newDefer ) {
+						jQuery.each( tuples, function( i, tuple ) {
+							var fn = jQuery.isFunction( fns[ i ] ) && fns[ i ];
+							// deferred[ done | fail | progress ] for forwarding actions to newDefer
+							deferred[ tuple[1] ](function() {
+								var returned = fn && fn.apply( this, arguments );
+								if ( returned && jQuery.isFunction( returned.promise ) ) {
+									returned.promise()
+										.done( newDefer.resolve )
+										.fail( newDefer.reject )
+										.progress( newDefer.notify );
+								} else {
+									newDefer[ tuple[ 0 ] + "With" ]( this === promise ? newDefer.promise() : this, fn ? [ returned ] : arguments );
+								}
+							});
+						});
+						fns = null;
+					}).promise();
+				},
+				// Get a promise for this deferred
+				// If obj is provided, the promise aspect is added to the object
+				promise: function( obj ) {
+					return obj != null ? jQuery.extend( obj, promise ) : promise;
+				}
+			},
+			deferred = {};
+
+		// Keep pipe for back-compat
+		promise.pipe = promise.then;
+
+		// Add list-specific methods
+		jQuery.each( tuples, function( i, tuple ) {
+			var list = tuple[ 2 ],
+				stateString = tuple[ 3 ];
+
+			// promise[ done | fail | progress ] = list.add
+			promise[ tuple[1] ] = list.add;
+
+			// Handle state
+			if ( stateString ) {
+				list.add(function() {
+					// state = [ resolved | rejected ]
+					state = stateString;
+
+				// [ reject_list | resolve_list ].disable; progress_list.lock
+				}, tuples[ i ^ 1 ][ 2 ].disable, tuples[ 2 ][ 2 ].lock );
+			}
+
+			// deferred[ resolve | reject | notify ]
+			deferred[ tuple[0] ] = function() {
+				deferred[ tuple[0] + "With" ]( this === deferred ? promise : this, arguments );
+				return this;
+			};
+			deferred[ tuple[0] + "With" ] = list.fireWith;
+		});
+
+		// Make the deferred a promise
+		promise.promise( deferred );
+
+		// Call given func if any
+		if ( func ) {
+			func.call( deferred, deferred );
+		}
+
+		// All done!
+		return deferred;
+	},
+
+	// Deferred helper
+	when: function( subordinate /* , ..., subordinateN */ ) {
+		var i = 0,
+			resolveValues = slice.call( arguments ),
+			length = resolveValues.length,
+
+			// the count of uncompleted subordinates
+			remaining = length !== 1 || ( subordinate && jQuery.isFunction( subordinate.promise ) ) ? length : 0,
+
+			// the master Deferred. If resolveValues consist of only a single Deferred, just use that.
+			deferred = remaining === 1 ? subordinate : jQuery.Deferred(),
+
+			// Update function for both resolve and progress values
+			updateFunc = function( i, contexts, values ) {
+				return function( value ) {
+					contexts[ i ] = this;
+					values[ i ] = arguments.length > 1 ? slice.call( arguments ) : value;
+					if ( values === progressValues ) {
+						deferred.notifyWith( contexts, values );
+
+					} else if ( !(--remaining) ) {
+						deferred.resolveWith( contexts, values );
+					}
+				};
+			},
+
+			progressValues, progressContexts, resolveContexts;
+
+		// add listeners to Deferred subordinates; treat others as resolved
+		if ( length > 1 ) {
+			progressValues = new Array( length );
+			progressContexts = new Array( length );
+			resolveContexts = new Array( length );
+			for ( ; i < length; i++ ) {
+				if ( resolveValues[ i ] && jQuery.isFunction( resolveValues[ i ].promise ) ) {
+					resolveValues[ i ].promise()
+						.done( updateFunc( i, resolveContexts, resolveValues ) )
+						.fail( deferred.reject )
+						.progress( updateFunc( i, progressContexts, progressValues ) );
+				} else {
+					--remaining;
+				}
+			}
+		}
+
+		// if we're not waiting on anything, resolve the master
+		if ( !remaining ) {
+			deferred.resolveWith( resolveContexts, resolveValues );
+		}
+
+		return deferred.promise();
+	}
+});
+
+
+// The deferred used on DOM ready
+var readyList;
+
+jQuery.fn.ready = function( fn ) {
+	// Add the callback
+	jQuery.ready.promise().done( fn );
+
+	return this;
+};
+
+jQuery.extend({
+	// Is the DOM ready to be used? Set to true once it occurs.
+	isReady: false,
+
+	// A counter to track how many items to wait for before
+	// the ready event fires. See #6781
+	readyWait: 1,
+
+	// Hold (or release) the ready event
+	holdReady: function( hold ) {
+		if ( hold ) {
+			jQuery.readyWait++;
+		} else {
+			jQuery.ready( true );
+		}
+	},
+
+	// Handle when the DOM is ready
+	ready: function( wait ) {
+
+		// Abort if there are pending holds or we're already ready
+		if ( wait === true ? --jQuery.readyWait : jQuery.isReady ) {
+			return;
+		}
+
+		// Make sure body exists, at least, in case IE gets a little overzealous (ticket #5443).
+		if ( !document.body ) {
+			return setTimeout( jQuery.ready );
+		}
+
+		// Remember that the DOM is ready
+		jQuery.isReady = true;
+
+		// If a normal DOM Ready event fired, decrement, and wait if need be
+		if ( wait !== true && --jQuery.readyWait > 0 ) {
+			return;
+		}
+
+		// If there are functions bound, to execute
+		readyList.resolveWith( document, [ jQuery ] );
+
+		// Trigger any bound ready events
+		if ( jQuery.fn.triggerHandler ) {
+			jQuery( document ).triggerHandler( "ready" );
+			jQuery( document ).off( "ready" );
+		}
+	}
+});
+
+/**
+ * Clean-up method for dom ready events
+ */
+function detach() {
+	if ( document.addEventListener ) {
+		document.removeEventListener( "DOMContentLoaded", completed, false );
+		window.removeEventListener( "load", completed, false );
+
+	} else {
+		document.detachEvent( "onreadystatechange", completed );
+		window.detachEvent( "onload", completed );
+	}
+}
+
+/**
+ * The ready event handler and self cleanup method
+ */
+function completed() {
+	// readyState === "complete" is good enough for us to call the dom ready in oldIE
+	if ( document.addEventListener || event.type === "load" || document.readyState === "complete" ) {
+		detach();
+		jQuery.ready();
+	}
+}
+
+jQuery.ready.promise = function( obj ) {
+	if ( !readyList ) {
+
+		readyList = jQuery.Deferred();
+
+		// Catch cases where $(document).ready() is called after the browser event has already occurred.
+		// we once tried to use readyState "interactive" here, but it caused issues like the one
+		// discovered by ChrisS here: http://bugs.jquery.com/ticket/12282#comment:15
+		if ( document.readyState === "complete" ) {
+			// Handle it asynchronously to allow scripts the opportunity to delay ready
+			setTimeout( jQuery.ready );
+
+		// Standards-based browsers support DOMContentLoaded
+		} else if ( document.addEventListener ) {
+			// Use the handy event callback
+			document.addEventListener( "DOMContentLoaded", completed, false );
+
+			// A fallback to window.onload, that will always work
+			window.addEventListener( "load", completed, false );
+
+		// If IE event model is used
+		} else {
+			// Ensure firing before onload, maybe late but safe also for iframes
+			document.attachEvent( "onreadystatechange", completed );
+
+			// A fallback to window.onload, that will always work
+			window.attachEvent( "onload", completed );
+
+			// If IE and not a frame
+			// continually check to see if the document is ready
+			var top = false;
+
+			try {
+				top = window.frameElement == null && document.documentElement;
+			} catch(e) {}
+
+			if ( top && top.doScroll ) {
+				(function doScrollCheck() {
+					if ( !jQuery.isReady ) {
+
+						try {
+							// Use the trick by Diego Perini
+							// http://javascript.nwbox.com/IEContentLoaded/
+							top.doScroll("left");
+						} catch(e) {
+							return setTimeout( doScrollCheck, 50 );
+						}
+
+						// detach all dom ready events
+						detach();
+
+						// and execute any waiting functions
+						jQuery.ready();
+					}
+				})();
+			}
+		}
+	}
+	return readyList.promise( obj );
+};
+
+
+var strundefined = typeof undefined;
+
+
+
+// Support: IE<9
+// Iteration over object's inherited properties before its own
+var i;
+for ( i in jQuery( support ) ) {
+	break;
+}
+support.ownLast = i !== "0";
+
+// Note: most support tests are defined in their respective modules.
+// false until the test is run
+support.inlineBlockNeedsLayout = false;
+
+// Execute ASAP in case we need to set body.style.zoom
+jQuery(function() {
+	// Minified: var a,b,c,d
+	var val, div, body, container;
+
+	body = document.getElementsByTagName( "body" )[ 0 ];
+	if ( !body || !body.style ) {
+		// Return for frameset docs that don't have a body
+		return;
+	}
+
+	// Setup
+	div = document.createElement( "div" );
+	container = document.createElement( "div" );
+	container.style.cssText = "position:absolute;border:0;width:0;height:0;top:0;left:-9999px";
+	body.appendChild( container ).appendChild( div );
+
+	if ( typeof div.style.zoom !== strundefined ) {
+		// Support: IE<8
+		// Check if natively block-level elements act like inline-block
+		// elements when setting their display to 'inline' and giving
+		// them layout
+		div.style.cssText = "display:inline;margin:0;border:0;padding:1px;width:1px;zoom:1";
+
+		support.inlineBlockNeedsLayout = val = div.offsetWidth === 3;
+		if ( val ) {
+			// Prevent IE 6 from affecting layout for positioned elements #11048
+			// Prevent IE from shrinking the body in IE 7 mode #12869
+			// Support: IE<8
+			body.style.zoom = 1;
+		}
+	}
+
+	body.removeChild( container );
+});
+
+
+
+
+(function() {
+	var div = document.createElement( "div" );
+
+	// Execute the test only if not already executed in another module.
+	if (support.deleteExpando == null) {
+		// Support: IE<9
+		support.deleteExpando = true;
+		try {
+			delete div.test;
+		} catch( e ) {
+			support.deleteExpando = false;
+		}
+	}
+
+	// Null elements to avoid leaks in IE.
+	div = null;
+})();
+
+
+/**
+ * Determines whether an object can have data
+ */
+jQuery.acceptData = function( elem ) {
+	var noData = jQuery.noData[ (elem.nodeName + " ").toLowerCase() ],
+		nodeType = +elem.nodeType || 1;
+
+	// Do not set data on non-element DOM nodes because it will not be cleared (#8335).
+	return nodeType !== 1 && nodeType !== 9 ?
+		false :
+
+		// Nodes accept data unless otherwise specified; rejection can be conditional
+		!noData || noData !== true && elem.getAttribute("classid") === noData;
+};
+
+
+var rbrace = /^(?:\{[\w\W]*\}|\[[\w\W]*\])$/,
+	rmultiDash = /([A-Z])/g;
+
+function dataAttr( elem, key, data ) {
+	// If nothing was found internally, try to fetch any
+	// data from the HTML5 data-* attribute
+	if ( data === undefined && elem.nodeType === 1 ) {
+
+		var name = "data-" + key.replace( rmultiDash, "-$1" ).toLowerCase();
+
+		data = elem.getAttribute( name );
+
+		if ( typeof data === "string" ) {
+			try {
+				data = data === "true" ? true :
+					data === "false" ? false :
+					data === "null" ? null :
+					// Only convert to a number if it doesn't change the string
+					+data + "" === data ? +data :
+					rbrace.test( data ) ? jQuery.parseJSON( data ) :
+					data;
+			} catch( e ) {}
+
+			// Make sure we set the data so it isn't changed later
+			jQuery.data( elem, key, data );
+
+		} else {
+			data = undefined;
+		}
+	}
+
+	return data;
+}
+
+// checks a cache object for emptiness
+function isEmptyDataObject( obj ) {
+	var name;
+	for ( name in obj ) {
+
+		// if the public data object is empty, the private is still empty
+		if ( name === "data" && jQuery.isEmptyObject( obj[name] ) ) {
+			continue;
+		}
+		if ( name !== "toJSON" ) {
+			return false;
+		}
+	}
+
+	return true;
+}
+
+function internalData( elem, name, data, pvt /* Internal Use Only */ ) {
+	if ( !jQuery.acceptData( elem ) ) {
+		return;
+	}
+
+	var ret, thisCache,
+		internalKey = jQuery.expando,
+
+		// We have to handle DOM nodes and JS objects differently because IE6-7
+		// can't GC object references properly across the DOM-JS boundary
+		isNode = elem.nodeType,
+
+		// Only DOM nodes need the global jQuery cache; JS object data is
+		// attached directly to the object so GC can occur automatically
+		cache = isNode ? jQuery.cache : elem,
+
+		// Only defining an ID for JS objects if its cache already exists allows
+		// the code to shortcut on the same path as a DOM node with no cache
+		id = isNode ? elem[ internalKey ] : elem[ internalKey ] && internalKey;
+
+	// Avoid doing any more work than we need to when trying to get data on an
+	// object that has no data at all
+	if ( (!id || !cache[id] || (!pvt && !cache[id].data)) && data === undefined && typeof name === "string" ) {
+		return;
+	}
+
+	if ( !id ) {
+		// Only DOM nodes need a new unique ID for each element since their data
+		// ends up in the global cache
+		if ( isNode ) {
+			id = elem[ internalKey ] = deletedIds.pop() || jQuery.guid++;
+		} else {
+			id = internalKey;
+		}
+	}
+
+	if ( !cache[ id ] ) {
+		// Avoid exposing jQuery metadata on plain JS objects when the object
+		// is serialized using JSON.stringify
+		cache[ id ] = isNode ? {} : { toJSON: jQuery.noop };
+	}
+
+	// An object can be passed to jQuery.data instead of a key/value pair; this gets
+	// shallow copied over onto the existing cache
+	if ( typeof name === "object" || typeof name === "function" ) {
+		if ( pvt ) {
+			cache[ id ] = jQuery.extend( cache[ id ], name );
+		} else {
+			cache[ id ].data = jQuery.extend( cache[ id ].data, name );
+		}
+	}
+
+	thisCache = cache[ id ];
+
+	// jQuery data() is stored in a separate object inside the object's internal data
+	// cache in order to avoid key collisions between internal data and user-defined
+	// data.
+	if ( !pvt ) {
+		if ( !thisCache.data ) {
+			thisCache.data = {};
+		}
+
+		thisCache = thisCache.data;
+	}
+
+	if ( data !== undefined ) {
+		thisCache[ jQuery.camelCase( name ) ] = data;
+	}
+
+	// Check for both converted-to-camel and non-converted data property names
+	// If a data property was specified
+	if ( typeof name === "string" ) {
+
+		// First Try to find as-is property data
+		ret = thisCache[ name ];
+
+		// Test for null|undefined property data
+		if ( ret == null ) {
+
+			// Try to find the camelCased property
+			ret = thisCache[ jQuery.camelCase( name ) ];
+		}
+	} else {
+		ret = thisCache;
+	}
+
+	return ret;
+}
+
+function internalRemoveData( elem, name, pvt ) {
+	if ( !jQuery.acceptData( elem ) ) {
+		return;
+	}
+
+	var thisCache, i,
+		isNode = elem.nodeType,
+
+		// See jQuery.data for more information
+		cache = isNode ? jQuery.cache : elem,
+		id = isNode ? elem[ jQuery.expando ] : jQuery.expando;
+
+	// If there is already no cache entry for this object, there is no
+	// purpose in continuing
+	if ( !cache[ id ] ) {
+		return;
+	}
+
+	if ( name ) {
+
+		thisCache = pvt ? cache[ id ] : cache[ id ].data;
+
+		if ( thisCache ) {
+
+			// Support array or space separated string names for data keys
+			if ( !jQuery.isArray( name ) ) {
+
+				// try the string as a key before any manipulation
+				if ( name in thisCache ) {
+					name = [ name ];
+				} else {
+
+					// split the camel cased version by spaces unless a key with the spaces exists
+					name = jQuery.camelCase( name );
+					if ( name in thisCache ) {
+						name = [ name ];
+					} else {
+						name = name.split(" ");
+					}
+				}
+			} else {
+				// If "name" is an array of keys...
+				// When data is initially created, via ("key", "val") signature,
+				// keys will be converted to camelCase.
+				// Since there is no way to tell _how_ a key was added, remove
+				// both plain key and camelCase key. #12786
+				// This will only penalize the array argument path.
+				name = name.concat( jQuery.map( name, jQuery.camelCase ) );
+			}
+
+			i = name.length;
+			while ( i-- ) {
+				delete thisCache[ name[i] ];
+			}
+
+			// If there is no data left in the cache, we want to continue
+			// and let the cache object itself get destroyed
+			if ( pvt ? !isEmptyDataObject(thisCache) : !jQuery.isEmptyObject(thisCache) ) {
+				return;
+			}
+		}
+	}
+
+	// See jQuery.data for more information
+	if ( !pvt ) {
+		delete cache[ id ].data;
+
+		// Don't destroy the parent cache unless the internal data object
+		// had been the only thing left in it
+		if ( !isEmptyDataObject( cache[ id ] ) ) {
+			return;
+		}
+	}
+
+	// Destroy the cache
+	if ( isNode ) {
+		jQuery.cleanData( [ elem ], true );
+
+	// Use delete when supported for expandos or `cache` is not a window per isWindow (#10080)
+	/* jshint eqeqeq: false */
+	} else if ( support.deleteExpando || cache != cache.window ) {
+		/* jshint eqeqeq: true */
+		delete cache[ id ];
+
+	// When all else fails, null
+	} else {
+		cache[ id ] = null;
+	}
+}
+
+jQuery.extend({
+	cache: {},
+
+	// The following elements (space-suffixed to avoid Object.prototype collisions)
+	// throw uncatchable exceptions if you attempt to set expando properties
+	noData: {
+		"applet ": true,
+		"embed ": true,
+		// ...but Flash objects (which have this classid) *can* handle expandos
+		"object ": "clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"
+	},
+
+	hasData: function( elem ) {
+		elem = elem.nodeType ? jQuery.cache[ elem[jQuery.expando] ] : elem[ jQuery.expando ];
+		return !!elem && !isEmptyDataObject( elem );
+	},
+
+	data: function( elem, name, data ) {
+		return internalData( elem, name, data );
+	},
+
+	removeData: function( elem, name ) {
+		return internalRemoveData( elem, name );
+	},
+
+	// For internal use only.
+	_data: function( elem, name, data ) {
+		return internalData( elem, name, data, true );
+	},
+
+	_removeData: function( elem, name ) {
+		return internalRemoveData( elem, name, true );
+	}
+});
+
+jQuery.fn.extend({
+	data: function( key, value ) {
+		var i, name, data,
+			elem = this[0],
+			attrs = elem && elem.attributes;
+
+		// Special expections of .data basically thwart jQuery.access,
+		// so implement the relevant behavior ourselves
+
+		// Gets all values
+		if ( key === undefined ) {
+			if ( this.length ) {
+				data = jQuery.data( elem );
+
+				if ( elem.nodeType === 1 && !jQuery._data( elem, "parsedAttrs" ) ) {
+					i = attrs.length;
+					while ( i-- ) {
+
+						// Support: IE11+
+						// The attrs elements can be null (#14894)
+						if ( attrs[ i ] ) {
+							name = attrs[ i ].name;
+							if ( name.indexOf( "data-" ) === 0 ) {
+								name = jQuery.camelCase( name.slice(5) );
+								dataAttr( elem, name, data[ name ] );
+							}
+						}
+					}
+					jQuery._data( elem, "parsedAttrs", true );
+				}
+			}
+
+			return data;
+		}
+
+		// Sets multiple values
+		if ( typeof key === "object" ) {
+			return this.each(function() {
+				jQuery.data( this, key );
+			});
+		}
+
+		return arguments.length > 1 ?
+
+			// Sets one value
+			this.each(function() {
+				jQuery.data( this, key, value );
+			}) :
+
+			// Gets one value
+			// Try to fetch any internally stored data first
+			elem ? dataAttr( elem, key, jQuery.data( elem, key ) ) : undefined;
+	},
+
+	removeData: function( key ) {
+		return this.each(function() {
+			jQuery.removeData( this, key );
+		});
+	}
+});
+
+
+jQuery.extend({
+	queue: function( elem, type, data ) {
+		var queue;
+
+		if ( elem ) {
+			type = ( type || "fx" ) + "queue";
+			queue = jQuery._data( elem, type );
+
+			// Speed up dequeue by getting out quickly if this is just a lookup
+			if ( data ) {
+				if ( !queue || jQuery.isArray(data) ) {
+					queue = jQuery._data( elem, type, jQuery.makeArray(data) );
+				} else {
+					queue.push( data );
+				}
+			}
+			return queue || [];
+		}
+	},
+
+	dequeue: function( elem, type ) {
+		type = type || "fx";
+
+		var queue = jQuery.queue( elem, type ),
+			startLength = queue.length,
+			fn = queue.shift(),
+			hooks = jQuery._queueHooks( elem, type ),
+			next = function() {
+				jQuery.dequeue( elem, type );
+			};
+
+		// If the fx queue is dequeued, always remove the progress sentinel
+		if ( fn === "inprogress" ) {
+			fn = queue.shift();
+			startLength--;
+		}
+
+		if ( fn ) {
+
+			// Add a progress sentinel to prevent the fx queue from being
+			// automatically dequeued
+			if ( type === "fx" ) {
+				queue.unshift( "inprogress" );
+			}
+
+			// clear up the last queue stop function
+			delete hooks.stop;
+			fn.call( elem, next, hooks );
+		}
+
+		if ( !startLength && hooks ) {
+			hooks.empty.fire();
+		}
+	},
+
+	// not intended for public consumption - generates a queueHooks object, or returns the current one
+	_queueHooks: function( elem, type ) {
+		var key = type + "queueHooks";
+		return jQuery._data( elem, key ) || jQuery._data( elem, key, {
+			empty: jQuery.Callbacks("once memory").add(function() {
+				jQuery._removeData( elem, type + "queue" );
+				jQuery._removeData( elem, key );
+			})
+		});
+	}
+});
+
+jQuery.fn.extend({
+	queue: function( type, data ) {
+		var setter = 2;
+
+		if ( typeof type !== "string" ) {
+			data = type;
+			type = "fx";
+			setter--;
+		}
+
+		if ( arguments.length < setter ) {
+			return jQuery.queue( this[0], type );
+		}
+
+		return data === undefined ?
+			this :
+			this.each(function() {
+				var queue = jQuery.queue( this, type, data );
+
+				// ensure a hooks for this queue
+				jQuery._queueHooks( this, type );
+
+				if ( type === "fx" && queue[0] !== "inprogress" ) {
+					jQuery.dequeue( this, type );
+				}
+			});
+	},
+	dequeue: function( type ) {
+		return this.each(function() {
+			jQuery.dequeue( this, type );
+		});
+	},
+	clearQueue: function( type ) {
+		return this.queue( type || "fx", [] );
+	},
+	// Get a promise resolved when queues of a certain type
+	// are emptied (fx is the type by default)
+	promise: function( type, obj ) {
+		var tmp,
+			count = 1,
+			defer = jQuery.Deferred(),
+			elements = this,
+			i = this.length,
+			resolve = function() {
+				if ( !( --count ) ) {
+					defer.resolveWith( elements, [ elements ] );
+				}
+			};
+
+		if ( typeof type !== "string" ) {
+			obj = type;
+			type = undefined;
+		}
+		type = type || "fx";
+
+		while ( i-- ) {
+			tmp = jQuery._data( elements[ i ], type + "queueHooks" );
+			if ( tmp && tmp.empty ) {
+				count++;
+				tmp.empty.add( resolve );
+			}
+		}
+		resolve();
+		return defer.promise( obj );
+	}
+});
+var pnum = (/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/).source;
+
+var cssExpand = [ "Top", "Right", "Bottom", "Left" ];
+
+var isHidden = function( elem, el ) {
+		// isHidden might be called from jQuery#filter function;
+		// in that case, element will be second argument
+		elem = el || elem;
+		return jQuery.css( elem, "display" ) === "none" || !jQuery.contains( elem.ownerDocument, elem );
+	};
+
+
+
+// Multifunctional method to get and set values of a collection
+// The value/s can optionally be executed if it's a function
+var access = jQuery.access = function( elems, fn, key, value, chainable, emptyGet, raw ) {
+	var i = 0,
+		length = elems.length,
+		bulk = key == null;
+
+	// Sets many values
+	if ( jQuery.type( key ) === "object" ) {
+		chainable = true;
+		for ( i in key ) {
+			jQuery.access( elems, fn, i, key[i], true, emptyGet, raw );
+		}
+
+	// Sets one value
+	} else if ( value !== undefined ) {
+		chainable = true;
+
+		if ( !jQuery.isFunction( value ) ) {
+			raw = true;
+		}
+
+		if ( bulk ) {
+			// Bulk operations run against the entire set
+			if ( raw ) {
+				fn.call( elems, value );
+				fn = null;
+
+			// ...except when executing function values
+			} else {
+				bulk = fn;
+				fn = function( elem, key, value ) {
+					return bulk.call( jQuery( elem ), value );
+				};
+			}
+		}
+
+		if ( fn ) {
+			for ( ; i < length; i++ ) {
+				fn( elems[i], key, raw ? value : value.call( elems[i], i, fn( elems[i], key ) ) );
+			}
+		}
+	}
+
+	return chainable ?
+		elems :
+
+		// Gets
+		bulk ?
+			fn.call( elems ) :
+			length ? fn( elems[0], key ) : emptyGet;
+};
+var rcheckableType = (/^(?:checkbox|radio)$/i);
+
+
+
+(function() {
+	// Minified: var a,b,c
+	var input = document.createElement( "input" ),
+		div = document.createElement( "div" ),
+		fragment = document.createDocumentFragment();
+
+	// Setup
+	div.innerHTML = "  <link/><table></table><a href='/a'>a</a><input type='checkbox'/>";
+
+	// IE strips leading whitespace when .innerHTML is used
+	support.leadingWhitespace = div.firstChild.nodeType === 3;
+
+	// Make sure that tbody elements aren't automatically inserted
+	// IE will insert them into empty tables
+	support.tbody = !div.getElementsByTagName( "tbody" ).length;
+
+	// Make sure that link elements get serialized correctly by innerHTML
+	// This requires a wrapper element in IE
+	support.htmlSerialize = !!div.getElementsByTagName( "link" ).length;
+
+	// Makes sure cloning an html5 element does not cause problems
+	// Where outerHTML is undefined, this still works
+	support.html5Clone =
+		document.createElement( "nav" ).cloneNode( true ).outerHTML !== "<:nav></:nav>";
+
+	// Check if a disconnected checkbox will retain its checked
+	// value of true after appended to the DOM (IE6/7)
+	input.type = "checkbox";
+	input.checked = true;
+	fragment.appendChild( input );
+	support.appendChecked = input.checked;
+
+	// Make sure textarea (and checkbox) defaultValue is properly cloned
+	// Support: IE6-IE11+
+	div.innerHTML = "<textarea>x</textarea>";
+	support.noCloneChecked = !!div.cloneNode( true ).lastChild.defaultValue;
+
+	// #11217 - WebKit loses check when the name is after the checked attribute
+	fragment.appendChild( div );
+	div.innerHTML = "<input type='radio' checked='checked' name='t'/>";
+
+	// Support: Safari 5.1, iOS 5.1, Android 4.x, Android 2.3
+	// old WebKit doesn't clone checked state correctly in fragments
+	support.checkClone = div.cloneNode( true ).cloneNode( true ).lastChild.checked;
+
+	// Support: IE<9
+	// Opera does not clone events (and typeof div.attachEvent === undefined).
+	// IE9-10 clones events bound via attachEvent, but they don't trigger with .click()
+	support.noCloneEvent = true;
+	if ( div.attachEvent ) {
+		div.attachEvent( "onclick", function() {
+			support.noCloneEvent = false;
+		});
+
+		div.cloneNode( true ).click();
+	}
+
+	// Execute the test only if not already executed in another module.
+	if (support.deleteExpando == null) {
+		// Support: IE<9
+		support.deleteExpando = true;
+		try {
+			delete div.test;
+		} catch( e ) {
+			support.deleteExpando = false;
+		}
+	}
+})();
+
+
+(function() {
+	var i, eventName,
+		div = document.createElement( "div" );
+
+	// Support: IE<9 (lack submit/change bubble), Firefox 23+ (lack focusin event)
+	for ( i in { submit: true, change: true, focusin: true }) {
+		eventName = "on" + i;
+
+		if ( !(support[ i + "Bubbles" ] = eventName in window) ) {
+			// Beware of CSP restrictions (https://developer.mozilla.org/en/Security/CSP)
+			div.setAttribute( eventName, "t" );
+			support[ i + "Bubbles" ] = div.attributes[ eventName ].expando === false;
+		}
+	}
+
+	// Null elements to avoid leaks in IE.
+	div = null;
+})();
+
+
+var rformElems = /^(?:input|select|textarea)$/i,
+	rkeyEvent = /^key/,
+	rmouseEvent = /^(?:mouse|pointer|contextmenu)|click/,
+	rfocusMorph = /^(?:focusinfocus|focusoutblur)$/,
+	rtypenamespace = /^([^.]*)(?:\.(.+)|)$/;
+
+function returnTrue() {
+	return true;
+}
+
+function returnFalse() {
+	return false;
+}
+
+function safeActiveElement() {
+	try {
+		return document.activeElement;
+	} catch ( err ) { }
+}
+
+/*
+ * Helper functions for managing events -- not part of the public interface.
+ * Props to Dean Edwards' addEvent library for many of the ideas.
+ */
+jQuery.event = {
+
+	global: {},
+
+	add: function( elem, types, handler, data, selector ) {
+		var tmp, events, t, handleObjIn,
+			special, eventHandle, handleObj,
+			handlers, type, namespaces, origType,
+			elemData = jQuery._data( elem );
+
+		// Don't attach events to noData or text/comment nodes (but allow plain objects)
+		if ( !elemData ) {
+			return;
+		}
+
+		// Caller can pass in an object of custom data in lieu of the handler
+		if ( handler.handler ) {
+			handleObjIn = handler;
+			handler = handleObjIn.handler;
+			selector = handleObjIn.selector;
+		}
+
+		// Make sure that the handler has a unique ID, used to find/remove it later
+		if ( !handler.guid ) {
+			handler.guid = jQuery.guid++;
+		}
+
+		// Init the element's event structure and main handler, if this is the first
+		if ( !(events = elemData.events) ) {
+			events = elemData.events = {};
+		}
+		if ( !(eventHandle = elemData.handle) ) {
+			eventHandle = elemData.handle = function( e ) {
+				// Discard the second event of a jQuery.event.trigger() and
+				// when an event is called after a page has unloaded
+				return typeof jQuery !== strundefined && (!e || jQuery.event.triggered !== e.type) ?
+					jQuery.event.dispatch.apply( eventHandle.elem, arguments ) :
+					undefined;
+			};
+			// Add elem as a property of the handle fn to prevent a memory leak with IE non-native events
+			eventHandle.elem = elem;
+		}
+
+		// Handle multiple events separated by a space
+		types = ( types || "" ).match( rnotwhite ) || [ "" ];
+		t = types.length;
+		while ( t-- ) {
+			tmp = rtypenamespace.exec( types[t] ) || [];
+			type = origType = tmp[1];
+			namespaces = ( tmp[2] || "" ).split( "." ).sort();
+
+			// There *must* be a type, no attaching namespace-only handlers
+			if ( !type ) {
+				continue;
+			}
+
+			// If event changes its type, use the special event handlers for the changed type
+			special = jQuery.event.special[ type ] || {};
+
+			// If selector defined, determine special event api type, otherwise given type
+			type = ( selector ? special.delegateType : special.bindType ) || type;
+
+			// Update special based on newly reset type
+			special = jQuery.event.special[ type ] || {};
+
+			// handleObj is passed to all event handlers
+			handleObj = jQuery.extend({
+				type: type,
+				origType: origType,
+				data: data,
+				handler: handler,
+				guid: handler.guid,
+				selector: selector,
+				needsContext: selector && jQuery.expr.match.needsContext.test( selector ),
+				namespace: namespaces.join(".")
+			}, handleObjIn );
+
+			// Init the event handler queue if we're the first
+			if ( !(handlers = events[ type ]) ) {
+				handlers = events[ type ] = [];
+				handlers.delegateCount = 0;
+
+				// Only use addEventListener/attachEvent if the special events handler returns false
+				if ( !special.setup || special.setup.call( elem, data, namespaces, eventHandle ) === false ) {
+					// Bind the global event handler to the element
+					if ( elem.addEventListener ) {
+						elem.addEventListener( type, eventHandle, false );
+
+					} else if ( elem.attachEvent ) {
+						elem.attachEvent( "on" + type, eventHandle );
+					}
+				}
+			}
+
+			if ( special.add ) {
+				special.add.call( elem, handleObj );
+
+				if ( !handleObj.handler.guid ) {
+					handleObj.handler.guid = handler.guid;
+				}
+			}
+
+			// Add to the element's handler list, delegates in front
+			if ( selector ) {
+				handlers.splice( handlers.delegateCount++, 0, handleObj );
+			} else {
+				handlers.push( handleObj );
+			}
+
+			// Keep track of which events have ever been used, for event optimization
+			jQuery.event.global[ type ] = true;
+		}
+
+		// Nullify elem to prevent memory leaks in IE
+		elem = null;
+	},
+
+	// Detach an event or set of events from an element
+	remove: function( elem, types, handler, selector, mappedTypes ) {
+		var j, handleObj, tmp,
+			origCount, t, events,
+			special, handlers, type,
+			namespaces, origType,
+			elemData = jQuery.hasData( elem ) && jQuery._data( elem );
+
+		if ( !elemData || !(events = elemData.events) ) {
+			return;
+		}
+
+		// Once for each type.namespace in types; type may be omitted
+		types = ( types || "" ).match( rnotwhite ) || [ "" ];
+		t = types.length;
+		while ( t-- ) {
+			tmp = rtypenamespace.exec( types[t] ) || [];
+			type = origType = tmp[1];
+			namespaces = ( tmp[2] || "" ).split( "." ).sort();
+
+			// Unbind all events (on this namespace, if provided) for the element
+			if ( !type ) {
+				for ( type in events ) {
+					jQuery.event.remove( elem, type + types[ t ], handler, selector, true );
+				}
+				continue;
+			}
+
+			special = jQuery.event.special[ type ] || {};
+			type = ( selector ? special.delegateType : special.bindType ) || type;
+			handlers = events[ type ] || [];
+			tmp = tmp[2] && new RegExp( "(^|\\.)" + namespaces.join("\\.(?:.*\\.|)") + "(\\.|$)" );
+
+			// Remove matching events
+			origCount = j = handlers.length;
+			while ( j-- ) {
+				handleObj = handlers[ j ];
+
+				if ( ( mappedTypes || origType === handleObj.origType ) &&
+					( !handler || handler.guid === handleObj.guid ) &&
+					( !tmp || tmp.test( handleObj.namespace ) ) &&
+					( !selector || selector === handleObj.selector || selector === "**" && handleObj.selector ) ) {
+					handlers.splice( j, 1 );
+
+					if ( handleObj.selector ) {
+						handlers.delegateCount--;
+					}
+					if ( special.remove ) {
+						special.remove.call( elem, handleObj );
+					}
+				}
+			}
+
+			// Remove generic event handler if we removed something and no more handlers exist
+			// (avoids potential for endless recursion during removal of special event handlers)
+			if ( origCount && !handlers.length ) {
+				if ( !special.teardown || special.teardown.call( elem, namespaces, elemData.handle ) === false ) {
+					jQuery.removeEvent( elem, type, elemData.handle );
+				}
+
+				delete events[ type ];
+			}
+		}
+
+		// Remove the expando if it's no longer used
+		if ( jQuery.isEmptyObject( events ) ) {
+			delete elemData.handle;
+
+			// removeData also checks for emptiness and clears the expando if empty
+			// so use it instead of delete
+			jQuery._removeData( elem, "events" );
+		}
+	},
+
+	trigger: function( event, data, elem, onlyHandlers ) {
+		var handle, ontype, cur,
+			bubbleType, special, tmp, i,
+			eventPath = [ elem || document ],
+			type = hasOwn.call( event, "type" ) ? event.type : event,
+			namespaces = hasOwn.call( event, "namespace" ) ? event.namespace.split(".") : [];
+
+		cur = tmp = elem = elem || document;
+
+		// Don't do events on text and comment nodes
+		if ( elem.nodeType === 3 || elem.nodeType === 8 ) {
+			return;
+		}
+
+		// focus/blur morphs to focusin/out; ensure we're not firing them right now
+		if ( rfocusMorph.test( type + jQuery.event.triggered ) ) {
+			return;
+		}
+
+		if ( type.indexOf(".") >= 0 ) {
+			// Namespaced trigger; create a regexp to match event type in handle()
+			namespaces = type.split(".");
+			type = namespaces.shift();
+			namespaces.sort();
+		}
+		ontype = type.indexOf(":") < 0 && "on" + type;
+
+		// Caller can pass in a jQuery.Event object, Object, or just an event type string
+		event = event[ jQuery.expando ] ?
+			event :
+			new jQuery.Event( type, typeof event === "object" && event );
+
+		// Trigger bitmask: & 1 for native handlers; & 2 for jQuery (always true)
+		event.isTrigger = onlyHandlers ? 2 : 3;
+		event.namespace = namespaces.join(".");
+		event.namespace_re = event.namespace ?
+			new RegExp( "(^|\\.)" + namespaces.join("\\.(?:.*\\.|)") + "(\\.|$)" ) :
+			null;
+
+		// Clean up the event in case it is being reused
+		event.result = undefined;
+		if ( !event.target ) {
+			event.target = elem;
+		}
+
+		// Clone any incoming data and prepend the event, creating the handler arg list
+		data = data == null ?
+			[ event ] :
+			jQuery.makeArray( data, [ event ] );
+
+		// Allow special events to draw outside the lines
+		special = jQuery.event.special[ type ] || {};
+		if ( !onlyHandlers && special.trigger && special.trigger.apply( elem, data ) === false ) {
+			return;
+		}
+
+		// Determine event propagation path in advance, per W3C events spec (#9951)
+		// Bubble up to document, then to window; watch for a global ownerDocument var (#9724)
+		if ( !onlyHandlers && !special.noBubble && !jQuery.isWindow( elem ) ) {
+
+			bubbleType = special.delegateType || type;
+			if ( !rfocusMorph.test( bubbleType + type ) ) {
+				cur = cur.parentNode;
+			}
+			for ( ; cur; cur = cur.parentNode ) {
+				eventPath.push( cur );
+				tmp = cur;
+			}
+
+			// Only add window if we got to document (e.g., not plain obj or detached DOM)
+			if ( tmp === (elem.ownerDocument || document) ) {
+				eventPath.push( tmp.defaultView || tmp.parentWindow || window );
+			}
+		}
+
+		// Fire handlers on the event path
+		i = 0;
+		while ( (cur = eventPath[i++]) && !event.isPropagationStopped() ) {
+
+			event.type = i > 1 ?
+				bubbleType :
+				special.bindType || type;
+
+			// jQuery handler
+			handle = ( jQuery._data( cur, "events" ) || {} )[ event.type ] && jQuery._data( cur, "handle" );
+			if ( handle ) {
+				handle.apply( cur, data );
+			}
+
+			// Native handler
+			handle = ontype && cur[ ontype ];
+			if ( handle && handle.apply && jQuery.acceptData( cur ) ) {
+				event.result = handle.apply( cur, data );
+				if ( event.result === false ) {
+					event.preventDefault();
+				}
+			}
+		}
+		event.type = type;
+
+		// If nobody prevented the default action, do it now
+		if ( !onlyHandlers && !event.isDefaultPrevented() ) {
+
+			if ( (!special._default || special._default.apply( eventPath.pop(), data ) === false) &&
+				jQuery.acceptData( elem ) ) {
+
+				// Call a native DOM method on the target with the same name name as the event.
+				// Can't use an .isFunction() check here because IE6/7 fails that test.
+				// Don't do default actions on window, that's where global variables be (#6170)
+				if ( ontype && elem[ type ] && !jQuery.isWindow( elem ) ) {
+
+					// Don't re-trigger an onFOO event when we call its FOO() method
+					tmp = elem[ ontype ];
+
+					if ( tmp ) {
+						elem[ ontype ] = null;
+					}
+
+					// Prevent re-triggering of the same event, since we already bubbled it above
+					jQuery.event.triggered = type;
+					try {
+						elem[ type ]();
+					} catch ( e ) {
+						// IE<9 dies on focus/blur to hidden element (#1486,#12518)
+						// only reproducible on winXP IE8 native, not IE9 in IE8 mode
+					}
+					jQuery.event.triggered = undefined;
+
+					if ( tmp ) {
+						elem[ ontype ] = tmp;
+					}
+				}
+			}
+		}
+
+		return event.result;
+	},
+
+	dispatch: function( event ) {
+
+		// Make a writable jQuery.Event from the native event object
+		event = jQuery.event.fix( event );
+
+		var i, ret, handleObj, matched, j,
+			handlerQueue = [],
+			args = slice.call( arguments ),
+			handlers = ( jQuery._data( this, "events" ) || {} )[ event.type ] || [],
+			special = jQuery.event.special[ event.type ] || {};
+
+		// Use the fix-ed jQuery.Event rather than the (read-only) native event
+		args[0] = event;
+		event.delegateTarget = this;
+
+		// Call the preDispatch hook for the mapped type, and let it bail if desired
+		if ( special.preDispatch && special.preDispatch.call( this, event ) === false ) {
+			return;
+		}
+
+		// Determine handlers
+		handlerQueue = jQuery.event.handlers.call( this, event, handlers );
+
+		// Run delegates first; they may want to stop propagation beneath us
+		i = 0;
+		while ( (matched = handlerQueue[ i++ ]) && !event.isPropagationStopped() ) {
+			event.currentTarget = matched.elem;
+
+			j = 0;
+			while ( (handleObj = matched.handlers[ j++ ]) && !event.isImmediatePropagationStopped() ) {
+
+				// Triggered event must either 1) have no namespace, or
+				// 2) have namespace(s) a subset or equal to those in the bound event (both can have no namespace).
+				if ( !event.namespace_re || event.namespace_re.test( handleObj.namespace ) ) {
+
+					event.handleObj = handleObj;
+					event.data = handleObj.data;
+
+					ret = ( (jQuery.event.special[ handleObj.origType ] || {}).handle || handleObj.handler )
+							.apply( matched.elem, args );
+
+					if ( ret !== undefined ) {
+						if ( (event.result = ret) === false ) {
+							event.preventDefault();
+							event.stopPropagation();
+						}
+					}
+				}
+			}
+		}
+
+		// Call the postDispatch hook for the mapped type
+		if ( special.postDispatch ) {
+			special.postDispatch.call( this, event );
+		}
+
+		return event.result;
+	},
+
+	handlers: function( event, handlers ) {
+		var sel, handleObj, matches, i,
+			handlerQueue = [],
+			delegateCount = handlers.delegateCount,
+			cur = event.target;
+
+		// Find delegate handlers
+		// Black-hole SVG <use> instance trees (#13180)
+		// Avoid non-left-click bubbling in Firefox (#3861)
+		if ( delegateCount && cur.nodeType && (!event.button || event.type !== "click") ) {
+
+			/* jshint eqeqeq: false */
+			for ( ; cur != this; cur = cur.parentNode || this ) {
+				/* jshint eqeqeq: true */
+
+				// Don't check non-elements (#13208)
+				// Don't process clicks on disabled elements (#6911, #8165, #11382, #11764)
+				if ( cur.nodeType === 1 && (cur.disabled !== true || event.type !== "click") ) {
+					matches = [];
+					for ( i = 0; i < delegateCount; i++ ) {
+						handleObj = handlers[ i ];
+
+						// Don't conflict with Object.prototype properties (#13203)
+						sel = handleObj.selector + " ";
+
+						if ( matches[ sel ] === undefined ) {
+							matches[ sel ] = handleObj.needsContext ?
+								jQuery( sel, this ).index( cur ) >= 0 :
+								jQuery.find( sel, this, null, [ cur ] ).length;
+						}
+						if ( matches[ sel ] ) {
+							matches.push( handleObj );
+						}
+					}
+					if ( matches.length ) {
+						handlerQueue.push({ elem: cur, handlers: matches });
+					}
+				}
+			}
+		}
+
+		// Add the remaining (directly-bound) handlers
+		if ( delegateCount < handlers.length ) {
+			handlerQueue.push({ elem: this, handlers: handlers.slice( delegateCount ) });
+		}
+
+		return handlerQueue;
+	},
+
+	fix: function( event ) {
+		if ( event[ jQuery.expando ] ) {
+			return event;
+		}
+
+		// Create a writable copy of the event object and normalize some properties
+		var i, prop, copy,
+			type = event.type,
+			originalEvent = event,
+			fixHook = this.fixHooks[ type ];
+
+		if ( !fixHook ) {
+			this.fixHooks[ type ] = fixHook =
+				rmouseEvent.test( type ) ? this.mouseHooks :
+				rkeyEvent.test( type ) ? this.keyHooks :
+				{};
+		}
+		copy = fixHook.props ? this.props.concat( fixHook.props ) : this.props;
+
+		event = new jQuery.Event( originalEvent );
+
+		i = copy.length;
+		while ( i-- ) {
+			prop = copy[ i ];
+			event[ prop ] = originalEvent[ prop ];
+		}
+
+		// Support: IE<9
+		// Fix target property (#1925)
+		if ( !event.target ) {
+			event.target = originalEvent.srcElement || document;
+		}
+
+		// Support: Chrome 23+, Safari?
+		// Target should not be a text node (#504, #13143)
+		if ( event.target.nodeType === 3 ) {
+			event.target = event.target.parentNode;
+		}
+
+		// Support: IE<9
+		// For mouse/key events, metaKey==false if it's undefined (#3368, #11328)
+		event.metaKey = !!event.metaKey;
+
+		return fixHook.filter ? fixHook.filter( event, originalEvent ) : event;
+	},
+
+	// Includes some event props shared by KeyEvent and MouseEvent
+	props: "altKey bubbles cancelable ctrlKey currentTarget eventPhase metaKey relatedTarget shiftKey target timeStamp view which".split(" "),
+
+	fixHooks: {},
+
+	keyHooks: {
+		props: "char charCode key keyCode".split(" "),
+		filter: function( event, original ) {
+
+			// Add which for key events
+			if ( event.which == null ) {
+				event.which = original.charCode != null ? original.charCode : original.keyCode;
+			}
+
+			return event;
+		}
+	},
+
+	mouseHooks: {
+		props: "button buttons clientX clientY fromElement offsetX offsetY pageX pageY screenX screenY toElement".split(" "),
+		filter: function( event, original ) {
+			var body, eventDoc, doc,
+				button = original.button,
+				fromElement = original.fromElement;
+
+			// Calculate pageX/Y if missing and clientX/Y available
+			if ( event.pageX == null && original.clientX != null ) {
+				eventDoc = event.target.ownerDocument || document;
+				doc = eventDoc.documentElement;
+				body = eventDoc.body;
+
+				event.pageX = original.clientX + ( doc && doc.scrollLeft || body && body.scrollLeft || 0 ) - ( doc && doc.clientLeft || body && body.clientLeft || 0 );
+				event.pageY = original.clientY + ( doc && doc.scrollTop  || body && body.scrollTop  || 0 ) - ( doc && doc.clientTop  || body && body.clientTop  || 0 );
+			}
+
+			// Add relatedTarget, if necessary
+			if ( !event.relatedTarget && fromElement ) {
+				event.relatedTarget = fromElement === event.target ? original.toElement : fromElement;
+			}
+
+			// Add which for click: 1 === left; 2 === middle; 3 === right
+			// Note: button is not normalized, so don't use it
+			if ( !event.which && button !== undefined ) {
+				event.which = ( button & 1 ? 1 : ( button & 2 ? 3 : ( button & 4 ? 2 : 0 ) ) );
+			}
+
+			return event;
+		}
+	},
+
+	special: {
+		load: {
+			// Prevent triggered image.load events from bubbling to window.load
+			noBubble: true
+		},
+		focus: {
+			// Fire native event if possible so blur/focus sequence is correct
+			trigger: function() {
+				if ( this !== safeActiveElement() && this.focus ) {
+					try {
+						this.focus();
+						return false;
+					} catch ( e ) {
+						// Support: IE<9
+						// If we error on focus to hidden element (#1486, #12518),
+						// let .trigger() run the handlers
+					}
+				}
+			},
+			delegateType: "focusin"
+		},
+		blur: {
+			trigger: function() {
+				if ( this === safeActiveElement() && this.blur ) {
+					this.blur();
+					return false;
+				}
+			},
+			delegateType: "focusout"
+		},
+		click: {
+			// For checkbox, fire native event so checked state will be right
+			trigger: function() {
+				if ( jQuery.nodeName( this, "input" ) && this.type === "checkbox" && this.click ) {
+					this.click();
+					return false;
+				}
+			},
+
+			// For cross-browser consistency, don't fire native .click() on links
+			_default: function( event ) {
+				return jQuery.nodeName( event.target, "a" );
+			}
+		},
+
+		beforeunload: {
+			postDispatch: function( event ) {
+
+				// Support: Firefox 20+
+				// Firefox doesn't alert if the returnValue field is not set.
+				if ( event.result !== undefined && event.originalEvent ) {
+					event.originalEvent.returnValue = event.result;
+				}
+			}
+		}
+	},
+
+	simulate: function( type, elem, event, bubble ) {
+		// Piggyback on a donor event to simulate a different one.
+		// Fake originalEvent to avoid donor's stopPropagation, but if the
+		// simulated event prevents default then we do the same on the donor.
+		var e = jQuery.extend(
+			new jQuery.Event(),
+			event,
+			{
+				type: type,
+				isSimulated: true,
+				originalEvent: {}
+			}
+		);
+		if ( bubble ) {
+			jQuery.event.trigger( e, null, elem );
+		} else {
+			jQuery.event.dispatch.call( elem, e );
+		}
+		if ( e.isDefaultPrevented() ) {
+			event.preventDefault();
+		}
+	}
+};
+
+jQuery.removeEvent = document.removeEventListener ?
+	function( elem, type, handle ) {
+		if ( elem.removeEventListener ) {
+			elem.removeEventListener( type, handle, false );
+		}
+	} :
+	function( elem, type, handle ) {
+		var name = "on" + type;
+
+		if ( elem.detachEvent ) {
+
+			// #8545, #7054, preventing memory leaks for custom events in IE6-8
+			// detachEvent needed property on element, by name of that event, to properly expose it to GC
+			if ( typeof elem[ name ] === strundefined ) {
+				elem[ name ] = null;
+			}
+
+			elem.detachEvent( name, handle );
+		}
+	};
+
+jQuery.Event = function( src, props ) {
+	// Allow instantiation without the 'new' keyword
+	if ( !(this instanceof jQuery.Event) ) {
+		return new jQuery.Event( src, props );
+	}
+
+	// Event object
+	if ( src && src.type ) {
+		this.originalEvent = src;
+		this.type = src.type;
+
+		// Events bubbling up the document may have been marked as prevented
+		// by a handler lower down the tree; reflect the correct value.
+		this.isDefaultPrevented = src.defaultPrevented ||
+				src.defaultPrevented === undefined &&
+				// Support: IE < 9, Android < 4.0
+				src.returnValue === false ?
+			returnTrue :
+			returnFalse;
+
+	// Event type
+	} else {
+		this.type = src;
+	}
+
+	// Put explicitly provided properties onto the event object
+	if ( props ) {
+		jQuery.extend( this, props );
+	}
+
+	// Create a timestamp if incoming event doesn't have one
+	this.timeStamp = src && src.timeStamp || jQuery.now();
+
+	// Mark it as fixed
+	this[ jQuery.expando ] = true;
+};
+
+// jQuery.Event is based on DOM3 Events as specified by the ECMAScript Language Binding
+// http://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html
+jQuery.Event.prototype = {
+	isDefaultPrevented: returnFalse,
+	isPropagationStopped: returnFalse,
+	isImmediatePropagationStopped: returnFalse,
+
+	preventDefault: function() {
+		var e = this.originalEvent;
+
+		this.isDefaultPrevented = returnTrue;
+		if ( !e ) {
+			return;
+		}
+
+		// If preventDefault exists, run it on the original event
+		if ( e.preventDefault ) {
+			e.preventDefault();
+
+		// Support: IE
+		// Otherwise set the returnValue property of the original event to false
+		} else {
+			e.returnValue = false;
+		}
+	},
+	stopPropagation: function() {
+		var e = this.originalEvent;
+
+		this.isPropagationStopped = returnTrue;
+		if ( !e ) {
+			return;
+		}
+		// If stopPropagation exists, run it on the original event
+		if ( e.stopPropagation ) {
+			e.stopPropagation();
+		}
+
+		// Support: IE
+		// Set the cancelBubble property of the original event to true
+		e.cancelBubble = true;
+	},
+	stopImmediatePropagation: function() {
+		var e = this.originalEvent;
+
+		this.isImmediatePropagationStopped = returnTrue;
+
+		if ( e && e.stopImmediatePropagation ) {
+			e.stopImmediatePropagation();
+		}
+
+		this.stopPropagation();
+	}
+};
+
+// Create mouseenter/leave events using mouseover/out and event-time checks
+jQuery.each({
+	mouseenter: "mouseover",
+	mouseleave: "mouseout",
+	pointerenter: "pointerover",
+	pointerleave: "pointerout"
+}, function( orig, fix ) {
+	jQuery.event.special[ orig ] = {
+		delegateType: fix,
+		bindType: fix,
+
+		handle: function( event ) {
+			var ret,
+				target = this,
+				related = event.relatedTarget,
+				handleObj = event.handleObj;
+
+			// For mousenter/leave call the handler if related is outside the target.
+			// NB: No relatedTarget if the mouse left/entered the browser window
+			if ( !related || (related !== target && !jQuery.contains( target, related )) ) {
+				event.type = handleObj.origType;
+				ret = handleObj.handler.apply( this, arguments );
+				event.type = fix;
+			}
+			return ret;
+		}
+	};
+});
+
+// IE submit delegation
+if ( !support.submitBubbles ) {
+
+	jQuery.event.special.submit = {
+		setup: function() {
+			// Only need this for delegated form submit events
+			if ( jQuery.nodeName( this, "form" ) ) {
+				return false;
+			}
+
+			// Lazy-add a submit handler when a descendant form may potentially be submitted
+			jQuery.event.add( this, "click._submit keypress._submit", function( e ) {
+				// Node name check avoids a VML-related crash in IE (#9807)
+				var elem = e.target,
+					form = jQuery.nodeName( elem, "input" ) || jQuery.nodeName( elem, "button" ) ? elem.form : undefined;
+				if ( form && !jQuery._data( form, "submitBubbles" ) ) {
+					jQuery.event.add( form, "submit._submit", function( event ) {
+						event._submit_bubble = true;
+					});
+					jQuery._data( form, "submitBubbles", true );
+				}
+			});
+			// return undefined since we don't need an event listener
+		},
+
+		postDispatch: function( event ) {
+			// If form was submitted by the user, bubble the event up the tree
+			if ( event._submit_bubble ) {
+				delete event._submit_bubble;
+				if ( this.parentNode && !event.isTrigger ) {
+					jQuery.event.simulate( "submit", this.parentNode, event, true );
+				}
+			}
+		},
+
+		teardown: function() {
+			// Only need this for delegated form submit events
+			if ( jQuery.nodeName( this, "form" ) ) {
+				return false;
+			}
+
+			// Remove delegated handlers; cleanData eventually reaps submit handlers attached above
+			jQuery.event.remove( this, "._submit" );
+		}
+	};
+}
+
+// IE change delegation and checkbox/radio fix
+if ( !support.changeBubbles ) {
+
+	jQuery.event.special.change = {
+
+		setup: function() {
+
+			if ( rformElems.test( this.nodeName ) ) {
+				// IE doesn't fire change on a check/radio until blur; trigger it on click
+				// after a propertychange. Eat the blur-change in special.change.handle.
+				// This still fires onchange a second time for check/radio after blur.
+				if ( this.type === "checkbox" || this.type === "radio" ) {
+					jQuery.event.add( this, "propertychange._change", function( event ) {
+						if ( event.originalEvent.propertyName === "checked" ) {
+							this._just_changed = true;
+						}
+					});
+					jQuery.event.add( this, "click._change", function( event ) {
+						if ( this._just_changed && !event.isTrigger ) {
+							this._just_changed = false;
+						}
+						// Allow triggered, simulated change events (#11500)
+						jQuery.event.simulate( "change", this, event, true );
+					});
+				}
+				return false;
+			}
+			// Delegated event; lazy-add a change handler on descendant inputs
+			jQuery.event.add( this, "beforeactivate._change", function( e ) {
+				var elem = e.target;
+
+				if ( rformElems.test( elem.nodeName ) && !jQuery._data( elem, "changeBubbles" ) ) {
+					jQuery.event.add( elem, "change._change", function( event ) {
+						if ( this.parentNode && !event.isSimulated && !event.isTrigger ) {
+							jQuery.event.simulate( "change", this.parentNode, event, true );
+						}
+					});
+					jQuery._data( elem, "changeBubbles", true );
+				}
+			});
+		},
+
+		handle: function( event ) {
+			var elem = event.target;
+
+			// Swallow native change events from checkbox/radio, we already triggered them above
+			if ( this !== elem || event.isSimulated || event.isTrigger || (elem.type !== "radio" && elem.type !== "checkbox") ) {
+				return event.handleObj.handler.apply( this, arguments );
+			}
+		},
+
+		teardown: function() {
+			jQuery.event.remove( this, "._change" );
+
+			return !rformElems.test( this.nodeName );
+		}
+	};
+}
+
+// Create "bubbling" focus and blur events
+if ( !support.focusinBubbles ) {
+	jQuery.each({ focus: "focusin", blur: "focusout" }, function( orig, fix ) {
+
+		// Attach a single capturing handler on the document while someone wants focusin/focusout
+		var handler = function( event ) {
+				jQuery.event.simulate( fix, event.target, jQuery.event.fix( event ), true );
+			};
+
+		jQuery.event.special[ fix ] = {
+			setup: function() {
+				var doc = this.ownerDocument || this,
+					attaches = jQuery._data( doc, fix );
+
+				if ( !attaches ) {
+					doc.addEventListener( orig, handler, true );
+				}
+				jQuery._data( doc, fix, ( attaches || 0 ) + 1 );
+			},
+			teardown: function() {
+				var doc = this.ownerDocument || this,
+					attaches = jQuery._data( doc, fix ) - 1;
+
+				if ( !attaches ) {
+					doc.removeEventListener( orig, handler, true );
+					jQuery._removeData( doc, fix );
+				} else {
+					jQuery._data( doc, fix, attaches );
+				}
+			}
+		};
+	});
+}
+
+jQuery.fn.extend({
+
+	on: function( types, selector, data, fn, /*INTERNAL*/ one ) {
+		var type, origFn;
+
+		// Types can be a map of types/handlers
+		if ( typeof types === "object" ) {
+			// ( types-Object, selector, data )
+			if ( typeof selector !== "string" ) {
+				// ( types-Object, data )
+				data = data || selector;
+				selector = undefined;
+			}
+			for ( type in types ) {
+				this.on( type, selector, data, types[ type ], one );
+			}
+			return this;
+		}
+
+		if ( data == null && fn == null ) {
+			// ( types, fn )
+			fn = selector;
+			data = selector = undefined;
+		} else if ( fn == null ) {
+			if ( typeof selector === "string" ) {
+				// ( types, selector, fn )
+				fn = data;
+				data = undefined;
+			} else {
+				// ( types, data, fn )
+				fn = data;
+				data = selector;
+				selector = undefined;
+			}
+		}
+		if ( fn === false ) {
+			fn = returnFalse;
+		} else if ( !fn ) {
+			return this;
+		}
+
+		if ( one === 1 ) {
+			origFn = fn;
+			fn = function( event ) {
+				// Can use an empty set, since event contains the info
+				jQuery().off( event );
+				return origFn.apply( this, arguments );
+			};
+			// Use same guid so caller can remove using origFn
+			fn.guid = origFn.guid || ( origFn.guid = jQuery.guid++ );
+		}
+		return this.each( function() {
+			jQuery.event.add( this, types, fn, data, selector );
+		});
+	},
+	one: function( types, selector, data, fn ) {
+		return this.on( types, selector, data, fn, 1 );
+	},
+	off: function( types, selector, fn ) {
+		var handleObj, type;
+		if ( types && types.preventDefault && types.handleObj ) {
+			// ( event )  dispatched jQuery.Event
+			handleObj = types.handleObj;
+			jQuery( types.delegateTarget ).off(
+				handleObj.namespace ? handleObj.origType + "." + handleObj.namespace : handleObj.origType,
+				handleObj.selector,
+				handleObj.handler
+			);
+			return this;
+		}
+		if ( typeof types === "object" ) {
+			// ( types-object [, selector] )
+			for ( type in types ) {
+				this.off( type, selector, types[ type ] );
+			}
+			return this;
+		}
+		if ( selector === false || typeof selector === "function" ) {
+			// ( types [, fn] )
+			fn = selector;
+			selector = undefined;
+		}
+		if ( fn === false ) {
+			fn = returnFalse;
+		}
+		return this.each(function() {
+			jQuery.event.remove( this, types, fn, selector );
+		});
+	},
+
+	trigger: function( type, data ) {
+		return this.each(function() {
+			jQuery.event.trigger( type, data, this );
+		});
+	},
+	triggerHandler: function( type, data ) {
+		var elem = this[0];
+		if ( elem ) {
+			return jQuery.event.trigger( type, data, elem, true );
+		}
+	}
+});
+
+
+function createSafeFragment( document ) {
+	var list = nodeNames.split( "|" ),
+		safeFrag = document.createDocumentFragment();
+
+	if ( safeFrag.createElement ) {
+		while ( list.length ) {
+			safeFrag.createElement(
+				list.pop()
+			);
+		}
+	}
+	return safeFrag;
+}
+
+var nodeNames = "abbr|article|aside|audio|bdi|canvas|data|datalist|details|figcaption|figure|footer|" +
+		"header|hgroup|mark|meter|nav|output|progress|section|summary|time|video",
+	rinlinejQuery = / jQuery\d+="(?:null|\d+)"/g,
+	rnoshimcache = new RegExp("<(?:" + nodeNames + ")[\\s/>]", "i"),
+	rleadingWhitespace = /^\s+/,
+	rxhtmlTag = /<(?!area|br|col|embed|hr|img|input|link|meta|param)(([\w:]+)[^>]*)\/>/gi,
+	rtagName = /<([\w:]+)/,
+	rtbody = /<tbody/i,
+	rhtml = /<|&#?\w+;/,
+	rnoInnerhtml = /<(?:script|style|link)/i,
+	// checked="checked" or checked
+	rchecked = /checked\s*(?:[^=]|=\s*.checked.)/i,
+	rscriptType = /^$|\/(?:java|ecma)script/i,
+	rscriptTypeMasked = /^true\/(.*)/,
+	rcleanScript = /^\s*<!(?:\[CDATA\[|--)|(?:\]\]|--)>\s*$/g,
+
+	// We have to close these tags to support XHTML (#13200)
+	wrapMap = {
+		option: [ 1, "<select multiple='multiple'>", "</select>" ],
+		legend: [ 1, "<fieldset>", "</fieldset>" ],
+		area: [ 1, "<map>", "</map>" ],
+		param: [ 1, "<object>", "</object>" ],
+		thead: [ 1, "<table>", "</table>" ],
+		tr: [ 2, "<table><tbody>", "</tbody></table>" ],
+		col: [ 2, "<table><tbody></tbody><colgroup>", "</colgroup></table>" ],
+		td: [ 3, "<table><tbody><tr>", "</tr></tbody></table>" ],
+
+		// IE6-8 can't serialize link, script, style, or any html5 (NoScope) tags,
+		// unless wrapped in a div with non-breaking characters in front of it.
+		_default: support.htmlSerialize ? [ 0, "", "" ] : [ 1, "X<div>", "</div>"  ]
+	},
+	safeFragment = createSafeFragment( document ),
+	fragmentDiv = safeFragment.appendChild( document.createElement("div") );
+
+wrapMap.optgroup = wrapMap.option;
+wrapMap.tbody = wrapMap.tfoot = wrapMap.colgroup = wrapMap.caption = wrapMap.thead;
+wrapMap.th = wrapMap.td;
+
+function getAll( context, tag ) {
+	var elems, elem,
+		i = 0,
+		found = typeof context.getElementsByTagName !== strundefined ? context.getElementsByTagName( tag || "*" ) :
+			typeof context.querySelectorAll !== strundefined ? context.querySelectorAll( tag || "*" ) :
+			undefined;
+
+	if ( !found ) {
+		for ( found = [], elems = context.childNodes || context; (elem = elems[i]) != null; i++ ) {
+			if ( !tag || jQuery.nodeName( elem, tag ) ) {
+				found.push( elem );
+			} else {
+				jQuery.merge( found, getAll( elem, tag ) );
+			}
+		}
+	}
+
+	return tag === undefined || tag && jQuery.nodeName( context, tag ) ?
+		jQuery.merge( [ context ], found ) :
+		found;
+}
+
+// Used in buildFragment, fixes the defaultChecked property
+function fixDefaultChecked( elem ) {
+	if ( rcheckableType.test( elem.type ) ) {
+		elem.defaultChecked = elem.checked;
+	}
+}
+
+// Support: IE<8
+// Manipulating tables requires a tbody
+function manipulationTarget( elem, content ) {
+	return jQuery.nodeName( elem, "table" ) &&
+		jQuery.nodeName( content.nodeType !== 11 ? content : content.firstChild, "tr" ) ?
+
+		elem.getElementsByTagName("tbody")[0] ||
+			elem.appendChild( elem.ownerDocument.createElement("tbody") ) :
+		elem;
+}
+
+// Replace/restore the type attribute of script elements for safe DOM manipulation
+function disableScript( elem ) {
+	elem.type = (jQuery.find.attr( elem, "type" ) !== null) + "/" + elem.type;
+	return elem;
+}
+function restoreScript( elem ) {
+	var match = rscriptTypeMasked.exec( elem.type );
+	if ( match ) {
+		elem.type = match[1];
+	} else {
+		elem.removeAttribute("type");
+	}
+	return elem;
+}
+
+// Mark scripts as having already been evaluated
+function setGlobalEval( elems, refElements ) {
+	var elem,
+		i = 0;
+	for ( ; (elem = elems[i]) != null; i++ ) {
+		jQuery._data( elem, "globalEval", !refElements || jQuery._data( refElements[i], "globalEval" ) );
+	}
+}
+
+function cloneCopyEvent( src, dest ) {
+
+	if ( dest.nodeType !== 1 || !jQuery.hasData( src ) ) {
+		return;
+	}
+
+	var type, i, l,
+		oldData = jQuery._data( src ),
+		curData = jQuery._data( dest, oldData ),
+		events = oldData.events;
+
+	if ( events ) {
+		delete curData.handle;
+		curData.events = {};
+
+		for ( type in events ) {
+			for ( i = 0, l = events[ type ].length; i < l; i++ ) {
+				jQuery.event.add( dest, type, events[ type ][ i ] );
+			}
+		}
+	}
+
+	// make the cloned public data object a copy from the original
+	if ( curData.data ) {
+		curData.data = jQuery.extend( {}, curData.data );
+	}
+}
+
+function fixCloneNodeIssues( src, dest ) {
+	var nodeName, e, data;
+
+	// We do not need to do anything for non-Elements
+	if ( dest.nodeType !== 1 ) {
+		return;
+	}
+
+	nodeName = dest.nodeName.toLowerCase();
+
+	// IE6-8 copies events bound via attachEvent when using cloneNode.
+	if ( !support.noCloneEvent && dest[ jQuery.expando ] ) {
+		data = jQuery._data( dest );
+
+		for ( e in data.events ) {
+			jQuery.removeEvent( dest, e, data.handle );
+		}
+
+		// Event data gets referenced instead of copied if the expando gets copied too
+		dest.removeAttribute( jQuery.expando );
+	}
+
+	// IE blanks contents when cloning scripts, and tries to evaluate newly-set text
+	if ( nodeName === "script" && dest.text !== src.text ) {
+		disableScript( dest ).text = src.text;
+		restoreScript( dest );
+
+	// IE6-10 improperly clones children of object elements using classid.
+	// IE10 throws NoModificationAllowedError if parent is null, #12132.
+	} else if ( nodeName === "object" ) {
+		if ( dest.parentNode ) {
+			dest.outerHTML = src.outerHTML;
+		}
+
+		// This path appears unavoidable for IE9. When cloning an object
+		// element in IE9, the outerHTML strategy above is not sufficient.
+		// If the src has innerHTML and the destination does not,
+		// copy the src.innerHTML into the dest.innerHTML. #10324
+		if ( support.html5Clone && ( src.innerHTML && !jQuery.trim(dest.innerHTML) ) ) {
+			dest.innerHTML = src.innerHTML;
+		}
+
+	} else if ( nodeName === "input" && rcheckableType.test( src.type ) ) {
+		// IE6-8 fails to persist the checked state of a cloned checkbox
+		// or radio button. Worse, IE6-7 fail to give the cloned element
+		// a checked appearance if the defaultChecked value isn't also set
+
+		dest.defaultChecked = dest.checked = src.checked;
+
+		// IE6-7 get confused and end up setting the value of a cloned
+		// checkbox/radio button to an empty string instead of "on"
+		if ( dest.value !== src.value ) {
+			dest.value = src.value;
+		}
+
+	// IE6-8 fails to return the selected option to the default selected
+	// state when cloning options
+	} else if ( nodeName === "option" ) {
+		dest.defaultSelected = dest.selected = src.defaultSelected;
+
+	// IE6-8 fails to set the defaultValue to the correct value when
+	// cloning other types of input fields
+	} else if ( nodeName === "input" || nodeName === "textarea" ) {
+		dest.defaultValue = src.defaultValue;
+	}
+}
+
+jQuery.extend({
+	clone: function( elem, dataAndEvents, deepDataAndEvents ) {
+		var destElements, node, clone, i, srcElements,
+			inPage = jQuery.contains( elem.ownerDocument, elem );
+
+		if ( support.html5Clone || jQuery.isXMLDoc(elem) || !rnoshimcache.test( "<" + elem.nodeName + ">" ) ) {
+			clone = elem.cloneNode( true );
+
+		// IE<=8 does not properly clone detached, unknown element nodes
+		} else {
+			fragmentDiv.innerHTML = elem.outerHTML;
+			fragmentDiv.removeChild( clone = fragmentDiv.firstChild );
+		}
+
+		if ( (!support.noCloneEvent || !support.noCloneChecked) &&
+				(elem.nodeType === 1 || elem.nodeType === 11) && !jQuery.isXMLDoc(elem) ) {
+
+			// We eschew Sizzle here for performance reasons: http://jsperf.com/getall-vs-sizzle/2
+			destElements = getAll( clone );
+			srcElements = getAll( elem );
+
+			// Fix all IE cloning issues
+			for ( i = 0; (node = srcElements[i]) != null; ++i ) {
+				// Ensure that the destination node is not null; Fixes #9587
+				if ( destElements[i] ) {
+					fixCloneNodeIssues( node, destElements[i] );
+				}
+			}
+		}
+
+		// Copy the events from the original to the clone
+		if ( dataAndEvents ) {
+			if ( deepDataAndEvents ) {
+				srcElements = srcElements || getAll( elem );
+				destElements = destElements || getAll( clone );
+
+				for ( i = 0; (node = srcElements[i]) != null; i++ ) {
+					cloneCopyEvent( node, destElements[i] );
+				}
+			} else {
+				cloneCopyEvent( elem, clone );
+			}
+		}
+
+		// Preserve script evaluation history
+		destElements = getAll( clone, "script" );
+		if ( destElements.length > 0 ) {
+			setGlobalEval( destElements, !inPage && getAll( elem, "script" ) );
+		}
+
+		destElements = srcElements = node = null;
+
+		// Return the cloned set
+		return clone;
+	},
+
+	buildFragment: function( elems, context, scripts, selection ) {
+		var j, elem, contains,
+			tmp, tag, tbody, wrap,
+			l = elems.length,
+
+			// Ensure a safe fragment
+			safe = createSafeFragment( context ),
+
+			nodes = [],
+			i = 0;
+
+		for ( ; i < l; i++ ) {
+			elem = elems[ i ];
+
+			if ( elem || elem === 0 ) {
+
+				// Add nodes directly
+				if ( jQuery.type( elem ) === "object" ) {
+					jQuery.merge( nodes, elem.nodeType ? [ elem ] : elem );
+
+				// Convert non-html into a text node
+				} else if ( !rhtml.test( elem ) ) {
+					nodes.push( context.createTextNode( elem ) );
+
+				// Convert html into DOM nodes
+				} else {
+					tmp = tmp || safe.appendChild( context.createElement("div") );
+
+					// Deserialize a standard representation
+					tag = (rtagName.exec( elem ) || [ "", "" ])[ 1 ].toLowerCase();
+					wrap = wrapMap[ tag ] || wrapMap._default;
+
+					tmp.innerHTML = wrap[1] + elem.replace( rxhtmlTag, "<$1></$2>" ) + wrap[2];
+
+					// Descend through wrappers to the right content
+					j = wrap[0];
+					while ( j-- ) {
+						tmp = tmp.lastChild;
+					}
+
+					// Manually add leading whitespace removed by IE
+					if ( !support.leadingWhitespace && rleadingWhitespace.test( elem ) ) {
+						nodes.push( context.createTextNode( rleadingWhitespace.exec( elem )[0] ) );
+					}
+
+					// Remove IE's autoinserted <tbody> from table fragments
+					if ( !support.tbody ) {
+
+						// String was a <table>, *may* have spurious <tbody>
+						elem = tag === "table" && !rtbody.test( elem ) ?
+							tmp.firstChild :
+
+							// String was a bare <thead> or <tfoot>
+							wrap[1] === "<table>" && !rtbody.test( elem ) ?
+								tmp :
+								0;
+
+						j = elem && elem.childNodes.length;
+						while ( j-- ) {
+							if ( jQuery.nodeName( (tbody = elem.childNodes[j]), "tbody" ) && !tbody.childNodes.length ) {
+								elem.removeChild( tbody );
+							}
+						}
+					}
+
+					jQuery.merge( nodes, tmp.childNodes );
+
+					// Fix #12392 for WebKit and IE > 9
+					tmp.textContent = "";
+
+					// Fix #12392 for oldIE
+					while ( tmp.firstChild ) {
+						tmp.removeChild( tmp.firstChild );
+					}
+
+					// Remember the top-level container for proper cleanup
+					tmp = safe.lastChild;
+				}
+			}
+		}
+
+		// Fix #11356: Clear elements from fragment
+		if ( tmp ) {
+			safe.removeChild( tmp );
+		}
+
+		// Reset defaultChecked for any radios and checkboxes
+		// about to be appended to the DOM in IE 6/7 (#8060)
+		if ( !support.appendChecked ) {
+			jQuery.grep( getAll( nodes, "input" ), fixDefaultChecked );
+		}
+
+		i = 0;
+		while ( (elem = nodes[ i++ ]) ) {
+
+			// #4087 - If origin and destination elements are the same, and this is
+			// that element, do not do anything
+			if ( selection && jQuery.inArray( elem, selection ) !== -1 ) {
+				continue;
+			}
+
+			contains = jQuery.contains( elem.ownerDocument, elem );
+
+			// Append to fragment
+			tmp = getAll( safe.appendChild( elem ), "script" );
+
+			// Preserve script evaluation history
+			if ( contains ) {
+				setGlobalEval( tmp );
+			}
+
+			// Capture executables
+			if ( scripts ) {
+				j = 0;
+				while ( (elem = tmp[ j++ ]) ) {
+					if ( rscriptType.test( elem.type || "" ) ) {
+						scripts.push( elem );
+					}
+				}
+			}
+		}
+
+		tmp = null;
+
+		return safe;
+	},
+
+	cleanData: function( elems, /* internal */ acceptData ) {
+		var elem, type, id, data,
+			i = 0,
+			internalKey = jQuery.expando,
+			cache = jQuery.cache,
+			deleteExpando = support.deleteExpando,
+			special = jQuery.event.special;
+
+		for ( ; (elem = elems[i]) != null; i++ ) {
+			if ( acceptData || jQuery.acceptData( elem ) ) {
+
+				id = elem[ internalKey ];
+				data = id && cache[ id ];
+
+				if ( data ) {
+					if ( data.events ) {
+						for ( type in data.events ) {
+							if ( special[ type ] ) {
+								jQuery.event.remove( elem, type );
+
+							// This is a shortcut to avoid jQuery.event.remove's overhead
+							} else {
+								jQuery.removeEvent( elem, type, data.handle );
+							}
+						}
+					}
+
+					// Remove cache only if it was not already removed by jQuery.event.remove
+					if ( cache[ id ] ) {
+
+						delete cache[ id ];
+
+						// IE does not allow us to delete expando properties from nodes,
+						// nor does it have a removeAttribute function on Document nodes;
+						// we must handle all of these cases
+						if ( deleteExpando ) {
+							delete elem[ internalKey ];
+
+						} else if ( typeof elem.removeAttribute !== strundefined ) {
+							elem.removeAttribute( internalKey );
+
+						} else {
+							elem[ internalKey ] = null;
+						}
+
+						deletedIds.push( id );
+					}
+				}
+			}
+		}
+	}
+});
+
+jQuery.fn.extend({
+	text: function( value ) {
+		return access( this, function( value ) {
+			return value === undefined ?
+				jQuery.text( this ) :
+				this.empty().append( ( this[0] && this[0].ownerDocument || document ).createTextNode( value ) );
+		}, null, value, arguments.length );
+	},
+
+	append: function() {
+		return this.domManip( arguments, function( elem ) {
+			if ( this.nodeType === 1 || this.nodeType === 11 || this.nodeType === 9 ) {
+				var target = manipulationTarget( this, elem );
+				target.appendChild( elem );
+			}
+		});
+	},
+
+	prepend: function() {
+		return this.domManip( arguments, function( elem ) {
+			if ( this.nodeType === 1 || this.nodeType === 11 || this.nodeType === 9 ) {
+				var target = manipulationTarget( this, elem );
+				target.insertBefore( elem, target.firstChild );
+			}
+		});
+	},
+
+	before: function() {
+		return this.domManip( arguments, function( elem ) {
+			if ( this.parentNode ) {
+				this.parentNode.insertBefore( elem, this );
+			}
+		});
+	},
+
+	after: function() {
+		return this.domManip( arguments, function( elem ) {
+			if ( this.parentNode ) {
+				this.parentNode.insertBefore( elem, this.nextSibling );
+			}
+		});
+	},
+
+	remove: function( selector, keepData /* Internal Use Only */ ) {
+		var elem,
+			elems = selector ? jQuery.filter( selector, this ) : this,
+			i = 0;
+
+		for ( ; (elem = elems[i]) != null; i++ ) {
+
+			if ( !keepData && elem.nodeType === 1 ) {
+				jQuery.cleanData( getAll( elem ) );
+			}
+
+			if ( elem.parentNode ) {
+				if ( keepData && jQuery.contains( elem.ownerDocument, elem ) ) {
+					setGlobalEval( getAll( elem, "script" ) );
+				}
+				elem.parentNode.removeChild( elem );
+			}
+		}
+
+		return this;
+	},
+
+	empty: function() {
+		var elem,
+			i = 0;
+
+		for ( ; (elem = this[i]) != null; i++ ) {
+			// Remove element nodes and prevent memory leaks
+			if ( elem.nodeType === 1 ) {
+				jQuery.cleanData( getAll( elem, false ) );
+			}
+
+			// Remove any remaining nodes
+			while ( elem.firstChild ) {
+				elem.removeChild( elem.firstChild );
+			}
+
+			// If this is a select, ensure that it displays empty (#12336)
+			// Support: IE<9
+			if ( elem.options && jQuery.nodeName( elem, "select" ) ) {
+				elem.options.length = 0;
+			}
+		}
+
+		return this;
+	},
+
+	clone: function( dataAndEvents, deepDataAndEvents ) {
+		dataAndEvents = dataAndEvents == null ? false : dataAndEvents;
+		deepDataAndEvents = deepDataAndEvents == null ? dataAndEvents : deepDataAndEvents;
+
+		return this.map(function() {
+			return jQuery.clone( this, dataAndEvents, deepDataAndEvents );
+		});
+	},
+
+	html: function( value ) {
+		return access( this, function( value ) {
+			var elem = this[ 0 ] || {},
+				i = 0,
+				l = this.length;
+
+			if ( value === undefined ) {
+				return elem.nodeType === 1 ?
+					elem.innerHTML.replace( rinlinejQuery, "" ) :
+					undefined;
+			}
+
+			// See if we can take a shortcut and just use innerHTML
+			if ( typeof value === "string" && !rnoInnerhtml.test( value ) &&
+				( support.htmlSerialize || !rnoshimcache.test( value )  ) &&
+				( support.leadingWhitespace || !rleadingWhitespace.test( value ) ) &&
+				!wrapMap[ (rtagName.exec( value ) || [ "", "" ])[ 1 ].toLowerCase() ] ) {
+
+				value = value.replace( rxhtmlTag, "<$1></$2>" );
+
+				try {
+					for (; i < l; i++ ) {
+						// Remove element nodes and prevent memory leaks
+						elem = this[i] || {};
+						if ( elem.nodeType === 1 ) {
+							jQuery.cleanData( getAll( elem, false ) );
+							elem.innerHTML = value;
+						}
+					}
+
+					elem = 0;
+
+				// If using innerHTML throws an exception, use the fallback method
+				} catch(e) {}
+			}
+
+			if ( elem ) {
+				this.empty().append( value );
+			}
+		}, null, value, arguments.length );
+	},
+
+	replaceWith: function() {
+		var arg = arguments[ 0 ];
+
+		// Make the changes, replacing each context element with the new content
+		this.domManip( arguments, function( elem ) {
+			arg = this.parentNode;
+
+			jQuery.cleanData( getAll( this ) );
+
+			if ( arg ) {
+				arg.replaceChild( elem, this );
+			}
+		});
+
+		// Force removal if there was no new content (e.g., from empty arguments)
+		return arg && (arg.length || arg.nodeType) ? this : this.remove();
+	},
+
+	detach: function( selector ) {
+		return this.remove( selector, true );
+	},
+
+	domManip: function( args, callback ) {
+
+		// Flatten any nested arrays
+		args = concat.apply( [], args );
+
+		var first, node, hasScripts,
+			scripts, doc, fragment,
+			i = 0,
+			l = this.length,
+			set = this,
+			iNoClone = l - 1,
+			value = args[0],
+			isFunction = jQuery.isFunction( value );
+
+		// We can't cloneNode fragments that contain checked, in WebKit
+		if ( isFunction ||
+				( l > 1 && typeof value === "string" &&
+					!support.checkClone && rchecked.test( value ) ) ) {
+			return this.each(function( index ) {
+				var self = set.eq( index );
+				if ( isFunction ) {
+					args[0] = value.call( this, index, self.html() );
+				}
+				self.domManip( args, callback );
+			});
+		}
+
+		if ( l ) {
+			fragment = jQuery.buildFragment( args, this[ 0 ].ownerDocument, false, this );
+			first = fragment.firstChild;
+
+			if ( fragment.childNodes.length === 1 ) {
+				fragment = first;
+			}
+
+			if ( first ) {
+				scripts = jQuery.map( getAll( fragment, "script" ), disableScript );
+				hasScripts = scripts.length;
+
+				// Use the original fragment for the last item instead of the first because it can end up
+				// being emptied incorrectly in certain situations (#8070).
+				for ( ; i < l; i++ ) {
+					node = fragment;
+
+					if ( i !== iNoClone ) {
+						node = jQuery.clone( node, true, true );
+
+						// Keep references to cloned scripts for later restoration
+						if ( hasScripts ) {
+							jQuery.merge( scripts, getAll( node, "script" ) );
+						}
+					}
+
+					callback.call( this[i], node, i );
+				}
+
+				if ( hasScripts ) {
+					doc = scripts[ scripts.length - 1 ].ownerDocument;
+
+					// Reenable scripts
+					jQuery.map( scripts, restoreScript );
+
+					// Evaluate executable scripts on first document insertion
+					for ( i = 0; i < hasScripts; i++ ) {
+						node = scripts[ i ];
+						if ( rscriptType.test( node.type || "" ) &&
+							!jQuery._data( node, "globalEval" ) && jQuery.contains( doc, node ) ) {
+
+							if ( node.src ) {
+								// Optional AJAX dependency, but won't run scripts if not present
+								if ( jQuery._evalUrl ) {
+									jQuery._evalUrl( node.src );
+								}
+							} else {
+								jQuery.globalEval( ( node.text || node.textContent || node.innerHTML || "" ).replace( rcleanScript, "" ) );
+							}
+						}
+					}
+				}
+
+				// Fix #11809: Avoid leaking memory
+				fragment = first = null;
+			}
+		}
+
+		return this;
+	}
+});
+
+jQuery.each({
+	appendTo: "append",
+	prependTo: "prepend",
+	insertBefore: "before",
+	insertAfter: "after",
+	replaceAll: "replaceWith"
+}, function( name, original ) {
+	jQuery.fn[ name ] = function( selector ) {
+		var elems,
+			i = 0,
+			ret = [],
+			insert = jQuery( selector ),
+			last = insert.length - 1;
+
+		for ( ; i <= last; i++ ) {
+			elems = i === last ? this : this.clone(true);
+			jQuery( insert[i] )[ original ]( elems );
+
+			// Modern browsers can apply jQuery collections as arrays, but oldIE needs a .get()
+			push.apply( ret, elems.get() );
+		}
+
+		return this.pushStack( ret );
+	};
+});
+
+
+var iframe,
+	elemdisplay = {};
+
+/**
+ * Retrieve the actual display of a element
+ * @param {String} name nodeName of the element
+ * @param {Object} doc Document object
+ */
+// Called only from within defaultDisplay
+function actualDisplay( name, doc ) {
+	var style,
+		elem = jQuery( doc.createElement( name ) ).appendTo( doc.body ),
+
+		// getDefaultComputedStyle might be reliably used only on attached element
+		display = window.getDefaultComputedStyle && ( style = window.getDefaultComputedStyle( elem[ 0 ] ) ) ?
+
+			// Use of this method is a temporary fix (more like optmization) until something better comes along,
+			// since it was removed from specification and supported only in FF
+			style.display : jQuery.css( elem[ 0 ], "display" );
+
+	// We don't have any data stored on the element,
+	// so use "detach" method as fast way to get rid of the element
+	elem.detach();
+
+	return display;
+}
+
+/**
+ * Try to determine the default display value of an element
+ * @param {String} nodeName
+ */
+function defaultDisplay( nodeName ) {
+	var doc = document,
+		display = elemdisplay[ nodeName ];
+
+	if ( !display ) {
+		display = actualDisplay( nodeName, doc );
+
+		// If the simple way fails, read from inside an iframe
+		if ( display === "none" || !display ) {
+
+			// Use the already-created iframe if possible
+			iframe = (iframe || jQuery( "<iframe frameborder='0' width='0' height='0'/>" )).appendTo( doc.documentElement );
+
+			// Always write a new HTML skeleton so Webkit and Firefox don't choke on reuse
+			doc = ( iframe[ 0 ].contentWindow || iframe[ 0 ].contentDocument ).document;
+
+			// Support: IE
+			doc.write();
+			doc.close();
+
+			display = actualDisplay( nodeName, doc );
+			iframe.detach();
+		}
+
+		// Store the correct default display
+		elemdisplay[ nodeName ] = display;
+	}
+
+	return display;
+}
+
+
+(function() {
+	var shrinkWrapBlocksVal;
+
+	support.shrinkWrapBlocks = function() {
+		if ( shrinkWrapBlocksVal != null ) {
+			return shrinkWrapBlocksVal;
+		}
+
+		// Will be changed later if needed.
+		shrinkWrapBlocksVal = false;
+
+		// Minified: var b,c,d
+		var div, body, container;
+
+		body = document.getElementsByTagName( "body" )[ 0 ];
+		if ( !body || !body.style ) {
+			// Test fired too early or in an unsupported environment, exit.
+			return;
+		}
+
+		// Setup
+		div = document.createElement( "div" );
+		container = document.createElement( "div" );
+		container.style.cssText = "position:absolute;border:0;width:0;height:0;top:0;left:-9999px";
+		body.appendChild( container ).appendChild( div );
+
+		// Support: IE6
+		// Check if elements with layout shrink-wrap their children
+		if ( typeof div.style.zoom !== strundefined ) {
+			// Reset CSS: box-sizing; display; margin; border
+			div.style.cssText =
+				// Support: Firefox<29, Android 2.3
+				// Vendor-prefix box-sizing
+				"-webkit-box-sizing:content-box;-moz-box-sizing:content-box;" +
+				"box-sizing:content-box;display:block;margin:0;border:0;" +
+				"padding:1px;width:1px;zoom:1";
+			div.appendChild( document.createElement( "div" ) ).style.width = "5px";
+			shrinkWrapBlocksVal = div.offsetWidth !== 3;
+		}
+
+		body.removeChild( container );
+
+		return shrinkWrapBlocksVal;
+	};
+
+})();
+var rmargin = (/^margin/);
+
+var rnumnonpx = new RegExp( "^(" + pnum + ")(?!px)[a-z%]+$", "i" );
+
+
+
+var getStyles, curCSS,
+	rposition = /^(top|right|bottom|left)$/;
+
+if ( window.getComputedStyle ) {
+	getStyles = function( elem ) {
+		// Support: IE<=11+, Firefox<=30+ (#15098, #14150)
+		// IE throws on elements created in popups
+		// FF meanwhile throws on frame elements through "defaultView.getComputedStyle"
+		if ( elem.ownerDocument.defaultView.opener ) {
+			return elem.ownerDocument.defaultView.getComputedStyle( elem, null );
+		}
+
+		return window.getComputedStyle( elem, null );
+	};
+
+	curCSS = function( elem, name, computed ) {
+		var width, minWidth, maxWidth, ret,
+			style = elem.style;
+
+		computed = computed || getStyles( elem );
+
+		// getPropertyValue is only needed for .css('filter') in IE9, see #12537
+		ret = computed ? computed.getPropertyValue( name ) || computed[ name ] : undefined;
+
+		if ( computed ) {
+
+			if ( ret === "" && !jQuery.contains( elem.ownerDocument, elem ) ) {
+				ret = jQuery.style( elem, name );
+			}
+
+			// A tribute to the "awesome hack by Dean Edwards"
+			// Chrome < 17 and Safari 5.0 uses "computed value" instead of "used value" for margin-right
+			// Safari 5.1.7 (at least) returns percentage for a larger set of values, but width seems to be reliably pixels
+			// this is against the CSSOM draft spec: http://dev.w3.org/csswg/cssom/#resolved-values
+			if ( rnumnonpx.test( ret ) && rmargin.test( name ) ) {
+
+				// Remember the original values
+				width = style.width;
+				minWidth = style.minWidth;
+				maxWidth = style.maxWidth;
+
+				// Put in the new values to get a computed value out
+				style.minWidth = style.maxWidth = style.width = ret;
+				ret = computed.width;
+
+				// Revert the changed values
+				style.width = width;
+				style.minWidth = minWidth;
+				style.maxWidth = maxWidth;
+			}
+		}
+
+		// Support: IE
+		// IE returns zIndex value as an integer.
+		return ret === undefined ?
+			ret :
+			ret + "";
+	};
+} else if ( document.documentElement.currentStyle ) {
+	getStyles = function( elem ) {
+		return elem.currentStyle;
+	};
+
+	curCSS = function( elem, name, computed ) {
+		var left, rs, rsLeft, ret,
+			style = elem.style;
+
+		computed = computed || getStyles( elem );
+		ret = computed ? computed[ name ] : undefined;
+
+		// Avoid setting ret to empty string here
+		// so we don't default to auto
+		if ( ret == null && style && style[ name ] ) {
+			ret = style[ name ];
+		}
+
+		// From the awesome hack by Dean Edwards
+		// http://erik.eae.net/archives/2007/07/27/18.54.15/#comment-102291
+
+		// If we're not dealing with a regular pixel number
+		// but a number that has a weird ending, we need to convert it to pixels
+		// but not position css attributes, as those are proportional to the parent element instead
+		// and we can't measure the parent instead because it might trigger a "stacking dolls" problem
+		if ( rnumnonpx.test( ret ) && !rposition.test( name ) ) {
+
+			// Remember the original values
+			left = style.left;
+			rs = elem.runtimeStyle;
+			rsLeft = rs && rs.left;
+
+			// Put in the new values to get a computed value out
+			if ( rsLeft ) {
+				rs.left = elem.currentStyle.left;
+			}
+			style.left = name === "fontSize" ? "1em" : ret;
+			ret = style.pixelLeft + "px";
+
+			// Revert the changed values
+			style.left = left;
+			if ( rsLeft ) {
+				rs.left = rsLeft;
+			}
+		}
+
+		// Support: IE
+		// IE returns zIndex value as an integer.
+		return ret === undefined ?
+			ret :
+			ret + "" || "auto";
+	};
+}
+
+
+
+
+function addGetHookIf( conditionFn, hookFn ) {
+	// Define the hook, we'll check on the first run if it's really needed.
+	return {
+		get: function() {
+			var condition = conditionFn();
+
+			if ( condition == null ) {
+				// The test was not ready at this point; screw the hook this time
+				// but check again when needed next time.
+				return;
+			}
+
+			if ( condition ) {
+				// Hook not needed (or it's not possible to use it due to missing dependency),
+				// remove it.
+				// Since there are no other hooks for marginRight, remove the whole object.
+				delete this.get;
+				return;
+			}
+
+			// Hook needed; redefine it so that the support test is not executed again.
+
+			return (this.get = hookFn).apply( this, arguments );
+		}
+	};
+}
+
+
+(function() {
+	// Minified: var b,c,d,e,f,g, h,i
+	var div, style, a, pixelPositionVal, boxSizingReliableVal,
+		reliableHiddenOffsetsVal, reliableMarginRightVal;
+
+	// Setup
+	div = document.createElement( "div" );
+	div.innerHTML = "  <link/><table></table><a href='/a'>a</a><input type='checkbox'/>";
+	a = div.getElementsByTagName( "a" )[ 0 ];
+	style = a && a.style;
+
+	// Finish early in limited (non-browser) environments
+	if ( !style ) {
+		return;
+	}
+
+	style.cssText = "float:left;opacity:.5";
+
+	// Support: IE<9
+	// Make sure that element opacity exists (as opposed to filter)
+	support.opacity = style.opacity === "0.5";
+
+	// Verify style float existence
+	// (IE uses styleFloat instead of cssFloat)
+	support.cssFloat = !!style.cssFloat;
+
+	div.style.backgroundClip = "content-box";
+	div.cloneNode( true ).style.backgroundClip = "";
+	support.clearCloneStyle = div.style.backgroundClip === "content-box";
+
+	// Support: Firefox<29, Android 2.3
+	// Vendor-prefix box-sizing
+	support.boxSizing = style.boxSizing === "" || style.MozBoxSizing === "" ||
+		style.WebkitBoxSizing === "";
+
+	jQuery.extend(support, {
+		reliableHiddenOffsets: function() {
+			if ( reliableHiddenOffsetsVal == null ) {
+				computeStyleTests();
+			}
+			return reliableHiddenOffsetsVal;
+		},
+
+		boxSizingReliable: function() {
+			if ( boxSizingReliableVal == null ) {
+				computeStyleTests();
+			}
+			return boxSizingReliableVal;
+		},
+
+		pixelPosition: function() {
+			if ( pixelPositionVal == null ) {
+				computeStyleTests();
+			}
+			return pixelPositionVal;
+		},
+
+		// Support: Android 2.3
+		reliableMarginRight: function() {
+			if ( reliableMarginRightVal == null ) {
+				computeStyleTests();
+			}
+			return reliableMarginRightVal;
+		}
+	});
+
+	function computeStyleTests() {
+		// Minified: var b,c,d,j
+		var div, body, container, contents;
+
+		body = document.getElementsByTagName( "body" )[ 0 ];
+		if ( !body || !body.style ) {
+			// Test fired too early or in an unsupported environment, exit.
+			return;
+		}
+
+		// Setup
+		div = document.createElement( "div" );
+		container = document.createElement( "div" );
+		container.style.cssText = "position:absolute;border:0;width:0;height:0;top:0;left:-9999px";
+		body.appendChild( container ).appendChild( div );
+
+		div.style.cssText =
+			// Support: Firefox<29, Android 2.3
+			// Vendor-prefix box-sizing
+			"-webkit-box-sizing:border-box;-moz-box-sizing:border-box;" +
+			"box-sizing:border-box;display:block;margin-top:1%;top:1%;" +
+			"border:1px;padding:1px;width:4px;position:absolute";
+
+		// Support: IE<9
+		// Assume reasonable values in the absence of getComputedStyle
+		pixelPositionVal = boxSizingReliableVal = false;
+		reliableMarginRightVal = true;
+
+		// Check for getComputedStyle so that this code is not run in IE<9.
+		if ( window.getComputedStyle ) {
+			pixelPositionVal = ( window.getComputedStyle( div, null ) || {} ).top !== "1%";
+			boxSizingReliableVal =
+				( window.getComputedStyle( div, null ) || { width: "4px" } ).width === "4px";
+
+			// Support: Android 2.3
+			// Div with explicit width and no margin-right incorrectly
+			// gets computed margin-right based on width of container (#3333)
+			// WebKit Bug 13343 - getComputedStyle returns wrong value for margin-right
+			contents = div.appendChild( document.createElement( "div" ) );
+
+			// Reset CSS: box-sizing; display; margin; border; padding
+			contents.style.cssText = div.style.cssText =
+				// Support: Firefox<29, Android 2.3
+				// Vendor-prefix box-sizing
+				"-webkit-box-sizing:content-box;-moz-box-sizing:content-box;" +
+				"box-sizing:content-box;display:block;margin:0;border:0;padding:0";
+			contents.style.marginRight = contents.style.width = "0";
+			div.style.width = "1px";
+
+			reliableMarginRightVal =
+				!parseFloat( ( window.getComputedStyle( contents, null ) || {} ).marginRight );
+
+			div.removeChild( contents );
+		}
+
+		// Support: IE8
+		// Check if table cells still have offsetWidth/Height when they are set
+		// to display:none and there are still other visible table cells in a
+		// table row; if so, offsetWidth/Height are not reliable for use when
+		// determining if an element has been hidden directly using
+		// display:none (it is still safe to use offsets if a parent element is
+		// hidden; don safety goggles and see bug #4512 for more information).
+		div.innerHTML = "<table><tr><td></td><td>t</td></tr></table>";
+		contents = div.getElementsByTagName( "td" );
+		contents[ 0 ].style.cssText = "margin:0;border:0;padding:0;display:none";
+		reliableHiddenOffsetsVal = contents[ 0 ].offsetHeight === 0;
+		if ( reliableHiddenOffsetsVal ) {
+			contents[ 0 ].style.display = "";
+			contents[ 1 ].style.display = "none";
+			reliableHiddenOffsetsVal = contents[ 0 ].offsetHeight === 0;
+		}
+
+		body.removeChild( container );
+	}
+
+})();
+
+
+// A method for quickly swapping in/out CSS properties to get correct calculations.
+jQuery.swap = function( elem, options, callback, args ) {
+	var ret, name,
+		old = {};
+
+	// Remember the old values, and insert the new ones
+	for ( name in options ) {
+		old[ name ] = elem.style[ name ];
+		elem.style[ name ] = options[ name ];
+	}
+
+	ret = callback.apply( elem, args || [] );
+
+	// Revert the old values
+	for ( name in options ) {
+		elem.style[ name ] = old[ name ];
+	}
+
+	return ret;
+};
+
+
+var
+		ralpha = /alpha\([^)]*\)/i,
+	ropacity = /opacity\s*=\s*([^)]*)/,
+
+	// swappable if display is none or starts with table except "table", "table-cell", or "table-caption"
+	// see here for display values: https://developer.mozilla.org/en-US/docs/CSS/display
+	rdisplayswap = /^(none|table(?!-c[ea]).+)/,
+	rnumsplit = new RegExp( "^(" + pnum + ")(.*)$", "i" ),
+	rrelNum = new RegExp( "^([+-])=(" + pnum + ")", "i" ),
+
+	cssShow = { position: "absolute", visibility: "hidden", display: "block" },
+	cssNormalTransform = {
+		letterSpacing: "0",
+		fontWeight: "400"
+	},
+
+	cssPrefixes = [ "Webkit", "O", "Moz", "ms" ];
+
+
+// return a css property mapped to a potentially vendor prefixed property
+function vendorPropName( style, name ) {
+
+	// shortcut for names that are not vendor prefixed
+	if ( name in style ) {
+		return name;
+	}
+
+	// check for vendor prefixed names
+	var capName = name.charAt(0).toUpperCase() + name.slice(1),
+		origName = name,
+		i = cssPrefixes.length;
+
+	while ( i-- ) {
+		name = cssPrefixes[ i ] + capName;
+		if ( name in style ) {
+			return name;
+		}
+	}
+
+	return origName;
+}
+
+function showHide( elements, show ) {
+	var display, elem, hidden,
+		values = [],
+		index = 0,
+		length = elements.length;
+
+	for ( ; index < length; index++ ) {
+		elem = elements[ index ];
+		if ( !elem.style ) {
+			continue;
+		}
+
+		values[ index ] = jQuery._data( elem, "olddisplay" );
+		display = elem.style.display;
+		if ( show ) {
+			// Reset the inline display of this element to learn if it is
+			// being hidden by cascaded rules or not
+			if ( !values[ index ] && display === "none" ) {
+				elem.style.display = "";
+			}
+
+			// Set elements which have been overridden with display: none
+			// in a stylesheet to whatever the default browser style is
+			// for such an element
+			if ( elem.style.display === "" && isHidden( elem ) ) {
+				values[ index ] = jQuery._data( elem, "olddisplay", defaultDisplay(elem.nodeName) );
+			}
+		} else {
+			hidden = isHidden( elem );
+
+			if ( display && display !== "none" || !hidden ) {
+				jQuery._data( elem, "olddisplay", hidden ? display : jQuery.css( elem, "display" ) );
+			}
+		}
+	}
+
+	// Set the display of most of the elements in a second loop
+	// to avoid the constant reflow
+	for ( index = 0; index < length; index++ ) {
+		elem = elements[ index ];
+		if ( !elem.style ) {
+			continue;
+		}
+		if ( !show || elem.style.display === "none" || elem.style.display === "" ) {
+			elem.style.display = show ? values[ index ] || "" : "none";
+		}
+	}
+
+	return elements;
+}
+
+function setPositiveNumber( elem, value, subtract ) {
+	var matches = rnumsplit.exec( value );
+	return matches ?
+		// Guard against undefined "subtract", e.g., when used as in cssHooks
+		Math.max( 0, matches[ 1 ] - ( subtract || 0 ) ) + ( matches[ 2 ] || "px" ) :
+		value;
+}
+
+function augmentWidthOrHeight( elem, name, extra, isBorderBox, styles ) {
+	var i = extra === ( isBorderBox ? "border" : "content" ) ?
+		// If we already have the right measurement, avoid augmentation
+		4 :
+		// Otherwise initialize for horizontal or vertical properties
+		name === "width" ? 1 : 0,
+
+		val = 0;
+
+	for ( ; i < 4; i += 2 ) {
+		// both box models exclude margin, so add it if we want it
+		if ( extra === "margin" ) {
+			val += jQuery.css( elem, extra + cssExpand[ i ], true, styles );
+		}
+
+		if ( isBorderBox ) {
+			// border-box includes padding, so remove it if we want content
+			if ( extra === "content" ) {
+				val -= jQuery.css( elem, "padding" + cssExpand[ i ], true, styles );
+			}
+
+			// at this point, extra isn't border nor margin, so remove border
+			if ( extra !== "margin" ) {
+				val -= jQuery.css( elem, "border" + cssExpand[ i ] + "Width", true, styles );
+			}
+		} else {
+			// at this point, extra isn't content, so add padding
+			val += jQuery.css( elem, "padding" + cssExpand[ i ], true, styles );
+
+			// at this point, extra isn't content nor padding, so add border
+			if ( extra !== "padding" ) {
+				val += jQuery.css( elem, "border" + cssExpand[ i ] + "Width", true, styles );
+			}
+		}
+	}
+
+	return val;
+}
+
+function getWidthOrHeight( elem, name, extra ) {
+
+	// Start with offset property, which is equivalent to the border-box value
+	var valueIsBorderBox = true,
+		val = name === "width" ? elem.offsetWidth : elem.offsetHeight,
+		styles = getStyles( elem ),
+		isBorderBox = support.boxSizing && jQuery.css( elem, "boxSizing", false, styles ) === "border-box";
+
+	// some non-html elements return undefined for offsetWidth, so check for null/undefined
+	// svg - https://bugzilla.mozilla.org/show_bug.cgi?id=649285
+	// MathML - https://bugzilla.mozilla.org/show_bug.cgi?id=491668
+	if ( val <= 0 || val == null ) {
+		// Fall back to computed then uncomputed css if necessary
+		val = curCSS( elem, name, styles );
+		if ( val < 0 || val == null ) {
+			val = elem.style[ name ];
+		}
+
+		// Computed unit is not pixels. Stop here and return.
+		if ( rnumnonpx.test(val) ) {
+			return val;
+		}
+
+		// we need the check for style in case a browser which returns unreliable values
+		// for getComputedStyle silently falls back to the reliable elem.style
+		valueIsBorderBox = isBorderBox && ( support.boxSizingReliable() || val === elem.style[ name ] );
+
+		// Normalize "", auto, and prepare for extra
+		val = parseFloat( val ) || 0;
+	}
+
+	// use the active box-sizing model to add/subtract irrelevant styles
+	return ( val +
+		augmentWidthOrHeight(
+			elem,
+			name,
+			extra || ( isBorderBox ? "border" : "content" ),
+			valueIsBorderBox,
+			styles
+		)
+	) + "px";
+}
+
+jQuery.extend({
+	// Add in style property hooks for overriding the default
+	// behavior of getting and setting a style property
+	cssHooks: {
+		opacity: {
+			get: function( elem, computed ) {
+				if ( computed ) {
+					// We should always get a number back from opacity
+					var ret = curCSS( elem, "opacity" );
+					return ret === "" ? "1" : ret;
+				}
+			}
+		}
+	},
+
+	// Don't automatically add "px" to these possibly-unitless properties
+	cssNumber: {
+		"columnCount": true,
+		"fillOpacity": true,
+		"flexGrow": true,
+		"flexShrink": true,
+		"fontWeight": true,
+		"lineHeight": true,
+		"opacity": true,
+		"order": true,
+		"orphans": true,
+		"widows": true,
+		"zIndex": true,
+		"zoom": true
+	},
+
+	// Add in properties whose names you wish to fix before
+	// setting or getting the value
+	cssProps: {
+		// normalize float css property
+		"float": support.cssFloat ? "cssFloat" : "styleFloat"
+	},
+
+	// Get and set the style property on a DOM Node
+	style: function( elem, name, value, extra ) {
+		// Don't set styles on text and comment nodes
+		if ( !elem || elem.nodeType === 3 || elem.nodeType === 8 || !elem.style ) {
+			return;
+		}
+
+		// Make sure that we're working with the right name
+		var ret, type, hooks,
+			origName = jQuery.camelCase( name ),
+			style = elem.style;
+
+		name = jQuery.cssProps[ origName ] || ( jQuery.cssProps[ origName ] = vendorPropName( style, origName ) );
+
+		// gets hook for the prefixed version
+		// followed by the unprefixed version
+		hooks = jQuery.cssHooks[ name ] || jQuery.cssHooks[ origName ];
+
+		// Check if we're setting a value
+		if ( value !== undefined ) {
+			type = typeof value;
+
+			// convert relative number strings (+= or -=) to relative numbers. #7345
+			if ( type === "string" && (ret = rrelNum.exec( value )) ) {
+				value = ( ret[1] + 1 ) * ret[2] + parseFloat( jQuery.css( elem, name ) );
+				// Fixes bug #9237
+				type = "number";
+			}
+
+			// Make sure that null and NaN values aren't set. See: #7116
+			if ( value == null || value !== value ) {
+				return;
+			}
+
+			// If a number was passed in, add 'px' to the (except for certain CSS properties)
+			if ( type === "number" && !jQuery.cssNumber[ origName ] ) {
+				value += "px";
+			}
+
+			// Fixes #8908, it can be done more correctly by specifing setters in cssHooks,
+			// but it would mean to define eight (for every problematic property) identical functions
+			if ( !support.clearCloneStyle && value === "" && name.indexOf("background") === 0 ) {
+				style[ name ] = "inherit";
+			}
+
+			// If a hook was provided, use that value, otherwise just set the specified value
+			if ( !hooks || !("set" in hooks) || (value = hooks.set( elem, value, extra )) !== undefined ) {
+
+				// Support: IE
+				// Swallow errors from 'invalid' CSS values (#5509)
+				try {
+					style[ name ] = value;
+				} catch(e) {}
+			}
+
+		} else {
+			// If a hook was provided get the non-computed value from there
+			if ( hooks && "get" in hooks && (ret = hooks.get( elem, false, extra )) !== undefined ) {
+				return ret;
+			}
+
+			// Otherwise just get the value from the style object
+			return style[ name ];
+		}
+	},
+
+	css: function( elem, name, extra, styles ) {
+		var num, val, hooks,
+			origName = jQuery.camelCase( name );
+
+		// Make sure that we're working with the right name
+		name = jQuery.cssProps[ origName ] || ( jQuery.cssProps[ origName ] = vendorPropName( elem.style, origName ) );
+
+		// gets hook for the prefixed version
+		// followed by the unprefixed version
+		hooks = jQuery.cssHooks[ name ] || jQuery.cssHooks[ origName ];
+
+		// If a hook was provided get the computed value from there
+		if ( hooks && "get" in hooks ) {
+			val = hooks.get( elem, true, extra );
+		}
+
+		// Otherwise, if a way to get the computed value exists, use that
+		if ( val === undefined ) {
+			val = curCSS( elem, name, styles );
+		}
+
+		//convert "normal" to computed value
+		if ( val === "normal" && name in cssNormalTransform ) {
+			val = cssNormalTransform[ name ];
+		}
+
+		// Return, converting to number if forced or a qualifier was provided and val looks numeric
+		if ( extra === "" || extra ) {
+			num = parseFloat( val );
+			return extra === true || jQuery.isNumeric( num ) ? num || 0 : val;
+		}
+		return val;
+	}
+});
+
+jQuery.each([ "height", "width" ], function( i, name ) {
+	jQuery.cssHooks[ name ] = {
+		get: function( elem, computed, extra ) {
+			if ( computed ) {
+				// certain elements can have dimension info if we invisibly show them
+				// however, it must have a current display style that would benefit from this
+				return rdisplayswap.test( jQuery.css( elem, "display" ) ) && elem.offsetWidth === 0 ?
+					jQuery.swap( elem, cssShow, function() {
+						return getWidthOrHeight( elem, name, extra );
+					}) :
+					getWidthOrHeight( elem, name, extra );
+			}
+		},
+
+		set: function( elem, value, extra ) {
+			var styles = extra && getStyles( elem );
+			return setPositiveNumber( elem, value, extra ?
+				augmentWidthOrHeight(
+					elem,
+					name,
+					extra,
+					support.boxSizing && jQuery.css( elem, "boxSizing", false, styles ) === "border-box",
+					styles
+				) : 0
+			);
+		}
+	};
+});
+
+if ( !support.opacity ) {
+	jQuery.cssHooks.opacity = {
+		get: function( elem, computed ) {
+			// IE uses filters for opacity
+			return ropacity.test( (computed && elem.currentStyle ? elem.currentStyle.filter : elem.style.filter) || "" ) ?
+				( 0.01 * parseFloat( RegExp.$1 ) ) + "" :
+				computed ? "1" : "";
+		},
+
+		set: function( elem, value ) {
+			var style = elem.style,
+				currentStyle = elem.currentStyle,
+				opacity = jQuery.isNumeric( value ) ? "alpha(opacity=" + value * 100 + ")" : "",
+				filter = currentStyle && currentStyle.filter || style.filter || "";
+
+			// IE has trouble with opacity if it does not have layout
+			// Force it by setting the zoom level
+			style.zoom = 1;
+
+			// if setting opacity to 1, and no other filters exist - attempt to remove filter attribute #6652
+			// if value === "", then remove inline opacity #12685
+			if ( ( value >= 1 || value === "" ) &&
+					jQuery.trim( filter.replace( ralpha, "" ) ) === "" &&
+					style.removeAttribute ) {
+
+				// Setting style.filter to null, "" & " " still leave "filter:" in the cssText
+				// if "filter:" is present at all, clearType is disabled, we want to avoid this
+				// style.removeAttribute is IE Only, but so apparently is this code path...
+				style.removeAttribute( "filter" );
+
+				// if there is no filter style applied in a css rule or unset inline opacity, we are done
+				if ( value === "" || currentStyle && !currentStyle.filter ) {
+					return;
+				}
+			}
+
+			// otherwise, set new filter values
+			style.filter = ralpha.test( filter ) ?
+				filter.replace( ralpha, opacity ) :
+				filter + " " + opacity;
+		}
+	};
+}
+
+jQuery.cssHooks.marginRight = addGetHookIf( support.reliableMarginRight,
+	function( elem, computed ) {
+		if ( computed ) {
+			// WebKit Bug 13343 - getComputedStyle returns wrong value for margin-right
+			// Work around by temporarily setting element display to inline-block
+			return jQuery.swap( elem, { "display": "inline-block" },
+				curCSS, [ elem, "marginRight" ] );
+		}
+	}
+);
+
+// These hooks are used by animate to expand properties
+jQuery.each({
+	margin: "",
+	padding: "",
+	border: "Width"
+}, function( prefix, suffix ) {
+	jQuery.cssHooks[ prefix + suffix ] = {
+		expand: function( value ) {
+			var i = 0,
+				expanded = {},
+
+				// assumes a single number if not a string
+				parts = typeof value === "string" ? value.split(" ") : [ value ];
+
+			for ( ; i < 4; i++ ) {
+				expanded[ prefix + cssExpand[ i ] + suffix ] =
+					parts[ i ] || parts[ i - 2 ] || parts[ 0 ];
+			}
+
+			return expanded;
+		}
+	};
+
+	if ( !rmargin.test( prefix ) ) {
+		jQuery.cssHooks[ prefix + suffix ].set = setPositiveNumber;
+	}
+});
+
+jQuery.fn.extend({
+	css: function( name, value ) {
+		return access( this, function( elem, name, value ) {
+			var styles, len,
+				map = {},
+				i = 0;
+
+			if ( jQuery.isArray( name ) ) {
+				styles = getStyles( elem );
+				len = name.length;
+
+				for ( ; i < len; i++ ) {
+					map[ name[ i ] ] = jQuery.css( elem, name[ i ], false, styles );
+				}
+
+				return map;
+			}
+
+			return value !== undefined ?
+				jQuery.style( elem, name, value ) :
+				jQuery.css( elem, name );
+		}, name, value, arguments.length > 1 );
+	},
+	show: function() {
+		return showHide( this, true );
+	},
+	hide: function() {
+		return showHide( this );
+	},
+	toggle: function( state ) {
+		if ( typeof state === "boolean" ) {
+			return state ? this.show() : this.hide();
+		}
+
+		return this.each(function() {
+			if ( isHidden( this ) ) {
+				jQuery( this ).show();
+			} else {
+				jQuery( this ).hide();
+			}
+		});
+	}
+});
+
+
+function Tween( elem, options, prop, end, easing ) {
+	return new Tween.prototype.init( elem, options, prop, end, easing );
+}
+jQuery.Tween = Tween;
+
+Tween.prototype = {
+	constructor: Tween,
+	init: function( elem, options, prop, end, easing, unit ) {
+		this.elem = elem;
+		this.prop = prop;
+		this.easing = easing || "swing";
+		this.options = options;
+		this.start = this.now = this.cur();
+		this.end = end;
+		this.unit = unit || ( jQuery.cssNumber[ prop ] ? "" : "px" );
+	},
+	cur: function() {
+		var hooks = Tween.propHooks[ this.prop ];
+
+		return hooks && hooks.get ?
+			hooks.get( this ) :
+			Tween.propHooks._default.get( this );
+	},
+	run: function( percent ) {
+		var eased,
+			hooks = Tween.propHooks[ this.prop ];
+
+		if ( this.options.duration ) {
+			this.pos = eased = jQuery.easing[ this.easing ](
+				percent, this.options.duration * percent, 0, 1, this.options.duration
+			);
+		} else {
+			this.pos = eased = percent;
+		}
+		this.now = ( this.end - this.start ) * eased + this.start;
+
+		if ( this.options.step ) {
+			this.options.step.call( this.elem, this.now, this );
+		}
+
+		if ( hooks && hooks.set ) {
+			hooks.set( this );
+		} else {
+			Tween.propHooks._default.set( this );
+		}
+		return this;
+	}
+};
+
+Tween.prototype.init.prototype = Tween.prototype;
+
+Tween.propHooks = {
+	_default: {
+		get: function( tween ) {
+			var result;
+
+			if ( tween.elem[ tween.prop ] != null &&
+				(!tween.elem.style || tween.elem.style[ tween.prop ] == null) ) {
+				return tween.elem[ tween.prop ];
+			}
+
+			// passing an empty string as a 3rd parameter to .css will automatically
+			// attempt a parseFloat and fallback to a string if the parse fails
+			// so, simple values such as "10px" are parsed to Float.
+			// complex values such as "rotate(1rad)" are returned as is.
+			result = jQuery.css( tween.elem, tween.prop, "" );
+			// Empty strings, null, undefined and "auto" are converted to 0.
+			return !result || result === "auto" ? 0 : result;
+		},
+		set: function( tween ) {
+			// use step hook for back compat - use cssHook if its there - use .style if its
+			// available and use plain properties where available
+			if ( jQuery.fx.step[ tween.prop ] ) {
+				jQuery.fx.step[ tween.prop ]( tween );
+			} else if ( tween.elem.style && ( tween.elem.style[ jQuery.cssProps[ tween.prop ] ] != null || jQuery.cssHooks[ tween.prop ] ) ) {
+				jQuery.style( tween.elem, tween.prop, tween.now + tween.unit );
+			} else {
+				tween.elem[ tween.prop ] = tween.now;
+			}
+		}
+	}
+};
+
+// Support: IE <=9
+// Panic based approach to setting things on disconnected nodes
+
+Tween.propHooks.scrollTop = Tween.propHooks.scrollLeft = {
+	set: function( tween ) {
+		if ( tween.elem.nodeType && tween.elem.parentNode ) {
+			tween.elem[ tween.prop ] = tween.now;
+		}
+	}
+};
+
+jQuery.easing = {
+	linear: function( p ) {
+		return p;
+	},
+	swing: function( p ) {
+		return 0.5 - Math.cos( p * Math.PI ) / 2;
+	}
+};
+
+jQuery.fx = Tween.prototype.init;
+
+// Back Compat <1.8 extension point
+jQuery.fx.step = {};
+
+
+
+
+var
+	fxNow, timerId,
+	rfxtypes = /^(?:toggle|show|hide)$/,
+	rfxnum = new RegExp( "^(?:([+-])=|)(" + pnum + ")([a-z%]*)$", "i" ),
+	rrun = /queueHooks$/,
+	animationPrefilters = [ defaultPrefilter ],
+	tweeners = {
+		"*": [ function( prop, value ) {
+			var tween = this.createTween( prop, value ),
+				target = tween.cur(),
+				parts = rfxnum.exec( value ),
+				unit = parts && parts[ 3 ] || ( jQuery.cssNumber[ prop ] ? "" : "px" ),
+
+				// Starting value computation is required for potential unit mismatches
+				start = ( jQuery.cssNumber[ prop ] || unit !== "px" && +target ) &&
+					rfxnum.exec( jQuery.css( tween.elem, prop ) ),
+				scale = 1,
+				maxIterations = 20;
+
+			if ( start && start[ 3 ] !== unit ) {
+				// Trust units reported by jQuery.css
+				unit = unit || start[ 3 ];
+
+				// Make sure we update the tween properties later on
+				parts = parts || [];
+
+				// Iteratively approximate from a nonzero starting point
+				start = +target || 1;
+
+				do {
+					// If previous iteration zeroed out, double until we get *something*
+					// Use a string for doubling factor so we don't accidentally see scale as unchanged below
+					scale = scale || ".5";
+
+					// Adjust and apply
+					start = start / scale;
+					jQuery.style( tween.elem, prop, start + unit );
+
+				// Update scale, tolerating zero or NaN from tween.cur()
+				// And breaking the loop if scale is unchanged or perfect, or if we've just had enough
+				} while ( scale !== (scale = tween.cur() / target) && scale !== 1 && --maxIterations );
+			}
+
+			// Update tween properties
+			if ( parts ) {
+				start = tween.start = +start || +target || 0;
+				tween.unit = unit;
+				// If a +=/-= token was provided, we're doing a relative animation
+				tween.end = parts[ 1 ] ?
+					start + ( parts[ 1 ] + 1 ) * parts[ 2 ] :
+					+parts[ 2 ];
+			}
+
+			return tween;
+		} ]
+	};
+
+// Animations created synchronously will run synchronously
+function createFxNow() {
+	setTimeout(function() {
+		fxNow = undefined;
+	});
+	return ( fxNow = jQuery.now() );
+}
+
+// Generate parameters to create a standard animation
+function genFx( type, includeWidth ) {
+	var which,
+		attrs = { height: type },
+		i = 0;
+
+	// if we include width, step value is 1 to do all cssExpand values,
+	// if we don't include width, step value is 2 to skip over Left and Right
+	includeWidth = includeWidth ? 1 : 0;
+	for ( ; i < 4 ; i += 2 - includeWidth ) {
+		which = cssExpand[ i ];
+		attrs[ "margin" + which ] = attrs[ "padding" + which ] = type;
+	}
+
+	if ( includeWidth ) {
+		attrs.opacity = attrs.width = type;
+	}
+
+	return attrs;
+}
+
+function createTween( value, prop, animation ) {
+	var tween,
+		collection = ( tweeners[ prop ] || [] ).concat( tweeners[ "*" ] ),
+		index = 0,
+		length = collection.length;
+	for ( ; index < length; index++ ) {
+		if ( (tween = collection[ index ].call( animation, prop, value )) ) {
+
+			// we're done with this property
+			return tween;
+		}
+	}
+}
+
+function defaultPrefilter( elem, props, opts ) {
+	/* jshint validthis: true */
+	var prop, value, toggle, tween, hooks, oldfire, display, checkDisplay,
+		anim = this,
+		orig = {},
+		style = elem.style,
+		hidden = elem.nodeType && isHidden( elem ),
+		dataShow = jQuery._data( elem, "fxshow" );
+
+	// handle queue: false promises
+	if ( !opts.queue ) {
+		hooks = jQuery._queueHooks( elem, "fx" );
+		if ( hooks.unqueued == null ) {
+			hooks.unqueued = 0;
+			oldfire = hooks.empty.fire;
+			hooks.empty.fire = function() {
+				if ( !hooks.unqueued ) {
+					oldfire();
+				}
+			};
+		}
+		hooks.unqueued++;
+
+		anim.always(function() {
+			// doing this makes sure that the complete handler will be called
+			// before this completes
+			anim.always(function() {
+				hooks.unqueued--;
+				if ( !jQuery.queue( elem, "fx" ).length ) {
+					hooks.empty.fire();
+				}
+			});
+		});
+	}
+
+	// height/width overflow pass
+	if ( elem.nodeType === 1 && ( "height" in props || "width" in props ) ) {
+		// Make sure that nothing sneaks out
+		// Record all 3 overflow attributes because IE does not
+		// change the overflow attribute when overflowX and
+		// overflowY are set to the same value
+		opts.overflow = [ style.overflow, style.overflowX, style.overflowY ];
+
+		// Set display property to inline-block for height/width
+		// animations on inline elements that are having width/height animated
+		display = jQuery.css( elem, "display" );
+
+		// Test default display if display is currently "none"
+		checkDisplay = display === "none" ?
+			jQuery._data( elem, "olddisplay" ) || defaultDisplay( elem.nodeName ) : display;
+
+		if ( checkDisplay === "inline" && jQuery.css( elem, "float" ) === "none" ) {
+
+			// inline-level elements accept inline-block;
+			// block-level elements need to be inline with layout
+			if ( !support.inlineBlockNeedsLayout || defaultDisplay( elem.nodeName ) === "inline" ) {
+				style.display = "inline-block";
+			} else {
+				style.zoom = 1;
+			}
+		}
+	}
+
+	if ( opts.overflow ) {
+		style.overflow = "hidden";
+		if ( !support.shrinkWrapBlocks() ) {
+			anim.always(function() {
+				style.overflow = opts.overflow[ 0 ];
+				style.overflowX = opts.overflow[ 1 ];
+				style.overflowY = opts.overflow[ 2 ];
+			});
+		}
+	}
+
+	// show/hide pass
+	for ( prop in props ) {
+		value = props[ prop ];
+		if ( rfxtypes.exec( value ) ) {
+			delete props[ prop ];
+			toggle = toggle || value === "toggle";
+			if ( value === ( hidden ? "hide" : "show" ) ) {
+
+				// If there is dataShow left over from a stopped hide or show and we are going to proceed with show, we should pretend to be hidden
+				if ( value === "show" && dataShow && dataShow[ prop ] !== undefined ) {
+					hidden = true;
+				} else {
+					continue;
+				}
+			}
+			orig[ prop ] = dataShow && dataShow[ prop ] || jQuery.style( elem, prop );
+
+		// Any non-fx value stops us from restoring the original display value
+		} else {
+			display = undefined;
+		}
+	}
+
+	if ( !jQuery.isEmptyObject( orig ) ) {
+		if ( dataShow ) {
+			if ( "hidden" in dataShow ) {
+				hidden = dataShow.hidden;
+			}
+		} else {
+			dataShow = jQuery._data( elem, "fxshow", {} );
+		}
+
+		// store state if its toggle - enables .stop().toggle() to "reverse"
+		if ( toggle ) {
+			dataShow.hidden = !hidden;
+		}
+		if ( hidden ) {
+			jQuery( elem ).show();
+		} else {
+			anim.done(function() {
+				jQuery( elem ).hide();
+			});
+		}
+		anim.done(function() {
+			var prop;
+			jQuery._removeData( elem, "fxshow" );
+			for ( prop in orig ) {
+				jQuery.style( elem, prop, orig[ prop ] );
+			}
+		});
+		for ( prop in orig ) {
+			tween = createTween( hidden ? dataShow[ prop ] : 0, prop, anim );
+
+			if ( !( prop in dataShow ) ) {
+				dataShow[ prop ] = tween.start;
+				if ( hidden ) {
+					tween.end = tween.start;
+					tween.start = prop === "width" || prop === "height" ? 1 : 0;
+				}
+			}
+		}
+
+	// If this is a noop like .hide().hide(), restore an overwritten display value
+	} else if ( (display === "none" ? defaultDisplay( elem.nodeName ) : display) === "inline" ) {
+		style.display = display;
+	}
+}
+
+function propFilter( props, specialEasing ) {
+	var index, name, easing, value, hooks;
+
+	// camelCase, specialEasing and expand cssHook pass
+	for ( index in props ) {
+		name = jQuery.camelCase( index );
+		easing = specialEasing[ name ];
+		value = props[ index ];
+		if ( jQuery.isArray( value ) ) {
+			easing = value[ 1 ];
+			value = props[ index ] = value[ 0 ];
+		}
+
+		if ( index !== name ) {
+			props[ name ] = value;
+			delete props[ index ];
+		}
+
+		hooks = jQuery.cssHooks[ name ];
+		if ( hooks && "expand" in hooks ) {
+			value = hooks.expand( value );
+			delete props[ name ];
+
+			// not quite $.extend, this wont overwrite keys already present.
+			// also - reusing 'index' from above because we have the correct "name"
+			for ( index in value ) {
+				if ( !( index in props ) ) {
+					props[ index ] = value[ index ];
+					specialEasing[ index ] = easing;
+				}
+			}
+		} else {
+			specialEasing[ name ] = easing;
+		}
+	}
+}
+
+function Animation( elem, properties, options ) {
+	var result,
+		stopped,
+		index = 0,
+		length = animationPrefilters.length,
+		deferred = jQuery.Deferred().always( function() {
+			// don't match elem in the :animated selector
+			delete tick.elem;
+		}),
+		tick = function() {
+			if ( stopped ) {
+				return false;
+			}
+			var currentTime = fxNow || createFxNow(),
+				remaining = Math.max( 0, animation.startTime + animation.duration - currentTime ),
+				// archaic crash bug won't allow us to use 1 - ( 0.5 || 0 ) (#12497)
+				temp = remaining / animation.duration || 0,
+				percent = 1 - temp,
+				index = 0,
+				length = animation.tweens.length;
+
+			for ( ; index < length ; index++ ) {
+				animation.tweens[ index ].run( percent );
+			}
+
+			deferred.notifyWith( elem, [ animation, percent, remaining ]);
+
+			if ( percent < 1 && length ) {
+				return remaining;
+			} else {
+				deferred.resolveWith( elem, [ animation ] );
+				return false;
+			}
+		},
+		animation = deferred.promise({
+			elem: elem,
+			props: jQuery.extend( {}, properties ),
+			opts: jQuery.extend( true, { specialEasing: {} }, options ),
+			originalProperties: properties,
+			originalOptions: options,
+			startTime: fxNow || createFxNow(),
+			duration: options.duration,
+			tweens: [],
+			createTween: function( prop, end ) {
+				var tween = jQuery.Tween( elem, animation.opts, prop, end,
+						animation.opts.specialEasing[ prop ] || animation.opts.easing );
+				animation.tweens.push( tween );
+				return tween;
+			},
+			stop: function( gotoEnd ) {
+				var index = 0,
+					// if we are going to the end, we want to run all the tweens
+					// otherwise we skip this part
+					length = gotoEnd ? animation.tweens.length : 0;
+				if ( stopped ) {
+					return this;
+				}
+				stopped = true;
+				for ( ; index < length ; index++ ) {
+					animation.tweens[ index ].run( 1 );
+				}
+
+				// resolve when we played the last frame
+				// otherwise, reject
+				if ( gotoEnd ) {
+					deferred.resolveWith( elem, [ animation, gotoEnd ] );
+				} else {
+					deferred.rejectWith( elem, [ animation, gotoEnd ] );
+				}
+				return this;
+			}
+		}),
+		props = animation.props;
+
+	propFilter( props, animation.opts.specialEasing );
+
+	for ( ; index < length ; index++ ) {
+		result = animationPrefilters[ index ].call( animation, elem, props, animation.opts );
+		if ( result ) {
+			return result;
+		}
+	}
+
+	jQuery.map( props, createTween, animation );
+
+	if ( jQuery.isFunction( animation.opts.start ) ) {
+		animation.opts.start.call( elem, animation );
+	}
+
+	jQuery.fx.timer(
+		jQuery.extend( tick, {
+			elem: elem,
+			anim: animation,
+			queue: animation.opts.queue
+		})
+	);
+
+	// attach callbacks from options
+	return animation.progress( animation.opts.progress )
+		.done( animation.opts.done, animation.opts.complete )
+		.fail( animation.opts.fail )
+		.always( animation.opts.always );
+}
+
+jQuery.Animation = jQuery.extend( Animation, {
+	tweener: function( props, callback ) {
+		if ( jQuery.isFunction( props ) ) {
+			callback = props;
+			props = [ "*" ];
+		} else {
+			props = props.split(" ");
+		}
+
+		var prop,
+			index = 0,
+			length = props.length;
+
+		for ( ; index < length ; index++ ) {
+			prop = props[ index ];
+			tweeners[ prop ] = tweeners[ prop ] || [];
+			tweeners[ prop ].unshift( callback );
+		}
+	},
+
+	prefilter: function( callback, prepend ) {
+		if ( prepend ) {
+			animationPrefilters.unshift( callback );
+		} else {
+			animationPrefilters.push( callback );
+		}
+	}
+});
+
+jQuery.speed = function( speed, easing, fn ) {
+	var opt = speed && typeof speed === "object" ? jQuery.extend( {}, speed ) : {
+		complete: fn || !fn && easing ||
+			jQuery.isFunction( speed ) && speed,
+		duration: speed,
+		easing: fn && easing || easing && !jQuery.isFunction( easing ) && easing
+	};
+
+	opt.duration = jQuery.fx.off ? 0 : typeof opt.duration === "number" ? opt.duration :
+		opt.duration in jQuery.fx.speeds ? jQuery.fx.speeds[ opt.duration ] : jQuery.fx.speeds._default;
+
+	// normalize opt.queue - true/undefined/null -> "fx"
+	if ( opt.queue == null || opt.queue === true ) {
+		opt.queue = "fx";
+	}
+
+	// Queueing
+	opt.old = opt.complete;
+
+	opt.complete = function() {
+		if ( jQuery.isFunction( opt.old ) ) {
+			opt.old.call( this );
+		}
+
+		if ( opt.queue ) {
+			jQuery.dequeue( this, opt.queue );
+		}
+	};
+
+	return opt;
+};
+
+jQuery.fn.extend({
+	fadeTo: function( speed, to, easing, callback ) {
+
+		// show any hidden elements after setting opacity to 0
+		return this.filter( isHidden ).css( "opacity", 0 ).show()
+
+			// animate to the value specified
+			.end().animate({ opacity: to }, speed, easing, callback );
+	},
+	animate: function( prop, speed, easing, callback ) {
+		var empty = jQuery.isEmptyObject( prop ),
+			optall = jQuery.speed( speed, easing, callback ),
+			doAnimation = function() {
+				// Operate on a copy of prop so per-property easing won't be lost
+				var anim = Animation( this, jQuery.extend( {}, prop ), optall );
+
+				// Empty animations, or finishing resolves immediately
+				if ( empty || jQuery._data( this, "finish" ) ) {
+					anim.stop( true );
+				}
+			};
+			doAnimation.finish = doAnimation;
+
+		return empty || optall.queue === false ?
+			this.each( doAnimation ) :
+			this.queue( optall.queue, doAnimation );
+	},
+	stop: function( type, clearQueue, gotoEnd ) {
+		var stopQueue = function( hooks ) {
+			var stop = hooks.stop;
+			delete hooks.stop;
+			stop( gotoEnd );
+		};
+
+		if ( typeof type !== "string" ) {
+			gotoEnd = clearQueue;
+			clearQueue = type;
+			type = undefined;
+		}
+		if ( clearQueue && type !== false ) {
+			this.queue( type || "fx", [] );
+		}
+
+		return this.each(function() {
+			var dequeue = true,
+				index = type != null && type + "queueHooks",
+				timers = jQuery.timers,
+				data = jQuery._data( this );
+
+			if ( index ) {
+				if ( data[ index ] && data[ index ].stop ) {
+					stopQueue( data[ index ] );
+				}
+			} else {
+				for ( index in data ) {
+					if ( data[ index ] && data[ index ].stop && rrun.test( index ) ) {
+						stopQueue( data[ index ] );
+					}
+				}
+			}
+
+			for ( index = timers.length; index--; ) {
+				if ( timers[ index ].elem === this && (type == null || timers[ index ].queue === type) ) {
+					timers[ index ].anim.stop( gotoEnd );
+					dequeue = false;
+					timers.splice( index, 1 );
+				}
+			}
+
+			// start the next in the queue if the last step wasn't forced
+			// timers currently will call their complete callbacks, which will dequeue
+			// but only if they were gotoEnd
+			if ( dequeue || !gotoEnd ) {
+				jQuery.dequeue( this, type );
+			}
+		});
+	},
+	finish: function( type ) {
+		if ( type !== false ) {
+			type = type || "fx";
+		}
+		return this.each(function() {
+			var index,
+				data = jQuery._data( this ),
+				queue = data[ type + "queue" ],
+				hooks = data[ type + "queueHooks" ],
+				timers = jQuery.timers,
+				length = queue ? queue.length : 0;
+
+			// enable finishing flag on private data
+			data.finish = true;
+
+			// empty the queue first
+			jQuery.queue( this, type, [] );
+
+			if ( hooks && hooks.stop ) {
+				hooks.stop.call( this, true );
+			}
+
+			// look for any active animations, and finish them
+			for ( index = timers.length; index--; ) {
+				if ( timers[ index ].elem === this && timers[ index ].queue === type ) {
+					timers[ index ].anim.stop( true );
+					timers.splice( index, 1 );
+				}
+			}
+
+			// look for any animations in the old queue and finish them
+			for ( index = 0; index < length; index++ ) {
+				if ( queue[ index ] && queue[ index ].finish ) {
+					queue[ index ].finish.call( this );
+				}
+			}
+
+			// turn off finishing flag
+			delete data.finish;
+		});
+	}
+});
+
+jQuery.each([ "toggle", "show", "hide" ], function( i, name ) {
+	var cssFn = jQuery.fn[ name ];
+	jQuery.fn[ name ] = function( speed, easing, callback ) {
+		return speed == null || typeof speed === "boolean" ?
+			cssFn.apply( this, arguments ) :
+			this.animate( genFx( name, true ), speed, easing, callback );
+	};
+});
+
+// Generate shortcuts for custom animations
+jQuery.each({
+	slideDown: genFx("show"),
+	slideUp: genFx("hide"),
+	slideToggle: genFx("toggle"),
+	fadeIn: { opacity: "show" },
+	fadeOut: { opacity: "hide" },
+	fadeToggle: { opacity: "toggle" }
+}, function( name, props ) {
+	jQuery.fn[ name ] = function( speed, easing, callback ) {
+		return this.animate( props, speed, easing, callback );
+	};
+});
+
+jQuery.timers = [];
+jQuery.fx.tick = function() {
+	var timer,
+		timers = jQuery.timers,
+		i = 0;
+
+	fxNow = jQuery.now();
+
+	for ( ; i < timers.length; i++ ) {
+		timer = timers[ i ];
+		// Checks the timer has not already been removed
+		if ( !timer() && timers[ i ] === timer ) {
+			timers.splice( i--, 1 );
+		}
+	}
+
+	if ( !timers.length ) {
+		jQuery.fx.stop();
+	}
+	fxNow = undefined;
+};
+
+jQuery.fx.timer = function( timer ) {
+	jQuery.timers.push( timer );
+	if ( timer() ) {
+		jQuery.fx.start();
+	} else {
+		jQuery.timers.pop();
+	}
+};
+
+jQuery.fx.interval = 13;
+
+jQuery.fx.start = function() {
+	if ( !timerId ) {
+		timerId = setInterval( jQuery.fx.tick, jQuery.fx.interval );
+	}
+};
+
+jQuery.fx.stop = function() {
+	clearInterval( timerId );
+	timerId = null;
+};
+
+jQuery.fx.speeds = {
+	slow: 600,
+	fast: 200,
+	// Default speed
+	_default: 400
+};
+
+
+// Based off of the plugin by Clint Helfers, with permission.
+// http://blindsignals.com/index.php/2009/07/jquery-delay/
+jQuery.fn.delay = function( time, type ) {
+	time = jQuery.fx ? jQuery.fx.speeds[ time ] || time : time;
+	type = type || "fx";
+
+	return this.queue( type, function( next, hooks ) {
+		var timeout = setTimeout( next, time );
+		hooks.stop = function() {
+			clearTimeout( timeout );
+		};
+	});
+};
+
+
+(function() {
+	// Minified: var a,b,c,d,e
+	var input, div, select, a, opt;
+
+	// Setup
+	div = document.createElement( "div" );
+	div.setAttribute( "className", "t" );
+	div.innerHTML = "  <link/><table></table><a href='/a'>a</a><input type='checkbox'/>";
+	a = div.getElementsByTagName("a")[ 0 ];
+
+	// First batch of tests.
+	select = document.createElement("select");
+	opt = select.appendChild( document.createElement("option") );
+	input = div.getElementsByTagName("input")[ 0 ];
+
+	a.style.cssText = "top:1px";
+
+	// Test setAttribute on camelCase class. If it works, we need attrFixes when doing get/setAttribute (ie6/7)
+	support.getSetAttribute = div.className !== "t";
+
+	// Get the style information from getAttribute
+	// (IE uses .cssText instead)
+	support.style = /top/.test( a.getAttribute("style") );
+
+	// Make sure that URLs aren't manipulated
+	// (IE normalizes it by default)
+	support.hrefNormalized = a.getAttribute("href") === "/a";
+
+	// Check the default checkbox/radio value ("" on WebKit; "on" elsewhere)
+	support.checkOn = !!input.value;
+
+	// Make sure that a selected-by-default option has a working selected property.
+	// (WebKit defaults to false instead of true, IE too, if it's in an optgroup)
+	support.optSelected = opt.selected;
+
+	// Tests for enctype support on a form (#6743)
+	support.enctype = !!document.createElement("form").enctype;
+
+	// Make sure that the options inside disabled selects aren't marked as disabled
+	// (WebKit marks them as disabled)
+	select.disabled = true;
+	support.optDisabled = !opt.disabled;
+
+	// Support: IE8 only
+	// Check if we can trust getAttribute("value")
+	input = document.createElement( "input" );
+	input.setAttribute( "value", "" );
+	support.input = input.getAttribute( "value" ) === "";
+
+	// Check if an input maintains its value after becoming a radio
+	input.value = "t";
+	input.setAttribute( "type", "radio" );
+	support.radioValue = input.value === "t";
+})();
+
+
+var rreturn = /\r/g;
+
+jQuery.fn.extend({
+	val: function( value ) {
+		var hooks, ret, isFunction,
+			elem = this[0];
+
+		if ( !arguments.length ) {
+			if ( elem ) {
+				hooks = jQuery.valHooks[ elem.type ] || jQuery.valHooks[ elem.nodeName.toLowerCase() ];
+
+				if ( hooks && "get" in hooks && (ret = hooks.get( elem, "value" )) !== undefined ) {
+					return ret;
+				}
+
+				ret = elem.value;
+
+				return typeof ret === "string" ?
+					// handle most common string cases
+					ret.replace(rreturn, "") :
+					// handle cases where value is null/undef or number
+					ret == null ? "" : ret;
+			}
+
+			return;
+		}
+
+		isFunction = jQuery.isFunction( value );
+
+		return this.each(function( i ) {
+			var val;
+
+			if ( this.nodeType !== 1 ) {
+				return;
+			}
+
+			if ( isFunction ) {
+				val = value.call( this, i, jQuery( this ).val() );
+			} else {
+				val = value;
+			}
+
+			// Treat null/undefined as ""; convert numbers to string
+			if ( val == null ) {
+				val = "";
+			} else if ( typeof val === "number" ) {
+				val += "";
+			} else if ( jQuery.isArray( val ) ) {
+				val = jQuery.map( val, function( value ) {
+					return value == null ? "" : value + "";
+				});
+			}
+
+			hooks = jQuery.valHooks[ this.type ] || jQuery.valHooks[ this.nodeName.toLowerCase() ];
+
+			// If set returns undefined, fall back to normal setting
+			if ( !hooks || !("set" in hooks) || hooks.set( this, val, "value" ) === undefined ) {
+				this.value = val;
+			}
+		});
+	}
+});
+
+jQuery.extend({
+	valHooks: {
+		option: {
+			get: function( elem ) {
+				var val = jQuery.find.attr( elem, "value" );
+				return val != null ?
+					val :
+					// Support: IE10-11+
+					// option.text throws exceptions (#14686, #14858)
+					jQuery.trim( jQuery.text( elem ) );
+			}
+		},
+		select: {
+			get: function( elem ) {
+				var value, option,
+					options = elem.options,
+					index = elem.selectedIndex,
+					one = elem.type === "select-one" || index < 0,
+					values = one ? null : [],
+					max = one ? index + 1 : options.length,
+					i = index < 0 ?
+						max :
+						one ? index : 0;
+
+				// Loop through all the selected options
+				for ( ; i < max; i++ ) {
+					option = options[ i ];
+
+					// oldIE doesn't update selected after form reset (#2551)
+					if ( ( option.selected || i === index ) &&
+							// Don't return options that are disabled or in a disabled optgroup
+							( support.optDisabled ? !option.disabled : option.getAttribute("disabled") === null ) &&
+							( !option.parentNode.disabled || !jQuery.nodeName( option.parentNode, "optgroup" ) ) ) {
+
+						// Get the specific value for the option
+						value = jQuery( option ).val();
+
+						// We don't need an array for one selects
+						if ( one ) {
+							return value;
+						}
+
+						// Multi-Selects return an array
+						values.push( value );
+					}
+				}
+
+				return values;
+			},
+
+			set: function( elem, value ) {
+				var optionSet, option,
+					options = elem.options,
+					values = jQuery.makeArray( value ),
+					i = options.length;
+
+				while ( i-- ) {
+					option = options[ i ];
+
+					if ( jQuery.inArray( jQuery.valHooks.option.get( option ), values ) >= 0 ) {
+
+						// Support: IE6
+						// When new option element is added to select box we need to
+						// force reflow of newly added node in order to workaround delay
+						// of initialization properties
+						try {
+							option.selected = optionSet = true;
+
+						} catch ( _ ) {
+
+							// Will be executed only in IE6
+							option.scrollHeight;
+						}
+
+					} else {
+						option.selected = false;
+					}
+				}
+
+				// Force browsers to behave consistently when non-matching value is set
+				if ( !optionSet ) {
+					elem.selectedIndex = -1;
+				}
+
+				return options;
+			}
+		}
+	}
+});
+
+// Radios and checkboxes getter/setter
+jQuery.each([ "radio", "checkbox" ], function() {
+	jQuery.valHooks[ this ] = {
+		set: function( elem, value ) {
+			if ( jQuery.isArray( value ) ) {
+				return ( elem.checked = jQuery.inArray( jQuery(elem).val(), value ) >= 0 );
+			}
+		}
+	};
+	if ( !support.checkOn ) {
+		jQuery.valHooks[ this ].get = function( elem ) {
+			// Support: Webkit
+			// "" is returned instead of "on" if a value isn't specified
+			return elem.getAttribute("value") === null ? "on" : elem.value;
+		};
+	}
+});
+
+
+
+
+var nodeHook, boolHook,
+	attrHandle = jQuery.expr.attrHandle,
+	ruseDefault = /^(?:checked|selected)$/i,
+	getSetAttribute = support.getSetAttribute,
+	getSetInput = support.input;
+
+jQuery.fn.extend({
+	attr: function( name, value ) {
+		return access( this, jQuery.attr, name, value, arguments.length > 1 );
+	},
+
+	removeAttr: function( name ) {
+		return this.each(function() {
+			jQuery.removeAttr( this, name );
+		});
+	}
+});
+
+jQuery.extend({
+	attr: function( elem, name, value ) {
+		var hooks, ret,
+			nType = elem.nodeType;
+
+		// don't get/set attributes on text, comment and attribute nodes
+		if ( !elem || nType === 3 || nType === 8 || nType === 2 ) {
+			return;
+		}
+
+		// Fallback to prop when attributes are not supported
+		if ( typeof elem.getAttribute === strundefined ) {
+			return jQuery.prop( elem, name, value );
+		}
+
+		// All attributes are lowercase
+		// Grab necessary hook if one is defined
+		if ( nType !== 1 || !jQuery.isXMLDoc( elem ) ) {
+			name = name.toLowerCase();
+			hooks = jQuery.attrHooks[ name ] ||
+				( jQuery.expr.match.bool.test( name ) ? boolHook : nodeHook );
+		}
+
+		if ( value !== undefined ) {
+
+			if ( value === null ) {
+				jQuery.removeAttr( elem, name );
+
+			} else if ( hooks && "set" in hooks && (ret = hooks.set( elem, value, name )) !== undefined ) {
+				return ret;
+
+			} else {
+				elem.setAttribute( name, value + "" );
+				return value;
+			}
+
+		} else if ( hooks && "get" in hooks && (ret = hooks.get( elem, name )) !== null ) {
+			return ret;
+
+		} else {
+			ret = jQuery.find.attr( elem, name );
+
+			// Non-existent attributes return null, we normalize to undefined
+			return ret == null ?
+				undefined :
+				ret;
+		}
+	},
+
+	removeAttr: function( elem, value ) {
+		var name, propName,
+			i = 0,
+			attrNames = value && value.match( rnotwhite );
+
+		if ( attrNames && elem.nodeType === 1 ) {
+			while ( (name = attrNames[i++]) ) {
+				propName = jQuery.propFix[ name ] || name;
+
+				// Boolean attributes get special treatment (#10870)
+				if ( jQuery.expr.match.bool.test( name ) ) {
+					// Set corresponding property to false
+					if ( getSetInput && getSetAttribute || !ruseDefault.test( name ) ) {
+						elem[ propName ] = false;
+					// Support: IE<9
+					// Also clear defaultChecked/defaultSelected (if appropriate)
+					} else {
+						elem[ jQuery.camelCase( "default-" + name ) ] =
+							elem[ propName ] = false;
+					}
+
+				// See #9699 for explanation of this approach (setting first, then removal)
+				} else {
+					jQuery.attr( elem, name, "" );
+				}
+
+				elem.removeAttribute( getSetAttribute ? name : propName );
+			}
+		}
+	},
+
+	attrHooks: {
+		type: {
+			set: function( elem, value ) {
+				if ( !support.radioValue && value === "radio" && jQuery.nodeName(elem, "input") ) {
+					// Setting the type on a radio button after the value resets the value in IE6-9
+					// Reset value to default in case type is set after value during creation
+					var val = elem.value;
+					elem.setAttribute( "type", value );
+					if ( val ) {
+						elem.value = val;
+					}
+					return value;
+				}
+			}
+		}
+	}
+});
+
+// Hook for boolean attributes
+boolHook = {
+	set: function( elem, value, name ) {
+		if ( value === false ) {
+			// Remove boolean attributes when set to false
+			jQuery.removeAttr( elem, name );
+		} else if ( getSetInput && getSetAttribute || !ruseDefault.test( name ) ) {
+			// IE<8 needs the *property* name
+			elem.setAttribute( !getSetAttribute && jQuery.propFix[ name ] || name, name );
+
+		// Use defaultChecked and defaultSelected for oldIE
+		} else {
+			elem[ jQuery.camelCase( "default-" + name ) ] = elem[ name ] = true;
+		}
+
+		return name;
+	}
+};
+
+// Retrieve booleans specially
+jQuery.each( jQuery.expr.match.bool.source.match( /\w+/g ), function( i, name ) {
+
+	var getter = attrHandle[ name ] || jQuery.find.attr;
+
+	attrHandle[ name ] = getSetInput && getSetAttribute || !ruseDefault.test( name ) ?
+		function( elem, name, isXML ) {
+			var ret, handle;
+			if ( !isXML ) {
+				// Avoid an infinite loop by temporarily removing this function from the getter
+				handle = attrHandle[ name ];
+				attrHandle[ name ] = ret;
+				ret = getter( elem, name, isXML ) != null ?
+					name.toLowerCase() :
+					null;
+				attrHandle[ name ] = handle;
+			}
+			return ret;
+		} :
+		function( elem, name, isXML ) {
+			if ( !isXML ) {
+				return elem[ jQuery.camelCase( "default-" + name ) ] ?
+					name.toLowerCase() :
+					null;
+			}
+		};
+});
+
+// fix oldIE attroperties
+if ( !getSetInput || !getSetAttribute ) {
+	jQuery.attrHooks.value = {
+		set: function( elem, value, name ) {
+			if ( jQuery.nodeName( elem, "input" ) ) {
+				// Does not return so that setAttribute is also used
+				elem.defaultValue = value;
+			} else {
+				// Use nodeHook if defined (#1954); otherwise setAttribute is fine
+				return nodeHook && nodeHook.set( elem, value, name );
+			}
+		}
+	};
+}
+
+// IE6/7 do not support getting/setting some attributes with get/setAttribute
+if ( !getSetAttribute ) {
+
+	// Use this for any attribute in IE6/7
+	// This fixes almost every IE6/7 issue
+	nodeHook = {
+		set: function( elem, value, name ) {
+			// Set the existing or create a new attribute node
+			var ret = elem.getAttributeNode( name );
+			if ( !ret ) {
+				elem.setAttributeNode(
+					(ret = elem.ownerDocument.createAttribute( name ))
+				);
+			}
+
+			ret.value = value += "";
+
+			// Break association with cloned elements by also using setAttribute (#9646)
+			if ( name === "value" || value === elem.getAttribute( name ) ) {
+				return value;
+			}
+		}
+	};
+
+	// Some attributes are constructed with empty-string values when not defined
+	attrHandle.id = attrHandle.name = attrHandle.coords =
+		function( elem, name, isXML ) {
+			var ret;
+			if ( !isXML ) {
+				return (ret = elem.getAttributeNode( name )) && ret.value !== "" ?
+					ret.value :
+					null;
+			}
+		};
+
+	// Fixing value retrieval on a button requires this module
+	jQuery.valHooks.button = {
+		get: function( elem, name ) {
+			var ret = elem.getAttributeNode( name );
+			if ( ret && ret.specified ) {
+				return ret.value;
+			}
+		},
+		set: nodeHook.set
+	};
+
+	// Set contenteditable to false on removals(#10429)
+	// Setting to empty string throws an error as an invalid value
+	jQuery.attrHooks.contenteditable = {
+		set: function( elem, value, name ) {
+			nodeHook.set( elem, value === "" ? false : value, name );
+		}
+	};
+
+	// Set width and height to auto instead of 0 on empty string( Bug #8150 )
+	// This is for removals
+	jQuery.each([ "width", "height" ], function( i, name ) {
+		jQuery.attrHooks[ name ] = {
+			set: function( elem, value ) {
+				if ( value === "" ) {
+					elem.setAttribute( name, "auto" );
+					return value;
+				}
+			}
+		};
+	});
+}
+
+if ( !support.style ) {
+	jQuery.attrHooks.style = {
+		get: function( elem ) {
+			// Return undefined in the case of empty string
+			// Note: IE uppercases css property names, but if we were to .toLowerCase()
+			// .cssText, that would destroy case senstitivity in URL's, like in "background"
+			return elem.style.cssText || undefined;
+		},
+		set: function( elem, value ) {
+			return ( elem.style.cssText = value + "" );
+		}
+	};
+}
+
+
+
+
+var rfocusable = /^(?:input|select|textarea|button|object)$/i,
+	rclickable = /^(?:a|area)$/i;
+
+jQuery.fn.extend({
+	prop: function( name, value ) {
+		return access( this, jQuery.prop, name, value, arguments.length > 1 );
+	},
+
+	removeProp: function( name ) {
+		name = jQuery.propFix[ name ] || name;
+		return this.each(function() {
+			// try/catch handles cases where IE balks (such as removing a property on window)
+			try {
+				this[ name ] = undefined;
+				delete this[ name ];
+			} catch( e ) {}
+		});
+	}
+});
+
+jQuery.extend({
+	propFix: {
+		"for": "htmlFor",
+		"class": "className"
+	},
+
+	prop: function( elem, name, value ) {
+		var ret, hooks, notxml,
+			nType = elem.nodeType;
+
+		// don't get/set properties on text, comment and attribute nodes
+		if ( !elem || nType === 3 || nType === 8 || nType === 2 ) {
+			return;
+		}
+
+		notxml = nType !== 1 || !jQuery.isXMLDoc( elem );
+
+		if ( notxml ) {
+			// Fix name and attach hooks
+			name = jQuery.propFix[ name ] || name;
+			hooks = jQuery.propHooks[ name ];
+		}
+
+		if ( value !== undefined ) {
+			return hooks && "set" in hooks && (ret = hooks.set( elem, value, name )) !== undefined ?
+				ret :
+				( elem[ name ] = value );
+
+		} else {
+			return hooks && "get" in hooks && (ret = hooks.get( elem, name )) !== null ?
+				ret :
+				elem[ name ];
+		}
+	},
+
+	propHooks: {
+		tabIndex: {
+			get: function( elem ) {
+				// elem.tabIndex doesn't always return the correct value when it hasn't been explicitly set
+				// http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/
+				// Use proper attribute retrieval(#12072)
+				var tabindex = jQuery.find.attr( elem, "tabindex" );
+
+				return tabindex ?
+					parseInt( tabindex, 10 ) :
+					rfocusable.test( elem.nodeName ) || rclickable.test( elem.nodeName ) && elem.href ?
+						0 :
+						-1;
+			}
+		}
+	}
+});
+
+// Some attributes require a special call on IE
+// http://msdn.microsoft.com/en-us/library/ms536429%28VS.85%29.aspx
+if ( !support.hrefNormalized ) {
+	// href/src property should get the full normalized URL (#10299/#12915)
+	jQuery.each([ "href", "src" ], function( i, name ) {
+		jQuery.propHooks[ name ] = {
+			get: function( elem ) {
+				return elem.getAttribute( name, 4 );
+			}
+		};
+	});
+}
+
+// Support: Safari, IE9+
+// mis-reports the default selected property of an option
+// Accessing the parent's selectedIndex property fixes it
+if ( !support.optSelected ) {
+	jQuery.propHooks.selected = {
+		get: function( elem ) {
+			var parent = elem.parentNode;
+
+			if ( parent ) {
+				parent.selectedIndex;
+
+				// Make sure that it also works with optgroups, see #5701
+				if ( parent.parentNode ) {
+					parent.parentNode.selectedIndex;
+				}
+			}
+			return null;
+		}
+	};
+}
+
+jQuery.each([
+	"tabIndex",
+	"readOnly",
+	"maxLength",
+	"cellSpacing",
+	"cellPadding",
+	"rowSpan",
+	"colSpan",
+	"useMap",
+	"frameBorder",
+	"contentEditable"
+], function() {
+	jQuery.propFix[ this.toLowerCase() ] = this;
+});
+
+// IE6/7 call enctype encoding
+if ( !support.enctype ) {
+	jQuery.propFix.enctype = "encoding";
+}
+
+
+
+
+var rclass = /[\t\r\n\f]/g;
+
+jQuery.fn.extend({
+	addClass: function( value ) {
+		var classes, elem, cur, clazz, j, finalValue,
+			i = 0,
+			len = this.length,
+			proceed = typeof value === "string" && value;
+
+		if ( jQuery.isFunction( value ) ) {
+			return this.each(function( j ) {
+				jQuery( this ).addClass( value.call( this, j, this.className ) );
+			});
+		}
+
+		if ( proceed ) {
+			// The disjunction here is for better compressibility (see removeClass)
+			classes = ( value || "" ).match( rnotwhite ) || [];
+
+			for ( ; i < len; i++ ) {
+				elem = this[ i ];
+				cur = elem.nodeType === 1 && ( elem.className ?
+					( " " + elem.className + " " ).replace( rclass, " " ) :
+					" "
+				);
+
+				if ( cur ) {
+					j = 0;
+					while ( (clazz = classes[j++]) ) {
+						if ( cur.indexOf( " " + clazz + " " ) < 0 ) {
+							cur += clazz + " ";
+						}
+					}
+
+					// only assign if different to avoid unneeded rendering.
+					finalValue = jQuery.trim( cur );
+					if ( elem.className !== finalValue ) {
+						elem.className = finalValue;
+					}
+				}
+			}
+		}
+
+		return this;
+	},
+
+	removeClass: function( value ) {
+		var classes, elem, cur, clazz, j, finalValue,
+			i = 0,
+			len = this.length,
+			proceed = arguments.length === 0 || typeof value === "string" && value;
+
+		if ( jQuery.isFunction( value ) ) {
+			return this.each(function( j ) {
+				jQuery( this ).removeClass( value.call( this, j, this.className ) );
+			});
+		}
+		if ( proceed ) {
+			classes = ( value || "" ).match( rnotwhite ) || [];
+
+			for ( ; i < len; i++ ) {
+				elem = this[ i ];
+				// This expression is here for better compressibility (see addClass)
+				cur = elem.nodeType === 1 && ( elem.className ?
+					( " " + elem.className + " " ).replace( rclass, " " ) :
+					""
+				);
+
+				if ( cur ) {
+					j = 0;
+					while ( (clazz = classes[j++]) ) {
+						// Remove *all* instances
+						while ( cur.indexOf( " " + clazz + " " ) >= 0 ) {
+							cur = cur.replace( " " + clazz + " ", " " );
+						}
+					}
+
+					// only assign if different to avoid unneeded rendering.
+					finalValue = value ? jQuery.trim( cur ) : "";
+					if ( elem.className !== finalValue ) {
+						elem.className = finalValue;
+					}
+				}
+			}
+		}
+
+		return this;
+	},
+
+	toggleClass: function( value, stateVal ) {
+		var type = typeof value;
+
+		if ( typeof stateVal === "boolean" && type === "string" ) {
+			return stateVal ? this.addClass( value ) : this.removeClass( value );
+		}
+
+		if ( jQuery.isFunction( value ) ) {
+			return this.each(function( i ) {
+				jQuery( this ).toggleClass( value.call(this, i, this.className, stateVal), stateVal );
+			});
+		}
+
+		return this.each(function() {
+			if ( type === "string" ) {
+				// toggle individual class names
+				var className,
+					i = 0,
+					self = jQuery( this ),
+					classNames = value.match( rnotwhite ) || [];
+
+				while ( (className = classNames[ i++ ]) ) {
+					// check each className given, space separated list
+					if ( self.hasClass( className ) ) {
+						self.removeClass( className );
+					} else {
+						self.addClass( className );
+					}
+				}
+
+			// Toggle whole class name
+			} else if ( type === strundefined || type === "boolean" ) {
+				if ( this.className ) {
+					// store className if set
+					jQuery._data( this, "__className__", this.className );
+				}
+
+				// If the element has a class name or if we're passed "false",
+				// then remove the whole classname (if there was one, the above saved it).
+				// Otherwise bring back whatever was previously saved (if anything),
+				// falling back to the empty string if nothing was stored.
+				this.className = this.className || value === false ? "" : jQuery._data( this, "__className__" ) || "";
+			}
+		});
+	},
+
+	hasClass: function( selector ) {
+		var className = " " + selector + " ",
+			i = 0,
+			l = this.length;
+		for ( ; i < l; i++ ) {
+			if ( this[i].nodeType === 1 && (" " + this[i].className + " ").replace(rclass, " ").indexOf( className ) >= 0 ) {
+				return true;
+			}
+		}
+
+		return false;
+	}
+});
+
+
+
+
+// Return jQuery for attributes-only inclusion
+
+
+jQuery.each( ("blur focus focusin focusout load resize scroll unload click dblclick " +
+	"mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave " +
+	"change select submit keydown keypress keyup error contextmenu").split(" "), function( i, name ) {
+
+	// Handle event binding
+	jQuery.fn[ name ] = function( data, fn ) {
+		return arguments.length > 0 ?
+			this.on( name, null, data, fn ) :
+			this.trigger( name );
+	};
+});
+
+jQuery.fn.extend({
+	hover: function( fnOver, fnOut ) {
+		return this.mouseenter( fnOver ).mouseleave( fnOut || fnOver );
+	},
+
+	bind: function( types, data, fn ) {
+		return this.on( types, null, data, fn );
+	},
+	unbind: function( types, fn ) {
+		return this.off( types, null, fn );
+	},
+
+	delegate: function( selector, types, data, fn ) {
+		return this.on( types, selector, data, fn );
+	},
+	undelegate: function( selector, types, fn ) {
+		// ( namespace ) or ( selector, types [, fn] )
+		return arguments.length === 1 ? this.off( selector, "**" ) : this.off( types, selector || "**", fn );
+	}
+});
+
+
+var nonce = jQuery.now();
+
+var rquery = (/\?/);
+
+
+
+var rvalidtokens = /(,)|(\[|{)|(}|])|"(?:[^"\\\r\n]|\\["\\\/bfnrt]|\\u[\da-fA-F]{4})*"\s*:?|true|false|null|-?(?!0\d)\d+(?:\.\d+|)(?:[eE][+-]?\d+|)/g;
+
+jQuery.parseJSON = function( data ) {
+	// Attempt to parse using the native JSON parser first
+	if ( window.JSON && window.JSON.parse ) {
+		// Support: Android 2.3
+		// Workaround failure to string-cast null input
+		return window.JSON.parse( data + "" );
+	}
+
+	var requireNonComma,
+		depth = null,
+		str = jQuery.trim( data + "" );
+
+	// Guard against invalid (and possibly dangerous) input by ensuring that nothing remains
+	// after removing valid tokens
+	return str && !jQuery.trim( str.replace( rvalidtokens, function( token, comma, open, close ) {
+
+		// Force termination if we see a misplaced comma
+		if ( requireNonComma && comma ) {
+			depth = 0;
+		}
+
+		// Perform no more replacements after returning to outermost depth
+		if ( depth === 0 ) {
+			return token;
+		}
+
+		// Commas must not follow "[", "{", or ","
+		requireNonComma = open || comma;
+
+		// Determine new depth
+		// array/object open ("[" or "{"): depth += true - false (increment)
+		// array/object close ("]" or "}"): depth += false - true (decrement)
+		// other cases ("," or primitive): depth += true - true (numeric cast)
+		depth += !close - !open;
+
+		// Remove this token
+		return "";
+	}) ) ?
+		( Function( "return " + str ) )() :
+		jQuery.error( "Invalid JSON: " + data );
+};
+
+
+// Cross-browser xml parsing
+jQuery.parseXML = function( data ) {
+	var xml, tmp;
+	if ( !data || typeof data !== "string" ) {
+		return null;
+	}
+	try {
+		if ( window.DOMParser ) { // Standard
+			tmp = new DOMParser();
+			xml = tmp.parseFromString( data, "text/xml" );
+		} else { // IE
+			xml = new ActiveXObject( "Microsoft.XMLDOM" );
+			xml.async = "false";
+			xml.loadXML( data );
+		}
+	} catch( e ) {
+		xml = undefined;
+	}
+	if ( !xml || !xml.documentElement || xml.getElementsByTagName( "parsererror" ).length ) {
+		jQuery.error( "Invalid XML: " + data );
+	}
+	return xml;
+};
+
+
+var
+	// Document location
+	ajaxLocParts,
+	ajaxLocation,
+
+	rhash = /#.*$/,
+	rts = /([?&])_=[^&]*/,
+	rheaders = /^(.*?):[ \t]*([^\r\n]*)\r?$/mg, // IE leaves an \r character at EOL
+	// #7653, #8125, #8152: local protocol detection
+	rlocalProtocol = /^(?:about|app|app-storage|.+-extension|file|res|widget):$/,
+	rnoContent = /^(?:GET|HEAD)$/,
+	rprotocol = /^\/\//,
+	rurl = /^([\w.+-]+:)(?:\/\/(?:[^\/?#]*@|)([^\/?#:]*)(?::(\d+)|)|)/,
+
+	/* Prefilters
+	 * 1) They are useful to introduce custom dataTypes (see ajax/jsonp.js for an example)
+	 * 2) These are called:
+	 *    - BEFORE asking for a transport
+	 *    - AFTER param serialization (s.data is a string if s.processData is true)
+	 * 3) key is the dataType
+	 * 4) the catchall symbol "*" can be used
+	 * 5) execution will start with transport dataType and THEN continue down to "*" if needed
+	 */
+	prefilters = {},
+
+	/* Transports bindings
+	 * 1) key is the dataType
+	 * 2) the catchall symbol "*" can be used
+	 * 3) selection will start with transport dataType and THEN go to "*" if needed
+	 */
+	transports = {},
+
+	// Avoid comment-prolog char sequence (#10098); must appease lint and evade compression
+	allTypes = "*/".concat("*");
+
+// #8138, IE may throw an exception when accessing
+// a field from window.location if document.domain has been set
+try {
+	ajaxLocation = location.href;
+} catch( e ) {
+	// Use the href attribute of an A element
+	// since IE will modify it given document.location
+	ajaxLocation = document.createElement( "a" );
+	ajaxLocation.href = "";
+	ajaxLocation = ajaxLocation.href;
+}
+
+// Segment location into parts
+ajaxLocParts = rurl.exec( ajaxLocation.toLowerCase() ) || [];
+
+// Base "constructor" for jQuery.ajaxPrefilter and jQuery.ajaxTransport
+function addToPrefiltersOrTransports( structure ) {
+
+	// dataTypeExpression is optional and defaults to "*"
+	return function( dataTypeExpression, func ) {
+
+		if ( typeof dataTypeExpression !== "string" ) {
+			func = dataTypeExpression;
+			dataTypeExpression = "*";
+		}
+
+		var dataType,
+			i = 0,
+			dataTypes = dataTypeExpression.toLowerCase().match( rnotwhite ) || [];
+
+		if ( jQuery.isFunction( func ) ) {
+			// For each dataType in the dataTypeExpression
+			while ( (dataType = dataTypes[i++]) ) {
+				// Prepend if requested
+				if ( dataType.charAt( 0 ) === "+" ) {
+					dataType = dataType.slice( 1 ) || "*";
+					(structure[ dataType ] = structure[ dataType ] || []).unshift( func );
+
+				// Otherwise append
+				} else {
+					(structure[ dataType ] = structure[ dataType ] || []).push( func );
+				}
+			}
+		}
+	};
+}
+
+// Base inspection function for prefilters and transports
+function inspectPrefiltersOrTransports( structure, options, originalOptions, jqXHR ) {
+
+	var inspected = {},
+		seekingTransport = ( structure === transports );
+
+	function inspect( dataType ) {
+		var selected;
+		inspected[ dataType ] = true;
+		jQuery.each( structure[ dataType ] || [], function( _, prefilterOrFactory ) {
+			var dataTypeOrTransport = prefilterOrFactory( options, originalOptions, jqXHR );
+			if ( typeof dataTypeOrTransport === "string" && !seekingTransport && !inspected[ dataTypeOrTransport ] ) {
+				options.dataTypes.unshift( dataTypeOrTransport );
+				inspect( dataTypeOrTransport );
+				return false;
+			} else if ( seekingTransport ) {
+				return !( selected = dataTypeOrTransport );
+			}
+		});
+		return selected;
+	}
+
+	return inspect( options.dataTypes[ 0 ] ) || !inspected[ "*" ] && inspect( "*" );
+}
+
+// A special extend for ajax options
+// that takes "flat" options (not to be deep extended)
+// Fixes #9887
+function ajaxExtend( target, src ) {
+	var deep, key,
+		flatOptions = jQuery.ajaxSettings.flatOptions || {};
+
+	for ( key in src ) {
+		if ( src[ key ] !== undefined ) {
+			( flatOptions[ key ] ? target : ( deep || (deep = {}) ) )[ key ] = src[ key ];
+		}
+	}
+	if ( deep ) {
+		jQuery.extend( true, target, deep );
+	}
+
+	return target;
+}
+
+/* Handles responses to an ajax request:
+ * - finds the right dataType (mediates between content-type and expected dataType)
+ * - returns the corresponding response
+ */
+function ajaxHandleResponses( s, jqXHR, responses ) {
+	var firstDataType, ct, finalDataType, type,
+		contents = s.contents,
+		dataTypes = s.dataTypes;
+
+	// Remove auto dataType and get content-type in the process
+	while ( dataTypes[ 0 ] === "*" ) {
+		dataTypes.shift();
+		if ( ct === undefined ) {
+			ct = s.mimeType || jqXHR.getResponseHeader("Content-Type");
+		}
+	}
+
+	// Check if we're dealing with a known content-type
+	if ( ct ) {
+		for ( type in contents ) {
+			if ( contents[ type ] && contents[ type ].test( ct ) ) {
+				dataTypes.unshift( type );
+				break;
+			}
+		}
+	}
+
+	// Check to see if we have a response for the expected dataType
+	if ( dataTypes[ 0 ] in responses ) {
+		finalDataType = dataTypes[ 0 ];
+	} else {
+		// Try convertible dataTypes
+		for ( type in responses ) {
+			if ( !dataTypes[ 0 ] || s.converters[ type + " " + dataTypes[0] ] ) {
+				finalDataType = type;
+				break;
+			}
+			if ( !firstDataType ) {
+				firstDataType = type;
+			}
+		}
+		// Or just use first one
+		finalDataType = finalDataType || firstDataType;
+	}
+
+	// If we found a dataType
+	// We add the dataType to the list if needed
+	// and return the corresponding response
+	if ( finalDataType ) {
+		if ( finalDataType !== dataTypes[ 0 ] ) {
+			dataTypes.unshift( finalDataType );
+		}
+		return responses[ finalDataType ];
+	}
+}
+
+/* Chain conversions given the request and the original response
+ * Also sets the responseXXX fields on the jqXHR instance
+ */
+function ajaxConvert( s, response, jqXHR, isSuccess ) {
+	var conv2, current, conv, tmp, prev,
+		converters = {},
+		// Work with a copy of dataTypes in case we need to modify it for conversion
+		dataTypes = s.dataTypes.slice();
+
+	// Create converters map with lowercased keys
+	if ( dataTypes[ 1 ] ) {
+		for ( conv in s.converters ) {
+			converters[ conv.toLowerCase() ] = s.converters[ conv ];
+		}
+	}
+
+	current = dataTypes.shift();
+
+	// Convert to each sequential dataType
+	while ( current ) {
+
+		if ( s.responseFields[ current ] ) {
+			jqXHR[ s.responseFields[ current ] ] = response;
+		}
+
+		// Apply the dataFilter if provided
+		if ( !prev && isSuccess && s.dataFilter ) {
+			response = s.dataFilter( response, s.dataType );
+		}
+
+		prev = current;
+		current = dataTypes.shift();
+
+		if ( current ) {
+
+			// There's only work to do if current dataType is non-auto
+			if ( current === "*" ) {
+
+				current = prev;
+
+			// Convert response if prev dataType is non-auto and differs from current
+			} else if ( prev !== "*" && prev !== current ) {
+
+				// Seek a direct converter
+				conv = converters[ prev + " " + current ] || converters[ "* " + current ];
+
+				// If none found, seek a pair
+				if ( !conv ) {
+					for ( conv2 in converters ) {
+
+						// If conv2 outputs current
+						tmp = conv2.split( " " );
+						if ( tmp[ 1 ] === current ) {
+
+							// If prev can be converted to accepted input
+							conv = converters[ prev + " " + tmp[ 0 ] ] ||
+								converters[ "* " + tmp[ 0 ] ];
+							if ( conv ) {
+								// Condense equivalence converters
+								if ( conv === true ) {
+									conv = converters[ conv2 ];
+
+								// Otherwise, insert the intermediate dataType
+								} else if ( converters[ conv2 ] !== true ) {
+									current = tmp[ 0 ];
+									dataTypes.unshift( tmp[ 1 ] );
+								}
+								break;
+							}
+						}
+					}
+				}
+
+				// Apply converter (if not an equivalence)
+				if ( conv !== true ) {
+
+					// Unless errors are allowed to bubble, catch and return them
+					if ( conv && s[ "throws" ] ) {
+						response = conv( response );
+					} else {
+						try {
+							response = conv( response );
+						} catch ( e ) {
+							return { state: "parsererror", error: conv ? e : "No conversion from " + prev + " to " + current };
+						}
+					}
+				}
+			}
+		}
+	}
+
+	return { state: "success", data: response };
+}
+
+jQuery.extend({
+
+	// Counter for holding the number of active queries
+	active: 0,
+
+	// Last-Modified header cache for next request
+	lastModified: {},
+	etag: {},
+
+	ajaxSettings: {
+		url: ajaxLocation,
+		type: "GET",
+		isLocal: rlocalProtocol.test( ajaxLocParts[ 1 ] ),
+		global: true,
+		processData: true,
+		async: true,
+		contentType: "application/x-www-form-urlencoded; charset=UTF-8",
+		/*
+		timeout: 0,
+		data: null,
+		dataType: null,
+		username: null,
+		password: null,
+		cache: null,
+		throws: false,
+		traditional: false,
+		headers: {},
+		*/
+
+		accepts: {
+			"*": allTypes,
+			text: "text/plain",
+			html: "text/html",
+			xml: "application/xml, text/xml",
+			json: "application/json, text/javascript"
+		},
+
+		contents: {
+			xml: /xml/,
+			html: /html/,
+			json: /json/
+		},
+
+		responseFields: {
+			xml: "responseXML",
+			text: "responseText",
+			json: "responseJSON"
+		},
+
+		// Data converters
+		// Keys separate source (or catchall "*") and destination types with a single space
+		converters: {
+
+			// Convert anything to text
+			"* text": String,
+
+			// Text to html (true = no transformation)
+			"text html": true,
+
+			// Evaluate text as a json expression
+			"text json": jQuery.parseJSON,
+
+			// Parse text as xml
+			"text xml": jQuery.parseXML
+		},
+
+		// For options that shouldn't be deep extended:
+		// you can add your own custom options here if
+		// and when you create one that shouldn't be
+		// deep extended (see ajaxExtend)
+		flatOptions: {
+			url: true,
+			context: true
+		}
+	},
+
+	// Creates a full fledged settings object into target
+	// with both ajaxSettings and settings fields.
+	// If target is omitted, writes into ajaxSettings.
+	ajaxSetup: function( target, settings ) {
+		return settings ?
+
+			// Building a settings object
+			ajaxExtend( ajaxExtend( target, jQuery.ajaxSettings ), settings ) :
+
+			// Extending ajaxSettings
+			ajaxExtend( jQuery.ajaxSettings, target );
+	},
+
+	ajaxPrefilter: addToPrefiltersOrTransports( prefilters ),
+	ajaxTransport: addToPrefiltersOrTransports( transports ),
+
+	// Main method
+	ajax: function( url, options ) {
+
+		// If url is an object, simulate pre-1.5 signature
+		if ( typeof url === "object" ) {
+			options = url;
+			url = undefined;
+		}
+
+		// Force options to be an object
+		options = options || {};
+
+		var // Cross-domain detection vars
+			parts,
+			// Loop variable
+			i,
+			// URL without anti-cache param
+			cacheURL,
+			// Response headers as string
+			responseHeadersString,
+			// timeout handle
+			timeoutTimer,
+
+			// To know if global events are to be dispatched
+			fireGlobals,
+
+			transport,
+			// Response headers
+			responseHeaders,
+			// Create the final options object
+			s = jQuery.ajaxSetup( {}, options ),
+			// Callbacks context
+			callbackContext = s.context || s,
+			// Context for global events is callbackContext if it is a DOM node or jQuery collection
+			globalEventContext = s.context && ( callbackContext.nodeType || callbackContext.jquery ) ?
+				jQuery( callbackContext ) :
+				jQuery.event,
+			// Deferreds
+			deferred = jQuery.Deferred(),
+			completeDeferred = jQuery.Callbacks("once memory"),
+			// Status-dependent callbacks
+			statusCode = s.statusCode || {},
+			// Headers (they are sent all at once)
+			requestHeaders = {},
+			requestHeadersNames = {},
+			// The jqXHR state
+			state = 0,
+			// Default abort message
+			strAbort = "canceled",
+			// Fake xhr
+			jqXHR = {
+				readyState: 0,
+
+				// Builds headers hashtable if needed
+				getResponseHeader: function( key ) {
+					var match;
+					if ( state === 2 ) {
+						if ( !responseHeaders ) {
+							responseHeaders = {};
+							while ( (match = rheaders.exec( responseHeadersString )) ) {
+								responseHeaders[ match[1].toLowerCase() ] = match[ 2 ];
+							}
+						}
+						match = responseHeaders[ key.toLowerCase() ];
+					}
+					return match == null ? null : match;
+				},
+
+				// Raw string
+				getAllResponseHeaders: function() {
+					return state === 2 ? responseHeadersString : null;
+				},
+
+				// Caches the header
+				setRequestHeader: function( name, value ) {
+					var lname = name.toLowerCase();
+					if ( !state ) {
+						name = requestHeadersNames[ lname ] = requestHeadersNames[ lname ] || name;
+						requestHeaders[ name ] = value;
+					}
+					return this;
+				},
+
+				// Overrides response content-type header
+				overrideMimeType: function( type ) {
+					if ( !state ) {
+						s.mimeType = type;
+					}
+					return this;
+				},
+
+				// Status-dependent callbacks
+				statusCode: function( map ) {
+					var code;
+					if ( map ) {
+						if ( state < 2 ) {
+							for ( code in map ) {
+								// Lazy-add the new callback in a way that preserves old ones
+								statusCode[ code ] = [ statusCode[ code ], map[ code ] ];
+							}
+						} else {
+							// Execute the appropriate callbacks
+							jqXHR.always( map[ jqXHR.status ] );
+						}
+					}
+					return this;
+				},
+
+				// Cancel the request
+				abort: function( statusText ) {
+					var finalText = statusText || strAbort;
+					if ( transport ) {
+						transport.abort( finalText );
+					}
+					done( 0, finalText );
+					return this;
+				}
+			};
+
+		// Attach deferreds
+		deferred.promise( jqXHR ).complete = completeDeferred.add;
+		jqXHR.success = jqXHR.done;
+		jqXHR.error = jqXHR.fail;
+
+		// Remove hash character (#7531: and string promotion)
+		// Add protocol if not provided (#5866: IE7 issue with protocol-less urls)
+		// Handle falsy url in the settings object (#10093: consistency with old signature)
+		// We also use the url parameter if available
+		s.url = ( ( url || s.url || ajaxLocation ) + "" ).replace( rhash, "" ).replace( rprotocol, ajaxLocParts[ 1 ] + "//" );
+
+		// Alias method option to type as per ticket #12004
+		s.type = options.method || options.type || s.method || s.type;
+
+		// Extract dataTypes list
+		s.dataTypes = jQuery.trim( s.dataType || "*" ).toLowerCase().match( rnotwhite ) || [ "" ];
+
+		// A cross-domain request is in order when we have a protocol:host:port mismatch
+		if ( s.crossDomain == null ) {
+			parts = rurl.exec( s.url.toLowerCase() );
+			s.crossDomain = !!( parts &&
+				( parts[ 1 ] !== ajaxLocParts[ 1 ] || parts[ 2 ] !== ajaxLocParts[ 2 ] ||
+					( parts[ 3 ] || ( parts[ 1 ] === "http:" ? "80" : "443" ) ) !==
+						( ajaxLocParts[ 3 ] || ( ajaxLocParts[ 1 ] === "http:" ? "80" : "443" ) ) )
+			);
+		}
+
+		// Convert data if not already a string
+		if ( s.data && s.processData && typeof s.data !== "string" ) {
+			s.data = jQuery.param( s.data, s.traditional );
+		}
+
+		// Apply prefilters
+		inspectPrefiltersOrTransports( prefilters, s, options, jqXHR );
+
+		// If request was aborted inside a prefilter, stop there
+		if ( state === 2 ) {
+			return jqXHR;
+		}
+
+		// We can fire global events as of now if asked to
+		// Don't fire events if jQuery.event is undefined in an AMD-usage scenario (#15118)
+		fireGlobals = jQuery.event && s.global;
+
+		// Watch for a new set of requests
+		if ( fireGlobals && jQuery.active++ === 0 ) {
+			jQuery.event.trigger("ajaxStart");
+		}
+
+		// Uppercase the type
+		s.type = s.type.toUpperCase();
+
+		// Determine if request has content
+		s.hasContent = !rnoContent.test( s.type );
+
+		// Save the URL in case we're toying with the If-Modified-Since
+		// and/or If-None-Match header later on
+		cacheURL = s.url;
+
+		// More options handling for requests with no content
+		if ( !s.hasContent ) {
+
+			// If data is available, append data to url
+			if ( s.data ) {
+				cacheURL = ( s.url += ( rquery.test( cacheURL ) ? "&" : "?" ) + s.data );
+				// #9682: remove data so that it's not used in an eventual retry
+				delete s.data;
+			}
+
+			// Add anti-cache in url if needed
+			if ( s.cache === false ) {
+				s.url = rts.test( cacheURL ) ?
+
+					// If there is already a '_' parameter, set its value
+					cacheURL.replace( rts, "$1_=" + nonce++ ) :
+
+					// Otherwise add one to the end
+					cacheURL + ( rquery.test( cacheURL ) ? "&" : "?" ) + "_=" + nonce++;
+			}
+		}
+
+		// Set the If-Modified-Since and/or If-None-Match header, if in ifModified mode.
+		if ( s.ifModified ) {
+			if ( jQuery.lastModified[ cacheURL ] ) {
+				jqXHR.setRequestHeader( "If-Modified-Since", jQuery.lastModified[ cacheURL ] );
+			}
+			if ( jQuery.etag[ cacheURL ] ) {
+				jqXHR.setRequestHeader( "If-None-Match", jQuery.etag[ cacheURL ] );
+			}
+		}
+
+		// Set the correct header, if data is being sent
+		if ( s.data && s.hasContent && s.contentType !== false || options.contentType ) {
+			jqXHR.setRequestHeader( "Content-Type", s.contentType );
+		}
+
+		// Set the Accepts header for the server, depending on the dataType
+		jqXHR.setRequestHeader(
+			"Accept",
+			s.dataTypes[ 0 ] && s.accepts[ s.dataTypes[0] ] ?
+				s.accepts[ s.dataTypes[0] ] + ( s.dataTypes[ 0 ] !== "*" ? ", " + allTypes + "; q=0.01" : "" ) :
+				s.accepts[ "*" ]
+		);
+
+		// Check for headers option
+		for ( i in s.headers ) {
+			jqXHR.setRequestHeader( i, s.headers[ i ] );
+		}
+
+		// Allow custom headers/mimetypes and early abort
+		if ( s.beforeSend && ( s.beforeSend.call( callbackContext, jqXHR, s ) === false || state === 2 ) ) {
+			// Abort if not done already and return
+			return jqXHR.abort();
+		}
+
+		// aborting is no longer a cancellation
+		strAbort = "abort";
+
+		// Install callbacks on deferreds
+		for ( i in { success: 1, error: 1, complete: 1 } ) {
+			jqXHR[ i ]( s[ i ] );
+		}
+
+		// Get transport
+		transport = inspectPrefiltersOrTransports( transports, s, options, jqXHR );
+
+		// If no transport, we auto-abort
+		if ( !transport ) {
+			done( -1, "No Transport" );
+		} else {
+			jqXHR.readyState = 1;
+
+			// Send global event
+			if ( fireGlobals ) {
+				globalEventContext.trigger( "ajaxSend", [ jqXHR, s ] );
+			}
+			// Timeout
+			if ( s.async && s.timeout > 0 ) {
+				timeoutTimer = setTimeout(function() {
+					jqXHR.abort("timeout");
+				}, s.timeout );
+			}
+
+			try {
+				state = 1;
+				transport.send( requestHeaders, done );
+			} catch ( e ) {
+				// Propagate exception as error if not done
+				if ( state < 2 ) {
+					done( -1, e );
+				// Simply rethrow otherwise
+				} else {
+					throw e;
+				}
+			}
+		}
+
+		// Callback for when everything is done
+		function done( status, nativeStatusText, responses, headers ) {
+			var isSuccess, success, error, response, modified,
+				statusText = nativeStatusText;
+
+			// Called once
+			if ( state === 2 ) {
+				return;
+			}
+
+			// State is "done" now
+			state = 2;
+
+			// Clear timeout if it exists
+			if ( timeoutTimer ) {
+				clearTimeout( timeoutTimer );
+			}
+
+			// Dereference transport for early garbage collection
+			// (no matter how long the jqXHR object will be used)
+			transport = undefined;
+
+			// Cache response headers
+			responseHeadersString = headers || "";
+
+			// Set readyState
+			jqXHR.readyState = status > 0 ? 4 : 0;
+
+			// Determine if successful
+			isSuccess = status >= 200 && status < 300 || status === 304;
+
+			// Get response data
+			if ( responses ) {
+				response = ajaxHandleResponses( s, jqXHR, responses );
+			}
+
+			// Convert no matter what (that way responseXXX fields are always set)
+			response = ajaxConvert( s, response, jqXHR, isSuccess );
+
+			// If successful, handle type chaining
+			if ( isSuccess ) {
+
+				// Set the If-Modified-Since and/or If-None-Match header, if in ifModified mode.
+				if ( s.ifModified ) {
+					modified = jqXHR.getResponseHeader("Last-Modified");
+					if ( modified ) {
+						jQuery.lastModified[ cacheURL ] = modified;
+					}
+					modified = jqXHR.getResponseHeader("etag");
+					if ( modified ) {
+						jQuery.etag[ cacheURL ] = modified;
+					}
+				}
+
+				// if no content
+				if ( status === 204 || s.type === "HEAD" ) {
+					statusText = "nocontent";
+
+				// if not modified
+				} else if ( status === 304 ) {
+					statusText = "notmodified";
+
+				// If we have data, let's convert it
+				} else {
+					statusText = response.state;
+					success = response.data;
+					error = response.error;
+					isSuccess = !error;
+				}
+			} else {
+				// We extract error from statusText
+				// then normalize statusText and status for non-aborts
+				error = statusText;
+				if ( status || !statusText ) {
+					statusText = "error";
+					if ( status < 0 ) {
+						status = 0;
+					}
+				}
+			}
+
+			// Set data for the fake xhr object
+			jqXHR.status = status;
+			jqXHR.statusText = ( nativeStatusText || statusText ) + "";
+
+			// Success/Error
+			if ( isSuccess ) {
+				deferred.resolveWith( callbackContext, [ success, statusText, jqXHR ] );
+			} else {
+				deferred.rejectWith( callbackContext, [ jqXHR, statusText, error ] );
+			}
+
+			// Status-dependent callbacks
+			jqXHR.statusCode( statusCode );
+			statusCode = undefined;
+
+			if ( fireGlobals ) {
+				globalEventContext.trigger( isSuccess ? "ajaxSuccess" : "ajaxError",
+					[ jqXHR, s, isSuccess ? success : error ] );
+			}
+
+			// Complete
+			completeDeferred.fireWith( callbackContext, [ jqXHR, statusText ] );
+
+			if ( fireGlobals ) {
+				globalEventContext.trigger( "ajaxComplete", [ jqXHR, s ] );
+				// Handle the global AJAX counter
+				if ( !( --jQuery.active ) ) {
+					jQuery.event.trigger("ajaxStop");
+				}
+			}
+		}
+
+		return jqXHR;
+	},
+
+	getJSON: function( url, data, callback ) {
+		return jQuery.get( url, data, callback, "json" );
+	},
+
+	getScript: function( url, callback ) {
+		return jQuery.get( url, undefined, callback, "script" );
+	}
+});
+
+jQuery.each( [ "get", "post" ], function( i, method ) {
+	jQuery[ method ] = function( url, data, callback, type ) {
+		// shift arguments if data argument was omitted
+		if ( jQuery.isFunction( data ) ) {
+			type = type || callback;
+			callback = data;
+			data = undefined;
+		}
+
+		return jQuery.ajax({
+			url: url,
+			type: method,
+			dataType: type,
+			data: data,
+			success: callback
+		});
+	};
+});
+
+
+jQuery._evalUrl = function( url ) {
+	return jQuery.ajax({
+		url: url,
+		type: "GET",
+		dataType: "script",
+		async: false,
+		global: false,
+		"throws": true
+	});
+};
+
+
+jQuery.fn.extend({
+	wrapAll: function( html ) {
+		if ( jQuery.isFunction( html ) ) {
+			return this.each(function(i) {
+				jQuery(this).wrapAll( html.call(this, i) );
+			});
+		}
+
+		if ( this[0] ) {
+			// The elements to wrap the target around
+			var wrap = jQuery( html, this[0].ownerDocument ).eq(0).clone(true);
+
+			if ( this[0].parentNode ) {
+				wrap.insertBefore( this[0] );
+			}
+
+			wrap.map(function() {
+				var elem = this;
+
+				while ( elem.firstChild && elem.firstChild.nodeType === 1 ) {
+					elem = elem.firstChild;
+				}
+
+				return elem;
+			}).append( this );
+		}
+
+		return this;
+	},
+
+	wrapInner: function( html ) {
+		if ( jQuery.isFunction( html ) ) {
+			return this.each(function(i) {
+				jQuery(this).wrapInner( html.call(this, i) );
+			});
+		}
+
+		return this.each(function() {
+			var self = jQuery( this ),
+				contents = self.contents();
+
+			if ( contents.length ) {
+				contents.wrapAll( html );
+
+			} else {
+				self.append( html );
+			}
+		});
+	},
+
+	wrap: function( html ) {
+		var isFunction = jQuery.isFunction( html );
+
+		return this.each(function(i) {
+			jQuery( this ).wrapAll( isFunction ? html.call(this, i) : html );
+		});
+	},
+
+	unwrap: function() {
+		return this.parent().each(function() {
+			if ( !jQuery.nodeName( this, "body" ) ) {
+				jQuery( this ).replaceWith( this.childNodes );
+			}
+		}).end();
+	}
+});
+
+
+jQuery.expr.filters.hidden = function( elem ) {
+	// Support: Opera <= 12.12
+	// Opera reports offsetWidths and offsetHeights less than zero on some elements
+	return elem.offsetWidth <= 0 && elem.offsetHeight <= 0 ||
+		(!support.reliableHiddenOffsets() &&
+			((elem.style && elem.style.display) || jQuery.css( elem, "display" )) === "none");
+};
+
+jQuery.expr.filters.visible = function( elem ) {
+	return !jQuery.expr.filters.hidden( elem );
+};
+
+
+
+
+var r20 = /%20/g,
+	rbracket = /\[\]$/,
+	rCRLF = /\r?\n/g,
+	rsubmitterTypes = /^(?:submit|button|image|reset|file)$/i,
+	rsubmittable = /^(?:input|select|textarea|keygen)/i;
+
+function buildParams( prefix, obj, traditional, add ) {
+	var name;
+
+	if ( jQuery.isArray( obj ) ) {
+		// Serialize array item.
+		jQuery.each( obj, function( i, v ) {
+			if ( traditional || rbracket.test( prefix ) ) {
+				// Treat each array item as a scalar.
+				add( prefix, v );
+
+			} else {
+				// Item is non-scalar (array or object), encode its numeric index.
+				buildParams( prefix + "[" + ( typeof v === "object" ? i : "" ) + "]", v, traditional, add );
+			}
+		});
+
+	} else if ( !traditional && jQuery.type( obj ) === "object" ) {
+		// Serialize object item.
+		for ( name in obj ) {
+			buildParams( prefix + "[" + name + "]", obj[ name ], traditional, add );
+		}
+
+	} else {
+		// Serialize scalar item.
+		add( prefix, obj );
+	}
+}
+
+// Serialize an array of form elements or a set of
+// key/values into a query string
+jQuery.param = function( a, traditional ) {
+	var prefix,
+		s = [],
+		add = function( key, value ) {
+			// If value is a function, invoke it and return its value
+			value = jQuery.isFunction( value ) ? value() : ( value == null ? "" : value );
+			s[ s.length ] = encodeURIComponent( key ) + "=" + encodeURIComponent( value );
+		};
+
+	// Set traditional to true for jQuery <= 1.3.2 behavior.
+	if ( traditional === undefined ) {
+		traditional = jQuery.ajaxSettings && jQuery.ajaxSettings.traditional;
+	}
+
+	// If an array was passed in, assume that it is an array of form elements.
+	if ( jQuery.isArray( a ) || ( a.jquery && !jQuery.isPlainObject( a ) ) ) {
+		// Serialize the form elements
+		jQuery.each( a, function() {
+			add( this.name, this.value );
+		});
+
+	} else {
+		// If traditional, encode the "old" way (the way 1.3.2 or older
+		// did it), otherwise encode params recursively.
+		for ( prefix in a ) {
+			buildParams( prefix, a[ prefix ], traditional, add );
+		}
+	}
+
+	// Return the resulting serialization
+	return s.join( "&" ).replace( r20, "+" );
+};
+
+jQuery.fn.extend({
+	serialize: function() {
+		return jQuery.param( this.serializeArray() );
+	},
+	serializeArray: function() {
+		return this.map(function() {
+			// Can add propHook for "elements" to filter or add form elements
+			var elements = jQuery.prop( this, "elements" );
+			return elements ? jQuery.makeArray( elements ) : this;
+		})
+		.filter(function() {
+			var type = this.type;
+			// Use .is(":disabled") so that fieldset[disabled] works
+			return this.name && !jQuery( this ).is( ":disabled" ) &&
+				rsubmittable.test( this.nodeName ) && !rsubmitterTypes.test( type ) &&
+				( this.checked || !rcheckableType.test( type ) );
+		})
+		.map(function( i, elem ) {
+			var val = jQuery( this ).val();
+
+			return val == null ?
+				null :
+				jQuery.isArray( val ) ?
+					jQuery.map( val, function( val ) {
+						return { name: elem.name, value: val.replace( rCRLF, "\r\n" ) };
+					}) :
+					{ name: elem.name, value: val.replace( rCRLF, "\r\n" ) };
+		}).get();
+	}
+});
+
+
+// Create the request object
+// (This is still attached to ajaxSettings for backward compatibility)
+jQuery.ajaxSettings.xhr = window.ActiveXObject !== undefined ?
+	// Support: IE6+
+	function() {
+
+		// XHR cannot access local files, always use ActiveX for that case
+		return !this.isLocal &&
+
+			// Support: IE7-8
+			// oldIE XHR does not support non-RFC2616 methods (#13240)
+			// See http://msdn.microsoft.com/en-us/library/ie/ms536648(v=vs.85).aspx
+			// and http://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9
+			// Although this check for six methods instead of eight
+			// since IE also does not support "trace" and "connect"
+			/^(get|post|head|put|delete|options)$/i.test( this.type ) &&
+
+			createStandardXHR() || createActiveXHR();
+	} :
+	// For all other browsers, use the standard XMLHttpRequest object
+	createStandardXHR;
+
+var xhrId = 0,
+	xhrCallbacks = {},
+	xhrSupported = jQuery.ajaxSettings.xhr();
+
+// Support: IE<10
+// Open requests must be manually aborted on unload (#5280)
+// See https://support.microsoft.com/kb/2856746 for more info
+if ( window.attachEvent ) {
+	window.attachEvent( "onunload", function() {
+		for ( var key in xhrCallbacks ) {
+			xhrCallbacks[ key ]( undefined, true );
+		}
+	});
+}
+
+// Determine support properties
+support.cors = !!xhrSupported && ( "withCredentials" in xhrSupported );
+xhrSupported = support.ajax = !!xhrSupported;
+
+// Create transport if the browser can provide an xhr
+if ( xhrSupported ) {
+
+	jQuery.ajaxTransport(function( options ) {
+		// Cross domain only allowed if supported through XMLHttpRequest
+		if ( !options.crossDomain || support.cors ) {
+
+			var callback;
+
+			return {
+				send: function( headers, complete ) {
+					var i,
+						xhr = options.xhr(),
+						id = ++xhrId;
+
+					// Open the socket
+					xhr.open( options.type, options.url, options.async, options.username, options.password );
+
+					// Apply custom fields if provided
+					if ( options.xhrFields ) {
+						for ( i in options.xhrFields ) {
+							xhr[ i ] = options.xhrFields[ i ];
+						}
+					}
+
+					// Override mime type if needed
+					if ( options.mimeType && xhr.overrideMimeType ) {
+						xhr.overrideMimeType( options.mimeType );
+					}
+
+					// X-Requested-With header
+					// For cross-domain requests, seeing as conditions for a preflight are
+					// akin to a jigsaw puzzle, we simply never set it to be sure.
+					// (it can always be set on a per-request basis or even using ajaxSetup)
+					// For same-domain requests, won't change header if already provided.
+					if ( !options.crossDomain && !headers["X-Requested-With"] ) {
+						headers["X-Requested-With"] = "XMLHttpRequest";
+					}
+
+					// Set headers
+					for ( i in headers ) {
+						// Support: IE<9
+						// IE's ActiveXObject throws a 'Type Mismatch' exception when setting
+						// request header to a null-value.
+						//
+						// To keep consistent with other XHR implementations, cast the value
+						// to string and ignore `undefined`.
+						if ( headers[ i ] !== undefined ) {
+							xhr.setRequestHeader( i, headers[ i ] + "" );
+						}
+					}
+
+					// Do send the request
+					// This may raise an exception which is actually
+					// handled in jQuery.ajax (so no try/catch here)
+					xhr.send( ( options.hasContent && options.data ) || null );
+
+					// Listener
+					callback = function( _, isAbort ) {
+						var status, statusText, responses;
+
+						// Was never called and is aborted or complete
+						if ( callback && ( isAbort || xhr.readyState === 4 ) ) {
+							// Clean up
+							delete xhrCallbacks[ id ];
+							callback = undefined;
+							xhr.onreadystatechange = jQuery.noop;
+
+							// Abort manually if needed
+							if ( isAbort ) {
+								if ( xhr.readyState !== 4 ) {
+									xhr.abort();
+								}
+							} else {
+								responses = {};
+								status = xhr.status;
+
+								// Support: IE<10
+								// Accessing binary-data responseText throws an exception
+								// (#11426)
+								if ( typeof xhr.responseText === "string" ) {
+									responses.text = xhr.responseText;
+								}
+
+								// Firefox throws an exception when accessing
+								// statusText for faulty cross-domain requests
+								try {
+									statusText = xhr.statusText;
+								} catch( e ) {
+									// We normalize with Webkit giving an empty statusText
+									statusText = "";
+								}
+
+								// Filter status for non standard behaviors
+
+								// If the request is local and we have data: assume a success
+								// (success with no data won't get notified, that's the best we
+								// can do given current implementations)
+								if ( !status && options.isLocal && !options.crossDomain ) {
+									status = responses.text ? 200 : 404;
+								// IE - #1450: sometimes returns 1223 when it should be 204
+								} else if ( status === 1223 ) {
+									status = 204;
+								}
+							}
+						}
+
+						// Call complete if needed
+						if ( responses ) {
+							complete( status, statusText, responses, xhr.getAllResponseHeaders() );
+						}
+					};
+
+					if ( !options.async ) {
+						// if we're in sync mode we fire the callback
+						callback();
+					} else if ( xhr.readyState === 4 ) {
+						// (IE6 & IE7) if it's in cache and has been
+						// retrieved directly we need to fire the callback
+						setTimeout( callback );
+					} else {
+						// Add to the list of active xhr callbacks
+						xhr.onreadystatechange = xhrCallbacks[ id ] = callback;
+					}
+				},
+
+				abort: function() {
+					if ( callback ) {
+						callback( undefined, true );
+					}
+				}
+			};
+		}
+	});
+}
+
+// Functions to create xhrs
+function createStandardXHR() {
+	try {
+		return new window.XMLHttpRequest();
+	} catch( e ) {}
+}
+
+function createActiveXHR() {
+	try {
+		return new window.ActiveXObject( "Microsoft.XMLHTTP" );
+	} catch( e ) {}
+}
+
+
+
+
+// Install script dataType
+jQuery.ajaxSetup({
+	accepts: {
+		script: "text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"
+	},
+	contents: {
+		script: /(?:java|ecma)script/
+	},
+	converters: {
+		"text script": function( text ) {
+			jQuery.globalEval( text );
+			return text;
+		}
+	}
+});
+
+// Handle cache's special case and global
+jQuery.ajaxPrefilter( "script", function( s ) {
+	if ( s.cache === undefined ) {
+		s.cache = false;
+	}
+	if ( s.crossDomain ) {
+		s.type = "GET";
+		s.global = false;
+	}
+});
+
+// Bind script tag hack transport
+jQuery.ajaxTransport( "script", function(s) {
+
+	// This transport only deals with cross domain requests
+	if ( s.crossDomain ) {
+
+		var script,
+			head = document.head || jQuery("head")[0] || document.documentElement;
+
+		return {
+
+			send: function( _, callback ) {
+
+				script = document.createElement("script");
+
+				script.async = true;
+
+				if ( s.scriptCharset ) {
+					script.charset = s.scriptCharset;
+				}
+
+				script.src = s.url;
+
+				// Attach handlers for all browsers
+				script.onload = script.onreadystatechange = function( _, isAbort ) {
+
+					if ( isAbort || !script.readyState || /loaded|complete/.test( script.readyState ) ) {
+
+						// Handle memory leak in IE
+						script.onload = script.onreadystatechange = null;
+
+						// Remove the script
+						if ( script.parentNode ) {
+							script.parentNode.removeChild( script );
+						}
+
+						// Dereference the script
+						script = null;
+
+						// Callback if not abort
+						if ( !isAbort ) {
+							callback( 200, "success" );
+						}
+					}
+				};
+
+				// Circumvent IE6 bugs with base elements (#2709 and #4378) by prepending
+				// Use native DOM manipulation to avoid our domManip AJAX trickery
+				head.insertBefore( script, head.firstChild );
+			},
+
+			abort: function() {
+				if ( script ) {
+					script.onload( undefined, true );
+				}
+			}
+		};
+	}
+});
+
+
+
+
+var oldCallbacks = [],
+	rjsonp = /(=)\?(?=&|$)|\?\?/;
+
+// Default jsonp settings
+jQuery.ajaxSetup({
+	jsonp: "callback",
+	jsonpCallback: function() {
+		var callback = oldCallbacks.pop() || ( jQuery.expando + "_" + ( nonce++ ) );
+		this[ callback ] = true;
+		return callback;
+	}
+});
+
+// Detect, normalize options and install callbacks for jsonp requests
+jQuery.ajaxPrefilter( "json jsonp", function( s, originalSettings, jqXHR ) {
+
+	var callbackName, overwritten, responseContainer,
+		jsonProp = s.jsonp !== false && ( rjsonp.test( s.url ) ?
+			"url" :
+			typeof s.data === "string" && !( s.contentType || "" ).indexOf("application/x-www-form-urlencoded") && rjsonp.test( s.data ) && "data"
+		);
+
+	// Handle iff the expected data type is "jsonp" or we have a parameter to set
+	if ( jsonProp || s.dataTypes[ 0 ] === "jsonp" ) {
+
+		// Get callback name, remembering preexisting value associated with it
+		callbackName = s.jsonpCallback = jQuery.isFunction( s.jsonpCallback ) ?
+			s.jsonpCallback() :
+			s.jsonpCallback;
+
+		// Insert callback into url or form data
+		if ( jsonProp ) {
+			s[ jsonProp ] = s[ jsonProp ].replace( rjsonp, "$1" + callbackName );
+		} else if ( s.jsonp !== false ) {
+			s.url += ( rquery.test( s.url ) ? "&" : "?" ) + s.jsonp + "=" + callbackName;
+		}
+
+		// Use data converter to retrieve json after script execution
+		s.converters["script json"] = function() {
+			if ( !responseContainer ) {
+				jQuery.error( callbackName + " was not called" );
+			}
+			return responseContainer[ 0 ];
+		};
+
+		// force json dataType
+		s.dataTypes[ 0 ] = "json";
+
+		// Install callback
+		overwritten = window[ callbackName ];
+		window[ callbackName ] = function() {
+			responseContainer = arguments;
+		};
+
+		// Clean-up function (fires after converters)
+		jqXHR.always(function() {
+			// Restore preexisting value
+			window[ callbackName ] = overwritten;
+
+			// Save back as free
+			if ( s[ callbackName ] ) {
+				// make sure that re-using the options doesn't screw things around
+				s.jsonpCallback = originalSettings.jsonpCallback;
+
+				// save the callback name for future use
+				oldCallbacks.push( callbackName );
+			}
+
+			// Call if it was a function and we have a response
+			if ( responseContainer && jQuery.isFunction( overwritten ) ) {
+				overwritten( responseContainer[ 0 ] );
+			}
+
+			responseContainer = overwritten = undefined;
+		});
+
+		// Delegate to script
+		return "script";
+	}
+});
+
+
+
+
+// data: string of html
+// context (optional): If specified, the fragment will be created in this context, defaults to document
+// keepScripts (optional): If true, will include scripts passed in the html string
+jQuery.parseHTML = function( data, context, keepScripts ) {
+	if ( !data || typeof data !== "string" ) {
+		return null;
+	}
+	if ( typeof context === "boolean" ) {
+		keepScripts = context;
+		context = false;
+	}
+	context = context || document;
+
+	var parsed = rsingleTag.exec( data ),
+		scripts = !keepScripts && [];
+
+	// Single tag
+	if ( parsed ) {
+		return [ context.createElement( parsed[1] ) ];
+	}
+
+	parsed = jQuery.buildFragment( [ data ], context, scripts );
+
+	if ( scripts && scripts.length ) {
+		jQuery( scripts ).remove();
+	}
+
+	return jQuery.merge( [], parsed.childNodes );
+};
+
+
+// Keep a copy of the old load method
+var _load = jQuery.fn.load;
+
+/**
+ * Load a url into a page
+ */
+jQuery.fn.load = function( url, params, callback ) {
+	if ( typeof url !== "string" && _load ) {
+		return _load.apply( this, arguments );
+	}
+
+	var selector, response, type,
+		self = this,
+		off = url.indexOf(" ");
+
+	if ( off >= 0 ) {
+		selector = jQuery.trim( url.slice( off, url.length ) );
+		url = url.slice( 0, off );
+	}
+
+	// If it's a function
+	if ( jQuery.isFunction( params ) ) {
+
+		// We assume that it's the callback
+		callback = params;
+		params = undefined;
+
+	// Otherwise, build a param string
+	} else if ( params && typeof params === "object" ) {
+		type = "POST";
+	}
+
+	// If we have elements to modify, make the request
+	if ( self.length > 0 ) {
+		jQuery.ajax({
+			url: url,
+
+			// if "type" variable is undefined, then "GET" method will be used
+			type: type,
+			dataType: "html",
+			data: params
+		}).done(function( responseText ) {
+
+			// Save response for use in complete callback
+			response = arguments;
+
+			self.html( selector ?
+
+				// If a selector was specified, locate the right elements in a dummy div
+				// Exclude scripts to avoid IE 'Permission Denied' errors
+				jQuery("<div>").append( jQuery.parseHTML( responseText ) ).find( selector ) :
+
+				// Otherwise use the full result
+				responseText );
+
+		}).complete( callback && function( jqXHR, status ) {
+			self.each( callback, response || [ jqXHR.responseText, status, jqXHR ] );
+		});
+	}
+
+	return this;
+};
+
+
+
+
+// Attach a bunch of functions for handling common AJAX events
+jQuery.each( [ "ajaxStart", "ajaxStop", "ajaxComplete", "ajaxError", "ajaxSuccess", "ajaxSend" ], function( i, type ) {
+	jQuery.fn[ type ] = function( fn ) {
+		return this.on( type, fn );
+	};
+});
+
+
+
+
+jQuery.expr.filters.animated = function( elem ) {
+	return jQuery.grep(jQuery.timers, function( fn ) {
+		return elem === fn.elem;
+	}).length;
+};
+
+
+
+
+
+var docElem = window.document.documentElement;
+
+/**
+ * Gets a window from an element
+ */
+function getWindow( elem ) {
+	return jQuery.isWindow( elem ) ?
+		elem :
+		elem.nodeType === 9 ?
+			elem.defaultView || elem.parentWindow :
+			false;
+}
+
+jQuery.offset = {
+	setOffset: function( elem, options, i ) {
+		var curPosition, curLeft, curCSSTop, curTop, curOffset, curCSSLeft, calculatePosition,
+			position = jQuery.css( elem, "position" ),
+			curElem = jQuery( elem ),
+			props = {};
+
+		// set position first, in-case top/left are set even on static elem
+		if ( position === "static" ) {
+			elem.style.position = "relative";
+		}
+
+		curOffset = curElem.offset();
+		curCSSTop = jQuery.css( elem, "top" );
+		curCSSLeft = jQuery.css( elem, "left" );
+		calculatePosition = ( position === "absolute" || position === "fixed" ) &&
+			jQuery.inArray("auto", [ curCSSTop, curCSSLeft ] ) > -1;
+
+		// need to be able to calculate position if either top or left is auto and position is either absolute or fixed
+		if ( calculatePosition ) {
+			curPosition = curElem.position();
+			curTop = curPosition.top;
+			curLeft = curPosition.left;
+		} else {
+			curTop = parseFloat( curCSSTop ) || 0;
+			curLeft = parseFloat( curCSSLeft ) || 0;
+		}
+
+		if ( jQuery.isFunction( options ) ) {
+			options = options.call( elem, i, curOffset );
+		}
+
+		if ( options.top != null ) {
+			props.top = ( options.top - curOffset.top ) + curTop;
+		}
+		if ( options.left != null ) {
+			props.left = ( options.left - curOffset.left ) + curLeft;
+		}
+
+		if ( "using" in options ) {
+			options.using.call( elem, props );
+		} else {
+			curElem.css( props );
+		}
+	}
+};
+
+jQuery.fn.extend({
+	offset: function( options ) {
+		if ( arguments.length ) {
+			return options === undefined ?
+				this :
+				this.each(function( i ) {
+					jQuery.offset.setOffset( this, options, i );
+				});
+		}
+
+		var docElem, win,
+			box = { top: 0, left: 0 },
+			elem = this[ 0 ],
+			doc = elem && elem.ownerDocument;
+
+		if ( !doc ) {
+			return;
+		}
+
+		docElem = doc.documentElement;
+
+		// Make sure it's not a disconnected DOM node
+		if ( !jQuery.contains( docElem, elem ) ) {
+			return box;
+		}
+
+		// If we don't have gBCR, just use 0,0 rather than error
+		// BlackBerry 5, iOS 3 (original iPhone)
+		if ( typeof elem.getBoundingClientRect !== strundefined ) {
+			box = elem.getBoundingClientRect();
+		}
+		win = getWindow( doc );
+		return {
+			top: box.top  + ( win.pageYOffset || docElem.scrollTop )  - ( docElem.clientTop  || 0 ),
+			left: box.left + ( win.pageXOffset || docElem.scrollLeft ) - ( docElem.clientLeft || 0 )
+		};
+	},
+
+	position: function() {
+		if ( !this[ 0 ] ) {
+			return;
+		}
+
+		var offsetParent, offset,
+			parentOffset = { top: 0, left: 0 },
+			elem = this[ 0 ];
+
+		// fixed elements are offset from window (parentOffset = {top:0, left: 0}, because it is its only offset parent
+		if ( jQuery.css( elem, "position" ) === "fixed" ) {
+			// we assume that getBoundingClientRect is available when computed position is fixed
+			offset = elem.getBoundingClientRect();
+		} else {
+			// Get *real* offsetParent
+			offsetParent = this.offsetParent();
+
+			// Get correct offsets
+			offset = this.offset();
+			if ( !jQuery.nodeName( offsetParent[ 0 ], "html" ) ) {
+				parentOffset = offsetParent.offset();
+			}
+
+			// Add offsetParent borders
+			parentOffset.top  += jQuery.css( offsetParent[ 0 ], "borderTopWidth", true );
+			parentOffset.left += jQuery.css( offsetParent[ 0 ], "borderLeftWidth", true );
+		}
+
+		// Subtract parent offsets and element margins
+		// note: when an element has margin: auto the offsetLeft and marginLeft
+		// are the same in Safari causing offset.left to incorrectly be 0
+		return {
+			top:  offset.top  - parentOffset.top - jQuery.css( elem, "marginTop", true ),
+			left: offset.left - parentOffset.left - jQuery.css( elem, "marginLeft", true)
+		};
+	},
+
+	offsetParent: function() {
+		return this.map(function() {
+			var offsetParent = this.offsetParent || docElem;
+
+			while ( offsetParent && ( !jQuery.nodeName( offsetParent, "html" ) && jQuery.css( offsetParent, "position" ) === "static" ) ) {
+				offsetParent = offsetParent.offsetParent;
+			}
+			return offsetParent || docElem;
+		});
+	}
+});
+
+// Create scrollLeft and scrollTop methods
+jQuery.each( { scrollLeft: "pageXOffset", scrollTop: "pageYOffset" }, function( method, prop ) {
+	var top = /Y/.test( prop );
+
+	jQuery.fn[ method ] = function( val ) {
+		return access( this, function( elem, method, val ) {
+			var win = getWindow( elem );
+
+			if ( val === undefined ) {
+				return win ? (prop in win) ? win[ prop ] :
+					win.document.documentElement[ method ] :
+					elem[ method ];
+			}
+
+			if ( win ) {
+				win.scrollTo(
+					!top ? val : jQuery( win ).scrollLeft(),
+					top ? val : jQuery( win ).scrollTop()
+				);
+
+			} else {
+				elem[ method ] = val;
+			}
+		}, method, val, arguments.length, null );
+	};
+});
+
+// Add the top/left cssHooks using jQuery.fn.position
+// Webkit bug: https://bugs.webkit.org/show_bug.cgi?id=29084
+// getComputedStyle returns percent when specified for top/left/bottom/right
+// rather than make the css module depend on the offset module, we just check for it here
+jQuery.each( [ "top", "left" ], function( i, prop ) {
+	jQuery.cssHooks[ prop ] = addGetHookIf( support.pixelPosition,
+		function( elem, computed ) {
+			if ( computed ) {
+				computed = curCSS( elem, prop );
+				// if curCSS returns percentage, fallback to offset
+				return rnumnonpx.test( computed ) ?
+					jQuery( elem ).position()[ prop ] + "px" :
+					computed;
+			}
+		}
+	);
+});
+
+
+// Create innerHeight, innerWidth, height, width, outerHeight and outerWidth methods
+jQuery.each( { Height: "height", Width: "width" }, function( name, type ) {
+	jQuery.each( { padding: "inner" + name, content: type, "": "outer" + name }, function( defaultExtra, funcName ) {
+		// margin is only for outerHeight, outerWidth
+		jQuery.fn[ funcName ] = function( margin, value ) {
+			var chainable = arguments.length && ( defaultExtra || typeof margin !== "boolean" ),
+				extra = defaultExtra || ( margin === true || value === true ? "margin" : "border" );
+
+			return access( this, function( elem, type, value ) {
+				var doc;
+
+				if ( jQuery.isWindow( elem ) ) {
+					// As of 5/8/2012 this will yield incorrect results for Mobile Safari, but there
+					// isn't a whole lot we can do. See pull request at this URL for discussion:
+					// https://github.com/jquery/jquery/pull/764
+					return elem.document.documentElement[ "client" + name ];
+				}
+
+				// Get document width or height
+				if ( elem.nodeType === 9 ) {
+					doc = elem.documentElement;
+
+					// Either scroll[Width/Height] or offset[Width/Height] or client[Width/Height], whichever is greatest
+					// unfortunately, this causes bug #3838 in IE6/8 only, but there is currently no good, small way to fix it.
+					return Math.max(
+						elem.body[ "scroll" + name ], doc[ "scroll" + name ],
+						elem.body[ "offset" + name ], doc[ "offset" + name ],
+						doc[ "client" + name ]
+					);
+				}
+
+				return value === undefined ?
+					// Get width or height on the element, requesting but not forcing parseFloat
+					jQuery.css( elem, type, extra ) :
+
+					// Set width or height on the element
+					jQuery.style( elem, type, value, extra );
+			}, type, chainable ? margin : undefined, chainable, null );
+		};
+	});
+});
+
+
+// The number of elements contained in the matched element set
+jQuery.fn.size = function() {
+	return this.length;
+};
+
+jQuery.fn.andSelf = jQuery.fn.addBack;
+
+
+
+
+// Register as a named AMD module, since jQuery can be concatenated with other
+// files that may use define, but not via a proper concatenation script that
+// understands anonymous AMD modules. A named AMD is safest and most robust
+// way to register. Lowercase jquery is used because AMD module names are
+// derived from file names, and jQuery is normally delivered in a lowercase
+// file name. Do this after creating the global so that if an AMD module wants
+// to call noConflict to hide this version of jQuery, it will work.
+
+// Note that for maximum portability, libraries that are not jQuery should
+// declare themselves as anonymous modules, and avoid setting a global if an
+// AMD loader is present. jQuery is a special case. For more information, see
+// https://github.com/jrburke/requirejs/wiki/Updating-existing-libraries#wiki-anon
+
+if ( typeof define === "function" && define.amd ) {
+	define( "jquery", [], function() {
+		return jQuery;
+	});
+}
+
+
+
+
+var
+	// Map over jQuery in case of overwrite
+	_jQuery = window.jQuery,
+
+	// Map over the $ in case of overwrite
+	_$ = window.$;
+
+jQuery.noConflict = function( deep ) {
+	if ( window.$ === jQuery ) {
+		window.$ = _$;
+	}
+
+	if ( deep && window.jQuery === jQuery ) {
+		window.jQuery = _jQuery;
+	}
+
+	return jQuery;
+};
+
+// Expose jQuery and $ identifiers, even in
+// AMD (#7102#comment:10, https://github.com/jquery/jquery/pull/557)
+// and CommonJS for browser emulators (#13566)
+if ( typeof noGlobal === strundefined ) {
+	window.jQuery = window.$ = jQuery;
+}
+
+
+
+
+return jQuery;
+
+}));
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/lib/moment-with-locales.js b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/moment-with-locales.js
new file mode 100644
index 000000000..de17ffe2d
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/moment-with-locales.js
@@ -0,0 +1,9737 @@
+(function (global, factory) {
+    typeof exports === 'object' && typeof module !== 'undefined' ? module.exports = factory() :
+    typeof define === 'function' && define.amd ? define(factory) :
+    global.moment = factory()
+}(this, function () { 'use strict';
+
+    var hookCallback;
+
+    function utils_hooks__hooks () {
+        return hookCallback.apply(null, arguments);
+    }
+
+    // This is done to register the method called with moment()
+    // without creating circular dependencies.
+    function setHookCallback (callback) {
+        hookCallback = callback;
+    }
+
+    function isArray(input) {
+        return Object.prototype.toString.call(input) === '[object Array]';
+    }
+
+    function isDate(input) {
+        return input instanceof Date || Object.prototype.toString.call(input) === '[object Date]';
+    }
+
+    function map(arr, fn) {
+        var res = [], i;
+        for (i = 0; i < arr.length; ++i) {
+            res.push(fn(arr[i], i));
+        }
+        return res;
+    }
+
+    function hasOwnProp(a, b) {
+        return Object.prototype.hasOwnProperty.call(a, b);
+    }
+
+    function extend(a, b) {
+        for (var i in b) {
+            if (hasOwnProp(b, i)) {
+                a[i] = b[i];
+            }
+        }
+
+        if (hasOwnProp(b, 'toString')) {
+            a.toString = b.toString;
+        }
+
+        if (hasOwnProp(b, 'valueOf')) {
+            a.valueOf = b.valueOf;
+        }
+
+        return a;
+    }
+
+    function create_utc__createUTC (input, format, locale, strict) {
+        return createLocalOrUTC(input, format, locale, strict, true).utc();
+    }
+
+    function defaultParsingFlags() {
+        // We need to deep clone this object.
+        return {
+            empty           : false,
+            unusedTokens    : [],
+            unusedInput     : [],
+            overflow        : -2,
+            charsLeftOver   : 0,
+            nullInput       : false,
+            invalidMonth    : null,
+            invalidFormat   : false,
+            userInvalidated : false,
+            iso             : false
+        };
+    }
+
+    function getParsingFlags(m) {
+        if (m._pf == null) {
+            m._pf = defaultParsingFlags();
+        }
+        return m._pf;
+    }
+
+    function valid__isValid(m) {
+        if (m._isValid == null) {
+            var flags = getParsingFlags(m);
+            m._isValid = !isNaN(m._d.getTime()) &&
+                flags.overflow < 0 &&
+                !flags.empty &&
+                !flags.invalidMonth &&
+                !flags.nullInput &&
+                !flags.invalidFormat &&
+                !flags.userInvalidated;
+
+            if (m._strict) {
+                m._isValid = m._isValid &&
+                    flags.charsLeftOver === 0 &&
+                    flags.unusedTokens.length === 0 &&
+                    flags.bigHour === undefined;
+            }
+        }
+        return m._isValid;
+    }
+
+    function valid__createInvalid (flags) {
+        var m = create_utc__createUTC(NaN);
+        if (flags != null) {
+            extend(getParsingFlags(m), flags);
+        }
+        else {
+            getParsingFlags(m).userInvalidated = true;
+        }
+
+        return m;
+    }
+
+    var momentProperties = utils_hooks__hooks.momentProperties = [];
+
+    function copyConfig(to, from) {
+        var i, prop, val;
+
+        if (typeof from._isAMomentObject !== 'undefined') {
+            to._isAMomentObject = from._isAMomentObject;
+        }
+        if (typeof from._i !== 'undefined') {
+            to._i = from._i;
+        }
+        if (typeof from._f !== 'undefined') {
+            to._f = from._f;
+        }
+        if (typeof from._l !== 'undefined') {
+            to._l = from._l;
+        }
+        if (typeof from._strict !== 'undefined') {
+            to._strict = from._strict;
+        }
+        if (typeof from._tzm !== 'undefined') {
+            to._tzm = from._tzm;
+        }
+        if (typeof from._isUTC !== 'undefined') {
+            to._isUTC = from._isUTC;
+        }
+        if (typeof from._offset !== 'undefined') {
+            to._offset = from._offset;
+        }
+        if (typeof from._pf !== 'undefined') {
+            to._pf = getParsingFlags(from);
+        }
+        if (typeof from._locale !== 'undefined') {
+            to._locale = from._locale;
+        }
+
+        if (momentProperties.length > 0) {
+            for (i in momentProperties) {
+                prop = momentProperties[i];
+                val = from[prop];
+                if (typeof val !== 'undefined') {
+                    to[prop] = val;
+                }
+            }
+        }
+
+        return to;
+    }
+
+    var updateInProgress = false;
+
+    // Moment prototype object
+    function Moment(config) {
+        copyConfig(this, config);
+        this._d = new Date(+config._d);
+        // Prevent infinite loop in case updateOffset creates new moment
+        // objects.
+        if (updateInProgress === false) {
+            updateInProgress = true;
+            utils_hooks__hooks.updateOffset(this);
+            updateInProgress = false;
+        }
+    }
+
+    function isMoment (obj) {
+        return obj instanceof Moment || (obj != null && obj._isAMomentObject != null);
+    }
+
+    function toInt(argumentForCoercion) {
+        var coercedNumber = +argumentForCoercion,
+            value = 0;
+
+        if (coercedNumber !== 0 && isFinite(coercedNumber)) {
+            if (coercedNumber >= 0) {
+                value = Math.floor(coercedNumber);
+            } else {
+                value = Math.ceil(coercedNumber);
+            }
+        }
+
+        return value;
+    }
+
+    function compareArrays(array1, array2, dontConvert) {
+        var len = Math.min(array1.length, array2.length),
+            lengthDiff = Math.abs(array1.length - array2.length),
+            diffs = 0,
+            i;
+        for (i = 0; i < len; i++) {
+            if ((dontConvert && array1[i] !== array2[i]) ||
+                (!dontConvert && toInt(array1[i]) !== toInt(array2[i]))) {
+                diffs++;
+            }
+        }
+        return diffs + lengthDiff;
+    }
+
+    function Locale() {
+    }
+
+    var locales = {};
+    var globalLocale;
+
+    function normalizeLocale(key) {
+        return key ? key.toLowerCase().replace('_', '-') : key;
+    }
+
+    // pick the locale from the array
+    // try ['en-au', 'en-gb'] as 'en-au', 'en-gb', 'en', as in move through the list trying each
+    // substring from most specific to least, but move to the next array item if it's a more specific variant than the current root
+    function chooseLocale(names) {
+        var i = 0, j, next, locale, split;
+
+        while (i < names.length) {
+            split = normalizeLocale(names[i]).split('-');
+            j = split.length;
+            next = normalizeLocale(names[i + 1]);
+            next = next ? next.split('-') : null;
+            while (j > 0) {
+                locale = loadLocale(split.slice(0, j).join('-'));
+                if (locale) {
+                    return locale;
+                }
+                if (next && next.length >= j && compareArrays(split, next, true) >= j - 1) {
+                    //the next array item is better than a shallower substring of this one
+                    break;
+                }
+                j--;
+            }
+            i++;
+        }
+        return null;
+    }
+
+    function loadLocale(name) {
+        var oldLocale = null;
+        // TODO: Find a better way to register and load all the locales in Node
+        if (!locales[name] && typeof module !== 'undefined' &&
+                module && module.exports) {
+            try {
+                oldLocale = globalLocale._abbr;
+                require('./locale/' + name);
+                // because defineLocale currently also sets the global locale, we
+                // want to undo that for lazy loaded locales
+                locale_locales__getSetGlobalLocale(oldLocale);
+            } catch (e) { }
+        }
+        return locales[name];
+    }
+
+    // This function will load locale and then set the global locale.  If
+    // no arguments are passed in, it will simply return the current global
+    // locale key.
+    function locale_locales__getSetGlobalLocale (key, values) {
+        var data;
+        if (key) {
+            if (typeof values === 'undefined') {
+                data = locale_locales__getLocale(key);
+            }
+            else {
+                data = defineLocale(key, values);
+            }
+
+            if (data) {
+                // moment.duration._locale = moment._locale = data;
+                globalLocale = data;
+            }
+        }
+
+        return globalLocale._abbr;
+    }
+
+    function defineLocale (name, values) {
+        if (values !== null) {
+            values.abbr = name;
+            if (!locales[name]) {
+                locales[name] = new Locale();
+            }
+            locales[name].set(values);
+
+            // backwards compat for now: also set the locale
+            locale_locales__getSetGlobalLocale(name);
+
+            return locales[name];
+        } else {
+            // useful for testing
+            delete locales[name];
+            return null;
+        }
+    }
+
+    // returns locale data
+    function locale_locales__getLocale (key) {
+        var locale;
+
+        if (key && key._locale && key._locale._abbr) {
+            key = key._locale._abbr;
+        }
+
+        if (!key) {
+            return globalLocale;
+        }
+
+        if (!isArray(key)) {
+            //short-circuit everything else
+            locale = loadLocale(key);
+            if (locale) {
+                return locale;
+            }
+            key = [key];
+        }
+
+        return chooseLocale(key);
+    }
+
+    var aliases = {};
+
+    function addUnitAlias (unit, shorthand) {
+        var lowerCase = unit.toLowerCase();
+        aliases[lowerCase] = aliases[lowerCase + 's'] = aliases[shorthand] = unit;
+    }
+
+    function normalizeUnits(units) {
+        return typeof units === 'string' ? aliases[units] || aliases[units.toLowerCase()] : undefined;
+    }
+
+    function normalizeObjectUnits(inputObject) {
+        var normalizedInput = {},
+            normalizedProp,
+            prop;
+
+        for (prop in inputObject) {
+            if (hasOwnProp(inputObject, prop)) {
+                normalizedProp = normalizeUnits(prop);
+                if (normalizedProp) {
+                    normalizedInput[normalizedProp] = inputObject[prop];
+                }
+            }
+        }
+
+        return normalizedInput;
+    }
+
+    function makeGetSet (unit, keepTime) {
+        return function (value) {
+            if (value != null) {
+                get_set__set(this, unit, value);
+                utils_hooks__hooks.updateOffset(this, keepTime);
+                return this;
+            } else {
+                return get_set__get(this, unit);
+            }
+        };
+    }
+
+    function get_set__get (mom, unit) {
+        return mom._d['get' + (mom._isUTC ? 'UTC' : '') + unit]();
+    }
+
+    function get_set__set (mom, unit, value) {
+        return mom._d['set' + (mom._isUTC ? 'UTC' : '') + unit](value);
+    }
+
+    // MOMENTS
+
+    function getSet (units, value) {
+        var unit;
+        if (typeof units === 'object') {
+            for (unit in units) {
+                this.set(unit, units[unit]);
+            }
+        } else {
+            units = normalizeUnits(units);
+            if (typeof this[units] === 'function') {
+                return this[units](value);
+            }
+        }
+        return this;
+    }
+
+    function zeroFill(number, targetLength, forceSign) {
+        var output = '' + Math.abs(number),
+            sign = number >= 0;
+
+        while (output.length < targetLength) {
+            output = '0' + output;
+        }
+        return (sign ? (forceSign ? '+' : '') : '-') + output;
+    }
+
+    var formattingTokens = /(\[[^\[]*\])|(\\)?(Mo|MM?M?M?|Do|DDDo|DD?D?D?|ddd?d?|do?|w[o|w]?|W[o|W]?|Q|YYYYYY|YYYYY|YYYY|YY|gg(ggg?)?|GG(GGG?)?|e|E|a|A|hh?|HH?|mm?|ss?|S{1,4}|x|X|zz?|ZZ?|.)/g;
+
+    var localFormattingTokens = /(\[[^\[]*\])|(\\)?(LTS|LT|LL?L?L?|l{1,4})/g;
+
+    var formatFunctions = {};
+
+    var formatTokenFunctions = {};
+
+    // token:    'M'
+    // padded:   ['MM', 2]
+    // ordinal:  'Mo'
+    // callback: function () { this.month() + 1 }
+    function addFormatToken (token, padded, ordinal, callback) {
+        var func = callback;
+        if (typeof callback === 'string') {
+            func = function () {
+                return this[callback]();
+            };
+        }
+        if (token) {
+            formatTokenFunctions[token] = func;
+        }
+        if (padded) {
+            formatTokenFunctions[padded[0]] = function () {
+                return zeroFill(func.apply(this, arguments), padded[1], padded[2]);
+            };
+        }
+        if (ordinal) {
+            formatTokenFunctions[ordinal] = function () {
+                return this.localeData().ordinal(func.apply(this, arguments), token);
+            };
+        }
+    }
+
+    function removeFormattingTokens(input) {
+        if (input.match(/\[[\s\S]/)) {
+            return input.replace(/^\[|\]$/g, '');
+        }
+        return input.replace(/\\/g, '');
+    }
+
+    function makeFormatFunction(format) {
+        var array = format.match(formattingTokens), i, length;
+
+        for (i = 0, length = array.length; i < length; i++) {
+            if (formatTokenFunctions[array[i]]) {
+                array[i] = formatTokenFunctions[array[i]];
+            } else {
+                array[i] = removeFormattingTokens(array[i]);
+            }
+        }
+
+        return function (mom) {
+            var output = '';
+            for (i = 0; i < length; i++) {
+                output += array[i] instanceof Function ? array[i].call(mom, format) : array[i];
+            }
+            return output;
+        };
+    }
+
+    // format date using native date object
+    function formatMoment(m, format) {
+        if (!m.isValid()) {
+            return m.localeData().invalidDate();
+        }
+
+        format = expandFormat(format, m.localeData());
+
+        if (!formatFunctions[format]) {
+            formatFunctions[format] = makeFormatFunction(format);
+        }
+
+        return formatFunctions[format](m);
+    }
+
+    function expandFormat(format, locale) {
+        var i = 5;
+
+        function replaceLongDateFormatTokens(input) {
+            return locale.longDateFormat(input) || input;
+        }
+
+        localFormattingTokens.lastIndex = 0;
+        while (i >= 0 && localFormattingTokens.test(format)) {
+            format = format.replace(localFormattingTokens, replaceLongDateFormatTokens);
+            localFormattingTokens.lastIndex = 0;
+            i -= 1;
+        }
+
+        return format;
+    }
+
+    var match1         = /\d/;            //       0 - 9
+    var match2         = /\d\d/;          //      00 - 99
+    var match3         = /\d{3}/;         //     000 - 999
+    var match4         = /\d{4}/;         //    0000 - 9999
+    var match6         = /[+-]?\d{6}/;    // -999999 - 999999
+    var match1to2      = /\d\d?/;         //       0 - 99
+    var match1to3      = /\d{1,3}/;       //       0 - 999
+    var match1to4      = /\d{1,4}/;       //       0 - 9999
+    var match1to6      = /[+-]?\d{1,6}/;  // -999999 - 999999
+
+    var matchUnsigned  = /\d+/;           //       0 - inf
+    var matchSigned    = /[+-]?\d+/;      //    -inf - inf
+
+    var matchOffset    = /Z|[+-]\d\d:?\d\d/gi; // +00:00 -00:00 +0000 -0000 or Z
+
+    var matchTimestamp = /[+-]?\d+(\.\d{1,3})?/; // 123456789 123456789.123
+
+    // any word (or two) characters or numbers including two/three word month in arabic.
+    var matchWord = /[0-9]*['a-z\u00A0-\u05FF\u0700-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+|[\u0600-\u06FF\/]+(\s*?[\u0600-\u06FF]+){1,2}/i;
+
+    var regexes = {};
+
+    function addRegexToken (token, regex, strictRegex) {
+        regexes[token] = typeof regex === 'function' ? regex : function (isStrict) {
+            return (isStrict && strictRegex) ? strictRegex : regex;
+        };
+    }
+
+    function getParseRegexForToken (token, config) {
+        if (!hasOwnProp(regexes, token)) {
+            return new RegExp(unescapeFormat(token));
+        }
+
+        return regexes[token](config._strict, config._locale);
+    }
+
+    // Code from http://stackoverflow.com/questions/3561493/is-there-a-regexp-escape-function-in-javascript
+    function unescapeFormat(s) {
+        return s.replace('\\', '').replace(/\\(\[)|\\(\])|\[([^\]\[]*)\]|\\(.)/g, function (matched, p1, p2, p3, p4) {
+            return p1 || p2 || p3 || p4;
+        }).replace(/[-\/\\^$*+?.()|[\]{}]/g, '\\$&');
+    }
+
+    var tokens = {};
+
+    function addParseToken (token, callback) {
+        var i, func = callback;
+        if (typeof token === 'string') {
+            token = [token];
+        }
+        if (typeof callback === 'number') {
+            func = function (input, array) {
+                array[callback] = toInt(input);
+            };
+        }
+        for (i = 0; i < token.length; i++) {
+            tokens[token[i]] = func;
+        }
+    }
+
+    function addWeekParseToken (token, callback) {
+        addParseToken(token, function (input, array, config, token) {
+            config._w = config._w || {};
+            callback(input, config._w, config, token);
+        });
+    }
+
+    function addTimeToArrayFromToken(token, input, config) {
+        if (input != null && hasOwnProp(tokens, token)) {
+            tokens[token](input, config._a, config, token);
+        }
+    }
+
+    var YEAR = 0;
+    var MONTH = 1;
+    var DATE = 2;
+    var HOUR = 3;
+    var MINUTE = 4;
+    var SECOND = 5;
+    var MILLISECOND = 6;
+
+    function daysInMonth(year, month) {
+        return new Date(Date.UTC(year, month + 1, 0)).getUTCDate();
+    }
+
+    // FORMATTING
+
+    addFormatToken('M', ['MM', 2], 'Mo', function () {
+        return this.month() + 1;
+    });
+
+    addFormatToken('MMM', 0, 0, function (format) {
+        return this.localeData().monthsShort(this, format);
+    });
+
+    addFormatToken('MMMM', 0, 0, function (format) {
+        return this.localeData().months(this, format);
+    });
+
+    // ALIASES
+
+    addUnitAlias('month', 'M');
+
+    // PARSING
+
+    addRegexToken('M',    match1to2);
+    addRegexToken('MM',   match1to2, match2);
+    addRegexToken('MMM',  matchWord);
+    addRegexToken('MMMM', matchWord);
+
+    addParseToken(['M', 'MM'], function (input, array) {
+        array[MONTH] = toInt(input) - 1;
+    });
+
+    addParseToken(['MMM', 'MMMM'], function (input, array, config, token) {
+        var month = config._locale.monthsParse(input, token, config._strict);
+        // if we didn't find a month name, mark the date as invalid.
+        if (month != null) {
+            array[MONTH] = month;
+        } else {
+            getParsingFlags(config).invalidMonth = input;
+        }
+    });
+
+    // LOCALES
+
+    var defaultLocaleMonths = 'January_February_March_April_May_June_July_August_September_October_November_December'.split('_');
+    function localeMonths (m) {
+        return this._months[m.month()];
+    }
+
+    var defaultLocaleMonthsShort = 'Jan_Feb_Mar_Apr_May_Jun_Jul_Aug_Sep_Oct_Nov_Dec'.split('_');
+    function localeMonthsShort (m) {
+        return this._monthsShort[m.month()];
+    }
+
+    function localeMonthsParse (monthName, format, strict) {
+        var i, mom, regex;
+
+        if (!this._monthsParse) {
+            this._monthsParse = [];
+            this._longMonthsParse = [];
+            this._shortMonthsParse = [];
+        }
+
+        for (i = 0; i < 12; i++) {
+            // make the regex if we don't have it already
+            mom = create_utc__createUTC([2000, i]);
+            if (strict && !this._longMonthsParse[i]) {
+                this._longMonthsParse[i] = new RegExp('^' + this.months(mom, '').replace('.', '') + '$', 'i');
+                this._shortMonthsParse[i] = new RegExp('^' + this.monthsShort(mom, '').replace('.', '') + '$', 'i');
+            }
+            if (!strict && !this._monthsParse[i]) {
+                regex = '^' + this.months(mom, '') + '|^' + this.monthsShort(mom, '');
+                this._monthsParse[i] = new RegExp(regex.replace('.', ''), 'i');
+            }
+            // test the regex
+            if (strict && format === 'MMMM' && this._longMonthsParse[i].test(monthName)) {
+                return i;
+            } else if (strict && format === 'MMM' && this._shortMonthsParse[i].test(monthName)) {
+                return i;
+            } else if (!strict && this._monthsParse[i].test(monthName)) {
+                return i;
+            }
+        }
+    }
+
+    // MOMENTS
+
+    function setMonth (mom, value) {
+        var dayOfMonth;
+
+        // TODO: Move this out of here!
+        if (typeof value === 'string') {
+            value = mom.localeData().monthsParse(value);
+            // TODO: Another silent failure?
+            if (typeof value !== 'number') {
+                return mom;
+            }
+        }
+
+        dayOfMonth = Math.min(mom.date(), daysInMonth(mom.year(), value));
+        mom._d['set' + (mom._isUTC ? 'UTC' : '') + 'Month'](value, dayOfMonth);
+        return mom;
+    }
+
+    function getSetMonth (value) {
+        if (value != null) {
+            setMonth(this, value);
+            utils_hooks__hooks.updateOffset(this, true);
+            return this;
+        } else {
+            return get_set__get(this, 'Month');
+        }
+    }
+
+    function getDaysInMonth () {
+        return daysInMonth(this.year(), this.month());
+    }
+
+    function checkOverflow (m) {
+        var overflow;
+        var a = m._a;
+
+        if (a && getParsingFlags(m).overflow === -2) {
+            overflow =
+                a[MONTH]       < 0 || a[MONTH]       > 11  ? MONTH :
+                a[DATE]        < 1 || a[DATE]        > daysInMonth(a[YEAR], a[MONTH]) ? DATE :
+                a[HOUR]        < 0 || a[HOUR]        > 24 || (a[HOUR] === 24 && (a[MINUTE] !== 0 || a[SECOND] !== 0 || a[MILLISECOND] !== 0)) ? HOUR :
+                a[MINUTE]      < 0 || a[MINUTE]      > 59  ? MINUTE :
+                a[SECOND]      < 0 || a[SECOND]      > 59  ? SECOND :
+                a[MILLISECOND] < 0 || a[MILLISECOND] > 999 ? MILLISECOND :
+                -1;
+
+            if (getParsingFlags(m)._overflowDayOfYear && (overflow < YEAR || overflow > DATE)) {
+                overflow = DATE;
+            }
+
+            getParsingFlags(m).overflow = overflow;
+        }
+
+        return m;
+    }
+
+    function warn(msg) {
+        if (utils_hooks__hooks.suppressDeprecationWarnings === false && typeof console !== 'undefined' && console.warn) {
+            console.warn('Deprecation warning: ' + msg);
+        }
+    }
+
+    function deprecate(msg, fn) {
+        var firstTime = true,
+            msgWithStack = msg + '\n' + (new Error()).stack;
+
+        return extend(function () {
+            if (firstTime) {
+                warn(msgWithStack);
+                firstTime = false;
+            }
+            return fn.apply(this, arguments);
+        }, fn);
+    }
+
+    var deprecations = {};
+
+    function deprecateSimple(name, msg) {
+        if (!deprecations[name]) {
+            warn(msg);
+            deprecations[name] = true;
+        }
+    }
+
+    utils_hooks__hooks.suppressDeprecationWarnings = false;
+
+    var from_string__isoRegex = /^\s*(?:[+-]\d{6}|\d{4})-(?:(\d\d-\d\d)|(W\d\d$)|(W\d\d-\d)|(\d\d\d))((T| )(\d\d(:\d\d(:\d\d(\.\d+)?)?)?)?([\+\-]\d\d(?::?\d\d)?|\s*Z)?)?$/;
+
+    var isoDates = [
+        ['YYYYYY-MM-DD', /[+-]\d{6}-\d{2}-\d{2}/],
+        ['YYYY-MM-DD', /\d{4}-\d{2}-\d{2}/],
+        ['GGGG-[W]WW-E', /\d{4}-W\d{2}-\d/],
+        ['GGGG-[W]WW', /\d{4}-W\d{2}/],
+        ['YYYY-DDD', /\d{4}-\d{3}/]
+    ];
+
+    // iso time formats and regexes
+    var isoTimes = [
+        ['HH:mm:ss.SSSS', /(T| )\d\d:\d\d:\d\d\.\d+/],
+        ['HH:mm:ss', /(T| )\d\d:\d\d:\d\d/],
+        ['HH:mm', /(T| )\d\d:\d\d/],
+        ['HH', /(T| )\d\d/]
+    ];
+
+    var aspNetJsonRegex = /^\/?Date\((\-?\d+)/i;
+
+    // date from iso format
+    function configFromISO(config) {
+        var i, l,
+            string = config._i,
+            match = from_string__isoRegex.exec(string);
+
+        if (match) {
+            getParsingFlags(config).iso = true;
+            for (i = 0, l = isoDates.length; i < l; i++) {
+                if (isoDates[i][1].exec(string)) {
+                    // match[5] should be 'T' or undefined
+                    config._f = isoDates[i][0] + (match[6] || ' ');
+                    break;
+                }
+            }
+            for (i = 0, l = isoTimes.length; i < l; i++) {
+                if (isoTimes[i][1].exec(string)) {
+                    config._f += isoTimes[i][0];
+                    break;
+                }
+            }
+            if (string.match(matchOffset)) {
+                config._f += 'Z';
+            }
+            configFromStringAndFormat(config);
+        } else {
+            config._isValid = false;
+        }
+    }
+
+    // date from iso format or fallback
+    function configFromString(config) {
+        var matched = aspNetJsonRegex.exec(config._i);
+
+        if (matched !== null) {
+            config._d = new Date(+matched[1]);
+            return;
+        }
+
+        configFromISO(config);
+        if (config._isValid === false) {
+            delete config._isValid;
+            utils_hooks__hooks.createFromInputFallback(config);
+        }
+    }
+
+    utils_hooks__hooks.createFromInputFallback = deprecate(
+        'moment construction falls back to js Date. This is ' +
+        'discouraged and will be removed in upcoming major ' +
+        'release. Please refer to ' +
+        'https://github.com/moment/moment/issues/1407 for more info.',
+        function (config) {
+            config._d = new Date(config._i + (config._useUTC ? ' UTC' : ''));
+        }
+    );
+
+    function createDate (y, m, d, h, M, s, ms) {
+        //can't just apply() to create a date:
+        //http://stackoverflow.com/questions/181348/instantiating-a-javascript-object-by-calling-prototype-constructor-apply
+        var date = new Date(y, m, d, h, M, s, ms);
+
+        //the date constructor doesn't accept years < 1970
+        if (y < 1970) {
+            date.setFullYear(y);
+        }
+        return date;
+    }
+
+    function createUTCDate (y) {
+        var date = new Date(Date.UTC.apply(null, arguments));
+        if (y < 1970) {
+            date.setUTCFullYear(y);
+        }
+        return date;
+    }
+
+    addFormatToken(0, ['YY', 2], 0, function () {
+        return this.year() % 100;
+    });
+
+    addFormatToken(0, ['YYYY',   4],       0, 'year');
+    addFormatToken(0, ['YYYYY',  5],       0, 'year');
+    addFormatToken(0, ['YYYYYY', 6, true], 0, 'year');
+
+    // ALIASES
+
+    addUnitAlias('year', 'y');
+
+    // PARSING
+
+    addRegexToken('Y',      matchSigned);
+    addRegexToken('YY',     match1to2, match2);
+    addRegexToken('YYYY',   match1to4, match4);
+    addRegexToken('YYYYY',  match1to6, match6);
+    addRegexToken('YYYYYY', match1to6, match6);
+
+    addParseToken(['YYYY', 'YYYYY', 'YYYYYY'], YEAR);
+    addParseToken('YY', function (input, array) {
+        array[YEAR] = utils_hooks__hooks.parseTwoDigitYear(input);
+    });
+
+    // HELPERS
+
+    function daysInYear(year) {
+        return isLeapYear(year) ? 366 : 365;
+    }
+
+    function isLeapYear(year) {
+        return (year % 4 === 0 && year % 100 !== 0) || year % 400 === 0;
+    }
+
+    // HOOKS
+
+    utils_hooks__hooks.parseTwoDigitYear = function (input) {
+        return toInt(input) + (toInt(input) > 68 ? 1900 : 2000);
+    };
+
+    // MOMENTS
+
+    var getSetYear = makeGetSet('FullYear', false);
+
+    function getIsLeapYear () {
+        return isLeapYear(this.year());
+    }
+
+    addFormatToken('w', ['ww', 2], 'wo', 'week');
+    addFormatToken('W', ['WW', 2], 'Wo', 'isoWeek');
+
+    // ALIASES
+
+    addUnitAlias('week', 'w');
+    addUnitAlias('isoWeek', 'W');
+
+    // PARSING
+
+    addRegexToken('w',  match1to2);
+    addRegexToken('ww', match1to2, match2);
+    addRegexToken('W',  match1to2);
+    addRegexToken('WW', match1to2, match2);
+
+    addWeekParseToken(['w', 'ww', 'W', 'WW'], function (input, week, config, token) {
+        week[token.substr(0, 1)] = toInt(input);
+    });
+
+    // HELPERS
+
+    // firstDayOfWeek       0 = sun, 6 = sat
+    //                      the day of the week that starts the week
+    //                      (usually sunday or monday)
+    // firstDayOfWeekOfYear 0 = sun, 6 = sat
+    //                      the first week is the week that contains the first
+    //                      of this day of the week
+    //                      (eg. ISO weeks use thursday (4))
+    function weekOfYear(mom, firstDayOfWeek, firstDayOfWeekOfYear) {
+        var end = firstDayOfWeekOfYear - firstDayOfWeek,
+            daysToDayOfWeek = firstDayOfWeekOfYear - mom.day(),
+            adjustedMoment;
+
+
+        if (daysToDayOfWeek > end) {
+            daysToDayOfWeek -= 7;
+        }
+
+        if (daysToDayOfWeek < end - 7) {
+            daysToDayOfWeek += 7;
+        }
+
+        adjustedMoment = local__createLocal(mom).add(daysToDayOfWeek, 'd');
+        return {
+            week: Math.ceil(adjustedMoment.dayOfYear() / 7),
+            year: adjustedMoment.year()
+        };
+    }
+
+    // LOCALES
+
+    function localeWeek (mom) {
+        return weekOfYear(mom, this._week.dow, this._week.doy).week;
+    }
+
+    var defaultLocaleWeek = {
+        dow : 0, // Sunday is the first day of the week.
+        doy : 6  // The week that contains Jan 1st is the first week of the year.
+    };
+
+    function localeFirstDayOfWeek () {
+        return this._week.dow;
+    }
+
+    function localeFirstDayOfYear () {
+        return this._week.doy;
+    }
+
+    // MOMENTS
+
+    function getSetWeek (input) {
+        var week = this.localeData().week(this);
+        return input == null ? week : this.add((input - week) * 7, 'd');
+    }
+
+    function getSetISOWeek (input) {
+        var week = weekOfYear(this, 1, 4).week;
+        return input == null ? week : this.add((input - week) * 7, 'd');
+    }
+
+    addFormatToken('DDD', ['DDDD', 3], 'DDDo', 'dayOfYear');
+
+    // ALIASES
+
+    addUnitAlias('dayOfYear', 'DDD');
+
+    // PARSING
+
+    addRegexToken('DDD',  match1to3);
+    addRegexToken('DDDD', match3);
+    addParseToken(['DDD', 'DDDD'], function (input, array, config) {
+        config._dayOfYear = toInt(input);
+    });
+
+    // HELPERS
+
+    //http://en.wikipedia.org/wiki/ISO_week_date#Calculating_a_date_given_the_year.2C_week_number_and_weekday
+    function dayOfYearFromWeeks(year, week, weekday, firstDayOfWeekOfYear, firstDayOfWeek) {
+        var d = createUTCDate(year, 0, 1).getUTCDay();
+        var daysToAdd;
+        var dayOfYear;
+
+        d = d === 0 ? 7 : d;
+        weekday = weekday != null ? weekday : firstDayOfWeek;
+        daysToAdd = firstDayOfWeek - d + (d > firstDayOfWeekOfYear ? 7 : 0) - (d < firstDayOfWeek ? 7 : 0);
+        dayOfYear = 7 * (week - 1) + (weekday - firstDayOfWeek) + daysToAdd + 1;
+
+        return {
+            year      : dayOfYear > 0 ? year      : year - 1,
+            dayOfYear : dayOfYear > 0 ? dayOfYear : daysInYear(year - 1) + dayOfYear
+        };
+    }
+
+    // MOMENTS
+
+    function getSetDayOfYear (input) {
+        var dayOfYear = Math.round((this.clone().startOf('day') - this.clone().startOf('year')) / 864e5) + 1;
+        return input == null ? dayOfYear : this.add((input - dayOfYear), 'd');
+    }
+
+    // Pick the first defined of two or three arguments.
+    function defaults(a, b, c) {
+        if (a != null) {
+            return a;
+        }
+        if (b != null) {
+            return b;
+        }
+        return c;
+    }
+
+    function currentDateArray(config) {
+        var now = new Date();
+        if (config._useUTC) {
+            return [now.getUTCFullYear(), now.getUTCMonth(), now.getUTCDate()];
+        }
+        return [now.getFullYear(), now.getMonth(), now.getDate()];
+    }
+
+    // convert an array to a date.
+    // the array should mirror the parameters below
+    // note: all values past the year are optional and will default to the lowest possible value.
+    // [year, month, day , hour, minute, second, millisecond]
+    function configFromArray (config) {
+        var i, date, input = [], currentDate, yearToUse;
+
+        if (config._d) {
+            return;
+        }
+
+        currentDate = currentDateArray(config);
+
+        //compute day of the year from weeks and weekdays
+        if (config._w && config._a[DATE] == null && config._a[MONTH] == null) {
+            dayOfYearFromWeekInfo(config);
+        }
+
+        //if the day of the year is set, figure out what it is
+        if (config._dayOfYear) {
+            yearToUse = defaults(config._a[YEAR], currentDate[YEAR]);
+
+            if (config._dayOfYear > daysInYear(yearToUse)) {
+                getParsingFlags(config)._overflowDayOfYear = true;
+            }
+
+            date = createUTCDate(yearToUse, 0, config._dayOfYear);
+            config._a[MONTH] = date.getUTCMonth();
+            config._a[DATE] = date.getUTCDate();
+        }
+
+        // Default to current date.
+        // * if no year, month, day of month are given, default to today
+        // * if day of month is given, default month and year
+        // * if month is given, default only year
+        // * if year is given, don't default anything
+        for (i = 0; i < 3 && config._a[i] == null; ++i) {
+            config._a[i] = input[i] = currentDate[i];
+        }
+
+        // Zero out whatever was not defaulted, including time
+        for (; i < 7; i++) {
+            config._a[i] = input[i] = (config._a[i] == null) ? (i === 2 ? 1 : 0) : config._a[i];
+        }
+
+        // Check for 24:00:00.000
+        if (config._a[HOUR] === 24 &&
+                config._a[MINUTE] === 0 &&
+                config._a[SECOND] === 0 &&
+                config._a[MILLISECOND] === 0) {
+            config._nextDay = true;
+            config._a[HOUR] = 0;
+        }
+
+        config._d = (config._useUTC ? createUTCDate : createDate).apply(null, input);
+        // Apply timezone offset from input. The actual utcOffset can be changed
+        // with parseZone.
+        if (config._tzm != null) {
+            config._d.setUTCMinutes(config._d.getUTCMinutes() - config._tzm);
+        }
+
+        if (config._nextDay) {
+            config._a[HOUR] = 24;
+        }
+    }
+
+    function dayOfYearFromWeekInfo(config) {
+        var w, weekYear, week, weekday, dow, doy, temp;
+
+        w = config._w;
+        if (w.GG != null || w.W != null || w.E != null) {
+            dow = 1;
+            doy = 4;
+
+            // TODO: We need to take the current isoWeekYear, but that depends on
+            // how we interpret now (local, utc, fixed offset). So create
+            // a now version of current config (take local/utc/offset flags, and
+            // create now).
+            weekYear = defaults(w.GG, config._a[YEAR], weekOfYear(local__createLocal(), 1, 4).year);
+            week = defaults(w.W, 1);
+            weekday = defaults(w.E, 1);
+        } else {
+            dow = config._locale._week.dow;
+            doy = config._locale._week.doy;
+
+            weekYear = defaults(w.gg, config._a[YEAR], weekOfYear(local__createLocal(), dow, doy).year);
+            week = defaults(w.w, 1);
+
+            if (w.d != null) {
+                // weekday -- low day numbers are considered next week
+                weekday = w.d;
+                if (weekday < dow) {
+                    ++week;
+                }
+            } else if (w.e != null) {
+                // local weekday -- counting starts from begining of week
+                weekday = w.e + dow;
+            } else {
+                // default to begining of week
+                weekday = dow;
+            }
+        }
+        temp = dayOfYearFromWeeks(weekYear, week, weekday, doy, dow);
+
+        config._a[YEAR] = temp.year;
+        config._dayOfYear = temp.dayOfYear;
+    }
+
+    utils_hooks__hooks.ISO_8601 = function () {};
+
+    // date from string and format string
+    function configFromStringAndFormat(config) {
+        // TODO: Move this to another part of the creation flow to prevent circular deps
+        if (config._f === utils_hooks__hooks.ISO_8601) {
+            configFromISO(config);
+            return;
+        }
+
+        config._a = [];
+        getParsingFlags(config).empty = true;
+
+        // This array is used to make a Date, either with `new Date` or `Date.UTC`
+        var string = '' + config._i,
+            i, parsedInput, tokens, token, skipped,
+            stringLength = string.length,
+            totalParsedInputLength = 0;
+
+        tokens = expandFormat(config._f, config._locale).match(formattingTokens) || [];
+
+        for (i = 0; i < tokens.length; i++) {
+            token = tokens[i];
+            parsedInput = (string.match(getParseRegexForToken(token, config)) || [])[0];
+            if (parsedInput) {
+                skipped = string.substr(0, string.indexOf(parsedInput));
+                if (skipped.length > 0) {
+                    getParsingFlags(config).unusedInput.push(skipped);
+                }
+                string = string.slice(string.indexOf(parsedInput) + parsedInput.length);
+                totalParsedInputLength += parsedInput.length;
+            }
+            // don't parse if it's not a known token
+            if (formatTokenFunctions[token]) {
+                if (parsedInput) {
+                    getParsingFlags(config).empty = false;
+                }
+                else {
+                    getParsingFlags(config).unusedTokens.push(token);
+                }
+                addTimeToArrayFromToken(token, parsedInput, config);
+            }
+            else if (config._strict && !parsedInput) {
+                getParsingFlags(config).unusedTokens.push(token);
+            }
+        }
+
+        // add remaining unparsed input length to the string
+        getParsingFlags(config).charsLeftOver = stringLength - totalParsedInputLength;
+        if (string.length > 0) {
+            getParsingFlags(config).unusedInput.push(string);
+        }
+
+        // clear _12h flag if hour is <= 12
+        if (getParsingFlags(config).bigHour === true &&
+                config._a[HOUR] <= 12 &&
+                config._a[HOUR] > 0) {
+            getParsingFlags(config).bigHour = undefined;
+        }
+        // handle meridiem
+        config._a[HOUR] = meridiemFixWrap(config._locale, config._a[HOUR], config._meridiem);
+
+        configFromArray(config);
+        checkOverflow(config);
+    }
+
+
+    function meridiemFixWrap (locale, hour, meridiem) {
+        var isPm;
+
+        if (meridiem == null) {
+            // nothing to do
+            return hour;
+        }
+        if (locale.meridiemHour != null) {
+            return locale.meridiemHour(hour, meridiem);
+        } else if (locale.isPM != null) {
+            // Fallback
+            isPm = locale.isPM(meridiem);
+            if (isPm && hour < 12) {
+                hour += 12;
+            }
+            if (!isPm && hour === 12) {
+                hour = 0;
+            }
+            return hour;
+        } else {
+            // this is not supposed to happen
+            return hour;
+        }
+    }
+
+    function configFromStringAndArray(config) {
+        var tempConfig,
+            bestMoment,
+
+            scoreToBeat,
+            i,
+            currentScore;
+
+        if (config._f.length === 0) {
+            getParsingFlags(config).invalidFormat = true;
+            config._d = new Date(NaN);
+            return;
+        }
+
+        for (i = 0; i < config._f.length; i++) {
+            currentScore = 0;
+            tempConfig = copyConfig({}, config);
+            if (config._useUTC != null) {
+                tempConfig._useUTC = config._useUTC;
+            }
+            tempConfig._f = config._f[i];
+            configFromStringAndFormat(tempConfig);
+
+            if (!valid__isValid(tempConfig)) {
+                continue;
+            }
+
+            // if there is any input that was not parsed add a penalty for that format
+            currentScore += getParsingFlags(tempConfig).charsLeftOver;
+
+            //or tokens
+            currentScore += getParsingFlags(tempConfig).unusedTokens.length * 10;
+
+            getParsingFlags(tempConfig).score = currentScore;
+
+            if (scoreToBeat == null || currentScore < scoreToBeat) {
+                scoreToBeat = currentScore;
+                bestMoment = tempConfig;
+            }
+        }
+
+        extend(config, bestMoment || tempConfig);
+    }
+
+    function configFromObject(config) {
+        if (config._d) {
+            return;
+        }
+
+        var i = normalizeObjectUnits(config._i);
+        config._a = [i.year, i.month, i.day || i.date, i.hour, i.minute, i.second, i.millisecond];
+
+        configFromArray(config);
+    }
+
+    function createFromConfig (config) {
+        var input = config._i,
+            format = config._f,
+            res;
+
+        config._locale = config._locale || locale_locales__getLocale(config._l);
+
+        if (input === null || (format === undefined && input === '')) {
+            return valid__createInvalid({nullInput: true});
+        }
+
+        if (typeof input === 'string') {
+            config._i = input = config._locale.preparse(input);
+        }
+
+        if (isMoment(input)) {
+            return new Moment(checkOverflow(input));
+        } else if (isArray(format)) {
+            configFromStringAndArray(config);
+        } else if (format) {
+            configFromStringAndFormat(config);
+        } else if (isDate(input)) {
+            config._d = input;
+        } else {
+            configFromInput(config);
+        }
+
+        res = new Moment(checkOverflow(config));
+        if (res._nextDay) {
+            // Adding is smart enough around DST
+            res.add(1, 'd');
+            res._nextDay = undefined;
+        }
+
+        return res;
+    }
+
+    function configFromInput(config) {
+        var input = config._i;
+        if (input === undefined) {
+            config._d = new Date();
+        } else if (isDate(input)) {
+            config._d = new Date(+input);
+        } else if (typeof input === 'string') {
+            configFromString(config);
+        } else if (isArray(input)) {
+            config._a = map(input.slice(0), function (obj) {
+                return parseInt(obj, 10);
+            });
+            configFromArray(config);
+        } else if (typeof(input) === 'object') {
+            configFromObject(config);
+        } else if (typeof(input) === 'number') {
+            // from milliseconds
+            config._d = new Date(input);
+        } else {
+            utils_hooks__hooks.createFromInputFallback(config);
+        }
+    }
+
+    function createLocalOrUTC (input, format, locale, strict, isUTC) {
+        var c = {};
+
+        if (typeof(locale) === 'boolean') {
+            strict = locale;
+            locale = undefined;
+        }
+        // object construction must be done this way.
+        // https://github.com/moment/moment/issues/1423
+        c._isAMomentObject = true;
+        c._useUTC = c._isUTC = isUTC;
+        c._l = locale;
+        c._i = input;
+        c._f = format;
+        c._strict = strict;
+
+        return createFromConfig(c);
+    }
+
+    function local__createLocal (input, format, locale, strict) {
+        return createLocalOrUTC(input, format, locale, strict, false);
+    }
+
+    var prototypeMin = deprecate(
+         'moment().min is deprecated, use moment.min instead. https://github.com/moment/moment/issues/1548',
+         function () {
+             var other = local__createLocal.apply(null, arguments);
+             return other < this ? this : other;
+         }
+     );
+
+    var prototypeMax = deprecate(
+        'moment().max is deprecated, use moment.max instead. https://github.com/moment/moment/issues/1548',
+        function () {
+            var other = local__createLocal.apply(null, arguments);
+            return other > this ? this : other;
+        }
+    );
+
+    // Pick a moment m from moments so that m[fn](other) is true for all
+    // other. This relies on the function fn to be transitive.
+    //
+    // moments should either be an array of moment objects or an array, whose
+    // first element is an array of moment objects.
+    function pickBy(fn, moments) {
+        var res, i;
+        if (moments.length === 1 && isArray(moments[0])) {
+            moments = moments[0];
+        }
+        if (!moments.length) {
+            return local__createLocal();
+        }
+        res = moments[0];
+        for (i = 1; i < moments.length; ++i) {
+            if (moments[i][fn](res)) {
+                res = moments[i];
+            }
+        }
+        return res;
+    }
+
+    // TODO: Use [].sort instead?
+    function min () {
+        var args = [].slice.call(arguments, 0);
+
+        return pickBy('isBefore', args);
+    }
+
+    function max () {
+        var args = [].slice.call(arguments, 0);
+
+        return pickBy('isAfter', args);
+    }
+
+    function Duration (duration) {
+        var normalizedInput = normalizeObjectUnits(duration),
+            years = normalizedInput.year || 0,
+            quarters = normalizedInput.quarter || 0,
+            months = normalizedInput.month || 0,
+            weeks = normalizedInput.week || 0,
+            days = normalizedInput.day || 0,
+            hours = normalizedInput.hour || 0,
+            minutes = normalizedInput.minute || 0,
+            seconds = normalizedInput.second || 0,
+            milliseconds = normalizedInput.millisecond || 0;
+
+        // representation for dateAddRemove
+        this._milliseconds = +milliseconds +
+            seconds * 1e3 + // 1000
+            minutes * 6e4 + // 1000 * 60
+            hours * 36e5; // 1000 * 60 * 60
+        // Because of dateAddRemove treats 24 hours as different from a
+        // day when working around DST, we need to store them separately
+        this._days = +days +
+            weeks * 7;
+        // It is impossible translate months into days without knowing
+        // which months you are are talking about, so we have to store
+        // it separately.
+        this._months = +months +
+            quarters * 3 +
+            years * 12;
+
+        this._data = {};
+
+        this._locale = locale_locales__getLocale();
+
+        this._bubble();
+    }
+
+    function isDuration (obj) {
+        return obj instanceof Duration;
+    }
+
+    function offset (token, separator) {
+        addFormatToken(token, 0, 0, function () {
+            var offset = this.utcOffset();
+            var sign = '+';
+            if (offset < 0) {
+                offset = -offset;
+                sign = '-';
+            }
+            return sign + zeroFill(~~(offset / 60), 2) + separator + zeroFill(~~(offset) % 60, 2);
+        });
+    }
+
+    offset('Z', ':');
+    offset('ZZ', '');
+
+    // PARSING
+
+    addRegexToken('Z',  matchOffset);
+    addRegexToken('ZZ', matchOffset);
+    addParseToken(['Z', 'ZZ'], function (input, array, config) {
+        config._useUTC = true;
+        config._tzm = offsetFromString(input);
+    });
+
+    // HELPERS
+
+    // timezone chunker
+    // '+10:00' > ['10',  '00']
+    // '-1530'  > ['-15', '30']
+    var chunkOffset = /([\+\-]|\d\d)/gi;
+
+    function offsetFromString(string) {
+        var matches = ((string || '').match(matchOffset) || []);
+        var chunk   = matches[matches.length - 1] || [];
+        var parts   = (chunk + '').match(chunkOffset) || ['-', 0, 0];
+        var minutes = +(parts[1] * 60) + toInt(parts[2]);
+
+        return parts[0] === '+' ? minutes : -minutes;
+    }
+
+    // Return a moment from input, that is local/utc/zone equivalent to model.
+    function cloneWithOffset(input, model) {
+        var res, diff;
+        if (model._isUTC) {
+            res = model.clone();
+            diff = (isMoment(input) || isDate(input) ? +input : +local__createLocal(input)) - (+res);
+            // Use low-level api, because this fn is low-level api.
+            res._d.setTime(+res._d + diff);
+            utils_hooks__hooks.updateOffset(res, false);
+            return res;
+        } else {
+            return local__createLocal(input).local();
+        }
+        return model._isUTC ? local__createLocal(input).zone(model._offset || 0) : local__createLocal(input).local();
+    }
+
+    function getDateOffset (m) {
+        // On Firefox.24 Date#getTimezoneOffset returns a floating point.
+        // https://github.com/moment/moment/pull/1871
+        return -Math.round(m._d.getTimezoneOffset() / 15) * 15;
+    }
+
+    // HOOKS
+
+    // This function will be called whenever a moment is mutated.
+    // It is intended to keep the offset in sync with the timezone.
+    utils_hooks__hooks.updateOffset = function () {};
+
+    // MOMENTS
+
+    // keepLocalTime = true means only change the timezone, without
+    // affecting the local hour. So 5:31:26 +0300 --[utcOffset(2, true)]-->
+    // 5:31:26 +0200 It is possible that 5:31:26 doesn't exist with offset
+    // +0200, so we adjust the time as needed, to be valid.
+    //
+    // Keeping the time actually adds/subtracts (one hour)
+    // from the actual represented time. That is why we call updateOffset
+    // a second time. In case it wants us to change the offset again
+    // _changeInProgress == true case, then we have to adjust, because
+    // there is no such time in the given timezone.
+    function getSetOffset (input, keepLocalTime) {
+        var offset = this._offset || 0,
+            localAdjust;
+        if (input != null) {
+            if (typeof input === 'string') {
+                input = offsetFromString(input);
+            }
+            if (Math.abs(input) < 16) {
+                input = input * 60;
+            }
+            if (!this._isUTC && keepLocalTime) {
+                localAdjust = getDateOffset(this);
+            }
+            this._offset = input;
+            this._isUTC = true;
+            if (localAdjust != null) {
+                this.add(localAdjust, 'm');
+            }
+            if (offset !== input) {
+                if (!keepLocalTime || this._changeInProgress) {
+                    add_subtract__addSubtract(this, create__createDuration(input - offset, 'm'), 1, false);
+                } else if (!this._changeInProgress) {
+                    this._changeInProgress = true;
+                    utils_hooks__hooks.updateOffset(this, true);
+                    this._changeInProgress = null;
+                }
+            }
+            return this;
+        } else {
+            return this._isUTC ? offset : getDateOffset(this);
+        }
+    }
+
+    function getSetZone (input, keepLocalTime) {
+        if (input != null) {
+            if (typeof input !== 'string') {
+                input = -input;
+            }
+
+            this.utcOffset(input, keepLocalTime);
+
+            return this;
+        } else {
+            return -this.utcOffset();
+        }
+    }
+
+    function setOffsetToUTC (keepLocalTime) {
+        return this.utcOffset(0, keepLocalTime);
+    }
+
+    function setOffsetToLocal (keepLocalTime) {
+        if (this._isUTC) {
+            this.utcOffset(0, keepLocalTime);
+            this._isUTC = false;
+
+            if (keepLocalTime) {
+                this.subtract(getDateOffset(this), 'm');
+            }
+        }
+        return this;
+    }
+
+    function setOffsetToParsedOffset () {
+        if (this._tzm) {
+            this.utcOffset(this._tzm);
+        } else if (typeof this._i === 'string') {
+            this.utcOffset(offsetFromString(this._i));
+        }
+        return this;
+    }
+
+    function hasAlignedHourOffset (input) {
+        if (!input) {
+            input = 0;
+        }
+        else {
+            input = local__createLocal(input).utcOffset();
+        }
+
+        return (this.utcOffset() - input) % 60 === 0;
+    }
+
+    function isDaylightSavingTime () {
+        return (
+            this.utcOffset() > this.clone().month(0).utcOffset() ||
+            this.utcOffset() > this.clone().month(5).utcOffset()
+        );
+    }
+
+    function isDaylightSavingTimeShifted () {
+        if (this._a) {
+            var other = this._isUTC ? create_utc__createUTC(this._a) : local__createLocal(this._a);
+            return this.isValid() && compareArrays(this._a, other.toArray()) > 0;
+        }
+
+        return false;
+    }
+
+    function isLocal () {
+        return !this._isUTC;
+    }
+
+    function isUtcOffset () {
+        return this._isUTC;
+    }
+
+    function isUtc () {
+        return this._isUTC && this._offset === 0;
+    }
+
+    var aspNetRegex = /(\-)?(?:(\d*)\.)?(\d+)\:(\d+)(?:\:(\d+)\.?(\d{3})?)?/;
+
+    // from http://docs.closure-library.googlecode.com/git/closure_goog_date_date.js.source.html
+    // somewhat more in line with 4.4.3.2 2004 spec, but allows decimal anywhere
+    var create__isoRegex = /^(-)?P(?:(?:([0-9,.]*)Y)?(?:([0-9,.]*)M)?(?:([0-9,.]*)D)?(?:T(?:([0-9,.]*)H)?(?:([0-9,.]*)M)?(?:([0-9,.]*)S)?)?|([0-9,.]*)W)$/;
+
+    function create__createDuration (input, key) {
+        var duration = input,
+            // matching against regexp is expensive, do it on demand
+            match = null,
+            sign,
+            ret,
+            diffRes;
+
+        if (isDuration(input)) {
+            duration = {
+                ms : input._milliseconds,
+                d  : input._days,
+                M  : input._months
+            };
+        } else if (typeof input === 'number') {
+            duration = {};
+            if (key) {
+                duration[key] = input;
+            } else {
+                duration.milliseconds = input;
+            }
+        } else if (!!(match = aspNetRegex.exec(input))) {
+            sign = (match[1] === '-') ? -1 : 1;
+            duration = {
+                y  : 0,
+                d  : toInt(match[DATE])        * sign,
+                h  : toInt(match[HOUR])        * sign,
+                m  : toInt(match[MINUTE])      * sign,
+                s  : toInt(match[SECOND])      * sign,
+                ms : toInt(match[MILLISECOND]) * sign
+            };
+        } else if (!!(match = create__isoRegex.exec(input))) {
+            sign = (match[1] === '-') ? -1 : 1;
+            duration = {
+                y : parseIso(match[2], sign),
+                M : parseIso(match[3], sign),
+                d : parseIso(match[4], sign),
+                h : parseIso(match[5], sign),
+                m : parseIso(match[6], sign),
+                s : parseIso(match[7], sign),
+                w : parseIso(match[8], sign)
+            };
+        } else if (duration == null) {// checks for null or undefined
+            duration = {};
+        } else if (typeof duration === 'object' && ('from' in duration || 'to' in duration)) {
+            diffRes = momentsDifference(local__createLocal(duration.from), local__createLocal(duration.to));
+
+            duration = {};
+            duration.ms = diffRes.milliseconds;
+            duration.M = diffRes.months;
+        }
+
+        ret = new Duration(duration);
+
+        if (isDuration(input) && hasOwnProp(input, '_locale')) {
+            ret._locale = input._locale;
+        }
+
+        return ret;
+    }
+
+    create__createDuration.fn = Duration.prototype;
+
+    function parseIso (inp, sign) {
+        // We'd normally use ~~inp for this, but unfortunately it also
+        // converts floats to ints.
+        // inp may be undefined, so careful calling replace on it.
+        var res = inp && parseFloat(inp.replace(',', '.'));
+        // apply sign while we're at it
+        return (isNaN(res) ? 0 : res) * sign;
+    }
+
+    function positiveMomentsDifference(base, other) {
+        var res = {milliseconds: 0, months: 0};
+
+        res.months = other.month() - base.month() +
+            (other.year() - base.year()) * 12;
+        if (base.clone().add(res.months, 'M').isAfter(other)) {
+            --res.months;
+        }
+
+        res.milliseconds = +other - +(base.clone().add(res.months, 'M'));
+
+        return res;
+    }
+
+    function momentsDifference(base, other) {
+        var res;
+        other = cloneWithOffset(other, base);
+        if (base.isBefore(other)) {
+            res = positiveMomentsDifference(base, other);
+        } else {
+            res = positiveMomentsDifference(other, base);
+            res.milliseconds = -res.milliseconds;
+            res.months = -res.months;
+        }
+
+        return res;
+    }
+
+    function createAdder(direction, name) {
+        return function (val, period) {
+            var dur, tmp;
+            //invert the arguments, but complain about it
+            if (period !== null && !isNaN(+period)) {
+                deprecateSimple(name, 'moment().' + name  + '(period, number) is deprecated. Please use moment().' + name + '(number, period).');
+                tmp = val; val = period; period = tmp;
+            }
+
+            val = typeof val === 'string' ? +val : val;
+            dur = create__createDuration(val, period);
+            add_subtract__addSubtract(this, dur, direction);
+            return this;
+        };
+    }
+
+    function add_subtract__addSubtract (mom, duration, isAdding, updateOffset) {
+        var milliseconds = duration._milliseconds,
+            days = duration._days,
+            months = duration._months;
+        updateOffset = updateOffset == null ? true : updateOffset;
+
+        if (milliseconds) {
+            mom._d.setTime(+mom._d + milliseconds * isAdding);
+        }
+        if (days) {
+            get_set__set(mom, 'Date', get_set__get(mom, 'Date') + days * isAdding);
+        }
+        if (months) {
+            setMonth(mom, get_set__get(mom, 'Month') + months * isAdding);
+        }
+        if (updateOffset) {
+            utils_hooks__hooks.updateOffset(mom, days || months);
+        }
+    }
+
+    var add_subtract__add      = createAdder(1, 'add');
+    var add_subtract__subtract = createAdder(-1, 'subtract');
+
+    function moment_calendar__calendar (time) {
+        // We want to compare the start of today, vs this.
+        // Getting start-of-today depends on whether we're local/utc/offset or not.
+        var now = time || local__createLocal(),
+            sod = cloneWithOffset(now, this).startOf('day'),
+            diff = this.diff(sod, 'days', true),
+            format = diff < -6 ? 'sameElse' :
+                diff < -1 ? 'lastWeek' :
+                diff < 0 ? 'lastDay' :
+                diff < 1 ? 'sameDay' :
+                diff < 2 ? 'nextDay' :
+                diff < 7 ? 'nextWeek' : 'sameElse';
+        return this.format(this.localeData().calendar(format, this, local__createLocal(now)));
+    }
+
+    function clone () {
+        return new Moment(this);
+    }
+
+    function isAfter (input, units) {
+        var inputMs;
+        units = normalizeUnits(typeof units !== 'undefined' ? units : 'millisecond');
+        if (units === 'millisecond') {
+            input = isMoment(input) ? input : local__createLocal(input);
+            return +this > +input;
+        } else {
+            inputMs = isMoment(input) ? +input : +local__createLocal(input);
+            return inputMs < +this.clone().startOf(units);
+        }
+    }
+
+    function isBefore (input, units) {
+        var inputMs;
+        units = normalizeUnits(typeof units !== 'undefined' ? units : 'millisecond');
+        if (units === 'millisecond') {
+            input = isMoment(input) ? input : local__createLocal(input);
+            return +this < +input;
+        } else {
+            inputMs = isMoment(input) ? +input : +local__createLocal(input);
+            return +this.clone().endOf(units) < inputMs;
+        }
+    }
+
+    function isBetween (from, to, units) {
+        return this.isAfter(from, units) && this.isBefore(to, units);
+    }
+
+    function isSame (input, units) {
+        var inputMs;
+        units = normalizeUnits(units || 'millisecond');
+        if (units === 'millisecond') {
+            input = isMoment(input) ? input : local__createLocal(input);
+            return +this === +input;
+        } else {
+            inputMs = +local__createLocal(input);
+            return +(this.clone().startOf(units)) <= inputMs && inputMs <= +(this.clone().endOf(units));
+        }
+    }
+
+    function absFloor (number) {
+        if (number < 0) {
+            return Math.ceil(number);
+        } else {
+            return Math.floor(number);
+        }
+    }
+
+    function diff (input, units, asFloat) {
+        var that = cloneWithOffset(input, this),
+            zoneDelta = (that.utcOffset() - this.utcOffset()) * 6e4,
+            delta, output;
+
+        units = normalizeUnits(units);
+
+        if (units === 'year' || units === 'month' || units === 'quarter') {
+            output = monthDiff(this, that);
+            if (units === 'quarter') {
+                output = output / 3;
+            } else if (units === 'year') {
+                output = output / 12;
+            }
+        } else {
+            delta = this - that;
+            output = units === 'second' ? delta / 1e3 : // 1000
+                units === 'minute' ? delta / 6e4 : // 1000 * 60
+                units === 'hour' ? delta / 36e5 : // 1000 * 60 * 60
+                units === 'day' ? (delta - zoneDelta) / 864e5 : // 1000 * 60 * 60 * 24, negate dst
+                units === 'week' ? (delta - zoneDelta) / 6048e5 : // 1000 * 60 * 60 * 24 * 7, negate dst
+                delta;
+        }
+        return asFloat ? output : absFloor(output);
+    }
+
+    function monthDiff (a, b) {
+        // difference in months
+        var wholeMonthDiff = ((b.year() - a.year()) * 12) + (b.month() - a.month()),
+            // b is in (anchor - 1 month, anchor + 1 month)
+            anchor = a.clone().add(wholeMonthDiff, 'months'),
+            anchor2, adjust;
+
+        if (b - anchor < 0) {
+            anchor2 = a.clone().add(wholeMonthDiff - 1, 'months');
+            // linear across the month
+            adjust = (b - anchor) / (anchor - anchor2);
+        } else {
+            anchor2 = a.clone().add(wholeMonthDiff + 1, 'months');
+            // linear across the month
+            adjust = (b - anchor) / (anchor2 - anchor);
+        }
+
+        return -(wholeMonthDiff + adjust);
+    }
+
+    utils_hooks__hooks.defaultFormat = 'YYYY-MM-DDTHH:mm:ssZ';
+
+    function toString () {
+        return this.clone().locale('en').format('ddd MMM DD YYYY HH:mm:ss [GMT]ZZ');
+    }
+
+    function moment_format__toISOString () {
+        var m = this.clone().utc();
+        if (0 < m.year() && m.year() <= 9999) {
+            if ('function' === typeof Date.prototype.toISOString) {
+                // native implementation is ~50x faster, use it when we can
+                return this.toDate().toISOString();
+            } else {
+                return formatMoment(m, 'YYYY-MM-DD[T]HH:mm:ss.SSS[Z]');
+            }
+        } else {
+            return formatMoment(m, 'YYYYYY-MM-DD[T]HH:mm:ss.SSS[Z]');
+        }
+    }
+
+    function moment_format__format (inputString) {
+        var output = formatMoment(this, inputString || utils_hooks__hooks.defaultFormat);
+        return this.localeData().postformat(output);
+    }
+
+    function from (time, withoutSuffix) {
+        if (!this.isValid()) {
+            return this.localeData().invalidDate();
+        }
+        return create__createDuration({to: this, from: time}).locale(this.locale()).humanize(!withoutSuffix);
+    }
+
+    function fromNow (withoutSuffix) {
+        return this.from(local__createLocal(), withoutSuffix);
+    }
+
+    function to (time, withoutSuffix) {
+        if (!this.isValid()) {
+            return this.localeData().invalidDate();
+        }
+        return create__createDuration({from: this, to: time}).locale(this.locale()).humanize(!withoutSuffix);
+    }
+
+    function toNow (withoutSuffix) {
+        return this.to(local__createLocal(), withoutSuffix);
+    }
+
+    function locale (key) {
+        var newLocaleData;
+
+        if (key === undefined) {
+            return this._locale._abbr;
+        } else {
+            newLocaleData = locale_locales__getLocale(key);
+            if (newLocaleData != null) {
+                this._locale = newLocaleData;
+            }
+            return this;
+        }
+    }
+
+    var lang = deprecate(
+        'moment().lang() is deprecated. Instead, use moment().localeData() to get the language configuration. Use moment().locale() to change languages.',
+        function (key) {
+            if (key === undefined) {
+                return this.localeData();
+            } else {
+                return this.locale(key);
+            }
+        }
+    );
+
+    function localeData () {
+        return this._locale;
+    }
+
+    function startOf (units) {
+        units = normalizeUnits(units);
+        // the following switch intentionally omits break keywords
+        // to utilize falling through the cases.
+        switch (units) {
+        case 'year':
+            this.month(0);
+            /* falls through */
+        case 'quarter':
+        case 'month':
+            this.date(1);
+            /* falls through */
+        case 'week':
+        case 'isoWeek':
+        case 'day':
+            this.hours(0);
+            /* falls through */
+        case 'hour':
+            this.minutes(0);
+            /* falls through */
+        case 'minute':
+            this.seconds(0);
+            /* falls through */
+        case 'second':
+            this.milliseconds(0);
+        }
+
+        // weeks are a special case
+        if (units === 'week') {
+            this.weekday(0);
+        }
+        if (units === 'isoWeek') {
+            this.isoWeekday(1);
+        }
+
+        // quarters are also special
+        if (units === 'quarter') {
+            this.month(Math.floor(this.month() / 3) * 3);
+        }
+
+        return this;
+    }
+
+    function endOf (units) {
+        units = normalizeUnits(units);
+        if (units === undefined || units === 'millisecond') {
+            return this;
+        }
+        return this.startOf(units).add(1, (units === 'isoWeek' ? 'week' : units)).subtract(1, 'ms');
+    }
+
+    function to_type__valueOf () {
+        return +this._d - ((this._offset || 0) * 60000);
+    }
+
+    function unix () {
+        return Math.floor(+this / 1000);
+    }
+
+    function toDate () {
+        return this._offset ? new Date(+this) : this._d;
+    }
+
+    function toArray () {
+        var m = this;
+        return [m.year(), m.month(), m.date(), m.hour(), m.minute(), m.second(), m.millisecond()];
+    }
+
+    function moment_valid__isValid () {
+        return valid__isValid(this);
+    }
+
+    function parsingFlags () {
+        return extend({}, getParsingFlags(this));
+    }
+
+    function invalidAt () {
+        return getParsingFlags(this).overflow;
+    }
+
+    addFormatToken(0, ['gg', 2], 0, function () {
+        return this.weekYear() % 100;
+    });
+
+    addFormatToken(0, ['GG', 2], 0, function () {
+        return this.isoWeekYear() % 100;
+    });
+
+    function addWeekYearFormatToken (token, getter) {
+        addFormatToken(0, [token, token.length], 0, getter);
+    }
+
+    addWeekYearFormatToken('gggg',     'weekYear');
+    addWeekYearFormatToken('ggggg',    'weekYear');
+    addWeekYearFormatToken('GGGG',  'isoWeekYear');
+    addWeekYearFormatToken('GGGGG', 'isoWeekYear');
+
+    // ALIASES
+
+    addUnitAlias('weekYear', 'gg');
+    addUnitAlias('isoWeekYear', 'GG');
+
+    // PARSING
+
+    addRegexToken('G',      matchSigned);
+    addRegexToken('g',      matchSigned);
+    addRegexToken('GG',     match1to2, match2);
+    addRegexToken('gg',     match1to2, match2);
+    addRegexToken('GGGG',   match1to4, match4);
+    addRegexToken('gggg',   match1to4, match4);
+    addRegexToken('GGGGG',  match1to6, match6);
+    addRegexToken('ggggg',  match1to6, match6);
+
+    addWeekParseToken(['gggg', 'ggggg', 'GGGG', 'GGGGG'], function (input, week, config, token) {
+        week[token.substr(0, 2)] = toInt(input);
+    });
+
+    addWeekParseToken(['gg', 'GG'], function (input, week, config, token) {
+        week[token] = utils_hooks__hooks.parseTwoDigitYear(input);
+    });
+
+    // HELPERS
+
+    function weeksInYear(year, dow, doy) {
+        return weekOfYear(local__createLocal([year, 11, 31 + dow - doy]), dow, doy).week;
+    }
+
+    // MOMENTS
+
+    function getSetWeekYear (input) {
+        var year = weekOfYear(this, this.localeData()._week.dow, this.localeData()._week.doy).year;
+        return input == null ? year : this.add((input - year), 'y');
+    }
+
+    function getSetISOWeekYear (input) {
+        var year = weekOfYear(this, 1, 4).year;
+        return input == null ? year : this.add((input - year), 'y');
+    }
+
+    function getISOWeeksInYear () {
+        return weeksInYear(this.year(), 1, 4);
+    }
+
+    function getWeeksInYear () {
+        var weekInfo = this.localeData()._week;
+        return weeksInYear(this.year(), weekInfo.dow, weekInfo.doy);
+    }
+
+    addFormatToken('Q', 0, 0, 'quarter');
+
+    // ALIASES
+
+    addUnitAlias('quarter', 'Q');
+
+    // PARSING
+
+    addRegexToken('Q', match1);
+    addParseToken('Q', function (input, array) {
+        array[MONTH] = (toInt(input) - 1) * 3;
+    });
+
+    // MOMENTS
+
+    function getSetQuarter (input) {
+        return input == null ? Math.ceil((this.month() + 1) / 3) : this.month((input - 1) * 3 + this.month() % 3);
+    }
+
+    addFormatToken('D', ['DD', 2], 'Do', 'date');
+
+    // ALIASES
+
+    addUnitAlias('date', 'D');
+
+    // PARSING
+
+    addRegexToken('D',  match1to2);
+    addRegexToken('DD', match1to2, match2);
+    addRegexToken('Do', function (isStrict, locale) {
+        return isStrict ? locale._ordinalParse : locale._ordinalParseLenient;
+    });
+
+    addParseToken(['D', 'DD'], DATE);
+    addParseToken('Do', function (input, array) {
+        array[DATE] = toInt(input.match(match1to2)[0], 10);
+    });
+
+    // MOMENTS
+
+    var getSetDayOfMonth = makeGetSet('Date', true);
+
+    addFormatToken('d', 0, 'do', 'day');
+
+    addFormatToken('dd', 0, 0, function (format) {
+        return this.localeData().weekdaysMin(this, format);
+    });
+
+    addFormatToken('ddd', 0, 0, function (format) {
+        return this.localeData().weekdaysShort(this, format);
+    });
+
+    addFormatToken('dddd', 0, 0, function (format) {
+        return this.localeData().weekdays(this, format);
+    });
+
+    addFormatToken('e', 0, 0, 'weekday');
+    addFormatToken('E', 0, 0, 'isoWeekday');
+
+    // ALIASES
+
+    addUnitAlias('day', 'd');
+    addUnitAlias('weekday', 'e');
+    addUnitAlias('isoWeekday', 'E');
+
+    // PARSING
+
+    addRegexToken('d',    match1to2);
+    addRegexToken('e',    match1to2);
+    addRegexToken('E',    match1to2);
+    addRegexToken('dd',   matchWord);
+    addRegexToken('ddd',  matchWord);
+    addRegexToken('dddd', matchWord);
+
+    addWeekParseToken(['dd', 'ddd', 'dddd'], function (input, week, config) {
+        var weekday = config._locale.weekdaysParse(input);
+        // if we didn't get a weekday name, mark the date as invalid
+        if (weekday != null) {
+            week.d = weekday;
+        } else {
+            getParsingFlags(config).invalidWeekday = input;
+        }
+    });
+
+    addWeekParseToken(['d', 'e', 'E'], function (input, week, config, token) {
+        week[token] = toInt(input);
+    });
+
+    // HELPERS
+
+    function parseWeekday(input, locale) {
+        if (typeof input === 'string') {
+            if (!isNaN(input)) {
+                input = parseInt(input, 10);
+            }
+            else {
+                input = locale.weekdaysParse(input);
+                if (typeof input !== 'number') {
+                    return null;
+                }
+            }
+        }
+        return input;
+    }
+
+    // LOCALES
+
+    var defaultLocaleWeekdays = 'Sunday_Monday_Tuesday_Wednesday_Thursday_Friday_Saturday'.split('_');
+    function localeWeekdays (m) {
+        return this._weekdays[m.day()];
+    }
+
+    var defaultLocaleWeekdaysShort = 'Sun_Mon_Tue_Wed_Thu_Fri_Sat'.split('_');
+    function localeWeekdaysShort (m) {
+        return this._weekdaysShort[m.day()];
+    }
+
+    var defaultLocaleWeekdaysMin = 'Su_Mo_Tu_We_Th_Fr_Sa'.split('_');
+    function localeWeekdaysMin (m) {
+        return this._weekdaysMin[m.day()];
+    }
+
+    function localeWeekdaysParse (weekdayName) {
+        var i, mom, regex;
+
+        if (!this._weekdaysParse) {
+            this._weekdaysParse = [];
+        }
+
+        for (i = 0; i < 7; i++) {
+            // make the regex if we don't have it already
+            if (!this._weekdaysParse[i]) {
+                mom = local__createLocal([2000, 1]).day(i);
+                regex = '^' + this.weekdays(mom, '') + '|^' + this.weekdaysShort(mom, '') + '|^' + this.weekdaysMin(mom, '');
+                this._weekdaysParse[i] = new RegExp(regex.replace('.', ''), 'i');
+            }
+            // test the regex
+            if (this._weekdaysParse[i].test(weekdayName)) {
+                return i;
+            }
+        }
+    }
+
+    // MOMENTS
+
+    function getSetDayOfWeek (input) {
+        var day = this._isUTC ? this._d.getUTCDay() : this._d.getDay();
+        if (input != null) {
+            input = parseWeekday(input, this.localeData());
+            return this.add(input - day, 'd');
+        } else {
+            return day;
+        }
+    }
+
+    function getSetLocaleDayOfWeek (input) {
+        var weekday = (this.day() + 7 - this.localeData()._week.dow) % 7;
+        return input == null ? weekday : this.add(input - weekday, 'd');
+    }
+
+    function getSetISODayOfWeek (input) {
+        // behaves the same as moment#day except
+        // as a getter, returns 7 instead of 0 (1-7 range instead of 0-6)
+        // as a setter, sunday should belong to the previous week.
+        return input == null ? this.day() || 7 : this.day(this.day() % 7 ? input : input - 7);
+    }
+
+    addFormatToken('H', ['HH', 2], 0, 'hour');
+    addFormatToken('h', ['hh', 2], 0, function () {
+        return this.hours() % 12 || 12;
+    });
+
+    function meridiem (token, lowercase) {
+        addFormatToken(token, 0, 0, function () {
+            return this.localeData().meridiem(this.hours(), this.minutes(), lowercase);
+        });
+    }
+
+    meridiem('a', true);
+    meridiem('A', false);
+
+    // ALIASES
+
+    addUnitAlias('hour', 'h');
+
+    // PARSING
+
+    function matchMeridiem (isStrict, locale) {
+        return locale._meridiemParse;
+    }
+
+    addRegexToken('a',  matchMeridiem);
+    addRegexToken('A',  matchMeridiem);
+    addRegexToken('H',  match1to2);
+    addRegexToken('h',  match1to2);
+    addRegexToken('HH', match1to2, match2);
+    addRegexToken('hh', match1to2, match2);
+
+    addParseToken(['H', 'HH'], HOUR);
+    addParseToken(['a', 'A'], function (input, array, config) {
+        config._isPm = config._locale.isPM(input);
+        config._meridiem = input;
+    });
+    addParseToken(['h', 'hh'], function (input, array, config) {
+        array[HOUR] = toInt(input);
+        getParsingFlags(config).bigHour = true;
+    });
+
+    // LOCALES
+
+    function localeIsPM (input) {
+        // IE8 Quirks Mode & IE7 Standards Mode do not allow accessing strings like arrays
+        // Using charAt should be more compatible.
+        return ((input + '').toLowerCase().charAt(0) === 'p');
+    }
+
+    var defaultLocaleMeridiemParse = /[ap]\.?m?\.?/i;
+    function localeMeridiem (hours, minutes, isLower) {
+        if (hours > 11) {
+            return isLower ? 'pm' : 'PM';
+        } else {
+            return isLower ? 'am' : 'AM';
+        }
+    }
+
+
+    // MOMENTS
+
+    // Setting the hour should keep the time, because the user explicitly
+    // specified which hour he wants. So trying to maintain the same hour (in
+    // a new timezone) makes sense. Adding/subtracting hours does not follow
+    // this rule.
+    var getSetHour = makeGetSet('Hours', true);
+
+    addFormatToken('m', ['mm', 2], 0, 'minute');
+
+    // ALIASES
+
+    addUnitAlias('minute', 'm');
+
+    // PARSING
+
+    addRegexToken('m',  match1to2);
+    addRegexToken('mm', match1to2, match2);
+    addParseToken(['m', 'mm'], MINUTE);
+
+    // MOMENTS
+
+    var getSetMinute = makeGetSet('Minutes', false);
+
+    addFormatToken('s', ['ss', 2], 0, 'second');
+
+    // ALIASES
+
+    addUnitAlias('second', 's');
+
+    // PARSING
+
+    addRegexToken('s',  match1to2);
+    addRegexToken('ss', match1to2, match2);
+    addParseToken(['s', 'ss'], SECOND);
+
+    // MOMENTS
+
+    var getSetSecond = makeGetSet('Seconds', false);
+
+    addFormatToken('S', 0, 0, function () {
+        return ~~(this.millisecond() / 100);
+    });
+
+    addFormatToken(0, ['SS', 2], 0, function () {
+        return ~~(this.millisecond() / 10);
+    });
+
+    function millisecond__milliseconds (token) {
+        addFormatToken(0, [token, 3], 0, 'millisecond');
+    }
+
+    millisecond__milliseconds('SSS');
+    millisecond__milliseconds('SSSS');
+
+    // ALIASES
+
+    addUnitAlias('millisecond', 'ms');
+
+    // PARSING
+
+    addRegexToken('S',    match1to3, match1);
+    addRegexToken('SS',   match1to3, match2);
+    addRegexToken('SSS',  match1to3, match3);
+    addRegexToken('SSSS', matchUnsigned);
+    addParseToken(['S', 'SS', 'SSS', 'SSSS'], function (input, array) {
+        array[MILLISECOND] = toInt(('0.' + input) * 1000);
+    });
+
+    // MOMENTS
+
+    var getSetMillisecond = makeGetSet('Milliseconds', false);
+
+    addFormatToken('z',  0, 0, 'zoneAbbr');
+    addFormatToken('zz', 0, 0, 'zoneName');
+
+    // MOMENTS
+
+    function getZoneAbbr () {
+        return this._isUTC ? 'UTC' : '';
+    }
+
+    function getZoneName () {
+        return this._isUTC ? 'Coordinated Universal Time' : '';
+    }
+
+    var momentPrototype__proto = Moment.prototype;
+
+    momentPrototype__proto.add          = add_subtract__add;
+    momentPrototype__proto.calendar     = moment_calendar__calendar;
+    momentPrototype__proto.clone        = clone;
+    momentPrototype__proto.diff         = diff;
+    momentPrototype__proto.endOf        = endOf;
+    momentPrototype__proto.format       = moment_format__format;
+    momentPrototype__proto.from         = from;
+    momentPrototype__proto.fromNow      = fromNow;
+    momentPrototype__proto.to           = to;
+    momentPrototype__proto.toNow        = toNow;
+    momentPrototype__proto.get          = getSet;
+    momentPrototype__proto.invalidAt    = invalidAt;
+    momentPrototype__proto.isAfter      = isAfter;
+    momentPrototype__proto.isBefore     = isBefore;
+    momentPrototype__proto.isBetween    = isBetween;
+    momentPrototype__proto.isSame       = isSame;
+    momentPrototype__proto.isValid      = moment_valid__isValid;
+    momentPrototype__proto.lang         = lang;
+    momentPrototype__proto.locale       = locale;
+    momentPrototype__proto.localeData   = localeData;
+    momentPrototype__proto.max          = prototypeMax;
+    momentPrototype__proto.min          = prototypeMin;
+    momentPrototype__proto.parsingFlags = parsingFlags;
+    momentPrototype__proto.set          = getSet;
+    momentPrototype__proto.startOf      = startOf;
+    momentPrototype__proto.subtract     = add_subtract__subtract;
+    momentPrototype__proto.toArray      = toArray;
+    momentPrototype__proto.toDate       = toDate;
+    momentPrototype__proto.toISOString  = moment_format__toISOString;
+    momentPrototype__proto.toJSON       = moment_format__toISOString;
+    momentPrototype__proto.toString     = toString;
+    momentPrototype__proto.unix         = unix;
+    momentPrototype__proto.valueOf      = to_type__valueOf;
+
+    // Year
+    momentPrototype__proto.year       = getSetYear;
+    momentPrototype__proto.isLeapYear = getIsLeapYear;
+
+    // Week Year
+    momentPrototype__proto.weekYear    = getSetWeekYear;
+    momentPrototype__proto.isoWeekYear = getSetISOWeekYear;
+
+    // Quarter
+    momentPrototype__proto.quarter = momentPrototype__proto.quarters = getSetQuarter;
+
+    // Month
+    momentPrototype__proto.month       = getSetMonth;
+    momentPrototype__proto.daysInMonth = getDaysInMonth;
+
+    // Week
+    momentPrototype__proto.week           = momentPrototype__proto.weeks        = getSetWeek;
+    momentPrototype__proto.isoWeek        = momentPrototype__proto.isoWeeks     = getSetISOWeek;
+    momentPrototype__proto.weeksInYear    = getWeeksInYear;
+    momentPrototype__proto.isoWeeksInYear = getISOWeeksInYear;
+
+    // Day
+    momentPrototype__proto.date       = getSetDayOfMonth;
+    momentPrototype__proto.day        = momentPrototype__proto.days             = getSetDayOfWeek;
+    momentPrototype__proto.weekday    = getSetLocaleDayOfWeek;
+    momentPrototype__proto.isoWeekday = getSetISODayOfWeek;
+    momentPrototype__proto.dayOfYear  = getSetDayOfYear;
+
+    // Hour
+    momentPrototype__proto.hour = momentPrototype__proto.hours = getSetHour;
+
+    // Minute
+    momentPrototype__proto.minute = momentPrototype__proto.minutes = getSetMinute;
+
+    // Second
+    momentPrototype__proto.second = momentPrototype__proto.seconds = getSetSecond;
+
+    // Millisecond
+    momentPrototype__proto.millisecond = momentPrototype__proto.milliseconds = getSetMillisecond;
+
+    // Offset
+    momentPrototype__proto.utcOffset            = getSetOffset;
+    momentPrototype__proto.utc                  = setOffsetToUTC;
+    momentPrototype__proto.local                = setOffsetToLocal;
+    momentPrototype__proto.parseZone            = setOffsetToParsedOffset;
+    momentPrototype__proto.hasAlignedHourOffset = hasAlignedHourOffset;
+    momentPrototype__proto.isDST                = isDaylightSavingTime;
+    momentPrototype__proto.isDSTShifted         = isDaylightSavingTimeShifted;
+    momentPrototype__proto.isLocal              = isLocal;
+    momentPrototype__proto.isUtcOffset          = isUtcOffset;
+    momentPrototype__proto.isUtc                = isUtc;
+    momentPrototype__proto.isUTC                = isUtc;
+
+    // Timezone
+    momentPrototype__proto.zoneAbbr = getZoneAbbr;
+    momentPrototype__proto.zoneName = getZoneName;
+
+    // Deprecations
+    momentPrototype__proto.dates  = deprecate('dates accessor is deprecated. Use date instead.', getSetDayOfMonth);
+    momentPrototype__proto.months = deprecate('months accessor is deprecated. Use month instead', getSetMonth);
+    momentPrototype__proto.years  = deprecate('years accessor is deprecated. Use year instead', getSetYear);
+    momentPrototype__proto.zone   = deprecate('moment().zone is deprecated, use moment().utcOffset instead. https://github.com/moment/moment/issues/1779', getSetZone);
+
+    var momentPrototype = momentPrototype__proto;
+
+    function moment_moment__createUnix (input) {
+        return local__createLocal(input * 1000);
+    }
+
+    function moment_moment__createInZone () {
+        return local__createLocal.apply(null, arguments).parseZone();
+    }
+
+    var defaultCalendar = {
+        sameDay : '[Today at] LT',
+        nextDay : '[Tomorrow at] LT',
+        nextWeek : 'dddd [at] LT',
+        lastDay : '[Yesterday at] LT',
+        lastWeek : '[Last] dddd [at] LT',
+        sameElse : 'L'
+    };
+
+    function locale_calendar__calendar (key, mom, now) {
+        var output = this._calendar[key];
+        return typeof output === 'function' ? output.call(mom, now) : output;
+    }
+
+    var defaultLongDateFormat = {
+        LTS  : 'h:mm:ss A',
+        LT   : 'h:mm A',
+        L    : 'MM/DD/YYYY',
+        LL   : 'MMMM D, YYYY',
+        LLL  : 'MMMM D, YYYY LT',
+        LLLL : 'dddd, MMMM D, YYYY LT'
+    };
+
+    function longDateFormat (key) {
+        var output = this._longDateFormat[key];
+        if (!output && this._longDateFormat[key.toUpperCase()]) {
+            output = this._longDateFormat[key.toUpperCase()].replace(/MMMM|MM|DD|dddd/g, function (val) {
+                return val.slice(1);
+            });
+            this._longDateFormat[key] = output;
+        }
+        return output;
+    }
+
+    var defaultInvalidDate = 'Invalid date';
+
+    function invalidDate () {
+        return this._invalidDate;
+    }
+
+    var defaultOrdinal = '%d';
+    var defaultOrdinalParse = /\d{1,2}/;
+
+    function ordinal (number) {
+        return this._ordinal.replace('%d', number);
+    }
+
+    function preParsePostFormat (string) {
+        return string;
+    }
+
+    var defaultRelativeTime = {
+        future : 'in %s',
+        past   : '%s ago',
+        s  : 'a few seconds',
+        m  : 'a minute',
+        mm : '%d minutes',
+        h  : 'an hour',
+        hh : '%d hours',
+        d  : 'a day',
+        dd : '%d days',
+        M  : 'a month',
+        MM : '%d months',
+        y  : 'a year',
+        yy : '%d years'
+    };
+
+    function relative__relativeTime (number, withoutSuffix, string, isFuture) {
+        var output = this._relativeTime[string];
+        return (typeof output === 'function') ?
+            output(number, withoutSuffix, string, isFuture) :
+            output.replace(/%d/i, number);
+    }
+
+    function pastFuture (diff, output) {
+        var format = this._relativeTime[diff > 0 ? 'future' : 'past'];
+        return typeof format === 'function' ? format(output) : format.replace(/%s/i, output);
+    }
+
+    function locale_set__set (config) {
+        var prop, i;
+        for (i in config) {
+            prop = config[i];
+            if (typeof prop === 'function') {
+                this[i] = prop;
+            } else {
+                this['_' + i] = prop;
+            }
+        }
+        // Lenient ordinal parsing accepts just a number in addition to
+        // number + (possibly) stuff coming from _ordinalParseLenient.
+        this._ordinalParseLenient = new RegExp(this._ordinalParse.source + '|' + (/\d{1,2}/).source);
+    }
+
+    var prototype__proto = Locale.prototype;
+
+    prototype__proto._calendar       = defaultCalendar;
+    prototype__proto.calendar        = locale_calendar__calendar;
+    prototype__proto._longDateFormat = defaultLongDateFormat;
+    prototype__proto.longDateFormat  = longDateFormat;
+    prototype__proto._invalidDate    = defaultInvalidDate;
+    prototype__proto.invalidDate     = invalidDate;
+    prototype__proto._ordinal        = defaultOrdinal;
+    prototype__proto.ordinal         = ordinal;
+    prototype__proto._ordinalParse   = defaultOrdinalParse;
+    prototype__proto.preparse        = preParsePostFormat;
+    prototype__proto.postformat      = preParsePostFormat;
+    prototype__proto._relativeTime   = defaultRelativeTime;
+    prototype__proto.relativeTime    = relative__relativeTime;
+    prototype__proto.pastFuture      = pastFuture;
+    prototype__proto.set             = locale_set__set;
+
+    // Month
+    prototype__proto.months       =        localeMonths;
+    prototype__proto._months      = defaultLocaleMonths;
+    prototype__proto.monthsShort  =        localeMonthsShort;
+    prototype__proto._monthsShort = defaultLocaleMonthsShort;
+    prototype__proto.monthsParse  =        localeMonthsParse;
+
+    // Week
+    prototype__proto.week = localeWeek;
+    prototype__proto._week = defaultLocaleWeek;
+    prototype__proto.firstDayOfYear = localeFirstDayOfYear;
+    prototype__proto.firstDayOfWeek = localeFirstDayOfWeek;
+
+    // Day of Week
+    prototype__proto.weekdays       =        localeWeekdays;
+    prototype__proto._weekdays      = defaultLocaleWeekdays;
+    prototype__proto.weekdaysMin    =        localeWeekdaysMin;
+    prototype__proto._weekdaysMin   = defaultLocaleWeekdaysMin;
+    prototype__proto.weekdaysShort  =        localeWeekdaysShort;
+    prototype__proto._weekdaysShort = defaultLocaleWeekdaysShort;
+    prototype__proto.weekdaysParse  =        localeWeekdaysParse;
+
+    // Hours
+    prototype__proto.isPM = localeIsPM;
+    prototype__proto._meridiemParse = defaultLocaleMeridiemParse;
+    prototype__proto.meridiem = localeMeridiem;
+
+    function lists__get (format, index, field, setter) {
+        var locale = locale_locales__getLocale();
+        var utc = create_utc__createUTC().set(setter, index);
+        return locale[field](utc, format);
+    }
+
+    function list (format, index, field, count, setter) {
+        if (typeof format === 'number') {
+            index = format;
+            format = undefined;
+        }
+
+        format = format || '';
+
+        if (index != null) {
+            return lists__get(format, index, field, setter);
+        }
+
+        var i;
+        var out = [];
+        for (i = 0; i < count; i++) {
+            out[i] = lists__get(format, i, field, setter);
+        }
+        return out;
+    }
+
+    function lists__listMonths (format, index) {
+        return list(format, index, 'months', 12, 'month');
+    }
+
+    function lists__listMonthsShort (format, index) {
+        return list(format, index, 'monthsShort', 12, 'month');
+    }
+
+    function lists__listWeekdays (format, index) {
+        return list(format, index, 'weekdays', 7, 'day');
+    }
+
+    function lists__listWeekdaysShort (format, index) {
+        return list(format, index, 'weekdaysShort', 7, 'day');
+    }
+
+    function lists__listWeekdaysMin (format, index) {
+        return list(format, index, 'weekdaysMin', 7, 'day');
+    }
+
+    locale_locales__getSetGlobalLocale('en', {
+        ordinalParse: /\d{1,2}(th|st|nd|rd)/,
+        ordinal : function (number) {
+            var b = number % 10,
+                output = (toInt(number % 100 / 10) === 1) ? 'th' :
+                (b === 1) ? 'st' :
+                (b === 2) ? 'nd' :
+                (b === 3) ? 'rd' : 'th';
+            return number + output;
+        }
+    });
+
+    // Side effect imports
+    utils_hooks__hooks.lang = deprecate('moment.lang is deprecated. Use moment.locale instead.', locale_locales__getSetGlobalLocale);
+    utils_hooks__hooks.langData = deprecate('moment.langData is deprecated. Use moment.localeData instead.', locale_locales__getLocale);
+
+    var mathAbs = Math.abs;
+
+    function duration_abs__abs () {
+        var data           = this._data;
+
+        this._milliseconds = mathAbs(this._milliseconds);
+        this._days         = mathAbs(this._days);
+        this._months       = mathAbs(this._months);
+
+        data.milliseconds  = mathAbs(data.milliseconds);
+        data.seconds       = mathAbs(data.seconds);
+        data.minutes       = mathAbs(data.minutes);
+        data.hours         = mathAbs(data.hours);
+        data.months        = mathAbs(data.months);
+        data.years         = mathAbs(data.years);
+
+        return this;
+    }
+
+    function duration_add_subtract__addSubtract (duration, input, value, direction) {
+        var other = create__createDuration(input, value);
+
+        duration._milliseconds += direction * other._milliseconds;
+        duration._days         += direction * other._days;
+        duration._months       += direction * other._months;
+
+        return duration._bubble();
+    }
+
+    // supports only 2.0-style add(1, 's') or add(duration)
+    function duration_add_subtract__add (input, value) {
+        return duration_add_subtract__addSubtract(this, input, value, 1);
+    }
+
+    // supports only 2.0-style subtract(1, 's') or subtract(duration)
+    function duration_add_subtract__subtract (input, value) {
+        return duration_add_subtract__addSubtract(this, input, value, -1);
+    }
+
+    function bubble () {
+        var milliseconds = this._milliseconds;
+        var days         = this._days;
+        var months       = this._months;
+        var data         = this._data;
+        var seconds, minutes, hours, years = 0;
+
+        // The following code bubbles up values, see the tests for
+        // examples of what that means.
+        data.milliseconds = milliseconds % 1000;
+
+        seconds           = absFloor(milliseconds / 1000);
+        data.seconds      = seconds % 60;
+
+        minutes           = absFloor(seconds / 60);
+        data.minutes      = minutes % 60;
+
+        hours             = absFloor(minutes / 60);
+        data.hours        = hours % 24;
+
+        days += absFloor(hours / 24);
+
+        // Accurately convert days to years, assume start from year 0.
+        years = absFloor(daysToYears(days));
+        days -= absFloor(yearsToDays(years));
+
+        // 30 days to a month
+        // TODO (iskren): Use anchor date (like 1st Jan) to compute this.
+        months += absFloor(days / 30);
+        days   %= 30;
+
+        // 12 months -> 1 year
+        years  += absFloor(months / 12);
+        months %= 12;
+
+        data.days   = days;
+        data.months = months;
+        data.years  = years;
+
+        return this;
+    }
+
+    function daysToYears (days) {
+        // 400 years have 146097 days (taking into account leap year rules)
+        return days * 400 / 146097;
+    }
+
+    function yearsToDays (years) {
+        // years * 365 + absFloor(years / 4) -
+        //     absFloor(years / 100) + absFloor(years / 400);
+        return years * 146097 / 400;
+    }
+
+    function as (units) {
+        var days;
+        var months;
+        var milliseconds = this._milliseconds;
+
+        units = normalizeUnits(units);
+
+        if (units === 'month' || units === 'year') {
+            days   = this._days   + milliseconds / 864e5;
+            months = this._months + daysToYears(days) * 12;
+            return units === 'month' ? months : months / 12;
+        } else {
+            // handle milliseconds separately because of floating point math errors (issue #1867)
+            days = this._days + Math.round(yearsToDays(this._months / 12));
+            switch (units) {
+                case 'week'   : return days / 7     + milliseconds / 6048e5;
+                case 'day'    : return days         + milliseconds / 864e5;
+                case 'hour'   : return days * 24    + milliseconds / 36e5;
+                case 'minute' : return days * 1440  + milliseconds / 6e4;
+                case 'second' : return days * 86400 + milliseconds / 1000;
+                // Math.floor prevents floating point math errors here
+                case 'millisecond': return Math.floor(days * 864e5) + milliseconds;
+                default: throw new Error('Unknown unit ' + units);
+            }
+        }
+    }
+
+    // TODO: Use this.as('ms')?
+    function duration_as__valueOf () {
+        return (
+            this._milliseconds +
+            this._days * 864e5 +
+            (this._months % 12) * 2592e6 +
+            toInt(this._months / 12) * 31536e6
+        );
+    }
+
+    function makeAs (alias) {
+        return function () {
+            return this.as(alias);
+        };
+    }
+
+    var asMilliseconds = makeAs('ms');
+    var asSeconds      = makeAs('s');
+    var asMinutes      = makeAs('m');
+    var asHours        = makeAs('h');
+    var asDays         = makeAs('d');
+    var asWeeks        = makeAs('w');
+    var asMonths       = makeAs('M');
+    var asYears        = makeAs('y');
+
+    function duration_get__get (units) {
+        units = normalizeUnits(units);
+        return this[units + 's']();
+    }
+
+    function makeGetter(name) {
+        return function () {
+            return this._data[name];
+        };
+    }
+
+    var duration_get__milliseconds = makeGetter('milliseconds');
+    var seconds      = makeGetter('seconds');
+    var minutes      = makeGetter('minutes');
+    var hours        = makeGetter('hours');
+    var days         = makeGetter('days');
+    var duration_get__months       = makeGetter('months');
+    var years        = makeGetter('years');
+
+    function weeks () {
+        return absFloor(this.days() / 7);
+    }
+
+    var round = Math.round;
+    var thresholds = {
+        s: 45,  // seconds to minute
+        m: 45,  // minutes to hour
+        h: 22,  // hours to day
+        d: 26,  // days to month
+        M: 11   // months to year
+    };
+
+    // helper function for moment.fn.from, moment.fn.fromNow, and moment.duration.fn.humanize
+    function substituteTimeAgo(string, number, withoutSuffix, isFuture, locale) {
+        return locale.relativeTime(number || 1, !!withoutSuffix, string, isFuture);
+    }
+
+    function duration_humanize__relativeTime (posNegDuration, withoutSuffix, locale) {
+        var duration = create__createDuration(posNegDuration).abs();
+        var seconds  = round(duration.as('s'));
+        var minutes  = round(duration.as('m'));
+        var hours    = round(duration.as('h'));
+        var days     = round(duration.as('d'));
+        var months   = round(duration.as('M'));
+        var years    = round(duration.as('y'));
+
+        var a = seconds < thresholds.s && ['s', seconds]  ||
+                minutes === 1          && ['m']           ||
+                minutes < thresholds.m && ['mm', minutes] ||
+                hours   === 1          && ['h']           ||
+                hours   < thresholds.h && ['hh', hours]   ||
+                days    === 1          && ['d']           ||
+                days    < thresholds.d && ['dd', days]    ||
+                months  === 1          && ['M']           ||
+                months  < thresholds.M && ['MM', months]  ||
+                years   === 1          && ['y']           || ['yy', years];
+
+        a[2] = withoutSuffix;
+        a[3] = +posNegDuration > 0;
+        a[4] = locale;
+        return substituteTimeAgo.apply(null, a);
+    }
+
+    // This function allows you to set a threshold for relative time strings
+    function duration_humanize__getSetRelativeTimeThreshold (threshold, limit) {
+        if (thresholds[threshold] === undefined) {
+            return false;
+        }
+        if (limit === undefined) {
+            return thresholds[threshold];
+        }
+        thresholds[threshold] = limit;
+        return true;
+    }
+
+    function humanize (withSuffix) {
+        var locale = this.localeData();
+        var output = duration_humanize__relativeTime(this, !withSuffix, locale);
+
+        if (withSuffix) {
+            output = locale.pastFuture(+this, output);
+        }
+
+        return locale.postformat(output);
+    }
+
+    var iso_string__abs = Math.abs;
+
+    function iso_string__toISOString() {
+        // inspired by https://github.com/dordille/moment-isoduration/blob/master/moment.isoduration.js
+        var Y = iso_string__abs(this.years());
+        var M = iso_string__abs(this.months());
+        var D = iso_string__abs(this.days());
+        var h = iso_string__abs(this.hours());
+        var m = iso_string__abs(this.minutes());
+        var s = iso_string__abs(this.seconds() + this.milliseconds() / 1000);
+        var total = this.asSeconds();
+
+        if (!total) {
+            // this is the same as C#'s (Noda) and python (isodate)...
+            // but not other JS (goog.date)
+            return 'P0D';
+        }
+
+        return (total < 0 ? '-' : '') +
+            'P' +
+            (Y ? Y + 'Y' : '') +
+            (M ? M + 'M' : '') +
+            (D ? D + 'D' : '') +
+            ((h || m || s) ? 'T' : '') +
+            (h ? h + 'H' : '') +
+            (m ? m + 'M' : '') +
+            (s ? s + 'S' : '');
+    }
+
+    var duration_prototype__proto = Duration.prototype;
+
+    duration_prototype__proto.abs            = duration_abs__abs;
+    duration_prototype__proto.add            = duration_add_subtract__add;
+    duration_prototype__proto.subtract       = duration_add_subtract__subtract;
+    duration_prototype__proto.as             = as;
+    duration_prototype__proto.asMilliseconds = asMilliseconds;
+    duration_prototype__proto.asSeconds      = asSeconds;
+    duration_prototype__proto.asMinutes      = asMinutes;
+    duration_prototype__proto.asHours        = asHours;
+    duration_prototype__proto.asDays         = asDays;
+    duration_prototype__proto.asWeeks        = asWeeks;
+    duration_prototype__proto.asMonths       = asMonths;
+    duration_prototype__proto.asYears        = asYears;
+    duration_prototype__proto.valueOf        = duration_as__valueOf;
+    duration_prototype__proto._bubble        = bubble;
+    duration_prototype__proto.get            = duration_get__get;
+    duration_prototype__proto.milliseconds   = duration_get__milliseconds;
+    duration_prototype__proto.seconds        = seconds;
+    duration_prototype__proto.minutes        = minutes;
+    duration_prototype__proto.hours          = hours;
+    duration_prototype__proto.days           = days;
+    duration_prototype__proto.weeks          = weeks;
+    duration_prototype__proto.months         = duration_get__months;
+    duration_prototype__proto.years          = years;
+    duration_prototype__proto.humanize       = humanize;
+    duration_prototype__proto.toISOString    = iso_string__toISOString;
+    duration_prototype__proto.toString       = iso_string__toISOString;
+    duration_prototype__proto.toJSON         = iso_string__toISOString;
+    duration_prototype__proto.locale         = locale;
+    duration_prototype__proto.localeData     = localeData;
+
+    // Deprecations
+    duration_prototype__proto.toIsoString = deprecate('toIsoString() is deprecated. Please use toISOString() instead (notice the capitals)', iso_string__toISOString);
+    duration_prototype__proto.lang = lang;
+
+    // Side effect imports
+
+    addFormatToken('X', 0, 0, 'unix');
+    addFormatToken('x', 0, 0, 'valueOf');
+
+    // PARSING
+
+    addRegexToken('x', matchSigned);
+    addRegexToken('X', matchTimestamp);
+    addParseToken('X', function (input, array, config) {
+        config._d = new Date(parseFloat(input, 10) * 1000);
+    });
+    addParseToken('x', function (input, array, config) {
+        config._d = new Date(toInt(input));
+    });
+
+    // Side effect imports
+
+    ;
+
+    //! moment.js
+    //! version : 2.10.3
+    //! authors : Tim Wood, Iskren Chernev, Moment.js contributors
+    //! license : MIT
+    //! momentjs.com
+
+    utils_hooks__hooks.version = '2.10.3';
+
+    setHookCallback(local__createLocal);
+
+    utils_hooks__hooks.fn                    = momentPrototype;
+    utils_hooks__hooks.min                   = min;
+    utils_hooks__hooks.max                   = max;
+    utils_hooks__hooks.utc                   = create_utc__createUTC;
+    utils_hooks__hooks.unix                  = moment_moment__createUnix;
+    utils_hooks__hooks.months                = lists__listMonths;
+    utils_hooks__hooks.isDate                = isDate;
+    utils_hooks__hooks.locale                = locale_locales__getSetGlobalLocale;
+    utils_hooks__hooks.invalid               = valid__createInvalid;
+    utils_hooks__hooks.duration              = create__createDuration;
+    utils_hooks__hooks.isMoment              = isMoment;
+    utils_hooks__hooks.weekdays              = lists__listWeekdays;
+    utils_hooks__hooks.parseZone             = moment_moment__createInZone;
+    utils_hooks__hooks.localeData            = locale_locales__getLocale;
+    utils_hooks__hooks.isDuration            = isDuration;
+    utils_hooks__hooks.monthsShort           = lists__listMonthsShort;
+    utils_hooks__hooks.weekdaysMin           = lists__listWeekdaysMin;
+    utils_hooks__hooks.defineLocale          = defineLocale;
+    utils_hooks__hooks.weekdaysShort         = lists__listWeekdaysShort;
+    utils_hooks__hooks.normalizeUnits        = normalizeUnits;
+    utils_hooks__hooks.relativeTimeThreshold = duration_humanize__getSetRelativeTimeThreshold;
+
+    var _moment__default = utils_hooks__hooks;
+
+    //! moment.js locale configuration
+    //! locale : afrikaans (af)
+    //! author : Werner Mollentze : https://github.com/wernerm
+
+    var af = _moment__default.defineLocale('af', {
+        months : 'Januarie_Februarie_Maart_April_Mei_Junie_Julie_Augustus_September_Oktober_November_Desember'.split('_'),
+        monthsShort : 'Jan_Feb_Mar_Apr_Mei_Jun_Jul_Aug_Sep_Okt_Nov_Des'.split('_'),
+        weekdays : 'Sondag_Maandag_Dinsdag_Woensdag_Donderdag_Vrydag_Saterdag'.split('_'),
+        weekdaysShort : 'Son_Maa_Din_Woe_Don_Vry_Sat'.split('_'),
+        weekdaysMin : 'So_Ma_Di_Wo_Do_Vr_Sa'.split('_'),
+        meridiemParse: /vm|nm/i,
+        isPM : function (input) {
+            return /^nm$/i.test(input);
+        },
+        meridiem : function (hours, minutes, isLower) {
+            if (hours < 12) {
+                return isLower ? 'vm' : 'VM';
+            } else {
+                return isLower ? 'nm' : 'NM';
+            }
+        },
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd, D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay : '[Vandag om] LT',
+            nextDay : '[Môre om] LT',
+            nextWeek : 'dddd [om] LT',
+            lastDay : '[Gister om] LT',
+            lastWeek : '[Laas] dddd [om] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'oor %s',
+            past : '%s gelede',
+            s : '\'n paar sekondes',
+            m : '\'n minuut',
+            mm : '%d minute',
+            h : '\'n uur',
+            hh : '%d ure',
+            d : '\'n dag',
+            dd : '%d dae',
+            M : '\'n maand',
+            MM : '%d maande',
+            y : '\'n jaar',
+            yy : '%d jaar'
+        },
+        ordinalParse: /\d{1,2}(ste|de)/,
+        ordinal : function (number) {
+            return number + ((number === 1 || number === 8 || number >= 20) ? 'ste' : 'de'); // Thanks to Joris Röling : https://github.com/jjupiter
+        },
+        week : {
+            dow : 1, // Maandag is die eerste dag van die week.
+            doy : 4  // Die week wat die 4de Januarie bevat is die eerste week van die jaar.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Moroccan Arabic (ar-ma)
+    //! author : ElFadili Yassine : https://github.com/ElFadiliY
+    //! author : Abdel Said : https://github.com/abdelsaid
+
+    var ar_ma = _moment__default.defineLocale('ar-ma', {
+        months : 'يناير_فبراير_مارس_أبريل_ماي_يونيو_يوليوز_غشت_شتنبر_أكتوبر_نونبر_دجنبر'.split('_'),
+        monthsShort : 'يناير_فبراير_مارس_أبريل_ماي_يونيو_يوليوز_غشت_شتنبر_أكتوبر_نونبر_دجنبر'.split('_'),
+        weekdays : 'الأحد_الإتنين_الثلاثاء_الأربعاء_الخميس_الجمعة_السبت'.split('_'),
+        weekdaysShort : 'احد_اتنين_ثلاثاء_اربعاء_خميس_جمعة_سبت'.split('_'),
+        weekdaysMin : 'ح_ن_ث_ر_خ_ج_س'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[اليوم على الساعة] LT',
+            nextDay: '[غدا على الساعة] LT',
+            nextWeek: 'dddd [على الساعة] LT',
+            lastDay: '[أمس على الساعة] LT',
+            lastWeek: 'dddd [على الساعة] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'في %s',
+            past : 'منذ %s',
+            s : 'ثوان',
+            m : 'دقيقة',
+            mm : '%d دقائق',
+            h : 'ساعة',
+            hh : '%d ساعات',
+            d : 'يوم',
+            dd : '%d أيام',
+            M : 'شهر',
+            MM : '%d أشهر',
+            y : 'سنة',
+            yy : '%d سنوات'
+        },
+        week : {
+            dow : 6, // Saturday is the first day of the week.
+            doy : 12  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Arabic Saudi Arabia (ar-sa)
+    //! author : Suhail Alkowaileet : https://github.com/xsoh
+
+    var ar_sa__symbolMap = {
+        '1': '١',
+        '2': '٢',
+        '3': '٣',
+        '4': '٤',
+        '5': '٥',
+        '6': '٦',
+        '7': '٧',
+        '8': '٨',
+        '9': '٩',
+        '0': '٠'
+    }, ar_sa__numberMap = {
+        '١': '1',
+        '٢': '2',
+        '٣': '3',
+        '٤': '4',
+        '٥': '5',
+        '٦': '6',
+        '٧': '7',
+        '٨': '8',
+        '٩': '9',
+        '٠': '0'
+    };
+
+    var ar_sa = _moment__default.defineLocale('ar-sa', {
+        months : 'يناير_فبراير_مارس_أبريل_مايو_يونيو_يوليو_أغسطس_سبتمبر_أكتوبر_نوفمبر_ديسمبر'.split('_'),
+        monthsShort : 'يناير_فبراير_مارس_أبريل_مايو_يونيو_يوليو_أغسطس_سبتمبر_أكتوبر_نوفمبر_ديسمبر'.split('_'),
+        weekdays : 'الأحد_الإثنين_الثلاثاء_الأربعاء_الخميس_الجمعة_السبت'.split('_'),
+        weekdaysShort : 'أحد_إثنين_ثلاثاء_أربعاء_خميس_جمعة_سبت'.split('_'),
+        weekdaysMin : 'ح_ن_ث_ر_خ_ج_س'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'HH:mm:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D MMMM YYYY LT'
+        },
+        meridiemParse: /ص|م/,
+        isPM : function (input) {
+            return 'م' === input;
+        },
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 12) {
+                return 'ص';
+            } else {
+                return 'م';
+            }
+        },
+        calendar : {
+            sameDay: '[اليوم على الساعة] LT',
+            nextDay: '[غدا على الساعة] LT',
+            nextWeek: 'dddd [على الساعة] LT',
+            lastDay: '[أمس على الساعة] LT',
+            lastWeek: 'dddd [على الساعة] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'في %s',
+            past : 'منذ %s',
+            s : 'ثوان',
+            m : 'دقيقة',
+            mm : '%d دقائق',
+            h : 'ساعة',
+            hh : '%d ساعات',
+            d : 'يوم',
+            dd : '%d أيام',
+            M : 'شهر',
+            MM : '%d أشهر',
+            y : 'سنة',
+            yy : '%d سنوات'
+        },
+        preparse: function (string) {
+            return string.replace(/[١٢٣٤٥٦٧٨٩٠]/g, function (match) {
+                return ar_sa__numberMap[match];
+            }).replace(/،/g, ',');
+        },
+        postformat: function (string) {
+            return string.replace(/\d/g, function (match) {
+                return ar_sa__symbolMap[match];
+            }).replace(/,/g, '،');
+        },
+        week : {
+            dow : 6, // Saturday is the first day of the week.
+            doy : 12  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale  : Tunisian Arabic (ar-tn)
+
+    var ar_tn = _moment__default.defineLocale('ar-tn', {
+        months: 'جانفي_فيفري_مارس_أفريل_ماي_جوان_جويلية_أوت_سبتمبر_أكتوبر_نوفمبر_ديسمبر'.split('_'),
+        monthsShort: 'جانفي_فيفري_مارس_أفريل_ماي_جوان_جويلية_أوت_سبتمبر_أكتوبر_نوفمبر_ديسمبر'.split('_'),
+        weekdays: 'الأحد_الإثنين_الثلاثاء_الأربعاء_الخميس_الجمعة_السبت'.split('_'),
+        weekdaysShort: 'أحد_إثنين_ثلاثاء_أربعاء_خميس_جمعة_سبت'.split('_'),
+        weekdaysMin: 'ح_ن_ث_ر_خ_ج_س'.split('_'),
+        longDateFormat: {
+            LT: 'HH:mm',
+            LTS: 'LT:ss',
+            L: 'DD/MM/YYYY',
+            LL: 'D MMMM YYYY',
+            LLL: 'D MMMM YYYY LT',
+            LLLL: 'dddd D MMMM YYYY LT'
+        },
+        calendar: {
+            sameDay: '[اليوم على الساعة] LT',
+            nextDay: '[غدا على الساعة] LT',
+            nextWeek: 'dddd [على الساعة] LT',
+            lastDay: '[أمس على الساعة] LT',
+            lastWeek: 'dddd [على الساعة] LT',
+            sameElse: 'L'
+        },
+        relativeTime: {
+            future: 'في %s',
+            past: 'منذ %s',
+            s: 'ثوان',
+            m: 'دقيقة',
+            mm: '%d دقائق',
+            h: 'ساعة',
+            hh: '%d ساعات',
+            d: 'يوم',
+            dd: '%d أيام',
+            M: 'شهر',
+            MM: '%d أشهر',
+            y: 'سنة',
+            yy: '%d سنوات'
+        },
+        week: {
+            dow: 1, // Monday is the first day of the week.
+            doy: 4 // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! Locale: Arabic (ar)
+    //! Author: Abdel Said: https://github.com/abdelsaid
+    //! Changes in months, weekdays: Ahmed Elkhatib
+    //! Native plural forms: forabi https://github.com/forabi
+
+    var ar__symbolMap = {
+        '1': '١',
+        '2': '٢',
+        '3': '٣',
+        '4': '٤',
+        '5': '٥',
+        '6': '٦',
+        '7': '٧',
+        '8': '٨',
+        '9': '٩',
+        '0': '٠'
+    }, ar__numberMap = {
+        '١': '1',
+        '٢': '2',
+        '٣': '3',
+        '٤': '4',
+        '٥': '5',
+        '٦': '6',
+        '٧': '7',
+        '٨': '8',
+        '٩': '9',
+        '٠': '0'
+    }, pluralForm = function (n) {
+        return n === 0 ? 0 : n === 1 ? 1 : n === 2 ? 2 : n % 100 >= 3 && n % 100 <= 10 ? 3 : n % 100 >= 11 ? 4 : 5;
+    }, plurals = {
+        s : ['أقل من ثانية', 'ثانية واحدة', ['ثانيتان', 'ثانيتين'], '%d ثوان', '%d ثانية', '%d ثانية'],
+        m : ['أقل من دقيقة', 'دقيقة واحدة', ['دقيقتان', 'دقيقتين'], '%d دقائق', '%d دقيقة', '%d دقيقة'],
+        h : ['أقل من ساعة', 'ساعة واحدة', ['ساعتان', 'ساعتين'], '%d ساعات', '%d ساعة', '%d ساعة'],
+        d : ['أقل من يوم', 'يوم واحد', ['يومان', 'يومين'], '%d أيام', '%d يومًا', '%d يوم'],
+        M : ['أقل من شهر', 'شهر واحد', ['شهران', 'شهرين'], '%d أشهر', '%d شهرا', '%d شهر'],
+        y : ['أقل من عام', 'عام واحد', ['عامان', 'عامين'], '%d أعوام', '%d عامًا', '%d عام']
+    }, pluralize = function (u) {
+        return function (number, withoutSuffix, string, isFuture) {
+            var f = pluralForm(number),
+                str = plurals[u][pluralForm(number)];
+            if (f === 2) {
+                str = str[withoutSuffix ? 0 : 1];
+            }
+            return str.replace(/%d/i, number);
+        };
+    }, ar__months = [
+        'كانون الثاني يناير',
+        'شباط فبراير',
+        'آذار مارس',
+        'نيسان أبريل',
+        'أيار مايو',
+        'حزيران يونيو',
+        'تموز يوليو',
+        'آب أغسطس',
+        'أيلول سبتمبر',
+        'تشرين الأول أكتوبر',
+        'تشرين الثاني نوفمبر',
+        'كانون الأول ديسمبر'
+    ];
+
+    var ar = _moment__default.defineLocale('ar', {
+        months : ar__months,
+        monthsShort : ar__months,
+        weekdays : 'الأحد_الإثنين_الثلاثاء_الأربعاء_الخميس_الجمعة_السبت'.split('_'),
+        weekdaysShort : 'أحد_إثنين_ثلاثاء_أربعاء_خميس_جمعة_سبت'.split('_'),
+        weekdaysMin : 'ح_ن_ث_ر_خ_ج_س'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'HH:mm:ss',
+            L : 'D/\u200FM/\u200FYYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D MMMM YYYY LT'
+        },
+        meridiemParse: /ص|م/,
+        isPM : function (input) {
+            return 'م' === input;
+        },
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 12) {
+                return 'ص';
+            } else {
+                return 'م';
+            }
+        },
+        calendar : {
+            sameDay: '[اليوم عند الساعة] LT',
+            nextDay: '[غدًا عند الساعة] LT',
+            nextWeek: 'dddd [عند الساعة] LT',
+            lastDay: '[أمس عند الساعة] LT',
+            lastWeek: 'dddd [عند الساعة] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'بعد %s',
+            past : 'منذ %s',
+            s : pluralize('s'),
+            m : pluralize('m'),
+            mm : pluralize('m'),
+            h : pluralize('h'),
+            hh : pluralize('h'),
+            d : pluralize('d'),
+            dd : pluralize('d'),
+            M : pluralize('M'),
+            MM : pluralize('M'),
+            y : pluralize('y'),
+            yy : pluralize('y')
+        },
+        preparse: function (string) {
+            return string.replace(/\u200f/g, '').replace(/[١٢٣٤٥٦٧٨٩٠]/g, function (match) {
+                return ar__numberMap[match];
+            }).replace(/،/g, ',');
+        },
+        postformat: function (string) {
+            return string.replace(/\d/g, function (match) {
+                return ar__symbolMap[match];
+            }).replace(/,/g, '،');
+        },
+        week : {
+            dow : 6, // Saturday is the first day of the week.
+            doy : 12  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : azerbaijani (az)
+    //! author : topchiyev : https://github.com/topchiyev
+
+    var az__suffixes = {
+        1: '-inci',
+        5: '-inci',
+        8: '-inci',
+        70: '-inci',
+        80: '-inci',
+        2: '-nci',
+        7: '-nci',
+        20: '-nci',
+        50: '-nci',
+        3: '-üncü',
+        4: '-üncü',
+        100: '-üncü',
+        6: '-ncı',
+        9: '-uncu',
+        10: '-uncu',
+        30: '-uncu',
+        60: '-ıncı',
+        90: '-ıncı'
+    };
+
+    var az = _moment__default.defineLocale('az', {
+        months : 'yanvar_fevral_mart_aprel_may_iyun_iyul_avqust_sentyabr_oktyabr_noyabr_dekabr'.split('_'),
+        monthsShort : 'yan_fev_mar_apr_may_iyn_iyl_avq_sen_okt_noy_dek'.split('_'),
+        weekdays : 'Bazar_Bazar ertəsi_Çərşənbə axşamı_Çərşənbə_Cümə axşamı_Cümə_Şənbə'.split('_'),
+        weekdaysShort : 'Baz_BzE_ÇAx_Çər_CAx_Cüm_Şən'.split('_'),
+        weekdaysMin : 'Bz_BE_ÇA_Çə_CA_Cü_Şə'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd, D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay : '[bugün saat] LT',
+            nextDay : '[sabah saat] LT',
+            nextWeek : '[gələn həftə] dddd [saat] LT',
+            lastDay : '[dünən] LT',
+            lastWeek : '[keçən həftə] dddd [saat] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s sonra',
+            past : '%s əvvəl',
+            s : 'birneçə saniyyə',
+            m : 'bir dəqiqə',
+            mm : '%d dəqiqə',
+            h : 'bir saat',
+            hh : '%d saat',
+            d : 'bir gün',
+            dd : '%d gün',
+            M : 'bir ay',
+            MM : '%d ay',
+            y : 'bir il',
+            yy : '%d il'
+        },
+        meridiemParse: /gecə|səhər|gündüz|axşam/,
+        isPM : function (input) {
+            return /^(gündüz|axşam)$/.test(input);
+        },
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 4) {
+                return 'gecə';
+            } else if (hour < 12) {
+                return 'səhər';
+            } else if (hour < 17) {
+                return 'gündüz';
+            } else {
+                return 'axşam';
+            }
+        },
+        ordinalParse: /\d{1,2}-(ıncı|inci|nci|üncü|ncı|uncu)/,
+        ordinal : function (number) {
+            if (number === 0) {  // special case for zero
+                return number + '-ıncı';
+            }
+            var a = number % 10,
+                b = number % 100 - a,
+                c = number >= 100 ? 100 : null;
+            return number + (az__suffixes[a] || az__suffixes[b] || az__suffixes[c]);
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : belarusian (be)
+    //! author : Dmitry Demidov : https://github.com/demidov91
+    //! author: Praleska: http://praleska.pro/
+    //! Author : Menelion Elensúle : https://github.com/Oire
+
+    function be__plural(word, num) {
+        var forms = word.split('_');
+        return num % 10 === 1 && num % 100 !== 11 ? forms[0] : (num % 10 >= 2 && num % 10 <= 4 && (num % 100 < 10 || num % 100 >= 20) ? forms[1] : forms[2]);
+    }
+    function be__relativeTimeWithPlural(number, withoutSuffix, key) {
+        var format = {
+            'mm': withoutSuffix ? 'хвіліна_хвіліны_хвілін' : 'хвіліну_хвіліны_хвілін',
+            'hh': withoutSuffix ? 'гадзіна_гадзіны_гадзін' : 'гадзіну_гадзіны_гадзін',
+            'dd': 'дзень_дні_дзён',
+            'MM': 'месяц_месяцы_месяцаў',
+            'yy': 'год_гады_гадоў'
+        };
+        if (key === 'm') {
+            return withoutSuffix ? 'хвіліна' : 'хвіліну';
+        }
+        else if (key === 'h') {
+            return withoutSuffix ? 'гадзіна' : 'гадзіну';
+        }
+        else {
+            return number + ' ' + be__plural(format[key], +number);
+        }
+    }
+    function be__monthsCaseReplace(m, format) {
+        var months = {
+            'nominative': 'студзень_люты_сакавік_красавік_травень_чэрвень_ліпень_жнівень_верасень_кастрычнік_лістапад_снежань'.split('_'),
+            'accusative': 'студзеня_лютага_сакавіка_красавіка_траўня_чэрвеня_ліпеня_жніўня_верасня_кастрычніка_лістапада_снежня'.split('_')
+        },
+        nounCase = (/D[oD]?(\[[^\[\]]*\]|\s+)+MMMM?/).test(format) ?
+            'accusative' :
+            'nominative';
+        return months[nounCase][m.month()];
+    }
+    function be__weekdaysCaseReplace(m, format) {
+        var weekdays = {
+            'nominative': 'нядзеля_панядзелак_аўторак_серада_чацвер_пятніца_субота'.split('_'),
+            'accusative': 'нядзелю_панядзелак_аўторак_сераду_чацвер_пятніцу_суботу'.split('_')
+        },
+        nounCase = (/\[ ?[Вв] ?(?:мінулую|наступную)? ?\] ?dddd/).test(format) ?
+            'accusative' :
+            'nominative';
+        return weekdays[nounCase][m.day()];
+    }
+
+    var be = _moment__default.defineLocale('be', {
+        months : be__monthsCaseReplace,
+        monthsShort : 'студ_лют_сак_крас_трав_чэрв_ліп_жнів_вер_каст_ліст_снеж'.split('_'),
+        weekdays : be__weekdaysCaseReplace,
+        weekdaysShort : 'нд_пн_ат_ср_чц_пт_сб'.split('_'),
+        weekdaysMin : 'нд_пн_ат_ср_чц_пт_сб'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D MMMM YYYY г.',
+            LLL : 'D MMMM YYYY г., LT',
+            LLLL : 'dddd, D MMMM YYYY г., LT'
+        },
+        calendar : {
+            sameDay: '[Сёння ў] LT',
+            nextDay: '[Заўтра ў] LT',
+            lastDay: '[Учора ў] LT',
+            nextWeek: function () {
+                return '[У] dddd [ў] LT';
+            },
+            lastWeek: function () {
+                switch (this.day()) {
+                case 0:
+                case 3:
+                case 5:
+                case 6:
+                    return '[У мінулую] dddd [ў] LT';
+                case 1:
+                case 2:
+                case 4:
+                    return '[У мінулы] dddd [ў] LT';
+                }
+            },
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'праз %s',
+            past : '%s таму',
+            s : 'некалькі секунд',
+            m : be__relativeTimeWithPlural,
+            mm : be__relativeTimeWithPlural,
+            h : be__relativeTimeWithPlural,
+            hh : be__relativeTimeWithPlural,
+            d : 'дзень',
+            dd : be__relativeTimeWithPlural,
+            M : 'месяц',
+            MM : be__relativeTimeWithPlural,
+            y : 'год',
+            yy : be__relativeTimeWithPlural
+        },
+        meridiemParse: /ночы|раніцы|дня|вечара/,
+        isPM : function (input) {
+            return /^(дня|вечара)$/.test(input);
+        },
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 4) {
+                return 'ночы';
+            } else if (hour < 12) {
+                return 'раніцы';
+            } else if (hour < 17) {
+                return 'дня';
+            } else {
+                return 'вечара';
+            }
+        },
+        ordinalParse: /\d{1,2}-(і|ы|га)/,
+        ordinal: function (number, period) {
+            switch (period) {
+            case 'M':
+            case 'd':
+            case 'DDD':
+            case 'w':
+            case 'W':
+                return (number % 10 === 2 || number % 10 === 3) && (number % 100 !== 12 && number % 100 !== 13) ? number + '-і' : number + '-ы';
+            case 'D':
+                return number + '-га';
+            default:
+                return number;
+            }
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : bulgarian (bg)
+    //! author : Krasen Borisov : https://github.com/kraz
+
+    var bg = _moment__default.defineLocale('bg', {
+        months : 'януари_февруари_март_април_май_юни_юли_август_септември_октомври_ноември_декември'.split('_'),
+        monthsShort : 'янр_фев_мар_апр_май_юни_юли_авг_сеп_окт_ное_дек'.split('_'),
+        weekdays : 'неделя_понеделник_вторник_сряда_четвъртък_петък_събота'.split('_'),
+        weekdaysShort : 'нед_пон_вто_сря_чет_пет_съб'.split('_'),
+        weekdaysMin : 'нд_пн_вт_ср_чт_пт_сб'.split('_'),
+        longDateFormat : {
+            LT : 'H:mm',
+            LTS : 'LT:ss',
+            L : 'D.MM.YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd, D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay : '[Днес в] LT',
+            nextDay : '[Утре в] LT',
+            nextWeek : 'dddd [в] LT',
+            lastDay : '[Вчера в] LT',
+            lastWeek : function () {
+                switch (this.day()) {
+                case 0:
+                case 3:
+                case 6:
+                    return '[В изминалата] dddd [в] LT';
+                case 1:
+                case 2:
+                case 4:
+                case 5:
+                    return '[В изминалия] dddd [в] LT';
+                }
+            },
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'след %s',
+            past : 'преди %s',
+            s : 'няколко секунди',
+            m : 'минута',
+            mm : '%d минути',
+            h : 'час',
+            hh : '%d часа',
+            d : 'ден',
+            dd : '%d дни',
+            M : 'месец',
+            MM : '%d месеца',
+            y : 'година',
+            yy : '%d години'
+        },
+        ordinalParse: /\d{1,2}-(ев|ен|ти|ви|ри|ми)/,
+        ordinal : function (number) {
+            var lastDigit = number % 10,
+                last2Digits = number % 100;
+            if (number === 0) {
+                return number + '-ев';
+            } else if (last2Digits === 0) {
+                return number + '-ен';
+            } else if (last2Digits > 10 && last2Digits < 20) {
+                return number + '-ти';
+            } else if (lastDigit === 1) {
+                return number + '-ви';
+            } else if (lastDigit === 2) {
+                return number + '-ри';
+            } else if (lastDigit === 7 || lastDigit === 8) {
+                return number + '-ми';
+            } else {
+                return number + '-ти';
+            }
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Bengali (bn)
+    //! author : Kaushik Gandhi : https://github.com/kaushikgandhi
+
+    var bn__symbolMap = {
+        '1': '১',
+        '2': '২',
+        '3': '৩',
+        '4': '৪',
+        '5': '৫',
+        '6': '৬',
+        '7': '৭',
+        '8': '৮',
+        '9': '৯',
+        '0': '০'
+    },
+    bn__numberMap = {
+        '১': '1',
+        '২': '2',
+        '৩': '3',
+        '৪': '4',
+        '৫': '5',
+        '৬': '6',
+        '৭': '7',
+        '৮': '8',
+        '৯': '9',
+        '০': '0'
+    };
+
+    var bn = _moment__default.defineLocale('bn', {
+        months : 'জানুয়ারী_ফেবুয়ারী_মার্চ_এপ্রিল_মে_জুন_জুলাই_অগাস্ট_সেপ্টেম্বর_অক্টোবর_নভেম্বর_ডিসেম্বর'.split('_'),
+        monthsShort : 'জানু_ফেব_মার্চ_এপর_মে_জুন_জুল_অগ_সেপ্ট_অক্টো_নভ_ডিসেম্'.split('_'),
+        weekdays : 'রবিবার_সোমবার_মঙ্গলবার_বুধবার_বৃহস্পত্তিবার_শুক্রুবার_শনিবার'.split('_'),
+        weekdaysShort : 'রবি_সোম_মঙ্গল_বুধ_বৃহস্পত্তি_শুক্রু_শনি'.split('_'),
+        weekdaysMin : 'রব_সম_মঙ্গ_বু_ব্রিহ_শু_শনি'.split('_'),
+        longDateFormat : {
+            LT : 'A h:mm সময়',
+            LTS : 'A h:mm:ss সময়',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY, LT',
+            LLLL : 'dddd, D MMMM YYYY, LT'
+        },
+        calendar : {
+            sameDay : '[আজ] LT',
+            nextDay : '[আগামীকাল] LT',
+            nextWeek : 'dddd, LT',
+            lastDay : '[গতকাল] LT',
+            lastWeek : '[গত] dddd, LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s পরে',
+            past : '%s আগে',
+            s : 'কএক সেকেন্ড',
+            m : 'এক মিনিট',
+            mm : '%d মিনিট',
+            h : 'এক ঘন্টা',
+            hh : '%d ঘন্টা',
+            d : 'এক দিন',
+            dd : '%d দিন',
+            M : 'এক মাস',
+            MM : '%d মাস',
+            y : 'এক বছর',
+            yy : '%d বছর'
+        },
+        preparse: function (string) {
+            return string.replace(/[১২৩৪৫৬৭৮৯০]/g, function (match) {
+                return bn__numberMap[match];
+            });
+        },
+        postformat: function (string) {
+            return string.replace(/\d/g, function (match) {
+                return bn__symbolMap[match];
+            });
+        },
+        meridiemParse: /রাত|শকাল|দুপুর|বিকেল|রাত/,
+        isPM: function (input) {
+            return /^(দুপুর|বিকেল|রাত)$/.test(input);
+        },
+        //Bengali is a vast language its spoken
+        //in different forms in various parts of the world.
+        //I have just generalized with most common one used
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 4) {
+                return 'রাত';
+            } else if (hour < 10) {
+                return 'শকাল';
+            } else if (hour < 17) {
+                return 'দুপুর';
+            } else if (hour < 20) {
+                return 'বিকেল';
+            } else {
+                return 'রাত';
+            }
+        },
+        week : {
+            dow : 0, // Sunday is the first day of the week.
+            doy : 6  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : tibetan (bo)
+    //! author : Thupten N. Chakrishar : https://github.com/vajradog
+
+    var bo__symbolMap = {
+        '1': '༡',
+        '2': '༢',
+        '3': '༣',
+        '4': '༤',
+        '5': '༥',
+        '6': '༦',
+        '7': '༧',
+        '8': '༨',
+        '9': '༩',
+        '0': '༠'
+    },
+    bo__numberMap = {
+        '༡': '1',
+        '༢': '2',
+        '༣': '3',
+        '༤': '4',
+        '༥': '5',
+        '༦': '6',
+        '༧': '7',
+        '༨': '8',
+        '༩': '9',
+        '༠': '0'
+    };
+
+    var bo = _moment__default.defineLocale('bo', {
+        months : 'ཟླ་བ་དང་པོ_ཟླ་བ་གཉིས་པ_ཟླ་བ་གསུམ་པ_ཟླ་བ་བཞི་པ_ཟླ་བ་ལྔ་པ_ཟླ་བ་དྲུག་པ_ཟླ་བ་བདུན་པ_ཟླ་བ་བརྒྱད་པ_ཟླ་བ་དགུ་པ_ཟླ་བ་བཅུ་པ_ཟླ་བ་བཅུ་གཅིག་པ_ཟླ་བ་བཅུ་གཉིས་པ'.split('_'),
+        monthsShort : 'ཟླ་བ་དང་པོ_ཟླ་བ་གཉིས་པ_ཟླ་བ་གསུམ་པ_ཟླ་བ་བཞི་པ_ཟླ་བ་ལྔ་པ_ཟླ་བ་དྲུག་པ_ཟླ་བ་བདུན་པ_ཟླ་བ་བརྒྱད་པ_ཟླ་བ་དགུ་པ_ཟླ་བ་བཅུ་པ_ཟླ་བ་བཅུ་གཅིག་པ_ཟླ་བ་བཅུ་གཉིས་པ'.split('_'),
+        weekdays : 'གཟའ་ཉི་མ་_གཟའ་ཟླ་བ་_གཟའ་མིག་དམར་_གཟའ་ལྷག་པ་_གཟའ་ཕུར་བུ_གཟའ་པ་སངས་_གཟའ་སྤེན་པ་'.split('_'),
+        weekdaysShort : 'ཉི་མ་_ཟླ་བ་_མིག་དམར་_ལྷག་པ་_ཕུར་བུ_པ་སངས་_སྤེན་པ་'.split('_'),
+        weekdaysMin : 'ཉི་མ་_ཟླ་བ་_མིག་དམར་_ལྷག་པ་_ཕུར་བུ_པ་སངས་_སྤེན་པ་'.split('_'),
+        longDateFormat : {
+            LT : 'A h:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY, LT',
+            LLLL : 'dddd, D MMMM YYYY, LT'
+        },
+        calendar : {
+            sameDay : '[དི་རིང] LT',
+            nextDay : '[སང་ཉིན] LT',
+            nextWeek : '[བདུན་ཕྲག་རྗེས་མ], LT',
+            lastDay : '[ཁ་སང] LT',
+            lastWeek : '[བདུན་ཕྲག་མཐའ་མ] dddd, LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s ལ་',
+            past : '%s སྔན་ལ',
+            s : 'ལམ་སང',
+            m : 'སྐར་མ་གཅིག',
+            mm : '%d སྐར་མ',
+            h : 'ཆུ་ཚོད་གཅིག',
+            hh : '%d ཆུ་ཚོད',
+            d : 'ཉིན་གཅིག',
+            dd : '%d ཉིན་',
+            M : 'ཟླ་བ་གཅིག',
+            MM : '%d ཟླ་བ',
+            y : 'ལོ་གཅིག',
+            yy : '%d ལོ'
+        },
+        preparse: function (string) {
+            return string.replace(/[༡༢༣༤༥༦༧༨༩༠]/g, function (match) {
+                return bo__numberMap[match];
+            });
+        },
+        postformat: function (string) {
+            return string.replace(/\d/g, function (match) {
+                return bo__symbolMap[match];
+            });
+        },
+        meridiemParse: /མཚན་མོ|ཞོགས་ཀས|ཉིན་གུང|དགོང་དག|མཚན་མོ/,
+        isPM: function (input) {
+            return /^(ཉིན་གུང|དགོང་དག|མཚན་མོ)$/.test(input);
+        },
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 4) {
+                return 'མཚན་མོ';
+            } else if (hour < 10) {
+                return 'ཞོགས་ཀས';
+            } else if (hour < 17) {
+                return 'ཉིན་གུང';
+            } else if (hour < 20) {
+                return 'དགོང་དག';
+            } else {
+                return 'མཚན་མོ';
+            }
+        },
+        week : {
+            dow : 0, // Sunday is the first day of the week.
+            doy : 6  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : breton (br)
+    //! author : Jean-Baptiste Le Duigou : https://github.com/jbleduigou
+
+    function relativeTimeWithMutation(number, withoutSuffix, key) {
+        var format = {
+            'mm': 'munutenn',
+            'MM': 'miz',
+            'dd': 'devezh'
+        };
+        return number + ' ' + mutation(format[key], number);
+    }
+    function specialMutationForYears(number) {
+        switch (lastNumber(number)) {
+        case 1:
+        case 3:
+        case 4:
+        case 5:
+        case 9:
+            return number + ' bloaz';
+        default:
+            return number + ' vloaz';
+        }
+    }
+    function lastNumber(number) {
+        if (number > 9) {
+            return lastNumber(number % 10);
+        }
+        return number;
+    }
+    function mutation(text, number) {
+        if (number === 2) {
+            return softMutation(text);
+        }
+        return text;
+    }
+    function softMutation(text) {
+        var mutationTable = {
+            'm': 'v',
+            'b': 'v',
+            'd': 'z'
+        };
+        if (mutationTable[text.charAt(0)] === undefined) {
+            return text;
+        }
+        return mutationTable[text.charAt(0)] + text.substring(1);
+    }
+
+    var br = _moment__default.defineLocale('br', {
+        months : 'Genver_C\'hwevrer_Meurzh_Ebrel_Mae_Mezheven_Gouere_Eost_Gwengolo_Here_Du_Kerzu'.split('_'),
+        monthsShort : 'Gen_C\'hwe_Meu_Ebr_Mae_Eve_Gou_Eos_Gwe_Her_Du_Ker'.split('_'),
+        weekdays : 'Sul_Lun_Meurzh_Merc\'her_Yaou_Gwener_Sadorn'.split('_'),
+        weekdaysShort : 'Sul_Lun_Meu_Mer_Yao_Gwe_Sad'.split('_'),
+        weekdaysMin : 'Su_Lu_Me_Mer_Ya_Gw_Sa'.split('_'),
+        longDateFormat : {
+            LT : 'h[e]mm A',
+            LTS : 'h[e]mm:ss A',
+            L : 'DD/MM/YYYY',
+            LL : 'D [a viz] MMMM YYYY',
+            LLL : 'D [a viz] MMMM YYYY LT',
+            LLLL : 'dddd, D [a viz] MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay : '[Hiziv da] LT',
+            nextDay : '[Warc\'hoazh da] LT',
+            nextWeek : 'dddd [da] LT',
+            lastDay : '[Dec\'h da] LT',
+            lastWeek : 'dddd [paset da] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'a-benn %s',
+            past : '%s \'zo',
+            s : 'un nebeud segondennoù',
+            m : 'ur vunutenn',
+            mm : relativeTimeWithMutation,
+            h : 'un eur',
+            hh : '%d eur',
+            d : 'un devezh',
+            dd : relativeTimeWithMutation,
+            M : 'ur miz',
+            MM : relativeTimeWithMutation,
+            y : 'ur bloaz',
+            yy : specialMutationForYears
+        },
+        ordinalParse: /\d{1,2}(añ|vet)/,
+        ordinal : function (number) {
+            var output = (number === 1) ? 'añ' : 'vet';
+            return number + output;
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : bosnian (bs)
+    //! author : Nedim Cholich : https://github.com/frontyard
+    //! based on (hr) translation by Bojan Marković
+
+    function bs__translate(number, withoutSuffix, key) {
+        var result = number + ' ';
+        switch (key) {
+        case 'm':
+            return withoutSuffix ? 'jedna minuta' : 'jedne minute';
+        case 'mm':
+            if (number === 1) {
+                result += 'minuta';
+            } else if (number === 2 || number === 3 || number === 4) {
+                result += 'minute';
+            } else {
+                result += 'minuta';
+            }
+            return result;
+        case 'h':
+            return withoutSuffix ? 'jedan sat' : 'jednog sata';
+        case 'hh':
+            if (number === 1) {
+                result += 'sat';
+            } else if (number === 2 || number === 3 || number === 4) {
+                result += 'sata';
+            } else {
+                result += 'sati';
+            }
+            return result;
+        case 'dd':
+            if (number === 1) {
+                result += 'dan';
+            } else {
+                result += 'dana';
+            }
+            return result;
+        case 'MM':
+            if (number === 1) {
+                result += 'mjesec';
+            } else if (number === 2 || number === 3 || number === 4) {
+                result += 'mjeseca';
+            } else {
+                result += 'mjeseci';
+            }
+            return result;
+        case 'yy':
+            if (number === 1) {
+                result += 'godina';
+            } else if (number === 2 || number === 3 || number === 4) {
+                result += 'godine';
+            } else {
+                result += 'godina';
+            }
+            return result;
+        }
+    }
+
+    var bs = _moment__default.defineLocale('bs', {
+        months : 'januar_februar_mart_april_maj_juni_juli_august_septembar_oktobar_novembar_decembar'.split('_'),
+        monthsShort : 'jan._feb._mar._apr._maj._jun._jul._aug._sep._okt._nov._dec.'.split('_'),
+        weekdays : 'nedjelja_ponedjeljak_utorak_srijeda_četvrtak_petak_subota'.split('_'),
+        weekdaysShort : 'ned._pon._uto._sri._čet._pet._sub.'.split('_'),
+        weekdaysMin : 'ne_po_ut_sr_če_pe_su'.split('_'),
+        longDateFormat : {
+            LT : 'H:mm',
+            LTS : 'LT:ss',
+            L : 'DD. MM. YYYY',
+            LL : 'D. MMMM YYYY',
+            LLL : 'D. MMMM YYYY LT',
+            LLLL : 'dddd, D. MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay  : '[danas u] LT',
+            nextDay  : '[sutra u] LT',
+            nextWeek : function () {
+                switch (this.day()) {
+                case 0:
+                    return '[u] [nedjelju] [u] LT';
+                case 3:
+                    return '[u] [srijedu] [u] LT';
+                case 6:
+                    return '[u] [subotu] [u] LT';
+                case 1:
+                case 2:
+                case 4:
+                case 5:
+                    return '[u] dddd [u] LT';
+                }
+            },
+            lastDay  : '[jučer u] LT',
+            lastWeek : function () {
+                switch (this.day()) {
+                case 0:
+                case 3:
+                    return '[prošlu] dddd [u] LT';
+                case 6:
+                    return '[prošle] [subote] [u] LT';
+                case 1:
+                case 2:
+                case 4:
+                case 5:
+                    return '[prošli] dddd [u] LT';
+                }
+            },
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'za %s',
+            past   : 'prije %s',
+            s      : 'par sekundi',
+            m      : bs__translate,
+            mm     : bs__translate,
+            h      : bs__translate,
+            hh     : bs__translate,
+            d      : 'dan',
+            dd     : bs__translate,
+            M      : 'mjesec',
+            MM     : bs__translate,
+            y      : 'godinu',
+            yy     : bs__translate
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : catalan (ca)
+    //! author : Juan G. Hurtado : https://github.com/juanghurtado
+
+    var ca = _moment__default.defineLocale('ca', {
+        months : 'gener_febrer_març_abril_maig_juny_juliol_agost_setembre_octubre_novembre_desembre'.split('_'),
+        monthsShort : 'gen._febr._mar._abr._mai._jun._jul._ag._set._oct._nov._des.'.split('_'),
+        weekdays : 'diumenge_dilluns_dimarts_dimecres_dijous_divendres_dissabte'.split('_'),
+        weekdaysShort : 'dg._dl._dt._dc._dj._dv._ds.'.split('_'),
+        weekdaysMin : 'Dg_Dl_Dt_Dc_Dj_Dv_Ds'.split('_'),
+        longDateFormat : {
+            LT : 'H:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay : function () {
+                return '[avui a ' + ((this.hours() !== 1) ? 'les' : 'la') + '] LT';
+            },
+            nextDay : function () {
+                return '[demà a ' + ((this.hours() !== 1) ? 'les' : 'la') + '] LT';
+            },
+            nextWeek : function () {
+                return 'dddd [a ' + ((this.hours() !== 1) ? 'les' : 'la') + '] LT';
+            },
+            lastDay : function () {
+                return '[ahir a ' + ((this.hours() !== 1) ? 'les' : 'la') + '] LT';
+            },
+            lastWeek : function () {
+                return '[el] dddd [passat a ' + ((this.hours() !== 1) ? 'les' : 'la') + '] LT';
+            },
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'en %s',
+            past : 'fa %s',
+            s : 'uns segons',
+            m : 'un minut',
+            mm : '%d minuts',
+            h : 'una hora',
+            hh : '%d hores',
+            d : 'un dia',
+            dd : '%d dies',
+            M : 'un mes',
+            MM : '%d mesos',
+            y : 'un any',
+            yy : '%d anys'
+        },
+        ordinalParse: /\d{1,2}(r|n|t|è|a)/,
+        ordinal : function (number, period) {
+            var output = (number === 1) ? 'r' :
+                (number === 2) ? 'n' :
+                (number === 3) ? 'r' :
+                (number === 4) ? 't' : 'è';
+            if (period === 'w' || period === 'W') {
+                output = 'a';
+            }
+            return number + output;
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : czech (cs)
+    //! author : petrbela : https://github.com/petrbela
+
+    var cs__months = 'leden_únor_březen_duben_květen_červen_červenec_srpen_září_říjen_listopad_prosinec'.split('_'),
+        cs__monthsShort = 'led_úno_bře_dub_kvě_čvn_čvc_srp_zář_říj_lis_pro'.split('_');
+    function cs__plural(n) {
+        return (n > 1) && (n < 5) && (~~(n / 10) !== 1);
+    }
+    function cs__translate(number, withoutSuffix, key, isFuture) {
+        var result = number + ' ';
+        switch (key) {
+        case 's':  // a few seconds / in a few seconds / a few seconds ago
+            return (withoutSuffix || isFuture) ? 'pár sekund' : 'pár sekundami';
+        case 'm':  // a minute / in a minute / a minute ago
+            return withoutSuffix ? 'minuta' : (isFuture ? 'minutu' : 'minutou');
+        case 'mm': // 9 minutes / in 9 minutes / 9 minutes ago
+            if (withoutSuffix || isFuture) {
+                return result + (cs__plural(number) ? 'minuty' : 'minut');
+            } else {
+                return result + 'minutami';
+            }
+            break;
+        case 'h':  // an hour / in an hour / an hour ago
+            return withoutSuffix ? 'hodina' : (isFuture ? 'hodinu' : 'hodinou');
+        case 'hh': // 9 hours / in 9 hours / 9 hours ago
+            if (withoutSuffix || isFuture) {
+                return result + (cs__plural(number) ? 'hodiny' : 'hodin');
+            } else {
+                return result + 'hodinami';
+            }
+            break;
+        case 'd':  // a day / in a day / a day ago
+            return (withoutSuffix || isFuture) ? 'den' : 'dnem';
+        case 'dd': // 9 days / in 9 days / 9 days ago
+            if (withoutSuffix || isFuture) {
+                return result + (cs__plural(number) ? 'dny' : 'dní');
+            } else {
+                return result + 'dny';
+            }
+            break;
+        case 'M':  // a month / in a month / a month ago
+            return (withoutSuffix || isFuture) ? 'měsíc' : 'měsícem';
+        case 'MM': // 9 months / in 9 months / 9 months ago
+            if (withoutSuffix || isFuture) {
+                return result + (cs__plural(number) ? 'měsíce' : 'měsíců');
+            } else {
+                return result + 'měsíci';
+            }
+            break;
+        case 'y':  // a year / in a year / a year ago
+            return (withoutSuffix || isFuture) ? 'rok' : 'rokem';
+        case 'yy': // 9 years / in 9 years / 9 years ago
+            if (withoutSuffix || isFuture) {
+                return result + (cs__plural(number) ? 'roky' : 'let');
+            } else {
+                return result + 'lety';
+            }
+            break;
+        }
+    }
+
+    var cs = _moment__default.defineLocale('cs', {
+        months : cs__months,
+        monthsShort : cs__monthsShort,
+        monthsParse : (function (months, monthsShort) {
+            var i, _monthsParse = [];
+            for (i = 0; i < 12; i++) {
+                // use custom parser to solve problem with July (červenec)
+                _monthsParse[i] = new RegExp('^' + months[i] + '$|^' + monthsShort[i] + '$', 'i');
+            }
+            return _monthsParse;
+        }(cs__months, cs__monthsShort)),
+        weekdays : 'neděle_pondělí_úterý_středa_čtvrtek_pátek_sobota'.split('_'),
+        weekdaysShort : 'ne_po_út_st_čt_pá_so'.split('_'),
+        weekdaysMin : 'ne_po_út_st_čt_pá_so'.split('_'),
+        longDateFormat : {
+            LT: 'H:mm',
+            LTS : 'LT:ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D. MMMM YYYY',
+            LLL : 'D. MMMM YYYY LT',
+            LLLL : 'dddd D. MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[dnes v] LT',
+            nextDay: '[zítra v] LT',
+            nextWeek: function () {
+                switch (this.day()) {
+                case 0:
+                    return '[v neděli v] LT';
+                case 1:
+                case 2:
+                    return '[v] dddd [v] LT';
+                case 3:
+                    return '[ve středu v] LT';
+                case 4:
+                    return '[ve čtvrtek v] LT';
+                case 5:
+                    return '[v pátek v] LT';
+                case 6:
+                    return '[v sobotu v] LT';
+                }
+            },
+            lastDay: '[včera v] LT',
+            lastWeek: function () {
+                switch (this.day()) {
+                case 0:
+                    return '[minulou neděli v] LT';
+                case 1:
+                case 2:
+                    return '[minulé] dddd [v] LT';
+                case 3:
+                    return '[minulou středu v] LT';
+                case 4:
+                case 5:
+                    return '[minulý] dddd [v] LT';
+                case 6:
+                    return '[minulou sobotu v] LT';
+                }
+            },
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'za %s',
+            past : 'před %s',
+            s : cs__translate,
+            m : cs__translate,
+            mm : cs__translate,
+            h : cs__translate,
+            hh : cs__translate,
+            d : cs__translate,
+            dd : cs__translate,
+            M : cs__translate,
+            MM : cs__translate,
+            y : cs__translate,
+            yy : cs__translate
+        },
+        ordinalParse : /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : chuvash (cv)
+    //! author : Anatoly Mironov : https://github.com/mirontoli
+
+    var cv = _moment__default.defineLocale('cv', {
+        months : 'кӑрлач_нарӑс_пуш_ака_май_ҫӗртме_утӑ_ҫурла_авӑн_юпа_чӳк_раштав'.split('_'),
+        monthsShort : 'кӑр_нар_пуш_ака_май_ҫӗр_утӑ_ҫур_авн_юпа_чӳк_раш'.split('_'),
+        weekdays : 'вырсарникун_тунтикун_ытларикун_юнкун_кӗҫнерникун_эрнекун_шӑматкун'.split('_'),
+        weekdaysShort : 'выр_тун_ытл_юн_кӗҫ_эрн_шӑм'.split('_'),
+        weekdaysMin : 'вр_тн_ыт_юн_кҫ_эр_шм'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD-MM-YYYY',
+            LL : 'YYYY [ҫулхи] MMMM [уйӑхӗн] D[-мӗшӗ]',
+            LLL : 'YYYY [ҫулхи] MMMM [уйӑхӗн] D[-мӗшӗ], LT',
+            LLLL : 'dddd, YYYY [ҫулхи] MMMM [уйӑхӗн] D[-мӗшӗ], LT'
+        },
+        calendar : {
+            sameDay: '[Паян] LT [сехетре]',
+            nextDay: '[Ыран] LT [сехетре]',
+            lastDay: '[Ӗнер] LT [сехетре]',
+            nextWeek: '[Ҫитес] dddd LT [сехетре]',
+            lastWeek: '[Иртнӗ] dddd LT [сехетре]',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : function (output) {
+                var affix = /сехет$/i.exec(output) ? 'рен' : /ҫул$/i.exec(output) ? 'тан' : 'ран';
+                return output + affix;
+            },
+            past : '%s каялла',
+            s : 'пӗр-ик ҫеккунт',
+            m : 'пӗр минут',
+            mm : '%d минут',
+            h : 'пӗр сехет',
+            hh : '%d сехет',
+            d : 'пӗр кун',
+            dd : '%d кун',
+            M : 'пӗр уйӑх',
+            MM : '%d уйӑх',
+            y : 'пӗр ҫул',
+            yy : '%d ҫул'
+        },
+        ordinalParse: /\d{1,2}-мӗш/,
+        ordinal : '%d-мӗш',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Welsh (cy)
+    //! author : Robert Allen
+
+    var cy = _moment__default.defineLocale('cy', {
+        months: 'Ionawr_Chwefror_Mawrth_Ebrill_Mai_Mehefin_Gorffennaf_Awst_Medi_Hydref_Tachwedd_Rhagfyr'.split('_'),
+        monthsShort: 'Ion_Chwe_Maw_Ebr_Mai_Meh_Gor_Aws_Med_Hyd_Tach_Rhag'.split('_'),
+        weekdays: 'Dydd Sul_Dydd Llun_Dydd Mawrth_Dydd Mercher_Dydd Iau_Dydd Gwener_Dydd Sadwrn'.split('_'),
+        weekdaysShort: 'Sul_Llun_Maw_Mer_Iau_Gwe_Sad'.split('_'),
+        weekdaysMin: 'Su_Ll_Ma_Me_Ia_Gw_Sa'.split('_'),
+        // time formats are the same as en-gb
+        longDateFormat: {
+            LT: 'HH:mm',
+            LTS : 'LT:ss',
+            L: 'DD/MM/YYYY',
+            LL: 'D MMMM YYYY',
+            LLL: 'D MMMM YYYY LT',
+            LLLL: 'dddd, D MMMM YYYY LT'
+        },
+        calendar: {
+            sameDay: '[Heddiw am] LT',
+            nextDay: '[Yfory am] LT',
+            nextWeek: 'dddd [am] LT',
+            lastDay: '[Ddoe am] LT',
+            lastWeek: 'dddd [diwethaf am] LT',
+            sameElse: 'L'
+        },
+        relativeTime: {
+            future: 'mewn %s',
+            past: '%s yn ôl',
+            s: 'ychydig eiliadau',
+            m: 'munud',
+            mm: '%d munud',
+            h: 'awr',
+            hh: '%d awr',
+            d: 'diwrnod',
+            dd: '%d diwrnod',
+            M: 'mis',
+            MM: '%d mis',
+            y: 'blwyddyn',
+            yy: '%d flynedd'
+        },
+        ordinalParse: /\d{1,2}(fed|ain|af|il|ydd|ed|eg)/,
+        // traditional ordinal numbers above 31 are not commonly used in colloquial Welsh
+        ordinal: function (number) {
+            var b = number,
+                output = '',
+                lookup = [
+                    '', 'af', 'il', 'ydd', 'ydd', 'ed', 'ed', 'ed', 'fed', 'fed', 'fed', // 1af to 10fed
+                    'eg', 'fed', 'eg', 'eg', 'fed', 'eg', 'eg', 'fed', 'eg', 'fed' // 11eg to 20fed
+                ];
+            if (b > 20) {
+                if (b === 40 || b === 50 || b === 60 || b === 80 || b === 100) {
+                    output = 'fed'; // not 30ain, 70ain or 90ain
+                } else {
+                    output = 'ain';
+                }
+            } else if (b > 0) {
+                output = lookup[b];
+            }
+            return number + output;
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : danish (da)
+    //! author : Ulrik Nielsen : https://github.com/mrbase
+
+    var da = _moment__default.defineLocale('da', {
+        months : 'januar_februar_marts_april_maj_juni_juli_august_september_oktober_november_december'.split('_'),
+        monthsShort : 'jan_feb_mar_apr_maj_jun_jul_aug_sep_okt_nov_dec'.split('_'),
+        weekdays : 'søndag_mandag_tirsdag_onsdag_torsdag_fredag_lørdag'.split('_'),
+        weekdaysShort : 'søn_man_tir_ons_tor_fre_lør'.split('_'),
+        weekdaysMin : 'sø_ma_ti_on_to_fr_lø'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D. MMMM YYYY',
+            LLL : 'D. MMMM YYYY LT',
+            LLLL : 'dddd [d.] D. MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay : '[I dag kl.] LT',
+            nextDay : '[I morgen kl.] LT',
+            nextWeek : 'dddd [kl.] LT',
+            lastDay : '[I går kl.] LT',
+            lastWeek : '[sidste] dddd [kl] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'om %s',
+            past : '%s siden',
+            s : 'få sekunder',
+            m : 'et minut',
+            mm : '%d minutter',
+            h : 'en time',
+            hh : '%d timer',
+            d : 'en dag',
+            dd : '%d dage',
+            M : 'en måned',
+            MM : '%d måneder',
+            y : 'et år',
+            yy : '%d år'
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : austrian german (de-at)
+    //! author : lluchs : https://github.com/lluchs
+    //! author: Menelion Elensúle: https://github.com/Oire
+    //! author : Martin Groller : https://github.com/MadMG
+
+    function de_at__processRelativeTime(number, withoutSuffix, key, isFuture) {
+        var format = {
+            'm': ['eine Minute', 'einer Minute'],
+            'h': ['eine Stunde', 'einer Stunde'],
+            'd': ['ein Tag', 'einem Tag'],
+            'dd': [number + ' Tage', number + ' Tagen'],
+            'M': ['ein Monat', 'einem Monat'],
+            'MM': [number + ' Monate', number + ' Monaten'],
+            'y': ['ein Jahr', 'einem Jahr'],
+            'yy': [number + ' Jahre', number + ' Jahren']
+        };
+        return withoutSuffix ? format[key][0] : format[key][1];
+    }
+
+    var de_at = _moment__default.defineLocale('de-at', {
+        months : 'Jänner_Februar_März_April_Mai_Juni_Juli_August_September_Oktober_November_Dezember'.split('_'),
+        monthsShort : 'Jän._Febr._Mrz._Apr._Mai_Jun._Jul._Aug._Sept._Okt._Nov._Dez.'.split('_'),
+        weekdays : 'Sonntag_Montag_Dienstag_Mittwoch_Donnerstag_Freitag_Samstag'.split('_'),
+        weekdaysShort : 'So._Mo._Di._Mi._Do._Fr._Sa.'.split('_'),
+        weekdaysMin : 'So_Mo_Di_Mi_Do_Fr_Sa'.split('_'),
+        longDateFormat : {
+            LT: 'HH:mm',
+            LTS: 'HH:mm:ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D. MMMM YYYY',
+            LLL : 'D. MMMM YYYY LT',
+            LLLL : 'dddd, D. MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[Heute um] LT [Uhr]',
+            sameElse: 'L',
+            nextDay: '[Morgen um] LT [Uhr]',
+            nextWeek: 'dddd [um] LT [Uhr]',
+            lastDay: '[Gestern um] LT [Uhr]',
+            lastWeek: '[letzten] dddd [um] LT [Uhr]'
+        },
+        relativeTime : {
+            future : 'in %s',
+            past : 'vor %s',
+            s : 'ein paar Sekunden',
+            m : de_at__processRelativeTime,
+            mm : '%d Minuten',
+            h : de_at__processRelativeTime,
+            hh : '%d Stunden',
+            d : de_at__processRelativeTime,
+            dd : de_at__processRelativeTime,
+            M : de_at__processRelativeTime,
+            MM : de_at__processRelativeTime,
+            y : de_at__processRelativeTime,
+            yy : de_at__processRelativeTime
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : german (de)
+    //! author : lluchs : https://github.com/lluchs
+    //! author: Menelion Elensúle: https://github.com/Oire
+
+    function de__processRelativeTime(number, withoutSuffix, key, isFuture) {
+        var format = {
+            'm': ['eine Minute', 'einer Minute'],
+            'h': ['eine Stunde', 'einer Stunde'],
+            'd': ['ein Tag', 'einem Tag'],
+            'dd': [number + ' Tage', number + ' Tagen'],
+            'M': ['ein Monat', 'einem Monat'],
+            'MM': [number + ' Monate', number + ' Monaten'],
+            'y': ['ein Jahr', 'einem Jahr'],
+            'yy': [number + ' Jahre', number + ' Jahren']
+        };
+        return withoutSuffix ? format[key][0] : format[key][1];
+    }
+
+    var de = _moment__default.defineLocale('de', {
+        months : 'Januar_Februar_März_April_Mai_Juni_Juli_August_September_Oktober_November_Dezember'.split('_'),
+        monthsShort : 'Jan._Febr._Mrz._Apr._Mai_Jun._Jul._Aug._Sept._Okt._Nov._Dez.'.split('_'),
+        weekdays : 'Sonntag_Montag_Dienstag_Mittwoch_Donnerstag_Freitag_Samstag'.split('_'),
+        weekdaysShort : 'So._Mo._Di._Mi._Do._Fr._Sa.'.split('_'),
+        weekdaysMin : 'So_Mo_Di_Mi_Do_Fr_Sa'.split('_'),
+        longDateFormat : {
+            LT: 'HH:mm',
+            LTS: 'HH:mm:ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D. MMMM YYYY',
+            LLL : 'D. MMMM YYYY LT',
+            LLLL : 'dddd, D. MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[Heute um] LT [Uhr]',
+            sameElse: 'L',
+            nextDay: '[Morgen um] LT [Uhr]',
+            nextWeek: 'dddd [um] LT [Uhr]',
+            lastDay: '[Gestern um] LT [Uhr]',
+            lastWeek: '[letzten] dddd [um] LT [Uhr]'
+        },
+        relativeTime : {
+            future : 'in %s',
+            past : 'vor %s',
+            s : 'ein paar Sekunden',
+            m : de__processRelativeTime,
+            mm : '%d Minuten',
+            h : de__processRelativeTime,
+            hh : '%d Stunden',
+            d : de__processRelativeTime,
+            dd : de__processRelativeTime,
+            M : de__processRelativeTime,
+            MM : de__processRelativeTime,
+            y : de__processRelativeTime,
+            yy : de__processRelativeTime
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : modern greek (el)
+    //! author : Aggelos Karalias : https://github.com/mehiel
+
+    var el = _moment__default.defineLocale('el', {
+        monthsNominativeEl : 'Ιανουάριος_Φεβρουάριος_Μάρτιος_Απρίλιος_Μάιος_Ιούνιος_Ιούλιος_Αύγουστος_Σεπτέμβριος_Οκτώβριος_Νοέμβριος_Δεκέμβριος'.split('_'),
+        monthsGenitiveEl : 'Ιανουαρίου_Φεβρουαρίου_Μαρτίου_Απριλίου_Μαΐου_Ιουνίου_Ιουλίου_Αυγούστου_Σεπτεμβρίου_Οκτωβρίου_Νοεμβρίου_Δεκεμβρίου'.split('_'),
+        months : function (momentToFormat, format) {
+            if (/D/.test(format.substring(0, format.indexOf('MMMM')))) { // if there is a day number before 'MMMM'
+                return this._monthsGenitiveEl[momentToFormat.month()];
+            } else {
+                return this._monthsNominativeEl[momentToFormat.month()];
+            }
+        },
+        monthsShort : 'Ιαν_Φεβ_Μαρ_Απρ_Μαϊ_Ιουν_Ιουλ_Αυγ_Σεπ_Οκτ_Νοε_Δεκ'.split('_'),
+        weekdays : 'Κυριακή_Δευτέρα_Τρίτη_Τετάρτη_Πέμπτη_Παρασκευή_Σάββατο'.split('_'),
+        weekdaysShort : 'Κυρ_Δευ_Τρι_Τετ_Πεμ_Παρ_Σαβ'.split('_'),
+        weekdaysMin : 'Κυ_Δε_Τρ_Τε_Πε_Πα_Σα'.split('_'),
+        meridiem : function (hours, minutes, isLower) {
+            if (hours > 11) {
+                return isLower ? 'μμ' : 'ΜΜ';
+            } else {
+                return isLower ? 'πμ' : 'ΠΜ';
+            }
+        },
+        isPM : function (input) {
+            return ((input + '').toLowerCase()[0] === 'μ');
+        },
+        meridiemParse : /[ΠΜ]\.?Μ?\.?/i,
+        longDateFormat : {
+            LT : 'h:mm A',
+            LTS : 'h:mm:ss A',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd, D MMMM YYYY LT'
+        },
+        calendarEl : {
+            sameDay : '[Σήμερα {}] LT',
+            nextDay : '[Αύριο {}] LT',
+            nextWeek : 'dddd [{}] LT',
+            lastDay : '[Χθες {}] LT',
+            lastWeek : function () {
+                switch (this.day()) {
+                    case 6:
+                        return '[το προηγούμενο] dddd [{}] LT';
+                    default:
+                        return '[την προηγούμενη] dddd [{}] LT';
+                }
+            },
+            sameElse : 'L'
+        },
+        calendar : function (key, mom) {
+            var output = this._calendarEl[key],
+                hours = mom && mom.hours();
+            if (typeof output === 'function') {
+                output = output.apply(mom);
+            }
+            return output.replace('{}', (hours % 12 === 1 ? 'στη' : 'στις'));
+        },
+        relativeTime : {
+            future : 'σε %s',
+            past : '%s πριν',
+            s : 'λίγα δευτερόλεπτα',
+            m : 'ένα λεπτό',
+            mm : '%d λεπτά',
+            h : 'μία ώρα',
+            hh : '%d ώρες',
+            d : 'μία μέρα',
+            dd : '%d μέρες',
+            M : 'ένας μήνας',
+            MM : '%d μήνες',
+            y : 'ένας χρόνος',
+            yy : '%d χρόνια'
+        },
+        ordinalParse: /\d{1,2}η/,
+        ordinal: '%dη',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : australian english (en-au)
+
+    var en_au = _moment__default.defineLocale('en-au', {
+        months : 'January_February_March_April_May_June_July_August_September_October_November_December'.split('_'),
+        monthsShort : 'Jan_Feb_Mar_Apr_May_Jun_Jul_Aug_Sep_Oct_Nov_Dec'.split('_'),
+        weekdays : 'Sunday_Monday_Tuesday_Wednesday_Thursday_Friday_Saturday'.split('_'),
+        weekdaysShort : 'Sun_Mon_Tue_Wed_Thu_Fri_Sat'.split('_'),
+        weekdaysMin : 'Su_Mo_Tu_We_Th_Fr_Sa'.split('_'),
+        longDateFormat : {
+            LT : 'h:mm A',
+            LTS : 'h:mm:ss A',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd, D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay : '[Today at] LT',
+            nextDay : '[Tomorrow at] LT',
+            nextWeek : 'dddd [at] LT',
+            lastDay : '[Yesterday at] LT',
+            lastWeek : '[Last] dddd [at] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'in %s',
+            past : '%s ago',
+            s : 'a few seconds',
+            m : 'a minute',
+            mm : '%d minutes',
+            h : 'an hour',
+            hh : '%d hours',
+            d : 'a day',
+            dd : '%d days',
+            M : 'a month',
+            MM : '%d months',
+            y : 'a year',
+            yy : '%d years'
+        },
+        ordinalParse: /\d{1,2}(st|nd|rd|th)/,
+        ordinal : function (number) {
+            var b = number % 10,
+                output = (~~(number % 100 / 10) === 1) ? 'th' :
+                (b === 1) ? 'st' :
+                (b === 2) ? 'nd' :
+                (b === 3) ? 'rd' : 'th';
+            return number + output;
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : canadian english (en-ca)
+    //! author : Jonathan Abourbih : https://github.com/jonbca
+
+    var en_ca = _moment__default.defineLocale('en-ca', {
+        months : 'January_February_March_April_May_June_July_August_September_October_November_December'.split('_'),
+        monthsShort : 'Jan_Feb_Mar_Apr_May_Jun_Jul_Aug_Sep_Oct_Nov_Dec'.split('_'),
+        weekdays : 'Sunday_Monday_Tuesday_Wednesday_Thursday_Friday_Saturday'.split('_'),
+        weekdaysShort : 'Sun_Mon_Tue_Wed_Thu_Fri_Sat'.split('_'),
+        weekdaysMin : 'Su_Mo_Tu_We_Th_Fr_Sa'.split('_'),
+        longDateFormat : {
+            LT : 'h:mm A',
+            LTS : 'h:mm:ss A',
+            L : 'YYYY-MM-DD',
+            LL : 'D MMMM, YYYY',
+            LLL : 'D MMMM, YYYY LT',
+            LLLL : 'dddd, D MMMM, YYYY LT'
+        },
+        calendar : {
+            sameDay : '[Today at] LT',
+            nextDay : '[Tomorrow at] LT',
+            nextWeek : 'dddd [at] LT',
+            lastDay : '[Yesterday at] LT',
+            lastWeek : '[Last] dddd [at] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'in %s',
+            past : '%s ago',
+            s : 'a few seconds',
+            m : 'a minute',
+            mm : '%d minutes',
+            h : 'an hour',
+            hh : '%d hours',
+            d : 'a day',
+            dd : '%d days',
+            M : 'a month',
+            MM : '%d months',
+            y : 'a year',
+            yy : '%d years'
+        },
+        ordinalParse: /\d{1,2}(st|nd|rd|th)/,
+        ordinal : function (number) {
+            var b = number % 10,
+                output = (~~(number % 100 / 10) === 1) ? 'th' :
+                (b === 1) ? 'st' :
+                (b === 2) ? 'nd' :
+                (b === 3) ? 'rd' : 'th';
+            return number + output;
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : great britain english (en-gb)
+    //! author : Chris Gedrim : https://github.com/chrisgedrim
+
+    var en_gb = _moment__default.defineLocale('en-gb', {
+        months : 'January_February_March_April_May_June_July_August_September_October_November_December'.split('_'),
+        monthsShort : 'Jan_Feb_Mar_Apr_May_Jun_Jul_Aug_Sep_Oct_Nov_Dec'.split('_'),
+        weekdays : 'Sunday_Monday_Tuesday_Wednesday_Thursday_Friday_Saturday'.split('_'),
+        weekdaysShort : 'Sun_Mon_Tue_Wed_Thu_Fri_Sat'.split('_'),
+        weekdaysMin : 'Su_Mo_Tu_We_Th_Fr_Sa'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'HH:mm:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd, D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay : '[Today at] LT',
+            nextDay : '[Tomorrow at] LT',
+            nextWeek : 'dddd [at] LT',
+            lastDay : '[Yesterday at] LT',
+            lastWeek : '[Last] dddd [at] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'in %s',
+            past : '%s ago',
+            s : 'a few seconds',
+            m : 'a minute',
+            mm : '%d minutes',
+            h : 'an hour',
+            hh : '%d hours',
+            d : 'a day',
+            dd : '%d days',
+            M : 'a month',
+            MM : '%d months',
+            y : 'a year',
+            yy : '%d years'
+        },
+        ordinalParse: /\d{1,2}(st|nd|rd|th)/,
+        ordinal : function (number) {
+            var b = number % 10,
+                output = (~~(number % 100 / 10) === 1) ? 'th' :
+                (b === 1) ? 'st' :
+                (b === 2) ? 'nd' :
+                (b === 3) ? 'rd' : 'th';
+            return number + output;
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : esperanto (eo)
+    //! author : Colin Dean : https://github.com/colindean
+    //! komento: Mi estas malcerta se mi korekte traktis akuzativojn en tiu traduko.
+    //!          Se ne, bonvolu korekti kaj avizi min por ke mi povas lerni!
+
+    var eo = _moment__default.defineLocale('eo', {
+        months : 'januaro_februaro_marto_aprilo_majo_junio_julio_aŭgusto_septembro_oktobro_novembro_decembro'.split('_'),
+        monthsShort : 'jan_feb_mar_apr_maj_jun_jul_aŭg_sep_okt_nov_dec'.split('_'),
+        weekdays : 'Dimanĉo_Lundo_Mardo_Merkredo_Ĵaŭdo_Vendredo_Sabato'.split('_'),
+        weekdaysShort : 'Dim_Lun_Mard_Merk_Ĵaŭ_Ven_Sab'.split('_'),
+        weekdaysMin : 'Di_Lu_Ma_Me_Ĵa_Ve_Sa'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'YYYY-MM-DD',
+            LL : 'D[-an de] MMMM, YYYY',
+            LLL : 'D[-an de] MMMM, YYYY LT',
+            LLLL : 'dddd, [la] D[-an de] MMMM, YYYY LT'
+        },
+        meridiemParse: /[ap]\.t\.m/i,
+        isPM: function (input) {
+            return input.charAt(0).toLowerCase() === 'p';
+        },
+        meridiem : function (hours, minutes, isLower) {
+            if (hours > 11) {
+                return isLower ? 'p.t.m.' : 'P.T.M.';
+            } else {
+                return isLower ? 'a.t.m.' : 'A.T.M.';
+            }
+        },
+        calendar : {
+            sameDay : '[Hodiaŭ je] LT',
+            nextDay : '[Morgaŭ je] LT',
+            nextWeek : 'dddd [je] LT',
+            lastDay : '[Hieraŭ je] LT',
+            lastWeek : '[pasinta] dddd [je] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'je %s',
+            past : 'antaŭ %s',
+            s : 'sekundoj',
+            m : 'minuto',
+            mm : '%d minutoj',
+            h : 'horo',
+            hh : '%d horoj',
+            d : 'tago',//ne 'diurno', ĉar estas uzita por proksimumo
+            dd : '%d tagoj',
+            M : 'monato',
+            MM : '%d monatoj',
+            y : 'jaro',
+            yy : '%d jaroj'
+        },
+        ordinalParse: /\d{1,2}a/,
+        ordinal : '%da',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : spanish (es)
+    //! author : Julio Napurí : https://github.com/julionc
+
+    var monthsShortDot = 'Ene._Feb._Mar._Abr._May._Jun._Jul._Ago._Sep._Oct._Nov._Dic.'.split('_'),
+        es__monthsShort = 'Ene_Feb_Mar_Abr_May_Jun_Jul_Ago_Sep_Oct_Nov_Dic'.split('_');
+
+    var es = _moment__default.defineLocale('es', {
+        months : 'Enero_Febrero_Marzo_Abril_Mayo_Junio_Julio_Agosto_Septiembre_Octubre_Noviembre_Diciembre'.split('_'),
+        monthsShort : function (m, format) {
+            if (/-MMM-/.test(format)) {
+                return es__monthsShort[m.month()];
+            } else {
+                return monthsShortDot[m.month()];
+            }
+        },
+        weekdays : 'Domingo_Lunes_Martes_Miércoles_Jueves_Viernes_Sábado'.split('_'),
+        weekdaysShort : 'Dom._Lun._Mar._Mié._Jue._Vie._Sáb.'.split('_'),
+        weekdaysMin : 'Do_Lu_Ma_Mi_Ju_Vi_Sá'.split('_'),
+        longDateFormat : {
+            LT : 'H:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D [de] MMMM [de] YYYY',
+            LLL : 'D [de] MMMM [de] YYYY LT',
+            LLLL : 'dddd, D [de] MMMM [de] YYYY LT'
+        },
+        calendar : {
+            sameDay : function () {
+                return '[hoy a la' + ((this.hours() !== 1) ? 's' : '') + '] LT';
+            },
+            nextDay : function () {
+                return '[mañana a la' + ((this.hours() !== 1) ? 's' : '') + '] LT';
+            },
+            nextWeek : function () {
+                return 'dddd [a la' + ((this.hours() !== 1) ? 's' : '') + '] LT';
+            },
+            lastDay : function () {
+                return '[ayer a la' + ((this.hours() !== 1) ? 's' : '') + '] LT';
+            },
+            lastWeek : function () {
+                return '[el] dddd [pasado a la' + ((this.hours() !== 1) ? 's' : '') + '] LT';
+            },
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'en %s',
+            past : 'hace %s',
+            s : 'unos segundos',
+            m : 'un minuto',
+            mm : '%d minutos',
+            h : 'una hora',
+            hh : '%d horas',
+            d : 'un día',
+            dd : '%d días',
+            M : 'un mes',
+            MM : '%d meses',
+            y : 'un año',
+            yy : '%d años'
+        },
+        ordinalParse : /\d{1,2}º/,
+        ordinal : '%dº',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : estonian (et)
+    //! author : Henry Kehlmann : https://github.com/madhenry
+    //! improvements : Illimar Tambek : https://github.com/ragulka
+
+    function et__processRelativeTime(number, withoutSuffix, key, isFuture) {
+        var format = {
+            's' : ['mõne sekundi', 'mõni sekund', 'paar sekundit'],
+            'm' : ['ühe minuti', 'üks minut'],
+            'mm': [number + ' minuti', number + ' minutit'],
+            'h' : ['ühe tunni', 'tund aega', 'üks tund'],
+            'hh': [number + ' tunni', number + ' tundi'],
+            'd' : ['ühe päeva', 'üks päev'],
+            'M' : ['kuu aja', 'kuu aega', 'üks kuu'],
+            'MM': [number + ' kuu', number + ' kuud'],
+            'y' : ['ühe aasta', 'aasta', 'üks aasta'],
+            'yy': [number + ' aasta', number + ' aastat']
+        };
+        if (withoutSuffix) {
+            return format[key][2] ? format[key][2] : format[key][1];
+        }
+        return isFuture ? format[key][0] : format[key][1];
+    }
+
+    var et = _moment__default.defineLocale('et', {
+        months        : 'jaanuar_veebruar_märts_aprill_mai_juuni_juuli_august_september_oktoober_november_detsember'.split('_'),
+        monthsShort   : 'jaan_veebr_märts_apr_mai_juuni_juuli_aug_sept_okt_nov_dets'.split('_'),
+        weekdays      : 'pühapäev_esmaspäev_teisipäev_kolmapäev_neljapäev_reede_laupäev'.split('_'),
+        weekdaysShort : 'P_E_T_K_N_R_L'.split('_'),
+        weekdaysMin   : 'P_E_T_K_N_R_L'.split('_'),
+        longDateFormat : {
+            LT   : 'H:mm',
+            LTS : 'LT:ss',
+            L    : 'DD.MM.YYYY',
+            LL   : 'D. MMMM YYYY',
+            LLL  : 'D. MMMM YYYY LT',
+            LLLL : 'dddd, D. MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay  : '[Täna,] LT',
+            nextDay  : '[Homme,] LT',
+            nextWeek : '[Järgmine] dddd LT',
+            lastDay  : '[Eile,] LT',
+            lastWeek : '[Eelmine] dddd LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s pärast',
+            past   : '%s tagasi',
+            s      : et__processRelativeTime,
+            m      : et__processRelativeTime,
+            mm     : et__processRelativeTime,
+            h      : et__processRelativeTime,
+            hh     : et__processRelativeTime,
+            d      : et__processRelativeTime,
+            dd     : '%d päeva',
+            M      : et__processRelativeTime,
+            MM     : et__processRelativeTime,
+            y      : et__processRelativeTime,
+            yy     : et__processRelativeTime
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : euskara (eu)
+    //! author : Eneko Illarramendi : https://github.com/eillarra
+
+    var eu = _moment__default.defineLocale('eu', {
+        months : 'urtarrila_otsaila_martxoa_apirila_maiatza_ekaina_uztaila_abuztua_iraila_urria_azaroa_abendua'.split('_'),
+        monthsShort : 'urt._ots._mar._api._mai._eka._uzt._abu._ira._urr._aza._abe.'.split('_'),
+        weekdays : 'igandea_astelehena_asteartea_asteazkena_osteguna_ostirala_larunbata'.split('_'),
+        weekdaysShort : 'ig._al._ar._az._og._ol._lr.'.split('_'),
+        weekdaysMin : 'ig_al_ar_az_og_ol_lr'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'YYYY-MM-DD',
+            LL : 'YYYY[ko] MMMM[ren] D[a]',
+            LLL : 'YYYY[ko] MMMM[ren] D[a] LT',
+            LLLL : 'dddd, YYYY[ko] MMMM[ren] D[a] LT',
+            l : 'YYYY-M-D',
+            ll : 'YYYY[ko] MMM D[a]',
+            lll : 'YYYY[ko] MMM D[a] LT',
+            llll : 'ddd, YYYY[ko] MMM D[a] LT'
+        },
+        calendar : {
+            sameDay : '[gaur] LT[etan]',
+            nextDay : '[bihar] LT[etan]',
+            nextWeek : 'dddd LT[etan]',
+            lastDay : '[atzo] LT[etan]',
+            lastWeek : '[aurreko] dddd LT[etan]',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s barru',
+            past : 'duela %s',
+            s : 'segundo batzuk',
+            m : 'minutu bat',
+            mm : '%d minutu',
+            h : 'ordu bat',
+            hh : '%d ordu',
+            d : 'egun bat',
+            dd : '%d egun',
+            M : 'hilabete bat',
+            MM : '%d hilabete',
+            y : 'urte bat',
+            yy : '%d urte'
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Persian (fa)
+    //! author : Ebrahim Byagowi : https://github.com/ebraminio
+
+    var fa__symbolMap = {
+        '1': '۱',
+        '2': '۲',
+        '3': '۳',
+        '4': '۴',
+        '5': '۵',
+        '6': '۶',
+        '7': '۷',
+        '8': '۸',
+        '9': '۹',
+        '0': '۰'
+    }, fa__numberMap = {
+        '۱': '1',
+        '۲': '2',
+        '۳': '3',
+        '۴': '4',
+        '۵': '5',
+        '۶': '6',
+        '۷': '7',
+        '۸': '8',
+        '۹': '9',
+        '۰': '0'
+    };
+
+    var fa = _moment__default.defineLocale('fa', {
+        months : 'ژانویه_فوریه_مارس_آوریل_مه_ژوئن_ژوئیه_اوت_سپتامبر_اکتبر_نوامبر_دسامبر'.split('_'),
+        monthsShort : 'ژانویه_فوریه_مارس_آوریل_مه_ژوئن_ژوئیه_اوت_سپتامبر_اکتبر_نوامبر_دسامبر'.split('_'),
+        weekdays : 'یک\u200cشنبه_دوشنبه_سه\u200cشنبه_چهارشنبه_پنج\u200cشنبه_جمعه_شنبه'.split('_'),
+        weekdaysShort : 'یک\u200cشنبه_دوشنبه_سه\u200cشنبه_چهارشنبه_پنج\u200cشنبه_جمعه_شنبه'.split('_'),
+        weekdaysMin : 'ی_د_س_چ_پ_ج_ش'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd, D MMMM YYYY LT'
+        },
+        meridiemParse: /قبل از ظهر|بعد از ظهر/,
+        isPM: function (input) {
+            return /بعد از ظهر/.test(input);
+        },
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 12) {
+                return 'قبل از ظهر';
+            } else {
+                return 'بعد از ظهر';
+            }
+        },
+        calendar : {
+            sameDay : '[امروز ساعت] LT',
+            nextDay : '[فردا ساعت] LT',
+            nextWeek : 'dddd [ساعت] LT',
+            lastDay : '[دیروز ساعت] LT',
+            lastWeek : 'dddd [پیش] [ساعت] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'در %s',
+            past : '%s پیش',
+            s : 'چندین ثانیه',
+            m : 'یک دقیقه',
+            mm : '%d دقیقه',
+            h : 'یک ساعت',
+            hh : '%d ساعت',
+            d : 'یک روز',
+            dd : '%d روز',
+            M : 'یک ماه',
+            MM : '%d ماه',
+            y : 'یک سال',
+            yy : '%d سال'
+        },
+        preparse: function (string) {
+            return string.replace(/[۰-۹]/g, function (match) {
+                return fa__numberMap[match];
+            }).replace(/،/g, ',');
+        },
+        postformat: function (string) {
+            return string.replace(/\d/g, function (match) {
+                return fa__symbolMap[match];
+            }).replace(/,/g, '،');
+        },
+        ordinalParse: /\d{1,2}م/,
+        ordinal : '%dم',
+        week : {
+            dow : 6, // Saturday is the first day of the week.
+            doy : 12 // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : finnish (fi)
+    //! author : Tarmo Aidantausta : https://github.com/bleadof
+
+    var numbersPast = 'nolla yksi kaksi kolme neljä viisi kuusi seitsemän kahdeksan yhdeksän'.split(' '),
+        numbersFuture = [
+            'nolla', 'yhden', 'kahden', 'kolmen', 'neljän', 'viiden', 'kuuden',
+            numbersPast[7], numbersPast[8], numbersPast[9]
+        ];
+    function fi__translate(number, withoutSuffix, key, isFuture) {
+        var result = '';
+        switch (key) {
+        case 's':
+            return isFuture ? 'muutaman sekunnin' : 'muutama sekunti';
+        case 'm':
+            return isFuture ? 'minuutin' : 'minuutti';
+        case 'mm':
+            result = isFuture ? 'minuutin' : 'minuuttia';
+            break;
+        case 'h':
+            return isFuture ? 'tunnin' : 'tunti';
+        case 'hh':
+            result = isFuture ? 'tunnin' : 'tuntia';
+            break;
+        case 'd':
+            return isFuture ? 'päivän' : 'päivä';
+        case 'dd':
+            result = isFuture ? 'päivän' : 'päivää';
+            break;
+        case 'M':
+            return isFuture ? 'kuukauden' : 'kuukausi';
+        case 'MM':
+            result = isFuture ? 'kuukauden' : 'kuukautta';
+            break;
+        case 'y':
+            return isFuture ? 'vuoden' : 'vuosi';
+        case 'yy':
+            result = isFuture ? 'vuoden' : 'vuotta';
+            break;
+        }
+        result = verbalNumber(number, isFuture) + ' ' + result;
+        return result;
+    }
+    function verbalNumber(number, isFuture) {
+        return number < 10 ? (isFuture ? numbersFuture[number] : numbersPast[number]) : number;
+    }
+
+    var fi = _moment__default.defineLocale('fi', {
+        months : 'tammikuu_helmikuu_maaliskuu_huhtikuu_toukokuu_kesäkuu_heinäkuu_elokuu_syyskuu_lokakuu_marraskuu_joulukuu'.split('_'),
+        monthsShort : 'tammi_helmi_maalis_huhti_touko_kesä_heinä_elo_syys_loka_marras_joulu'.split('_'),
+        weekdays : 'sunnuntai_maanantai_tiistai_keskiviikko_torstai_perjantai_lauantai'.split('_'),
+        weekdaysShort : 'su_ma_ti_ke_to_pe_la'.split('_'),
+        weekdaysMin : 'su_ma_ti_ke_to_pe_la'.split('_'),
+        longDateFormat : {
+            LT : 'HH.mm',
+            LTS : 'HH.mm.ss',
+            L : 'DD.MM.YYYY',
+            LL : 'Do MMMM[ta] YYYY',
+            LLL : 'Do MMMM[ta] YYYY, [klo] LT',
+            LLLL : 'dddd, Do MMMM[ta] YYYY, [klo] LT',
+            l : 'D.M.YYYY',
+            ll : 'Do MMM YYYY',
+            lll : 'Do MMM YYYY, [klo] LT',
+            llll : 'ddd, Do MMM YYYY, [klo] LT'
+        },
+        calendar : {
+            sameDay : '[tänään] [klo] LT',
+            nextDay : '[huomenna] [klo] LT',
+            nextWeek : 'dddd [klo] LT',
+            lastDay : '[eilen] [klo] LT',
+            lastWeek : '[viime] dddd[na] [klo] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s päästä',
+            past : '%s sitten',
+            s : fi__translate,
+            m : fi__translate,
+            mm : fi__translate,
+            h : fi__translate,
+            hh : fi__translate,
+            d : fi__translate,
+            dd : fi__translate,
+            M : fi__translate,
+            MM : fi__translate,
+            y : fi__translate,
+            yy : fi__translate
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : faroese (fo)
+    //! author : Ragnar Johannesen : https://github.com/ragnar123
+
+    var fo = _moment__default.defineLocale('fo', {
+        months : 'januar_februar_mars_apríl_mai_juni_juli_august_september_oktober_november_desember'.split('_'),
+        monthsShort : 'jan_feb_mar_apr_mai_jun_jul_aug_sep_okt_nov_des'.split('_'),
+        weekdays : 'sunnudagur_mánadagur_týsdagur_mikudagur_hósdagur_fríggjadagur_leygardagur'.split('_'),
+        weekdaysShort : 'sun_mán_týs_mik_hós_frí_ley'.split('_'),
+        weekdaysMin : 'su_má_tý_mi_hó_fr_le'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D. MMMM, YYYY LT'
+        },
+        calendar : {
+            sameDay : '[Í dag kl.] LT',
+            nextDay : '[Í morgin kl.] LT',
+            nextWeek : 'dddd [kl.] LT',
+            lastDay : '[Í gjár kl.] LT',
+            lastWeek : '[síðstu] dddd [kl] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'um %s',
+            past : '%s síðani',
+            s : 'fá sekund',
+            m : 'ein minutt',
+            mm : '%d minuttir',
+            h : 'ein tími',
+            hh : '%d tímar',
+            d : 'ein dagur',
+            dd : '%d dagar',
+            M : 'ein mánaði',
+            MM : '%d mánaðir',
+            y : 'eitt ár',
+            yy : '%d ár'
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : canadian french (fr-ca)
+    //! author : Jonathan Abourbih : https://github.com/jonbca
+
+    var fr_ca = _moment__default.defineLocale('fr-ca', {
+        months : 'janvier_février_mars_avril_mai_juin_juillet_août_septembre_octobre_novembre_décembre'.split('_'),
+        monthsShort : 'janv._févr._mars_avr._mai_juin_juil._août_sept._oct._nov._déc.'.split('_'),
+        weekdays : 'dimanche_lundi_mardi_mercredi_jeudi_vendredi_samedi'.split('_'),
+        weekdaysShort : 'dim._lun._mar._mer._jeu._ven._sam.'.split('_'),
+        weekdaysMin : 'Di_Lu_Ma_Me_Je_Ve_Sa'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'YYYY-MM-DD',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[Aujourd\'hui à] LT',
+            nextDay: '[Demain à] LT',
+            nextWeek: 'dddd [à] LT',
+            lastDay: '[Hier à] LT',
+            lastWeek: 'dddd [dernier à] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'dans %s',
+            past : 'il y a %s',
+            s : 'quelques secondes',
+            m : 'une minute',
+            mm : '%d minutes',
+            h : 'une heure',
+            hh : '%d heures',
+            d : 'un jour',
+            dd : '%d jours',
+            M : 'un mois',
+            MM : '%d mois',
+            y : 'un an',
+            yy : '%d ans'
+        },
+        ordinalParse: /\d{1,2}(er|)/,
+        ordinal : function (number) {
+            return number + (number === 1 ? 'er' : '');
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : french (fr)
+    //! author : John Fischer : https://github.com/jfroffice
+
+    var fr = _moment__default.defineLocale('fr', {
+        months : 'janvier_février_mars_avril_mai_juin_juillet_août_septembre_octobre_novembre_décembre'.split('_'),
+        monthsShort : 'janv._févr._mars_avr._mai_juin_juil._août_sept._oct._nov._déc.'.split('_'),
+        weekdays : 'dimanche_lundi_mardi_mercredi_jeudi_vendredi_samedi'.split('_'),
+        weekdaysShort : 'dim._lun._mar._mer._jeu._ven._sam.'.split('_'),
+        weekdaysMin : 'Di_Lu_Ma_Me_Je_Ve_Sa'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[Aujourd\'hui à] LT',
+            nextDay: '[Demain à] LT',
+            nextWeek: 'dddd [à] LT',
+            lastDay: '[Hier à] LT',
+            lastWeek: 'dddd [dernier à] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'dans %s',
+            past : 'il y a %s',
+            s : 'quelques secondes',
+            m : 'une minute',
+            mm : '%d minutes',
+            h : 'une heure',
+            hh : '%d heures',
+            d : 'un jour',
+            dd : '%d jours',
+            M : 'un mois',
+            MM : '%d mois',
+            y : 'un an',
+            yy : '%d ans'
+        },
+        ordinalParse: /\d{1,2}(er|)/,
+        ordinal : function (number) {
+            return number + (number === 1 ? 'er' : '');
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : frisian (fy)
+    //! author : Robin van der Vliet : https://github.com/robin0van0der0v
+
+    var fy__monthsShortWithDots = 'jan._feb._mrt._apr._mai_jun._jul._aug._sep._okt._nov._des.'.split('_'),
+        fy__monthsShortWithoutDots = 'jan_feb_mrt_apr_mai_jun_jul_aug_sep_okt_nov_des'.split('_');
+
+    var fy = _moment__default.defineLocale('fy', {
+        months : 'jannewaris_febrewaris_maart_april_maaie_juny_july_augustus_septimber_oktober_novimber_desimber'.split('_'),
+        monthsShort : function (m, format) {
+            if (/-MMM-/.test(format)) {
+                return fy__monthsShortWithoutDots[m.month()];
+            } else {
+                return fy__monthsShortWithDots[m.month()];
+            }
+        },
+        weekdays : 'snein_moandei_tiisdei_woansdei_tongersdei_freed_sneon'.split('_'),
+        weekdaysShort : 'si._mo._ti._wo._to._fr._so.'.split('_'),
+        weekdaysMin : 'Si_Mo_Ti_Wo_To_Fr_So'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD-MM-YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[hjoed om] LT',
+            nextDay: '[moarn om] LT',
+            nextWeek: 'dddd [om] LT',
+            lastDay: '[juster om] LT',
+            lastWeek: '[ôfrûne] dddd [om] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'oer %s',
+            past : '%s lyn',
+            s : 'in pear sekonden',
+            m : 'ien minút',
+            mm : '%d minuten',
+            h : 'ien oere',
+            hh : '%d oeren',
+            d : 'ien dei',
+            dd : '%d dagen',
+            M : 'ien moanne',
+            MM : '%d moannen',
+            y : 'ien jier',
+            yy : '%d jierren'
+        },
+        ordinalParse: /\d{1,2}(ste|de)/,
+        ordinal : function (number) {
+            return number + ((number === 1 || number === 8 || number >= 20) ? 'ste' : 'de');
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : galician (gl)
+    //! author : Juan G. Hurtado : https://github.com/juanghurtado
+
+    var gl = _moment__default.defineLocale('gl', {
+        months : 'Xaneiro_Febreiro_Marzo_Abril_Maio_Xuño_Xullo_Agosto_Setembro_Outubro_Novembro_Decembro'.split('_'),
+        monthsShort : 'Xan._Feb._Mar._Abr._Mai._Xuñ._Xul._Ago._Set._Out._Nov._Dec.'.split('_'),
+        weekdays : 'Domingo_Luns_Martes_Mércores_Xoves_Venres_Sábado'.split('_'),
+        weekdaysShort : 'Dom._Lun._Mar._Mér._Xov._Ven._Sáb.'.split('_'),
+        weekdaysMin : 'Do_Lu_Ma_Mé_Xo_Ve_Sá'.split('_'),
+        longDateFormat : {
+            LT : 'H:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay : function () {
+                return '[hoxe ' + ((this.hours() !== 1) ? 'ás' : 'á') + '] LT';
+            },
+            nextDay : function () {
+                return '[mañá ' + ((this.hours() !== 1) ? 'ás' : 'á') + '] LT';
+            },
+            nextWeek : function () {
+                return 'dddd [' + ((this.hours() !== 1) ? 'ás' : 'a') + '] LT';
+            },
+            lastDay : function () {
+                return '[onte ' + ((this.hours() !== 1) ? 'á' : 'a') + '] LT';
+            },
+            lastWeek : function () {
+                return '[o] dddd [pasado ' + ((this.hours() !== 1) ? 'ás' : 'a') + '] LT';
+            },
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : function (str) {
+                if (str === 'uns segundos') {
+                    return 'nuns segundos';
+                }
+                return 'en ' + str;
+            },
+            past : 'hai %s',
+            s : 'uns segundos',
+            m : 'un minuto',
+            mm : '%d minutos',
+            h : 'unha hora',
+            hh : '%d horas',
+            d : 'un día',
+            dd : '%d días',
+            M : 'un mes',
+            MM : '%d meses',
+            y : 'un ano',
+            yy : '%d anos'
+        },
+        ordinalParse : /\d{1,2}º/,
+        ordinal : '%dº',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Hebrew (he)
+    //! author : Tomer Cohen : https://github.com/tomer
+    //! author : Moshe Simantov : https://github.com/DevelopmentIL
+    //! author : Tal Ater : https://github.com/TalAter
+
+    var he = _moment__default.defineLocale('he', {
+        months : 'ינואר_פברואר_מרץ_אפריל_מאי_יוני_יולי_אוגוסט_ספטמבר_אוקטובר_נובמבר_דצמבר'.split('_'),
+        monthsShort : 'ינו׳_פבר׳_מרץ_אפר׳_מאי_יוני_יולי_אוג׳_ספט׳_אוק׳_נוב׳_דצמ׳'.split('_'),
+        weekdays : 'ראשון_שני_שלישי_רביעי_חמישי_שישי_שבת'.split('_'),
+        weekdaysShort : 'א׳_ב׳_ג׳_ד׳_ה׳_ו׳_ש׳'.split('_'),
+        weekdaysMin : 'א_ב_ג_ד_ה_ו_ש'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D [ב]MMMM YYYY',
+            LLL : 'D [ב]MMMM YYYY LT',
+            LLLL : 'dddd, D [ב]MMMM YYYY LT',
+            l : 'D/M/YYYY',
+            ll : 'D MMM YYYY',
+            lll : 'D MMM YYYY LT',
+            llll : 'ddd, D MMM YYYY LT'
+        },
+        calendar : {
+            sameDay : '[היום ב־]LT',
+            nextDay : '[מחר ב־]LT',
+            nextWeek : 'dddd [בשעה] LT',
+            lastDay : '[אתמול ב־]LT',
+            lastWeek : '[ביום] dddd [האחרון בשעה] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'בעוד %s',
+            past : 'לפני %s',
+            s : 'מספר שניות',
+            m : 'דקה',
+            mm : '%d דקות',
+            h : 'שעה',
+            hh : function (number) {
+                if (number === 2) {
+                    return 'שעתיים';
+                }
+                return number + ' שעות';
+            },
+            d : 'יום',
+            dd : function (number) {
+                if (number === 2) {
+                    return 'יומיים';
+                }
+                return number + ' ימים';
+            },
+            M : 'חודש',
+            MM : function (number) {
+                if (number === 2) {
+                    return 'חודשיים';
+                }
+                return number + ' חודשים';
+            },
+            y : 'שנה',
+            yy : function (number) {
+                if (number === 2) {
+                    return 'שנתיים';
+                } else if (number % 10 === 0 && number !== 10) {
+                    return number + ' שנה';
+                }
+                return number + ' שנים';
+            }
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : hindi (hi)
+    //! author : Mayank Singhal : https://github.com/mayanksinghal
+
+    var hi__symbolMap = {
+        '1': '१',
+        '2': '२',
+        '3': '३',
+        '4': '४',
+        '5': '५',
+        '6': '६',
+        '7': '७',
+        '8': '८',
+        '9': '९',
+        '0': '०'
+    },
+    hi__numberMap = {
+        '१': '1',
+        '२': '2',
+        '३': '3',
+        '४': '4',
+        '५': '5',
+        '६': '6',
+        '७': '7',
+        '८': '8',
+        '९': '9',
+        '०': '0'
+    };
+
+    var hi = _moment__default.defineLocale('hi', {
+        months : 'जनवरी_फ़रवरी_मार्च_अप्रैल_मई_जून_जुलाई_अगस्त_सितम्बर_अक्टूबर_नवम्बर_दिसम्बर'.split('_'),
+        monthsShort : 'जन._फ़र._मार्च_अप्रै._मई_जून_जुल._अग._सित._अक्टू._नव._दिस.'.split('_'),
+        weekdays : 'रविवार_सोमवार_मंगलवार_बुधवार_गुरूवार_शुक्रवार_शनिवार'.split('_'),
+        weekdaysShort : 'रवि_सोम_मंगल_बुध_गुरू_शुक्र_शनि'.split('_'),
+        weekdaysMin : 'र_सो_मं_बु_गु_शु_श'.split('_'),
+        longDateFormat : {
+            LT : 'A h:mm बजे',
+            LTS : 'A h:mm:ss बजे',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY, LT',
+            LLLL : 'dddd, D MMMM YYYY, LT'
+        },
+        calendar : {
+            sameDay : '[आज] LT',
+            nextDay : '[कल] LT',
+            nextWeek : 'dddd, LT',
+            lastDay : '[कल] LT',
+            lastWeek : '[पिछले] dddd, LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s में',
+            past : '%s पहले',
+            s : 'कुछ ही क्षण',
+            m : 'एक मिनट',
+            mm : '%d मिनट',
+            h : 'एक घंटा',
+            hh : '%d घंटे',
+            d : 'एक दिन',
+            dd : '%d दिन',
+            M : 'एक महीने',
+            MM : '%d महीने',
+            y : 'एक वर्ष',
+            yy : '%d वर्ष'
+        },
+        preparse: function (string) {
+            return string.replace(/[१२३४५६७८९०]/g, function (match) {
+                return hi__numberMap[match];
+            });
+        },
+        postformat: function (string) {
+            return string.replace(/\d/g, function (match) {
+                return hi__symbolMap[match];
+            });
+        },
+        // Hindi notation for meridiems are quite fuzzy in practice. While there exists
+        // a rigid notion of a 'Pahar' it is not used as rigidly in modern Hindi.
+        meridiemParse: /रात|सुबह|दोपहर|शाम/,
+        meridiemHour : function (hour, meridiem) {
+            if (hour === 12) {
+                hour = 0;
+            }
+            if (meridiem === 'रात') {
+                return hour < 4 ? hour : hour + 12;
+            } else if (meridiem === 'सुबह') {
+                return hour;
+            } else if (meridiem === 'दोपहर') {
+                return hour >= 10 ? hour : hour + 12;
+            } else if (meridiem === 'शाम') {
+                return hour + 12;
+            }
+        },
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 4) {
+                return 'रात';
+            } else if (hour < 10) {
+                return 'सुबह';
+            } else if (hour < 17) {
+                return 'दोपहर';
+            } else if (hour < 20) {
+                return 'शाम';
+            } else {
+                return 'रात';
+            }
+        },
+        week : {
+            dow : 0, // Sunday is the first day of the week.
+            doy : 6  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : hrvatski (hr)
+    //! author : Bojan Marković : https://github.com/bmarkovic
+
+    function hr__translate(number, withoutSuffix, key) {
+        var result = number + ' ';
+        switch (key) {
+        case 'm':
+            return withoutSuffix ? 'jedna minuta' : 'jedne minute';
+        case 'mm':
+            if (number === 1) {
+                result += 'minuta';
+            } else if (number === 2 || number === 3 || number === 4) {
+                result += 'minute';
+            } else {
+                result += 'minuta';
+            }
+            return result;
+        case 'h':
+            return withoutSuffix ? 'jedan sat' : 'jednog sata';
+        case 'hh':
+            if (number === 1) {
+                result += 'sat';
+            } else if (number === 2 || number === 3 || number === 4) {
+                result += 'sata';
+            } else {
+                result += 'sati';
+            }
+            return result;
+        case 'dd':
+            if (number === 1) {
+                result += 'dan';
+            } else {
+                result += 'dana';
+            }
+            return result;
+        case 'MM':
+            if (number === 1) {
+                result += 'mjesec';
+            } else if (number === 2 || number === 3 || number === 4) {
+                result += 'mjeseca';
+            } else {
+                result += 'mjeseci';
+            }
+            return result;
+        case 'yy':
+            if (number === 1) {
+                result += 'godina';
+            } else if (number === 2 || number === 3 || number === 4) {
+                result += 'godine';
+            } else {
+                result += 'godina';
+            }
+            return result;
+        }
+    }
+
+    var hr = _moment__default.defineLocale('hr', {
+        months : 'siječanj_veljača_ožujak_travanj_svibanj_lipanj_srpanj_kolovoz_rujan_listopad_studeni_prosinac'.split('_'),
+        monthsShort : 'sij._velj._ožu._tra._svi._lip._srp._kol._ruj._lis._stu._pro.'.split('_'),
+        weekdays : 'nedjelja_ponedjeljak_utorak_srijeda_četvrtak_petak_subota'.split('_'),
+        weekdaysShort : 'ned._pon._uto._sri._čet._pet._sub.'.split('_'),
+        weekdaysMin : 'ne_po_ut_sr_če_pe_su'.split('_'),
+        longDateFormat : {
+            LT : 'H:mm',
+            LTS : 'LT:ss',
+            L : 'DD. MM. YYYY',
+            LL : 'D. MMMM YYYY',
+            LLL : 'D. MMMM YYYY LT',
+            LLLL : 'dddd, D. MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay  : '[danas u] LT',
+            nextDay  : '[sutra u] LT',
+            nextWeek : function () {
+                switch (this.day()) {
+                case 0:
+                    return '[u] [nedjelju] [u] LT';
+                case 3:
+                    return '[u] [srijedu] [u] LT';
+                case 6:
+                    return '[u] [subotu] [u] LT';
+                case 1:
+                case 2:
+                case 4:
+                case 5:
+                    return '[u] dddd [u] LT';
+                }
+            },
+            lastDay  : '[jučer u] LT',
+            lastWeek : function () {
+                switch (this.day()) {
+                case 0:
+                case 3:
+                    return '[prošlu] dddd [u] LT';
+                case 6:
+                    return '[prošle] [subote] [u] LT';
+                case 1:
+                case 2:
+                case 4:
+                case 5:
+                    return '[prošli] dddd [u] LT';
+                }
+            },
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'za %s',
+            past   : 'prije %s',
+            s      : 'par sekundi',
+            m      : hr__translate,
+            mm     : hr__translate,
+            h      : hr__translate,
+            hh     : hr__translate,
+            d      : 'dan',
+            dd     : hr__translate,
+            M      : 'mjesec',
+            MM     : hr__translate,
+            y      : 'godinu',
+            yy     : hr__translate
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : hungarian (hu)
+    //! author : Adam Brunner : https://github.com/adambrunner
+
+    var weekEndings = 'vasárnap hétfőn kedden szerdán csütörtökön pénteken szombaton'.split(' ');
+    function hu__translate(number, withoutSuffix, key, isFuture) {
+        var num = number,
+            suffix;
+        switch (key) {
+        case 's':
+            return (isFuture || withoutSuffix) ? 'néhány másodperc' : 'néhány másodperce';
+        case 'm':
+            return 'egy' + (isFuture || withoutSuffix ? ' perc' : ' perce');
+        case 'mm':
+            return num + (isFuture || withoutSuffix ? ' perc' : ' perce');
+        case 'h':
+            return 'egy' + (isFuture || withoutSuffix ? ' óra' : ' órája');
+        case 'hh':
+            return num + (isFuture || withoutSuffix ? ' óra' : ' órája');
+        case 'd':
+            return 'egy' + (isFuture || withoutSuffix ? ' nap' : ' napja');
+        case 'dd':
+            return num + (isFuture || withoutSuffix ? ' nap' : ' napja');
+        case 'M':
+            return 'egy' + (isFuture || withoutSuffix ? ' hónap' : ' hónapja');
+        case 'MM':
+            return num + (isFuture || withoutSuffix ? ' hónap' : ' hónapja');
+        case 'y':
+            return 'egy' + (isFuture || withoutSuffix ? ' év' : ' éve');
+        case 'yy':
+            return num + (isFuture || withoutSuffix ? ' év' : ' éve');
+        }
+        return '';
+    }
+    function week(isFuture) {
+        return (isFuture ? '' : '[múlt] ') + '[' + weekEndings[this.day()] + '] LT[-kor]';
+    }
+
+    var hu = _moment__default.defineLocale('hu', {
+        months : 'január_február_március_április_május_június_július_augusztus_szeptember_október_november_december'.split('_'),
+        monthsShort : 'jan_feb_márc_ápr_máj_jún_júl_aug_szept_okt_nov_dec'.split('_'),
+        weekdays : 'vasárnap_hétfő_kedd_szerda_csütörtök_péntek_szombat'.split('_'),
+        weekdaysShort : 'vas_hét_kedd_sze_csüt_pén_szo'.split('_'),
+        weekdaysMin : 'v_h_k_sze_cs_p_szo'.split('_'),
+        longDateFormat : {
+            LT : 'H:mm',
+            LTS : 'LT:ss',
+            L : 'YYYY.MM.DD.',
+            LL : 'YYYY. MMMM D.',
+            LLL : 'YYYY. MMMM D., LT',
+            LLLL : 'YYYY. MMMM D., dddd LT'
+        },
+        meridiemParse: /de|du/i,
+        isPM: function (input) {
+            return input.charAt(1).toLowerCase() === 'u';
+        },
+        meridiem : function (hours, minutes, isLower) {
+            if (hours < 12) {
+                return isLower === true ? 'de' : 'DE';
+            } else {
+                return isLower === true ? 'du' : 'DU';
+            }
+        },
+        calendar : {
+            sameDay : '[ma] LT[-kor]',
+            nextDay : '[holnap] LT[-kor]',
+            nextWeek : function () {
+                return week.call(this, true);
+            },
+            lastDay : '[tegnap] LT[-kor]',
+            lastWeek : function () {
+                return week.call(this, false);
+            },
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s múlva',
+            past : '%s',
+            s : hu__translate,
+            m : hu__translate,
+            mm : hu__translate,
+            h : hu__translate,
+            hh : hu__translate,
+            d : hu__translate,
+            dd : hu__translate,
+            M : hu__translate,
+            MM : hu__translate,
+            y : hu__translate,
+            yy : hu__translate
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Armenian (hy-am)
+    //! author : Armendarabyan : https://github.com/armendarabyan
+
+    function hy_am__monthsCaseReplace(m, format) {
+        var months = {
+            'nominative': 'հունվար_փետրվար_մարտ_ապրիլ_մայիս_հունիս_հուլիս_օգոստոս_սեպտեմբեր_հոկտեմբեր_նոյեմբեր_դեկտեմբեր'.split('_'),
+            'accusative': 'հունվարի_փետրվարի_մարտի_ապրիլի_մայիսի_հունիսի_հուլիսի_օգոստոսի_սեպտեմբերի_հոկտեմբերի_նոյեմբերի_դեկտեմբերի'.split('_')
+        },
+        nounCase = (/D[oD]?(\[[^\[\]]*\]|\s+)+MMMM?/).test(format) ?
+            'accusative' :
+            'nominative';
+        return months[nounCase][m.month()];
+    }
+    function hy_am__monthsShortCaseReplace(m, format) {
+        var monthsShort = 'հնվ_փտր_մրտ_ապր_մյս_հնս_հլս_օգս_սպտ_հկտ_նմբ_դկտ'.split('_');
+        return monthsShort[m.month()];
+    }
+    function hy_am__weekdaysCaseReplace(m, format) {
+        var weekdays = 'կիրակի_երկուշաբթի_երեքշաբթի_չորեքշաբթի_հինգշաբթի_ուրբաթ_շաբաթ'.split('_');
+        return weekdays[m.day()];
+    }
+
+    var hy_am = _moment__default.defineLocale('hy-am', {
+        months : hy_am__monthsCaseReplace,
+        monthsShort : hy_am__monthsShortCaseReplace,
+        weekdays : hy_am__weekdaysCaseReplace,
+        weekdaysShort : 'կրկ_երկ_երք_չրք_հնգ_ուրբ_շբթ'.split('_'),
+        weekdaysMin : 'կրկ_երկ_երք_չրք_հնգ_ուրբ_շբթ'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D MMMM YYYY թ.',
+            LLL : 'D MMMM YYYY թ., LT',
+            LLLL : 'dddd, D MMMM YYYY թ., LT'
+        },
+        calendar : {
+            sameDay: '[այսօր] LT',
+            nextDay: '[վաղը] LT',
+            lastDay: '[երեկ] LT',
+            nextWeek: function () {
+                return 'dddd [օրը ժամը] LT';
+            },
+            lastWeek: function () {
+                return '[անցած] dddd [օրը ժամը] LT';
+            },
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : '%s հետո',
+            past : '%s առաջ',
+            s : 'մի քանի վայրկյան',
+            m : 'րոպե',
+            mm : '%d րոպե',
+            h : 'ժամ',
+            hh : '%d ժամ',
+            d : 'օր',
+            dd : '%d օր',
+            M : 'ամիս',
+            MM : '%d ամիս',
+            y : 'տարի',
+            yy : '%d տարի'
+        },
+        meridiemParse: /գիշերվա|առավոտվա|ցերեկվա|երեկոյան/,
+        isPM: function (input) {
+            return /^(ցերեկվա|երեկոյան)$/.test(input);
+        },
+        meridiem : function (hour) {
+            if (hour < 4) {
+                return 'գիշերվա';
+            } else if (hour < 12) {
+                return 'առավոտվա';
+            } else if (hour < 17) {
+                return 'ցերեկվա';
+            } else {
+                return 'երեկոյան';
+            }
+        },
+        ordinalParse: /\d{1,2}|\d{1,2}-(ին|րդ)/,
+        ordinal: function (number, period) {
+            switch (period) {
+            case 'DDD':
+            case 'w':
+            case 'W':
+            case 'DDDo':
+                if (number === 1) {
+                    return number + '-ին';
+                }
+                return number + '-րդ';
+            default:
+                return number;
+            }
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Bahasa Indonesia (id)
+    //! author : Mohammad Satrio Utomo : https://github.com/tyok
+    //! reference: http://id.wikisource.org/wiki/Pedoman_Umum_Ejaan_Bahasa_Indonesia_yang_Disempurnakan
+
+    var id = _moment__default.defineLocale('id', {
+        months : 'Januari_Februari_Maret_April_Mei_Juni_Juli_Agustus_September_Oktober_November_Desember'.split('_'),
+        monthsShort : 'Jan_Feb_Mar_Apr_Mei_Jun_Jul_Ags_Sep_Okt_Nov_Des'.split('_'),
+        weekdays : 'Minggu_Senin_Selasa_Rabu_Kamis_Jumat_Sabtu'.split('_'),
+        weekdaysShort : 'Min_Sen_Sel_Rab_Kam_Jum_Sab'.split('_'),
+        weekdaysMin : 'Mg_Sn_Sl_Rb_Km_Jm_Sb'.split('_'),
+        longDateFormat : {
+            LT : 'HH.mm',
+            LTS : 'LT.ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY [pukul] LT',
+            LLLL : 'dddd, D MMMM YYYY [pukul] LT'
+        },
+        meridiemParse: /pagi|siang|sore|malam/,
+        meridiemHour : function (hour, meridiem) {
+            if (hour === 12) {
+                hour = 0;
+            }
+            if (meridiem === 'pagi') {
+                return hour;
+            } else if (meridiem === 'siang') {
+                return hour >= 11 ? hour : hour + 12;
+            } else if (meridiem === 'sore' || meridiem === 'malam') {
+                return hour + 12;
+            }
+        },
+        meridiem : function (hours, minutes, isLower) {
+            if (hours < 11) {
+                return 'pagi';
+            } else if (hours < 15) {
+                return 'siang';
+            } else if (hours < 19) {
+                return 'sore';
+            } else {
+                return 'malam';
+            }
+        },
+        calendar : {
+            sameDay : '[Hari ini pukul] LT',
+            nextDay : '[Besok pukul] LT',
+            nextWeek : 'dddd [pukul] LT',
+            lastDay : '[Kemarin pukul] LT',
+            lastWeek : 'dddd [lalu pukul] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'dalam %s',
+            past : '%s yang lalu',
+            s : 'beberapa detik',
+            m : 'semenit',
+            mm : '%d menit',
+            h : 'sejam',
+            hh : '%d jam',
+            d : 'sehari',
+            dd : '%d hari',
+            M : 'sebulan',
+            MM : '%d bulan',
+            y : 'setahun',
+            yy : '%d tahun'
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : icelandic (is)
+    //! author : Hinrik Örn Sigurðsson : https://github.com/hinrik
+
+    function is__plural(n) {
+        if (n % 100 === 11) {
+            return true;
+        } else if (n % 10 === 1) {
+            return false;
+        }
+        return true;
+    }
+    function is__translate(number, withoutSuffix, key, isFuture) {
+        var result = number + ' ';
+        switch (key) {
+        case 's':
+            return withoutSuffix || isFuture ? 'nokkrar sekúndur' : 'nokkrum sekúndum';
+        case 'm':
+            return withoutSuffix ? 'mínúta' : 'mínútu';
+        case 'mm':
+            if (is__plural(number)) {
+                return result + (withoutSuffix || isFuture ? 'mínútur' : 'mínútum');
+            } else if (withoutSuffix) {
+                return result + 'mínúta';
+            }
+            return result + 'mínútu';
+        case 'hh':
+            if (is__plural(number)) {
+                return result + (withoutSuffix || isFuture ? 'klukkustundir' : 'klukkustundum');
+            }
+            return result + 'klukkustund';
+        case 'd':
+            if (withoutSuffix) {
+                return 'dagur';
+            }
+            return isFuture ? 'dag' : 'degi';
+        case 'dd':
+            if (is__plural(number)) {
+                if (withoutSuffix) {
+                    return result + 'dagar';
+                }
+                return result + (isFuture ? 'daga' : 'dögum');
+            } else if (withoutSuffix) {
+                return result + 'dagur';
+            }
+            return result + (isFuture ? 'dag' : 'degi');
+        case 'M':
+            if (withoutSuffix) {
+                return 'mánuður';
+            }
+            return isFuture ? 'mánuð' : 'mánuði';
+        case 'MM':
+            if (is__plural(number)) {
+                if (withoutSuffix) {
+                    return result + 'mánuðir';
+                }
+                return result + (isFuture ? 'mánuði' : 'mánuðum');
+            } else if (withoutSuffix) {
+                return result + 'mánuður';
+            }
+            return result + (isFuture ? 'mánuð' : 'mánuði');
+        case 'y':
+            return withoutSuffix || isFuture ? 'ár' : 'ári';
+        case 'yy':
+            if (is__plural(number)) {
+                return result + (withoutSuffix || isFuture ? 'ár' : 'árum');
+            }
+            return result + (withoutSuffix || isFuture ? 'ár' : 'ári');
+        }
+    }
+
+    var is = _moment__default.defineLocale('is', {
+        months : 'janúar_febrúar_mars_apríl_maí_júní_júlí_ágúst_september_október_nóvember_desember'.split('_'),
+        monthsShort : 'jan_feb_mar_apr_maí_jún_júl_ágú_sep_okt_nóv_des'.split('_'),
+        weekdays : 'sunnudagur_mánudagur_þriðjudagur_miðvikudagur_fimmtudagur_föstudagur_laugardagur'.split('_'),
+        weekdaysShort : 'sun_mán_þri_mið_fim_fös_lau'.split('_'),
+        weekdaysMin : 'Su_Má_Þr_Mi_Fi_Fö_La'.split('_'),
+        longDateFormat : {
+            LT : 'H:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D. MMMM YYYY',
+            LLL : 'D. MMMM YYYY [kl.] LT',
+            LLLL : 'dddd, D. MMMM YYYY [kl.] LT'
+        },
+        calendar : {
+            sameDay : '[í dag kl.] LT',
+            nextDay : '[á morgun kl.] LT',
+            nextWeek : 'dddd [kl.] LT',
+            lastDay : '[í gær kl.] LT',
+            lastWeek : '[síðasta] dddd [kl.] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'eftir %s',
+            past : 'fyrir %s síðan',
+            s : is__translate,
+            m : is__translate,
+            mm : is__translate,
+            h : 'klukkustund',
+            hh : is__translate,
+            d : is__translate,
+            dd : is__translate,
+            M : is__translate,
+            MM : is__translate,
+            y : is__translate,
+            yy : is__translate
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : italian (it)
+    //! author : Lorenzo : https://github.com/aliem
+    //! author: Mattia Larentis: https://github.com/nostalgiaz
+
+    var it = _moment__default.defineLocale('it', {
+        months : 'gennaio_febbraio_marzo_aprile_maggio_giugno_luglio_agosto_settembre_ottobre_novembre_dicembre'.split('_'),
+        monthsShort : 'gen_feb_mar_apr_mag_giu_lug_ago_set_ott_nov_dic'.split('_'),
+        weekdays : 'Domenica_Lunedì_Martedì_Mercoledì_Giovedì_Venerdì_Sabato'.split('_'),
+        weekdaysShort : 'Dom_Lun_Mar_Mer_Gio_Ven_Sab'.split('_'),
+        weekdaysMin : 'D_L_Ma_Me_G_V_S'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd, D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[Oggi alle] LT',
+            nextDay: '[Domani alle] LT',
+            nextWeek: 'dddd [alle] LT',
+            lastDay: '[Ieri alle] LT',
+            lastWeek: function () {
+                switch (this.day()) {
+                    case 0:
+                        return '[la scorsa] dddd [alle] LT';
+                    default:
+                        return '[lo scorso] dddd [alle] LT';
+                }
+            },
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : function (s) {
+                return ((/^[0-9].+$/).test(s) ? 'tra' : 'in') + ' ' + s;
+            },
+            past : '%s fa',
+            s : 'alcuni secondi',
+            m : 'un minuto',
+            mm : '%d minuti',
+            h : 'un\'ora',
+            hh : '%d ore',
+            d : 'un giorno',
+            dd : '%d giorni',
+            M : 'un mese',
+            MM : '%d mesi',
+            y : 'un anno',
+            yy : '%d anni'
+        },
+        ordinalParse : /\d{1,2}º/,
+        ordinal: '%dº',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : japanese (ja)
+    //! author : LI Long : https://github.com/baryon
+
+    var ja = _moment__default.defineLocale('ja', {
+        months : '1月_2月_3月_4月_5月_6月_7月_8月_9月_10月_11月_12月'.split('_'),
+        monthsShort : '1月_2月_3月_4月_5月_6月_7月_8月_9月_10月_11月_12月'.split('_'),
+        weekdays : '日曜日_月曜日_火曜日_水曜日_木曜日_金曜日_土曜日'.split('_'),
+        weekdaysShort : '日_月_火_水_木_金_土'.split('_'),
+        weekdaysMin : '日_月_火_水_木_金_土'.split('_'),
+        longDateFormat : {
+            LT : 'Ah時m分',
+            LTS : 'LTs秒',
+            L : 'YYYY/MM/DD',
+            LL : 'YYYY年M月D日',
+            LLL : 'YYYY年M月D日LT',
+            LLLL : 'YYYY年M月D日LT dddd'
+        },
+        meridiemParse: /午前|午後/i,
+        isPM : function (input) {
+            return input === '午後';
+        },
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 12) {
+                return '午前';
+            } else {
+                return '午後';
+            }
+        },
+        calendar : {
+            sameDay : '[今日] LT',
+            nextDay : '[明日] LT',
+            nextWeek : '[来週]dddd LT',
+            lastDay : '[昨日] LT',
+            lastWeek : '[前週]dddd LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s後',
+            past : '%s前',
+            s : '数秒',
+            m : '1分',
+            mm : '%d分',
+            h : '1時間',
+            hh : '%d時間',
+            d : '1日',
+            dd : '%d日',
+            M : '1ヶ月',
+            MM : '%dヶ月',
+            y : '1年',
+            yy : '%d年'
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Boso Jowo (jv)
+    //! author : Rony Lantip : https://github.com/lantip
+    //! reference: http://jv.wikipedia.org/wiki/Basa_Jawa
+
+    var jv = _moment__default.defineLocale('jv', {
+        months : 'Januari_Februari_Maret_April_Mei_Juni_Juli_Agustus_September_Oktober_Nopember_Desember'.split('_'),
+        monthsShort : 'Jan_Feb_Mar_Apr_Mei_Jun_Jul_Ags_Sep_Okt_Nop_Des'.split('_'),
+        weekdays : 'Minggu_Senen_Seloso_Rebu_Kemis_Jemuwah_Septu'.split('_'),
+        weekdaysShort : 'Min_Sen_Sel_Reb_Kem_Jem_Sep'.split('_'),
+        weekdaysMin : 'Mg_Sn_Sl_Rb_Km_Jm_Sp'.split('_'),
+        longDateFormat : {
+            LT : 'HH.mm',
+            LTS : 'LT.ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY [pukul] LT',
+            LLLL : 'dddd, D MMMM YYYY [pukul] LT'
+        },
+        meridiemParse: /enjing|siyang|sonten|ndalu/,
+        meridiemHour : function (hour, meridiem) {
+            if (hour === 12) {
+                hour = 0;
+            }
+            if (meridiem === 'enjing') {
+                return hour;
+            } else if (meridiem === 'siyang') {
+                return hour >= 11 ? hour : hour + 12;
+            } else if (meridiem === 'sonten' || meridiem === 'ndalu') {
+                return hour + 12;
+            }
+        },
+        meridiem : function (hours, minutes, isLower) {
+            if (hours < 11) {
+                return 'enjing';
+            } else if (hours < 15) {
+                return 'siyang';
+            } else if (hours < 19) {
+                return 'sonten';
+            } else {
+                return 'ndalu';
+            }
+        },
+        calendar : {
+            sameDay : '[Dinten puniko pukul] LT',
+            nextDay : '[Mbenjang pukul] LT',
+            nextWeek : 'dddd [pukul] LT',
+            lastDay : '[Kala wingi pukul] LT',
+            lastWeek : 'dddd [kepengker pukul] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'wonten ing %s',
+            past : '%s ingkang kepengker',
+            s : 'sawetawis detik',
+            m : 'setunggal menit',
+            mm : '%d menit',
+            h : 'setunggal jam',
+            hh : '%d jam',
+            d : 'sedinten',
+            dd : '%d dinten',
+            M : 'sewulan',
+            MM : '%d wulan',
+            y : 'setaun',
+            yy : '%d taun'
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Georgian (ka)
+    //! author : Irakli Janiashvili : https://github.com/irakli-janiashvili
+
+    function ka__monthsCaseReplace(m, format) {
+        var months = {
+            'nominative': 'იანვარი_თებერვალი_მარტი_აპრილი_მაისი_ივნისი_ივლისი_აგვისტო_სექტემბერი_ოქტომბერი_ნოემბერი_დეკემბერი'.split('_'),
+            'accusative': 'იანვარს_თებერვალს_მარტს_აპრილის_მაისს_ივნისს_ივლისს_აგვისტს_სექტემბერს_ოქტომბერს_ნოემბერს_დეკემბერს'.split('_')
+        },
+        nounCase = (/D[oD] *MMMM?/).test(format) ?
+            'accusative' :
+            'nominative';
+        return months[nounCase][m.month()];
+    }
+    function ka__weekdaysCaseReplace(m, format) {
+        var weekdays = {
+            'nominative': 'კვირა_ორშაბათი_სამშაბათი_ოთხშაბათი_ხუთშაბათი_პარასკევი_შაბათი'.split('_'),
+            'accusative': 'კვირას_ორშაბათს_სამშაბათს_ოთხშაბათს_ხუთშაბათს_პარასკევს_შაბათს'.split('_')
+        },
+        nounCase = (/(წინა|შემდეგ)/).test(format) ?
+            'accusative' :
+            'nominative';
+        return weekdays[nounCase][m.day()];
+    }
+
+    var ka = _moment__default.defineLocale('ka', {
+        months : ka__monthsCaseReplace,
+        monthsShort : 'იან_თებ_მარ_აპრ_მაი_ივნ_ივლ_აგვ_სექ_ოქტ_ნოე_დეკ'.split('_'),
+        weekdays : ka__weekdaysCaseReplace,
+        weekdaysShort : 'კვი_ორშ_სამ_ოთხ_ხუთ_პარ_შაბ'.split('_'),
+        weekdaysMin : 'კვ_ორ_სა_ოთ_ხუ_პა_შა'.split('_'),
+        longDateFormat : {
+            LT : 'h:mm A',
+            LTS : 'h:mm:ss A',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd, D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay : '[დღეს] LT[-ზე]',
+            nextDay : '[ხვალ] LT[-ზე]',
+            lastDay : '[გუშინ] LT[-ზე]',
+            nextWeek : '[შემდეგ] dddd LT[-ზე]',
+            lastWeek : '[წინა] dddd LT-ზე',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : function (s) {
+                return (/(წამი|წუთი|საათი|წელი)/).test(s) ?
+                    s.replace(/ი$/, 'ში') :
+                    s + 'ში';
+            },
+            past : function (s) {
+                if ((/(წამი|წუთი|საათი|დღე|თვე)/).test(s)) {
+                    return s.replace(/(ი|ე)$/, 'ის წინ');
+                }
+                if ((/წელი/).test(s)) {
+                    return s.replace(/წელი$/, 'წლის წინ');
+                }
+            },
+            s : 'რამდენიმე წამი',
+            m : 'წუთი',
+            mm : '%d წუთი',
+            h : 'საათი',
+            hh : '%d საათი',
+            d : 'დღე',
+            dd : '%d დღე',
+            M : 'თვე',
+            MM : '%d თვე',
+            y : 'წელი',
+            yy : '%d წელი'
+        },
+        ordinalParse: /0|1-ლი|მე-\d{1,2}|\d{1,2}-ე/,
+        ordinal : function (number) {
+            if (number === 0) {
+                return number;
+            }
+            if (number === 1) {
+                return number + '-ლი';
+            }
+            if ((number < 20) || (number <= 100 && (number % 20 === 0)) || (number % 100 === 0)) {
+                return 'მე-' + number;
+            }
+            return number + '-ე';
+        },
+        week : {
+            dow : 1,
+            doy : 7
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : khmer (km)
+    //! author : Kruy Vanna : https://github.com/kruyvanna
+
+    var km = _moment__default.defineLocale('km', {
+        months: 'មករា_កុម្ភៈ_មិនា_មេសា_ឧសភា_មិថុនា_កក្កដា_សីហា_កញ្ញា_តុលា_វិច្ឆិកា_ធ្នូ'.split('_'),
+        monthsShort: 'មករា_កុម្ភៈ_មិនា_មេសា_ឧសភា_មិថុនា_កក្កដា_សីហា_កញ្ញា_តុលា_វិច្ឆិកា_ធ្នូ'.split('_'),
+        weekdays: 'អាទិត្យ_ច័ន្ទ_អង្គារ_ពុធ_ព្រហស្បតិ៍_សុក្រ_សៅរ៍'.split('_'),
+        weekdaysShort: 'អាទិត្យ_ច័ន្ទ_អង្គារ_ពុធ_ព្រហស្បតិ៍_សុក្រ_សៅរ៍'.split('_'),
+        weekdaysMin: 'អាទិត្យ_ច័ន្ទ_អង្គារ_ពុធ_ព្រហស្បតិ៍_សុក្រ_សៅរ៍'.split('_'),
+        longDateFormat: {
+            LT: 'HH:mm',
+            LTS : 'LT:ss',
+            L: 'DD/MM/YYYY',
+            LL: 'D MMMM YYYY',
+            LLL: 'D MMMM YYYY LT',
+            LLLL: 'dddd, D MMMM YYYY LT'
+        },
+        calendar: {
+            sameDay: '[ថ្ងៃនៈ ម៉ោង] LT',
+            nextDay: '[ស្អែក ម៉ោង] LT',
+            nextWeek: 'dddd [ម៉ោង] LT',
+            lastDay: '[ម្សិលមិញ ម៉ោង] LT',
+            lastWeek: 'dddd [សប្តាហ៍មុន] [ម៉ោង] LT',
+            sameElse: 'L'
+        },
+        relativeTime: {
+            future: '%sទៀត',
+            past: '%sមុន',
+            s: 'ប៉ុន្មានវិនាទី',
+            m: 'មួយនាទី',
+            mm: '%d នាទី',
+            h: 'មួយម៉ោង',
+            hh: '%d ម៉ោង',
+            d: 'មួយថ្ងៃ',
+            dd: '%d ថ្ងៃ',
+            M: 'មួយខែ',
+            MM: '%d ខែ',
+            y: 'មួយឆ្នាំ',
+            yy: '%d ឆ្នាំ'
+        },
+        week: {
+            dow: 1, // Monday is the first day of the week.
+            doy: 4 // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : korean (ko)
+    //!
+    //! authors
+    //!
+    //! - Kyungwook, Park : https://github.com/kyungw00k
+    //! - Jeeeyul Lee <jeeeyul@gmail.com>
+
+    var ko = _moment__default.defineLocale('ko', {
+        months : '1월_2월_3월_4월_5월_6월_7월_8월_9월_10월_11월_12월'.split('_'),
+        monthsShort : '1월_2월_3월_4월_5월_6월_7월_8월_9월_10월_11월_12월'.split('_'),
+        weekdays : '일요일_월요일_화요일_수요일_목요일_금요일_토요일'.split('_'),
+        weekdaysShort : '일_월_화_수_목_금_토'.split('_'),
+        weekdaysMin : '일_월_화_수_목_금_토'.split('_'),
+        longDateFormat : {
+            LT : 'A h시 m분',
+            LTS : 'A h시 m분 s초',
+            L : 'YYYY.MM.DD',
+            LL : 'YYYY년 MMMM D일',
+            LLL : 'YYYY년 MMMM D일 LT',
+            LLLL : 'YYYY년 MMMM D일 dddd LT'
+        },
+        calendar : {
+            sameDay : '오늘 LT',
+            nextDay : '내일 LT',
+            nextWeek : 'dddd LT',
+            lastDay : '어제 LT',
+            lastWeek : '지난주 dddd LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s 후',
+            past : '%s 전',
+            s : '몇초',
+            ss : '%d초',
+            m : '일분',
+            mm : '%d분',
+            h : '한시간',
+            hh : '%d시간',
+            d : '하루',
+            dd : '%d일',
+            M : '한달',
+            MM : '%d달',
+            y : '일년',
+            yy : '%d년'
+        },
+        ordinalParse : /\d{1,2}일/,
+        ordinal : '%d일',
+        meridiemParse : /오전|오후/,
+        isPM : function (token) {
+            return token === '오후';
+        },
+        meridiem : function (hour, minute, isUpper) {
+            return hour < 12 ? '오전' : '오후';
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Luxembourgish (lb)
+    //! author : mweimerskirch : https://github.com/mweimerskirch, David Raison : https://github.com/kwisatz
+
+    function lb__processRelativeTime(number, withoutSuffix, key, isFuture) {
+        var format = {
+            'm': ['eng Minutt', 'enger Minutt'],
+            'h': ['eng Stonn', 'enger Stonn'],
+            'd': ['een Dag', 'engem Dag'],
+            'M': ['ee Mount', 'engem Mount'],
+            'y': ['ee Joer', 'engem Joer']
+        };
+        return withoutSuffix ? format[key][0] : format[key][1];
+    }
+    function processFutureTime(string) {
+        var number = string.substr(0, string.indexOf(' '));
+        if (eifelerRegelAppliesToNumber(number)) {
+            return 'a ' + string;
+        }
+        return 'an ' + string;
+    }
+    function processPastTime(string) {
+        var number = string.substr(0, string.indexOf(' '));
+        if (eifelerRegelAppliesToNumber(number)) {
+            return 'viru ' + string;
+        }
+        return 'virun ' + string;
+    }
+    /**
+     * Returns true if the word before the given number loses the '-n' ending.
+     * e.g. 'an 10 Deeg' but 'a 5 Deeg'
+     *
+     * @param number {integer}
+     * @returns {boolean}
+     */
+    function eifelerRegelAppliesToNumber(number) {
+        number = parseInt(number, 10);
+        if (isNaN(number)) {
+            return false;
+        }
+        if (number < 0) {
+            // Negative Number --> always true
+            return true;
+        } else if (number < 10) {
+            // Only 1 digit
+            if (4 <= number && number <= 7) {
+                return true;
+            }
+            return false;
+        } else if (number < 100) {
+            // 2 digits
+            var lastDigit = number % 10, firstDigit = number / 10;
+            if (lastDigit === 0) {
+                return eifelerRegelAppliesToNumber(firstDigit);
+            }
+            return eifelerRegelAppliesToNumber(lastDigit);
+        } else if (number < 10000) {
+            // 3 or 4 digits --> recursively check first digit
+            while (number >= 10) {
+                number = number / 10;
+            }
+            return eifelerRegelAppliesToNumber(number);
+        } else {
+            // Anything larger than 4 digits: recursively check first n-3 digits
+            number = number / 1000;
+            return eifelerRegelAppliesToNumber(number);
+        }
+    }
+
+    var lb = _moment__default.defineLocale('lb', {
+        months: 'Januar_Februar_Mäerz_Abrëll_Mee_Juni_Juli_August_September_Oktober_November_Dezember'.split('_'),
+        monthsShort: 'Jan._Febr._Mrz._Abr._Mee_Jun._Jul._Aug._Sept._Okt._Nov._Dez.'.split('_'),
+        weekdays: 'Sonndeg_Méindeg_Dënschdeg_Mëttwoch_Donneschdeg_Freideg_Samschdeg'.split('_'),
+        weekdaysShort: 'So._Mé._Dë._Më._Do._Fr._Sa.'.split('_'),
+        weekdaysMin: 'So_Mé_Dë_Më_Do_Fr_Sa'.split('_'),
+        longDateFormat: {
+            LT: 'H:mm [Auer]',
+            LTS: 'H:mm:ss [Auer]',
+            L: 'DD.MM.YYYY',
+            LL: 'D. MMMM YYYY',
+            LLL: 'D. MMMM YYYY LT',
+            LLLL: 'dddd, D. MMMM YYYY LT'
+        },
+        calendar: {
+            sameDay: '[Haut um] LT',
+            sameElse: 'L',
+            nextDay: '[Muer um] LT',
+            nextWeek: 'dddd [um] LT',
+            lastDay: '[Gëschter um] LT',
+            lastWeek: function () {
+                // Different date string for 'Dënschdeg' (Tuesday) and 'Donneschdeg' (Thursday) due to phonological rule
+                switch (this.day()) {
+                    case 2:
+                    case 4:
+                        return '[Leschten] dddd [um] LT';
+                    default:
+                        return '[Leschte] dddd [um] LT';
+                }
+            }
+        },
+        relativeTime : {
+            future : processFutureTime,
+            past : processPastTime,
+            s : 'e puer Sekonnen',
+            m : lb__processRelativeTime,
+            mm : '%d Minutten',
+            h : lb__processRelativeTime,
+            hh : '%d Stonnen',
+            d : lb__processRelativeTime,
+            dd : '%d Deeg',
+            M : lb__processRelativeTime,
+            MM : '%d Méint',
+            y : lb__processRelativeTime,
+            yy : '%d Joer'
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal: '%d.',
+        week: {
+            dow: 1, // Monday is the first day of the week.
+            doy: 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Lithuanian (lt)
+    //! author : Mindaugas Mozūras : https://github.com/mmozuras
+
+    var lt__units = {
+        'm' : 'minutė_minutės_minutę',
+        'mm': 'minutės_minučių_minutes',
+        'h' : 'valanda_valandos_valandą',
+        'hh': 'valandos_valandų_valandas',
+        'd' : 'diena_dienos_dieną',
+        'dd': 'dienos_dienų_dienas',
+        'M' : 'mėnuo_mėnesio_mėnesį',
+        'MM': 'mėnesiai_mėnesių_mėnesius',
+        'y' : 'metai_metų_metus',
+        'yy': 'metai_metų_metus'
+    },
+    weekDays = 'sekmadienis_pirmadienis_antradienis_trečiadienis_ketvirtadienis_penktadienis_šeštadienis'.split('_');
+    function translateSeconds(number, withoutSuffix, key, isFuture) {
+        if (withoutSuffix) {
+            return 'kelios sekundės';
+        } else {
+            return isFuture ? 'kelių sekundžių' : 'kelias sekundes';
+        }
+    }
+    function translateSingular(number, withoutSuffix, key, isFuture) {
+        return withoutSuffix ? forms(key)[0] : (isFuture ? forms(key)[1] : forms(key)[2]);
+    }
+    function special(number) {
+        return number % 10 === 0 || (number > 10 && number < 20);
+    }
+    function forms(key) {
+        return lt__units[key].split('_');
+    }
+    function lt__translate(number, withoutSuffix, key, isFuture) {
+        var result = number + ' ';
+        if (number === 1) {
+            return result + translateSingular(number, withoutSuffix, key[0], isFuture);
+        } else if (withoutSuffix) {
+            return result + (special(number) ? forms(key)[1] : forms(key)[0]);
+        } else {
+            if (isFuture) {
+                return result + forms(key)[1];
+            } else {
+                return result + (special(number) ? forms(key)[1] : forms(key)[2]);
+            }
+        }
+    }
+    function relativeWeekDay(moment, format) {
+        var nominative = format.indexOf('dddd HH:mm') === -1,
+            weekDay = weekDays[moment.day()];
+        return nominative ? weekDay : weekDay.substring(0, weekDay.length - 2) + 'į';
+    }
+
+    var lt = _moment__default.defineLocale('lt', {
+        months : 'sausio_vasario_kovo_balandžio_gegužės_birželio_liepos_rugpjūčio_rugsėjo_spalio_lapkričio_gruodžio'.split('_'),
+        monthsShort : 'sau_vas_kov_bal_geg_bir_lie_rgp_rgs_spa_lap_grd'.split('_'),
+        weekdays : relativeWeekDay,
+        weekdaysShort : 'Sek_Pir_Ant_Tre_Ket_Pen_Šeš'.split('_'),
+        weekdaysMin : 'S_P_A_T_K_Pn_Š'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'YYYY-MM-DD',
+            LL : 'YYYY [m.] MMMM D [d.]',
+            LLL : 'YYYY [m.] MMMM D [d.], LT [val.]',
+            LLLL : 'YYYY [m.] MMMM D [d.], dddd, LT [val.]',
+            l : 'YYYY-MM-DD',
+            ll : 'YYYY [m.] MMMM D [d.]',
+            lll : 'YYYY [m.] MMMM D [d.], LT [val.]',
+            llll : 'YYYY [m.] MMMM D [d.], ddd, LT [val.]'
+        },
+        calendar : {
+            sameDay : '[Šiandien] LT',
+            nextDay : '[Rytoj] LT',
+            nextWeek : 'dddd LT',
+            lastDay : '[Vakar] LT',
+            lastWeek : '[Praėjusį] dddd LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'po %s',
+            past : 'prieš %s',
+            s : translateSeconds,
+            m : translateSingular,
+            mm : lt__translate,
+            h : translateSingular,
+            hh : lt__translate,
+            d : translateSingular,
+            dd : lt__translate,
+            M : translateSingular,
+            MM : lt__translate,
+            y : translateSingular,
+            yy : lt__translate
+        },
+        ordinalParse: /\d{1,2}-oji/,
+        ordinal : function (number) {
+            return number + '-oji';
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : latvian (lv)
+    //! author : Kristaps Karlsons : https://github.com/skakri
+    //! author : Jānis Elmeris : https://github.com/JanisE
+
+    var lv__units = {
+        'm': 'minūtes_minūtēm_minūte_minūtes'.split('_'),
+        'mm': 'minūtes_minūtēm_minūte_minūtes'.split('_'),
+        'h': 'stundas_stundām_stunda_stundas'.split('_'),
+        'hh': 'stundas_stundām_stunda_stundas'.split('_'),
+        'd': 'dienas_dienām_diena_dienas'.split('_'),
+        'dd': 'dienas_dienām_diena_dienas'.split('_'),
+        'M': 'mēneša_mēnešiem_mēnesis_mēneši'.split('_'),
+        'MM': 'mēneša_mēnešiem_mēnesis_mēneši'.split('_'),
+        'y': 'gada_gadiem_gads_gadi'.split('_'),
+        'yy': 'gada_gadiem_gads_gadi'.split('_')
+    };
+    /**
+     * @param withoutSuffix boolean true = a length of time; false = before/after a period of time.
+     */
+    function lv__format(forms, number, withoutSuffix) {
+        if (withoutSuffix) {
+            // E.g. "21 minūte", "3 minūtes".
+            return number % 10 === 1 && number !== 11 ? forms[2] : forms[3];
+        } else {
+            // E.g. "21 minūtes" as in "pēc 21 minūtes".
+            // E.g. "3 minūtēm" as in "pēc 3 minūtēm".
+            return number % 10 === 1 && number !== 11 ? forms[0] : forms[1];
+        }
+    }
+    function lv__relativeTimeWithPlural(number, withoutSuffix, key) {
+        return number + ' ' + lv__format(lv__units[key], number, withoutSuffix);
+    }
+    function relativeTimeWithSingular(number, withoutSuffix, key) {
+        return lv__format(lv__units[key], number, withoutSuffix);
+    }
+    function relativeSeconds(number, withoutSuffix) {
+        return withoutSuffix ? 'dažas sekundes' : 'dažām sekundēm';
+    }
+
+    var lv = _moment__default.defineLocale('lv', {
+        months : 'janvāris_februāris_marts_aprīlis_maijs_jūnijs_jūlijs_augusts_septembris_oktobris_novembris_decembris'.split('_'),
+        monthsShort : 'jan_feb_mar_apr_mai_jūn_jūl_aug_sep_okt_nov_dec'.split('_'),
+        weekdays : 'svētdiena_pirmdiena_otrdiena_trešdiena_ceturtdiena_piektdiena_sestdiena'.split('_'),
+        weekdaysShort : 'Sv_P_O_T_C_Pk_S'.split('_'),
+        weekdaysMin : 'Sv_P_O_T_C_Pk_S'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD.MM.YYYY.',
+            LL : 'YYYY. [gada] D. MMMM',
+            LLL : 'YYYY. [gada] D. MMMM, LT',
+            LLLL : 'YYYY. [gada] D. MMMM, dddd, LT'
+        },
+        calendar : {
+            sameDay : '[Šodien pulksten] LT',
+            nextDay : '[Rīt pulksten] LT',
+            nextWeek : 'dddd [pulksten] LT',
+            lastDay : '[Vakar pulksten] LT',
+            lastWeek : '[Pagājušā] dddd [pulksten] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'pēc %s',
+            past : 'pirms %s',
+            s : relativeSeconds,
+            m : relativeTimeWithSingular,
+            mm : lv__relativeTimeWithPlural,
+            h : relativeTimeWithSingular,
+            hh : lv__relativeTimeWithPlural,
+            d : relativeTimeWithSingular,
+            dd : lv__relativeTimeWithPlural,
+            M : relativeTimeWithSingular,
+            MM : lv__relativeTimeWithPlural,
+            y : relativeTimeWithSingular,
+            yy : lv__relativeTimeWithPlural
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Montenegrin (me)
+    //! author : Miodrag Nikač <miodrag@restartit.me> : https://github.com/miodragnikac
+
+    var me__translator = {
+        words: { //Different grammatical cases
+            m: ['jedan minut', 'jednog minuta'],
+            mm: ['minut', 'minuta', 'minuta'],
+            h: ['jedan sat', 'jednog sata'],
+            hh: ['sat', 'sata', 'sati'],
+            dd: ['dan', 'dana', 'dana'],
+            MM: ['mjesec', 'mjeseca', 'mjeseci'],
+            yy: ['godina', 'godine', 'godina']
+        },
+        correctGrammaticalCase: function (number, wordKey) {
+            return number === 1 ? wordKey[0] : (number >= 2 && number <= 4 ? wordKey[1] : wordKey[2]);
+        },
+        translate: function (number, withoutSuffix, key) {
+            var wordKey = me__translator.words[key];
+            if (key.length === 1) {
+                return withoutSuffix ? wordKey[0] : wordKey[1];
+            } else {
+                return number + ' ' + me__translator.correctGrammaticalCase(number, wordKey);
+            }
+        }
+    };
+
+    var me = _moment__default.defineLocale('me', {
+        months: ['januar', 'februar', 'mart', 'april', 'maj', 'jun', 'jul', 'avgust', 'septembar', 'oktobar', 'novembar', 'decembar'],
+        monthsShort: ['jan.', 'feb.', 'mar.', 'apr.', 'maj', 'jun', 'jul', 'avg.', 'sep.', 'okt.', 'nov.', 'dec.'],
+        weekdays: ['nedjelja', 'ponedjeljak', 'utorak', 'srijeda', 'četvrtak', 'petak', 'subota'],
+        weekdaysShort: ['ned.', 'pon.', 'uto.', 'sri.', 'čet.', 'pet.', 'sub.'],
+        weekdaysMin: ['ne', 'po', 'ut', 'sr', 'če', 'pe', 'su'],
+        longDateFormat: {
+            LT: 'H:mm',
+            LTS : 'LT:ss',
+            L: 'DD. MM. YYYY',
+            LL: 'D. MMMM YYYY',
+            LLL: 'D. MMMM YYYY LT',
+            LLLL: 'dddd, D. MMMM YYYY LT'
+        },
+        calendar: {
+            sameDay: '[danas u] LT',
+            nextDay: '[sjutra u] LT',
+
+            nextWeek: function () {
+                switch (this.day()) {
+                case 0:
+                    return '[u] [nedjelju] [u] LT';
+                case 3:
+                    return '[u] [srijedu] [u] LT';
+                case 6:
+                    return '[u] [subotu] [u] LT';
+                case 1:
+                case 2:
+                case 4:
+                case 5:
+                    return '[u] dddd [u] LT';
+                }
+            },
+            lastDay  : '[juče u] LT',
+            lastWeek : function () {
+                var lastWeekDays = [
+                    '[prošle] [nedjelje] [u] LT',
+                    '[prošlog] [ponedjeljka] [u] LT',
+                    '[prošlog] [utorka] [u] LT',
+                    '[prošle] [srijede] [u] LT',
+                    '[prošlog] [četvrtka] [u] LT',
+                    '[prošlog] [petka] [u] LT',
+                    '[prošle] [subote] [u] LT'
+                ];
+                return lastWeekDays[this.day()];
+            },
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'za %s',
+            past   : 'prije %s',
+            s      : 'nekoliko sekundi',
+            m      : me__translator.translate,
+            mm     : me__translator.translate,
+            h      : me__translator.translate,
+            hh     : me__translator.translate,
+            d      : 'dan',
+            dd     : me__translator.translate,
+            M      : 'mjesec',
+            MM     : me__translator.translate,
+            y      : 'godinu',
+            yy     : me__translator.translate
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : macedonian (mk)
+    //! author : Borislav Mickov : https://github.com/B0k0
+
+    var mk = _moment__default.defineLocale('mk', {
+        months : 'јануари_февруари_март_април_мај_јуни_јули_август_септември_октомври_ноември_декември'.split('_'),
+        monthsShort : 'јан_фев_мар_апр_мај_јун_јул_авг_сеп_окт_ное_дек'.split('_'),
+        weekdays : 'недела_понеделник_вторник_среда_четврток_петок_сабота'.split('_'),
+        weekdaysShort : 'нед_пон_вто_сре_чет_пет_саб'.split('_'),
+        weekdaysMin : 'нe_пo_вт_ср_че_пе_сa'.split('_'),
+        longDateFormat : {
+            LT : 'H:mm',
+            LTS : 'LT:ss',
+            L : 'D.MM.YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd, D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay : '[Денес во] LT',
+            nextDay : '[Утре во] LT',
+            nextWeek : 'dddd [во] LT',
+            lastDay : '[Вчера во] LT',
+            lastWeek : function () {
+                switch (this.day()) {
+                case 0:
+                case 3:
+                case 6:
+                    return '[Во изминатата] dddd [во] LT';
+                case 1:
+                case 2:
+                case 4:
+                case 5:
+                    return '[Во изминатиот] dddd [во] LT';
+                }
+            },
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'после %s',
+            past : 'пред %s',
+            s : 'неколку секунди',
+            m : 'минута',
+            mm : '%d минути',
+            h : 'час',
+            hh : '%d часа',
+            d : 'ден',
+            dd : '%d дена',
+            M : 'месец',
+            MM : '%d месеци',
+            y : 'година',
+            yy : '%d години'
+        },
+        ordinalParse: /\d{1,2}-(ев|ен|ти|ви|ри|ми)/,
+        ordinal : function (number) {
+            var lastDigit = number % 10,
+                last2Digits = number % 100;
+            if (number === 0) {
+                return number + '-ев';
+            } else if (last2Digits === 0) {
+                return number + '-ен';
+            } else if (last2Digits > 10 && last2Digits < 20) {
+                return number + '-ти';
+            } else if (lastDigit === 1) {
+                return number + '-ви';
+            } else if (lastDigit === 2) {
+                return number + '-ри';
+            } else if (lastDigit === 7 || lastDigit === 8) {
+                return number + '-ми';
+            } else {
+                return number + '-ти';
+            }
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : malayalam (ml)
+    //! author : Floyd Pink : https://github.com/floydpink
+
+    var ml = _moment__default.defineLocale('ml', {
+        months : 'ജനുവരി_ഫെബ്രുവരി_മാർച്ച്_ഏപ്രിൽ_മേയ്_ജൂൺ_ജൂലൈ_ഓഗസ്റ്റ്_സെപ്റ്റംബർ_ഒക്ടോബർ_നവംബർ_ഡിസംബർ'.split('_'),
+        monthsShort : 'ജനു._ഫെബ്രു._മാർ._ഏപ്രി._മേയ്_ജൂൺ_ജൂലൈ._ഓഗ._സെപ്റ്റ._ഒക്ടോ._നവം._ഡിസം.'.split('_'),
+        weekdays : 'ഞായറാഴ്ച_തിങ്കളാഴ്ച_ചൊവ്വാഴ്ച_ബുധനാഴ്ച_വ്യാഴാഴ്ച_വെള്ളിയാഴ്ച_ശനിയാഴ്ച'.split('_'),
+        weekdaysShort : 'ഞായർ_തിങ്കൾ_ചൊവ്വ_ബുധൻ_വ്യാഴം_വെള്ളി_ശനി'.split('_'),
+        weekdaysMin : 'ഞാ_തി_ചൊ_ബു_വ്യാ_വെ_ശ'.split('_'),
+        longDateFormat : {
+            LT : 'A h:mm -നു',
+            LTS : 'A h:mm:ss -നു',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY, LT',
+            LLLL : 'dddd, D MMMM YYYY, LT'
+        },
+        calendar : {
+            sameDay : '[ഇന്ന്] LT',
+            nextDay : '[നാളെ] LT',
+            nextWeek : 'dddd, LT',
+            lastDay : '[ഇന്നലെ] LT',
+            lastWeek : '[കഴിഞ്ഞ] dddd, LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s കഴിഞ്ഞ്',
+            past : '%s മുൻപ്',
+            s : 'അൽപ നിമിഷങ്ങൾ',
+            m : 'ഒരു മിനിറ്റ്',
+            mm : '%d മിനിറ്റ്',
+            h : 'ഒരു മണിക്കൂർ',
+            hh : '%d മണിക്കൂർ',
+            d : 'ഒരു ദിവസം',
+            dd : '%d ദിവസം',
+            M : 'ഒരു മാസം',
+            MM : '%d മാസം',
+            y : 'ഒരു വർഷം',
+            yy : '%d വർഷം'
+        },
+        meridiemParse: /രാത്രി|രാവിലെ|ഉച്ച കഴിഞ്ഞ്|വൈകുന്നേരം|രാത്രി/i,
+        isPM : function (input) {
+            return /^(ഉച്ച കഴിഞ്ഞ്|വൈകുന്നേരം|രാത്രി)$/.test(input);
+        },
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 4) {
+                return 'രാത്രി';
+            } else if (hour < 12) {
+                return 'രാവിലെ';
+            } else if (hour < 17) {
+                return 'ഉച്ച കഴിഞ്ഞ്';
+            } else if (hour < 20) {
+                return 'വൈകുന്നേരം';
+            } else {
+                return 'രാത്രി';
+            }
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Marathi (mr)
+    //! author : Harshad Kale : https://github.com/kalehv
+
+    var mr__symbolMap = {
+        '1': '१',
+        '2': '२',
+        '3': '३',
+        '4': '४',
+        '5': '५',
+        '6': '६',
+        '7': '७',
+        '8': '८',
+        '9': '९',
+        '0': '०'
+    },
+    mr__numberMap = {
+        '१': '1',
+        '२': '2',
+        '३': '3',
+        '४': '4',
+        '५': '5',
+        '६': '6',
+        '७': '7',
+        '८': '8',
+        '९': '9',
+        '०': '0'
+    };
+
+    var mr = _moment__default.defineLocale('mr', {
+        months : 'जानेवारी_फेब्रुवारी_मार्च_एप्रिल_मे_जून_जुलै_ऑगस्ट_सप्टेंबर_ऑक्टोबर_नोव्हेंबर_डिसेंबर'.split('_'),
+        monthsShort: 'जाने._फेब्रु._मार्च._एप्रि._मे._जून._जुलै._ऑग._सप्टें._ऑक्टो._नोव्हें._डिसें.'.split('_'),
+        weekdays : 'रविवार_सोमवार_मंगळवार_बुधवार_गुरूवार_शुक्रवार_शनिवार'.split('_'),
+        weekdaysShort : 'रवि_सोम_मंगळ_बुध_गुरू_शुक्र_शनि'.split('_'),
+        weekdaysMin : 'र_सो_मं_बु_गु_शु_श'.split('_'),
+        longDateFormat : {
+            LT : 'A h:mm वाजता',
+            LTS : 'A h:mm:ss वाजता',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY, LT',
+            LLLL : 'dddd, D MMMM YYYY, LT'
+        },
+        calendar : {
+            sameDay : '[आज] LT',
+            nextDay : '[उद्या] LT',
+            nextWeek : 'dddd, LT',
+            lastDay : '[काल] LT',
+            lastWeek: '[मागील] dddd, LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s नंतर',
+            past : '%s पूर्वी',
+            s : 'सेकंद',
+            m: 'एक मिनिट',
+            mm: '%d मिनिटे',
+            h : 'एक तास',
+            hh : '%d तास',
+            d : 'एक दिवस',
+            dd : '%d दिवस',
+            M : 'एक महिना',
+            MM : '%d महिने',
+            y : 'एक वर्ष',
+            yy : '%d वर्षे'
+        },
+        preparse: function (string) {
+            return string.replace(/[१२३४५६७८९०]/g, function (match) {
+                return mr__numberMap[match];
+            });
+        },
+        postformat: function (string) {
+            return string.replace(/\d/g, function (match) {
+                return mr__symbolMap[match];
+            });
+        },
+        meridiemParse: /रात्री|सकाळी|दुपारी|सायंकाळी/,
+        meridiemHour : function (hour, meridiem) {
+            if (hour === 12) {
+                hour = 0;
+            }
+            if (meridiem === 'रात्री') {
+                return hour < 4 ? hour : hour + 12;
+            } else if (meridiem === 'सकाळी') {
+                return hour;
+            } else if (meridiem === 'दुपारी') {
+                return hour >= 10 ? hour : hour + 12;
+            } else if (meridiem === 'सायंकाळी') {
+                return hour + 12;
+            }
+        },
+        meridiem: function (hour, minute, isLower) {
+            if (hour < 4) {
+                return 'रात्री';
+            } else if (hour < 10) {
+                return 'सकाळी';
+            } else if (hour < 17) {
+                return 'दुपारी';
+            } else if (hour < 20) {
+                return 'सायंकाळी';
+            } else {
+                return 'रात्री';
+            }
+        },
+        week : {
+            dow : 0, // Sunday is the first day of the week.
+            doy : 6  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Bahasa Malaysia (ms-MY)
+    //! author : Weldan Jamili : https://github.com/weldan
+
+    var ms_my = _moment__default.defineLocale('ms-my', {
+        months : 'Januari_Februari_Mac_April_Mei_Jun_Julai_Ogos_September_Oktober_November_Disember'.split('_'),
+        monthsShort : 'Jan_Feb_Mac_Apr_Mei_Jun_Jul_Ogs_Sep_Okt_Nov_Dis'.split('_'),
+        weekdays : 'Ahad_Isnin_Selasa_Rabu_Khamis_Jumaat_Sabtu'.split('_'),
+        weekdaysShort : 'Ahd_Isn_Sel_Rab_Kha_Jum_Sab'.split('_'),
+        weekdaysMin : 'Ah_Is_Sl_Rb_Km_Jm_Sb'.split('_'),
+        longDateFormat : {
+            LT : 'HH.mm',
+            LTS : 'LT.ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY [pukul] LT',
+            LLLL : 'dddd, D MMMM YYYY [pukul] LT'
+        },
+        meridiemParse: /pagi|tengahari|petang|malam/,
+        meridiemHour: function (hour, meridiem) {
+            if (hour === 12) {
+                hour = 0;
+            }
+            if (meridiem === 'pagi') {
+                return hour;
+            } else if (meridiem === 'tengahari') {
+                return hour >= 11 ? hour : hour + 12;
+            } else if (meridiem === 'petang' || meridiem === 'malam') {
+                return hour + 12;
+            }
+        },
+        meridiem : function (hours, minutes, isLower) {
+            if (hours < 11) {
+                return 'pagi';
+            } else if (hours < 15) {
+                return 'tengahari';
+            } else if (hours < 19) {
+                return 'petang';
+            } else {
+                return 'malam';
+            }
+        },
+        calendar : {
+            sameDay : '[Hari ini pukul] LT',
+            nextDay : '[Esok pukul] LT',
+            nextWeek : 'dddd [pukul] LT',
+            lastDay : '[Kelmarin pukul] LT',
+            lastWeek : 'dddd [lepas pukul] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'dalam %s',
+            past : '%s yang lepas',
+            s : 'beberapa saat',
+            m : 'seminit',
+            mm : '%d minit',
+            h : 'sejam',
+            hh : '%d jam',
+            d : 'sehari',
+            dd : '%d hari',
+            M : 'sebulan',
+            MM : '%d bulan',
+            y : 'setahun',
+            yy : '%d tahun'
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Burmese (my)
+    //! author : Squar team, mysquar.com
+
+    var my__symbolMap = {
+        '1': '၁',
+        '2': '၂',
+        '3': '၃',
+        '4': '၄',
+        '5': '၅',
+        '6': '၆',
+        '7': '၇',
+        '8': '၈',
+        '9': '၉',
+        '0': '၀'
+    }, my__numberMap = {
+        '၁': '1',
+        '၂': '2',
+        '၃': '3',
+        '၄': '4',
+        '၅': '5',
+        '၆': '6',
+        '၇': '7',
+        '၈': '8',
+        '၉': '9',
+        '၀': '0'
+    };
+
+    var my = _moment__default.defineLocale('my', {
+        months: 'ဇန်နဝါရီ_ဖေဖော်ဝါရီ_မတ်_ဧပြီ_မေ_ဇွန်_ဇူလိုင်_သြဂုတ်_စက်တင်ဘာ_အောက်တိုဘာ_နိုဝင်ဘာ_ဒီဇင်ဘာ'.split('_'),
+        monthsShort: 'ဇန်_ဖေ_မတ်_ပြီ_မေ_ဇွန်_လိုင်_သြ_စက်_အောက်_နို_ဒီ'.split('_'),
+        weekdays: 'တနင်္ဂနွေ_တနင်္လာ_အင်္ဂါ_ဗုဒ္ဓဟူး_ကြာသပတေး_သောကြာ_စနေ'.split('_'),
+        weekdaysShort: 'နွေ_လာ_ဂါ_ဟူး_ကြာ_သော_နေ'.split('_'),
+        weekdaysMin: 'နွေ_လာ_ဂါ_ဟူး_ကြာ_သော_နေ'.split('_'),
+
+        longDateFormat: {
+            LT: 'HH:mm',
+            LTS: 'HH:mm:ss',
+            L: 'DD/MM/YYYY',
+            LL: 'D MMMM YYYY',
+            LLL: 'D MMMM YYYY LT',
+            LLLL: 'dddd D MMMM YYYY LT'
+        },
+        calendar: {
+            sameDay: '[ယနေ.] LT [မှာ]',
+            nextDay: '[မနက်ဖြန်] LT [မှာ]',
+            nextWeek: 'dddd LT [မှာ]',
+            lastDay: '[မနေ.က] LT [မှာ]',
+            lastWeek: '[ပြီးခဲ့သော] dddd LT [မှာ]',
+            sameElse: 'L'
+        },
+        relativeTime: {
+            future: 'လာမည့် %s မှာ',
+            past: 'လွန်ခဲ့သော %s က',
+            s: 'စက္ကန်.အနည်းငယ်',
+            m: 'တစ်မိနစ်',
+            mm: '%d မိနစ်',
+            h: 'တစ်နာရီ',
+            hh: '%d နာရီ',
+            d: 'တစ်ရက်',
+            dd: '%d ရက်',
+            M: 'တစ်လ',
+            MM: '%d လ',
+            y: 'တစ်နှစ်',
+            yy: '%d နှစ်'
+        },
+        preparse: function (string) {
+            return string.replace(/[၁၂၃၄၅၆၇၈၉၀]/g, function (match) {
+                return my__numberMap[match];
+            });
+        },
+        postformat: function (string) {
+            return string.replace(/\d/g, function (match) {
+                return my__symbolMap[match];
+            });
+        },
+        week: {
+            dow: 1, // Monday is the first day of the week.
+            doy: 4 // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : norwegian bokmål (nb)
+    //! authors : Espen Hovlandsdal : https://github.com/rexxars
+    //!           Sigurd Gartmann : https://github.com/sigurdga
+
+    var nb = _moment__default.defineLocale('nb', {
+        months : 'januar_februar_mars_april_mai_juni_juli_august_september_oktober_november_desember'.split('_'),
+        monthsShort : 'jan_feb_mar_apr_mai_jun_jul_aug_sep_okt_nov_des'.split('_'),
+        weekdays : 'søndag_mandag_tirsdag_onsdag_torsdag_fredag_lørdag'.split('_'),
+        weekdaysShort : 'søn_man_tirs_ons_tors_fre_lør'.split('_'),
+        weekdaysMin : 'sø_ma_ti_on_to_fr_lø'.split('_'),
+        longDateFormat : {
+            LT : 'H.mm',
+            LTS : 'LT.ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D. MMMM YYYY',
+            LLL : 'D. MMMM YYYY [kl.] LT',
+            LLLL : 'dddd D. MMMM YYYY [kl.] LT'
+        },
+        calendar : {
+            sameDay: '[i dag kl.] LT',
+            nextDay: '[i morgen kl.] LT',
+            nextWeek: 'dddd [kl.] LT',
+            lastDay: '[i går kl.] LT',
+            lastWeek: '[forrige] dddd [kl.] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'om %s',
+            past : 'for %s siden',
+            s : 'noen sekunder',
+            m : 'ett minutt',
+            mm : '%d minutter',
+            h : 'en time',
+            hh : '%d timer',
+            d : 'en dag',
+            dd : '%d dager',
+            M : 'en måned',
+            MM : '%d måneder',
+            y : 'ett år',
+            yy : '%d år'
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : nepali/nepalese
+    //! author : suvash : https://github.com/suvash
+
+    var ne__symbolMap = {
+        '1': '१',
+        '2': '२',
+        '3': '३',
+        '4': '४',
+        '5': '५',
+        '6': '६',
+        '7': '७',
+        '8': '८',
+        '9': '९',
+        '0': '०'
+    },
+    ne__numberMap = {
+        '१': '1',
+        '२': '2',
+        '३': '3',
+        '४': '4',
+        '५': '5',
+        '६': '6',
+        '७': '7',
+        '८': '8',
+        '९': '9',
+        '०': '0'
+    };
+
+    var ne = _moment__default.defineLocale('ne', {
+        months : 'जनवरी_फेब्रुवरी_मार्च_अप्रिल_मई_जुन_जुलाई_अगष्ट_सेप्टेम्बर_अक्टोबर_नोभेम्बर_डिसेम्बर'.split('_'),
+        monthsShort : 'जन._फेब्रु._मार्च_अप्रि._मई_जुन_जुलाई._अग._सेप्ट._अक्टो._नोभे._डिसे.'.split('_'),
+        weekdays : 'आइतबार_सोमबार_मङ्गलबार_बुधबार_बिहिबार_शुक्रबार_शनिबार'.split('_'),
+        weekdaysShort : 'आइत._सोम._मङ्गल._बुध._बिहि._शुक्र._शनि.'.split('_'),
+        weekdaysMin : 'आइ._सो._मङ्_बु._बि._शु._श.'.split('_'),
+        longDateFormat : {
+            LT : 'Aको h:mm बजे',
+            LTS : 'Aको h:mm:ss बजे',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY, LT',
+            LLLL : 'dddd, D MMMM YYYY, LT'
+        },
+        preparse: function (string) {
+            return string.replace(/[१२३४५६७८९०]/g, function (match) {
+                return ne__numberMap[match];
+            });
+        },
+        postformat: function (string) {
+            return string.replace(/\d/g, function (match) {
+                return ne__symbolMap[match];
+            });
+        },
+        meridiemParse: /राती|बिहान|दिउँसो|बेलुका|साँझ|राती/,
+        meridiemHour : function (hour, meridiem) {
+            if (hour === 12) {
+                hour = 0;
+            }
+            if (meridiem === 'राती') {
+                return hour < 3 ? hour : hour + 12;
+            } else if (meridiem === 'बिहान') {
+                return hour;
+            } else if (meridiem === 'दिउँसो') {
+                return hour >= 10 ? hour : hour + 12;
+            } else if (meridiem === 'बेलुका' || meridiem === 'साँझ') {
+                return hour + 12;
+            }
+        },
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 3) {
+                return 'राती';
+            } else if (hour < 10) {
+                return 'बिहान';
+            } else if (hour < 15) {
+                return 'दिउँसो';
+            } else if (hour < 18) {
+                return 'बेलुका';
+            } else if (hour < 20) {
+                return 'साँझ';
+            } else {
+                return 'राती';
+            }
+        },
+        calendar : {
+            sameDay : '[आज] LT',
+            nextDay : '[भोली] LT',
+            nextWeek : '[आउँदो] dddd[,] LT',
+            lastDay : '[हिजो] LT',
+            lastWeek : '[गएको] dddd[,] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%sमा',
+            past : '%s अगाडी',
+            s : 'केही समय',
+            m : 'एक मिनेट',
+            mm : '%d मिनेट',
+            h : 'एक घण्टा',
+            hh : '%d घण्टा',
+            d : 'एक दिन',
+            dd : '%d दिन',
+            M : 'एक महिना',
+            MM : '%d महिना',
+            y : 'एक बर्ष',
+            yy : '%d बर्ष'
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : dutch (nl)
+    //! author : Joris Röling : https://github.com/jjupiter
+
+    var nl__monthsShortWithDots = 'jan._feb._mrt._apr._mei_jun._jul._aug._sep._okt._nov._dec.'.split('_'),
+        nl__monthsShortWithoutDots = 'jan_feb_mrt_apr_mei_jun_jul_aug_sep_okt_nov_dec'.split('_');
+
+    var nl = _moment__default.defineLocale('nl', {
+        months : 'januari_februari_maart_april_mei_juni_juli_augustus_september_oktober_november_december'.split('_'),
+        monthsShort : function (m, format) {
+            if (/-MMM-/.test(format)) {
+                return nl__monthsShortWithoutDots[m.month()];
+            } else {
+                return nl__monthsShortWithDots[m.month()];
+            }
+        },
+        weekdays : 'zondag_maandag_dinsdag_woensdag_donderdag_vrijdag_zaterdag'.split('_'),
+        weekdaysShort : 'zo._ma._di._wo._do._vr._za.'.split('_'),
+        weekdaysMin : 'Zo_Ma_Di_Wo_Do_Vr_Za'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD-MM-YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[vandaag om] LT',
+            nextDay: '[morgen om] LT',
+            nextWeek: 'dddd [om] LT',
+            lastDay: '[gisteren om] LT',
+            lastWeek: '[afgelopen] dddd [om] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'over %s',
+            past : '%s geleden',
+            s : 'een paar seconden',
+            m : 'één minuut',
+            mm : '%d minuten',
+            h : 'één uur',
+            hh : '%d uur',
+            d : 'één dag',
+            dd : '%d dagen',
+            M : 'één maand',
+            MM : '%d maanden',
+            y : 'één jaar',
+            yy : '%d jaar'
+        },
+        ordinalParse: /\d{1,2}(ste|de)/,
+        ordinal : function (number) {
+            return number + ((number === 1 || number === 8 || number >= 20) ? 'ste' : 'de');
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : norwegian nynorsk (nn)
+    //! author : https://github.com/mechuwind
+
+    var nn = _moment__default.defineLocale('nn', {
+        months : 'januar_februar_mars_april_mai_juni_juli_august_september_oktober_november_desember'.split('_'),
+        monthsShort : 'jan_feb_mar_apr_mai_jun_jul_aug_sep_okt_nov_des'.split('_'),
+        weekdays : 'sundag_måndag_tysdag_onsdag_torsdag_fredag_laurdag'.split('_'),
+        weekdaysShort : 'sun_mån_tys_ons_tor_fre_lau'.split('_'),
+        weekdaysMin : 'su_må_ty_on_to_fr_lø'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[I dag klokka] LT',
+            nextDay: '[I morgon klokka] LT',
+            nextWeek: 'dddd [klokka] LT',
+            lastDay: '[I går klokka] LT',
+            lastWeek: '[Føregåande] dddd [klokka] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'om %s',
+            past : 'for %s sidan',
+            s : 'nokre sekund',
+            m : 'eit minutt',
+            mm : '%d minutt',
+            h : 'ein time',
+            hh : '%d timar',
+            d : 'ein dag',
+            dd : '%d dagar',
+            M : 'ein månad',
+            MM : '%d månader',
+            y : 'eit år',
+            yy : '%d år'
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : polish (pl)
+    //! author : Rafal Hirsz : https://github.com/evoL
+
+    var monthsNominative = 'styczeń_luty_marzec_kwiecień_maj_czerwiec_lipiec_sierpień_wrzesień_październik_listopad_grudzień'.split('_'),
+        monthsSubjective = 'stycznia_lutego_marca_kwietnia_maja_czerwca_lipca_sierpnia_września_października_listopada_grudnia'.split('_');
+    function pl__plural(n) {
+        return (n % 10 < 5) && (n % 10 > 1) && ((~~(n / 10) % 10) !== 1);
+    }
+    function pl__translate(number, withoutSuffix, key) {
+        var result = number + ' ';
+        switch (key) {
+        case 'm':
+            return withoutSuffix ? 'minuta' : 'minutę';
+        case 'mm':
+            return result + (pl__plural(number) ? 'minuty' : 'minut');
+        case 'h':
+            return withoutSuffix  ? 'godzina'  : 'godzinę';
+        case 'hh':
+            return result + (pl__plural(number) ? 'godziny' : 'godzin');
+        case 'MM':
+            return result + (pl__plural(number) ? 'miesiące' : 'miesięcy');
+        case 'yy':
+            return result + (pl__plural(number) ? 'lata' : 'lat');
+        }
+    }
+
+    var pl = _moment__default.defineLocale('pl', {
+        months : function (momentToFormat, format) {
+            if (format === '') {
+                // Hack: if format empty we know this is used to generate
+                // RegExp by moment. Give then back both valid forms of months
+                // in RegExp ready format.
+                return '(' + monthsSubjective[momentToFormat.month()] + '|' + monthsNominative[momentToFormat.month()] + ')';
+            } else if (/D MMMM/.test(format)) {
+                return monthsSubjective[momentToFormat.month()];
+            } else {
+                return monthsNominative[momentToFormat.month()];
+            }
+        },
+        monthsShort : 'sty_lut_mar_kwi_maj_cze_lip_sie_wrz_paź_lis_gru'.split('_'),
+        weekdays : 'niedziela_poniedziałek_wtorek_środa_czwartek_piątek_sobota'.split('_'),
+        weekdaysShort : 'nie_pon_wt_śr_czw_pt_sb'.split('_'),
+        weekdaysMin : 'N_Pn_Wt_Śr_Cz_Pt_So'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd, D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[Dziś o] LT',
+            nextDay: '[Jutro o] LT',
+            nextWeek: '[W] dddd [o] LT',
+            lastDay: '[Wczoraj o] LT',
+            lastWeek: function () {
+                switch (this.day()) {
+                case 0:
+                    return '[W zeszłą niedzielę o] LT';
+                case 3:
+                    return '[W zeszłą środę o] LT';
+                case 6:
+                    return '[W zeszłą sobotę o] LT';
+                default:
+                    return '[W zeszły] dddd [o] LT';
+                }
+            },
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'za %s',
+            past : '%s temu',
+            s : 'kilka sekund',
+            m : pl__translate,
+            mm : pl__translate,
+            h : pl__translate,
+            hh : pl__translate,
+            d : '1 dzień',
+            dd : '%d dni',
+            M : 'miesiąc',
+            MM : pl__translate,
+            y : 'rok',
+            yy : pl__translate
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : brazilian portuguese (pt-br)
+    //! author : Caio Ribeiro Pereira : https://github.com/caio-ribeiro-pereira
+
+    var pt_br = _moment__default.defineLocale('pt-br', {
+        months : 'Janeiro_Fevereiro_Março_Abril_Maio_Junho_Julho_Agosto_Setembro_Outubro_Novembro_Dezembro'.split('_'),
+        monthsShort : 'Jan_Fev_Mar_Abr_Mai_Jun_Jul_Ago_Set_Out_Nov_Dez'.split('_'),
+        weekdays : 'Domingo_Segunda-Feira_Terça-Feira_Quarta-Feira_Quinta-Feira_Sexta-Feira_Sábado'.split('_'),
+        weekdaysShort : 'Dom_Seg_Ter_Qua_Qui_Sex_Sáb'.split('_'),
+        weekdaysMin : 'Dom_2ª_3ª_4ª_5ª_6ª_Sáb'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D [de] MMMM [de] YYYY',
+            LLL : 'D [de] MMMM [de] YYYY [às] LT',
+            LLLL : 'dddd, D [de] MMMM [de] YYYY [às] LT'
+        },
+        calendar : {
+            sameDay: '[Hoje às] LT',
+            nextDay: '[Amanhã às] LT',
+            nextWeek: 'dddd [às] LT',
+            lastDay: '[Ontem às] LT',
+            lastWeek: function () {
+                return (this.day() === 0 || this.day() === 6) ?
+                    '[Último] dddd [às] LT' : // Saturday + Sunday
+                    '[Última] dddd [às] LT'; // Monday - Friday
+            },
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'em %s',
+            past : '%s atrás',
+            s : 'segundos',
+            m : 'um minuto',
+            mm : '%d minutos',
+            h : 'uma hora',
+            hh : '%d horas',
+            d : 'um dia',
+            dd : '%d dias',
+            M : 'um mês',
+            MM : '%d meses',
+            y : 'um ano',
+            yy : '%d anos'
+        },
+        ordinalParse: /\d{1,2}º/,
+        ordinal : '%dº'
+    });
+
+    //! moment.js locale configuration
+    //! locale : portuguese (pt)
+    //! author : Jefferson : https://github.com/jalex79
+
+    var pt = _moment__default.defineLocale('pt', {
+        months : 'Janeiro_Fevereiro_Março_Abril_Maio_Junho_Julho_Agosto_Setembro_Outubro_Novembro_Dezembro'.split('_'),
+        monthsShort : 'Jan_Fev_Mar_Abr_Mai_Jun_Jul_Ago_Set_Out_Nov_Dez'.split('_'),
+        weekdays : 'Domingo_Segunda-Feira_Terça-Feira_Quarta-Feira_Quinta-Feira_Sexta-Feira_Sábado'.split('_'),
+        weekdaysShort : 'Dom_Seg_Ter_Qua_Qui_Sex_Sáb'.split('_'),
+        weekdaysMin : 'Dom_2ª_3ª_4ª_5ª_6ª_Sáb'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D [de] MMMM [de] YYYY',
+            LLL : 'D [de] MMMM [de] YYYY LT',
+            LLLL : 'dddd, D [de] MMMM [de] YYYY LT'
+        },
+        calendar : {
+            sameDay: '[Hoje às] LT',
+            nextDay: '[Amanhã às] LT',
+            nextWeek: 'dddd [às] LT',
+            lastDay: '[Ontem às] LT',
+            lastWeek: function () {
+                return (this.day() === 0 || this.day() === 6) ?
+                    '[Último] dddd [às] LT' : // Saturday + Sunday
+                    '[Última] dddd [às] LT'; // Monday - Friday
+            },
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'em %s',
+            past : 'há %s',
+            s : 'segundos',
+            m : 'um minuto',
+            mm : '%d minutos',
+            h : 'uma hora',
+            hh : '%d horas',
+            d : 'um dia',
+            dd : '%d dias',
+            M : 'um mês',
+            MM : '%d meses',
+            y : 'um ano',
+            yy : '%d anos'
+        },
+        ordinalParse: /\d{1,2}º/,
+        ordinal : '%dº',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : romanian (ro)
+    //! author : Vlad Gurdiga : https://github.com/gurdiga
+    //! author : Valentin Agachi : https://github.com/avaly
+
+    function ro__relativeTimeWithPlural(number, withoutSuffix, key) {
+        var format = {
+                'mm': 'minute',
+                'hh': 'ore',
+                'dd': 'zile',
+                'MM': 'luni',
+                'yy': 'ani'
+            },
+            separator = ' ';
+        if (number % 100 >= 20 || (number >= 100 && number % 100 === 0)) {
+            separator = ' de ';
+        }
+        return number + separator + format[key];
+    }
+
+    var ro = _moment__default.defineLocale('ro', {
+        months : 'ianuarie_februarie_martie_aprilie_mai_iunie_iulie_august_septembrie_octombrie_noiembrie_decembrie'.split('_'),
+        monthsShort : 'ian._febr._mart._apr._mai_iun._iul._aug._sept._oct._nov._dec.'.split('_'),
+        weekdays : 'duminică_luni_marți_miercuri_joi_vineri_sâmbătă'.split('_'),
+        weekdaysShort : 'Dum_Lun_Mar_Mie_Joi_Vin_Sâm'.split('_'),
+        weekdaysMin : 'Du_Lu_Ma_Mi_Jo_Vi_Sâ'.split('_'),
+        longDateFormat : {
+            LT : 'H:mm',
+            LTS : 'LT:ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY H:mm',
+            LLLL : 'dddd, D MMMM YYYY H:mm'
+        },
+        calendar : {
+            sameDay: '[azi la] LT',
+            nextDay: '[mâine la] LT',
+            nextWeek: 'dddd [la] LT',
+            lastDay: '[ieri la] LT',
+            lastWeek: '[fosta] dddd [la] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'peste %s',
+            past : '%s în urmă',
+            s : 'câteva secunde',
+            m : 'un minut',
+            mm : ro__relativeTimeWithPlural,
+            h : 'o oră',
+            hh : ro__relativeTimeWithPlural,
+            d : 'o zi',
+            dd : ro__relativeTimeWithPlural,
+            M : 'o lună',
+            MM : ro__relativeTimeWithPlural,
+            y : 'un an',
+            yy : ro__relativeTimeWithPlural
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : russian (ru)
+    //! author : Viktorminator : https://github.com/Viktorminator
+    //! Author : Menelion Elensúle : https://github.com/Oire
+
+    function ru__plural(word, num) {
+        var forms = word.split('_');
+        return num % 10 === 1 && num % 100 !== 11 ? forms[0] : (num % 10 >= 2 && num % 10 <= 4 && (num % 100 < 10 || num % 100 >= 20) ? forms[1] : forms[2]);
+    }
+    function ru__relativeTimeWithPlural(number, withoutSuffix, key) {
+        var format = {
+            'mm': withoutSuffix ? 'минута_минуты_минут' : 'минуту_минуты_минут',
+            'hh': 'час_часа_часов',
+            'dd': 'день_дня_дней',
+            'MM': 'месяц_месяца_месяцев',
+            'yy': 'год_года_лет'
+        };
+        if (key === 'm') {
+            return withoutSuffix ? 'минута' : 'минуту';
+        }
+        else {
+            return number + ' ' + ru__plural(format[key], +number);
+        }
+    }
+    function ru__monthsCaseReplace(m, format) {
+        var months = {
+            'nominative': 'январь_февраль_март_апрель_май_июнь_июль_август_сентябрь_октябрь_ноябрь_декабрь'.split('_'),
+            'accusative': 'января_февраля_марта_апреля_мая_июня_июля_августа_сентября_октября_ноября_декабря'.split('_')
+        },
+        nounCase = (/D[oD]?(\[[^\[\]]*\]|\s+)+MMMM?/).test(format) ?
+            'accusative' :
+            'nominative';
+        return months[nounCase][m.month()];
+    }
+    function ru__monthsShortCaseReplace(m, format) {
+        var monthsShort = {
+            'nominative': 'янв_фев_март_апр_май_июнь_июль_авг_сен_окт_ноя_дек'.split('_'),
+            'accusative': 'янв_фев_мар_апр_мая_июня_июля_авг_сен_окт_ноя_дек'.split('_')
+        },
+        nounCase = (/D[oD]?(\[[^\[\]]*\]|\s+)+MMMM?/).test(format) ?
+            'accusative' :
+            'nominative';
+        return monthsShort[nounCase][m.month()];
+    }
+    function ru__weekdaysCaseReplace(m, format) {
+        var weekdays = {
+            'nominative': 'воскресенье_понедельник_вторник_среда_четверг_пятница_суббота'.split('_'),
+            'accusative': 'воскресенье_понедельник_вторник_среду_четверг_пятницу_субботу'.split('_')
+        },
+        nounCase = (/\[ ?[Вв] ?(?:прошлую|следующую|эту)? ?\] ?dddd/).test(format) ?
+            'accusative' :
+            'nominative';
+        return weekdays[nounCase][m.day()];
+    }
+
+    var ru = _moment__default.defineLocale('ru', {
+        months : ru__monthsCaseReplace,
+        monthsShort : ru__monthsShortCaseReplace,
+        weekdays : ru__weekdaysCaseReplace,
+        weekdaysShort : 'вс_пн_вт_ср_чт_пт_сб'.split('_'),
+        weekdaysMin : 'вс_пн_вт_ср_чт_пт_сб'.split('_'),
+        monthsParse : [/^янв/i, /^фев/i, /^мар/i, /^апр/i, /^ма[й|я]/i, /^июн/i, /^июл/i, /^авг/i, /^сен/i, /^окт/i, /^ноя/i, /^дек/i],
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D MMMM YYYY г.',
+            LLL : 'D MMMM YYYY г., LT',
+            LLLL : 'dddd, D MMMM YYYY г., LT'
+        },
+        calendar : {
+            sameDay: '[Сегодня в] LT',
+            nextDay: '[Завтра в] LT',
+            lastDay: '[Вчера в] LT',
+            nextWeek: function () {
+                return this.day() === 2 ? '[Во] dddd [в] LT' : '[В] dddd [в] LT';
+            },
+            lastWeek: function (now) {
+                if (now.week() !== this.week()) {
+                    switch (this.day()) {
+                    case 0:
+                        return '[В прошлое] dddd [в] LT';
+                    case 1:
+                    case 2:
+                    case 4:
+                        return '[В прошлый] dddd [в] LT';
+                    case 3:
+                    case 5:
+                    case 6:
+                        return '[В прошлую] dddd [в] LT';
+                    }
+                } else {
+                    if (this.day() === 2) {
+                        return '[Во] dddd [в] LT';
+                    } else {
+                        return '[В] dddd [в] LT';
+                    }
+                }
+            },
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'через %s',
+            past : '%s назад',
+            s : 'несколько секунд',
+            m : ru__relativeTimeWithPlural,
+            mm : ru__relativeTimeWithPlural,
+            h : 'час',
+            hh : ru__relativeTimeWithPlural,
+            d : 'день',
+            dd : ru__relativeTimeWithPlural,
+            M : 'месяц',
+            MM : ru__relativeTimeWithPlural,
+            y : 'год',
+            yy : ru__relativeTimeWithPlural
+        },
+        meridiemParse: /ночи|утра|дня|вечера/i,
+        isPM : function (input) {
+            return /^(дня|вечера)$/.test(input);
+        },
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 4) {
+                return 'ночи';
+            } else if (hour < 12) {
+                return 'утра';
+            } else if (hour < 17) {
+                return 'дня';
+            } else {
+                return 'вечера';
+            }
+        },
+        ordinalParse: /\d{1,2}-(й|го|я)/,
+        ordinal: function (number, period) {
+            switch (period) {
+            case 'M':
+            case 'd':
+            case 'DDD':
+                return number + '-й';
+            case 'D':
+                return number + '-го';
+            case 'w':
+            case 'W':
+                return number + '-я';
+            default:
+                return number;
+            }
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Sinhalese (si)
+    //! author : Sampath Sitinamaluwa : https://github.com/sampathsris
+
+    var si = _moment__default.defineLocale('si', {
+        months : 'ජනවාරි_පෙබරවාරි_මාර්තු_අප්‍රේල්_මැයි_ජූනි_ජූලි_අගෝස්තු_සැප්තැම්බර්_ඔක්තෝබර්_නොවැම්බර්_දෙසැම්බර්'.split('_'),
+        monthsShort : 'ජන_පෙබ_මාර්_අප්_මැයි_ජූනි_ජූලි_අගෝ_සැප්_ඔක්_නොවැ_දෙසැ'.split('_'),
+        weekdays : 'ඉරිදා_සඳුදා_අඟහරුවාදා_බදාදා_බ්‍රහස්පතින්දා_සිකුරාදා_සෙනසුරාදා'.split('_'),
+        weekdaysShort : 'ඉරි_සඳු_අඟ_බදා_බ්‍රහ_සිකු_සෙන'.split('_'),
+        weekdaysMin : 'ඉ_ස_අ_බ_බ්‍ර_සි_සෙ'.split('_'),
+        longDateFormat : {
+            LT : 'a h:mm',
+            LTS : 'a h:mm:ss',
+            L : 'YYYY/MM/DD',
+            LL : 'YYYY MMMM D',
+            LLL : 'YYYY MMMM D, LT',
+            LLLL : 'YYYY MMMM D [වැනි] dddd, LTS'
+        },
+        calendar : {
+            sameDay : '[අද] LT[ට]',
+            nextDay : '[හෙට] LT[ට]',
+            nextWeek : 'dddd LT[ට]',
+            lastDay : '[ඊයේ] LT[ට]',
+            lastWeek : '[පසුගිය] dddd LT[ට]',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%sකින්',
+            past : '%sකට පෙර',
+            s : 'තත්පර කිහිපය',
+            m : 'මිනිත්තුව',
+            mm : 'මිනිත්තු %d',
+            h : 'පැය',
+            hh : 'පැය %d',
+            d : 'දිනය',
+            dd : 'දින %d',
+            M : 'මාසය',
+            MM : 'මාස %d',
+            y : 'වසර',
+            yy : 'වසර %d'
+        },
+        ordinalParse: /\d{1,2} වැනි/,
+        ordinal : function (number) {
+            return number + ' වැනි';
+        },
+        meridiem : function (hours, minutes, isLower) {
+            if (hours > 11) {
+                return isLower ? 'ප.ව.' : 'පස් වරු';
+            } else {
+                return isLower ? 'පෙ.ව.' : 'පෙර වරු';
+            }
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : slovak (sk)
+    //! author : Martin Minka : https://github.com/k2s
+    //! based on work of petrbela : https://github.com/petrbela
+
+    var sk__months = 'január_február_marec_apríl_máj_jún_júl_august_september_október_november_december'.split('_'),
+        sk__monthsShort = 'jan_feb_mar_apr_máj_jún_júl_aug_sep_okt_nov_dec'.split('_');
+    function sk__plural(n) {
+        return (n > 1) && (n < 5);
+    }
+    function sk__translate(number, withoutSuffix, key, isFuture) {
+        var result = number + ' ';
+        switch (key) {
+        case 's':  // a few seconds / in a few seconds / a few seconds ago
+            return (withoutSuffix || isFuture) ? 'pár sekúnd' : 'pár sekundami';
+        case 'm':  // a minute / in a minute / a minute ago
+            return withoutSuffix ? 'minúta' : (isFuture ? 'minútu' : 'minútou');
+        case 'mm': // 9 minutes / in 9 minutes / 9 minutes ago
+            if (withoutSuffix || isFuture) {
+                return result + (sk__plural(number) ? 'minúty' : 'minút');
+            } else {
+                return result + 'minútami';
+            }
+            break;
+        case 'h':  // an hour / in an hour / an hour ago
+            return withoutSuffix ? 'hodina' : (isFuture ? 'hodinu' : 'hodinou');
+        case 'hh': // 9 hours / in 9 hours / 9 hours ago
+            if (withoutSuffix || isFuture) {
+                return result + (sk__plural(number) ? 'hodiny' : 'hodín');
+            } else {
+                return result + 'hodinami';
+            }
+            break;
+        case 'd':  // a day / in a day / a day ago
+            return (withoutSuffix || isFuture) ? 'deň' : 'dňom';
+        case 'dd': // 9 days / in 9 days / 9 days ago
+            if (withoutSuffix || isFuture) {
+                return result + (sk__plural(number) ? 'dni' : 'dní');
+            } else {
+                return result + 'dňami';
+            }
+            break;
+        case 'M':  // a month / in a month / a month ago
+            return (withoutSuffix || isFuture) ? 'mesiac' : 'mesiacom';
+        case 'MM': // 9 months / in 9 months / 9 months ago
+            if (withoutSuffix || isFuture) {
+                return result + (sk__plural(number) ? 'mesiace' : 'mesiacov');
+            } else {
+                return result + 'mesiacmi';
+            }
+            break;
+        case 'y':  // a year / in a year / a year ago
+            return (withoutSuffix || isFuture) ? 'rok' : 'rokom';
+        case 'yy': // 9 years / in 9 years / 9 years ago
+            if (withoutSuffix || isFuture) {
+                return result + (sk__plural(number) ? 'roky' : 'rokov');
+            } else {
+                return result + 'rokmi';
+            }
+            break;
+        }
+    }
+
+    var sk = _moment__default.defineLocale('sk', {
+        months : sk__months,
+        monthsShort : sk__monthsShort,
+        monthsParse : (function (months, monthsShort) {
+            var i, _monthsParse = [];
+            for (i = 0; i < 12; i++) {
+                // use custom parser to solve problem with July (červenec)
+                _monthsParse[i] = new RegExp('^' + months[i] + '$|^' + monthsShort[i] + '$', 'i');
+            }
+            return _monthsParse;
+        }(sk__months, sk__monthsShort)),
+        weekdays : 'nedeľa_pondelok_utorok_streda_štvrtok_piatok_sobota'.split('_'),
+        weekdaysShort : 'ne_po_ut_st_št_pi_so'.split('_'),
+        weekdaysMin : 'ne_po_ut_st_št_pi_so'.split('_'),
+        longDateFormat : {
+            LT: 'H:mm',
+            LTS : 'LT:ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D. MMMM YYYY',
+            LLL : 'D. MMMM YYYY LT',
+            LLLL : 'dddd D. MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[dnes o] LT',
+            nextDay: '[zajtra o] LT',
+            nextWeek: function () {
+                switch (this.day()) {
+                case 0:
+                    return '[v nedeľu o] LT';
+                case 1:
+                case 2:
+                    return '[v] dddd [o] LT';
+                case 3:
+                    return '[v stredu o] LT';
+                case 4:
+                    return '[vo štvrtok o] LT';
+                case 5:
+                    return '[v piatok o] LT';
+                case 6:
+                    return '[v sobotu o] LT';
+                }
+            },
+            lastDay: '[včera o] LT',
+            lastWeek: function () {
+                switch (this.day()) {
+                case 0:
+                    return '[minulú nedeľu o] LT';
+                case 1:
+                case 2:
+                    return '[minulý] dddd [o] LT';
+                case 3:
+                    return '[minulú stredu o] LT';
+                case 4:
+                case 5:
+                    return '[minulý] dddd [o] LT';
+                case 6:
+                    return '[minulú sobotu o] LT';
+                }
+            },
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'za %s',
+            past : 'pred %s',
+            s : sk__translate,
+            m : sk__translate,
+            mm : sk__translate,
+            h : sk__translate,
+            hh : sk__translate,
+            d : sk__translate,
+            dd : sk__translate,
+            M : sk__translate,
+            MM : sk__translate,
+            y : sk__translate,
+            yy : sk__translate
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : slovenian (sl)
+    //! author : Robert Sedovšek : https://github.com/sedovsek
+
+    function sl__processRelativeTime(number, withoutSuffix, key, isFuture) {
+        var result = number + ' ';
+        switch (key) {
+        case 's':
+            return withoutSuffix || isFuture ? 'nekaj sekund' : 'nekaj sekundami';
+        case 'm':
+            return withoutSuffix ? 'ena minuta' : 'eno minuto';
+        case 'mm':
+            if (number === 1) {
+                result += withoutSuffix ? 'minuta' : 'minuto';
+            } else if (number === 2) {
+                result += withoutSuffix || isFuture ? 'minuti' : 'minutama';
+            } else if (number < 5) {
+                result += withoutSuffix || isFuture ? 'minute' : 'minutami';
+            } else {
+                result += withoutSuffix || isFuture ? 'minut' : 'minutami';
+            }
+            return result;
+        case 'h':
+            return withoutSuffix ? 'ena ura' : 'eno uro';
+        case 'hh':
+            if (number === 1) {
+                result += withoutSuffix ? 'ura' : 'uro';
+            } else if (number === 2) {
+                result += withoutSuffix || isFuture ? 'uri' : 'urama';
+            } else if (number < 5) {
+                result += withoutSuffix || isFuture ? 'ure' : 'urami';
+            } else {
+                result += withoutSuffix || isFuture ? 'ur' : 'urami';
+            }
+            return result;
+        case 'd':
+            return withoutSuffix || isFuture ? 'en dan' : 'enim dnem';
+        case 'dd':
+            if (number === 1) {
+                result += withoutSuffix || isFuture ? 'dan' : 'dnem';
+            } else if (number === 2) {
+                result += withoutSuffix || isFuture ? 'dni' : 'dnevoma';
+            } else {
+                result += withoutSuffix || isFuture ? 'dni' : 'dnevi';
+            }
+            return result;
+        case 'M':
+            return withoutSuffix || isFuture ? 'en mesec' : 'enim mesecem';
+        case 'MM':
+            if (number === 1) {
+                result += withoutSuffix || isFuture ? 'mesec' : 'mesecem';
+            } else if (number === 2) {
+                result += withoutSuffix || isFuture ? 'meseca' : 'mesecema';
+            } else if (number < 5) {
+                result += withoutSuffix || isFuture ? 'mesece' : 'meseci';
+            } else {
+                result += withoutSuffix || isFuture ? 'mesecev' : 'meseci';
+            }
+            return result;
+        case 'y':
+            return withoutSuffix || isFuture ? 'eno leto' : 'enim letom';
+        case 'yy':
+            if (number === 1) {
+                result += withoutSuffix || isFuture ? 'leto' : 'letom';
+            } else if (number === 2) {
+                result += withoutSuffix || isFuture ? 'leti' : 'letoma';
+            } else if (number < 5) {
+                result += withoutSuffix || isFuture ? 'leta' : 'leti';
+            } else {
+                result += withoutSuffix || isFuture ? 'let' : 'leti';
+            }
+            return result;
+        }
+    }
+
+    var sl = _moment__default.defineLocale('sl', {
+        months : 'januar_februar_marec_april_maj_junij_julij_avgust_september_oktober_november_december'.split('_'),
+        monthsShort : 'jan._feb._mar._apr._maj._jun._jul._avg._sep._okt._nov._dec.'.split('_'),
+        weekdays : 'nedelja_ponedeljek_torek_sreda_četrtek_petek_sobota'.split('_'),
+        weekdaysShort : 'ned._pon._tor._sre._čet._pet._sob.'.split('_'),
+        weekdaysMin : 'ne_po_to_sr_če_pe_so'.split('_'),
+        longDateFormat : {
+            LT : 'H:mm',
+            LTS : 'LT:ss',
+            L : 'DD. MM. YYYY',
+            LL : 'D. MMMM YYYY',
+            LLL : 'D. MMMM YYYY LT',
+            LLLL : 'dddd, D. MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay  : '[danes ob] LT',
+            nextDay  : '[jutri ob] LT',
+
+            nextWeek : function () {
+                switch (this.day()) {
+                case 0:
+                    return '[v] [nedeljo] [ob] LT';
+                case 3:
+                    return '[v] [sredo] [ob] LT';
+                case 6:
+                    return '[v] [soboto] [ob] LT';
+                case 1:
+                case 2:
+                case 4:
+                case 5:
+                    return '[v] dddd [ob] LT';
+                }
+            },
+            lastDay  : '[včeraj ob] LT',
+            lastWeek : function () {
+                switch (this.day()) {
+                case 0:
+                    return '[prejšnjo] [nedeljo] [ob] LT';
+                case 3:
+                    return '[prejšnjo] [sredo] [ob] LT';
+                case 6:
+                    return '[prejšnjo] [soboto] [ob] LT';
+                case 1:
+                case 2:
+                case 4:
+                case 5:
+                    return '[prejšnji] dddd [ob] LT';
+                }
+            },
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'čez %s',
+            past   : 'pred %s',
+            s      : sl__processRelativeTime,
+            m      : sl__processRelativeTime,
+            mm     : sl__processRelativeTime,
+            h      : sl__processRelativeTime,
+            hh     : sl__processRelativeTime,
+            d      : sl__processRelativeTime,
+            dd     : sl__processRelativeTime,
+            M      : sl__processRelativeTime,
+            MM     : sl__processRelativeTime,
+            y      : sl__processRelativeTime,
+            yy     : sl__processRelativeTime
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Albanian (sq)
+    //! author : Flakërim Ismani : https://github.com/flakerimi
+    //! author: Menelion Elensúle: https://github.com/Oire (tests)
+    //! author : Oerd Cukalla : https://github.com/oerd (fixes)
+
+    var sq = _moment__default.defineLocale('sq', {
+        months : 'Janar_Shkurt_Mars_Prill_Maj_Qershor_Korrik_Gusht_Shtator_Tetor_Nëntor_Dhjetor'.split('_'),
+        monthsShort : 'Jan_Shk_Mar_Pri_Maj_Qer_Kor_Gus_Sht_Tet_Nën_Dhj'.split('_'),
+        weekdays : 'E Diel_E Hënë_E Martë_E Mërkurë_E Enjte_E Premte_E Shtunë'.split('_'),
+        weekdaysShort : 'Die_Hën_Mar_Mër_Enj_Pre_Sht'.split('_'),
+        weekdaysMin : 'D_H_Ma_Më_E_P_Sh'.split('_'),
+        meridiemParse: /PD|MD/,
+        isPM: function (input) {
+            return input.charAt(0) === 'M';
+        },
+        meridiem : function (hours, minutes, isLower) {
+            return hours < 12 ? 'PD' : 'MD';
+        },
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd, D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay : '[Sot në] LT',
+            nextDay : '[Nesër në] LT',
+            nextWeek : 'dddd [në] LT',
+            lastDay : '[Dje në] LT',
+            lastWeek : 'dddd [e kaluar në] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'në %s',
+            past : '%s më parë',
+            s : 'disa sekonda',
+            m : 'një minutë',
+            mm : '%d minuta',
+            h : 'një orë',
+            hh : '%d orë',
+            d : 'një ditë',
+            dd : '%d ditë',
+            M : 'një muaj',
+            MM : '%d muaj',
+            y : 'një vit',
+            yy : '%d vite'
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Serbian-cyrillic (sr-cyrl)
+    //! author : Milan Janačković<milanjanackovic@gmail.com> : https://github.com/milan-j
+
+    var sr_cyrl__translator = {
+        words: { //Different grammatical cases
+            m: ['један минут', 'једне минуте'],
+            mm: ['минут', 'минуте', 'минута'],
+            h: ['један сат', 'једног сата'],
+            hh: ['сат', 'сата', 'сати'],
+            dd: ['дан', 'дана', 'дана'],
+            MM: ['месец', 'месеца', 'месеци'],
+            yy: ['година', 'године', 'година']
+        },
+        correctGrammaticalCase: function (number, wordKey) {
+            return number === 1 ? wordKey[0] : (number >= 2 && number <= 4 ? wordKey[1] : wordKey[2]);
+        },
+        translate: function (number, withoutSuffix, key) {
+            var wordKey = sr_cyrl__translator.words[key];
+            if (key.length === 1) {
+                return withoutSuffix ? wordKey[0] : wordKey[1];
+            } else {
+                return number + ' ' + sr_cyrl__translator.correctGrammaticalCase(number, wordKey);
+            }
+        }
+    };
+
+    var sr_cyrl = _moment__default.defineLocale('sr-cyrl', {
+        months: ['јануар', 'фебруар', 'март', 'април', 'мај', 'јун', 'јул', 'август', 'септембар', 'октобар', 'новембар', 'децембар'],
+        monthsShort: ['јан.', 'феб.', 'мар.', 'апр.', 'мај', 'јун', 'јул', 'авг.', 'сеп.', 'окт.', 'нов.', 'дец.'],
+        weekdays: ['недеља', 'понедељак', 'уторак', 'среда', 'четвртак', 'петак', 'субота'],
+        weekdaysShort: ['нед.', 'пон.', 'уто.', 'сре.', 'чет.', 'пет.', 'суб.'],
+        weekdaysMin: ['не', 'по', 'ут', 'ср', 'че', 'пе', 'су'],
+        longDateFormat: {
+            LT: 'H:mm',
+            LTS : 'LT:ss',
+            L: 'DD. MM. YYYY',
+            LL: 'D. MMMM YYYY',
+            LLL: 'D. MMMM YYYY LT',
+            LLLL: 'dddd, D. MMMM YYYY LT'
+        },
+        calendar: {
+            sameDay: '[данас у] LT',
+            nextDay: '[сутра у] LT',
+            nextWeek: function () {
+                switch (this.day()) {
+                case 0:
+                    return '[у] [недељу] [у] LT';
+                case 3:
+                    return '[у] [среду] [у] LT';
+                case 6:
+                    return '[у] [суботу] [у] LT';
+                case 1:
+                case 2:
+                case 4:
+                case 5:
+                    return '[у] dddd [у] LT';
+                }
+            },
+            lastDay  : '[јуче у] LT',
+            lastWeek : function () {
+                var lastWeekDays = [
+                    '[прошле] [недеље] [у] LT',
+                    '[прошлог] [понедељка] [у] LT',
+                    '[прошлог] [уторка] [у] LT',
+                    '[прошле] [среде] [у] LT',
+                    '[прошлог] [четвртка] [у] LT',
+                    '[прошлог] [петка] [у] LT',
+                    '[прошле] [суботе] [у] LT'
+                ];
+                return lastWeekDays[this.day()];
+            },
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'за %s',
+            past   : 'пре %s',
+            s      : 'неколико секунди',
+            m      : sr_cyrl__translator.translate,
+            mm     : sr_cyrl__translator.translate,
+            h      : sr_cyrl__translator.translate,
+            hh     : sr_cyrl__translator.translate,
+            d      : 'дан',
+            dd     : sr_cyrl__translator.translate,
+            M      : 'месец',
+            MM     : sr_cyrl__translator.translate,
+            y      : 'годину',
+            yy     : sr_cyrl__translator.translate
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Serbian-latin (sr)
+    //! author : Milan Janačković<milanjanackovic@gmail.com> : https://github.com/milan-j
+
+    var sr__translator = {
+        words: { //Different grammatical cases
+            m: ['jedan minut', 'jedne minute'],
+            mm: ['minut', 'minute', 'minuta'],
+            h: ['jedan sat', 'jednog sata'],
+            hh: ['sat', 'sata', 'sati'],
+            dd: ['dan', 'dana', 'dana'],
+            MM: ['mesec', 'meseca', 'meseci'],
+            yy: ['godina', 'godine', 'godina']
+        },
+        correctGrammaticalCase: function (number, wordKey) {
+            return number === 1 ? wordKey[0] : (number >= 2 && number <= 4 ? wordKey[1] : wordKey[2]);
+        },
+        translate: function (number, withoutSuffix, key) {
+            var wordKey = sr__translator.words[key];
+            if (key.length === 1) {
+                return withoutSuffix ? wordKey[0] : wordKey[1];
+            } else {
+                return number + ' ' + sr__translator.correctGrammaticalCase(number, wordKey);
+            }
+        }
+    };
+
+    var sr = _moment__default.defineLocale('sr', {
+        months: ['januar', 'februar', 'mart', 'april', 'maj', 'jun', 'jul', 'avgust', 'septembar', 'oktobar', 'novembar', 'decembar'],
+        monthsShort: ['jan.', 'feb.', 'mar.', 'apr.', 'maj', 'jun', 'jul', 'avg.', 'sep.', 'okt.', 'nov.', 'dec.'],
+        weekdays: ['nedelja', 'ponedeljak', 'utorak', 'sreda', 'četvrtak', 'petak', 'subota'],
+        weekdaysShort: ['ned.', 'pon.', 'uto.', 'sre.', 'čet.', 'pet.', 'sub.'],
+        weekdaysMin: ['ne', 'po', 'ut', 'sr', 'če', 'pe', 'su'],
+        longDateFormat: {
+            LT: 'H:mm',
+            LTS : 'LT:ss',
+            L: 'DD. MM. YYYY',
+            LL: 'D. MMMM YYYY',
+            LLL: 'D. MMMM YYYY LT',
+            LLLL: 'dddd, D. MMMM YYYY LT'
+        },
+        calendar: {
+            sameDay: '[danas u] LT',
+            nextDay: '[sutra u] LT',
+            nextWeek: function () {
+                switch (this.day()) {
+                case 0:
+                    return '[u] [nedelju] [u] LT';
+                case 3:
+                    return '[u] [sredu] [u] LT';
+                case 6:
+                    return '[u] [subotu] [u] LT';
+                case 1:
+                case 2:
+                case 4:
+                case 5:
+                    return '[u] dddd [u] LT';
+                }
+            },
+            lastDay  : '[juče u] LT',
+            lastWeek : function () {
+                var lastWeekDays = [
+                    '[prošle] [nedelje] [u] LT',
+                    '[prošlog] [ponedeljka] [u] LT',
+                    '[prošlog] [utorka] [u] LT',
+                    '[prošle] [srede] [u] LT',
+                    '[prošlog] [četvrtka] [u] LT',
+                    '[prošlog] [petka] [u] LT',
+                    '[prošle] [subote] [u] LT'
+                ];
+                return lastWeekDays[this.day()];
+            },
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'za %s',
+            past   : 'pre %s',
+            s      : 'nekoliko sekundi',
+            m      : sr__translator.translate,
+            mm     : sr__translator.translate,
+            h      : sr__translator.translate,
+            hh     : sr__translator.translate,
+            d      : 'dan',
+            dd     : sr__translator.translate,
+            M      : 'mesec',
+            MM     : sr__translator.translate,
+            y      : 'godinu',
+            yy     : sr__translator.translate
+        },
+        ordinalParse: /\d{1,2}\./,
+        ordinal : '%d.',
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : swedish (sv)
+    //! author : Jens Alm : https://github.com/ulmus
+
+    var sv = _moment__default.defineLocale('sv', {
+        months : 'januari_februari_mars_april_maj_juni_juli_augusti_september_oktober_november_december'.split('_'),
+        monthsShort : 'jan_feb_mar_apr_maj_jun_jul_aug_sep_okt_nov_dec'.split('_'),
+        weekdays : 'söndag_måndag_tisdag_onsdag_torsdag_fredag_lördag'.split('_'),
+        weekdaysShort : 'sön_mån_tis_ons_tor_fre_lör'.split('_'),
+        weekdaysMin : 'sö_må_ti_on_to_fr_lö'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'YYYY-MM-DD',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[Idag] LT',
+            nextDay: '[Imorgon] LT',
+            lastDay: '[Igår] LT',
+            nextWeek: '[På] dddd LT',
+            lastWeek: '[I] dddd[s] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'om %s',
+            past : 'för %s sedan',
+            s : 'några sekunder',
+            m : 'en minut',
+            mm : '%d minuter',
+            h : 'en timme',
+            hh : '%d timmar',
+            d : 'en dag',
+            dd : '%d dagar',
+            M : 'en månad',
+            MM : '%d månader',
+            y : 'ett år',
+            yy : '%d år'
+        },
+        ordinalParse: /\d{1,2}(e|a)/,
+        ordinal : function (number) {
+            var b = number % 10,
+                output = (~~(number % 100 / 10) === 1) ? 'e' :
+                (b === 1) ? 'a' :
+                (b === 2) ? 'a' :
+                (b === 3) ? 'e' : 'e';
+            return number + output;
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : tamil (ta)
+    //! author : Arjunkumar Krishnamoorthy : https://github.com/tk120404
+
+    var ta = _moment__default.defineLocale('ta', {
+        months : 'ஜனவரி_பிப்ரவரி_மார்ச்_ஏப்ரல்_மே_ஜூன்_ஜூலை_ஆகஸ்ட்_செப்டெம்பர்_அக்டோபர்_நவம்பர்_டிசம்பர்'.split('_'),
+        monthsShort : 'ஜனவரி_பிப்ரவரி_மார்ச்_ஏப்ரல்_மே_ஜூன்_ஜூலை_ஆகஸ்ட்_செப்டெம்பர்_அக்டோபர்_நவம்பர்_டிசம்பர்'.split('_'),
+        weekdays : 'ஞாயிற்றுக்கிழமை_திங்கட்கிழமை_செவ்வாய்கிழமை_புதன்கிழமை_வியாழக்கிழமை_வெள்ளிக்கிழமை_சனிக்கிழமை'.split('_'),
+        weekdaysShort : 'ஞாயிறு_திங்கள்_செவ்வாய்_புதன்_வியாழன்_வெள்ளி_சனி'.split('_'),
+        weekdaysMin : 'ஞா_தி_செ_பு_வி_வெ_ச'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY, LT',
+            LLLL : 'dddd, D MMMM YYYY, LT'
+        },
+        calendar : {
+            sameDay : '[இன்று] LT',
+            nextDay : '[நாளை] LT',
+            nextWeek : 'dddd, LT',
+            lastDay : '[நேற்று] LT',
+            lastWeek : '[கடந்த வாரம்] dddd, LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s இல்',
+            past : '%s முன்',
+            s : 'ஒரு சில விநாடிகள்',
+            m : 'ஒரு நிமிடம்',
+            mm : '%d நிமிடங்கள்',
+            h : 'ஒரு மணி நேரம்',
+            hh : '%d மணி நேரம்',
+            d : 'ஒரு நாள்',
+            dd : '%d நாட்கள்',
+            M : 'ஒரு மாதம்',
+            MM : '%d மாதங்கள்',
+            y : 'ஒரு வருடம்',
+            yy : '%d ஆண்டுகள்'
+        },
+        ordinalParse: /\d{1,2}வது/,
+        ordinal : function (number) {
+            return number + 'வது';
+        },
+        // refer http://ta.wikipedia.org/s/1er1
+        meridiemParse: /யாமம்|வைகறை|காலை|நண்பகல்|எற்பாடு|மாலை/,
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 2) {
+                return ' யாமம்';
+            } else if (hour < 6) {
+                return ' வைகறை';  // வைகறை
+            } else if (hour < 10) {
+                return ' காலை'; // காலை
+            } else if (hour < 14) {
+                return ' நண்பகல்'; // நண்பகல்
+            } else if (hour < 18) {
+                return ' எற்பாடு'; // எற்பாடு
+            } else if (hour < 22) {
+                return ' மாலை'; // மாலை
+            } else {
+                return ' யாமம்';
+            }
+        },
+        meridiemHour : function (hour, meridiem) {
+            if (hour === 12) {
+                hour = 0;
+            }
+            if (meridiem === 'யாமம்') {
+                return hour < 2 ? hour : hour + 12;
+            } else if (meridiem === 'வைகறை' || meridiem === 'காலை') {
+                return hour;
+            } else if (meridiem === 'நண்பகல்') {
+                return hour >= 10 ? hour : hour + 12;
+            } else {
+                return hour + 12;
+            }
+        },
+        week : {
+            dow : 0, // Sunday is the first day of the week.
+            doy : 6  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : thai (th)
+    //! author : Kridsada Thanabulpong : https://github.com/sirn
+
+    var th = _moment__default.defineLocale('th', {
+        months : 'มกราคม_กุมภาพันธ์_มีนาคม_เมษายน_พฤษภาคม_มิถุนายน_กรกฎาคม_สิงหาคม_กันยายน_ตุลาคม_พฤศจิกายน_ธันวาคม'.split('_'),
+        monthsShort : 'มกรา_กุมภา_มีนา_เมษา_พฤษภา_มิถุนา_กรกฎา_สิงหา_กันยา_ตุลา_พฤศจิกา_ธันวา'.split('_'),
+        weekdays : 'อาทิตย์_จันทร์_อังคาร_พุธ_พฤหัสบดี_ศุกร์_เสาร์'.split('_'),
+        weekdaysShort : 'อาทิตย์_จันทร์_อังคาร_พุธ_พฤหัส_ศุกร์_เสาร์'.split('_'), // yes, three characters difference
+        weekdaysMin : 'อา._จ._อ._พ._พฤ._ศ._ส.'.split('_'),
+        longDateFormat : {
+            LT : 'H นาฬิกา m นาที',
+            LTS : 'LT s วินาที',
+            L : 'YYYY/MM/DD',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY เวลา LT',
+            LLLL : 'วันddddที่ D MMMM YYYY เวลา LT'
+        },
+        meridiemParse: /ก่อนเที่ยง|หลังเที่ยง/,
+        isPM: function (input) {
+            return input === 'หลังเที่ยง';
+        },
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 12) {
+                return 'ก่อนเที่ยง';
+            } else {
+                return 'หลังเที่ยง';
+            }
+        },
+        calendar : {
+            sameDay : '[วันนี้ เวลา] LT',
+            nextDay : '[พรุ่งนี้ เวลา] LT',
+            nextWeek : 'dddd[หน้า เวลา] LT',
+            lastDay : '[เมื่อวานนี้ เวลา] LT',
+            lastWeek : '[วัน]dddd[ที่แล้ว เวลา] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'อีก %s',
+            past : '%sที่แล้ว',
+            s : 'ไม่กี่วินาที',
+            m : '1 นาที',
+            mm : '%d นาที',
+            h : '1 ชั่วโมง',
+            hh : '%d ชั่วโมง',
+            d : '1 วัน',
+            dd : '%d วัน',
+            M : '1 เดือน',
+            MM : '%d เดือน',
+            y : '1 ปี',
+            yy : '%d ปี'
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Tagalog/Filipino (tl-ph)
+    //! author : Dan Hagman
+
+    var tl_ph = _moment__default.defineLocale('tl-ph', {
+        months : 'Enero_Pebrero_Marso_Abril_Mayo_Hunyo_Hulyo_Agosto_Setyembre_Oktubre_Nobyembre_Disyembre'.split('_'),
+        monthsShort : 'Ene_Peb_Mar_Abr_May_Hun_Hul_Ago_Set_Okt_Nob_Dis'.split('_'),
+        weekdays : 'Linggo_Lunes_Martes_Miyerkules_Huwebes_Biyernes_Sabado'.split('_'),
+        weekdaysShort : 'Lin_Lun_Mar_Miy_Huw_Biy_Sab'.split('_'),
+        weekdaysMin : 'Li_Lu_Ma_Mi_Hu_Bi_Sab'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'MM/D/YYYY',
+            LL : 'MMMM D, YYYY',
+            LLL : 'MMMM D, YYYY LT',
+            LLLL : 'dddd, MMMM DD, YYYY LT'
+        },
+        calendar : {
+            sameDay: '[Ngayon sa] LT',
+            nextDay: '[Bukas sa] LT',
+            nextWeek: 'dddd [sa] LT',
+            lastDay: '[Kahapon sa] LT',
+            lastWeek: 'dddd [huling linggo] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'sa loob ng %s',
+            past : '%s ang nakalipas',
+            s : 'ilang segundo',
+            m : 'isang minuto',
+            mm : '%d minuto',
+            h : 'isang oras',
+            hh : '%d oras',
+            d : 'isang araw',
+            dd : '%d araw',
+            M : 'isang buwan',
+            MM : '%d buwan',
+            y : 'isang taon',
+            yy : '%d taon'
+        },
+        ordinalParse: /\d{1,2}/,
+        ordinal : function (number) {
+            return number;
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : turkish (tr)
+    //! authors : Erhan Gundogan : https://github.com/erhangundogan,
+    //!           Burak Yiğit Kaya: https://github.com/BYK
+
+    var tr__suffixes = {
+        1: '\'inci',
+        5: '\'inci',
+        8: '\'inci',
+        70: '\'inci',
+        80: '\'inci',
+        2: '\'nci',
+        7: '\'nci',
+        20: '\'nci',
+        50: '\'nci',
+        3: '\'üncü',
+        4: '\'üncü',
+        100: '\'üncü',
+        6: '\'ncı',
+        9: '\'uncu',
+        10: '\'uncu',
+        30: '\'uncu',
+        60: '\'ıncı',
+        90: '\'ıncı'
+    };
+
+    var tr = _moment__default.defineLocale('tr', {
+        months : 'Ocak_Şubat_Mart_Nisan_Mayıs_Haziran_Temmuz_Ağustos_Eylül_Ekim_Kasım_Aralık'.split('_'),
+        monthsShort : 'Oca_Şub_Mar_Nis_May_Haz_Tem_Ağu_Eyl_Eki_Kas_Ara'.split('_'),
+        weekdays : 'Pazar_Pazartesi_Salı_Çarşamba_Perşembe_Cuma_Cumartesi'.split('_'),
+        weekdaysShort : 'Paz_Pts_Sal_Çar_Per_Cum_Cts'.split('_'),
+        weekdaysMin : 'Pz_Pt_Sa_Ça_Pe_Cu_Ct'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd, D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay : '[bugün saat] LT',
+            nextDay : '[yarın saat] LT',
+            nextWeek : '[haftaya] dddd [saat] LT',
+            lastDay : '[dün] LT',
+            lastWeek : '[geçen hafta] dddd [saat] LT',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : '%s sonra',
+            past : '%s önce',
+            s : 'birkaç saniye',
+            m : 'bir dakika',
+            mm : '%d dakika',
+            h : 'bir saat',
+            hh : '%d saat',
+            d : 'bir gün',
+            dd : '%d gün',
+            M : 'bir ay',
+            MM : '%d ay',
+            y : 'bir yıl',
+            yy : '%d yıl'
+        },
+        ordinalParse: /\d{1,2}'(inci|nci|üncü|ncı|uncu|ıncı)/,
+        ordinal : function (number) {
+            if (number === 0) {  // special case for zero
+                return number + '\'ıncı';
+            }
+            var a = number % 10,
+                b = number % 100 - a,
+                c = number >= 100 ? 100 : null;
+            return number + (tr__suffixes[a] || tr__suffixes[b] || tr__suffixes[c]);
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Morocco Central Atlas Tamaziɣt in Latin (tzm-latn)
+    //! author : Abdel Said : https://github.com/abdelsaid
+
+    var tzm_latn = _moment__default.defineLocale('tzm-latn', {
+        months : 'innayr_brˤayrˤ_marˤsˤ_ibrir_mayyw_ywnyw_ywlywz_ɣwšt_šwtanbir_ktˤwbrˤ_nwwanbir_dwjnbir'.split('_'),
+        monthsShort : 'innayr_brˤayrˤ_marˤsˤ_ibrir_mayyw_ywnyw_ywlywz_ɣwšt_šwtanbir_ktˤwbrˤ_nwwanbir_dwjnbir'.split('_'),
+        weekdays : 'asamas_aynas_asinas_akras_akwas_asimwas_asiḍyas'.split('_'),
+        weekdaysShort : 'asamas_aynas_asinas_akras_akwas_asimwas_asiḍyas'.split('_'),
+        weekdaysMin : 'asamas_aynas_asinas_akras_akwas_asimwas_asiḍyas'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[asdkh g] LT',
+            nextDay: '[aska g] LT',
+            nextWeek: 'dddd [g] LT',
+            lastDay: '[assant g] LT',
+            lastWeek: 'dddd [g] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'dadkh s yan %s',
+            past : 'yan %s',
+            s : 'imik',
+            m : 'minuḍ',
+            mm : '%d minuḍ',
+            h : 'saɛa',
+            hh : '%d tassaɛin',
+            d : 'ass',
+            dd : '%d ossan',
+            M : 'ayowr',
+            MM : '%d iyyirn',
+            y : 'asgas',
+            yy : '%d isgasn'
+        },
+        week : {
+            dow : 6, // Saturday is the first day of the week.
+            doy : 12  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : Morocco Central Atlas Tamaziɣt (tzm)
+    //! author : Abdel Said : https://github.com/abdelsaid
+
+    var tzm = _moment__default.defineLocale('tzm', {
+        months : 'ⵉⵏⵏⴰⵢⵔ_ⴱⵕⴰⵢⵕ_ⵎⴰⵕⵚ_ⵉⴱⵔⵉⵔ_ⵎⴰⵢⵢⵓ_ⵢⵓⵏⵢⵓ_ⵢⵓⵍⵢⵓⵣ_ⵖⵓⵛⵜ_ⵛⵓⵜⴰⵏⴱⵉⵔ_ⴽⵟⵓⴱⵕ_ⵏⵓⵡⴰⵏⴱⵉⵔ_ⴷⵓⵊⵏⴱⵉⵔ'.split('_'),
+        monthsShort : 'ⵉⵏⵏⴰⵢⵔ_ⴱⵕⴰⵢⵕ_ⵎⴰⵕⵚ_ⵉⴱⵔⵉⵔ_ⵎⴰⵢⵢⵓ_ⵢⵓⵏⵢⵓ_ⵢⵓⵍⵢⵓⵣ_ⵖⵓⵛⵜ_ⵛⵓⵜⴰⵏⴱⵉⵔ_ⴽⵟⵓⴱⵕ_ⵏⵓⵡⴰⵏⴱⵉⵔ_ⴷⵓⵊⵏⴱⵉⵔ'.split('_'),
+        weekdays : 'ⴰⵙⴰⵎⴰⵙ_ⴰⵢⵏⴰⵙ_ⴰⵙⵉⵏⴰⵙ_ⴰⴽⵔⴰⵙ_ⴰⴽⵡⴰⵙ_ⴰⵙⵉⵎⵡⴰⵙ_ⴰⵙⵉⴹⵢⴰⵙ'.split('_'),
+        weekdaysShort : 'ⴰⵙⴰⵎⴰⵙ_ⴰⵢⵏⴰⵙ_ⴰⵙⵉⵏⴰⵙ_ⴰⴽⵔⴰⵙ_ⴰⴽⵡⴰⵙ_ⴰⵙⵉⵎⵡⴰⵙ_ⴰⵙⵉⴹⵢⴰⵙ'.split('_'),
+        weekdaysMin : 'ⴰⵙⴰⵎⴰⵙ_ⴰⵢⵏⴰⵙ_ⴰⵙⵉⵏⴰⵙ_ⴰⴽⵔⴰⵙ_ⴰⴽⵡⴰⵙ_ⴰⵙⵉⵎⵡⴰⵙ_ⴰⵙⵉⴹⵢⴰⵙ'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS: 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'dddd D MMMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[ⴰⵙⴷⵅ ⴴ] LT',
+            nextDay: '[ⴰⵙⴽⴰ ⴴ] LT',
+            nextWeek: 'dddd [ⴴ] LT',
+            lastDay: '[ⴰⵚⴰⵏⵜ ⴴ] LT',
+            lastWeek: 'dddd [ⴴ] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'ⴷⴰⴷⵅ ⵙ ⵢⴰⵏ %s',
+            past : 'ⵢⴰⵏ %s',
+            s : 'ⵉⵎⵉⴽ',
+            m : 'ⵎⵉⵏⵓⴺ',
+            mm : '%d ⵎⵉⵏⵓⴺ',
+            h : 'ⵙⴰⵄⴰ',
+            hh : '%d ⵜⴰⵙⵙⴰⵄⵉⵏ',
+            d : 'ⴰⵙⵙ',
+            dd : '%d oⵙⵙⴰⵏ',
+            M : 'ⴰⵢoⵓⵔ',
+            MM : '%d ⵉⵢⵢⵉⵔⵏ',
+            y : 'ⴰⵙⴳⴰⵙ',
+            yy : '%d ⵉⵙⴳⴰⵙⵏ'
+        },
+        week : {
+            dow : 6, // Saturday is the first day of the week.
+            doy : 12  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : ukrainian (uk)
+    //! author : zemlanin : https://github.com/zemlanin
+    //! Author : Menelion Elensúle : https://github.com/Oire
+
+    function uk__plural(word, num) {
+        var forms = word.split('_');
+        return num % 10 === 1 && num % 100 !== 11 ? forms[0] : (num % 10 >= 2 && num % 10 <= 4 && (num % 100 < 10 || num % 100 >= 20) ? forms[1] : forms[2]);
+    }
+    function uk__relativeTimeWithPlural(number, withoutSuffix, key) {
+        var format = {
+            'mm': 'хвилина_хвилини_хвилин',
+            'hh': 'година_години_годин',
+            'dd': 'день_дні_днів',
+            'MM': 'місяць_місяці_місяців',
+            'yy': 'рік_роки_років'
+        };
+        if (key === 'm') {
+            return withoutSuffix ? 'хвилина' : 'хвилину';
+        }
+        else if (key === 'h') {
+            return withoutSuffix ? 'година' : 'годину';
+        }
+        else {
+            return number + ' ' + uk__plural(format[key], +number);
+        }
+    }
+    function uk__monthsCaseReplace(m, format) {
+        var months = {
+            'nominative': 'січень_лютий_березень_квітень_травень_червень_липень_серпень_вересень_жовтень_листопад_грудень'.split('_'),
+            'accusative': 'січня_лютого_березня_квітня_травня_червня_липня_серпня_вересня_жовтня_листопада_грудня'.split('_')
+        },
+        nounCase = (/D[oD]? *MMMM?/).test(format) ?
+            'accusative' :
+            'nominative';
+        return months[nounCase][m.month()];
+    }
+    function uk__weekdaysCaseReplace(m, format) {
+        var weekdays = {
+            'nominative': 'неділя_понеділок_вівторок_середа_четвер_п’ятниця_субота'.split('_'),
+            'accusative': 'неділю_понеділок_вівторок_середу_четвер_п’ятницю_суботу'.split('_'),
+            'genitive': 'неділі_понеділка_вівторка_середи_четверга_п’ятниці_суботи'.split('_')
+        },
+        nounCase = (/(\[[ВвУу]\]) ?dddd/).test(format) ?
+            'accusative' :
+            ((/\[?(?:минулої|наступної)? ?\] ?dddd/).test(format) ?
+                'genitive' :
+                'nominative');
+        return weekdays[nounCase][m.day()];
+    }
+    function processHoursFunction(str) {
+        return function () {
+            return str + 'о' + (this.hours() === 11 ? 'б' : '') + '] LT';
+        };
+    }
+
+    var uk = _moment__default.defineLocale('uk', {
+        months : uk__monthsCaseReplace,
+        monthsShort : 'січ_лют_бер_квіт_трав_черв_лип_серп_вер_жовт_лист_груд'.split('_'),
+        weekdays : uk__weekdaysCaseReplace,
+        weekdaysShort : 'нд_пн_вт_ср_чт_пт_сб'.split('_'),
+        weekdaysMin : 'нд_пн_вт_ср_чт_пт_сб'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD.MM.YYYY',
+            LL : 'D MMMM YYYY р.',
+            LLL : 'D MMMM YYYY р., LT',
+            LLLL : 'dddd, D MMMM YYYY р., LT'
+        },
+        calendar : {
+            sameDay: processHoursFunction('[Сьогодні '),
+            nextDay: processHoursFunction('[Завтра '),
+            lastDay: processHoursFunction('[Вчора '),
+            nextWeek: processHoursFunction('[У] dddd ['),
+            lastWeek: function () {
+                switch (this.day()) {
+                case 0:
+                case 3:
+                case 5:
+                case 6:
+                    return processHoursFunction('[Минулої] dddd [').call(this);
+                case 1:
+                case 2:
+                case 4:
+                    return processHoursFunction('[Минулого] dddd [').call(this);
+                }
+            },
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : 'за %s',
+            past : '%s тому',
+            s : 'декілька секунд',
+            m : uk__relativeTimeWithPlural,
+            mm : uk__relativeTimeWithPlural,
+            h : 'годину',
+            hh : uk__relativeTimeWithPlural,
+            d : 'день',
+            dd : uk__relativeTimeWithPlural,
+            M : 'місяць',
+            MM : uk__relativeTimeWithPlural,
+            y : 'рік',
+            yy : uk__relativeTimeWithPlural
+        },
+        // M. E.: those two are virtually unused but a user might want to implement them for his/her website for some reason
+        meridiemParse: /ночі|ранку|дня|вечора/,
+        isPM: function (input) {
+            return /^(дня|вечора)$/.test(input);
+        },
+        meridiem : function (hour, minute, isLower) {
+            if (hour < 4) {
+                return 'ночі';
+            } else if (hour < 12) {
+                return 'ранку';
+            } else if (hour < 17) {
+                return 'дня';
+            } else {
+                return 'вечора';
+            }
+        },
+        ordinalParse: /\d{1,2}-(й|го)/,
+        ordinal: function (number, period) {
+            switch (period) {
+            case 'M':
+            case 'd':
+            case 'DDD':
+            case 'w':
+            case 'W':
+                return number + '-й';
+            case 'D':
+                return number + '-го';
+            default:
+                return number;
+            }
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 1st is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : uzbek (uz)
+    //! author : Sardor Muminov : https://github.com/muminoff
+
+    var uz = _moment__default.defineLocale('uz', {
+        months : 'январь_февраль_март_апрель_май_июнь_июль_август_сентябрь_октябрь_ноябрь_декабрь'.split('_'),
+        monthsShort : 'янв_фев_мар_апр_май_июн_июл_авг_сен_окт_ноя_дек'.split('_'),
+        weekdays : 'Якшанба_Душанба_Сешанба_Чоршанба_Пайшанба_Жума_Шанба'.split('_'),
+        weekdaysShort : 'Якш_Душ_Сеш_Чор_Пай_Жум_Шан'.split('_'),
+        weekdaysMin : 'Як_Ду_Се_Чо_Па_Жу_Ша'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM YYYY',
+            LLL : 'D MMMM YYYY LT',
+            LLLL : 'D MMMM YYYY, dddd LT'
+        },
+        calendar : {
+            sameDay : '[Бугун соат] LT [да]',
+            nextDay : '[Эртага] LT [да]',
+            nextWeek : 'dddd [куни соат] LT [да]',
+            lastDay : '[Кеча соат] LT [да]',
+            lastWeek : '[Утган] dddd [куни соат] LT [да]',
+            sameElse : 'L'
+        },
+        relativeTime : {
+            future : 'Якин %s ичида',
+            past : 'Бир неча %s олдин',
+            s : 'фурсат',
+            m : 'бир дакика',
+            mm : '%d дакика',
+            h : 'бир соат',
+            hh : '%d соат',
+            d : 'бир кун',
+            dd : '%d кун',
+            M : 'бир ой',
+            MM : '%d ой',
+            y : 'бир йил',
+            yy : '%d йил'
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 7  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : vietnamese (vi)
+    //! author : Bang Nguyen : https://github.com/bangnk
+
+    var vi = _moment__default.defineLocale('vi', {
+        months : 'tháng 1_tháng 2_tháng 3_tháng 4_tháng 5_tháng 6_tháng 7_tháng 8_tháng 9_tháng 10_tháng 11_tháng 12'.split('_'),
+        monthsShort : 'Th01_Th02_Th03_Th04_Th05_Th06_Th07_Th08_Th09_Th10_Th11_Th12'.split('_'),
+        weekdays : 'chủ nhật_thứ hai_thứ ba_thứ tư_thứ năm_thứ sáu_thứ bảy'.split('_'),
+        weekdaysShort : 'CN_T2_T3_T4_T5_T6_T7'.split('_'),
+        weekdaysMin : 'CN_T2_T3_T4_T5_T6_T7'.split('_'),
+        longDateFormat : {
+            LT : 'HH:mm',
+            LTS : 'LT:ss',
+            L : 'DD/MM/YYYY',
+            LL : 'D MMMM [năm] YYYY',
+            LLL : 'D MMMM [năm] YYYY LT',
+            LLLL : 'dddd, D MMMM [năm] YYYY LT',
+            l : 'DD/M/YYYY',
+            ll : 'D MMM YYYY',
+            lll : 'D MMM YYYY LT',
+            llll : 'ddd, D MMM YYYY LT'
+        },
+        calendar : {
+            sameDay: '[Hôm nay lúc] LT',
+            nextDay: '[Ngày mai lúc] LT',
+            nextWeek: 'dddd [tuần tới lúc] LT',
+            lastDay: '[Hôm qua lúc] LT',
+            lastWeek: 'dddd [tuần rồi lúc] LT',
+            sameElse: 'L'
+        },
+        relativeTime : {
+            future : '%s tới',
+            past : '%s trước',
+            s : 'vài giây',
+            m : 'một phút',
+            mm : '%d phút',
+            h : 'một giờ',
+            hh : '%d giờ',
+            d : 'một ngày',
+            dd : '%d ngày',
+            M : 'một tháng',
+            MM : '%d tháng',
+            y : 'một năm',
+            yy : '%d năm'
+        },
+        ordinalParse: /\d{1,2}/,
+        ordinal : function (number) {
+            return number;
+        },
+        week : {
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : chinese (zh-cn)
+    //! author : suupic : https://github.com/suupic
+    //! author : Zeno Zeng : https://github.com/zenozeng
+
+    var zh_cn = _moment__default.defineLocale('zh-cn', {
+        months : '一月_二月_三月_四月_五月_六月_七月_八月_九月_十月_十一月_十二月'.split('_'),
+        monthsShort : '1月_2月_3月_4月_5月_6月_7月_8月_9月_10月_11月_12月'.split('_'),
+        weekdays : '星期日_星期一_星期二_星期三_星期四_星期五_星期六'.split('_'),
+        weekdaysShort : '周日_周一_周二_周三_周四_周五_周六'.split('_'),
+        weekdaysMin : '日_一_二_三_四_五_六'.split('_'),
+        longDateFormat : {
+            LT : 'Ah点mm分',
+            LTS : 'Ah点m分s秒',
+            L : 'YYYY-MM-DD',
+            LL : 'YYYY年MMMD日',
+            LLL : 'YYYY年MMMD日LT',
+            LLLL : 'YYYY年MMMD日ddddLT',
+            l : 'YYYY-MM-DD',
+            ll : 'YYYY年MMMD日',
+            lll : 'YYYY年MMMD日LT',
+            llll : 'YYYY年MMMD日ddddLT'
+        },
+        meridiemParse: /凌晨|早上|上午|中午|下午|晚上/,
+        meridiemHour: function (hour, meridiem) {
+            if (hour === 12) {
+                hour = 0;
+            }
+            if (meridiem === '凌晨' || meridiem === '早上' ||
+                    meridiem === '上午') {
+                return hour;
+            } else if (meridiem === '下午' || meridiem === '晚上') {
+                return hour + 12;
+            } else {
+                // '中午'
+                return hour >= 11 ? hour : hour + 12;
+            }
+        },
+        meridiem : function (hour, minute, isLower) {
+            var hm = hour * 100 + minute;
+            if (hm < 600) {
+                return '凌晨';
+            } else if (hm < 900) {
+                return '早上';
+            } else if (hm < 1130) {
+                return '上午';
+            } else if (hm < 1230) {
+                return '中午';
+            } else if (hm < 1800) {
+                return '下午';
+            } else {
+                return '晚上';
+            }
+        },
+        calendar : {
+            sameDay : function () {
+                return this.minutes() === 0 ? '[今天]Ah[点整]' : '[今天]LT';
+            },
+            nextDay : function () {
+                return this.minutes() === 0 ? '[明天]Ah[点整]' : '[明天]LT';
+            },
+            lastDay : function () {
+                return this.minutes() === 0 ? '[昨天]Ah[点整]' : '[昨天]LT';
+            },
+            nextWeek : function () {
+                var startOfWeek, prefix;
+                startOfWeek = _moment__default().startOf('week');
+                prefix = this.unix() - startOfWeek.unix() >= 7 * 24 * 3600 ? '[下]' : '[本]';
+                return this.minutes() === 0 ? prefix + 'dddAh点整' : prefix + 'dddAh点mm';
+            },
+            lastWeek : function () {
+                var startOfWeek, prefix;
+                startOfWeek = _moment__default().startOf('week');
+                prefix = this.unix() < startOfWeek.unix()  ? '[上]' : '[本]';
+                return this.minutes() === 0 ? prefix + 'dddAh点整' : prefix + 'dddAh点mm';
+            },
+            sameElse : 'LL'
+        },
+        ordinalParse: /\d{1,2}(日|月|周)/,
+        ordinal : function (number, period) {
+            switch (period) {
+            case 'd':
+            case 'D':
+            case 'DDD':
+                return number + '日';
+            case 'M':
+                return number + '月';
+            case 'w':
+            case 'W':
+                return number + '周';
+            default:
+                return number;
+            }
+        },
+        relativeTime : {
+            future : '%s内',
+            past : '%s前',
+            s : '几秒',
+            m : '1 分钟',
+            mm : '%d 分钟',
+            h : '1 小时',
+            hh : '%d 小时',
+            d : '1 天',
+            dd : '%d 天',
+            M : '1 个月',
+            MM : '%d 个月',
+            y : '1 年',
+            yy : '%d 年'
+        },
+        week : {
+            // GB/T 7408-1994《数据元和交换格式·信息交换·日期和时间表示法》与ISO 8601:1988等效
+            dow : 1, // Monday is the first day of the week.
+            doy : 4  // The week that contains Jan 4th is the first week of the year.
+        }
+    });
+
+    //! moment.js locale configuration
+    //! locale : traditional chinese (zh-tw)
+    //! author : Ben : https://github.com/ben-lin
+
+    var zh_tw = _moment__default.defineLocale('zh-tw', {
+        months : '一月_二月_三月_四月_五月_六月_七月_八月_九月_十月_十一月_十二月'.split('_'),
+        monthsShort : '1月_2月_3月_4月_5月_6月_7月_8月_9月_10月_11月_12月'.split('_'),
+        weekdays : '星期日_星期一_星期二_星期三_星期四_星期五_星期六'.split('_'),
+        weekdaysShort : '週日_週一_週二_週三_週四_週五_週六'.split('_'),
+        weekdaysMin : '日_一_二_三_四_五_六'.split('_'),
+        longDateFormat : {
+            LT : 'Ah點mm分',
+            LTS : 'Ah點m分s秒',
+            L : 'YYYY年MMMD日',
+            LL : 'YYYY年MMMD日',
+            LLL : 'YYYY年MMMD日LT',
+            LLLL : 'YYYY年MMMD日ddddLT',
+            l : 'YYYY年MMMD日',
+            ll : 'YYYY年MMMD日',
+            lll : 'YYYY年MMMD日LT',
+            llll : 'YYYY年MMMD日ddddLT'
+        },
+        meridiemParse: /早上|上午|中午|下午|晚上/,
+        meridiemHour : function (hour, meridiem) {
+            if (hour === 12) {
+                hour = 0;
+            }
+            if (meridiem === '早上' || meridiem === '上午') {
+                return hour;
+            } else if (meridiem === '中午') {
+                return hour >= 11 ? hour : hour + 12;
+            } else if (meridiem === '下午' || meridiem === '晚上') {
+                return hour + 12;
+            }
+        },
+        meridiem : function (hour, minute, isLower) {
+            var hm = hour * 100 + minute;
+            if (hm < 900) {
+                return '早上';
+            } else if (hm < 1130) {
+                return '上午';
+            } else if (hm < 1230) {
+                return '中午';
+            } else if (hm < 1800) {
+                return '下午';
+            } else {
+                return '晚上';
+            }
+        },
+        calendar : {
+            sameDay : '[今天]LT',
+            nextDay : '[明天]LT',
+            nextWeek : '[下]ddddLT',
+            lastDay : '[昨天]LT',
+            lastWeek : '[上]ddddLT',
+            sameElse : 'L'
+        },
+        ordinalParse: /\d{1,2}(日|月|週)/,
+        ordinal : function (number, period) {
+            switch (period) {
+            case 'd' :
+            case 'D' :
+            case 'DDD' :
+                return number + '日';
+            case 'M' :
+                return number + '月';
+            case 'w' :
+            case 'W' :
+                return number + '週';
+            default :
+                return number;
+            }
+        },
+        relativeTime : {
+            future : '%s內',
+            past : '%s前',
+            s : '幾秒',
+            m : '一分鐘',
+            mm : '%d分鐘',
+            h : '一小時',
+            hh : '%d小時',
+            d : '一天',
+            dd : '%d天',
+            M : '一個月',
+            MM : '%d個月',
+            y : '一年',
+            yy : '%d年'
+        }
+    });
+
+    var moment_with_locales = _moment__default;
+
+    return moment_with_locales;
+
+}));
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/lib/purl.js b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/purl.js
new file mode 100644
index 000000000..b5799c6cf
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/purl.js
@@ -0,0 +1,267 @@
+/*
+ * Purl (A JavaScript URL parser) v2.3.1
+ * Developed and maintanined by Mark Perkins, mark@allmarkedup.com
+ * Source repository: https://github.com/allmarkedup/jQuery-URL-Parser
+ * Licensed under an MIT-style license. See https://github.com/allmarkedup/jQuery-URL-Parser/blob/master/LICENSE for details.
+ */
+
+;(function(factory) {
+    if (typeof define === 'function' && define.amd) {
+        define(factory);
+    } else {
+        window.purl = factory();
+    }
+})(function() {
+
+    var tag2attr = {
+            a       : 'href',
+            img     : 'src',
+            form    : 'action',
+            base    : 'href',
+            script  : 'src',
+            iframe  : 'src',
+            link    : 'href',
+            embed   : 'src',
+            object  : 'data'
+        },
+
+        key = ['source', 'protocol', 'authority', 'userInfo', 'user', 'password', 'host', 'port', 'relative', 'path', 'directory', 'file', 'query', 'fragment'], // keys available to query
+
+        aliases = { 'anchor' : 'fragment' }, // aliases for backwards compatability
+
+        parser = {
+            strict : /^(?:([^:\/?#]+):)?(?:\/\/((?:(([^:@]*):?([^:@]*))?@)?([^:\/?#]*)(?::(\d*))?))?((((?:[^?#\/]*\/)*)([^?#]*))(?:\?([^#]*))?(?:#(.*))?)/,  //less intuitive, more accurate to the specs
+            loose :  /^(?:(?![^:@]+:[^:@\/]*@)([^:\/?#.]+):)?(?:\/\/)?((?:(([^:@]*):?([^:@]*))?@)?([^:\/?#]*)(?::(\d*))?)(((\/(?:[^?#](?![^?#\/]*\.[^?#\/.]+(?:[?#]|$)))*\/?)?([^?#\/]*))(?:\?([^#]*))?(?:#(.*))?)/ // more intuitive, fails on relative paths and deviates from specs
+        },
+
+        isint = /^[0-9]+$/;
+
+    function parseUri( url, strictMode ) {
+        var str = decodeURI( url ),
+        res   = parser[ strictMode || false ? 'strict' : 'loose' ].exec( str ),
+        uri = { attr : {}, param : {}, seg : {} },
+        i   = 14;
+
+        while ( i-- ) {
+            uri.attr[ key[i] ] = res[i] || '';
+        }
+
+        // build query and fragment parameters
+        uri.param['query'] = parseString(uri.attr['query']);
+        uri.param['fragment'] = parseString(uri.attr['fragment']);
+
+        // split path and fragement into segments
+        uri.seg['path'] = uri.attr.path.replace(/^\/+|\/+$/g,'').split('/');
+        uri.seg['fragment'] = uri.attr.fragment.replace(/^\/+|\/+$/g,'').split('/');
+
+        // compile a 'base' domain attribute
+        uri.attr['base'] = uri.attr.host ? (uri.attr.protocol ?  uri.attr.protocol+'://'+uri.attr.host : uri.attr.host) + (uri.attr.port ? ':'+uri.attr.port : '') : '';
+
+        return uri;
+    }
+
+    function getAttrName( elm ) {
+        var tn = elm.tagName;
+        if ( typeof tn !== 'undefined' ) return tag2attr[tn.toLowerCase()];
+        return tn;
+    }
+
+    function promote(parent, key) {
+        if (parent[key].length === 0) return parent[key] = {};
+        var t = {};
+        for (var i in parent[key]) t[i] = parent[key][i];
+        parent[key] = t;
+        return t;
+    }
+
+    function parse(parts, parent, key, val) {
+        var part = parts.shift();
+        if (!part) {
+            if (isArray(parent[key])) {
+                parent[key].push(val);
+            } else if ('object' == typeof parent[key]) {
+                parent[key] = val;
+            } else if ('undefined' == typeof parent[key]) {
+                parent[key] = val;
+            } else {
+                parent[key] = [parent[key], val];
+            }
+        } else {
+            var obj = parent[key] = parent[key] || [];
+            if (']' == part) {
+                if (isArray(obj)) {
+                    if ('' !== val) obj.push(val);
+                } else if ('object' == typeof obj) {
+                    obj[keys(obj).length] = val;
+                } else {
+                    obj = parent[key] = [parent[key], val];
+                }
+            } else if (~part.indexOf(']')) {
+                part = part.substr(0, part.length - 1);
+                if (!isint.test(part) && isArray(obj)) obj = promote(parent, key);
+                parse(parts, obj, part, val);
+                // key
+            } else {
+                if (!isint.test(part) && isArray(obj)) obj = promote(parent, key);
+                parse(parts, obj, part, val);
+            }
+        }
+    }
+
+    function merge(parent, key, val) {
+        if (~key.indexOf(']')) {
+            var parts = key.split('[');
+            parse(parts, parent, 'base', val);
+        } else {
+            if (!isint.test(key) && isArray(parent.base)) {
+                var t = {};
+                for (var k in parent.base) t[k] = parent.base[k];
+                parent.base = t;
+            }
+            if (key !== '') {
+                set(parent.base, key, val);
+            }
+        }
+        return parent;
+    }
+
+    function parseString(str) {
+        return reduce(String(str).split(/&|;/), function(ret, pair) {
+            try {
+                pair = decodeURIComponent(pair.replace(/\+/g, ' '));
+            } catch(e) {
+                // ignore
+            }
+            var eql = pair.indexOf('='),
+                brace = lastBraceInKey(pair),
+                key = pair.substr(0, brace || eql),
+                val = pair.substr(brace || eql, pair.length);
+
+            val = val.substr(val.indexOf('=') + 1, val.length);
+
+            if (key === '') {
+                key = pair;
+                val = '';
+            }
+
+            return merge(ret, key, val);
+        }, { base: {} }).base;
+    }
+
+    function set(obj, key, val) {
+        var v = obj[key];
+        if (typeof v === 'undefined') {
+            obj[key] = val;
+        } else if (isArray(v)) {
+            v.push(val);
+        } else {
+            obj[key] = [v, val];
+        }
+    }
+
+    function lastBraceInKey(str) {
+        var len = str.length,
+            brace,
+            c;
+        for (var i = 0; i < len; ++i) {
+            c = str[i];
+            if (']' == c) brace = false;
+            if ('[' == c) brace = true;
+            if ('=' == c && !brace) return i;
+        }
+    }
+
+    function reduce(obj, accumulator){
+        var i = 0,
+            l = obj.length >> 0,
+            curr = arguments[2];
+        while (i < l) {
+            if (i in obj) curr = accumulator.call(undefined, curr, obj[i], i, obj);
+            ++i;
+        }
+        return curr;
+    }
+
+    function isArray(vArg) {
+        return Object.prototype.toString.call(vArg) === "[object Array]";
+    }
+
+    function keys(obj) {
+        var key_array = [];
+        for ( var prop in obj ) {
+            if ( obj.hasOwnProperty(prop) ) key_array.push(prop);
+        }
+        return key_array;
+    }
+
+    function purl( url, strictMode ) {
+        if ( arguments.length === 1 && url === true ) {
+            strictMode = true;
+            url = undefined;
+        }
+        strictMode = strictMode || false;
+        url = url || window.location.toString();
+
+        return {
+
+            data : parseUri(url, strictMode),
+
+            // get various attributes from the URI
+            attr : function( attr ) {
+                attr = aliases[attr] || attr;
+                return typeof attr !== 'undefined' ? this.data.attr[attr] : this.data.attr;
+            },
+
+            // return query string parameters
+            param : function( param ) {
+                return typeof param !== 'undefined' ? this.data.param.query[param] : this.data.param.query;
+            },
+
+            // return fragment parameters
+            fparam : function( param ) {
+                return typeof param !== 'undefined' ? this.data.param.fragment[param] : this.data.param.fragment;
+            },
+
+            // return path segments
+            segment : function( seg ) {
+                if ( typeof seg === 'undefined' ) {
+                    return this.data.seg.path;
+                } else {
+                    seg = seg < 0 ? this.data.seg.path.length + seg : seg - 1; // negative segments count from the end
+                    return this.data.seg.path[seg];
+                }
+            },
+
+            // return fragment segments
+            fsegment : function( seg ) {
+                if ( typeof seg === 'undefined' ) {
+                    return this.data.seg.fragment;
+                } else {
+                    seg = seg < 0 ? this.data.seg.fragment.length + seg : seg - 1; // negative segments count from the end
+                    return this.data.seg.fragment[seg];
+                }
+            }
+
+        };
+
+    }
+    
+    purl.jQuery = function($){
+        if ($ != null) {
+            $.fn.url = function( strictMode ) {
+                var url = '';
+                if ( this.length ) {
+                    url = $(this).attr( getAttrName(this[0]) ) || '';
+                }
+                return purl( url, strictMode );
+            };
+
+            $.url = purl;
+        }
+    };
+
+    purl.jQuery(window.jQuery);
+
+    return purl;
+
+});
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/lib/retina.js b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/retina.js
new file mode 100644
index 000000000..d6fe0b464
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/retina.js
@@ -0,0 +1,182 @@
+/*!
+ * Retina.js v1.3.0
+ *
+ * Copyright 2014 Imulus, LLC
+ * Released under the MIT license
+ *
+ * Retina.js is an open source script that makes it easy to serve
+ * high-resolution images to devices with retina displays.
+ */
+
+(function() {
+    var root = (typeof exports === 'undefined' ? window : exports);
+    var config = {
+        // An option to choose a suffix for 2x images
+        retinaImageSuffix : '@2x',
+
+        // Ensure Content-Type is an image before trying to load @2x image
+        // https://github.com/imulus/retinajs/pull/45)
+        check_mime_type: true,
+
+        // Resize high-resolution images to original image's pixel dimensions
+        // https://github.com/imulus/retinajs/issues/8
+        force_original_dimensions: true
+    };
+
+    function Retina() {}
+
+    root.Retina = Retina;
+
+    Retina.configure = function(options) {
+        if (options === null) {
+            options = {};
+        }
+
+        for (var prop in options) {
+            if (options.hasOwnProperty(prop)) {
+                config[prop] = options[prop];
+            }
+        }
+    };
+
+    Retina.init = function(context) {
+        if (context === null) {
+            context = root;
+        }
+
+        var existing_onload = context.onload || function(){};
+
+        context.onload = function() {
+            var images = document.getElementsByTagName('img'), retinaImages = [], i, image;
+            for (i = 0; i < images.length; i += 1) {
+                image = images[i];
+                if (!!!image.getAttributeNode('data-no-retina')) {
+                    retinaImages.push(new RetinaImage(image));
+                }
+            }
+            existing_onload();
+        };
+    };
+
+    Retina.isRetina = function(){
+        var mediaQuery = '(-webkit-min-device-pixel-ratio: 1.5), (min--moz-device-pixel-ratio: 1.5), (-o-min-device-pixel-ratio: 3/2), (min-resolution: 1.5dppx)';
+
+        if (root.devicePixelRatio > 1) {
+            return true;
+        }
+
+        if (root.matchMedia && root.matchMedia(mediaQuery).matches) {
+            return true;
+        }
+
+        return false;
+    };
+
+
+    var regexMatch = /\.\w+$/;
+    function suffixReplace (match) {
+        return config.retinaImageSuffix + match;
+    }
+
+    function RetinaImagePath(path, at_2x_path) {
+        this.path = path || '';
+        if (typeof at_2x_path !== 'undefined' && at_2x_path !== null) {
+            this.at_2x_path = at_2x_path;
+            this.perform_check = false;
+        } else {
+            if (undefined !== document.createElement) {
+                var locationObject = document.createElement('a');
+                locationObject.href = this.path;
+                locationObject.pathname = locationObject.pathname.replace(regexMatch, suffixReplace);
+                this.at_2x_path = locationObject.href;
+            } else {
+                var parts = this.path.split('?');
+                parts[0] = parts[0].replace(regexMatch, suffixReplace);
+                this.at_2x_path = parts.join('?');
+            }
+            this.perform_check = true;
+        }
+    }
+
+    root.RetinaImagePath = RetinaImagePath;
+
+    RetinaImagePath.confirmed_paths = [];
+
+    RetinaImagePath.prototype.is_external = function() {
+        return !!(this.path.match(/^https?\:/i) && !this.path.match('//' + document.domain) );
+    };
+
+    RetinaImagePath.prototype.check_2x_variant = function(callback) {
+        var http, that = this;
+        if (this.is_external()) {
+            return callback(false);
+        } else if (!this.perform_check && typeof this.at_2x_path !== 'undefined' && this.at_2x_path !== null) {
+            return callback(true);
+        } else if (this.at_2x_path in RetinaImagePath.confirmed_paths) {
+            return callback(true);
+        } else {
+            http = new XMLHttpRequest();
+            http.open('GET', this.at_2x_path); // local patch HEAD->GET, play nice with firefox
+            http.onreadystatechange = function() {
+                if (http.readyState !== 4) {
+                    return callback(false);
+                }
+
+                if (http.status >= 200 && http.status <= 399) {
+                    if (config.check_mime_type) {
+                        var type = http.getResponseHeader('Content-Type');
+                        if (type === null || !type.match(/^image/i)) {
+                            return callback(false);
+                        }
+                    }
+
+                    RetinaImagePath.confirmed_paths.push(that.at_2x_path);
+                    return callback(true);
+                } else {
+                    return callback(false);
+                }
+            };
+            http.send();
+        }
+    };
+
+
+    function RetinaImage(el) {
+        this.el = el;
+        this.path = new RetinaImagePath(this.el.getAttribute('src'), this.el.getAttribute('data-at2x'));
+        var that = this;
+        this.path.check_2x_variant(function(hasVariant) {
+            if (hasVariant) {
+                that.swap();
+            }
+        });
+    }
+
+    root.RetinaImage = RetinaImage;
+
+    RetinaImage.prototype.swap = function(path) {
+        if (typeof path === 'undefined') {
+            path = this.path.at_2x_path;
+        }
+
+        var that = this;
+        function load() {
+            if (! that.el.complete) {
+                setTimeout(load, 5);
+            } else {
+                if (config.force_original_dimensions) {
+                    that.el.setAttribute('width', that.el.offsetWidth);
+                    that.el.setAttribute('height', that.el.offsetHeight);
+                }
+
+                that.el.setAttribute('src', path);
+            }
+        }
+        load();
+    };
+
+
+    if (Retina.isRetina()) {
+        Retina.init(root);
+    }
+})();
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/lib/underscore.js b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/underscore.js
new file mode 100644
index 000000000..b29332f94
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/lib/underscore.js
@@ -0,0 +1,1548 @@
+//     Underscore.js 1.8.3
+//     http://underscorejs.org
+//     (c) 2009-2015 Jeremy Ashkenas, DocumentCloud and Investigative Reporters & Editors
+//     Underscore may be freely distributed under the MIT license.
+
+(function() {
+
+  // Baseline setup
+  // --------------
+
+  // Establish the root object, `window` in the browser, or `exports` on the server.
+  var root = this;
+
+  // Save the previous value of the `_` variable.
+  var previousUnderscore = root._;
+
+  // Save bytes in the minified (but not gzipped) version:
+  var ArrayProto = Array.prototype, ObjProto = Object.prototype, FuncProto = Function.prototype;
+
+  // Create quick reference variables for speed access to core prototypes.
+  var
+    push             = ArrayProto.push,
+    slice            = ArrayProto.slice,
+    toString         = ObjProto.toString,
+    hasOwnProperty   = ObjProto.hasOwnProperty;
+
+  // All **ECMAScript 5** native function implementations that we hope to use
+  // are declared here.
+  var
+    nativeIsArray      = Array.isArray,
+    nativeKeys         = Object.keys,
+    nativeBind         = FuncProto.bind,
+    nativeCreate       = Object.create;
+
+  // Naked function reference for surrogate-prototype-swapping.
+  var Ctor = function(){};
+
+  // Create a safe reference to the Underscore object for use below.
+  var _ = function(obj) {
+    if (obj instanceof _) return obj;
+    if (!(this instanceof _)) return new _(obj);
+    this._wrapped = obj;
+  };
+
+  // Export the Underscore object for **Node.js**, with
+  // backwards-compatibility for the old `require()` API. If we're in
+  // the browser, add `_` as a global object.
+  if (typeof exports !== 'undefined') {
+    if (typeof module !== 'undefined' && module.exports) {
+      exports = module.exports = _;
+    }
+    exports._ = _;
+  } else {
+    root._ = _;
+  }
+
+  // Current version.
+  _.VERSION = '1.8.3';
+
+  // Internal function that returns an efficient (for current engines) version
+  // of the passed-in callback, to be repeatedly applied in other Underscore
+  // functions.
+  var optimizeCb = function(func, context, argCount) {
+    if (context === void 0) return func;
+    switch (argCount == null ? 3 : argCount) {
+      case 1: return function(value) {
+        return func.call(context, value);
+      };
+      case 2: return function(value, other) {
+        return func.call(context, value, other);
+      };
+      case 3: return function(value, index, collection) {
+        return func.call(context, value, index, collection);
+      };
+      case 4: return function(accumulator, value, index, collection) {
+        return func.call(context, accumulator, value, index, collection);
+      };
+    }
+    return function() {
+      return func.apply(context, arguments);
+    };
+  };
+
+  // A mostly-internal function to generate callbacks that can be applied
+  // to each element in a collection, returning the desired result — either
+  // identity, an arbitrary callback, a property matcher, or a property accessor.
+  var cb = function(value, context, argCount) {
+    if (value == null) return _.identity;
+    if (_.isFunction(value)) return optimizeCb(value, context, argCount);
+    if (_.isObject(value)) return _.matcher(value);
+    return _.property(value);
+  };
+  _.iteratee = function(value, context) {
+    return cb(value, context, Infinity);
+  };
+
+  // An internal function for creating assigner functions.
+  var createAssigner = function(keysFunc, undefinedOnly) {
+    return function(obj) {
+      var length = arguments.length;
+      if (length < 2 || obj == null) return obj;
+      for (var index = 1; index < length; index++) {
+        var source = arguments[index],
+            keys = keysFunc(source),
+            l = keys.length;
+        for (var i = 0; i < l; i++) {
+          var key = keys[i];
+          if (!undefinedOnly || obj[key] === void 0) obj[key] = source[key];
+        }
+      }
+      return obj;
+    };
+  };
+
+  // An internal function for creating a new object that inherits from another.
+  var baseCreate = function(prototype) {
+    if (!_.isObject(prototype)) return {};
+    if (nativeCreate) return nativeCreate(prototype);
+    Ctor.prototype = prototype;
+    var result = new Ctor;
+    Ctor.prototype = null;
+    return result;
+  };
+
+  var property = function(key) {
+    return function(obj) {
+      return obj == null ? void 0 : obj[key];
+    };
+  };
+
+  // Helper for collection methods to determine whether a collection
+  // should be iterated as an array or as an object
+  // Related: http://people.mozilla.org/~jorendorff/es6-draft.html#sec-tolength
+  // Avoids a very nasty iOS 8 JIT bug on ARM-64. #2094
+  var MAX_ARRAY_INDEX = Math.pow(2, 53) - 1;
+  var getLength = property('length');
+  var isArrayLike = function(collection) {
+    var length = getLength(collection);
+    return typeof length == 'number' && length >= 0 && length <= MAX_ARRAY_INDEX;
+  };
+
+  // Collection Functions
+  // --------------------
+
+  // The cornerstone, an `each` implementation, aka `forEach`.
+  // Handles raw objects in addition to array-likes. Treats all
+  // sparse array-likes as if they were dense.
+  _.each = _.forEach = function(obj, iteratee, context) {
+    iteratee = optimizeCb(iteratee, context);
+    var i, length;
+    if (isArrayLike(obj)) {
+      for (i = 0, length = obj.length; i < length; i++) {
+        iteratee(obj[i], i, obj);
+      }
+    } else {
+      var keys = _.keys(obj);
+      for (i = 0, length = keys.length; i < length; i++) {
+        iteratee(obj[keys[i]], keys[i], obj);
+      }
+    }
+    return obj;
+  };
+
+  // Return the results of applying the iteratee to each element.
+  _.map = _.collect = function(obj, iteratee, context) {
+    iteratee = cb(iteratee, context);
+    var keys = !isArrayLike(obj) && _.keys(obj),
+        length = (keys || obj).length,
+        results = Array(length);
+    for (var index = 0; index < length; index++) {
+      var currentKey = keys ? keys[index] : index;
+      results[index] = iteratee(obj[currentKey], currentKey, obj);
+    }
+    return results;
+  };
+
+  // Create a reducing function iterating left or right.
+  function createReduce(dir) {
+    // Optimized iterator function as using arguments.length
+    // in the main function will deoptimize the, see #1991.
+    function iterator(obj, iteratee, memo, keys, index, length) {
+      for (; index >= 0 && index < length; index += dir) {
+        var currentKey = keys ? keys[index] : index;
+        memo = iteratee(memo, obj[currentKey], currentKey, obj);
+      }
+      return memo;
+    }
+
+    return function(obj, iteratee, memo, context) {
+      iteratee = optimizeCb(iteratee, context, 4);
+      var keys = !isArrayLike(obj) && _.keys(obj),
+          length = (keys || obj).length,
+          index = dir > 0 ? 0 : length - 1;
+      // Determine the initial value if none is provided.
+      if (arguments.length < 3) {
+        memo = obj[keys ? keys[index] : index];
+        index += dir;
+      }
+      return iterator(obj, iteratee, memo, keys, index, length);
+    };
+  }
+
+  // **Reduce** builds up a single result from a list of values, aka `inject`,
+  // or `foldl`.
+  _.reduce = _.foldl = _.inject = createReduce(1);
+
+  // The right-associative version of reduce, also known as `foldr`.
+  _.reduceRight = _.foldr = createReduce(-1);
+
+  // Return the first value which passes a truth test. Aliased as `detect`.
+  _.find = _.detect = function(obj, predicate, context) {
+    var key;
+    if (isArrayLike(obj)) {
+      key = _.findIndex(obj, predicate, context);
+    } else {
+      key = _.findKey(obj, predicate, context);
+    }
+    if (key !== void 0 && key !== -1) return obj[key];
+  };
+
+  // Return all the elements that pass a truth test.
+  // Aliased as `select`.
+  _.filter = _.select = function(obj, predicate, context) {
+    var results = [];
+    predicate = cb(predicate, context);
+    _.each(obj, function(value, index, list) {
+      if (predicate(value, index, list)) results.push(value);
+    });
+    return results;
+  };
+
+  // Return all the elements for which a truth test fails.
+  _.reject = function(obj, predicate, context) {
+    return _.filter(obj, _.negate(cb(predicate)), context);
+  };
+
+  // Determine whether all of the elements match a truth test.
+  // Aliased as `all`.
+  _.every = _.all = function(obj, predicate, context) {
+    predicate = cb(predicate, context);
+    var keys = !isArrayLike(obj) && _.keys(obj),
+        length = (keys || obj).length;
+    for (var index = 0; index < length; index++) {
+      var currentKey = keys ? keys[index] : index;
+      if (!predicate(obj[currentKey], currentKey, obj)) return false;
+    }
+    return true;
+  };
+
+  // Determine if at least one element in the object matches a truth test.
+  // Aliased as `any`.
+  _.some = _.any = function(obj, predicate, context) {
+    predicate = cb(predicate, context);
+    var keys = !isArrayLike(obj) && _.keys(obj),
+        length = (keys || obj).length;
+    for (var index = 0; index < length; index++) {
+      var currentKey = keys ? keys[index] : index;
+      if (predicate(obj[currentKey], currentKey, obj)) return true;
+    }
+    return false;
+  };
+
+  // Determine if the array or object contains a given item (using `===`).
+  // Aliased as `includes` and `include`.
+  _.contains = _.includes = _.include = function(obj, item, fromIndex, guard) {
+    if (!isArrayLike(obj)) obj = _.values(obj);
+    if (typeof fromIndex != 'number' || guard) fromIndex = 0;
+    return _.indexOf(obj, item, fromIndex) >= 0;
+  };
+
+  // Invoke a method (with arguments) on every item in a collection.
+  _.invoke = function(obj, method) {
+    var args = slice.call(arguments, 2);
+    var isFunc = _.isFunction(method);
+    return _.map(obj, function(value) {
+      var func = isFunc ? method : value[method];
+      return func == null ? func : func.apply(value, args);
+    });
+  };
+
+  // Convenience version of a common use case of `map`: fetching a property.
+  _.pluck = function(obj, key) {
+    return _.map(obj, _.property(key));
+  };
+
+  // Convenience version of a common use case of `filter`: selecting only objects
+  // containing specific `key:value` pairs.
+  _.where = function(obj, attrs) {
+    return _.filter(obj, _.matcher(attrs));
+  };
+
+  // Convenience version of a common use case of `find`: getting the first object
+  // containing specific `key:value` pairs.
+  _.findWhere = function(obj, attrs) {
+    return _.find(obj, _.matcher(attrs));
+  };
+
+  // Return the maximum element (or element-based computation).
+  _.max = function(obj, iteratee, context) {
+    var result = -Infinity, lastComputed = -Infinity,
+        value, computed;
+    if (iteratee == null && obj != null) {
+      obj = isArrayLike(obj) ? obj : _.values(obj);
+      for (var i = 0, length = obj.length; i < length; i++) {
+        value = obj[i];
+        if (value > result) {
+          result = value;
+        }
+      }
+    } else {
+      iteratee = cb(iteratee, context);
+      _.each(obj, function(value, index, list) {
+        computed = iteratee(value, index, list);
+        if (computed > lastComputed || computed === -Infinity && result === -Infinity) {
+          result = value;
+          lastComputed = computed;
+        }
+      });
+    }
+    return result;
+  };
+
+  // Return the minimum element (or element-based computation).
+  _.min = function(obj, iteratee, context) {
+    var result = Infinity, lastComputed = Infinity,
+        value, computed;
+    if (iteratee == null && obj != null) {
+      obj = isArrayLike(obj) ? obj : _.values(obj);
+      for (var i = 0, length = obj.length; i < length; i++) {
+        value = obj[i];
+        if (value < result) {
+          result = value;
+        }
+      }
+    } else {
+      iteratee = cb(iteratee, context);
+      _.each(obj, function(value, index, list) {
+        computed = iteratee(value, index, list);
+        if (computed < lastComputed || computed === Infinity && result === Infinity) {
+          result = value;
+          lastComputed = computed;
+        }
+      });
+    }
+    return result;
+  };
+
+  // Shuffle a collection, using the modern version of the
+  // [Fisher-Yates shuffle](http://en.wikipedia.org/wiki/Fisher–Yates_shuffle).
+  _.shuffle = function(obj) {
+    var set = isArrayLike(obj) ? obj : _.values(obj);
+    var length = set.length;
+    var shuffled = Array(length);
+    for (var index = 0, rand; index < length; index++) {
+      rand = _.random(0, index);
+      if (rand !== index) shuffled[index] = shuffled[rand];
+      shuffled[rand] = set[index];
+    }
+    return shuffled;
+  };
+
+  // Sample **n** random values from a collection.
+  // If **n** is not specified, returns a single random element.
+  // The internal `guard` argument allows it to work with `map`.
+  _.sample = function(obj, n, guard) {
+    if (n == null || guard) {
+      if (!isArrayLike(obj)) obj = _.values(obj);
+      return obj[_.random(obj.length - 1)];
+    }
+    return _.shuffle(obj).slice(0, Math.max(0, n));
+  };
+
+  // Sort the object's values by a criterion produced by an iteratee.
+  _.sortBy = function(obj, iteratee, context) {
+    iteratee = cb(iteratee, context);
+    return _.pluck(_.map(obj, function(value, index, list) {
+      return {
+        value: value,
+        index: index,
+        criteria: iteratee(value, index, list)
+      };
+    }).sort(function(left, right) {
+      var a = left.criteria;
+      var b = right.criteria;
+      if (a !== b) {
+        if (a > b || a === void 0) return 1;
+        if (a < b || b === void 0) return -1;
+      }
+      return left.index - right.index;
+    }), 'value');
+  };
+
+  // An internal function used for aggregate "group by" operations.
+  var group = function(behavior) {
+    return function(obj, iteratee, context) {
+      var result = {};
+      iteratee = cb(iteratee, context);
+      _.each(obj, function(value, index) {
+        var key = iteratee(value, index, obj);
+        behavior(result, value, key);
+      });
+      return result;
+    };
+  };
+
+  // Groups the object's values by a criterion. Pass either a string attribute
+  // to group by, or a function that returns the criterion.
+  _.groupBy = group(function(result, value, key) {
+    if (_.has(result, key)) result[key].push(value); else result[key] = [value];
+  });
+
+  // Indexes the object's values by a criterion, similar to `groupBy`, but for
+  // when you know that your index values will be unique.
+  _.indexBy = group(function(result, value, key) {
+    result[key] = value;
+  });
+
+  // Counts instances of an object that group by a certain criterion. Pass
+  // either a string attribute to count by, or a function that returns the
+  // criterion.
+  _.countBy = group(function(result, value, key) {
+    if (_.has(result, key)) result[key]++; else result[key] = 1;
+  });
+
+  // Safely create a real, live array from anything iterable.
+  _.toArray = function(obj) {
+    if (!obj) return [];
+    if (_.isArray(obj)) return slice.call(obj);
+    if (isArrayLike(obj)) return _.map(obj, _.identity);
+    return _.values(obj);
+  };
+
+  // Return the number of elements in an object.
+  _.size = function(obj) {
+    if (obj == null) return 0;
+    return isArrayLike(obj) ? obj.length : _.keys(obj).length;
+  };
+
+  // Split a collection into two arrays: one whose elements all satisfy the given
+  // predicate, and one whose elements all do not satisfy the predicate.
+  _.partition = function(obj, predicate, context) {
+    predicate = cb(predicate, context);
+    var pass = [], fail = [];
+    _.each(obj, function(value, key, obj) {
+      (predicate(value, key, obj) ? pass : fail).push(value);
+    });
+    return [pass, fail];
+  };
+
+  // Array Functions
+  // ---------------
+
+  // Get the first element of an array. Passing **n** will return the first N
+  // values in the array. Aliased as `head` and `take`. The **guard** check
+  // allows it to work with `_.map`.
+  _.first = _.head = _.take = function(array, n, guard) {
+    if (array == null) return void 0;
+    if (n == null || guard) return array[0];
+    return _.initial(array, array.length - n);
+  };
+
+  // Returns everything but the last entry of the array. Especially useful on
+  // the arguments object. Passing **n** will return all the values in
+  // the array, excluding the last N.
+  _.initial = function(array, n, guard) {
+    return slice.call(array, 0, Math.max(0, array.length - (n == null || guard ? 1 : n)));
+  };
+
+  // Get the last element of an array. Passing **n** will return the last N
+  // values in the array.
+  _.last = function(array, n, guard) {
+    if (array == null) return void 0;
+    if (n == null || guard) return array[array.length - 1];
+    return _.rest(array, Math.max(0, array.length - n));
+  };
+
+  // Returns everything but the first entry of the array. Aliased as `tail` and `drop`.
+  // Especially useful on the arguments object. Passing an **n** will return
+  // the rest N values in the array.
+  _.rest = _.tail = _.drop = function(array, n, guard) {
+    return slice.call(array, n == null || guard ? 1 : n);
+  };
+
+  // Trim out all falsy values from an array.
+  _.compact = function(array) {
+    return _.filter(array, _.identity);
+  };
+
+  // Internal implementation of a recursive `flatten` function.
+  var flatten = function(input, shallow, strict, startIndex) {
+    var output = [], idx = 0;
+    for (var i = startIndex || 0, length = getLength(input); i < length; i++) {
+      var value = input[i];
+      if (isArrayLike(value) && (_.isArray(value) || _.isArguments(value))) {
+        //flatten current level of array or arguments object
+        if (!shallow) value = flatten(value, shallow, strict);
+        var j = 0, len = value.length;
+        output.length += len;
+        while (j < len) {
+          output[idx++] = value[j++];
+        }
+      } else if (!strict) {
+        output[idx++] = value;
+      }
+    }
+    return output;
+  };
+
+  // Flatten out an array, either recursively (by default), or just one level.
+  _.flatten = function(array, shallow) {
+    return flatten(array, shallow, false);
+  };
+
+  // Return a version of the array that does not contain the specified value(s).
+  _.without = function(array) {
+    return _.difference(array, slice.call(arguments, 1));
+  };
+
+  // Produce a duplicate-free version of the array. If the array has already
+  // been sorted, you have the option of using a faster algorithm.
+  // Aliased as `unique`.
+  _.uniq = _.unique = function(array, isSorted, iteratee, context) {
+    if (!_.isBoolean(isSorted)) {
+      context = iteratee;
+      iteratee = isSorted;
+      isSorted = false;
+    }
+    if (iteratee != null) iteratee = cb(iteratee, context);
+    var result = [];
+    var seen = [];
+    for (var i = 0, length = getLength(array); i < length; i++) {
+      var value = array[i],
+          computed = iteratee ? iteratee(value, i, array) : value;
+      if (isSorted) {
+        if (!i || seen !== computed) result.push(value);
+        seen = computed;
+      } else if (iteratee) {
+        if (!_.contains(seen, computed)) {
+          seen.push(computed);
+          result.push(value);
+        }
+      } else if (!_.contains(result, value)) {
+        result.push(value);
+      }
+    }
+    return result;
+  };
+
+  // Produce an array that contains the union: each distinct element from all of
+  // the passed-in arrays.
+  _.union = function() {
+    return _.uniq(flatten(arguments, true, true));
+  };
+
+  // Produce an array that contains every item shared between all the
+  // passed-in arrays.
+  _.intersection = function(array) {
+    var result = [];
+    var argsLength = arguments.length;
+    for (var i = 0, length = getLength(array); i < length; i++) {
+      var item = array[i];
+      if (_.contains(result, item)) continue;
+      for (var j = 1; j < argsLength; j++) {
+        if (!_.contains(arguments[j], item)) break;
+      }
+      if (j === argsLength) result.push(item);
+    }
+    return result;
+  };
+
+  // Take the difference between one array and a number of other arrays.
+  // Only the elements present in just the first array will remain.
+  _.difference = function(array) {
+    var rest = flatten(arguments, true, true, 1);
+    return _.filter(array, function(value){
+      return !_.contains(rest, value);
+    });
+  };
+
+  // Zip together multiple lists into a single array -- elements that share
+  // an index go together.
+  _.zip = function() {
+    return _.unzip(arguments);
+  };
+
+  // Complement of _.zip. Unzip accepts an array of arrays and groups
+  // each array's elements on shared indices
+  _.unzip = function(array) {
+    var length = array && _.max(array, getLength).length || 0;
+    var result = Array(length);
+
+    for (var index = 0; index < length; index++) {
+      result[index] = _.pluck(array, index);
+    }
+    return result;
+  };
+
+  // Converts lists into objects. Pass either a single array of `[key, value]`
+  // pairs, or two parallel arrays of the same length -- one of keys, and one of
+  // the corresponding values.
+  _.object = function(list, values) {
+    var result = {};
+    for (var i = 0, length = getLength(list); i < length; i++) {
+      if (values) {
+        result[list[i]] = values[i];
+      } else {
+        result[list[i][0]] = list[i][1];
+      }
+    }
+    return result;
+  };
+
+  // Generator function to create the findIndex and findLastIndex functions
+  function createPredicateIndexFinder(dir) {
+    return function(array, predicate, context) {
+      predicate = cb(predicate, context);
+      var length = getLength(array);
+      var index = dir > 0 ? 0 : length - 1;
+      for (; index >= 0 && index < length; index += dir) {
+        if (predicate(array[index], index, array)) return index;
+      }
+      return -1;
+    };
+  }
+
+  // Returns the first index on an array-like that passes a predicate test
+  _.findIndex = createPredicateIndexFinder(1);
+  _.findLastIndex = createPredicateIndexFinder(-1);
+
+  // Use a comparator function to figure out the smallest index at which
+  // an object should be inserted so as to maintain order. Uses binary search.
+  _.sortedIndex = function(array, obj, iteratee, context) {
+    iteratee = cb(iteratee, context, 1);
+    var value = iteratee(obj);
+    var low = 0, high = getLength(array);
+    while (low < high) {
+      var mid = Math.floor((low + high) / 2);
+      if (iteratee(array[mid]) < value) low = mid + 1; else high = mid;
+    }
+    return low;
+  };
+
+  // Generator function to create the indexOf and lastIndexOf functions
+  function createIndexFinder(dir, predicateFind, sortedIndex) {
+    return function(array, item, idx) {
+      var i = 0, length = getLength(array);
+      if (typeof idx == 'number') {
+        if (dir > 0) {
+            i = idx >= 0 ? idx : Math.max(idx + length, i);
+        } else {
+            length = idx >= 0 ? Math.min(idx + 1, length) : idx + length + 1;
+        }
+      } else if (sortedIndex && idx && length) {
+        idx = sortedIndex(array, item);
+        return array[idx] === item ? idx : -1;
+      }
+      if (item !== item) {
+        idx = predicateFind(slice.call(array, i, length), _.isNaN);
+        return idx >= 0 ? idx + i : -1;
+      }
+      for (idx = dir > 0 ? i : length - 1; idx >= 0 && idx < length; idx += dir) {
+        if (array[idx] === item) return idx;
+      }
+      return -1;
+    };
+  }
+
+  // Return the position of the first occurrence of an item in an array,
+  // or -1 if the item is not included in the array.
+  // If the array is large and already in sort order, pass `true`
+  // for **isSorted** to use binary search.
+  _.indexOf = createIndexFinder(1, _.findIndex, _.sortedIndex);
+  _.lastIndexOf = createIndexFinder(-1, _.findLastIndex);
+
+  // Generate an integer Array containing an arithmetic progression. A port of
+  // the native Python `range()` function. See
+  // [the Python documentation](http://docs.python.org/library/functions.html#range).
+  _.range = function(start, stop, step) {
+    if (stop == null) {
+      stop = start || 0;
+      start = 0;
+    }
+    step = step || 1;
+
+    var length = Math.max(Math.ceil((stop - start) / step), 0);
+    var range = Array(length);
+
+    for (var idx = 0; idx < length; idx++, start += step) {
+      range[idx] = start;
+    }
+
+    return range;
+  };
+
+  // Function (ahem) Functions
+  // ------------------
+
+  // Determines whether to execute a function as a constructor
+  // or a normal function with the provided arguments
+  var executeBound = function(sourceFunc, boundFunc, context, callingContext, args) {
+    if (!(callingContext instanceof boundFunc)) return sourceFunc.apply(context, args);
+    var self = baseCreate(sourceFunc.prototype);
+    var result = sourceFunc.apply(self, args);
+    if (_.isObject(result)) return result;
+    return self;
+  };
+
+  // Create a function bound to a given object (assigning `this`, and arguments,
+  // optionally). Delegates to **ECMAScript 5**'s native `Function.bind` if
+  // available.
+  _.bind = function(func, context) {
+    if (nativeBind && func.bind === nativeBind) return nativeBind.apply(func, slice.call(arguments, 1));
+    if (!_.isFunction(func)) throw new TypeError('Bind must be called on a function');
+    var args = slice.call(arguments, 2);
+    var bound = function() {
+      return executeBound(func, bound, context, this, args.concat(slice.call(arguments)));
+    };
+    return bound;
+  };
+
+  // Partially apply a function by creating a version that has had some of its
+  // arguments pre-filled, without changing its dynamic `this` context. _ acts
+  // as a placeholder, allowing any combination of arguments to be pre-filled.
+  _.partial = function(func) {
+    var boundArgs = slice.call(arguments, 1);
+    var bound = function() {
+      var position = 0, length = boundArgs.length;
+      var args = Array(length);
+      for (var i = 0; i < length; i++) {
+        args[i] = boundArgs[i] === _ ? arguments[position++] : boundArgs[i];
+      }
+      while (position < arguments.length) args.push(arguments[position++]);
+      return executeBound(func, bound, this, this, args);
+    };
+    return bound;
+  };
+
+  // Bind a number of an object's methods to that object. Remaining arguments
+  // are the method names to be bound. Useful for ensuring that all callbacks
+  // defined on an object belong to it.
+  _.bindAll = function(obj) {
+    var i, length = arguments.length, key;
+    if (length <= 1) throw new Error('bindAll must be passed function names');
+    for (i = 1; i < length; i++) {
+      key = arguments[i];
+      obj[key] = _.bind(obj[key], obj);
+    }
+    return obj;
+  };
+
+  // Memoize an expensive function by storing its results.
+  _.memoize = function(func, hasher) {
+    var memoize = function(key) {
+      var cache = memoize.cache;
+      var address = '' + (hasher ? hasher.apply(this, arguments) : key);
+      if (!_.has(cache, address)) cache[address] = func.apply(this, arguments);
+      return cache[address];
+    };
+    memoize.cache = {};
+    return memoize;
+  };
+
+  // Delays a function for the given number of milliseconds, and then calls
+  // it with the arguments supplied.
+  _.delay = function(func, wait) {
+    var args = slice.call(arguments, 2);
+    return setTimeout(function(){
+      return func.apply(null, args);
+    }, wait);
+  };
+
+  // Defers a function, scheduling it to run after the current call stack has
+  // cleared.
+  _.defer = _.partial(_.delay, _, 1);
+
+  // Returns a function, that, when invoked, will only be triggered at most once
+  // during a given window of time. Normally, the throttled function will run
+  // as much as it can, without ever going more than once per `wait` duration;
+  // but if you'd like to disable the execution on the leading edge, pass
+  // `{leading: false}`. To disable execution on the trailing edge, ditto.
+  _.throttle = function(func, wait, options) {
+    var context, args, result;
+    var timeout = null;
+    var previous = 0;
+    if (!options) options = {};
+    var later = function() {
+      previous = options.leading === false ? 0 : _.now();
+      timeout = null;
+      result = func.apply(context, args);
+      if (!timeout) context = args = null;
+    };
+    return function() {
+      var now = _.now();
+      if (!previous && options.leading === false) previous = now;
+      var remaining = wait - (now - previous);
+      context = this;
+      args = arguments;
+      if (remaining <= 0 || remaining > wait) {
+        if (timeout) {
+          clearTimeout(timeout);
+          timeout = null;
+        }
+        previous = now;
+        result = func.apply(context, args);
+        if (!timeout) context = args = null;
+      } else if (!timeout && options.trailing !== false) {
+        timeout = setTimeout(later, remaining);
+      }
+      return result;
+    };
+  };
+
+  // Returns a function, that, as long as it continues to be invoked, will not
+  // be triggered. The function will be called after it stops being called for
+  // N milliseconds. If `immediate` is passed, trigger the function on the
+  // leading edge, instead of the trailing.
+  _.debounce = function(func, wait, immediate) {
+    var timeout, args, context, timestamp, result;
+
+    var later = function() {
+      var last = _.now() - timestamp;
+
+      if (last < wait && last >= 0) {
+        timeout = setTimeout(later, wait - last);
+      } else {
+        timeout = null;
+        if (!immediate) {
+          result = func.apply(context, args);
+          if (!timeout) context = args = null;
+        }
+      }
+    };
+
+    return function() {
+      context = this;
+      args = arguments;
+      timestamp = _.now();
+      var callNow = immediate && !timeout;
+      if (!timeout) timeout = setTimeout(later, wait);
+      if (callNow) {
+        result = func.apply(context, args);
+        context = args = null;
+      }
+
+      return result;
+    };
+  };
+
+  // Returns the first function passed as an argument to the second,
+  // allowing you to adjust arguments, run code before and after, and
+  // conditionally execute the original function.
+  _.wrap = function(func, wrapper) {
+    return _.partial(wrapper, func);
+  };
+
+  // Returns a negated version of the passed-in predicate.
+  _.negate = function(predicate) {
+    return function() {
+      return !predicate.apply(this, arguments);
+    };
+  };
+
+  // Returns a function that is the composition of a list of functions, each
+  // consuming the return value of the function that follows.
+  _.compose = function() {
+    var args = arguments;
+    var start = args.length - 1;
+    return function() {
+      var i = start;
+      var result = args[start].apply(this, arguments);
+      while (i--) result = args[i].call(this, result);
+      return result;
+    };
+  };
+
+  // Returns a function that will only be executed on and after the Nth call.
+  _.after = function(times, func) {
+    return function() {
+      if (--times < 1) {
+        return func.apply(this, arguments);
+      }
+    };
+  };
+
+  // Returns a function that will only be executed up to (but not including) the Nth call.
+  _.before = function(times, func) {
+    var memo;
+    return function() {
+      if (--times > 0) {
+        memo = func.apply(this, arguments);
+      }
+      if (times <= 1) func = null;
+      return memo;
+    };
+  };
+
+  // Returns a function that will be executed at most one time, no matter how
+  // often you call it. Useful for lazy initialization.
+  _.once = _.partial(_.before, 2);
+
+  // Object Functions
+  // ----------------
+
+  // Keys in IE < 9 that won't be iterated by `for key in ...` and thus missed.
+  var hasEnumBug = !{toString: null}.propertyIsEnumerable('toString');
+  var nonEnumerableProps = ['valueOf', 'isPrototypeOf', 'toString',
+                      'propertyIsEnumerable', 'hasOwnProperty', 'toLocaleString'];
+
+  function collectNonEnumProps(obj, keys) {
+    var nonEnumIdx = nonEnumerableProps.length;
+    var constructor = obj.constructor;
+    var proto = (_.isFunction(constructor) && constructor.prototype) || ObjProto;
+
+    // Constructor is a special case.
+    var prop = 'constructor';
+    if (_.has(obj, prop) && !_.contains(keys, prop)) keys.push(prop);
+
+    while (nonEnumIdx--) {
+      prop = nonEnumerableProps[nonEnumIdx];
+      if (prop in obj && obj[prop] !== proto[prop] && !_.contains(keys, prop)) {
+        keys.push(prop);
+      }
+    }
+  }
+
+  // Retrieve the names of an object's own properties.
+  // Delegates to **ECMAScript 5**'s native `Object.keys`
+  _.keys = function(obj) {
+    if (!_.isObject(obj)) return [];
+    if (nativeKeys) return nativeKeys(obj);
+    var keys = [];
+    for (var key in obj) if (_.has(obj, key)) keys.push(key);
+    // Ahem, IE < 9.
+    if (hasEnumBug) collectNonEnumProps(obj, keys);
+    return keys;
+  };
+
+  // Retrieve all the property names of an object.
+  _.allKeys = function(obj) {
+    if (!_.isObject(obj)) return [];
+    var keys = [];
+    for (var key in obj) keys.push(key);
+    // Ahem, IE < 9.
+    if (hasEnumBug) collectNonEnumProps(obj, keys);
+    return keys;
+  };
+
+  // Retrieve the values of an object's properties.
+  _.values = function(obj) {
+    var keys = _.keys(obj);
+    var length = keys.length;
+    var values = Array(length);
+    for (var i = 0; i < length; i++) {
+      values[i] = obj[keys[i]];
+    }
+    return values;
+  };
+
+  // Returns the results of applying the iteratee to each element of the object
+  // In contrast to _.map it returns an object
+  _.mapObject = function(obj, iteratee, context) {
+    iteratee = cb(iteratee, context);
+    var keys =  _.keys(obj),
+          length = keys.length,
+          results = {},
+          currentKey;
+      for (var index = 0; index < length; index++) {
+        currentKey = keys[index];
+        results[currentKey] = iteratee(obj[currentKey], currentKey, obj);
+      }
+      return results;
+  };
+
+  // Convert an object into a list of `[key, value]` pairs.
+  _.pairs = function(obj) {
+    var keys = _.keys(obj);
+    var length = keys.length;
+    var pairs = Array(length);
+    for (var i = 0; i < length; i++) {
+      pairs[i] = [keys[i], obj[keys[i]]];
+    }
+    return pairs;
+  };
+
+  // Invert the keys and values of an object. The values must be serializable.
+  _.invert = function(obj) {
+    var result = {};
+    var keys = _.keys(obj);
+    for (var i = 0, length = keys.length; i < length; i++) {
+      result[obj[keys[i]]] = keys[i];
+    }
+    return result;
+  };
+
+  // Return a sorted list of the function names available on the object.
+  // Aliased as `methods`
+  _.functions = _.methods = function(obj) {
+    var names = [];
+    for (var key in obj) {
+      if (_.isFunction(obj[key])) names.push(key);
+    }
+    return names.sort();
+  };
+
+  // Extend a given object with all the properties in passed-in object(s).
+  _.extend = createAssigner(_.allKeys);
+
+  // Assigns a given object with all the own properties in the passed-in object(s)
+  // (https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global_Objects/Object/assign)
+  _.extendOwn = _.assign = createAssigner(_.keys);
+
+  // Returns the first key on an object that passes a predicate test
+  _.findKey = function(obj, predicate, context) {
+    predicate = cb(predicate, context);
+    var keys = _.keys(obj), key;
+    for (var i = 0, length = keys.length; i < length; i++) {
+      key = keys[i];
+      if (predicate(obj[key], key, obj)) return key;
+    }
+  };
+
+  // Return a copy of the object only containing the whitelisted properties.
+  _.pick = function(object, oiteratee, context) {
+    var result = {}, obj = object, iteratee, keys;
+    if (obj == null) return result;
+    if (_.isFunction(oiteratee)) {
+      keys = _.allKeys(obj);
+      iteratee = optimizeCb(oiteratee, context);
+    } else {
+      keys = flatten(arguments, false, false, 1);
+      iteratee = function(value, key, obj) { return key in obj; };
+      obj = Object(obj);
+    }
+    for (var i = 0, length = keys.length; i < length; i++) {
+      var key = keys[i];
+      var value = obj[key];
+      if (iteratee(value, key, obj)) result[key] = value;
+    }
+    return result;
+  };
+
+   // Return a copy of the object without the blacklisted properties.
+  _.omit = function(obj, iteratee, context) {
+    if (_.isFunction(iteratee)) {
+      iteratee = _.negate(iteratee);
+    } else {
+      var keys = _.map(flatten(arguments, false, false, 1), String);
+      iteratee = function(value, key) {
+        return !_.contains(keys, key);
+      };
+    }
+    return _.pick(obj, iteratee, context);
+  };
+
+  // Fill in a given object with default properties.
+  _.defaults = createAssigner(_.allKeys, true);
+
+  // Creates an object that inherits from the given prototype object.
+  // If additional properties are provided then they will be added to the
+  // created object.
+  _.create = function(prototype, props) {
+    var result = baseCreate(prototype);
+    if (props) _.extendOwn(result, props);
+    return result;
+  };
+
+  // Create a (shallow-cloned) duplicate of an object.
+  _.clone = function(obj) {
+    if (!_.isObject(obj)) return obj;
+    return _.isArray(obj) ? obj.slice() : _.extend({}, obj);
+  };
+
+  // Invokes interceptor with the obj, and then returns obj.
+  // The primary purpose of this method is to "tap into" a method chain, in
+  // order to perform operations on intermediate results within the chain.
+  _.tap = function(obj, interceptor) {
+    interceptor(obj);
+    return obj;
+  };
+
+  // Returns whether an object has a given set of `key:value` pairs.
+  _.isMatch = function(object, attrs) {
+    var keys = _.keys(attrs), length = keys.length;
+    if (object == null) return !length;
+    var obj = Object(object);
+    for (var i = 0; i < length; i++) {
+      var key = keys[i];
+      if (attrs[key] !== obj[key] || !(key in obj)) return false;
+    }
+    return true;
+  };
+
+
+  // Internal recursive comparison function for `isEqual`.
+  var eq = function(a, b, aStack, bStack) {
+    // Identical objects are equal. `0 === -0`, but they aren't identical.
+    // See the [Harmony `egal` proposal](http://wiki.ecmascript.org/doku.php?id=harmony:egal).
+    if (a === b) return a !== 0 || 1 / a === 1 / b;
+    // A strict comparison is necessary because `null == undefined`.
+    if (a == null || b == null) return a === b;
+    // Unwrap any wrapped objects.
+    if (a instanceof _) a = a._wrapped;
+    if (b instanceof _) b = b._wrapped;
+    // Compare `[[Class]]` names.
+    var className = toString.call(a);
+    if (className !== toString.call(b)) return false;
+    switch (className) {
+      // Strings, numbers, regular expressions, dates, and booleans are compared by value.
+      case '[object RegExp]':
+      // RegExps are coerced to strings for comparison (Note: '' + /a/i === '/a/i')
+      case '[object String]':
+        // Primitives and their corresponding object wrappers are equivalent; thus, `"5"` is
+        // equivalent to `new String("5")`.
+        return '' + a === '' + b;
+      case '[object Number]':
+        // `NaN`s are equivalent, but non-reflexive.
+        // Object(NaN) is equivalent to NaN
+        if (+a !== +a) return +b !== +b;
+        // An `egal` comparison is performed for other numeric values.
+        return +a === 0 ? 1 / +a === 1 / b : +a === +b;
+      case '[object Date]':
+      case '[object Boolean]':
+        // Coerce dates and booleans to numeric primitive values. Dates are compared by their
+        // millisecond representations. Note that invalid dates with millisecond representations
+        // of `NaN` are not equivalent.
+        return +a === +b;
+    }
+
+    var areArrays = className === '[object Array]';
+    if (!areArrays) {
+      if (typeof a != 'object' || typeof b != 'object') return false;
+
+      // Objects with different constructors are not equivalent, but `Object`s or `Array`s
+      // from different frames are.
+      var aCtor = a.constructor, bCtor = b.constructor;
+      if (aCtor !== bCtor && !(_.isFunction(aCtor) && aCtor instanceof aCtor &&
+                               _.isFunction(bCtor) && bCtor instanceof bCtor)
+                          && ('constructor' in a && 'constructor' in b)) {
+        return false;
+      }
+    }
+    // Assume equality for cyclic structures. The algorithm for detecting cyclic
+    // structures is adapted from ES 5.1 section 15.12.3, abstract operation `JO`.
+
+    // Initializing stack of traversed objects.
+    // It's done here since we only need them for objects and arrays comparison.
+    aStack = aStack || [];
+    bStack = bStack || [];
+    var length = aStack.length;
+    while (length--) {
+      // Linear search. Performance is inversely proportional to the number of
+      // unique nested structures.
+      if (aStack[length] === a) return bStack[length] === b;
+    }
+
+    // Add the first object to the stack of traversed objects.
+    aStack.push(a);
+    bStack.push(b);
+
+    // Recursively compare objects and arrays.
+    if (areArrays) {
+      // Compare array lengths to determine if a deep comparison is necessary.
+      length = a.length;
+      if (length !== b.length) return false;
+      // Deep compare the contents, ignoring non-numeric properties.
+      while (length--) {
+        if (!eq(a[length], b[length], aStack, bStack)) return false;
+      }
+    } else {
+      // Deep compare objects.
+      var keys = _.keys(a), key;
+      length = keys.length;
+      // Ensure that both objects contain the same number of properties before comparing deep equality.
+      if (_.keys(b).length !== length) return false;
+      while (length--) {
+        // Deep compare each member
+        key = keys[length];
+        if (!(_.has(b, key) && eq(a[key], b[key], aStack, bStack))) return false;
+      }
+    }
+    // Remove the first object from the stack of traversed objects.
+    aStack.pop();
+    bStack.pop();
+    return true;
+  };
+
+  // Perform a deep comparison to check if two objects are equal.
+  _.isEqual = function(a, b) {
+    return eq(a, b);
+  };
+
+  // Is a given array, string, or object empty?
+  // An "empty" object has no enumerable own-properties.
+  _.isEmpty = function(obj) {
+    if (obj == null) return true;
+    if (isArrayLike(obj) && (_.isArray(obj) || _.isString(obj) || _.isArguments(obj))) return obj.length === 0;
+    return _.keys(obj).length === 0;
+  };
+
+  // Is a given value a DOM element?
+  _.isElement = function(obj) {
+    return !!(obj && obj.nodeType === 1);
+  };
+
+  // Is a given value an array?
+  // Delegates to ECMA5's native Array.isArray
+  _.isArray = nativeIsArray || function(obj) {
+    return toString.call(obj) === '[object Array]';
+  };
+
+  // Is a given variable an object?
+  _.isObject = function(obj) {
+    var type = typeof obj;
+    return type === 'function' || type === 'object' && !!obj;
+  };
+
+  // Add some isType methods: isArguments, isFunction, isString, isNumber, isDate, isRegExp, isError.
+  _.each(['Arguments', 'Function', 'String', 'Number', 'Date', 'RegExp', 'Error'], function(name) {
+    _['is' + name] = function(obj) {
+      return toString.call(obj) === '[object ' + name + ']';
+    };
+  });
+
+  // Define a fallback version of the method in browsers (ahem, IE < 9), where
+  // there isn't any inspectable "Arguments" type.
+  if (!_.isArguments(arguments)) {
+    _.isArguments = function(obj) {
+      return _.has(obj, 'callee');
+    };
+  }
+
+  // Optimize `isFunction` if appropriate. Work around some typeof bugs in old v8,
+  // IE 11 (#1621), and in Safari 8 (#1929).
+  if (typeof /./ != 'function' && typeof Int8Array != 'object') {
+    _.isFunction = function(obj) {
+      return typeof obj == 'function' || false;
+    };
+  }
+
+  // Is a given object a finite number?
+  _.isFinite = function(obj) {
+    return isFinite(obj) && !isNaN(parseFloat(obj));
+  };
+
+  // Is the given value `NaN`? (NaN is the only number which does not equal itself).
+  _.isNaN = function(obj) {
+    return _.isNumber(obj) && obj !== +obj;
+  };
+
+  // Is a given value a boolean?
+  _.isBoolean = function(obj) {
+    return obj === true || obj === false || toString.call(obj) === '[object Boolean]';
+  };
+
+  // Is a given value equal to null?
+  _.isNull = function(obj) {
+    return obj === null;
+  };
+
+  // Is a given variable undefined?
+  _.isUndefined = function(obj) {
+    return obj === void 0;
+  };
+
+  // Shortcut function for checking if an object has a given property directly
+  // on itself (in other words, not on a prototype).
+  _.has = function(obj, key) {
+    return obj != null && hasOwnProperty.call(obj, key);
+  };
+
+  // Utility Functions
+  // -----------------
+
+  // Run Underscore.js in *noConflict* mode, returning the `_` variable to its
+  // previous owner. Returns a reference to the Underscore object.
+  _.noConflict = function() {
+    root._ = previousUnderscore;
+    return this;
+  };
+
+  // Keep the identity function around for default iteratees.
+  _.identity = function(value) {
+    return value;
+  };
+
+  // Predicate-generating functions. Often useful outside of Underscore.
+  _.constant = function(value) {
+    return function() {
+      return value;
+    };
+  };
+
+  _.noop = function(){};
+
+  _.property = property;
+
+  // Generates a function for a given object that returns a given property.
+  _.propertyOf = function(obj) {
+    return obj == null ? function(){} : function(key) {
+      return obj[key];
+    };
+  };
+
+  // Returns a predicate for checking whether an object has a given set of
+  // `key:value` pairs.
+  _.matcher = _.matches = function(attrs) {
+    attrs = _.extendOwn({}, attrs);
+    return function(obj) {
+      return _.isMatch(obj, attrs);
+    };
+  };
+
+  // Run a function **n** times.
+  _.times = function(n, iteratee, context) {
+    var accum = Array(Math.max(0, n));
+    iteratee = optimizeCb(iteratee, context, 1);
+    for (var i = 0; i < n; i++) accum[i] = iteratee(i);
+    return accum;
+  };
+
+  // Return a random integer between min and max (inclusive).
+  _.random = function(min, max) {
+    if (max == null) {
+      max = min;
+      min = 0;
+    }
+    return min + Math.floor(Math.random() * (max - min + 1));
+  };
+
+  // A (possibly faster) way to get the current timestamp as an integer.
+  _.now = Date.now || function() {
+    return new Date().getTime();
+  };
+
+   // List of HTML entities for escaping.
+  var escapeMap = {
+    '&': '&amp;',
+    '<': '&lt;',
+    '>': '&gt;',
+    '"': '&quot;',
+    "'": '&#x27;',
+    '`': '&#x60;'
+  };
+  var unescapeMap = _.invert(escapeMap);
+
+  // Functions for escaping and unescaping strings to/from HTML interpolation.
+  var createEscaper = function(map) {
+    var escaper = function(match) {
+      return map[match];
+    };
+    // Regexes for identifying a key that needs to be escaped
+    var source = '(?:' + _.keys(map).join('|') + ')';
+    var testRegexp = RegExp(source);
+    var replaceRegexp = RegExp(source, 'g');
+    return function(string) {
+      string = string == null ? '' : '' + string;
+      return testRegexp.test(string) ? string.replace(replaceRegexp, escaper) : string;
+    };
+  };
+  _.escape = createEscaper(escapeMap);
+  _.unescape = createEscaper(unescapeMap);
+
+  // If the value of the named `property` is a function then invoke it with the
+  // `object` as context; otherwise, return it.
+  _.result = function(object, property, fallback) {
+    var value = object == null ? void 0 : object[property];
+    if (value === void 0) {
+      value = fallback;
+    }
+    return _.isFunction(value) ? value.call(object) : value;
+  };
+
+  // Generate a unique integer id (unique within the entire client session).
+  // Useful for temporary DOM ids.
+  var idCounter = 0;
+  _.uniqueId = function(prefix) {
+    var id = ++idCounter + '';
+    return prefix ? prefix + id : id;
+  };
+
+  // By default, Underscore uses ERB-style template delimiters, change the
+  // following template settings to use alternative delimiters.
+  _.templateSettings = {
+    evaluate    : /<%([\s\S]+?)%>/g,
+    interpolate : /<%=([\s\S]+?)%>/g,
+    escape      : /<%-([\s\S]+?)%>/g
+  };
+
+  // When customizing `templateSettings`, if you don't want to define an
+  // interpolation, evaluation or escaping regex, we need one that is
+  // guaranteed not to match.
+  var noMatch = /(.)^/;
+
+  // Certain characters need to be escaped so that they can be put into a
+  // string literal.
+  var escapes = {
+    "'":      "'",
+    '\\':     '\\',
+    '\r':     'r',
+    '\n':     'n',
+    '\u2028': 'u2028',
+    '\u2029': 'u2029'
+  };
+
+  var escaper = /\\|'|\r|\n|\u2028|\u2029/g;
+
+  var escapeChar = function(match) {
+    return '\\' + escapes[match];
+  };
+
+  // JavaScript micro-templating, similar to John Resig's implementation.
+  // Underscore templating handles arbitrary delimiters, preserves whitespace,
+  // and correctly escapes quotes within interpolated code.
+  // NB: `oldSettings` only exists for backwards compatibility.
+  _.template = function(text, settings, oldSettings) {
+    if (!settings && oldSettings) settings = oldSettings;
+    settings = _.defaults({}, settings, _.templateSettings);
+
+    // Combine delimiters into one regular expression via alternation.
+    var matcher = RegExp([
+      (settings.escape || noMatch).source,
+      (settings.interpolate || noMatch).source,
+      (settings.evaluate || noMatch).source
+    ].join('|') + '|$', 'g');
+
+    // Compile the template source, escaping string literals appropriately.
+    var index = 0;
+    var source = "__p+='";
+    text.replace(matcher, function(match, escape, interpolate, evaluate, offset) {
+      source += text.slice(index, offset).replace(escaper, escapeChar);
+      index = offset + match.length;
+
+      if (escape) {
+        source += "'+\n((__t=(" + escape + "))==null?'':_.escape(__t))+\n'";
+      } else if (interpolate) {
+        source += "'+\n((__t=(" + interpolate + "))==null?'':__t)+\n'";
+      } else if (evaluate) {
+        source += "';\n" + evaluate + "\n__p+='";
+      }
+
+      // Adobe VMs need the match returned to produce the correct offest.
+      return match;
+    });
+    source += "';\n";
+
+    // If a variable is not specified, place data values in local scope.
+    if (!settings.variable) source = 'with(obj||{}){\n' + source + '}\n';
+
+    source = "var __t,__p='',__j=Array.prototype.join," +
+      "print=function(){__p+=__j.call(arguments,'');};\n" +
+      source + 'return __p;\n';
+
+    try {
+      var render = new Function(settings.variable || 'obj', '_', source);
+    } catch (e) {
+      e.source = source;
+      throw e;
+    }
+
+    var template = function(data) {
+      return render.call(this, data, _);
+    };
+
+    // Provide the compiled source as a convenience for precompilation.
+    var argument = settings.variable || 'obj';
+    template.source = 'function(' + argument + '){\n' + source + '}';
+
+    return template;
+  };
+
+  // Add a "chain" function. Start chaining a wrapped Underscore object.
+  _.chain = function(obj) {
+    var instance = _(obj);
+    instance._chain = true;
+    return instance;
+  };
+
+  // OOP
+  // ---------------
+  // If Underscore is called as a function, it returns a wrapped object that
+  // can be used OO-style. This wrapper holds altered versions of all the
+  // underscore functions. Wrapped objects may be chained.
+
+  // Helper function to continue chaining intermediate results.
+  var result = function(instance, obj) {
+    return instance._chain ? _(obj).chain() : obj;
+  };
+
+  // Add your own custom functions to the Underscore object.
+  _.mixin = function(obj) {
+    _.each(_.functions(obj), function(name) {
+      var func = _[name] = obj[name];
+      _.prototype[name] = function() {
+        var args = [this._wrapped];
+        push.apply(args, arguments);
+        return result(this, func.apply(_, args));
+      };
+    });
+  };
+
+  // Add all of the Underscore functions to the wrapper object.
+  _.mixin(_);
+
+  // Add all mutator Array functions to the wrapper.
+  _.each(['pop', 'push', 'reverse', 'shift', 'sort', 'splice', 'unshift'], function(name) {
+    var method = ArrayProto[name];
+    _.prototype[name] = function() {
+      var obj = this._wrapped;
+      method.apply(obj, arguments);
+      if ((name === 'shift' || name === 'splice') && obj.length === 0) delete obj[0];
+      return result(this, obj);
+    };
+  });
+
+  // Add all accessor Array functions to the wrapper.
+  _.each(['concat', 'join', 'slice'], function(name) {
+    var method = ArrayProto[name];
+    _.prototype[name] = function() {
+      return result(this, method.apply(this._wrapped, arguments));
+    };
+  });
+
+  // Extracts the result from a wrapped and chained object.
+  _.prototype.value = function() {
+    return this._wrapped;
+  };
+
+  // Provide unwrapping proxy for some methods used in engine operations
+  // such as arithmetic and JSON stringification.
+  _.prototype.valueOf = _.prototype.toJSON = _.prototype.value;
+
+  _.prototype.toString = function() {
+    return '' + this._wrapped;
+  };
+
+  // AMD registration happens at the end for compatibility with AMD loaders
+  // that may not enforce next-turn semantics on modules. Even though general
+  // practice for AMD registration is to be anonymous, underscore registers
+  // as a named module because, like jQuery, it is a base library that is
+  // popular enough to be bundled in a third party lib, but not be part of
+  // an AMD load request. Those cases could generate an error when an
+  // anonymous define() is called outside of a loader request.
+  if (typeof define === 'function' && define.amd) {
+    define('underscore', [], function() {
+      return _;
+    });
+  }
+}.call(this));
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
new file mode 100644
index 000000000..b142f0a9b
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/en/messages.json
@@ -0,0 +1,536 @@
+{
+    "admin": {
+        "blacklist": "Blacklist",
+        "blacklist-form": {
+            "blacklisted-uris": "Blacklisted URIs"
+        },
+        "home": "Home",
+        "list-widget": {
+            "empty": "There are no items in this list.",
+            "tooltip": "Click to display full value."
+        },
+        "manage-blacklist": "Manage Blacklisted Clients",
+        "self-service-client": "Self-service Client Registration",
+        "self-service-resource": "Self-service Protected Resource Registration",
+        "user-profile": {
+            "claim": "Claim name:",
+            "show": "View User Profile",
+            "text": "Your user profile has the following information:",
+            "value": "Claim value:"
+        }
+    },
+    "client": {
+        "client-form": {
+            "access": "Access",
+            "access-token-no-timeout": "Access tokens do not time out",
+            "access-token-timeout": "Access Token Timeout",
+            "access-token-timeout-help": "Enter this time in seconds, minutes, or hours.",
+            "acr-values": "Default ACR Values",
+            "acr-values-placeholder": "new ACR value",
+            "acr-values-help": "Default Authentication Context Reference to request for this client",
+            "allow-introspection": "Allow calls to the Introspection Endpoint?",
+            "authentication-method": "Token Endpoint Authentication Method",
+            "authorization-code": "authorization code",
+            "client-credentials": "client credentials",
+            "client-description": "Description",
+            "client-description-help": "Human-readable text description",
+            "client-description-placeholder": "Type a description",
+            "client-id": "Client ID",
+            "client-id-help": "Unique identifier. If you leave this blank it will be automatically generated.",
+            "client-id-placeholder": "Client ID will be automatically generated",
+            "client-name": "Client name",
+            "client-name-help": "Human-readable application name",
+            "client-name-placeholder": "Type something",
+            "client-secret": "Client Secret",
+            "client-secret-placeholder": "Type a secret",
+            "contacts": "Contacts",
+            "contacts-help": "List of contacts for administrators of this client.",
+            "contacts-placeholder": "new contact",
+            "credentials": "Credentials",
+            "crypto": {
+                "a128cbc-hs256": "Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)",
+                "a256cbc-hs512": "Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)",
+                "a128gcm": "AES GCM using 128 bit keys",
+                "a256gcm": "AES GCM using 256 bit keys",
+                "a128kw": "AES Key Wrap Algorithm using 128 bit keys",
+                "a256kw": "AES Key Wrap Algorithm using 256 bit keys",
+                "default": "Use server default",
+                "dir": "Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step",
+                "ecdh-es": "Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key",
+                "ecdh-es-a128kw": "Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function",
+                "ecdh-es-a256kw": "Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function",
+                "none": "No encryption",
+                "rsa-oaep": "RSAES using Optimal Asymmetric Encryption Padding (OAEP)",
+                "rsa1-5": "RSAES-PKCS1-V1_5"
+            },
+            "cryptography": "Crypto",
+            "device": "device",
+            "device-code-timeout": "Device Code Timeout",
+            "display-secret": "Display/edit client secret:",
+            "edit": "Edit Client",
+            "generate-new-secret": "Generate a new client secret?",
+            "generate-new-secret-help": "New secret will be generated when you click 'Save'",
+            "generate-on-save": "Generate on Save",
+            "grant-types": "Grant Types",
+            "home": "Home Page",
+            "home-help": "URL for the client's home page, will be displayed to the user",
+            "hours": "hours",
+            "id": "ID:",
+            "id-token-crypto-algorithm": "ID Token Encryption Algorithm",
+            "id-token-crypto-method": "ID Token Encryption Method",
+            "id-token-signing-algorithm": "ID Token Signing Algorithm",
+            "id-token-timeout": "ID Token Timeout",
+            "implicit": "implicit",
+            "initiate-login": "Initiate Login",
+            "initiate-login-help": "URL to initiate login on the client",
+            "introspection": "Introspection",
+            "jwk-set": "Public Key Set",
+            "jwk-set-help": "URL for the client's JSON Web Key set (must be reachable by the server)",
+            "jwk-set-value-help": "URL for the client's JSON Web Key set (must be reachable by the server)",
+            "logo": "Logo",
+            "logo-help": "URL that points to a logo image, will be displayed on approval page",
+            "main": "Main",
+            "max-age": "Default Max Age",
+            "max-age-help": "Default maximum session age before re-prompting",
+            "minutes": "minutes",
+            "new": "New Client",
+            "other": "Other",
+            "pairwise": "Pairwise",
+            "password": "password",
+            "policy": "Policy Statement",
+            "policy-help": "URL for the Policy Statement of this client, will be displayed to the user",
+            "post-logout": "Post-Logout Redirect",
+            "post-logout-help": "URL to redirect the client to after a logout operation",
+            "public": "Public",
+            "redelegation": "redelegation",
+            "redirect-uris": "Redirect URI(s)",
+            "redirect-uris-help": "URIs that the client can be redirected to after the authorization page",
+            "claims-redirect-uris": "Claims Redirect URI(s)",
+            "claims-redirect-uris-help": "URIs that the client can be redirected to after the claims gathering flow",
+            "refresh": "refresh",
+            "refresh-tokens": "Refresh Tokens",
+            "refresh-tokens-issued": "Refresh tokens are issued for this client",
+			"refresh-tokens-issued-help": "This will add the offline_access scope to the client's scopes.",
+            "refresh-tokens-reused": "Refresh tokens for this client are re-used",
+            "clear-access-tokens": "Active access tokens are automatically revoked when the refresh token is used",
+            "refresh-tokens-no-expire": "Refresh tokens do not time out",
+            "registered": "Registered at",
+            "registration-token": "Registration Token:",
+            "registration-access-token": "Registration Access Token",
+            "registration-token-error": "There was a problem loading the registration access token for this client.",
+            "request-object-signing-algorithm": "Request Object Signing Algorithm",
+            "request-uri": "Request URIs",
+            "request-uri-help": "URIs containing request objects used by this client",
+            "require-auth-time": "Require Authentication Time",
+            "require-auth-time-label": "Always require that the auth_time claim be sent in the id token",
+            "response-types": "Response Types",
+            "rotate-registration-token": "Rotate registration token",
+            "rotate-registration-token-confirm": "Are you sure you want to rotate this client's registration token?",
+            "rotate-registration-token-error": "There was a problem rotating the registration access token for this client.",
+            "saved": {
+                "no-secret": "No client secret",
+                "saved": "Client Saved",
+                "secret": "Secret:",
+                "show-secret": "Show Secret",
+                "unchanged": "unchanged"
+            },
+            "scope-placeholder": "new scope",
+            "scope-help": "OAuth scopes this client is allowed to request",
+            "seconds": "seconds",
+            "secret-asymmetric-jwt": "Asymmetrically-signed JWT assertion",
+            "secret-http": "Client Secret over HTTP Basic",
+            "secret-none": "No authentication",
+            "secret-post": "Client Secret over HTTP POST",
+            "secret-symmetric-jwt": "Client Secret via symmetrically-signed JWT assertion",
+            "sector-identifier": "Sector Identifier URI",
+            "signing": {
+                "any": "Any allowed",
+                "default": "Use server default",
+                "es256": "ECDSA using P-256 curve and SHA-256 hash algorithm",
+                "es384": "ECDSA using P-384 curve and SHA-384 hash algorithm",
+                "es512": "ECDSA using P-512 curve and SHA-512 hash algorithm",
+                "hs256": "HMAC using SHA-256 hash algorithm",
+                "hs384": "HMAC using SHA-384 hash algorithm",
+                "hs512": "HMAC using SHA-512 hash algorithm",
+                "none": "No digital signature",
+                "rs256": "RSASSA using SHA-256 hash algorithm",
+                "rs384": "RSASSA using SHA-384 hash algorithm",
+                "rs512": "RSASSA using SHA-512 hash algorithm",
+				"ps256": "RSASSA-PSS using SHA-256 and MGF1 with SHA-256",
+				"ps384": "RSASSA-PSS using SHA-384 and MGF1 with SHA-384",
+				"ps512": "RSASSA-PSS using SHA-512 and MGF1 with SHA-512"
+            },
+            "software-id": "Software ID",
+            "software-id-placeholder": "software ID...",
+            "software-id-help": "Identifier for the software in this client",
+            "software-statement": "Software Statement",
+            "software-statement-placeholder": "eyj0...",
+            "software-statement-help": "A software statement is issued by a trusted third party and locks certain elements of a client's registration",
+            "software-version": "Software Version",
+            "software-version-placeholder": "1.0...",
+            "software-version-help": "Version of the software in this client",
+            "subject-type": "Subject Type",
+            "terms": "Terms of Service",
+            "terms-help": "URL for the Terms of Service of this client, will be displayed to the user",
+            "token-signing-algorithm": "Token Endpoint Authentication Signing Algorithm",
+            "tokens": "Tokens",
+            "type": "Application Type",
+            "type-native": "Native",
+            "type-web": "Web",
+            "unknown": "(Unknown)",
+            "user-info-crypto-algorithm": "User Info Endpoint Encryption Algorithm",
+            "user-info-crypto-method": "User Info Endpoint Encryption Method",
+            "user-info-signing-algorithm": "User Info Endpoint Signing Algorithm",
+            "error": {
+            	"consistency": "Consistency error",
+            	"pairwise-sector": "Pairwise identifiers cannot be used with multiple redirect URIs unless a sector identifier URI is also registered.",
+            	"jwk-set": "JWK set error",
+            	"jwk-set-parse": "There was an error parsing the public key from the JSON Web Key set. Check the value and try again."
+            }
+        },
+        "client-table": {
+            "allow-introspection-tooltip": "This client can perform token introspection",
+            "confirm": "Are you sure sure you would like to delete this client?",
+            "dynamically-registered-tooltip": "This client was dynamically registered. Click to view registration access token",
+            "match": {
+                "contacts": "contacts",
+                "description": "description",
+                "homepage": "home page",
+                "id": "id",
+                "logo": "logo",
+                "name": "name",
+                "policy": "policy",
+                "redirect": "redirect uri",
+                "scope": "scope",
+                "terms": "terms of service",
+                "software-id": "software ID",
+                "software-version": "version"
+            },
+            "matched-search": "Matched search:",
+            "new": "New Client",
+            "no-clients": "There are no registered clients on this server.",
+            "no-matches": "There are no clients that match your search criteria.",
+            "no-redirect": "NO REDIRECT URI",
+            "registered": "Registered",
+            "search": "Search...",
+            "whitelist": "Whitelist",
+            "unknown": "at an unknown time"
+        },
+        "manage": "Manage Clients",
+        "more-info": {
+            "contacts": "Administrative Contacts:",
+            "home": "Home Page:",
+            "more": "more information",
+            "policy": "Policy:",
+            "terms": "Terms of Service:"
+        },
+        "newClient": "New Client"
+    },
+    "common": {
+        "cancel": "Cancel",
+        "client": "Client",
+        "clients": "Clients",
+        "close": "Close",
+        "delete": "Delete",
+        "description": "Description",
+        "dynamically-registered": "This client was dynamically registered",
+        "edit": "Edit",
+        "expires": "Expires:",
+        "information": "Information",
+        "new": "New",
+        "not-yet-implemented": "Not Yet Implemented",
+        "not-yet-implemented-content": "The value of this field will be saved with the client, but the server does not currently process anything with it. Future versions of the server library will make use of this.",
+        "revoke": "Revoke",
+        "save": "Save",
+        "scopes": "Scopes",
+        "statistics": "Statistics"
+    },
+    "dynreg": {
+        "client-id-placeholder": "Enter Client ID",
+        "configuration-url": "Client Configuration URL",
+        "edit-dynamically-registered": "Edit a Dynamically Registered Client",
+        "edit-existing": "Edit an existing client",
+        "edit-existing-help": "Use this form to edit a previously-registered client. Paste in your client ID and registration access token to access the client.",
+        "edit-existing-button": "Edit Client",
+        "invalid-access-token": "Invalid client or registration access token.",
+        "new-client": "Register a new client",
+        "new-client-help": "Use this form to register a new client with the authorization server. You will be given a client ID and a registration access token to manage your client.",
+        "new-client-button": "New Client",
+        "regtoken-placeholder": "Enter Registration Access Token",
+        "warning": "<strong>Warning!</strong> You MUST protect your <b>Client ID</b>, <b>Client Secret (if provided)</b>, and your <b>Registration Access Token</b>. If you lose your Client ID or Registration Access Token, you will no longer have access to your client's registration records and you will need to register a new client.",
+        "will-be-generated": "Will be generated by the server when the client is saved"
+    },
+    "grant": {
+        "manage-approved-sites": "Manage Approved Sites",
+        "refresh": "Refresh",
+        "grant-table": {
+            "active-tokens": "Number of currently active access tokens",
+            "application": "Application",
+            "approved-sites": "Approved Sites",
+            "authorized": "Authorized:",
+            "dynamically-registered": "This client was dynamically registered",
+            "expires": "Expires:",
+            "last-accessed": "Last accessed:",
+            "never": "Never",
+            "no-sites": "You have not approved any sites.",
+            "no-whitelisted": "You have not accessed any whitelisted sites.",
+            "pre-approved": "These are sites that have been pre-approved by an administrator.",
+            "text": "These are sites you have approved manually. If the same site asks for the same access in the future, it will be granted without prompting.",
+            "unknown": "Unknown",
+            "whitelist-note": "<b>NOTE:</b> If you revoke them here, they will automatically be re-approved on your next visit wthout prompting.",
+            "whitelisted-site": "This site was whitelisted by an adminstrator",
+            "whitelisted-sites": "Whitelisted Sites"
+        }
+    },
+    "rsreg": {
+        "resource-id-placeholder": "Enter Resource ID",
+        "configuration-url": "Client Configuration URL",
+        "edit": "Edit Protected Resource",
+        "edit-existing": "Edit an existing protected resource",
+        "edit-existing-help": "Use this form to edit a previously-registered resource. Paste in your client ID and registration access token to access the client.",
+        "edit-existing-button": "Edit Resource",
+        "invalid-access-token": "Invalid client or registration access token.",
+        "new-client": "Register a new protected resource",
+        "new-client-help": "Use this form to register a new resource with the authorization server. You will be given a client ID and a registration access token to manage your resource.",
+        "new-client-button": "New Resource",
+        "regtoken-placeholder": "Enter Registration Access Token",
+        "will-be-generated": "Will be generated by the server when the resource is saved",
+        "warning": "<strong>Warning!</strong> You MUST protect your <b>Client ID</b>, <b>Client Secret (if provided)</b>, and your <b>Registration Access Token</b>. If you lose your Client ID or Registration Access Token, you will no longer have access to your client's registration records and you will need to register a new client.",
+        "client-form": {
+        	"scope-help": "Scopes that this resource will be able to introspect tokens for."
+        }
+    },
+    "scope": {
+        "manage": "Manage System Scopes",
+        "scope-list": {
+            "no-scopes": "NO SCOPES"
+        },
+        "system-scope-form": {
+            "default": "default scope",
+            "default-help": "Newly-created clients get this scope by default?",
+            "description-help": "Human-readable text description",
+            "description-placeholder": "Type a description",
+            "restricted": "restricted",
+            "restricted-help": "Restricted scopes are only usable by system administrators and are unavailable to dynamically registered clients and protected resources",
+            "edit": "Edit Scope",
+            "icon": "Icon",
+            "new": "New Scope",
+            "select-icon": "Select an icon",
+            "subject-type": "Subject Type",
+            "value": "Scope value",
+            "value-help": "Single string with no spaces",
+            "value-placeholder": "scope"
+        },
+        "system-scope-table": {
+            "confirm": "Are you sure sure you would like to delete this scope? Clients that have this scope will still be able to ask for it.",
+            "new": "New Scope",
+            "text": "There are no system scopes defined. Clients may still have custom scopes.",
+            "tooltip-restricted": "This scope can be used only by administrators. It is not available for dynamic registration.",
+            "tooltip-default": "This scope is automatically assigned to newly registered clients."
+        }
+    },
+    "token": {
+        "manage": "Manage Active Tokens",
+        "token-table": {
+            "access-tokens": "Access Tokens",
+            "associated-id": "This access token was issued with an associated ID token.",
+            "associated-refresh": "This access token was issued with an associated refresh token.",
+            "click-to-display": "Click to display full token value",
+            "confirm": "Are you sure sure you would like to revoke this token?",
+            "confirm-refresh": "Are you sure you would like to revoke this refresh token and its associated access tokens?",
+            "expires": "Expires",
+            "no-access": "There are no active access tokens.",
+            "no-refresh": "There are no active refresh tokens.",
+            "number-of-tokens": "Number of associated access tokens",
+            "refresh-tokens": "Refresh Tokens",
+            "text": "Access tokens are usually short-lived and provide clients with access to specific resources. ID Tokens are specialized access tokens to facilitate log on using OpenID Connect.",
+            "text-refresh": "Refresh tokens are usually long-lived and provide clients with the ability to get new access tokens without end-user involvement.",
+            "token-info": "Token Information"
+        }
+    },
+    "whitelist": {
+        "confirm": "Are you sure you want to delete this whitelist entry?",
+        "edit": "Edit Whitelist",
+        "manage": "Manage Whitelisted Sites",
+        "new": "New Whitelist",
+        "whitelist": "Whitelist",
+        "whitelist-form": {
+            "allowed-scopes": "Allowed Scopes",
+            "edit": "Edit Whitelisted Site",
+            "new": "New Whitelisted Site",
+            "scope-help": "List of scopes that will be automatically approved when this client makes a request",
+            "scope-placeholder": "new scope"
+        },
+        "whitelist-table": {
+            "no-sites": "There are no whitelisted sites. Use the <strong>whitelist</strong> button on the client management page to create one."
+        }
+    },
+    "blacklist": {
+    	"text": "Blacklisted URIs cannot be used as redirect URIs by any registered clients, whether in the admin interface or in dynamic registration.",
+    	"blacklist-uri-placeholder": "blacklist uri",
+    	"add": "Add URI to blacklist",
+    	"empty": "There are no blacklisted URIs on this server.",
+    	"uri": "URI"
+    },
+	"copyright": "Powered by <a href=\"https://github.com/mitreid-connect/\">MITREid Connect <span class=\"label\">{0}</span></a> <span class=\"pull-right\">&copy; 2018 The MIT Internet Trust Consortium.</span>.",
+	"about": {
+		"title": "About",
+		"body": "\nThis OpenID Connect service is built from the MITREid Connect Open Source project, from \nthe <a href=\"http://www.trust.mit.edu/\">MIT Internet Trust Consortium</a>.\n</p>\n<p>\nMore information about the project can be found at \n<a href=\"http://github.com/mitreid-connect/\">MITREid Connect on GitHub</a>. \nThere, you can submit bug reports, give feedback, or even contribute code patches for additional features you'd like to see."
+	},
+	"statistics": {
+		"title": "Statistics",
+		"number_users": "Number of users: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
+		"number_clients": "Authorized clients: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
+		"number_approvals": "Approved sites: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
+	},
+    "home": {
+    	"title": "Home",
+    	"welcome": {
+    		"title": "Welcome!",
+			"body": "\nOpenID Connect is an internet-scale federated identity protocol built on top of the OAuth2 authorization framework. \nOpenID Connect lets you log into a remote site using your identity without exposing your credentials, like a username and password.</p>\n<p><a class=\"btn btn-primary btn-large\" href=\"http://openid.net/connect/\">Learn more &raquo;</a>"
+		},
+		"more": "More",
+		"about": {
+			"title": "About",
+			"body": "This OpenID Connect service is built from the MITREid Connect Open Source project, from \nthe <a href=\"http://www.trust.mit.edu/\">MIT Internet Trust Consortium</a>."
+		},
+		"contact": {
+			"title": "Contact",
+			"body": "\nFor more information or support, contact the administrators of this system.</p>\n<p><a class=\"btn\" href=\"mailto:idp@example.com?Subject=OpenID Connect\">Email &raquo;</a>"
+		},
+		"statistics": {
+			"title": "Current Statistics",
+			"loading": "Loading...",
+			"number_users": "Number of users: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
+			"number_clients": "Authorized clients: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
+			"number_approvals": "Approved sites: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
+		}
+	},
+	"contact": {
+		"title": "Contact",
+		"body": "To report bugs with the MITREid Connect software itself, use the \n<a href=\"https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues\">GitHub issue tracker</a>. \nFor problems relating to this server, contact the server's administrator."
+	},
+	"topbar": {
+		"about": "About",
+		"contact": "Contact",
+		"statistics": "Statistics",
+		"home": "Home",
+		"login": "Log in",
+		"logout": "Log out"
+	},
+	"sidebar": {
+		"administrative": {
+			"title": "Administrative",
+			"manage_clients": "Manage Clients",
+			"whitelisted_clients": "Whitelisted Clients",
+			"blacklisted_clients": "Blacklisted Clients",
+			"system_scopes": "System Scopes"
+		},
+		"personal": {
+			"title": "Personal",
+			"approved_sites": "Manage Approved Sites",
+			"active_tokens": "Manage Active Tokens",
+			"profile_information": "View Profile Information"
+		},
+		"developer": {
+			"title": "Developer",
+			"client_registration": "Self-service client registration",
+			"resource_registration": "Self-service protected resource registration"
+		}
+	},
+	"manage": {
+		"ok": "OK",
+		"loading": "Loading",
+		"title": "Management Console"
+	},
+    "approve": {
+    	"dynamically-registered-unknown": "at an unknown time",
+		"title": "Approve Access",
+		"error": {
+			"not_granted": "Access could not be granted."
+		},
+		"required_for": "Approval Required for",
+		"dynamically_registered": "This client was dynamically registered <span class=\"label label-info\" id=\"registrationTime\">{0}</span>.",
+		"caution": {
+			"title": "Caution",
+			"message": {
+				"none": "It has <span class=\"label label-important\">never</span> been approved previously.",
+				"singular": "It has been approved <span class=\"label label-warning\">{0}</span> time previously.",
+				"plural": "It has been approved <span class=\"label\">{0}</span> times previously."
+			}
+		},
+		"more_information": "more information",
+		"home_page": "Home page",
+		"policy": "Policy",
+		"terms": "Terms of Service",
+		"contacts": "Administrative Contacts",
+		"warning": "Warning",
+		"no_redirect_uri": "This client does not have any redirect URIs registered and someone could be using a malicious URI here.",
+		"redirect_uri": "You will be redirected to the following page if you click Approve: <code>{0}</code>",
+		"pairwise": "This client uses a <b>pairwise</b> identifier, which makes it more difficult to correlate your identity between sites.",
+		"no_scopes": "This client does not have any scopes registered and is therefore allowed to request <em>any</em> scopes available on the system. Proceed with caution.",
+		"access_to": "Access to",
+		"remember": { 
+			"title": "Remember this decision",
+			"until_revoke": "remember this decision until I revoke it",
+			"one_hour": "remember this decision for one hour",
+			"next_time": "prompt me again next time"
+		},
+		"do_authorize": "Do you authorize",
+		"label": {
+			"authorize": "Authorize",
+			"deny": "Deny"
+		}
+	},
+	"error": {
+		"title": "Error",
+		"header": "Error",
+		"header-with-message": "Error: ",
+		"reload": "Additionally, it looks like you're not logged in. Reload the page to try again. You will likely lose any unsaved work.",
+		"reload-button": "Reload",
+		"message": "There was an error processing your request.",
+		"server-message": "The server said: "
+	},
+	"login": {
+		"login_with_username_and_password": "Login with Username and Password",
+		"username": "Username",
+		"password": "Password",
+		"login-button": "Login",
+		"error": "The system was unable to log you in. Please try again."
+	},
+	"device": {
+		"request_code": {
+			"title": "Enter Code",
+			"header": "Enter Code",
+			"description": "Enter the code displayed on your device into the box below and press submit",
+			"submit": "Submit"
+		},
+		"error": {
+			"noUserCode": "The code that you entered was not found.",
+			"expiredUserCode": "The code that you entered has expired. Return to your device and request a new code.",
+			"userCodeAlreadyApproved": "The code that you entered has already been used.",
+			"userCodeMismatch": "There was an error processing the code you entered. Try refreshing the page and returning to your device to request a new code.",
+			"error": "There was an error processing the code you entered. Return to your device and request a new code."
+		},
+		"approve": {
+			"approved": "The device has been approved.",
+			"notApproved": "The device has not been approved."
+		}
+	},
+	"logout": {
+		"confirmation": {
+			"title": "Logout requested",
+			"header": "Logout Requested",
+			"requested": "Logout has been requested by ",
+			"explanation": "Do you want to log out of the identity provider? This will not affect your session at any other systems.",
+			"submit": "Log Out",
+			"deny": "Stay Logged In"
+		},
+		"post": {
+			"title": "Log out",
+			"header": "Log Out",
+			"notLoggedOut": "You have not been logged out of the identity server. You may close this browser or log in again.",
+			"loggedOut": "You have been logged out of the identity server."
+		}
+	}
+}
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/sv/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/sv/messages.json
new file mode 100644
index 000000000..05ff5077e
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/sv/messages.json
@@ -0,0 +1,436 @@
+{
+    "admin": {
+        "blacklist": "Svartlista",
+        "blacklist-form": {
+            "blacklisted-uris": "Svarlistade länkar"
+        },
+        "home": "Hem",
+        "manage-blacklist": "Administrera svartlistade klienter",
+        "list-widget": {
+            "empty": "Det finns inget innehåll i denna lista."
+        },
+        "self-service-client": "Self-service klientregistrering",
+        "self-service-resource": "Self-service registrering av skyddad resurs",
+        "user-profile": {
+            "claim": "Claim-namn:",
+            "show": "Visa profilinformation",
+            "text": "Din användarprofil innehåller följande information:",
+            "value": "Claim-värde:"
+        }
+    },
+    "client": {
+        "client-form": {
+            "access": "Behörigheter",
+            "access-token-timeout": "Livslängd för access-token",
+            "access-token-no-timeout": "Access-token har oändlig livslängd",
+            "acr-values": "Default ACR-värden",
+            "acr-values-placeholder": "nytt ACR-värde",
+            "token-timeout-help": "Ange tiden i sekunder, timmar eller minuter.",
+            "allow-introspection": "Tillåt anrop till introspektionsfunktionen?",
+            "authorization-code": "auktoriseringskod",
+            "authentication-method": "Autentiseringsmetod för att hämta ut nycklar (token endpoint)",
+            "client-credentials": "klienthemligheter",
+            "client-description": "Beskrivning",
+            "client-description-help": "Läsbar och begriplig text som beskriver klienten",
+            "client-description-placeholder": "Mata in en beskrivning",
+            "client-id": "Klient-ID",
+            "client-id-help": "Unik identifierare. Om du lämnar detta fält tomt kommer ett nytt ID genereras automatiskt",
+            "client-id-placeholder": "Skriv någonting",
+            "client-name": "Klientnamn",
+            "client-name-help": "Läsbart och begripligt namn på klienten",
+            "client-name-placeholder": "Skriv någonting",
+            "client-password": "lösenord",
+            "client-secret": "Klienthemlighet",
+            "client-secret-placeholder": "Mata in en hemlighet",
+            "contacts": "Kontakter",
+            "contacts-help": "Lista med e-postadresser till administratörer av denna klient.",
+            "contacts-placeholder": "ny kontakt",
+            "credentials": "Hemligheter",
+            "crypto": {
+                "a128cbc-hs256": "Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)",
+                "a128gcm": "AES GCM using 128 bit keys",
+                "a128kw": "AES Key Wrap algoritm med 128-bitars nycklar",
+                "a256cbc-hs512": "Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)",
+                "a256gcm": "AES GCM using 256 bit keys",
+                "a256kw": "AES Key Wrap algoritm med 256-bitars nycklar",
+                "default": "Använd serverns standard-algoritm",
+                "dir": "Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step",
+                "ecdh-es": "Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key",
+                "ecdh-es-a128kw": "Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function",
+                "ecdh-es-a256kw": "Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function",
+                "none": "Ingen kryptering",
+                "rsa-oaep": "RSAES med Optimal Asymmetric Encryption Padding (OAEP)",
+                "rsa1-5": "RSAES-PKCS1-V1_5"
+            },
+            "cryptography": "Kryptografi",
+            "display-secret": "Visa/editera klientens hemlighet:",
+            "edit": "Ändra klient",
+            "generate-new-secret": "Generera en ny klienthemlighet?",
+            "generate-new-secret-help": "En ny hemlighet kommer att genereras när du klickar på 'Save'",
+            "generate-on-save": "Genereras vid sparande",
+            "grant-types": "Grant-typer",
+            "home": "Hemsida",
+            "home-help": "Länk till tjänstens hemsida. Den visas på bekräftelsesidan.",
+            "hours": "timmar",
+            "id": "ID:",
+            "id-token-crypto-algorithm": "Krypteringsalgoritm för ID-token",
+            "id-token-crypto-method": "Krypteringsmetod för ID-token",
+            "id-token-signing-algorithm": "Signeringsalgoritm för ID-token",
+            "id-token-timeout": "Livslängd för ID-token",
+            "implicit": "implicit",
+            "intiate-login": "Initiera inloggning",
+             "intiate-login-help": "Länk för att initiera inloggning i klienten",
+            "introspection": "Introspektion",
+            "jwk-set": "JWK Set",
+            "jwk-set-help": "Länk till klientens JSON Webb-nyckel-set",
+            "logo": "Logotyp",
+            "logo-help": "Länk till en logotyp. Den visas på bekräftelsesidan.",
+            "main": "Basinformation",
+            "max-age": "Max sessions-längd",
+            "max-age-help": "Default maximal sessions-längd innan användaren tillfrågas igen",
+            "minutes": "minuter",
+            "new": "Ny klient",
+            "other": "Övrigt",
+            "pairwise": "Parvis",
+            "policy": "Policy-information",
+            "policy-help": "Länk till en sida som beskriver tjänstens policy. Den visas på bekräftelsesidan.",
+            "post-logout": "Omdirigering efter utloggning",
+            "post-logout-help": "Länk att omdirigera användaren till efter en utloggning",
+            "public": "Publik",
+            "redelegation": "redelegation",
+            "redirect-uris": "Omdirigieringslänkar",
+            "refresh": "refresh",
+            "refresh-tokens": "Refresh-tokens",
+            "refresh-tokens-issued": "Refresh-tokens delas ut till denna klient",
+            "refresh-tokens-reused": "Refresh-tokens återanvänds för denna klient",
+            "refresh-tokens-no-expire": "Refresh-tokens har oändlig livslängd",
+            "registered": "Registrerad",
+            "registration-token": "Registerings-token:",
+            "registration-access-token": "Registrerings-access-token",
+            "registration-token-error": "Något problem uppstod när denna klients registrerings-access-token skulle hämtas.",
+            "request-object-signing-algorithm": "Signeringsalgoritm för request-object ",
+            "request-uri": "Request-länkar",
+            "require-auth-time": "Kräv authentication-time",
+            "require-auth-time-label": "Kräv att auth_time-claim alltid skickas med id_token",
+            "response-types": "Svarstyper",
+            "rotate-registration-token": "Rotera registerings-token",
+            "rotate-registration-token-confirm": "Är du säker på att du vill rotera denna klients registerings-token?",
+            "rotate-registration-token-error": "Något problem uppstod när denna klients registrerings-token skulle roteras.",
+            "saved": {
+                "no-secret": "Ingen klienthemlighet",
+                "saved": "Klienten är sparad",
+                "secret": "Hemlighet:",
+                "show-secret": "Visa hemlighet",
+                "unchanged": "oförändrad"
+            },
+            "scope-placeholder": "new scope",
+            "seconds": "sekunder",
+            "secret-asymmetric-jwt": "Asymmetriskt signerad JWT assertion",
+            "secret-http": "Klienthemlighet över HTTP Basic",
+            "secret-none": "Ingen autentisering",
+            "secret-post": "Klienthemlighet över HTTP POST",
+            "secret-symmetric-jwt": "Klienthemlighet via symmetriskt signerad JWT assertion",
+            "sector-identifier": "Sector Identifier-länk",
+            "sector-identifier-help": "Sector Identifier för JavaScript.",
+            "signing": {
+                "any": "Valfri tillåten",
+                "default": "Använd serverns standard-algoritm",
+                "es256": "ECDSA med P-256-kurva och SHA-256 hash-algoritm",
+                "es384": "ECDSA med P-384-kurva och SHA-384 hash-algoritm",
+                "es512": "ECDSA med P-512-kurva och SHA-512 hash-algoritm",
+                "hs256": "HMAC med SHA-256 hash-algoritm",
+                "hs384": "HMAC med SHA-384 hash-algoritm",
+                "hs512": "HMAC med SHA-512 hash-algoritm",
+                "none": "Ingen digital signatur",
+                "rs256": "RSASSA med SHA-256 hash-algoritm",
+                "rs384": "RSASSA med SHA-384 hash-algoritm",
+                "rs512": "RSASSA med SHA-512 hash-algoritm"
+            },
+            "subject-type": "Subjekttyp",
+            "terms": "Villkor för tjänsten",
+            "terms-help": "Länk till en sida som beskriver villkor för tjänsten. Den visas på bekräftelsesidan.",
+            "token-signing-algorithm": "Signeringsalgoritm för vald autentiseringsmetod",
+            "token-timeout-help": "Ange tiden i sekunder, timmar eller minuter.",
+            "tokens": "Nycklar",
+            "type": "Typ av tjänst",
+            "type-native": "App",
+            "type-web": "Webb",
+            "user-info-crypto-algorithm": "Krypteringsalgoritm för user-info",
+            "user-info-crypto-method": "Krypteringsmetod för user-info",
+            "user-info-signing-algorithm": "Signeringsalgoritm för user-info"
+        },
+        "client-table": {
+            "allow-introspection-tooltip": "Denna klient kan utföra token-introspektion",
+            "confirm": "Är du säker på att du vill ta bort denna klient?",
+            "dynamically-registered-tooltip": "Denna klient registrerades dynamiskt. Klicka för att se registrerings-access-token",
+            "match": {
+                "contacts": "kontakter",
+                "description": "beskrivning",
+                "homepage": "hemsida",
+                "id": "id",
+                "logo": "logotyp",
+                "name": "namn",
+                "policy": "policy",
+                "redirect": "omdirigeringslänk",
+                "scope": "scope",
+                "terms": "villkor för tjänsten"
+            },
+            "matched-search": "Matchade sökning:",
+            "new": "Ny klient",
+            "no-clients": "Det finns inga klienter registrerade.",
+            "no-matches": "Det finns inga klienter som matchar din sökning.",
+            "no-redirect": "REDIRECT-LÄNK SAKNAS",
+            "registered": "Registrerad",
+            "search": "Sök...",
+            "whitelist": "Vitlista"
+        },
+        "manage": "Administrera klienter",
+        "more-info": {
+            "contacts": "Administrativ kontakt:",
+            "home": "Webbplats:",
+            "more": "mer information",
+            "policy": "Policy:",
+            "terms": "Villkor för tjänsten"
+        },
+        "newClient": "Ny klient"
+    },
+    "common": {
+        "cancel": "Avbryt",
+        "client": "Klient",
+        "clients": "Klienter",
+        "close": "Stäng",
+        "delete": "Ta bort",
+        "description": "Beskrivning",
+        "dynamically-registered": "Denna klient registrerades dynamiskt",
+        "edit": "Ändra",
+        "expires": "Går ut:",
+        "information": "Information",
+        "new": "Ny",
+        "not-yet-implemented": "Ännu inte implementerad",
+        "not-yet-implemented-content": "Värdet i detta fält kommer att sparas i databasen, men servern gör för närvarande ingenting med det. Framtida versioner av server-biblioteket kommer att använda detta fält.",
+        "refresh": "Uppdatera",
+        "revoke": "Återkalla",
+        "save": "Spara",
+        "scopes": "Scope",
+        "statistics": "Statistik"
+    },
+    "dynreg": {
+        "client-id-placeholder": "Mata in klient-ID",
+        "configuration-url": "Konfigurationslänk för klienten",
+        "edit-dynamically-registered": "Ändra en dynamiskt registrerad klient",
+        "edit-existing": "Ändra en befintlig klient",
+        "edit-existing-help": "Klistra in ditt klient-ID och registrerings-access-token för att komma åt klienten.",
+        "invalid-access-token": "Ogiltig klient eller registration-access-token.",
+        "new-client": "Registrera en ny klient",
+        "or": " - ELLER - ",
+        "regtoken-placeholder": "Mata in registration-access-token",
+        "warning": "<strong>Varning!</strong> Du MÅSTE bevara <b>ditt klient-ID</b>, <b>din klienthemlighet (om sådan tillhandahålls)</b> och <b>din registrerings-access-token</b>. Om du tappar bort ditt klient-ID eller regstrerings-access-token kommer du inte längre att ha tillgång till din klients registerinformation och måste då skapa en ny klient",
+        "will-be-generated": "Kommer att genereras"
+    },
+    "grant": {
+        "manage-approved-sites": "Administrera godkända webbplatser",
+        "refresh": "Uppdatera",
+        "grant-table": {
+            "active-tokens": "Antal nu aktiva åtkomst-tokens",
+            "application": "Webbplats",
+            "approved-sites": "Godkända webbplatser",
+            "authorized": "Auktoriserad:",
+            "dynamically-registered": "Denna klient registrerades dynamiskt",
+            "last-accessed": "Senast använd:",
+            "never": "Aldrig",
+            "no-sites": "Du har inte godkänt någon webbplats.",
+            "no-whitelisted": "Du har inte besökt några vitlistade webbplatser.",
+            "pre-approved": "Detta är webbplatser som är godkända i förväg av en administratör.",
+            "text": "Det här är webbplatser som du själv har godkänt. Om en av dessa webbplatser begär samma information igen blir det medgivet utan att du blir tillfrågad.",
+            "unknown": "Okänt",
+            "whitelist-note": "<b>OBS:</b> Om du återkallar dem kommer de automatiskt att godkännas igen nästa gång du besöker dem utan att du blir tillfrågad.",
+            "whitelisted-site": "Denna webbplats är vitlistad av en administratör",
+            "whitelisted-sites": "Vitlistade webbplatser"
+        }
+    },
+    "rsreg": {
+        "resource-id-placeholder": "Mata in resurs-ID",
+        "configuration-url": "Konfigurationslänk för resursen",
+        "edit-existing": "Ändra en befintlig resurs",
+        "edit-existing-help": "Klistra in ditt resurs-ID och registrerings-access-token för att komma åt resursens egenskaper.",
+        "invalid-access-token": "Ogiltig resurs eller registration-access-token.",
+        "new": "Registrera en ny resurs",
+        "edit": "Ändra en befintlig resurs",
+        "new-resource": "Registrera en ny resurs",
+        "regtoken-placeholder": "Mata in registration-access-token",
+        "warning": "<strong>Varning!</strong> Du MÅSTE bevara <b>ditt klient-ID</b>, <b>din klienthemlighet (om sådan tillhandahålls)</b> och <b>din registrerings-access-token</b>. Om du tappar bort ditt klient-ID eller regstrerings-access-token kommer du inte längre att ha tillgång till din klients registerinformation och måste då skapa en ny klient"
+    },
+    "scope": {
+        "manage": "Administrera system-scope",
+        "scope-list": {
+            "no-scopes": "INGA SCOPE"
+        },
+        "system-scope-form": {
+            "default": "default scope",
+            "default-help": "Ny klienter får detta scope per default?",
+            "description-help": "En begriplig, läsbar beskrivning",
+            "description-placeholder": "Mata in en beskrivning",
+            "dynamic": "tillåt dynamisk registrering",
+            "dynamic-help": "Tillåt dynamiskt registrerade klienter att begära detta scope?",
+            "edit": "Ändra scope",
+            "icon": "Ikon",
+            "new": "Nytt scope",
+            "select-icon": "Välj en ikon",
+            "structured": "är ett scope med struktur",
+            "structured-help": "Har detta scope strukturerade värden som <code>base:extension</code>?",
+            "structured-param-help": "Läsbar och begriplig beskrivning av den strukturerade parametern",
+            "value": "Scope-värde",
+            "value-help": "Ett ord utan mellanslag",
+            "value-placeholder": "scope"
+        },
+        "system-scope-table": {
+            "confirm": "Är du säker på att du vill ta bort detta scope? Klienter som har detta scope kommer att kunna fortsätta att begära det.",
+            "new": "Nytt scope",
+            "text": "Det finns inga system-scope definierade. Klienter kan ändå ha speciellt anpassade scope.",
+            "tooltip-dynamic": "Detta scope är tillgängligt för dynamiskt registrerade klienter"
+        }
+    },
+    "token": {
+        "manage": "Administrera aktiva tokens",
+        "token-table": {
+            "access-tokens": "Access-token",
+            "associated-id": "Denna access-token utfärdades med en tillhörande ID-token.",
+            "associated-refresh": "Denna access-token utfärdades med en tillhörande refresh-token.",
+            "click-to-display": "Klicka för att visa hela biljettvärdet",
+            "confirm": "Är du säker på att du vill återkalla denna biljett?",
+            "confirm-refresh": "Är du säker på att du vill återkalla denna refresh-token och de access-token som tillhör?",
+            "no-access": "Det finns inga aktuella access-tokens.",
+            "no-refresh": "Det finns inga aktiva refresh-tokens.",
+            "number-of-tokens": "Antal utfärdade access-tokens",
+            "refresh-tokens": "Refresh-token",
+            "text": "Biljetter för åtkomst (access-tokens) är vanligtvis kortlivade och ger klienter tillgång till specifika resurser. ID-tokens är speciella åtkomstbiljetter för att underlätta autentisering med OpenID Connect.",
+            "text-refresh": "Biljetter för förnyelse (refresh-tokens) är vanligtvis långlivade och ger klienter möjligheten att skaffa nya åtkomstbiljetter utan att involvera slutanvändaren.",
+            "token-info": "Biljettinformation"
+        }
+    },
+    "whitelist": {
+        "confirm": "Är du säker på att du vill ta bort den här klienten ifrån vitlistan?",
+        "edit": "Redigera vitlista",
+        "manage": "Administrera vitlistade webbplatser",
+        "new": "Ny vitlista",
+        "whitelist": "Vitlista",
+        "whitelist-form": {
+            "allowed-scopes": "Tillåtna scope",
+            "edit": "Ändra vitlistad webbplats",
+            "new": "Ny vitlistad webbplats"
+        },
+        "whitelist-table": {
+            "no-sites": "Det finns inga vitlistade webbplatser. Använd knappen <strong>vitlista</strong> på klientadminstrationssidan för att skapa en."
+        }
+    },
+	"copyright": "Levererat av <a href=\"https://github.com/mitreid-connect/\">MITREid Connect <span class=\"label\">{0}</span></a> <span class=\"pull-right\">&copy; 2016 MITRE Corporation och MIT Internet Trust Consortium.</span>.",
+	"about": {
+		"title": "Om&nbsp;tjänsten",
+		"body": "\nDenna OpenID Connect-tjänst är baserad på öppen källkod ifrån projektet MITREid, skapat av \n<a href=\"http://www.mitre.org/\">MITRE Corporation</a> och <a href=\"http://www.trust.mit.edu/\">MIT Internet Trust Consortium</a>.\n</p>\n<p>\nMer information om projektet kan finns i projektet \n<a href=\"http://github.com/mitreid-connect/\">MITREid Connect på GitHub</a>. \nDär kan du skicka in felrapporter, komma med återkoppling, eller till och med bidra med kodtillägg för ytterligare funktioner du skulle vilja ha."
+	},
+	"statistics": {
+		"title": "Statistik",
+		"number_users": "Antal användare: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
+		"number_clients": "Auktoriserade klienter: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
+		"number_approvals": "Godkända webbplatser: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
+	},
+    "home": {
+		"title": "Hem",
+		"welcome": {
+			"title": "Välkommen!",
+			"body": "\nOpenID Connect är ett internet-kapabelt federerat identitetsprotokoll byggt ovanpå autentiseringsramverket OAuth2. \nOpenID Connect låter dig logga in på en webbplats med din identitet utan att avslöja dina inloggningshemligheter, som ett användarnamn och lösenord.</p>\n<p><a class=\"btn btn-primary btn-large\" href=\"http://openid.net/connect/\">Lär dig mer &raquo;</a>"
+		},
+		"more": "Mer",
+		"about": {
+			"title": "Om&nbsp;tjänsten",
+			"body": "\nDenna OpenID Connect-tjänst är byggd från det öpnna källkodsprojektet MITREid, av \n<a href=\"http://www.mitre.org/\">MITRE Corporation</a> och <a href=\"http://www.trust.mit.edu/\">MIT Internet Trust Consortium</a>."
+		},
+		"contact": {
+			"title": "Kontakt",
+			"body": "\nFör mer information eller användarstöd, kontakta administratörerna av detta system.</p>\n<p><a class=\"btn\" href=\"mailto:idp@example.com?Subject=OpenID Connect\">E-post &raquo;</a>"
+		},
+		"statistics": {
+			"title": "Nuvarande statistik",
+			"loading": "Laddar...",
+			"number_users": "Antal användare: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
+			"number_clients": "Auktoriserade klienter: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
+			"number_approvals": "Godkända webbplatser: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
+		}
+    },
+	"contact": {
+		"title": "Kontakt",
+		"body": "\nFör att rapportera fel i själva programvaran MITREid Connect, använd \n<a href=\"https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues\">GitHub issue tracker</a>. \nFör problem som är specifika för denna server, kontakta tjänstens administrator."
+	},
+	"topbar": {
+		"about": "Om&nbsp;tjänsten",
+		"contact": "Kontakt",
+		"statistics": "Statistik",
+		"home": "Hem",
+		"login": "Logga in",
+		"logout": "Logga ut"
+	},
+	"sidebar": {
+		"administrative": {
+			"title": "Administrativt",
+			"manage_clients": "Hantera klienter",
+			"whitelisted_clients": "Vitlistade klienter",
+			"blacklisted_clients": "Svartlistade klienter",
+			"system_scopes": "System-scope"
+		},
+		"personal": {
+			"title": "Personligt",
+			"approved_sites": "Hantera godkända platser",
+			"active_tokens": "Hantera aktiva biljetter",
+			"profile_information": "Visa profilinformation"
+		},
+		"developer": {
+			"title": "Utvecklare",
+			"client_registration": "Self-service klientregistering",
+			"resource_registration": "Self-service registrering av skyddad resurs"
+		}
+	},
+	"manage": {
+		"ok": "OK",
+		"loading": "Laddar",
+		"title": "Administrationsgränssnitt"
+	},
+    "approve": {
+    	"dynamically-registered-unknown": "(Okänt)",
+		"title": "Medge åtkomst",
+		"error": {
+			"not_granted": "Åtkomst kunde inte medges."
+		},
+		"required_for": "Åtkomst måste medges för",
+		"dynamically_registered": "Denna klient blev registrerad dynamiskt <span class=\"label label-info\" id=\"registrationTime\">{0}</span>.",
+		"caution": {
+			"title": "Försiktigt",
+			"message": {
+				"none": "Den har <span class=\"label label-important\">aldrig</span> tidigare blivit medgiven åtkomst.",
+				"singular": "Den har tidigare blivit medgiven åtkomst <span class=\"label label-warning\">{0}</span> gång.",
+				"plural": "Den har tidigare blivit medgiven åtkomst <span class=\"label\">{0}</span> gånger."
+			}
+		},
+		"more_information": "mer information",
+		"home_page": "Hemsida",
+		"policy": "Policy",
+		"terms": "Användarvillkor",
+		"contacts": "Administrativ kontakt",
+		"warning": "Varning",
+		"no_redirect_uri": "Denna klient har inte någon omdirigerings URI registrerad och någon kan använda en skadlig URI hit.",
+		"redirect_uri": "Du kommer att omdirigeras till denna sida om du medger åtkomst: <code>{0}</code>",
+		"pairwise": "Denna klient använder en <b>pairwise</b>-identifierare, vilket gör det svårare att koppla samman dina identititer mellan olika webbplatser.",
+		"no_scopes": "Denna klient har inga \"scopes\" registrerade och kan därför begära <em>alla</em> scope som finns tillgängliga i systemet. Iakttag försiktighet.",
+		"access_to": "Åtkomst till",
+		"remember": { 
+			"title": "Kom ihåg detta val",
+			"until_revoke": "tills jag återkallar det",
+			"one_hour": "i en timme",
+			"next_time": "fråga igen nästa gång"
+		},
+		"do_authorize": "Medger du åtkomst för",
+		"label": {
+			"authorize": "Medge åtkomst",
+			"deny": "Avbryt"
+		}
+	}
+}
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh/messages.json
new file mode 100644
index 000000000..716bb3625
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh/messages.json
@@ -0,0 +1,490 @@
+{
+    "admin": {
+        "blacklist": "黑名单",
+        "blacklist-form": {
+            "blacklisted-uris": "列入黑名单的URI"
+        },
+        "home": "首页",
+        "list-widget": {
+            "empty": "此列表为空。",
+            "tooltip": "单击显示全部值。"
+        },
+        "manage-blacklist": "管理列入黑名单的客户端",
+        "self-service-client": "自助服务-客户端注册",
+        "self-service-resource": "自助服务-受保护资源注册",
+        "user-profile": {
+            "claim": "声明项",
+            "show": "查看用户信息",
+            "text": "您的用户信息如下：",
+            "value": "内容"
+        }
+    },
+    "client": {
+        "client-form": {
+            "access": "访问",
+            "access-token-no-timeout": "访问令牌不时间",
+            "access-token-timeout": "访问令牌超时",
+            "access-token-timeout-help": "输入时间（秒、分钟或小时）。",
+            "acr-values": "默认ACR值",
+            "acr-values-placeholder": "新的ACR值",
+            "acr-values-help": "用于请求该客户端的默认身份验证上下文参考",
+            "allow-introspection": "允许调用内省端点？",
+            "authentication-method": "令牌端点认证方法",
+            "authorization-code": "授权码",
+            "client-credentials": "客户端凭证",
+            "client-description": "描述",
+            "client-description-help": "人类可读的文本描述",
+            "client-description-placeholder": "填入说明描述",
+            "client-id": "客户端ID",
+            "client-id-help": "唯一标识符。如果不填则系统会自动生成一个。",
+            "client-id-placeholder": "输入一些字符",
+            "client-name": "客户端名称",
+            "client-name-help": "人类可读的应用程序名称",
+            "client-name-placeholder": "输入一些字符",
+            "client-secret": "客户端密钥",
+            "client-secret-placeholder": "输入密钥",
+            "contacts": "联系人",
+            "contacts-help": "此客户端管理员的联系人名单。",
+            "contacts-placeholder": "新联系人",
+            "credentials": "凭据",
+            "crypto": {
+                "a128cbc-hs256": "复合认证加密算法，采用密码块链（CBC）模式AES，以PKCS #5填充，完整性计算使用HMAC SHA-256，并使用256位的CMK（和128位CEK）",
+                "a256cbc-hs512": "复合认证加密算法，采用密码块链（CBC）模式AES，以PKCS #5填充，完整性计算使用HMAC SHA-512，并使用512位的CMK（和256位CEK）",
+                "a128gcm": "AES GCM使用128位的密钥",
+                "a256gcm": "AES GCM使用256位的密钥",
+                "a128kw": "AES密钥封装算法使用128位的密钥",
+                "a256kw": "AES密钥封装算法使用256位的密钥",
+                "default": "使用服务器默认",
+                "dir": "直接使用一个共享对称密钥作为块加密的内容主密钥（CMK）",
+                "ecdh-es": "椭圆曲线Diffie-Hellman短时静态密钥协议（使用Concat KDF），商定的密钥被直接用作内容主密钥（CMK）",
+                "ecdh-es-a128kw": "椭圆曲线Diffie-Hellman短时静态密钥协议（使用ECDH-ES和第4.7小节），但商定的密钥是用以A128KW函数封装内容主密钥（CMK）",
+                "ecdh-es-a256kw": "椭圆曲线Diffie-Hellman短时静态密钥协议（使用ECDH-ES和第4.7小节），但商定的密钥是用以A256KW函数封装内容主密钥（CMK）",
+                "none": "不加密",
+                "rsa-oaep": "RSAES使用最优不对称加密填充（OAEP）",
+                "rsa1-5": "RSAES-PKCS1-V1_5"
+            },
+            "cryptography": "密码",
+            "display-secret": "显示/编辑客户端密钥：",
+            "edit": "编辑客户端",
+            "generate-new-secret": "生成一个新的客户端密钥吗？",
+            "generate-new-secret-help": "当点击“保存”时生成新的密钥",
+            "generate-on-save": "保存时生成",
+            "grant-types": "批准的类型",
+            "home": "主页",
+            "home-help": "客户端首页的URL，将显示给用户",
+            "hours": "小时",
+            "id": "ID：",
+            "id-token-crypto-algorithm": "身份令牌加密算法",
+            "id-token-crypto-method": "身份令牌加密方法",
+            "id-token-signing-algorithm": "身份令牌签名算法",
+            "id-token-timeout": "身份令牌超时",
+            "implicit": "隐式的",
+            "initiate-login": "初始化登录",
+            "initiate-login-help": "启动登录客户端的URL",
+            "introspection": "自省",
+            "jwk-set": "公钥集",
+            "jwk-set-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
+            "jwk-set-value-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
+            "logo": "标志（Logo)",
+            "logo-help": "标志（Logo）图像的URL，将显示在批准页",
+            "main": "首要",
+            "max-age": "默认最长有效时间",
+            "max-age-help": "再提示之前的默认最长会话有效时间",
+            "minutes": "分钟",
+            "new": "新客户端",
+            "other": "其它",
+            "pairwise": "Pairwise对",
+            "password": "密码",
+            "policy": "政策声明",
+            "policy-help": "此客户端的政策声明链接，将显示给用户",
+            "post-logout": "注销后重定向",
+            "post-logout-help": "客户端注销操作后的重定向URL",
+            "public": "公共",
+            "redelegation": "重新授权",
+            "redirect-uris": "重定向URI",
+            "redirect-uris-help": "在授权页面之后客户端重定向URI",
+            "claims-redirect-uris": "声明重定向URI",
+            "claims-redirect-uris-help": "在声明收集步骤之后浏览器跳转至的目的地址",
+            "refresh": "刷新",
+            "refresh-tokens": "刷新令牌",
+            "refresh-tokens-issued": "为此客户端发布的刷新令牌",
+            "refresh-tokens-issued-help": "这将把 offline_access 加入客户端的范围。",
+            "refresh-tokens-reused": "此客户端的刷新令牌被重用",
+            "clear-access-tokens": "当刷新令牌用过之后，已激活的访问令牌自动失效",
+            "refresh-tokens-no-expire": "刷新令牌尚未过期",
+            "registered": "注册于",
+            "registration-token": "注册令牌：",
+            "registration-access-token": "注册访问令牌",
+            "registration-token-error": "无法为此客户端下载注册访问令牌。",
+            "request-object-signing-algorithm": "请求对象签名算法",
+            "request-uri": "请求的URI",
+            "request-uri-help": "URI包含此客户端使用的请求对象",
+            "require-auth-time": "需要身份认证时间(auth_time)",
+            "require-auth-time-label": "总是需要在身份令牌中包含auth_time声明",
+            "response-types": "响应类型",
+            "rotate-registration-token": "旋转注册令牌",
+            "rotate-registration-token-confirm": "你确定你想旋转这个客户端的登录令牌？",
+            "rotate-registration-token-error": "无法旋转该客户端的注册访问令牌。",
+            "saved": {
+                "no-secret": "没有客户端密钥",
+                "saved": "客户端已保存",
+                "secret": "密钥：",
+                "show-secret": "显示密钥",
+                "unchanged": "不变"
+            },
+            "scope-placeholder": "新范围",
+            "scope-help": "OAuth范围允许客户端请求",
+            "seconds": "秒",
+            "secret-asymmetric-jwt": "非对称签名JWT断言",
+            "secret-http": "客户端密钥经由HTTP Basic",
+            "secret-none": "没有认证",
+            "secret-post": "客户端密钥经由HTTP POST",
+            "secret-symmetric-jwt": "客户端密钥经由对称签名JWT断言",
+            "sector-identifier": "扇区标识符URI",
+            "signing": {
+                "any": "允许",
+                "default": "使用服务器默认",
+                "es256": "ECDSA采用P-256曲线和SHA-256哈希算法",
+                "es384": "ECDSA采用P-384曲线及SHA-384哈希算法",
+                "es512": "ECDSA采用P-512曲线及SHA-512哈希算法",
+                "hs256": "HMAC使用SHA-256哈希算法",
+                "hs384": "HMAC使用SHA-384哈希算法",
+                "hs512": "HMAC使用SHA-512哈希算法",
+                "none": "没有数字签名",
+                "rs256": "RSASSA使用SHA-256哈希算法",
+                "rs384": "RSASSA采用SHA-384哈希算法",
+                "rs512": "RSASSA使用SHA-512哈希算法",
+                "ps256": "采用SHA-256和MGF1的RSASSA-PSS算法",
+                "ps384": "采用SHA-384和MGF1的RSASSA-PSS算法",
+                "ps512": "采用SHA-512和MGF1的RSASSA-PSS算法"
+            },
+            "subject-type": "主体类型",
+            "terms": "服务条款",
+            "terms-help": "此客户服务条款的URL，将向用户显示",
+            "token-signing-algorithm": "令牌端点认证签名算法",
+            "tokens": "令牌",
+            "type": "应用类型",
+            "type-native": "原生应用",
+            "type-web": "网络应用",
+            "unknown": "（未知）",
+            "user-info-crypto-algorithm": "用户信息端点加密算法",
+            "user-info-crypto-method": "用户信息端点加密方法",
+            "user-info-signing-algorithm": "用户信息端点签名算法"
+        },
+        "client-table": {
+            "allow-introspection-tooltip": "这个客户端可以执行令牌自省",
+            "confirm": "你确定要删除这个客户端？",
+            "dynamically-registered-tooltip": "这个客户端是动态注册的。点击查看注册访问令牌",
+            "match": {
+                "contacts": "联系人",
+                "description": "描述",
+                "homepage": "主页",
+                "id": "身份",
+                "logo": "标志",
+                "name": "名称",
+                "policy": "政策",
+                "redirect": "重定向URI",
+                "scope": "范围",
+                "terms": "服务条款"
+            },
+            "matched-search": "匹配搜索：",
+            "new": "新客户端",
+            "no-clients": "此服务器上没有注册的客户端。",
+            "no-matches": "没有匹配搜索条件的客户端。",
+            "no-redirect": "没有重定向URI",
+            "registered": "注册于",
+            "search": "搜索……",
+            "whitelist": "白名单",
+            "unknown": "一个未知的时间"
+        },
+        "manage": "管理客户端",
+        "more-info": {
+            "contacts": "管理员联系方式：",
+            "home": "主页",
+            "more": "更多信息",
+            "policy": "政策",
+            "terms": "服务条款："
+        },
+        "newClient": "新客户端"
+    },
+    "common": {
+        "cancel": "取消",
+        "client": "客户端",
+        "clients": "客户端",
+        "close": "关闭",
+        "delete": "删除",
+        "description": "描述",
+        "dynamically-registered": "这个客户端是动态注册的",
+        "edit": "编辑",
+        "expires": "到期：",
+        "information": "信息",
+        "new": "新建",
+        "not-yet-implemented": "未实现",
+        "not-yet-implemented-content": "这个字段的值将于客户端保存，但服务器目前不处理任何事情。服务器的未来库版本将利用它。",
+        "revoke": "撤销",
+        "save": "保存",
+        "scopes": "范围",
+        "statistics": "统计",
+        "refresh": "刷新",
+        "scope": "范围",
+        "users": "用户",
+        "user": "用户",
+        "roles": "角色",
+        "role": "角色",
+        "email": "电子邮箱",
+        "active": "已激活",
+        "inactive": "未激活"
+    },
+    "dynreg": {
+        "client-id-placeholder": "输入客户端ID",
+        "configuration-url": "客户端配置URL",
+        "edit-dynamically-registered": "编辑动态注册的客户端",
+        "edit-existing": "编辑一个现有的客户端",
+        "edit-existing-help": "用于编辑之前已注册的客户端。粘贴您的客户端ID和注册访问令牌，以便访问该客户端。",
+        "edit-existing-button": "编辑客户端",
+        "invalid-access-token": "无效的客户端或注册访问令牌。",
+        "new-client": "注册新客户端",
+        "new-client-help": "用于注册新的客户端。请提供客户端ID和注册访问令牌，以便管理您的客户端。",
+        "new-client-button": "新建客户端",
+        "regtoken-placeholder": "输入注册访问令牌",
+        "warning": "<strong>警告！</strong>你必须保护好<b>客户端ID </b>，<b>客户密钥（如果提供）</b>，以及您的<b>注册访问令牌</b>。如果你丢失了客户端ID或注册访问令牌，将无法访问您的客户端注册记录，你需要注册一个新客户端。",
+        "will-be-generated": "当保存客户端信息将由服务器生成"
+    },
+    "grant": {
+        "manage-approved-sites": "管理批准的网站",
+        "refresh": "刷新",
+        "grant-table": {
+            "active-tokens": "当前活跃的访问令牌数量",
+            "application": "应用程序",
+            "approved-sites": "许可站点",
+            "authorized": "授权：",
+            "dynamically-registered": "这个客户端是动态注册的",
+            "expires": "到期：",
+            "last-accessed": "上次访问：",
+            "never": "从未",
+            "no-sites": "还未批准任何网站。",
+            "no-whitelisted": "还未访问任何白名单的网站。",
+            "pre-approved": "这些都是预先由管理员批准的网站。",
+            "text": "这些都是您已经手动批准的网站。如果同一网站将来要进行同样的访问，它将直接通过、且没有提示。",
+            "unknown": "未知",
+            "whitelist-note": "<b>注：</b>如果你在此撤销它们，它们将在您下次访问时不经提示即被自动重新批准。",
+            "whitelisted-site": "这个网站由管理员列入白名单中",
+            "whitelisted-sites": "白名单的网站"
+        }
+    },
+    "rsreg": {
+        "resource-id-placeholder": "输入资源ID",
+        "configuration-url": "客户端配置URL",
+        "edit": "编辑受保护的资源",
+        "edit-existing": "编辑现有的保护资源",
+        "edit-existing-help": "用于编辑之前已注册的资源。请提供您的客戶端ID和注册访问令牌来访问资源的属性。",
+        "edit-existing-button": "编辑资源",
+        "invalid-access-token": "无效的客户端或注册访问令牌。",
+        "new-client": "注册新的受保护资源",
+        "new-client-help": "用于注册新的资源。请提供客户端ID和注册访问令牌，以便管理您的资源。",
+        "new-client-button": "新建资源",
+        "regtoken-placeholder": "输入注册访问令牌",
+        "will-be-generated": "当保存资源信息将由服务器生成",
+        "warning": "<strong>警告！</strong>你必须保护好<b>客户端ID </b>，<b>客户密钥（如果提供）</b>，以及<b>注册访问令牌</b>。如果丢失了客户端ID或注册访问令牌，将无法再次获得您的客户端注册记录，你需要注册一个新客户端。",
+        "client-form": {
+            "scope-help": "这个资源能够自省令牌的范围。"
+        }
+    },
+    "scope": {
+        "manage": "管理系统范围",
+        "scope-list": {
+            "no-scopes": "没有范围"
+        },
+        "system-scope-form": {
+            "default": "默认范围",
+            "default-help": "新创建的用户默认情况下获得这个范围？",
+            "description-help": "人类可读的文本描述",
+            "description-placeholder": "输入说明",
+            "restricted": "限制",
+            "restricted-help": "限制范围只能由系统管理员使用，可用动态注册客户和保护资源",
+            "edit": "编辑范围",
+            "icon": "图标",
+            "new": "新范围",
+            "select-icon": "选择图标",
+            "structured": "是一个结构化的范围",
+            "structured-help": "范围结构化是否包含如<code>base:extension</code>的结构化值？",
+            "structured-param-help": "人类可读的结构化参数描述",
+            "subject-type": "主体类型",
+            "value": "范围值",
+            "value-help": "不含空格的单个字符串",
+            "value-placeholder": "范围"
+        },
+        "system-scope-table": {
+            "confirm": "你确定要删除此范围？引用了此范围的客户端还需要它。",
+            "new": "新范围",
+            "text": "尚未定义系统范围。客户可自定义范围。",
+            "tooltip-restricted": "此范围只能由管理员使用。它不能用于动态注册。",
+            "tooltip-default": "这个范围将自动分配给新注册的客户。"
+        }
+    },
+    "token": {
+        "manage": "管理活动的令牌",
+        "token-table": {
+            "access-tokens": "访问令牌",
+            "associated-id": "这个访问令牌附带相关的身份令牌。",
+            "associated-refresh": "这个访问令牌附带相关的刷新令牌。",
+            "click-to-display": "点击显示完整的令牌值",
+            "confirm": "你确定要撤销这个令牌？",
+            "confirm-refresh": "你确定要撤销这个刷新令牌及其相关的访问令牌？",
+            "expires": "过期",
+            "no-access": "没有活动的访问令牌。",
+            "no-refresh": "没有活动的刷新令牌。",
+            "number-of-tokens": "关联的访问令牌数量",
+            "refresh-tokens": "刷新令牌",
+            "text": "访问令牌通常是短暂的，供客户端访问特定的资源。身份令牌是采用OpenID Connect协议登录的、专门的访问令牌。",
+            "text-refresh": "刷新令牌通常是长期的，以便客户端能无需用户介入即可获取新的访问令牌。",
+            "token-info": "令牌的信息"
+        }
+    },
+    "whitelist": {
+        "confirm": "你确定要删除这个白名单项？",
+        "edit": "编辑白名单",
+        "manage": "管理列入白名单的网站",
+        "new": "新白名单",
+        "whitelist": "白名单",
+        "whitelist-form": {
+            "allowed-scopes": "允许范围",
+            "edit": "编辑白名单的网站",
+            "new": "新增白名单网站",
+            "scope-help": "当客户端发出请求列表时将自动批准的范围",
+            "scope-placeholder": "新范围"
+        },
+        "whitelist-table": {
+            "no-sites": "白名单列表为空。使用<strong>白名单</strong>按钮在客户端管理页面创建一个。"
+        }
+    },
+    "blacklist": {
+        "text": "被拉黑的网站URI将无法用做注册客户端的重定向地址（无论是在管理界面中添加、还是动态注册，都不会成功）。",
+        "blacklist-uri-placeholder": "要拉黑的网站URI",
+        "add": "将网站URI加入黑名单",
+        "empty": "当前黑名单为空",
+        "uri": "URI"
+    },
+    "copyright": "基于<a href=\"https://github.com/mitreid-connect/\">MITREid Connect <span class=\"label\">{0}</span></a>技术构建 <span class=\"pull-right\">&copy; 2016 MITRE公司及MIT因特网信任联盟</span>.",
+    "about": {
+        "title": "关于",
+        "body": "\n此OpenID Connect服务基于开源的MITREid Connect项目，该项目来自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特网信任联盟</a>。\n</p>\n<p>\n有关项目的更多信息可见 \n<a href=\"http://github.com/mitreid-connect/\">GitHub上的MITREid Connect项目</a>。 \n在那儿，您可以提交bug报告、提交反馈甚或提交代码补丁。"
+    },
+    "statistics": {
+        "title": "统计",
+        "number_users": "用户数: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
+        "number_clients": "授权的客户端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
+        "number_approvals": "已批准的站点: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
+    },
+    "home": {
+        "title": "首页",
+        "welcome": {
+            "title": "欢迎！",
+			"body": "\nOpenID Connect是适于因特网部署的身份联邦认证服务器，基于OAuth2授权框架之上的OpenID Connect技术构建。\nOpenID Connect让您无需暴露自己的用户名、密码即可便捷登录网站。</p>\n<p><a class=\"btn btn-primary btn-large\" href=\"http://openid.net/connect/\">了解更多信息&raquo;</a>"
+        },
+        "more": "更多",
+        "about": {
+            "title": "关于",
+            "body": "本服务基于开源的MITREid Connect项目，该项目来自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特网信任联盟</a>。"
+        },
+        "contact": {
+            "title": "联系方式",
+            "body": "\n如需更多的信息和支持，请联系本系统的管理员。</p>\n<p><a class=\"btn\" href=\"mailto:idp@example.com?Subject=OpenID Connect\">电子信箱 &raquo;</a>"
+        },
+        "statistics": {
+            "title": "当前统计",
+            "loading": "加载……",
+            "number_users": "用户数: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
+            "number_clients": "授权的客户端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
+            "number_approvals": "已批准的站点: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
+        }
+    },
+    "contact": {
+        "title": "联系方式",
+        "body": "如果要报告有关MITREid Connect软件自身的bug，请访问\n<a href=\"https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues\">GitHub issue追踪系统</a>。 \n有关当前服务器的问题，请联系服务器管理员。"
+    },
+    "topbar": {
+        "about": "关于",
+        "contact": "联系方式",
+        "statistics": "统计",
+        "home": "首页",
+        "login": "登录",
+        "logout": "注销"
+    },
+    "sidebar": {
+        "administrative": {
+            "title": "管理",
+            "manage_clients": "管理客户端",
+            "whitelisted_clients": "白名单",
+            "blacklisted_clients": "黑名单",
+            "system_scopes": "系统范围"
+        },
+        "personal": {
+            "title": "个人",
+            "approved_sites": "管理批准的网站",
+            "active_tokens": "管理活动的令牌",
+            "profile_information": "查看用户信息"
+        },
+        "developer": {
+            "title": "开发者自助服务",
+            "client_registration": "客户端注册",
+            "resource_registration": "保护资源注册"
+        }
+    },
+    "manage": {
+        "ok": "好的",
+        "loading": "加载",
+        "title": "管理控制台"
+    },
+    "approve": {
+        "dynamically-registered-unknown": "在一个未知的时间",
+        "title": "批准访问",
+        "error": {
+            "not_granted": "访问可能不获批准。"
+        },
+        "required_for": "有待批准",
+        "dynamically_registered": "此客户端已被动态注册了<span class=\"label label-info\" id=\"registrationTime\">{0}</span>次。",
+        "caution": {
+            "title": "注意",
+            "message": {
+                "none": "它之前<span class=\"label label-important\">从未</span>被批准。",
+                "singular": "它之前已被批准了<span class=\"label label-warning\">{0}</span>次。",
+                "plural": "它之前已被批准了<span class=\"label\">{0}</span>次。"
+            }
+        },
+        "more_information": "更多信息",
+        "home_page": "主页",
+        "policy": "政策",
+        "terms": "服务条款",
+        "contacts": "管理人员",
+        "warning": "警告",
+        "no_redirect_uri": "该客户端没有注册任何重定向URI，可能被使用恶意的URI。",
+        "redirect_uri": "如果点击批准，您将被重定向至如下页面: <code>{0}</code>",
+        "pairwise": "该客户端使用<b>pairwise</b>标识符，这使得在不同站点间关联身份变得稍加困难。",
+        "no_scopes": "该客户端没有注册任何范围，因此允许请求系统可用的<em>any</em>(任意)范围。请务必谨慎处理。",
+        "access_to": "访问",
+        "remember": {
+            "title": "记住这个决定",
+            "until_revoke": "记住这个决定直到我撤销",
+            "one_hour": "记住该决定一个小时",
+            "next_time": "下次再提醒我"
+        },
+        "do_authorize": "是否授权",
+        "label": {
+            "authorize": "授权",
+            "deny": "拒绝"
+        }
+    },
+    "error": {
+    	"title": "错误",
+		"header": "错误:",
+		"message": "在处理您的请求过程中发生了错误。服务器信息为:"
+    },
+    "login": {
+		"login_with_username_and_password": "请使用您的用户名及密码登录",
+		"username": "用户名",
+		"password": "密码",
+		"login-button": "登录",
+		"error": "登录失败。请重试。"
+    }
+}
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_CN/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_CN/messages.json
new file mode 100644
index 000000000..716bb3625
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_CN/messages.json
@@ -0,0 +1,490 @@
+{
+    "admin": {
+        "blacklist": "黑名单",
+        "blacklist-form": {
+            "blacklisted-uris": "列入黑名单的URI"
+        },
+        "home": "首页",
+        "list-widget": {
+            "empty": "此列表为空。",
+            "tooltip": "单击显示全部值。"
+        },
+        "manage-blacklist": "管理列入黑名单的客户端",
+        "self-service-client": "自助服务-客户端注册",
+        "self-service-resource": "自助服务-受保护资源注册",
+        "user-profile": {
+            "claim": "声明项",
+            "show": "查看用户信息",
+            "text": "您的用户信息如下：",
+            "value": "内容"
+        }
+    },
+    "client": {
+        "client-form": {
+            "access": "访问",
+            "access-token-no-timeout": "访问令牌不时间",
+            "access-token-timeout": "访问令牌超时",
+            "access-token-timeout-help": "输入时间（秒、分钟或小时）。",
+            "acr-values": "默认ACR值",
+            "acr-values-placeholder": "新的ACR值",
+            "acr-values-help": "用于请求该客户端的默认身份验证上下文参考",
+            "allow-introspection": "允许调用内省端点？",
+            "authentication-method": "令牌端点认证方法",
+            "authorization-code": "授权码",
+            "client-credentials": "客户端凭证",
+            "client-description": "描述",
+            "client-description-help": "人类可读的文本描述",
+            "client-description-placeholder": "填入说明描述",
+            "client-id": "客户端ID",
+            "client-id-help": "唯一标识符。如果不填则系统会自动生成一个。",
+            "client-id-placeholder": "输入一些字符",
+            "client-name": "客户端名称",
+            "client-name-help": "人类可读的应用程序名称",
+            "client-name-placeholder": "输入一些字符",
+            "client-secret": "客户端密钥",
+            "client-secret-placeholder": "输入密钥",
+            "contacts": "联系人",
+            "contacts-help": "此客户端管理员的联系人名单。",
+            "contacts-placeholder": "新联系人",
+            "credentials": "凭据",
+            "crypto": {
+                "a128cbc-hs256": "复合认证加密算法，采用密码块链（CBC）模式AES，以PKCS #5填充，完整性计算使用HMAC SHA-256，并使用256位的CMK（和128位CEK）",
+                "a256cbc-hs512": "复合认证加密算法，采用密码块链（CBC）模式AES，以PKCS #5填充，完整性计算使用HMAC SHA-512，并使用512位的CMK（和256位CEK）",
+                "a128gcm": "AES GCM使用128位的密钥",
+                "a256gcm": "AES GCM使用256位的密钥",
+                "a128kw": "AES密钥封装算法使用128位的密钥",
+                "a256kw": "AES密钥封装算法使用256位的密钥",
+                "default": "使用服务器默认",
+                "dir": "直接使用一个共享对称密钥作为块加密的内容主密钥（CMK）",
+                "ecdh-es": "椭圆曲线Diffie-Hellman短时静态密钥协议（使用Concat KDF），商定的密钥被直接用作内容主密钥（CMK）",
+                "ecdh-es-a128kw": "椭圆曲线Diffie-Hellman短时静态密钥协议（使用ECDH-ES和第4.7小节），但商定的密钥是用以A128KW函数封装内容主密钥（CMK）",
+                "ecdh-es-a256kw": "椭圆曲线Diffie-Hellman短时静态密钥协议（使用ECDH-ES和第4.7小节），但商定的密钥是用以A256KW函数封装内容主密钥（CMK）",
+                "none": "不加密",
+                "rsa-oaep": "RSAES使用最优不对称加密填充（OAEP）",
+                "rsa1-5": "RSAES-PKCS1-V1_5"
+            },
+            "cryptography": "密码",
+            "display-secret": "显示/编辑客户端密钥：",
+            "edit": "编辑客户端",
+            "generate-new-secret": "生成一个新的客户端密钥吗？",
+            "generate-new-secret-help": "当点击“保存”时生成新的密钥",
+            "generate-on-save": "保存时生成",
+            "grant-types": "批准的类型",
+            "home": "主页",
+            "home-help": "客户端首页的URL，将显示给用户",
+            "hours": "小时",
+            "id": "ID：",
+            "id-token-crypto-algorithm": "身份令牌加密算法",
+            "id-token-crypto-method": "身份令牌加密方法",
+            "id-token-signing-algorithm": "身份令牌签名算法",
+            "id-token-timeout": "身份令牌超时",
+            "implicit": "隐式的",
+            "initiate-login": "初始化登录",
+            "initiate-login-help": "启动登录客户端的URL",
+            "introspection": "自省",
+            "jwk-set": "公钥集",
+            "jwk-set-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
+            "jwk-set-value-help": "客户端JSON Web Key集的URL (须可被服务器访问)",
+            "logo": "标志（Logo)",
+            "logo-help": "标志（Logo）图像的URL，将显示在批准页",
+            "main": "首要",
+            "max-age": "默认最长有效时间",
+            "max-age-help": "再提示之前的默认最长会话有效时间",
+            "minutes": "分钟",
+            "new": "新客户端",
+            "other": "其它",
+            "pairwise": "Pairwise对",
+            "password": "密码",
+            "policy": "政策声明",
+            "policy-help": "此客户端的政策声明链接，将显示给用户",
+            "post-logout": "注销后重定向",
+            "post-logout-help": "客户端注销操作后的重定向URL",
+            "public": "公共",
+            "redelegation": "重新授权",
+            "redirect-uris": "重定向URI",
+            "redirect-uris-help": "在授权页面之后客户端重定向URI",
+            "claims-redirect-uris": "声明重定向URI",
+            "claims-redirect-uris-help": "在声明收集步骤之后浏览器跳转至的目的地址",
+            "refresh": "刷新",
+            "refresh-tokens": "刷新令牌",
+            "refresh-tokens-issued": "为此客户端发布的刷新令牌",
+            "refresh-tokens-issued-help": "这将把 offline_access 加入客户端的范围。",
+            "refresh-tokens-reused": "此客户端的刷新令牌被重用",
+            "clear-access-tokens": "当刷新令牌用过之后，已激活的访问令牌自动失效",
+            "refresh-tokens-no-expire": "刷新令牌尚未过期",
+            "registered": "注册于",
+            "registration-token": "注册令牌：",
+            "registration-access-token": "注册访问令牌",
+            "registration-token-error": "无法为此客户端下载注册访问令牌。",
+            "request-object-signing-algorithm": "请求对象签名算法",
+            "request-uri": "请求的URI",
+            "request-uri-help": "URI包含此客户端使用的请求对象",
+            "require-auth-time": "需要身份认证时间(auth_time)",
+            "require-auth-time-label": "总是需要在身份令牌中包含auth_time声明",
+            "response-types": "响应类型",
+            "rotate-registration-token": "旋转注册令牌",
+            "rotate-registration-token-confirm": "你确定你想旋转这个客户端的登录令牌？",
+            "rotate-registration-token-error": "无法旋转该客户端的注册访问令牌。",
+            "saved": {
+                "no-secret": "没有客户端密钥",
+                "saved": "客户端已保存",
+                "secret": "密钥：",
+                "show-secret": "显示密钥",
+                "unchanged": "不变"
+            },
+            "scope-placeholder": "新范围",
+            "scope-help": "OAuth范围允许客户端请求",
+            "seconds": "秒",
+            "secret-asymmetric-jwt": "非对称签名JWT断言",
+            "secret-http": "客户端密钥经由HTTP Basic",
+            "secret-none": "没有认证",
+            "secret-post": "客户端密钥经由HTTP POST",
+            "secret-symmetric-jwt": "客户端密钥经由对称签名JWT断言",
+            "sector-identifier": "扇区标识符URI",
+            "signing": {
+                "any": "允许",
+                "default": "使用服务器默认",
+                "es256": "ECDSA采用P-256曲线和SHA-256哈希算法",
+                "es384": "ECDSA采用P-384曲线及SHA-384哈希算法",
+                "es512": "ECDSA采用P-512曲线及SHA-512哈希算法",
+                "hs256": "HMAC使用SHA-256哈希算法",
+                "hs384": "HMAC使用SHA-384哈希算法",
+                "hs512": "HMAC使用SHA-512哈希算法",
+                "none": "没有数字签名",
+                "rs256": "RSASSA使用SHA-256哈希算法",
+                "rs384": "RSASSA采用SHA-384哈希算法",
+                "rs512": "RSASSA使用SHA-512哈希算法",
+                "ps256": "采用SHA-256和MGF1的RSASSA-PSS算法",
+                "ps384": "采用SHA-384和MGF1的RSASSA-PSS算法",
+                "ps512": "采用SHA-512和MGF1的RSASSA-PSS算法"
+            },
+            "subject-type": "主体类型",
+            "terms": "服务条款",
+            "terms-help": "此客户服务条款的URL，将向用户显示",
+            "token-signing-algorithm": "令牌端点认证签名算法",
+            "tokens": "令牌",
+            "type": "应用类型",
+            "type-native": "原生应用",
+            "type-web": "网络应用",
+            "unknown": "（未知）",
+            "user-info-crypto-algorithm": "用户信息端点加密算法",
+            "user-info-crypto-method": "用户信息端点加密方法",
+            "user-info-signing-algorithm": "用户信息端点签名算法"
+        },
+        "client-table": {
+            "allow-introspection-tooltip": "这个客户端可以执行令牌自省",
+            "confirm": "你确定要删除这个客户端？",
+            "dynamically-registered-tooltip": "这个客户端是动态注册的。点击查看注册访问令牌",
+            "match": {
+                "contacts": "联系人",
+                "description": "描述",
+                "homepage": "主页",
+                "id": "身份",
+                "logo": "标志",
+                "name": "名称",
+                "policy": "政策",
+                "redirect": "重定向URI",
+                "scope": "范围",
+                "terms": "服务条款"
+            },
+            "matched-search": "匹配搜索：",
+            "new": "新客户端",
+            "no-clients": "此服务器上没有注册的客户端。",
+            "no-matches": "没有匹配搜索条件的客户端。",
+            "no-redirect": "没有重定向URI",
+            "registered": "注册于",
+            "search": "搜索……",
+            "whitelist": "白名单",
+            "unknown": "一个未知的时间"
+        },
+        "manage": "管理客户端",
+        "more-info": {
+            "contacts": "管理员联系方式：",
+            "home": "主页",
+            "more": "更多信息",
+            "policy": "政策",
+            "terms": "服务条款："
+        },
+        "newClient": "新客户端"
+    },
+    "common": {
+        "cancel": "取消",
+        "client": "客户端",
+        "clients": "客户端",
+        "close": "关闭",
+        "delete": "删除",
+        "description": "描述",
+        "dynamically-registered": "这个客户端是动态注册的",
+        "edit": "编辑",
+        "expires": "到期：",
+        "information": "信息",
+        "new": "新建",
+        "not-yet-implemented": "未实现",
+        "not-yet-implemented-content": "这个字段的值将于客户端保存，但服务器目前不处理任何事情。服务器的未来库版本将利用它。",
+        "revoke": "撤销",
+        "save": "保存",
+        "scopes": "范围",
+        "statistics": "统计",
+        "refresh": "刷新",
+        "scope": "范围",
+        "users": "用户",
+        "user": "用户",
+        "roles": "角色",
+        "role": "角色",
+        "email": "电子邮箱",
+        "active": "已激活",
+        "inactive": "未激活"
+    },
+    "dynreg": {
+        "client-id-placeholder": "输入客户端ID",
+        "configuration-url": "客户端配置URL",
+        "edit-dynamically-registered": "编辑动态注册的客户端",
+        "edit-existing": "编辑一个现有的客户端",
+        "edit-existing-help": "用于编辑之前已注册的客户端。粘贴您的客户端ID和注册访问令牌，以便访问该客户端。",
+        "edit-existing-button": "编辑客户端",
+        "invalid-access-token": "无效的客户端或注册访问令牌。",
+        "new-client": "注册新客户端",
+        "new-client-help": "用于注册新的客户端。请提供客户端ID和注册访问令牌，以便管理您的客户端。",
+        "new-client-button": "新建客户端",
+        "regtoken-placeholder": "输入注册访问令牌",
+        "warning": "<strong>警告！</strong>你必须保护好<b>客户端ID </b>，<b>客户密钥（如果提供）</b>，以及您的<b>注册访问令牌</b>。如果你丢失了客户端ID或注册访问令牌，将无法访问您的客户端注册记录，你需要注册一个新客户端。",
+        "will-be-generated": "当保存客户端信息将由服务器生成"
+    },
+    "grant": {
+        "manage-approved-sites": "管理批准的网站",
+        "refresh": "刷新",
+        "grant-table": {
+            "active-tokens": "当前活跃的访问令牌数量",
+            "application": "应用程序",
+            "approved-sites": "许可站点",
+            "authorized": "授权：",
+            "dynamically-registered": "这个客户端是动态注册的",
+            "expires": "到期：",
+            "last-accessed": "上次访问：",
+            "never": "从未",
+            "no-sites": "还未批准任何网站。",
+            "no-whitelisted": "还未访问任何白名单的网站。",
+            "pre-approved": "这些都是预先由管理员批准的网站。",
+            "text": "这些都是您已经手动批准的网站。如果同一网站将来要进行同样的访问，它将直接通过、且没有提示。",
+            "unknown": "未知",
+            "whitelist-note": "<b>注：</b>如果你在此撤销它们，它们将在您下次访问时不经提示即被自动重新批准。",
+            "whitelisted-site": "这个网站由管理员列入白名单中",
+            "whitelisted-sites": "白名单的网站"
+        }
+    },
+    "rsreg": {
+        "resource-id-placeholder": "输入资源ID",
+        "configuration-url": "客户端配置URL",
+        "edit": "编辑受保护的资源",
+        "edit-existing": "编辑现有的保护资源",
+        "edit-existing-help": "用于编辑之前已注册的资源。请提供您的客戶端ID和注册访问令牌来访问资源的属性。",
+        "edit-existing-button": "编辑资源",
+        "invalid-access-token": "无效的客户端或注册访问令牌。",
+        "new-client": "注册新的受保护资源",
+        "new-client-help": "用于注册新的资源。请提供客户端ID和注册访问令牌，以便管理您的资源。",
+        "new-client-button": "新建资源",
+        "regtoken-placeholder": "输入注册访问令牌",
+        "will-be-generated": "当保存资源信息将由服务器生成",
+        "warning": "<strong>警告！</strong>你必须保护好<b>客户端ID </b>，<b>客户密钥（如果提供）</b>，以及<b>注册访问令牌</b>。如果丢失了客户端ID或注册访问令牌，将无法再次获得您的客户端注册记录，你需要注册一个新客户端。",
+        "client-form": {
+            "scope-help": "这个资源能够自省令牌的范围。"
+        }
+    },
+    "scope": {
+        "manage": "管理系统范围",
+        "scope-list": {
+            "no-scopes": "没有范围"
+        },
+        "system-scope-form": {
+            "default": "默认范围",
+            "default-help": "新创建的用户默认情况下获得这个范围？",
+            "description-help": "人类可读的文本描述",
+            "description-placeholder": "输入说明",
+            "restricted": "限制",
+            "restricted-help": "限制范围只能由系统管理员使用，可用动态注册客户和保护资源",
+            "edit": "编辑范围",
+            "icon": "图标",
+            "new": "新范围",
+            "select-icon": "选择图标",
+            "structured": "是一个结构化的范围",
+            "structured-help": "范围结构化是否包含如<code>base:extension</code>的结构化值？",
+            "structured-param-help": "人类可读的结构化参数描述",
+            "subject-type": "主体类型",
+            "value": "范围值",
+            "value-help": "不含空格的单个字符串",
+            "value-placeholder": "范围"
+        },
+        "system-scope-table": {
+            "confirm": "你确定要删除此范围？引用了此范围的客户端还需要它。",
+            "new": "新范围",
+            "text": "尚未定义系统范围。客户可自定义范围。",
+            "tooltip-restricted": "此范围只能由管理员使用。它不能用于动态注册。",
+            "tooltip-default": "这个范围将自动分配给新注册的客户。"
+        }
+    },
+    "token": {
+        "manage": "管理活动的令牌",
+        "token-table": {
+            "access-tokens": "访问令牌",
+            "associated-id": "这个访问令牌附带相关的身份令牌。",
+            "associated-refresh": "这个访问令牌附带相关的刷新令牌。",
+            "click-to-display": "点击显示完整的令牌值",
+            "confirm": "你确定要撤销这个令牌？",
+            "confirm-refresh": "你确定要撤销这个刷新令牌及其相关的访问令牌？",
+            "expires": "过期",
+            "no-access": "没有活动的访问令牌。",
+            "no-refresh": "没有活动的刷新令牌。",
+            "number-of-tokens": "关联的访问令牌数量",
+            "refresh-tokens": "刷新令牌",
+            "text": "访问令牌通常是短暂的，供客户端访问特定的资源。身份令牌是采用OpenID Connect协议登录的、专门的访问令牌。",
+            "text-refresh": "刷新令牌通常是长期的，以便客户端能无需用户介入即可获取新的访问令牌。",
+            "token-info": "令牌的信息"
+        }
+    },
+    "whitelist": {
+        "confirm": "你确定要删除这个白名单项？",
+        "edit": "编辑白名单",
+        "manage": "管理列入白名单的网站",
+        "new": "新白名单",
+        "whitelist": "白名单",
+        "whitelist-form": {
+            "allowed-scopes": "允许范围",
+            "edit": "编辑白名单的网站",
+            "new": "新增白名单网站",
+            "scope-help": "当客户端发出请求列表时将自动批准的范围",
+            "scope-placeholder": "新范围"
+        },
+        "whitelist-table": {
+            "no-sites": "白名单列表为空。使用<strong>白名单</strong>按钮在客户端管理页面创建一个。"
+        }
+    },
+    "blacklist": {
+        "text": "被拉黑的网站URI将无法用做注册客户端的重定向地址（无论是在管理界面中添加、还是动态注册，都不会成功）。",
+        "blacklist-uri-placeholder": "要拉黑的网站URI",
+        "add": "将网站URI加入黑名单",
+        "empty": "当前黑名单为空",
+        "uri": "URI"
+    },
+    "copyright": "基于<a href=\"https://github.com/mitreid-connect/\">MITREid Connect <span class=\"label\">{0}</span></a>技术构建 <span class=\"pull-right\">&copy; 2016 MITRE公司及MIT因特网信任联盟</span>.",
+    "about": {
+        "title": "关于",
+        "body": "\n此OpenID Connect服务基于开源的MITREid Connect项目，该项目来自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特网信任联盟</a>。\n</p>\n<p>\n有关项目的更多信息可见 \n<a href=\"http://github.com/mitreid-connect/\">GitHub上的MITREid Connect项目</a>。 \n在那儿，您可以提交bug报告、提交反馈甚或提交代码补丁。"
+    },
+    "statistics": {
+        "title": "统计",
+        "number_users": "用户数: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
+        "number_clients": "授权的客户端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
+        "number_approvals": "已批准的站点: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
+    },
+    "home": {
+        "title": "首页",
+        "welcome": {
+            "title": "欢迎！",
+			"body": "\nOpenID Connect是适于因特网部署的身份联邦认证服务器，基于OAuth2授权框架之上的OpenID Connect技术构建。\nOpenID Connect让您无需暴露自己的用户名、密码即可便捷登录网站。</p>\n<p><a class=\"btn btn-primary btn-large\" href=\"http://openid.net/connect/\">了解更多信息&raquo;</a>"
+        },
+        "more": "更多",
+        "about": {
+            "title": "关于",
+            "body": "本服务基于开源的MITREid Connect项目，该项目来自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特网信任联盟</a>。"
+        },
+        "contact": {
+            "title": "联系方式",
+            "body": "\n如需更多的信息和支持，请联系本系统的管理员。</p>\n<p><a class=\"btn\" href=\"mailto:idp@example.com?Subject=OpenID Connect\">电子信箱 &raquo;</a>"
+        },
+        "statistics": {
+            "title": "当前统计",
+            "loading": "加载……",
+            "number_users": "用户数: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
+            "number_clients": "授权的客户端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
+            "number_approvals": "已批准的站点: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
+        }
+    },
+    "contact": {
+        "title": "联系方式",
+        "body": "如果要报告有关MITREid Connect软件自身的bug，请访问\n<a href=\"https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues\">GitHub issue追踪系统</a>。 \n有关当前服务器的问题，请联系服务器管理员。"
+    },
+    "topbar": {
+        "about": "关于",
+        "contact": "联系方式",
+        "statistics": "统计",
+        "home": "首页",
+        "login": "登录",
+        "logout": "注销"
+    },
+    "sidebar": {
+        "administrative": {
+            "title": "管理",
+            "manage_clients": "管理客户端",
+            "whitelisted_clients": "白名单",
+            "blacklisted_clients": "黑名单",
+            "system_scopes": "系统范围"
+        },
+        "personal": {
+            "title": "个人",
+            "approved_sites": "管理批准的网站",
+            "active_tokens": "管理活动的令牌",
+            "profile_information": "查看用户信息"
+        },
+        "developer": {
+            "title": "开发者自助服务",
+            "client_registration": "客户端注册",
+            "resource_registration": "保护资源注册"
+        }
+    },
+    "manage": {
+        "ok": "好的",
+        "loading": "加载",
+        "title": "管理控制台"
+    },
+    "approve": {
+        "dynamically-registered-unknown": "在一个未知的时间",
+        "title": "批准访问",
+        "error": {
+            "not_granted": "访问可能不获批准。"
+        },
+        "required_for": "有待批准",
+        "dynamically_registered": "此客户端已被动态注册了<span class=\"label label-info\" id=\"registrationTime\">{0}</span>次。",
+        "caution": {
+            "title": "注意",
+            "message": {
+                "none": "它之前<span class=\"label label-important\">从未</span>被批准。",
+                "singular": "它之前已被批准了<span class=\"label label-warning\">{0}</span>次。",
+                "plural": "它之前已被批准了<span class=\"label\">{0}</span>次。"
+            }
+        },
+        "more_information": "更多信息",
+        "home_page": "主页",
+        "policy": "政策",
+        "terms": "服务条款",
+        "contacts": "管理人员",
+        "warning": "警告",
+        "no_redirect_uri": "该客户端没有注册任何重定向URI，可能被使用恶意的URI。",
+        "redirect_uri": "如果点击批准，您将被重定向至如下页面: <code>{0}</code>",
+        "pairwise": "该客户端使用<b>pairwise</b>标识符，这使得在不同站点间关联身份变得稍加困难。",
+        "no_scopes": "该客户端没有注册任何范围，因此允许请求系统可用的<em>any</em>(任意)范围。请务必谨慎处理。",
+        "access_to": "访问",
+        "remember": {
+            "title": "记住这个决定",
+            "until_revoke": "记住这个决定直到我撤销",
+            "one_hour": "记住该决定一个小时",
+            "next_time": "下次再提醒我"
+        },
+        "do_authorize": "是否授权",
+        "label": {
+            "authorize": "授权",
+            "deny": "拒绝"
+        }
+    },
+    "error": {
+    	"title": "错误",
+		"header": "错误:",
+		"message": "在处理您的请求过程中发生了错误。服务器信息为:"
+    },
+    "login": {
+		"login_with_username_and_password": "请使用您的用户名及密码登录",
+		"username": "用户名",
+		"password": "密码",
+		"login-button": "登录",
+		"error": "登录失败。请重试。"
+    }
+}
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_TW/messages.json b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_TW/messages.json
new file mode 100644
index 000000000..9556e1330
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/locale/zh_TW/messages.json
@@ -0,0 +1,490 @@
+{
+    "admin": {
+        "blacklist": "黑名單",
+        "blacklist-form": {
+            "blacklisted-uris": "列入黑名單的URI"
+        },
+        "home": "首頁",
+        "list-widget": {
+            "empty": "此列表為空。",
+            "tooltip": "單擊顯示全部值。"
+        },
+        "manage-blacklist": "管理列入黑名單的客戶端",
+        "self-service-client": "自助服務-客戶端註冊",
+        "self-service-resource": "自助服務-受保護資源註冊",
+        "user-profile": {
+            "claim": "聲明項",
+            "show": "查看用戶資訊",
+            "text": "您的用戶資訊如下：",
+            "value": "內容"
+        }
+    },
+    "client": {
+        "client-form": {
+            "access": "訪問",
+            "access-token-no-timeout": "訪問令牌不時間",
+            "access-token-timeout": "訪問令牌超時",
+            "access-token-timeout-help": "輸入時間（秒、分鐘或小時）。",
+            "acr-values": "默認ACR值",
+            "acr-values-placeholder": "新的ACR值",
+            "acr-values-help": "用於請求該客戶端的默認身份驗證上下文參考",
+            "allow-introspection": "允許調用內省端點？",
+            "authentication-method": "令牌端點認證方法",
+            "authorization-code": "授權碼",
+            "client-credentials": "客戶端憑證",
+            "client-description": "描述",
+            "client-description-help": "人類可讀的文本描述",
+            "client-description-placeholder": "填入說明描述",
+            "client-id": "客戶端ID",
+            "client-id-help": "唯一標識符。如果不填則系統會自動生成一個。",
+            "client-id-placeholder": "輸入一些字符",
+            "client-name": "客戶端名稱",
+            "client-name-help": "人類可讀的應用程式名稱",
+            "client-name-placeholder": "輸入一些字符",
+            "client-secret": "客戶端密鑰",
+            "client-secret-placeholder": "輸入密鑰",
+            "contacts": "聯繫人",
+            "contacts-help": "此客戶端管理員的聯繫人名單。",
+            "contacts-placeholder": "新聯繫人",
+            "credentials": "憑據",
+            "crypto": {
+                "a128cbc-hs256": "複合認證加密算法，採用密碼塊鏈（CBC）模式AES，以PKCS #5填充，完整性計算使用HMAC SHA-256，並使用256位的CMK（和128位CEK）",
+                "a256cbc-hs512": "複合認證加密算法，採用密碼塊鏈（CBC）模式AES，以PKCS #5填充，完整性計算使用HMAC SHA-512，並使用512位的CMK（和256位CEK）",
+                "a128gcm": "AES GCM使用128位的密鑰",
+                "a256gcm": "AES GCM使用256位的密鑰",
+                "a128kw": "AES密鑰封裝算法使用128位的密鑰",
+                "a256kw": "AES密鑰封裝算法使用256位的密鑰",
+                "default": "使用伺服器默認",
+                "dir": "直接使用一個共享對稱密鑰作為塊加密的內容主密鑰（CMK）",
+                "ecdh-es": "橢圓曲線Diffie-Hellman短時靜態密鑰協議（使用Concat KDF），商定的密鑰被直接用作內容主密鑰（CMK）",
+                "ecdh-es-a128kw": "橢圓曲線Diffie-Hellman短時靜態密鑰協議（使用ECDH-ES和第4.7小節），但商定的密鑰是用以A128KW函數封裝內容主密鑰（CMK）",
+                "ecdh-es-a256kw": "橢圓曲線Diffie-Hellman短時靜態密鑰協議（使用ECDH-ES和第4.7小節），但商定的密鑰是用以A256KW函數封裝內容主密鑰（CMK）",
+                "none": "不加密",
+                "rsa-oaep": "RSAES使用最優不對稱加密填充（OAEP）",
+                "rsa1-5": "RSAES-PKCS1-V1_5"
+            },
+            "cryptography": "密碼",
+            "display-secret": "顯示/編輯客戶端密鑰：",
+            "edit": "編輯客戶端",
+            "generate-new-secret": "生成一個新的客戶端密鑰嗎？",
+            "generate-new-secret-help": "當點擊「保存」時生成新的密鑰",
+            "generate-on-save": "保存時生成",
+            "grant-types": "批准的類型",
+            "home": "主頁",
+            "home-help": "客戶端首頁的URL，將顯示給用戶",
+            "hours": "小時",
+            "id": "ID：",
+            "id-token-crypto-algorithm": "身份令牌加密算法",
+            "id-token-crypto-method": "身份令牌加密方法",
+            "id-token-signing-algorithm": "身份令牌簽名算法",
+            "id-token-timeout": "身份令牌超時",
+            "implicit": "隱式的",
+            "initiate-login": "初始化登入",
+            "initiate-login-help": "啟動登入客戶端的URL",
+            "introspection": "自省",
+            "jwk-set": "公鑰集",
+            "jwk-set-help": "客戶端JSON Web Key集的URL (須可被伺服器訪問)",
+            "jwk-set-value-help": "客戶端JSON Web Key集的URL (須可被伺服器訪問)",
+            "logo": "標誌（Logo)",
+            "logo-help": "標誌（Logo）圖像的URL，將顯示在批准頁",
+            "main": "首要",
+            "max-age": "默認最長有效時間",
+            "max-age-help": "再提示之前的默認最長會話有效時間",
+            "minutes": "分鐘",
+            "new": "新客戶端",
+            "other": "其它",
+            "pairwise": "Pairwise對",
+            "password": "密碼",
+            "policy": "政策聲明",
+            "policy-help": "此客戶端的政策聲明連接，將顯示給用戶",
+            "post-logout": "登出後重定向",
+            "post-logout-help": "客戶端登出操作後的重定向URL",
+            "public": "公共",
+            "redelegation": "重新授權",
+            "redirect-uris": "重定向URI",
+            "redirect-uris-help": "在授權頁面之後客戶端重定向URI",
+            "claims-redirect-uris": "聲明重定向URI",
+            "claims-redirect-uris-help": "在聲明採集步驟之後瀏覽器需重定向的目標URI",
+            "refresh": "刷新",
+            "refresh-tokens": "刷新令牌",
+            "refresh-tokens-issued": "為此客戶端發佈的刷新令牌",
+            "refresh-tokens-issued-help": "這將把 offline_access 加入客戶端的範圍。",
+            "refresh-tokens-reused": "此客戶端的刷新令牌被重用",
+            "clear-access-tokens": "當刷新令牌用過之後，已激活的訪問令牌自動失效",
+            "refresh-tokens-no-expire": "刷新令牌尚未過期",
+            "registered": "註冊於",
+            "registration-token": "註冊令牌：",
+            "registration-access-token": "註冊訪問令牌",
+            "registration-token-error": "無法為此客戶端下載註冊訪問令牌。",
+            "request-object-signing-algorithm": "請求對像簽名算法",
+            "request-uri": "請求的URI",
+            "request-uri-help": "URI包含此客戶端使用的請求對像",
+            "require-auth-time": "需要身份認證時間(auth_time)",
+            "require-auth-time-label": "總是需要在身份令牌中包含auth_time聲明",
+            "response-types": "回應類型",
+            "rotate-registration-token": "旋轉註冊令牌",
+            "rotate-registration-token-confirm": "你確定你想旋轉這個客戶端的登入令牌？",
+            "rotate-registration-token-error": "無法旋轉該客戶端的註冊訪問令牌。",
+            "saved": {
+                "no-secret": "沒有客戶端密鑰",
+                "saved": "客戶端已保存",
+                "secret": "密鑰：",
+                "show-secret": "顯示密鑰",
+                "unchanged": "不變"
+            },
+            "scope-placeholder": "新範圍",
+            "scope-help": "OAuth範圍允許客戶端請求",
+            "seconds": "秒",
+            "secret-asymmetric-jwt": "非對稱簽名JWT斷言",
+            "secret-http": "客戶端密鑰經由HTTP Basic",
+            "secret-none": "沒有認證",
+            "secret-post": "客戶端密鑰經由HTTP POST",
+            "secret-symmetric-jwt": "客戶端密鑰經由對稱簽名JWT斷言",
+            "sector-identifier": "扇區標識符URI",
+            "signing": {
+                "any": "允許",
+                "default": "使用伺服器默認",
+                "es256": "ECDSA採用P-256曲線和SHA-256哈希算法",
+                "es384": "ECDSA採用P-384曲線及SHA-384哈希算法",
+                "es512": "ECDSA採用P-512曲線及SHA-512哈希算法",
+                "hs256": "HMAC使用SHA-256哈希算法",
+                "hs384": "HMAC使用SHA-384哈希算法",
+                "hs512": "HMAC使用SHA-512哈希算法",
+                "none": "沒有數字簽名",
+                "rs256": "RSASSA使用SHA-256哈希算法",
+                "rs384": "RSASSA採用SHA-384哈希算法",
+                "rs512": "RSASSA使用SHA-512哈希算法",
+                "ps256": "採用SHA-256和MGF1的RSASSA-PSS算法",
+                "ps384": "採用SHA-384和MGF1的RSASSA-PSS算法",
+                "ps512": "採用SHA-512和MGF1的RSASSA-PSS算法"
+            },
+            "subject-type": "主體類型",
+            "terms": "服務條款",
+            "terms-help": "此客戶服務條款的URL，將向用戶顯示",
+            "token-signing-algorithm": "令牌端點認證簽名算法",
+            "tokens": "令牌",
+            "type": "應用類型",
+            "type-native": "原生應用",
+            "type-web": "網絡應用",
+            "unknown": "（未知）",
+            "user-info-crypto-algorithm": "用戶資訊端點加密算法",
+            "user-info-crypto-method": "用戶資訊端點加密方法",
+            "user-info-signing-algorithm": "用戶資訊端點簽名算法"
+        },
+        "client-table": {
+            "allow-introspection-tooltip": "這個客戶端可以執行令牌自省",
+            "confirm": "你確定要刪除這個客戶端？",
+            "dynamically-registered-tooltip": "這個客戶端是動態註冊的。點擊查看註冊訪問令牌",
+            "match": {
+                "contacts": "聯繫人",
+                "description": "描述",
+                "homepage": "主頁",
+                "id": "身分",
+                "logo": "標誌",
+                "name": "名稱",
+                "policy": "政策",
+                "redirect": "重定向URI",
+                "scope": "範圍",
+                "terms": "服務條款"
+            },
+            "matched-search": "匹配搜索：",
+            "new": "新客戶端",
+            "no-clients": "此伺服器上沒有註冊的客戶端。",
+            "no-matches": "沒有匹配搜索條件的客戶端。",
+            "no-redirect": "沒有重定向URI",
+            "registered": "註冊於",
+            "search": "搜索……",
+            "whitelist": "白名單",
+            "unknown": "一個未知的時間"
+        },
+        "manage": "管理客戶端",
+        "more-info": {
+            "contacts": "管理員聯繫方式：",
+            "home": "主頁",
+            "more": "更多資訊",
+            "policy": "政策",
+            "terms": "服務條款："
+        },
+        "newClient": "新客戶端"
+    },
+    "common": {
+        "cancel": "取消",
+        "client": "客戶端",
+        "clients": "客戶端",
+        "close": "關閉",
+        "delete": "刪除",
+        "description": "描述",
+        "dynamically-registered": "這個客戶端是動態註冊的",
+        "edit": "編輯",
+        "expires": "到期：",
+        "information": "資訊",
+        "new": "新建",
+        "not-yet-implemented": "未實現",
+        "not-yet-implemented-content": "這個字段的值將於客戶端保存，但伺服器目前不處理任何事情。伺服器的未來庫版本將利用它。",
+        "revoke": "撤銷",
+        "save": "保存",
+        "scopes": "範圍",
+        "statistics": "統計",
+        "refresh": "刷新",
+        "scope": "範圍",
+        "users": "用戶",
+        "user": "用戶",
+        "roles": "角色",
+        "role": "角色",
+        "email": "電子郵箱",
+        "active": "已激活",
+        "inactive": "未激活"
+    },
+    "dynreg": {
+        "client-id-placeholder": "輸入客戶端ID",
+        "configuration-url": "客戶端配置URL",
+        "edit-dynamically-registered": "編輯動態註冊的客戶端",
+        "edit-existing": "編輯一個現有的客戶端",
+        "edit-existing-help": "用於編輯之前已註冊的客戶端。粘貼您的客戶端ID和註冊訪問令牌，以便訪問該客戶端。",
+        "edit-existing-button": "編輯客戶端",
+        "invalid-access-token": "無效的客戶端或註冊訪問令牌。",
+        "new-client": "註冊新客戶端",
+        "new-client-help": "用於註冊新的客戶端。請提供客戶端ID和註冊訪問令牌，以便管理您的客戶端。",
+        "new-client-button": "新建客戶端",
+        "regtoken-placeholder": "輸入註冊訪問令牌",
+        "warning": "<strong>警告！</strong>你必須保護好<b>客戶端ID </b>，<b>客戶密鑰（如果提供）</b>，以及您的<b>註冊訪問令牌</b>。如果你丟失了客戶端ID或註冊訪問令牌，將無法訪問您的客戶端註冊記錄，你需要註冊一個新客戶端。",
+        "will-be-generated": "當存儲客戶端資訊時將由伺服器自動生成"
+    },
+    "grant": {
+        "manage-approved-sites": "管理批准的網站",
+        "refresh": "刷新",
+        "grant-table": {
+            "active-tokens": "當前活躍的訪問令牌數量",
+            "application": "應用程式",
+            "approved-sites": "許可站點",
+            "authorized": "授權：",
+            "dynamically-registered": "這個客戶端是動態註冊的",
+            "expires": "到期：",
+            "last-accessed": "上次訪問：",
+            "never": "從未",
+            "no-sites": "還未批准任何網站。",
+            "no-whitelisted": "還未訪問任何白名單的網站。",
+            "pre-approved": "這些都是預先由管理員批准的網站。",
+            "text": "這些都是您已經手動批准的網站。如果同一網站將來要進行同樣的訪問，它將直接通過、且沒有提示。",
+            "unknown": "未知",
+            "whitelist-note": "<b>註：</b>如果你在此撤銷它們，它們將在您下次訪問時不經提示即被自動重新批准。",
+            "whitelisted-site": "這個網站由管理員列入白名單中",
+            "whitelisted-sites": "白名單的網站"
+        }
+    },
+    "rsreg": {
+        "resource-id-placeholder": "輸入資源ID",
+        "configuration-url": "客戶端配置URL",
+        "edit": "編輯受保護的資源",
+        "edit-existing": "編輯現有的保護資源",
+        "edit-existing-help": "用於編輯之前已註冊的資源。請使用您的客戶端ID和註冊訪問令牌來訪問資源的屬性。",
+        "edit-existing-button": "編輯資源",
+        "invalid-access-token": "無效的客戶端或註冊訪問令牌。",
+        "new-client": "註冊新的受保護資源",
+        "new-client-help": "用於註冊新的資源。請提供客戶端ID和註冊訪問令牌，以便管理您的資源。",
+        "new-client-button": "新建資源",
+        "regtoken-placeholder": "輸入註冊訪問令牌",
+        "will-be-generated": "將生成",
+        "warning": "<strong>警告！</strong>你必須保護好<b>客戶端ID </b>，<b>客戶密鑰（如果提供）</b>，以及<b>註冊訪問令牌</b>。如果丟失了客戶端ID或註冊訪問令牌，將無法獲得您客戶端的登記記錄，你需要註冊一個新客戶端。",
+        "client-form": {
+            "scope-help": "這個資源能夠自省令牌的範圍。"
+        }
+    },
+    "scope": {
+        "manage": "管理系統範圍",
+        "scope-list": {
+            "no-scopes": "沒有範圍"
+        },
+        "system-scope-form": {
+            "default": "默認範圍",
+            "default-help": "新創建的用戶默認情況下獲得這個範圍？",
+            "description-help": "人類可讀的文本描述",
+            "description-placeholder": "輸入說明",
+            "restricted": "限制",
+            "restricted-help": "限制範圍衹能由系統管理員使用，可用動態註冊客戶和保護資源",
+            "edit": "編輯範圍",
+            "icon": "圖標",
+            "new": "新範圍",
+            "select-icon": "選擇圖標",
+            "structured": "是一個結構化的範圍",
+            "structured-help": "範圍結構化是否包含如<code>base:extension</code>的結構化值？",
+            "structured-param-help": "人類可讀的結構化參數描述",
+            "subject-type": "主體類型",
+            "value": "範圍值",
+            "value-help": "不含空格的單個字符串",
+            "value-placeholder": "範圍"
+        },
+        "system-scope-table": {
+            "confirm": "你確定要刪除此範圍？引用了此範圍的客戶端還需要它。",
+            "new": "新範圍",
+            "text": "尚未定義系統範圍。客戶還可自定義範圍。",
+            "tooltip-restricted": "此範圍衹能由管理員使用。它不能用於動態註冊。",
+            "tooltip-default": "這個範圍將自動分配給新註冊的客戶。"
+        }
+    },
+    "token": {
+        "manage": "管理活動的令牌",
+        "token-table": {
+            "access-tokens": "訪問令牌",
+            "associated-id": "這個訪問令牌附帶相關的身份令牌。",
+            "associated-refresh": "這個訪問令牌附帶相關的刷新令牌。",
+            "click-to-display": "點擊顯示完整的令牌值",
+            "confirm": "你確定要撤銷這個令牌？",
+            "confirm-refresh": "你確定要撤銷這個刷新令牌及其相關的訪問令牌？",
+            "expires": "過期",
+            "no-access": "沒有活動的訪問令牌。",
+            "no-refresh": "沒有活動的刷新令牌。",
+            "number-of-tokens": "關聯的訪問令牌數量",
+            "refresh-tokens": "刷新令牌",
+            "text": "訪問令牌通常是短暫的，供客戶端訪問特定的資源。身份令牌是採用OpenID Connect協議登入的、專門的訪問令牌。",
+            "text-refresh": "刷新令牌通常是長期的，以便客戶端能無需用戶介入即可獲取新的訪問令牌。",
+            "token-info": "令牌的資訊"
+        }
+    },
+    "whitelist": {
+        "confirm": "你確定要刪除這個白名單項？",
+        "edit": "編輯白名單",
+        "manage": "管理列入白名單的網站",
+        "new": "新白名單",
+        "whitelist": "白名單",
+        "whitelist-form": {
+            "allowed-scopes": "允許範圍",
+            "edit": "編輯白名單的網站",
+            "new": "新增白名單網站",
+            "scope-help": "當客戶端發出請求列表時將自動批准的範圍",
+            "scope-placeholder": "新範圍"
+        },
+        "whitelist-table": {
+            "no-sites": "白名單列表為空。使用<strong>白名單</strong>按鈕在客戶端管理頁面創建一個。"
+        }
+    },
+    "blacklist": {
+        "text": "被拉黑的網站URI將無法用於註冊客戶端的重定向地址（無論是在管理介面中添加、還是動態註冊，都不行）。",
+        "blacklist-uri-placeholder": "要拉黑的網站URI",
+        "add": "將網站URI加入黑名單",
+        "empty": "當前黑名單為空",
+        "uri": "URI"
+    },
+    "copyright": "基於<a href=\"https://github.com/mitreid-connect/\">MITREid Connect <span class=\"label\">{0}</span></a>技術構建 <span class=\"pull-right\">&copy; 2016 MITRE公司及MIT因特網信任聯盟</span>。",
+    "about": {
+        "title": "關於",
+        "body": "\n此OpenID Connect服務基於開源的MITREid Connect專案，該專案來自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特網信任聯盟</a>。\n</p>\n<p>\n有關該專案的更多資訊可見 \n<a href=\"http://github.com/mitreid-connect/\">GitHub上的MITREid Connect專案</a>。 \n您可以在該網站報告bug、提交意見及代碼補丁。"
+    },
+    "statistics": {
+        "title": "統計",
+        "number_users": "用戶數: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
+        "number_clients": "授權的客戶端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
+        "number_approvals": "已批准的站點: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
+    },
+    "home": {
+        "title": "首頁",
+        "welcome": {
+            "title": "歡迎！",
+			"body": "\nOpenID Connect是適於因特網部署的身分聯邦認證伺服器，基於OAuth2授權框架之上的OpenID Connect技術構建。\nOpenID Connect讓您無需暴露自己的用戶名、密碼即可便捷登入網站。</p>\n<p><a class=\"btn btn-primary btn-large\" href=\"http://openid.net/connect/\">在此瞭解更多詳情&raquo;</a>"
+        },
+        "more": "更多",
+        "about": {
+            "title": "關於",
+            "body": "本服務基於開源的MITREid Connect專案，該專案來自 \n<a href=\"http://www.mitre.org/\">MITRE公司</a> 及 <a href=\"http://www.trust.mit.edu/\">MIT因特網信任聯盟</a>。"
+        },
+        "contact": {
+            "title": "聯繫方式",
+            "body": "\n如需更多的資訊和支持，請聯繫本系統的管理員。</p>\n<p><a class=\"btn\" href=\"mailto:idp@example.com?Subject=OpenID Connect\">電子信箱 &raquo;</a>"
+        },
+        "statistics": {
+            "title": "當前統計",
+            "loading": "加載……",
+            "number_users": "用戶數: <span class=\"label label-info\" id=\"userCount\">{0}</span>",
+            "number_clients": "授權的客戶端: <span class=\"label label-info\" id=\"clientCount\">{0}</span>",
+            "number_approvals": "已批准的站點: <span class=\"label label-info\" id=\"approvalCount\">{0}</span>"
+        }
+    },
+    "contact": {
+        "title": "聯繫方式",
+        "body": "如果要報告有關MITREid Connect軟體自身的bug，請拜訪\n<a href=\"https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/issues\">GitHub issue追蹤系統</a>。 \n有關當前伺服器的問題，請聯繫伺服器的管理者。"
+    },
+    "topbar": {
+        "about": "關於",
+        "contact": "聯繫方式",
+        "statistics": "統計",
+        "home": "首頁",
+        "login": "登入",
+        "logout": "登出"
+    },
+    "sidebar": {
+        "administrative": {
+            "title": "管理",
+            "manage_clients": "管理客戶端",
+            "whitelisted_clients": "白名單",
+            "blacklisted_clients": "黑名單",
+            "system_scopes": "系統範圍"
+        },
+        "personal": {
+            "title": "個人",
+            "approved_sites": "管理批准的網站",
+            "active_tokens": "管理活動的令牌",
+            "profile_information": "查看用戶資訊"
+        },
+        "developer": {
+            "title": "開發者自助服務",
+            "client_registration": "客戶端註冊",
+            "resource_registration": "保護資源註冊"
+        }
+    },
+    "manage": {
+        "ok": "好的",
+        "loading": "加載",
+        "title": "管理控制檯"
+    },
+    "approve": {
+        "dynamically-registered-unknown": "在一個未知的時間",
+        "title": "批准訪問",
+        "error": {
+            "not_granted": "訪問可能不獲批准。"
+        },
+        "required_for": "有待批准",
+        "dynamically_registered": "此客戶端已被動態註冊了<span class=\"label label-info\" id=\"registrationTime\">{0}</span>次。",
+        "caution": {
+            "title": "注意",
+            "message": {
+                "none": "它之前<span class=\"label label-important\">從未</span>被批准。",
+                "singular": "它之前已被批准了<span class=\"label label-warning\">{0}</span>次。",
+                "plural": "它之前已被批准了<span class=\"label\">{0}</span>次。"
+            }
+        },
+        "more_information": "更多資訊",
+        "home_page": "主頁",
+        "policy": "政策",
+        "terms": "服務條款",
+        "contacts": "管理人員",
+        "warning": "警告",
+        "no_redirect_uri": "該客戶端沒有註冊任何重定向URI，可能被使用惡意的URI。",
+        "redirect_uri": "如果點擊批准，您將被重定向至如下頁面: <code>{0}</code>",
+        "pairwise": "該客戶端使用<b>pairwise</b>標識符，這使得在不同站點間關聯身份變得稍加困難。",
+        "no_scopes": "該客戶端沒有註冊任何範圍，因此允許請求系統可用的<em>any</em>(任意)範圍。請務必謹慎處理。",
+        "access_to": "訪問",
+        "remember": {
+            "title": "記住這個決定",
+            "until_revoke": "記住這個決定直到我撤銷",
+            "one_hour": "記住該決定一個小時",
+            "next_time": "下次再提醒我"
+        },
+        "do_authorize": "是否授權",
+        "label": {
+            "authorize": "授權",
+            "deny": "拒絕"
+        }
+    },
+    "error": {
+    	"title": "錯誤",
+		"header": "錯誤:",
+		"message": "在處理您的請求過程中發生了錯誤。伺服器日誌為:"
+    },
+    "login": {
+		"login_with_username_and_password": "請用您的用戶名和密碼登入",
+		"username": "用戶名",
+		"password": "密碼",
+		"login-button": "登入",
+		"error": "登入失敗，請重試。"
+    }
+}
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/profile.js b/openid-connect-server-webapp/src/main/webapp/resources/js/profile.js
new file mode 100644
index 000000000..90ef32ab1
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/profile.js
@@ -0,0 +1,40 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+ui.routes.push({
+	path: "user/profile",
+	name: "profile",
+	callback: function() {
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('admin.user-profile.show'),
+			href: "manage/#user/profile"
+		}]);
+
+		this.updateSidebar('user/profile');
+
+		var view = new UserProfileView({
+			model: getUserInfo()
+		});
+		$('#content').html(view.render().el);
+
+		setPageTitle($.t('admin.user-profile.show'));
+
+	}
+});
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/rsreg.js b/openid-connect-server-webapp/src/main/webapp/resources/js/rsreg.js
new file mode 100644
index 000000000..cb3830949
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/rsreg.js
@@ -0,0 +1,579 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+var ResRegClient = Backbone.Model.extend({
+	idAttribute: "client_id",
+
+	defaults: {
+		client_id: null,
+		client_secret: null,
+		client_name: null,
+		client_uri: null,
+		logo_uri: null,
+		contacts: [],
+		tos_uri: null,
+		token_endpoint_auth_method: null,
+		scope: null,
+		policy_uri: null,
+
+		jwks_uri: null,
+		jwks: null,
+		jwksType: 'URI',
+
+		application_type: null,
+		registration_access_token: null,
+		registration_client_uri: null
+	},
+
+	sync: function(method, model, options) {
+		if (model.get('registration_access_token')) {
+			var headers = options.headers ? options.headers : {};
+			headers['Authorization'] = 'Bearer ' + model.get('registration_access_token');
+			options.headers = headers;
+		}
+
+		return this.constructor.__super__.sync(method, model, options);
+	},
+
+	urlRoot: 'resource'
+
+});
+
+var ResRegRootView = Backbone.View.extend({
+
+	tagName: 'span',
+
+	initialize: function(options) {
+		this.options = options;
+
+	},
+
+	events: {
+		"click #newreg": "newReg",
+		"click #editreg": "editReg"
+	},
+
+	load: function(callback) {
+		if (this.options.systemScopeList.isFetched) {
+			callback();
+			return;
+		}
+
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> ');
+
+		$.when(this.options.systemScopeList.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			callback();
+		});
+	},
+
+	render: function() {
+		$(this.el).html($('#tmpl-rsreg').html());
+		$(this.el).i18n();
+		return this;
+	},
+
+	newReg: function(e) {
+		e.preventDefault();
+		this.remove();
+		app.navigate('dev/resource/new', {
+			trigger: true
+		});
+	},
+
+	editReg: function(e) {
+		e.preventDefault();
+		var clientId = $('#clientId').val();
+		var token = $('#regtoken').val();
+
+		var client = new ResRegClient({
+			client_id: clientId,
+			registration_access_token: token
+		});
+
+		var self = this;
+
+		client.fetch({
+			success: function() {
+
+				if (client.get("jwks")) {
+					client.set({
+						jwksType: "VAL"
+					}, {
+						silent: true
+					});
+				} else {
+					client.set({
+						jwksType: "URI"
+					}, {
+						silent: true
+					});
+				}
+
+				var view = new ResRegEditView({
+					model: client,
+					systemScopeList: app.systemScopeList
+				});
+
+				view.load(function() {
+					$('#content').html(view.render().el);
+					view.delegateEvents();
+					setPageTitle($.t('rsreg.new'));
+					app.navigate('dev/resource/edit', {
+						trigger: true
+					});
+					self.remove();
+				});
+			},
+			error: app.errorHandlerView.handleError({
+				message: $.t('dynreg.invalid-access-token')
+			})
+		});
+	}
+
+});
+
+var ResRegEditView = Backbone.View.extend({
+
+	tagName: 'span',
+
+	initialize: function(options) {
+		this.options = options;
+		if (!this.template) {
+			this.template = _.template($('#tmpl-rsreg-resource-form').html());
+		}
+
+		this.redirectUrisCollection = new Backbone.Collection();
+		this.scopeCollection = new Backbone.Collection();
+		this.contactsCollection = new Backbone.Collection();
+		this.defaultAcrValuesCollection = new Backbone.Collection();
+		this.requestUrisCollection = new Backbone.Collection();
+
+		this.listWidgetViews = [];
+	},
+
+	load: function(callback) {
+		if (this.options.systemScopeList.isFetched) {
+			callback();
+			return;
+		}
+
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> ');
+
+		$.when(this.options.systemScopeList.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			callback();
+		});
+	},
+
+	events: {
+		"click .btn-save": "saveClient",
+		"click .btn-cancel": "cancel",
+		"click .btn-delete": "deleteClient",
+		"change #logoUri input": "previewLogo",
+		"change #tokenEndpointAuthMethod input:radio": "toggleClientCredentials",
+		"change #jwkSelector input:radio": "toggleJWKSetType"
+	},
+
+	cancel: function(e) {
+		e.preventDefault();
+		app.navigate('dev/resource', {
+			trigger: true
+		});
+	},
+
+	deleteClient: function(e) {
+		e.preventDefault();
+
+		if (confirm($.t('client.client-table.confirm'))) {
+			var self = this;
+
+			this.model.destroy({
+				dataType: false,
+				processData: false,
+				success: function() {
+					self.remove();
+					app.navigate('dev/resource', {
+						trigger: true
+					});
+				},
+				error: app.errorHandlerView.handleError()
+			});
+
+		}
+
+		return false;
+	},
+
+	previewLogo: function() {
+		if ($('#logoUri input', this.el).val()) {
+			$('#logoPreview', this.el).empty();
+			$('#logoPreview', this.el).attr('src', $('#logoUri input', this.el).val());
+		} else {
+			// $('#logoBlock', this.el).hide();
+			$('#logoPreview', this.el).attr('src', 'resources/images/logo_placeholder.gif');
+		}
+	},
+
+	/**
+	 * Set up the form based on the current state of the tokenEndpointAuthMethod
+	 * parameter
+	 * 
+	 * @param event
+	 */
+	toggleClientCredentials: function() {
+
+		var tokenEndpointAuthMethod = $('#tokenEndpointAuthMethod input', this.el).filter(':checked').val();
+
+		// show or hide the signing algorithm method depending on what's
+		// selected
+		if (tokenEndpointAuthMethod == 'private_key_jwt' || tokenEndpointAuthMethod == 'client_secret_jwt') {
+			$('#tokenEndpointAuthSigningAlg', this.el).show();
+		} else {
+			$('#tokenEndpointAuthSigningAlg', this.el).hide();
+		}
+	},
+
+	/**
+	 * Set up the form based on the JWK Set selector
+	 */
+	toggleJWKSetType: function() {
+		var jwkSelector = $('#jwkSelector input:radio', this.el).filter(':checked').val();
+
+		if (jwkSelector == 'URI') {
+			$('#jwksUri', this.el).show();
+			$('#jwks', this.el).hide();
+		} else if (jwkSelector == 'VAL') {
+			$('#jwksUri', this.el).hide();
+			$('#jwks', this.el).show();
+		} else {
+			$('#jwksUri', this.el).hide();
+			$('#jwks', this.el).hide();
+		}
+
+	},
+
+	disableUnsupportedJOSEItems: function(serverSupported, query) {
+		var supported = ['default'];
+		if (serverSupported) {
+			supported = _.union(supported, serverSupported);
+		}
+		$(query, this.$el).each(function(idx) {
+			if (_.contains(supported, $(this).val())) {
+				$(this).prop('disabled', false);
+			} else {
+				$(this).prop('disabled', true);
+			}
+		});
+
+	},
+
+	// returns "null" if given the value "default" as a string,
+	// otherwise returns input value. useful for parsing the JOSE
+	// algorithm dropdowns
+	defaultToNull: function(value) {
+		if (value == 'default') {
+			return null;
+		} else {
+			return value;
+		}
+	},
+
+	saveClient: function(e) {
+		e.preventDefault();
+
+		$('.control-group').removeClass('error');
+
+		// sync any leftover collection items
+		_.each(this.listWidgetViews, function(v) {
+			v.addItem($.Event('click'));
+		});
+
+		// build the scope object
+		var scopes = this.scopeCollection.pluck("item").join(" ");
+
+		var contacts = this.contactsCollection.pluck('item');
+		var userInfo = getUserInfo();
+		if (userInfo && userInfo.email) {
+			if (!_.contains(contacts, userInfo.email)) {
+				contacts.push(userInfo.email);
+			}
+		}
+
+		// process the JWKS
+		var jwksUri = null;
+		var jwks = null;
+		var jwkSelector = $('#jwkSelector input:radio', this.el).filter(':checked').val();
+
+		if (jwkSelector == 'URI') {
+			jwksUri = $('#jwksUri input').val();
+			jwks = null;
+		} else if (jwkSelector == 'VAL') {
+			jwksUri = null;
+			try {
+				jwks = JSON.parse($('#jwks textarea').val());
+			} catch (e) {
+				console.log("An error occurred when parsing the JWK Set");
+
+				// Display an alert with an error message
+				app.errorHandlerView.showErrorMessage($.t("client.client-form.error.jwk-set"), $.t("client.client-form.error.jwk-set-parse"));
+				return false;
+			}
+		} else {
+			jwksUri = null;
+			jwks = null;
+		}
+
+		var attrs = {
+			client_name: $('#clientName input').val(),
+			logo_uri: $('#logoUri input').val(),
+			scope: scopes,
+			client_secret: null, // never send a client secret
+			tos_uri: $('#tosUri input').val(),
+			policy_uri: $('#policyUri input').val(),
+			client_uri: $('#clientUri input').val(),
+			application_type: $('#applicationType input').filter(':checked').val(),
+			jwks_uri: jwksUri,
+			jwks: jwks,
+			token_endpoint_auth_method: $('#tokenEndpointAuthMethod input').filter(':checked').val(),
+			contacts: contacts,
+			token_endpoint_auth_signing_alg: this.defaultToNull($('#tokenEndpointAuthSigningAlg select').val())
+		};
+
+		// set all empty strings to nulls
+		for ( var key in attrs) {
+			if (attrs[key] === "") {
+				attrs[key] = null;
+			}
+		}
+
+		var _self = this;
+		this.model.save(attrs, {
+			success: function() {
+				// switch to an "edit" view
+				app.navigate('dev/resource/edit', {
+					trigger: true
+				});
+				_self.remove();
+
+				if (_self.model.get("jwks")) {
+					_self.model.set({
+						jwksType: "VAL"
+					}, {
+						silent: true
+					});
+				} else {
+					_self.model.set({
+						jwksType: "URI"
+					}, {
+						silent: true
+					});
+				}
+
+				var view = new ResRegEditView({
+					model: _self.model,
+					systemScopeList: _self.options.systemScopeList
+				});
+
+				view.load(function() {
+					// reload
+					$('#content').html(view.render().el);
+					view.delegateEvents();
+				});
+			},
+			error: app.errorHandlerView.handleError()
+		});
+
+		return false;
+	},
+
+	render: function() {
+		$(this.el).html(this.template({
+			client: this.model.toJSON(),
+			userInfo: getUserInfo()
+		}));
+
+		this.listWidgetViews = [];
+
+		var _self = this;
+
+		// build and bind scopes
+		var scopes = this.model.get("scope");
+		var scopeSet = scopes ? scopes.split(" ") : [];
+		_.each(scopeSet, function(scope) {
+			_self.scopeCollection.add(new Backbone.Model({
+				item: scope
+			}));
+		});
+
+		var scopeView = new ListWidgetView({
+			placeholder: $.t('client.client-form.scope-placeholder'),
+			autocomplete: _.uniq(_.flatten(this.options.systemScopeList.unrestrictedScopes().pluck("value"))),
+			helpBlockText: $.t('rsreg.client-form.scope-help'),
+			collection: this.scopeCollection
+		});
+		$("#scope .controls", this.el).html(scopeView.render().el);
+		this.listWidgetViews.push(scopeView);
+
+		// build and bind contacts
+		_.each(this.model.get('contacts'), function(contact) {
+			_self.contactsCollection.add(new Backbone.Model({
+				item: contact
+			}));
+		});
+
+		var contactView = new ListWidgetView({
+			placeholder: $.t('client.client-form.contacts-placeholder'),
+			helpBlockText: $.t('client.client-form.contacts-help'),
+			collection: this.contactsCollection
+		});
+		$("#contacts .controls", this.el).html(contactView.render().el);
+		this.listWidgetViews.push(contactView);
+
+		this.toggleClientCredentials();
+		this.previewLogo();
+		this.toggleJWKSetType();
+
+		// disable unsupported JOSE algorithms
+		this.disableUnsupportedJOSEItems(app.serverConfiguration.token_endpoint_auth_signing_alg_values_supported, '#tokenEndpointAuthSigningAlg option');
+
+		this.$('.nyi').clickover({
+			placement: 'right',
+			title: $.t('common.not-yet-implemented'),
+			content: $.t('common.not-yet-implemented-content')
+		});
+
+		$(this.el).i18n();
+		return this;
+	}
+
+});
+
+ui.routes.push({
+	path: "dev/resource",
+	name: "resReg",
+	callback: function() {
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('admin.self-service-resource'),
+			href: "manage/#dev/resource"
+		}]);
+
+		this.updateSidebar('dev/resource');
+
+		var view = new ResRegRootView({
+			systemScopeList: this.systemScopeList
+		});
+		view.load(function() {
+			$('#content').html(view.render().el);
+
+			setPageTitle($.t('admin.self-service-resource'));
+		});
+
+	}
+});
+
+ui.routes.push({
+	path: "dev/resource/new",
+	name: "newResReg",
+	callback: function() {
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('admin.self-service-resource'),
+			href: "manage/#dev/resource"
+		}, {
+			text: $.t('rsreg.new'),
+			href: "manage/#dev/resource/new"
+		}]);
+
+		this.updateSidebar('dev/resource');
+
+		var client = new ResRegClient();
+		var view = new ResRegEditView({
+			model: client,
+			systemScopeList: this.systemScopeList
+		});
+
+		view.load(function() {
+
+			var userInfo = getUserInfo();
+			var contacts = [];
+			if (userInfo != null && userInfo.email != null) {
+				contacts.push(userInfo.email);
+			}
+
+			client.set({
+				scope: _.uniq(_.flatten(app.systemScopeList.defaultUnrestrictedScopes().pluck("value"))).join(" "),
+				token_endpoint_auth_method: 'client_secret_basic',
+				contacts: contacts
+			}, {
+				silent: true
+			});
+
+			$('#content').html(view.render().el);
+			view.delegateEvents();
+			setPageTitle($.t('rsreg.new'));
+
+		});
+
+	}
+});
+
+ui.routes.push({
+	path: "dev/resource/edit",
+	name: "editResReg",
+	callback: function() {
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('admin.self-service-resource'),
+			href: "manage/#dev/resource"
+		}, {
+			text: $.t('rsreg.edit'),
+			href: "manage/#dev/resource/edit"
+		}]);
+
+		this.updateSidebar('dev/resource');
+
+		setPageTitle($.t('rsreg.edit'));
+		// note that this doesn't actually load the client, that's supposed to
+		// happen elsewhere...
+	}
+});
+
+ui.templates.push('resources/template/rsreg.html');
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/scope.js b/openid-connect-server-webapp/src/main/webapp/resources/js/scope.js
new file mode 100644
index 000000000..3598ccfa1
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/scope.js
@@ -0,0 +1,479 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Portions copyright 2011-2013 The MITRE Corporation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+var SystemScopeModel = Backbone.Model.extend({
+	idAttribute: 'id',
+
+	defaults: {
+		id: null,
+		description: null,
+		icon: null,
+		value: null,
+		defaultScope: false,
+		restricted: false
+	},
+
+	urlRoot: 'api/scopes'
+});
+
+var SystemScopeCollection = Backbone.Collection.extend({
+	idAttribute: 'id',
+
+	model: SystemScopeModel,
+
+	url: 'api/scopes',
+
+	defaultScopes: function() {
+		filtered = this.filter(function(scope) {
+			return scope.get("defaultScope") === true;
+		});
+		return new SystemScopeCollection(filtered);
+	},
+
+	unrestrictedScopes: function() {
+		filtered = this.filter(function(scope) {
+			return scope.get("restricted") !== true;
+		});
+		return new SystemScopeCollection(filtered);
+	},
+
+	defaultUnrestrictedScopes: function() {
+		filtered = this.filter(function(scope) {
+			return scope.get("defaultScope") === true && scope.get("restricted") !== true;
+		});
+		return new SystemScopeCollection(filtered);
+	},
+
+	getByValue: function(value) {
+		var scopes = this.where({
+			value: value
+		});
+		if (scopes.length == 1) {
+			return scopes[0];
+		} else {
+			return null;
+		}
+	}
+
+});
+
+var SystemScopeView = Backbone.View.extend({
+
+	tagName: 'tr',
+
+	initialize: function(options) {
+		this.options = options;
+
+		if (!this.template) {
+			this.template = _.template($('#tmpl-system-scope').html());
+		}
+
+		this.model.bind('change', this.render, this);
+
+	},
+
+	events: {
+		'click .btn-edit': 'editScope',
+		'click .btn-delete': 'deleteScope'
+	},
+
+	editScope: function(e) {
+		e.preventDefault();
+		app.navigate('admin/scope/' + this.model.id, {
+			trigger: true
+		});
+	},
+
+	render: function(eventName) {
+		this.$el.html(this.template(this.model.toJSON()));
+
+		$('.restricted', this.el).tooltip({
+			title: $.t('scope.system-scope-table.tooltip-restricted')
+		});
+		$('.default', this.el).tooltip({
+			title: $.t('scope.system-scope-table.tooltip-default')
+		});
+
+		$(this.el).i18n();
+		return this;
+	},
+
+	deleteScope: function(e) {
+		e.preventDefault();
+
+		if (confirm($.t("scope.system-scope-table.confirm"))) {
+			var _self = this;
+
+			this.model.destroy({
+				dataType: false,
+				processData: false,
+				success: function() {
+
+					_self.$el.fadeTo("fast", 0.00, function() { // fade
+						$(this).slideUp("fast", function() { // slide up
+							$(this).remove(); // then remove from the DOM
+							_self.parentView.togglePlaceholder();
+						});
+					});
+				},
+				error: app.errorHandlerView.handleError()
+			});
+
+			_self.parentView.delegateEvents();
+		}
+
+		return false;
+	},
+
+	close: function() {
+		$(this.el).unbind();
+		$(this.el).empty();
+	}
+});
+
+var SystemScopeListView = Backbone.View.extend({
+	tagName: 'span',
+
+	initialize: function(options) {
+		this.options = options;
+	},
+
+	load: function(callback) {
+		if (this.model.isFetched) {
+			callback();
+			return;
+		}
+
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> ');
+
+		$.when(this.model.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			callback();
+		});
+	},
+
+	events: {
+		"click .new-scope": "newScope",
+		"click .refresh-table": "refreshTable"
+	},
+
+	newScope: function(e) {
+		this.remove();
+		app.navigate('admin/scope/new', {
+			trigger: true
+		});
+	},
+
+	refreshTable: function(e) {
+		var _self = this;
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> ');
+
+		$.when(this.model.fetch({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			_self.render();
+		});
+	},
+
+	togglePlaceholder: function() {
+		if (this.model.length > 0) {
+			$('#scope-table', this.el).show();
+			$('#scope-table-empty', this.el).hide();
+		} else {
+			$('#scope-table', this.el).hide();
+			$('#scope-table-empty', this.el).show();
+		}
+	},
+
+	render: function(eventName) {
+
+		// append and render the table structure
+		$(this.el).html($('#tmpl-system-scope-table').html());
+
+		var _self = this;
+
+		_.each(this.model.models, function(scope) {
+			var view = new SystemScopeView({
+				model: scope
+			});
+			view.parentView = _self;
+			$("#scope-table", _self.el).append(view.render().el);
+		}, this);
+
+		this.togglePlaceholder();
+		$(this.el).i18n();
+		return this;
+	}
+});
+
+var SystemScopeFormView = Backbone.View
+		.extend({
+			tagName: 'span',
+
+			initialize: function(options) {
+				this.options = options;
+				if (!this.template) {
+					this.template = _.template($('#tmpl-system-scope-form').html());
+				}
+				if (!this.iconTemplate) {
+					this.iconTemplate = _.template($('#tmpl-system-scope-icon').html());
+				}
+
+				// initialize our icon set into slices for the selector
+				if (!this.bootstrapIcons) {
+					this.bootstrapIcons = [];
+
+					var iconList = ['glass', 'music', 'search', 'envelope', 'heart', 'star', 'star-empty', 'user', 'film', 'th-large', 'th', 'th-list', 'ok', 'remove', 'zoom-in', 'zoom-out', 'off', 'signal', 'cog', 'trash', 'home', 'file', 'time', 'road', 'download-alt', 'download', 'upload', 'inbox', 'play-circle', 'repeat', 'refresh', 'list-alt', 'lock',
+							'flag', 'headphones', 'volume-off', 'volume-down', 'volume-up', 'qrcode', 'barcode', 'tag', 'tags', 'book', 'bookmark', 'print', 'camera', 'font', 'bold', 'italic', 'text-height', 'text-width', 'align-left', 'align-center', 'align-right', 'align-justify', 'list', 'indent-left', 'indent-right', 'facetime-video', 'picture',
+							'pencil', 'map-marker', 'adjust', 'tint', 'edit', 'share', 'check', 'move', 'step-backward', 'fast-backward', 'backward', 'play', 'pause', 'stop', 'forward', 'fast-forward', 'step-forward', 'eject', 'chevron-left', 'chevron-right', 'plus-sign', 'minus-sign', 'remove-sign', 'ok-sign', 'question-sign', 'info-sign', 'screenshot',
+							'remove-circle', 'ok-circle', 'ban-circle', 'arrow-left', 'arrow-right', 'arrow-up', 'arrow-down', 'share-alt', 'resize-full', 'resize-small', 'plus', 'minus', 'asterisk', 'exclamation-sign', 'gift', 'leaf', 'fire', 'eye-open', 'eye-close', 'warning-sign', 'plane', 'calendar', 'random', 'comment', 'magnet', 'chevron-up',
+							'chevron-down', 'retweet', 'shopping-cart', 'folder-close', 'folder-open', 'resize-vertical', 'resize-horizontal', 'hdd', 'bullhorn', 'bell', 'certificate', 'thumbs-up', 'thumbs-down', 'hand-right', 'hand-left', 'hand-up', 'hand-down', 'circle-arrow-right', 'circle-arrow-left', 'circle-arrow-up', 'circle-arrow-down', 'globe',
+							'wrench', 'tasks', 'filter', 'briefcase', 'fullscreen'];
+
+					var size = 3;
+					while (iconList.length > 0) {
+						this.bootstrapIcons.push(iconList.splice(0, size));
+					}
+
+				}
+			},
+
+			events: {
+				'click .btn-save': 'saveScope',
+				'click .btn-cancel': function() {
+					app.navigate('admin/scope', {
+						trigger: true
+					});
+				},
+				'click .btn-icon': 'selectIcon'
+			},
+
+			load: function(callback) {
+				if (this.model.isFetched) {
+					callback();
+					return;
+				}
+
+				$('#loadingbox').sheet('show');
+				$('#loading').html('<span class="label" id="loading-scopes">' + $.t("common.scopes") + '</span> ');
+
+				$.when(this.model.fetchIfNeeded({
+					success: function(e) {
+						$('#loading-scopes').addClass('label-success');
+					},
+					error: app.errorHandlerView.handleError()
+				})).done(function() {
+					$('#loadingbox').sheet('hide');
+					callback();
+				});
+
+			},
+
+			saveScope: function(e) {
+				e.preventDefault();
+
+				var value = $('#value input').val();
+
+				if (value == null || value.trim() == "") {
+					// error: can't have a blank scope
+					return false;
+				}
+
+				var valid = this.model.set({
+					value: value,
+					description: $('#description textarea').val(),
+					icon: $('#iconDisplay input').val(),
+					defaultScope: $('#defaultScope input').is(':checked'),
+					restricted: $('#restricted input').is(':checked')
+				});
+
+				if (valid) {
+
+					var _self = this;
+					this.model.save({}, {
+						success: function() {
+							app.systemScopeList.add(_self.model);
+							app.navigate('admin/scope', {
+								trigger: true
+							});
+						},
+						error: app.errorHandlerView.handleError()
+					});
+				}
+
+				return false;
+			},
+
+			selectIcon: function(e) {
+				e.preventDefault();
+
+				var icon = e.target.value;
+
+				$('#iconDisplay input').val(icon);
+				$('#iconDisplay #iconName').html(icon);
+				$('#iconDisplay i').removeClass();
+				$('#iconDisplay i').addClass('icon-' + icon);
+				$('#iconDisplay i').addClass('icon-white');
+
+				$('#iconSelector').modal('hide');
+
+				return false;
+			},
+
+			render: function(eventName) {
+				this.$el.html(this.template(this.model.toJSON()));
+
+				_.each(this.bootstrapIcons, function(items) {
+					$("#iconSelector .modal-body", this.el).append(this.iconTemplate({
+						items: items
+					}));
+				}, this);
+
+				$(this.el).i18n();
+				return this;
+			}
+		});
+
+ui.routes.push({
+	path: "admin/scope",
+	name: "siteScope",
+	callback: function() {
+
+		if (!isAdmin()) {
+			this.root();
+			return;
+		}
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('scope.manage'),
+			href: "manage/#admin/scope"
+		}]);
+
+		this.updateSidebar('admin/scope');
+
+		var view = new SystemScopeListView({
+			model: this.systemScopeList
+		});
+
+		view.load(function() {
+			$('#content').html(view.render().el);
+			view.delegateEvents();
+			setPageTitle($.t('scope.manage'));
+		});
+
+	}
+});
+
+ui.routes.push({
+	path: "admin/scope/new",
+	name: "newScope",
+	callback: function() {
+
+		if (!isAdmin()) {
+			this.root();
+			return;
+		}
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('scope.manage'),
+			href: "manage/#admin/scope"
+		}, {
+			text: $.t('scope.system-scope-form.new'),
+			href: "manage/#admin/scope/new"
+		}]);
+
+		this.updateSidebar('admin/scope');
+
+		var scope = new SystemScopeModel();
+
+		var view = new SystemScopeFormView({
+			model: scope
+		});
+		view.load(function() {
+			$('#content').html(view.render().el);
+			setPageTitle($.t('scope.system-scope-form.new'));
+		});
+
+	}
+});
+
+ui.routes.push({
+	path: "admin/scope/:id",
+	name: "editScope",
+	callback: function(sid) {
+
+		if (!isAdmin()) {
+			this.root();
+			return;
+		}
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('scope.manage'),
+			href: "manage/#admin/scope"
+		}, {
+			text: $.t('scope.system-scope-form.edit'),
+			href: "manage/#admin/scope/" + sid
+		}]);
+
+		this.updateSidebar('admin/scope');
+
+		var scope = this.systemScopeList.get(sid);
+		if (!scope) {
+			scope = new SystemScopeModel({
+				id: sid
+			});
+		}
+
+		var view = new SystemScopeFormView({
+			model: scope
+		});
+		view.load(function() {
+			$('#content').html(view.render().el);
+			setPageTitle($.t('scope.system-scope-form.new'));
+		});
+
+	}
+});
+
+ui.templates.push('resources/template/scope.html');
+
+ui.init.push(function(app) {
+	app.systemScopeList = new SystemScopeCollection();
+});
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/token.js b/openid-connect-server-webapp/src/main/webapp/resources/js/token.js
new file mode 100644
index 000000000..6aedb89c6
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/token.js
@@ -0,0 +1,576 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+var AccessTokenModel = Backbone.Model.extend({
+	idAttribute: 'id',
+
+	defaults: {
+		id: null,
+		value: null,
+		refreshTokenId: null,
+		scopes: [],
+		clientId: null,
+		userId: null,
+		expiration: null
+	},
+
+	urlRoot: 'api/tokens/access'
+});
+
+var AccessTokenCollection = Backbone.Collection.extend({
+	idAttribute: 'id',
+
+	model: AccessTokenModel,
+
+	url: 'api/tokens/access'
+
+});
+
+var AccessTokenView = Backbone.View.extend({
+
+	tagName: 'tr',
+
+	initialize: function(options) {
+		this.options = options;
+
+		if (!this.template) {
+			this.template = _.template($('#tmpl-access-token').html());
+		}
+
+		if (!this.scopeTemplate) {
+			this.scopeTemplate = _.template($('#tmpl-scope-list').html());
+		}
+
+		if (!this.moreInfoTemplate) {
+			this.moreInfoTemplate = _.template($('#tmpl-client-more-info-block').html());
+		}
+
+		this.model.bind('change', this.render, this);
+
+	},
+
+	events: {
+		'click .btn-delete': 'deleteToken',
+		'click .token-substring': 'showTokenValue',
+		'click .toggleMoreInformation': 'toggleMoreInformation'
+	},
+
+	render: function(eventName) {
+
+		var expirationDate = this.model.get("expiration");
+
+		if (expirationDate == null) {
+			expirationDate = "Never";
+		} else if (!moment(expirationDate).isValid()) {
+			expirationDate = "Unknown";
+		} else {
+			expirationDate = moment(expirationDate).calendar();
+		}
+
+		var json = {
+			token: this.model.toJSON(),
+			client: this.options.client.toJSON(),
+			formattedExpiration: expirationDate
+		};
+
+		this.$el.html(this.template(json));
+
+		// hide full value
+		$('.token-full', this.el).hide();
+
+		// show scopes
+		$('.scope-list', this.el).html(this.scopeTemplate({
+			scopes: this.model.get('scopes'),
+			systemScopes: this.options.systemScopeList
+		}));
+
+		$('.client-more-info-block', this.el).html(this.moreInfoTemplate({
+			client: this.options.client.toJSON()
+		}));
+
+		$(this.el).i18n();
+		return this;
+	},
+
+	deleteToken: function(e) {
+		e.preventDefault();
+
+		if (confirm($.t("token.token-table.confirm"))) {
+
+			var _self = this;
+
+			this.model.destroy({
+				dataType: false,
+				processData: false,
+				success: function() {
+
+					_self.$el.fadeTo("fast", 0.00, function() { // fade
+						$(this).slideUp("fast", function() { // slide up
+							$(this).remove(); // then remove from the DOM
+							// refresh the table in case we removed an id token,
+							// too
+							_self.parentView.refreshTable();
+						});
+					});
+				},
+				error: app.errorHandlerView.handleError()
+			});
+
+			this.parentView.delegateEvents();
+		}
+
+		return false;
+	},
+
+	toggleMoreInformation: function(e) {
+		e.preventDefault();
+		if ($('.moreInformation', this.el).is(':visible')) {
+			// hide it
+			$('.moreInformation', this.el).hide('fast');
+			$('.toggleMoreInformation i', this.el).attr('class', 'icon-chevron-right');
+			$('.moreInformationContainer', this.el).removeClass('alert').removeClass('alert-info').addClass('muted');
+
+		} else {
+			// show it
+			$('.moreInformation', this.el).show('fast');
+			$('.toggleMoreInformation i', this.el).attr('class', 'icon-chevron-down');
+			$('.moreInformationContainer', this.el).addClass('alert').addClass('alert-info').removeClass('muted');
+		}
+	},
+
+	close: function() {
+		$(this.el).unbind();
+		$(this.el).empty();
+	},
+
+	showTokenValue: function(e) {
+		e.preventDefault();
+		$('.token-substring', this.el).hide();
+		$('.token-full', this.el).show();
+	}
+});
+
+var RefreshTokenModel = Backbone.Model.extend({
+	idAttribute: 'id',
+
+	defaults: {
+		id: null,
+		value: null,
+		scopes: [],
+		clientId: null,
+		userId: null,
+		expiration: null
+	},
+
+	urlRoot: 'api/tokens/refresh'
+});
+
+var RefreshTokenCollection = Backbone.Collection.extend({
+	idAttribute: 'id',
+
+	model: RefreshTokenModel,
+
+	url: 'api/tokens/refresh'
+
+});
+
+var RefreshTokenView = Backbone.View.extend({
+
+	tagName: 'tr',
+
+	initialize: function(options) {
+		this.options = options;
+
+		if (!this.template) {
+			this.template = _.template($('#tmpl-refresh-token').html());
+		}
+
+		if (!this.scopeTemplate) {
+			this.scopeTemplate = _.template($('#tmpl-scope-list').html());
+		}
+
+		if (!this.moreInfoTemplate) {
+			this.moreInfoTemplate = _.template($('#tmpl-client-more-info-block').html());
+		}
+
+		this.model.bind('change', this.render, this);
+
+	},
+
+	events: {
+		'click .btn-delete': 'deleteToken',
+		'click .token-substring': 'showTokenValue',
+		'click .toggleMoreInformation': 'toggleMoreInformation'
+	},
+
+	render: function(eventName) {
+
+		var expirationDate = this.model.get("expiration");
+
+		if (expirationDate == null) {
+			expirationDate = "Never";
+		} else if (!moment(expirationDate).isValid()) {
+			expirationDate = "Unknown";
+		} else {
+			expirationDate = moment(expirationDate).calendar();
+		}
+
+		var json = {
+			token: this.model.toJSON(),
+			client: this.options.client.toJSON(),
+			formattedExpiration: expirationDate,
+			accessTokenCount: this.options.accessTokenCount
+		};
+
+		this.$el.html(this.template(json));
+
+		// hide full value
+		$('.token-full', this.el).hide();
+
+		// show scopes
+		$('.scope-list', this.el).html(this.scopeTemplate({
+			scopes: this.model.get('scopes'),
+			systemScopes: this.options.systemScopeList
+		}));
+
+		$('.client-more-info-block', this.el).html(this.moreInfoTemplate({
+			client: this.options.client.toJSON()
+		}));
+
+		$(this.el).i18n();
+		return this;
+
+	},
+
+	deleteToken: function(e) {
+		e.preventDefault();
+
+		if (confirm($.t('token.token-table.confirm-refresh'))) {
+
+			var _self = this;
+
+			this.model.destroy({
+				dataType: false,
+				processData: false,
+				success: function() {
+
+					_self.$el.fadeTo("fast", 0.00, function() { // fade
+						$(this).slideUp("fast", function() { // slide up
+							$(this).remove(); // then remove from the DOM
+							// refresh the table in case the access tokens have
+							// changed, too
+							_self.parentView.refreshTable();
+						});
+					});
+				},
+				error: app.errorHandlerView.handleError()
+			});
+
+			_self.parentView.delegateEvents();
+		}
+
+		return false;
+	},
+
+	toggleMoreInformation: function(e) {
+		e.preventDefault();
+		if ($('.moreInformation', this.el).is(':visible')) {
+			// hide it
+			$('.moreInformation', this.el).hide('fast');
+			$('.toggleMoreInformation i', this.el).attr('class', 'icon-chevron-right');
+			$('.moreInformationContainer', this.el).removeClass('alert').removeClass('alert-info').addClass('muted');
+		} else {
+			// show it
+			$('.moreInformation', this.el).show('fast');
+			$('.toggleMoreInformation i', this.el).attr('class', 'icon-chevron-down');
+			$('.moreInformationContainer', this.el).addClass('alert').addClass('alert-info').removeClass('muted');
+		}
+
+	},
+
+	close: function() {
+		$(this.el).unbind();
+		$(this.el).empty();
+	},
+
+	showTokenValue: function(e) {
+		e.preventDefault();
+		$('.token-substring', this.el).hide();
+		$('.token-full', this.el).show();
+	}
+});
+
+var TokenListView = Backbone.View.extend({
+	tagName: 'span',
+
+	initialize: function(options) {
+		this.options = options;
+	},
+
+	events: {
+		"click .refresh-table": "refreshTable",
+		'page .paginator-access': 'changePageAccess',
+		'page .paginator-refresh': 'changePageRefresh'
+	},
+
+	load: function(callback) {
+		if (this.model.access.isFetched && this.model.refresh.isFetched && this.options.clientList.isFetched && this.options.systemScopeList.isFetched) {
+			callback();
+			return;
+		}
+
+		$('#loadingbox').sheet('show');
+		$('#loading').html(
+				'<span class="label" id="loading-access">' + $.t('token.token-table.access-tokens') + '</span> ' + '<span class="label" id="loading-refresh">' + $.t('token.token-table.refresh-tokens') + '</span> ' + '<span class="label" id="loading-clients">' + $.t('common.clients') + '</span> ' + '<span class="label" id="loading-scopes">'
+						+ $.t('common.scopes') + '</span> ');
+
+		$.when(this.model.access.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-access').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.model.refresh.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-refresh').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.clientList.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-clients').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.systemScopeList.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			callback();
+		});
+
+	},
+
+	changePageAccess: function(event, num) {
+		$('.paginator-access', this.el).bootpag({
+			page: num
+		});
+		$('#access-token-table tbody tr', this.el).each(function(index, element) {
+			if (Math.ceil((index + 1) / 10) != num) {
+				$(element).hide();
+			} else {
+				$(element).show();
+			}
+		});
+	},
+
+	changePageRefresh: function(event, num) {
+		$('.paginator-refresh', this.el).bootpag({
+			page: num
+		});
+		$('#refresh-token-table tbody tr', this.el).each(function(index, element) {
+			if (Math.ceil((index + 1) / 10) != num) {
+				$(element).hide();
+			} else {
+				$(element).show();
+			}
+		});
+	},
+
+	refreshTable: function(e) {
+		$('#loadingbox').sheet('show');
+		$('#loading').html(
+				'<span class="label" id="loading-access">' + $.t('token.token-table.access-tokens') + '</span> ' + '<span class="label" id="loading-refresh">' + $.t('token.token-table.refresh-tokens') + '</span> ' + '<span class="label" id="loading-clients">' + $.t('common.clients') + '</span> ' + '<span class="label" id="loading-scopes">'
+						+ $.t('common.scopes') + '</span> ');
+		var _self = this;
+		$.when(this.model.access.fetch({
+			success: function(e) {
+				$('#loading-access').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.model.refresh.fetch({
+			success: function(e) {
+				$('#loading-refresh').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.clientList.fetch({
+			success: function(e) {
+				$('#loading-clients').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.systemScopeList.fetch({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			_self.render();
+			$('#loadingbox').sheet('hide');
+		});
+	},
+
+	togglePlaceholder: function() {
+		if (this.model.access.length > 0) {
+			$('#access-token-table', this.el).show();
+			$('#access-token-table-empty', this.el).hide();
+		} else {
+			$('#access-token-table', this.el).hide();
+			$('#access-token-table-empty', this.el).show();
+		}
+		if (this.model.refresh.length > 0) {
+			$('#refresh-token-table', this.el).show();
+			$('#refresh-token-table-empty', this.el).hide();
+		} else {
+			$('#refresh-token-table', this.el).hide();
+			$('#refresh-token-table-empty', this.el).show();
+		}
+
+		$('#access-token-count', this.el).html(this.model.access.length);
+		$('#refresh-token-count', this.el).html(this.model.refresh.length);
+	},
+
+	render: function(eventName) {
+
+		// append and render the table structure
+		$(this.el).html($('#tmpl-token-table').html());
+
+		var _self = this;
+
+		// set up pagination
+		var numPagesAccess = Math.ceil(this.model.access.length / 10);
+		if (numPagesAccess > 1) {
+			$('.paginator-access', this.el).show();
+			$('.paginator-access', this.el).bootpag({
+				total: numPagesAccess,
+				page: 1
+			});
+		} else {
+			$('.paginator-access', this.el).hide();
+		}
+
+		// count up refresh tokens
+		var refreshCount = {};
+
+		_.each(this.model.access.models, function(token, index) {
+			// look up client
+			var client = _self.options.clientList.getByClientId(token.get('clientId'));
+			var view = new AccessTokenView({
+				model: token,
+				client: client,
+				systemScopeList: _self.options.systemScopeList
+			});
+			view.parentView = _self;
+			var element = view.render().el;
+			$('#access-token-table', _self.el).append(element);
+			if (Math.ceil((index + 1) / 10) != 1) {
+				$(element).hide();
+			}
+
+			// console.log(token.get('refreshTokenId'));
+			var refId = token.get('refreshTokenId');
+			if (refId != null) {
+				if (refreshCount[refId]) {
+					refreshCount[refId] += 1;
+				} else {
+					refreshCount[refId] = 1;
+				}
+
+			}
+
+		});
+
+		// console.log(refreshCount);
+
+		// set up pagination
+		var numPagesRefresh = Math.ceil(this.model.refresh.length / 10);
+		if (numPagesRefresh > 1) {
+			$('.paginator-refresh', this.el).show();
+			$('.paginator-refresh', this.el).bootpag({
+				total: numPagesRefresh,
+				page: 1
+			});
+		} else {
+			$('.paginator-refresh', this.el).hide();
+		}
+
+		_.each(this.model.refresh.models, function(token, index) {
+			// look up client
+			var client = _self.options.clientList.getByClientId(token.get('clientId'));
+			var view = new RefreshTokenView({
+				model: token,
+				client: client,
+				systemScopeList: _self.options.systemScopeList,
+				accessTokenCount: refreshCount[token.get('id')]
+			});
+			view.parentView = _self;
+			var element = view.render().el;
+			$('#refresh-token-table', _self.el).append(element);
+			if (Math.ceil((index + 1) / 10) != 1) {
+				$(element).hide();
+			}
+
+		});
+
+		/*
+		 * _.each(this.model.models, function (scope) { $("#scope-table",
+		 * this.el).append(new SystemScopeView({model: scope}).render().el); },
+		 * this);
+		 */
+
+		this.togglePlaceholder();
+		$(this.el).i18n();
+		return this;
+	}
+});
+
+ui.routes.push({
+	path: "user/tokens",
+	name: "tokens",
+	callback: function() {
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('token.manage'),
+			href: "manage/#user/tokens"
+		}]);
+
+		this.updateSidebar('user/tokens');
+
+		var view = new TokenListView({
+			model: {
+				access: this.accessTokensList,
+				refresh: this.refreshTokensList
+			},
+			clientList: this.clientList,
+			systemScopeList: this.systemScopeList
+		});
+
+		view.load(function(collection, response, options) {
+			$('#content').html(view.render().el);
+			setPageTitle($.t('token.manage'));
+		});
+
+	}
+});
+
+ui.templates.push('resources/template/token.html');
+
+ui.init.push(function(app) {
+	app.accessTokensList = new AccessTokenCollection();
+	app.refreshTokensList = new RefreshTokenCollection();
+});
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/js/whitelist.js b/openid-connect-server-webapp/src/main/webapp/resources/js/whitelist.js
new file mode 100644
index 000000000..50de739de
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/js/whitelist.js
@@ -0,0 +1,596 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Portions copyright 2011-2013 The MITRE Corporation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+var WhiteListModel = Backbone.Model.extend({
+
+	idAttribute: "id",
+
+	initialize: function() {
+	},
+
+	urlRoot: "api/whitelist"
+
+});
+
+var WhiteListCollection = Backbone.Collection.extend({
+	initialize: function() {
+		// this.fetch();
+	},
+
+	getByClientId: function(clientId) {
+		var clients = this.where({
+			clientId: clientId
+		});
+		if (clients.length == 1) {
+			return clients[0];
+		} else {
+			return null;
+		}
+	},
+
+	model: WhiteListModel,
+	url: "api/whitelist"
+
+});
+
+var WhiteListListView = Backbone.View.extend({
+	tagName: 'span',
+
+	initialize: function(options) {
+		this.options = options;
+	},
+
+	load: function(callback) {
+		if (this.model.isFetched && this.options.clientList.isFetched && this.options.systemScopeList.isFetched) {
+			callback();
+			return;
+		}
+
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-whitelist">' + $.t('whitelist.whitelist') + '</span> ' + '<span class="label" id="loading-clients">' + $.t('common.clients') + '</span> ' + '<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> ');
+
+		$.when(this.model.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-whitelist').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.clientList.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-clients').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.systemScopeList.fetchIfNeeded({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			callback();
+		});
+	},
+
+	events: {
+		"click .refresh-table": "refreshTable"
+	},
+
+	render: function(eventName) {
+		$(this.el).html($('#tmpl-whitelist-table').html());
+
+		var _self = this;
+
+		_.each(this.model.models, function(whiteList) {
+
+			// look up client
+			var client = _self.options.clientList.getByClientId(whiteList.get('clientId'));
+
+			// if there's no client ID, this is an error!
+			if (client != null) {
+				var view = new WhiteListView({
+					model: whiteList,
+					client: client,
+					systemScopeList: _self.options.systemScopeList
+				});
+				view.parentView = _self;
+				$('#whitelist-table', _self.el).append(view.render().el);
+			}
+
+		}, this);
+
+		this.togglePlaceholder();
+		$(this.el).i18n();
+		return this;
+	},
+
+	togglePlaceholder: function() {
+		if (this.model.length > 0) {
+			$('#whitelist-table', this.el).show();
+			$('#whitelist-table-empty', this.el).hide();
+		} else {
+			$('#whitelist-table', this.el).hide();
+			$('#whitelist-table-empty', this.el).show();
+		}
+	},
+
+	refreshTable: function(e) {
+		e.preventDefault();
+		var _self = this;
+		$('#loadingbox').sheet('show');
+		$('#loading').html('<span class="label" id="loading-whitelist">' + $.t('whitelist.whitelist') + '</span> ' + '<span class="label" id="loading-clients">' + $.t('common.clients') + '</span> ' + '<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> ');
+
+		$.when(this.model.fetch({
+			success: function(e) {
+				$('#loading-whitelist').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.clientList.fetch({
+			success: function(e) {
+				$('#loading-clients').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		}), this.options.systemScopeList.fetch({
+			success: function(e) {
+				$('#loading-scopes').addClass('label-success');
+			},
+			error: app.errorHandlerView.handleError()
+		})).done(function() {
+			$('#loadingbox').sheet('hide');
+			_self.render();
+		});
+	}
+});
+
+var WhiteListView = Backbone.View.extend({
+	tagName: 'tr',
+
+	initialize: function(options) {
+		this.options = options;
+		if (!this.template) {
+			this.template = _.template($('#tmpl-whitelist').html());
+		}
+
+		if (!this.scopeTemplate) {
+			this.scopeTemplate = _.template($('#tmpl-scope-list').html());
+		}
+
+		if (!this.moreInfoTemplate) {
+			this.moreInfoTemplate = _.template($('#tmpl-client-more-info-block').html());
+		}
+
+		this.model.bind('change', this.render, this);
+	},
+
+	render: function(eventName) {
+
+		var json = {
+			whiteList: this.model.toJSON(),
+			client: this.options.client.toJSON()
+		};
+
+		this.$el.html(this.template(json));
+
+		$('.scope-list', this.el).html(this.scopeTemplate({
+			scopes: this.model.get('allowedScopes'),
+			systemScopes: this.options.systemScopeList
+		}));
+
+		$('.client-more-info-block', this.el).html(this.moreInfoTemplate({
+			client: this.options.client.toJSON()
+		}));
+
+		this.$('.dynamically-registered').tooltip({
+			title: $.t('common.dynamically-registered')
+		});
+
+		$(this.el).i18n();
+		return this;
+	},
+
+	events: {
+		'click .btn-edit': 'editWhitelist',
+		'click .btn-delete': 'deleteWhitelist',
+		'click .toggleMoreInformation': 'toggleMoreInformation'
+	},
+
+	editWhitelist: function(e) {
+		e.preventDefault();
+		app.navigate('admin/whitelist/' + this.model.get('id'), {
+			trigger: true
+		});
+	},
+
+	deleteWhitelist: function(e) {
+		e.preventDefault();
+
+		if (confirm($.t('whitelist.confirm'))) {
+			var _self = this;
+
+			this.model.destroy({
+				dataType: false,
+				processData: false,
+				success: function() {
+					_self.$el.fadeTo("fast", 0.00, function() { // fade
+						$(this).slideUp("fast", function() { // slide up
+							$(this).remove(); // then remove from the DOM
+							// check the placeholder in case it's empty now
+							_self.parentView.togglePlaceholder();
+						});
+					});
+				},
+				error: app.errorHandlerView.handleError()
+			});
+
+			_self.parentView.delegateEvents();
+		}
+
+		return false;
+	},
+
+	toggleMoreInformation: function(e) {
+		e.preventDefault();
+		if ($('.moreInformation', this.el).is(':visible')) {
+			// hide it
+			$('.moreInformation', this.el).hide('fast');
+			$('.toggleMoreInformation i', this.el).attr('class', 'icon-chevron-right');
+			$('.moreInformationContainer', this.el).removeClass('alert').removeClass('alert-info').addClass('muted');
+
+		} else {
+			// show it
+			$('.moreInformation', this.el).show('fast');
+			$('.toggleMoreInformation i', this.el).attr('class', 'icon-chevron-down');
+			$('.moreInformationContainer', this.el).addClass('alert').addClass('alert-info').removeClass('muted');
+		}
+	},
+
+	close: function() {
+		$(this.el).unbind();
+		$(this.el).empty();
+	}
+});
+
+var WhiteListFormView = Backbone.View.extend({
+	tagName: 'span',
+
+	initialize: function(options) {
+		this.options = options;
+		if (!this.template) {
+			this.template = _.template($('#tmpl-whitelist-form').html());
+		}
+
+		this.scopeCollection = new Backbone.Collection();
+
+		this.listWidgetViews = [];
+
+	},
+
+	load: function(callback) {
+
+		if (this.options.client) {
+			// we know what client we're dealing with already
+			if (this.model.isFetched && this.options.client.isFetched) {
+				callback();
+				return;
+			}
+
+			$('#loadingbox').sheet('show');
+			$('#loading').html('<span class="label" id="loading-whitelist">' + $.t('whitelist.whitelist') + '</span> ' + '<span class="label" id="loading-clients">' + $.t('common.clients') + '</span> ' + '<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> ');
+
+			$.when(this.model.fetchIfNeeded({
+				success: function(e) {
+					$('#loading-whitelist').addClass('label-success');
+				},
+				error: app.errorHandlerView.handleError()
+			}), this.options.client.fetchIfNeeded({
+				success: function(e) {
+					$('#loading-clients').addClass('label-success');
+				},
+				error: app.errorHandlerView.handleError()
+			}), this.options.systemScopeList.fetchIfNeeded({
+				success: function(e) {
+					$('#loading-scopes').addClass('label-success');
+				},
+				error: app.errorHandlerView.handleError()
+			})).done(function() {
+				$('#loadingbox').sheet('hide');
+				callback();
+			});
+
+		} else {
+			// we need to get the client information from the list
+
+			if (this.model.isFetched && this.options.clientList.isFetched && this.options.systemScopeList.isFetched) {
+
+				var client = this.options.clientList.getByClientId(this.model.get('clientId'));
+				this.options.client = client;
+
+				callback();
+				return;
+			}
+
+			$('#loadingbox').sheet('show');
+			$('#loading').html('<span class="label" id="loading-whitelist">' + $.t('whitelist.whitelist') + '</span> ' + '<span class="label" id="loading-clients">' + $.t('common.clients') + '</span> ' + '<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> ');
+
+			var _self = this;
+
+			$.when(this.model.fetchIfNeeded({
+				success: function(e) {
+					$('#loading-whitelist').addClass('label-success');
+				},
+				error: app.errorHandlerView.handleError()
+			}), this.options.clientList.fetchIfNeeded({
+				success: function(e) {
+					$('#loading-clients').addClass('label-success');
+				},
+				error: app.errorHandlerView.handleError()
+			}), this.options.systemScopeList.fetchIfNeeded({
+				success: function(e) {
+					$('#loading-scopes').addClass('label-success');
+				},
+				error: app.errorHandlerView.handleError()
+			})).done(function() {
+
+				var client = _self.options.clientList.getByClientId(_self.model.get('clientId'));
+				_self.options.client = client;
+
+				$('#loadingbox').sheet('hide');
+				callback();
+			});
+
+		}
+
+	},
+
+	events: {
+		'click .btn-save': 'saveWhiteList',
+		'click .btn-cancel': 'cancelWhiteList',
+
+	},
+
+	saveWhiteList: function(e) {
+		e.preventDefault();
+		$('.control-group').removeClass('error');
+
+		// sync any leftover collection items
+		_.each(this.listWidgetViews, function(v) {
+			v.addItem($.Event('click'));
+		});
+
+		// process allowed scopes
+		var allowedScopes = this.scopeCollection.pluck("item");
+
+		this.model.set({
+			clientId: this.options.client.get('clientId')
+		}, {
+			silent: true
+		});
+
+		var valid = this.model.set({
+			allowedScopes: allowedScopes
+		});
+
+		if (valid) {
+			var _self = this;
+			this.model.save({}, {
+				success: function() {
+					app.whiteListList.add(_self.model);
+					app.navigate('admin/whitelists', {
+						trigger: true
+					});
+				},
+				error: app.errorHandlerView.handleError()
+			});
+		}
+
+		return false;
+
+	},
+
+	cancelWhiteList: function(e) {
+		e.preventDefault();
+		// TODO: figure out where we came from and go back there instead
+		if (this.model.get('id') == null) {
+			// if it's a new whitelist entry, go back to the client listing page
+			app.navigate('admin/clients', {
+				trigger: true
+			});
+		} else {
+			// if we're editing a whitelist, go back to the whitelists page
+			app.navigate('admin/whitelists', {
+				trigger: true
+			});
+		}
+	},
+
+	render: function(eventName) {
+
+		var json = {
+			whiteList: this.model.toJSON(),
+			client: this.options.client.toJSON()
+		};
+
+		this.$el.html(this.template(json));
+
+		this.listWidgetViews = [];
+
+		var _self = this;
+		// build and bind scopes
+		_.each(this.model.get("allowedScopes"), function(scope) {
+			_self.scopeCollection.add(new Backbone.Model({
+				item: scope
+			}));
+		});
+
+		var scopeView = new ListWidgetView({
+			placeholder: $.t('whitelist.whitelist-form.scope-placeholder'),
+			autocomplete: this.options.client.get("scope"),
+			helpBlockText: $.t('whitelist.whitelist-form.scope-help'),
+			collection: this.scopeCollection
+		});
+		$("#scope .controls", this.el).html(scopeView.render().el);
+		this.listWidgetViews.push(scopeView);
+
+		$(this.el).i18n();
+		return this;
+
+	}
+
+});
+
+ui.routes.push({
+	path: "admin/whitelists",
+	name: "whiteList",
+	callback: function() {
+
+		if (!isAdmin()) {
+			this.root();
+			return;
+		}
+
+		this.updateSidebar('admin/whitelists');
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('whitelist.manage'),
+			href: "manage/#admin/whitelists"
+		}]);
+
+		var view = new WhiteListListView({
+			model: this.whiteListList,
+			clientList: this.clientList,
+			systemScopeList: this.systemScopeList
+		});
+
+		view.load(function() {
+			$('#content').html(view.render().el);
+			view.delegateEvents();
+			setPageTitle($.t('whitelist.manage'));
+		});
+
+	}
+});
+
+ui.routes.push({
+	path: "admin/whitelist/new/:cid",
+	name: "newWhitelist",
+	callback: function(cid) {
+
+		if (!isAdmin()) {
+			this.root();
+			return;
+		}
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('whitelist.manage'),
+			href: "manage/#admin/whitelists"
+		}, {
+			text: $.t('whitelist.new'),
+			href: "manage/#admin/whitelist/new/" + cid
+		}]);
+
+		this.updateSidebar('admin/whitelists');
+
+		var whiteList = new WhiteListModel();
+
+		var client = this.clientList.get(cid);
+		if (!client) {
+			client = new ClientModel({
+				id: cid
+			});
+		}
+
+		var view = new WhiteListFormView({
+			model: whiteList,
+			client: client,
+			systemScopeList: this.systemScopeList
+		});
+
+		view.load(function() {
+
+			// set the scopes on the model now that everything's loaded
+			whiteList.set({
+				allowedScopes: client.get('scope')
+			}, {
+				silent: true
+			});
+
+			$('#content').html(view.render().el);
+			view.delegateEvents();
+			setPageTitle($.t('whitelist.manage'));
+		});
+
+	}
+});
+
+ui.routes.push({
+	path: "admin/whitelist/:id",
+	name: "editWhitelist",
+	callback: function(id) {
+
+		if (!isAdmin()) {
+			this.root();
+			return;
+		}
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([{
+			text: $.t('admin.home'),
+			href: ""
+		}, {
+			text: $.t('whitelist.manage'),
+			href: "manage/#admin/whitelists"
+		}, {
+			text: $.t('whitelist.edit'),
+			href: "manage/#admin/whitelist/" + id
+		}]);
+
+		this.updateSidebar('admin/whitelists');
+
+		var whiteList = this.whiteListList.get(id);
+		if (!whiteList) {
+			whiteList = new WhiteListModel({
+				id: id
+			});
+		}
+
+		var view = new WhiteListFormView({
+			model: whiteList,
+			clientList: this.clientList,
+			systemScopeList: this.systemScopeList
+		});
+
+		view.load(function() {
+			$('#content').html(view.render().el);
+			view.delegateEvents();
+			setPageTitle($.t('whitelist.manage'));
+		});
+
+	}
+
+});
+
+ui.templates.push('resources/template/whitelist.html');
+
+ui.init.push(function(app) {
+	app.whiteListList = new WhiteListCollection();
+});
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/admin.html b/openid-connect-server-webapp/src/main/webapp/resources/template/admin.html
new file mode 100644
index 000000000..65a851f20
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/admin.html
@@ -0,0 +1,160 @@
+<!-- 
+ Copyright 2018 The MIT Internet Trust Consortium
+ 
+ Portions copyright 2011-2013 The MITRE Corporation
+ 
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<!-- breadcrumbs -->
+
+<script type="text/html" id="tmpl-breadcrumbs">
+    <% if (active == false) { %>
+    <li><a href="<%-href%>"><%-text%></a> <span class="divider">/</span></li>
+    <% } else { %>
+    <li class="active"><%-text%></li>
+    <% } %>
+</script>
+
+<!-- list widget -->
+
+<script type="text/html" id="tmpl-list-widget-child">
+    <td>
+		<span class="item-short"><%-(model.item.length > 30) ? model.item.substr(0,27) + '...' : model.item %></span>
+		<input type="text" readonly style="cursor: text" class="item-full input-xxlarge" value="<%- model.item %>" />
+	</td>
+   	<td>
+		<% if (!opt.toggle) { %>
+			<a class="btn btn-small btn-delete-list-item" href="#"><i class="icon-minus-sign"></i></a>
+		<% } else { %>
+			<input class="checkbox checkbox-list-item" type="checkbox" <%- opt.checked ? 'checked="checked"' : '' %> />
+		<% } %>
+	</td>
+</script>
+
+<script type="text/html" id="tmpl-list-widget-child-empty">
+	<tr class="info">
+		<td colspan="2" data-i18n="admin.list-widget.empty">There are no items in this list.</td>
+	</tr>
+</script>
+
+<script type="text/html" id="tmpl-list-widget">
+<div class="control-group">
+	<table class="table table-condensed table-hover table-striped span4">
+	    <thead>
+		    <tr>
+		        <th>
+            		<input type="text" value="" placeholder="<%-(placeholder) ? placeholder : ''%>"></th>
+        		<th><a class="btn btn-small btn-add-list-item" href="#"><i class="icon-plus-sign"></i></a></th>
+		    </tr>
+    	</thead>
+		<tbody>
+		</tbody>
+	</table>
+</div>
+<% if (typeof(helpBlockText) !== 'undefined') { %>
+	<p class="help-block"><%-helpBlockText%></p>
+<% } %>
+</script>
+
+
+<!-- blacklist form -->
+<script type="text/html" id="tmpl-blacklist-form">
+
+    <form class="form-horizontal">
+        <fieldset>
+            <div class="well well-small">
+				<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button>
+            </div>
+
+            <div class="control-group" id="blacklist">
+                <label class="control-label" data-i18n="admin.blacklist-form.blacklisted-uris">Blacklisted URIs</label>
+                <div class="controls">
+                </div>
+            </div>
+
+            <div class="well well-small">
+				<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button>
+            </div>
+
+        </fieldset>
+    </form>
+
+</script>
+
+<!-- user profile -->
+<script type="text/html" id="tmpl-user-profile">
+
+	<div data-i18n="admin.user-profile.text">Your user profile has the following information:</div>
+
+    <dl class="dl-horizontal user-profile">
+		<dt><span class="text-info" data-i18n="admin.user-profile.claim">Claim name:</span></dt>
+		<dd><span class="text-info" data-i18n="admin.user-profile.value">Claim value:</span></dt>
+    </dl>
+
+</script>
+
+<script type="text/html" id="tmpl-user-profile-element">
+
+            <dt><% if (typeof(category) !== 'undefined') { %>
+				<small class="muted"><%- category %>.</small><% } %><%- key %></dt>
+            <dd><%- value %></dd>
+
+</script>
+
+<!-- error box -->
+
+<script type="text/html" id="tmpl-error-box">
+
+<p>
+	<span data-i18n="error.message">There was an error processing your request.</span>
+
+<% if (response.responseJSON) { %>
+	<span data-i18n="error.server-message">The server said: </span><span class="text-error"><%- response.responseJSON.error_description %></span>
+<% } %>
+
+</p>
+
+<p>
+
+<% if (message.message) { %>
+	<span class="text-info"><%- message.message %></span>
+<% } %>
+
+</p>
+	
+<% if (response.status == 401) { %>
+	<div>
+		<span data-i18n="error.reload">Additionally, it looks like you're not logged in. Reload the page to try again. You will likely lose any unsaved work.</span>
+		<p>
+			<button class="btn btn-inverse btn-mini page-reload"><i class="icon-refresh icon-white"></i> <span data-i18n="error.reload-button">Reload</span></button>
+		</p>
+	</div>
+<% } %>
+
+</script>
+
+<script type="text/html" id="tmpl-error-header">
+
+	<span class="label label-inverse"><%- response.status %>: <%- response.statusText %></span>
+			
+	<b>
+	<% if (response.responseJSON) { %>
+		<span data-i18n="error.header-with-message">Error: </span><%- response.responseJSON.error %>
+	<% } else { %>
+		<span data-i18n="error.header">Error</span>
+	<% } %>
+	</b>
+
+
+</script>
\ No newline at end of file
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/blacklist.html b/openid-connect-server-webapp/src/main/webapp/resources/template/blacklist.html
new file mode 100644
index 000000000..074fd0a0d
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/blacklist.html
@@ -0,0 +1,68 @@
+<!-- 
+ Copyright 2018 The MIT Internet Trust Consortium
+ 
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- blacklist -->
+<script type="text/html" id="tmpl-blacklist-table">
+
+    <div class="well well-small">
+		<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button> &nbsp;
+    </div>
+
+	<div class="alert alert-danger" data-i18n="blacklist.text">
+		Blacklisted URIs cannot be used as redirect URIs by any registered clients, whether in the admin interface or in dynamic registration.
+	</div>
+
+	<div id="add-blacklist">
+		<form class="form-horizontal">
+			<fieldset>
+				<input type="text" id="blacklist-uri" placeholder="blacklist uri" data-i18n="[placeholder]blacklist.blacklist-uri-placeholder" />
+				<button class="btn btn-success btn-add"><i class="icon-plus icon-white"></i> <span data-i18n="blacklist.add">Add URI to blacklist</span></button>
+			</fieldset>
+		</form>
+	</div>
+
+	<div id="blacklist-table-empty" class="alert alert-info" data-i18n="blacklist.empty">
+		There are no blacklisted URIs on this server.
+	</div>
+
+    <table id="blacklist-table" class="table table-hover table-striped">
+        <thead>
+        <tr>
+            <th data-i18n="blacklist.uri">URI</th>
+            <th></th>
+        </tr>
+        </thead>
+        <tbody>
+        </tbody>
+    </table>
+
+    <div class="well well-small">
+		<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button> &nbsp; 
+    </div>
+
+</script>
+
+<script type="text/html" id="tmpl-blacklist-item">
+	<td>
+		<span class="label label-important"><%- uri %></span>
+	</td>
+
+    <td>
+		<div class="btn-group pull-right">
+    	    <button class="btn btn-danger btn-delete"><i class="icon-trash icon-white"></i> <span data-i18n="common.delete">Delete</span></button>
+		</div>
+    </td>
+
+</script>
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/client.html b/openid-connect-server-webapp/src/main/webapp/resources/template/client.html
new file mode 100644
index 000000000..2a748fefb
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/client.html
@@ -0,0 +1,907 @@
+<!-- 
+ Copyright 2018 The MIT Internet Trust Consortium
+ 
+ Portions copyright 2011-2013 The MITRE Corporation
+ 
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- client -->
+
+<script type="text/html" id="tmpl-client-table-item">
+	<td class="count">
+
+	</td>
+
+    <td>
+
+		<div class="media">
+			<% if (client.logoUri) { %>
+				<span class="pull-left"><img class="media-object client-logo" src="api/clients/<%- client.id %>/logo"></span>
+			<% } %>
+
+			<div class="media-body">
+		        <span class="clientid-substring" title="<%- client.clientId %> (click to display client ID)"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
+			</div>
+			<div>
+				<input type="text" readonly style="cursor: text" class="clientid-full input-xxlarge" value="<%- client.clientId %>" />
+			</div>
+			<div>
+				<% if (client.dynamicallyRegistered) { %>
+					<span class="label label-inverse dynamically-registered"><i class="icon-globe icon-white"></i></span>
+				<% } %>
+				<% if (client.allowIntrospection) { %>
+					<span class="label allow-introspection"><i class="icon-eye-open icon-white"></i></span>
+				<% } %>
+			</div>
+		</div>
+
+
+		<div>
+			<small class="muted" title="<%- hoverCreationDate %>"><i class="icon-time"></i> <span data-i18n="client.client-table.registered">Registered</span> <%- displayCreationDate %></small>
+		</div>
+		<div class="matched text-info">
+			<small><i><span data-i18n="client.client-table.matched-search">Matched search:</span> <span class="label label-matched"></span></i></small>
+		</div>
+    </td>
+
+    <td>
+		<% if (_.isEmpty(client.redirectUris)) { 
+			if (_.contains(client.grantTypes, 'authorization_code') ||
+				_.contains(client.grantTypes, 'implicit')) {
+		%>
+			<div><span class="badge badge-important"><i class="icon-warning-sign icon-white"></i> <span data-i18n="client.client-table.no-redirect">NO REDIRECT URI</span></span></div>
+		<% 		}
+			} else { %>
+		<div><span class="muted">
+			<% for (var i in client.redirectUris) {
+				var uri = $.url(client.redirectUris[i]);
+				if (!uri.attr('protocol')) {
+					%><b class="text-error" title="unknown protocol scheme">?</b><%
+				} else if (uri.attr('protocol') == 'http' && (uri.attr('host') != 'localhost' && uri.attr('host') != '127.0.0.1')) {
+					%><b class="text-error"><%- uri.attr('protocol') %></b>://<%
+				} else if (uri.attr('protocol') != 'https' && uri.attr('protocol') != 'http') {
+					%><span class="text-warning"><%- uri.attr('protocol') %></span>://<%
+				} else {
+					%><span class="text-success"><%- uri.attr('protocol') %></span>://<%
+				}
+			%><b><%- uri.attr('host') %><%- uri.attr('port') ? ':' + uri.attr('port') : ''%></b><%- uri.attr('relative') %>
+				
+			<% } %>
+		</span></div>
+		<% } %>
+		<div class="scope-list"></div>
+		<div class="client-more-info-block"></div>
+    </td>
+
+    <td>
+		<div class="btn-group pull-right">
+        	<button class="btn btn-edit"><i class="icon-edit"></i> <span data-i18n="common.edit">Edit</span></button> &nbsp;
+			<% if (whiteList != null) { %> 
+				<button class="btn btn-warning btn-whitelist"><i class="icon-wrench icon-white"></i> <span data-i18n="client.client-table.whitelist">Whitelist</span></button> &nbsp;
+			<% } else { %>
+				<button class="btn btn-warning btn-whitelist"><i class="icon-plus-sign icon-white"></i> <span data-i18n="client.client-table.whitelist">Whitelist</span></button> &nbsp;
+			<% } %>
+			<button class="btn btn-danger btn-delete"><i class="icon-trash icon-white"></i> <span data-i18n="common.delete">Delete</span></button>
+		</div>
+    </td>
+
+</script>
+
+<script type="text/html" id="tmpl-client-more-info-block">
+					<% if (client.clientDescription || client.clientUri || client.policyUri || client.tosUri || client.contacts != null && client.contacts.length > 0) { %>
+						<div class="muted moreInformationContainer">
+							<% if (client.clientUri || client.policyUri || client.tosUri || client.contacts) { %>
+								<div class="toggleMoreInformation" style="cursor: pointer;">
+									<i class="icon-chevron-right"></i> <small data-i18n="client.more-info.more">more information</small>
+								</div>
+								<div class="moreInformation hide">
+									<%-client.clientDescription%>
+									<ul>
+										<% if (client.clientUri) { %>
+											<li><span data-i18n="client.more-info.home">Home Page:</span> <a href="<%- client.clientUri %>"><%- client.clientUri %></a></li>
+										<% } %>
+										<% if (client.policyUri) { %>
+											<li><span data-i18n="client.more-info.policy">Policy:</span> <a href="<%- client.policyUri %>"><%- client.policyUri %></a></li>
+										<% } %>
+										<% if (client.tosUri) { %>
+											<li><span data-i18n="client.more-info.terms">Terms of Service:</span> <a href="<%- client.tosUri %>"><%- client.tosUri %></a></li>
+										<% } %>
+										<% if (client.contacts != null && client.contacts.length > 0) { %>
+											<li><span data-i18n="client.more-info.contacts">Administrative Contacts:</span> <%- client.contacts.join(', ') %></li>
+										<% } %>
+									</ul>
+								</div>
+							<% } %>
+						</div>
+					<% } %>
+</script>
+
+<script type="text/html" id="tmpl-client-table">
+    <div class="well well-small">
+		<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button> &nbsp;
+        <button class="btn btn-small btn-primary new-client"><i class="icon-plus icon-white"></i> <span data-i18n="client.client-table.new">New Client</span></button>
+		<div class="form-search pull-right">
+			<div class="input-append">
+				<input type="text" class="search-query" placeholder="Search..." data-i18n="[placeholder]client.client-table.search">
+				<button class="btn">&times;</button>
+			</div>
+		</div>
+    </div>
+
+
+	<div id="client-table-search-empty" class="alert alert-warning" data-i18n="client.client-table.no-matches">
+		There are no clients that match your search criteria.
+	</div>
+
+	<div id="client-table-empty" class="alert alert-info" data-i18n="client.client-table.no-clients">
+		There are no registered clients on this server.
+	</div>
+
+	<div class="pagination paginator"></div>
+
+    <table id="client-table" class="table table-hover table-striped">
+        <thead>
+        <tr>
+			<th></th>
+            <th data-i18n="common.client">Client</th>
+            <th data-i18n="common.information">Information</th>
+            <th><i class="icon-edit"></i></th>
+        </tr>
+        </thead>
+        <tbody>
+        </tbody>
+    </table>
+
+	<div class="pagination paginator"></div>
+
+    <div class="well well-small">
+        <button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button> &nbsp;
+        <button class="btn btn-small btn-primary new-client"><i class="icon-plus icon-white"></i> <span data-i18n="client.client-table.new">New Client</span></button>
+    </div>
+</script>
+
+<script type="text/html" id="tmpl-client-form">
+    <% if (client.id == null) { %>
+        <h1 data-i18n="client.client-form.new"></h1>
+    <% } else { %>
+        <h1 data-i18n="client.client-form.edit"></h1>
+    <% } %>
+
+    <form class="form-horizontal tabbable">
+        <fieldset>
+            <div class="well well-small">
+                <button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp; 
+                <button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
+            </div>
+
+				<ul class="nav nav-tabs">
+					<li class="active"><a data-target="#client-main-tab" data-toggle="tab" href="#" data-i18n="client.client-form.main">Main</a></li>
+					<li><a data-target="#client-access-tab" data-toggle="tab" href="#" data-i18n="client.client-form.access">Access</a></li>
+					<li><a data-target="#client-secret-tab" data-toggle="tab" href="#" data-i18n="client.client-form.credentials">Credentials</a></li>
+					<li><a data-target="#client-token-tab" data-toggle="tab" href="#" data-i18n="client.client-form.tokens">Tokens</a></li>
+					<li><a data-target="#client-crypto-tab" data-toggle="tab" href="#" data-i18n="client.client-form.cryptography">Crypto</a></li>
+					<li><a data-target="#client-other-tab" data-toggle="tab" href="#" data-i18n="client.client-form.other">Other</a></li>
+				</ul>
+
+<div class="tab-content">
+	<div class="tab-pane active" id="client-main-tab">
+
+			<div class="control-group" id="createdAt">
+				<label class="control-label" data-i18n="client.client-form.registered">Registered at</label>
+				<div class="controls">
+					<% if (client.createdAt) { %>
+						<%-client.createdAt%>
+					<% } else { %>
+						<span data-i18n="client.client-form.unknown">Unknown</span>
+					<% } %>
+				</div>
+			</div>
+
+            <div class="control-group" id="clientName">
+                <label class="control-label" data-i18n="client.client-form.client-name">Client name</label>
+                <div class="controls">
+                    <input value="<%-client.clientName ? client.clientName : ''%>" maxlength="100" type="text" class="" placeholder="Type something" data-i18n="[placeholder]client.client-form.client-name-placeholder">
+                    <p class="help-block" data-i18n="client.client-form.client-name-help">Human-readable application name</p>
+                </div>
+            </div>
+
+            <div class="control-group" id="clientId">
+                <label class="control-label" data-i18n="client.client-form.client-id">Client ID</label>
+                <div class="controls">
+                    <input value="<%-client.clientId ? client.clientId : ''%>" maxlength="100" type="text" class="" placeholder="Client ID will be generated automatically" data-i18n="[placeholder]client.client-form.client-id-placeholder">
+                    <p class="help-block" data-i18n="client.client-form.client-id-help">Unique identifier. If you leave this blank it will be automatically generated.</p>
+                </div>
+            </div>
+
+            <div class="control-group" id="redirectUris">
+                <label class="control-label" data-i18n="client.client-form.redirect-uris">Redirect URI(s)</label>
+                <div class="controls">
+                </div>
+            </div>
+
+            <div class="control-group" id="clientDescription">
+                <label class="control-label" data-i18n="client.client-form.description">Description</label>
+                <div class="controls">
+                    <textarea class="input-xlarge" placeholder="Type a description" maxlength="200"
+                              rows="3" data-i18n="[placeholder]client.client-form.description-placeholder"><%-client.clientDescription%></textarea>
+                    <p class="help-block" data-i18n="client.client-form.description-help">Human-readable text description</p>
+                </div>
+            </div>
+
+			<div class="control-group" id="logoUri">
+				<label class="control-label" data-i18n="client.client-form.logo">Logo</label>
+				<div class="controls">
+					<input placeholder="https://" value="<%-client.logoUri ? client.logoUri : ''%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.logo-help">URL that points to a logo image, will be displayed on approval page</p>
+				</div>
+			</div>
+
+			<div class="control-group" id="logoBlock">
+				<div class="controls">
+					<img src="resources/images/logo_placeholder.gif" alt="logo" id="logoPreview" width="275px" class="thumbnail" />
+				</div>
+			</div>
+
+			<div class="control-group" id="tosUri">
+				<label class="control-label" data-i18n="client.client-form.terms">Terms of Service</label>
+				<div class="controls">
+					<input placeholder="https://" value="<%-client.tosUri ? client.tosUri : ''%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.terms-help">URL for the Terms of Service of this client, will be displayed to the user</p>
+				</div>
+			</div>
+
+			<div class="control-group" id="policyUri">
+				<label class="control-label" data-i18n="client.client-form.policy">Policy Statement</label>
+				<div class="controls">
+					<input placeholder="https://" value="<%-client.policyUri ? client.policyUri : ''%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.policy-help">URL for the Policy Statement of this client, will be displayed to the user</p>
+				</div>
+			</div>
+
+			<div class="control-group" id="clientUri">
+				<label class="control-label" data-i18n="client.client-form.home">Home Page</label>
+				<div class="controls">
+					<input placeholder="https://" value="<%-client.clientUri ? client.clientUri : ''%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.home-help">URL for the client's home page, will be displayed to the user</p>
+				</div>
+			</div>
+
+           <div class="control-group" id="softwareId">
+                <label class="control-label" data-i18n="client.client-form.software-id">Software ID</label>
+                <div class="controls">
+                    <input value="<%-client.softwareId ? client.softwareId : ''%>" maxlength="100" type="text" class="" placeholder="Type something" data-i18n="[placeholder]client.client-form.software-id-placeholder">
+                    <p class="help-block" data-i18n="client.client-form.software-id-help">Identifier for the software in this client</p>
+                </div>
+            </div>
+
+            <div class="control-group" id="softwareVersion">
+                <label class="control-label" data-i18n="client.client-form.software-version">Software Version</label>
+                <div class="controls">
+                    <input value="<%-client.softwareVersion ? client.softwareVersion : ''%>" maxlength="100" type="text" class="" placeholder="Type something" data-i18n="[placeholder]client.client-form.software-version-placeholder">
+                    <p class="help-block" data-i18n="client.client-form.software-version-help">Version of the software in this client</p>
+                </div>
+            </div>
+
+            <div class="control-group" id="contacts">
+                <label class="control-label" data-i18n="client.client-form.contacts">Contacts</label>
+                <div class="controls">
+                </div>
+            </div>
+
+            <div class="control-group" id="softwareStatement">
+                <label class="control-label" data-i18n="client.client-form.software-statement">Software Statement</label>
+                <div class="controls">
+                    <textarea class="input-xlarge" placeholder="ejy0..." maxlength="4096"
+                              rows="3" data-i18n="[placeholder]client.client-form.software-statement-placeholder"><%-client.softwareStatement%></textarea>
+                    <p class="help-block" data-i18n="client.client-form.software-statement-help">A software statement is issued by a trusted third party and locks certain elements of a client's registration</p>
+                </div>
+            </div>
+
+	</div>
+	
+	<div class="tab-pane" id="client-access-tab">
+
+            <div class="control-group" id="scope">
+                <label class="control-label" data-i18n="common.scope">Scope</label>
+                <div class="controls">
+                </div>
+            </div>
+
+            <div class="control-group" id="grantTypes">
+                <label class="control-label" data-i18n="client.client-form.grant-types">Grant Types</label>
+
+                <div class="controls">
+                    <div>
+                        <input id="grantTypes-authorization_code" <%= heartMode ? 'type="radio" name="grantType"' : 'type="checkbox"' %>
+                            <%-($.inArray("authorization_code", client.grantTypes) > -1 ? 'checked' : '')%>>
+                        <label for="grantTypes-authorization_code" class="checkbox" data-i18n="client.client-form.authorization-code">authorization code</label>
+                    </div>
+
+                    <div>
+                        <input id="grantTypes-client_credentials" <%= heartMode ? 'type="radio" name="grantType"' : 'type="checkbox"' %>
+                            <%-($.inArray("client_credentials", client.grantTypes) > -1 ? 'checked' : '')%>>
+                        <label for="grantTypes-client_credentials" class="checkbox" data-i18n="client.client-form.client-credentials">client credentials</label>
+                    </div>
+
+					<% if (!heartMode) { // disable password on heart mode %>
+                    <div>
+                        <input id="grantTypes-password" type="checkbox"
+                            <%-($.inArray("password", client.grantTypes) > -1 ? 'checked' : '')%>>
+                        <label for="grantTypes-password" class="checkbox" data-i18n="client.client-form.password">password</label>
+                    </div>
+					<% } %>
+
+                    <div>
+                        <input id="grantTypes-implicit" <%= heartMode ? 'type="radio" name="grantType"' : 'type="checkbox"' %>
+                            <%-($.inArray("implicit", client.grantTypes) > -1 ? 'checked' : '')%>> 
+                        <label for="grantTypes-implicit" class="checkbox" data-i18n="client.client-form.implicit">implicit</label>
+                    </div>
+<!--
+                    <div>
+                        <input id="grantTypes-refresh_token" type="checkbox"
+                            <%-($.inArray("refresh_token", client.grantTypes) > -1 ? 'checked' : '')%>> 
+                        <label for="grantTypes-refresh_token" class="checkbox" data-i18n="client.client-form.refresh">refresh</label>
+                    </div>
+-->
+                    <div>
+                        <input id="grantTypes-redelegate" type="checkbox"
+                            <%-($.inArray("urn:ietf:params:oauth:grant_type:redelegate", client.grantTypes) > -1 ? 'checked' : '')%>> 
+                        <label for="grantTypes-redelegate" class="checkbox" data-i18n="client.client-form.redelegation">redelegate</label>
+                    </div>
+ 
+                    <div>
+                        <input id="grantTypes-device" type="checkbox"
+                            <%-($.inArray("urn:ietf:params:oauth:grant-type:device_code", client.grantTypes) > -1 ? 'checked' : '')%>> 
+                        <label for="grantTypes-device" class="checkbox" data-i18n="client.client-form.device">device</label>
+                    </div>
+               </div>
+            </div>
+
+			<div class="control-group" id="responseTypes">
+				<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.response-types">Response Types</span></label>
+
+				<div class="controls">
+                    <div>
+                        <input id="responseTypes-code" type="checkbox" <%-($.inArray("code", client.responseTypes) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-code" class="checkbox">code</label>
+                    </div>
+                    <div>
+                        <input id="responseTypes-token" type="checkbox" <%-($.inArray("token", client.responseTypes) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-token" class="checkbox">token</label>
+                    </div>
+                    <div>
+                        <input id="responseTypes-idtoken" type="checkbox" <%-($.inArray("id_token", client.responseTypes) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-idtoken" class="checkbox">id_token</label>
+                    </div>
+                    <div>
+                        <input id="responseTypes-token-idtoken" type="checkbox" <%-($.inArray("token id_token", client.responseTypes) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-token-idtoken" class="checkbox">token id_token</label>
+                    </div>
+                    <div>
+                        <input id="responseTypes-code-idtoken" type="checkbox" <%-($.inArray("code id_token", client.responseTypes) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-code-idtoken" class="checkbox">code id_token</label>
+                    </div>
+                    <div>
+                        <input id="responseTypes-code-token" type="checkbox" <%-($.inArray("code token", client.responseTypes) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-code-token" class="checkbox">code token</label>
+                    </div>
+                    <div>
+                        <input id="responseTypes-code-token-idtoken" type="checkbox" <%-($.inArray("code token id_token", client.responseTypes) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-code-token-idtoken" class="checkbox">code token id_token</label>
+                    </div>
+				</div>
+			</div>
+
+			<div class="control-group" id="allowIntrospection">
+				<label class="control-label" client.client.form.introspection" data-i18n="client.client-form.introspection">Introspection</label>
+				<div class="controls">
+                    <div>
+                        <label class="checkbox" data-i18n="client.client-form.allow-introspection">Allow calls to the Introspection Endpoint?</label>
+                        <input type="checkbox" <%-(client.allowIntrospection == true ? 'checked' : '')%>>
+                    </div>
+				</div>
+			</div>
+
+			<div class="control-group" id="subjectType">
+				<label class="control-label" data-i18n="client.client-form.subject-type">Subject Type</label>
+				<div class="controls">
+                    <div>
+                        <input id="control-label-public" type="radio" name="subjectType" value="PUBLIC" <%-(client.subjectType == 'PUBLIC' ? 'checked' : '')%>>
+                        <label for="control-label-public" class="radio inline" data-i18n="client.client-form.public">Public</label>
+                        <input id="control-label-pairwise" type="radio" name="subjectType" value="PAIRWISE" <%-(client.subjectType == 'PAIRWISE' ? 'checked' : '')%>>
+                        <label for="control-label-pairwise" class="radio inline" data-i18n="client.client-form.pairwise">Pairwise</label>
+                    </div>
+				</div>
+			</div>
+
+			<div class="control-group" id="sectorIdentifierUri">
+				<label class="control-label" data-i18n="client.client-form.sector-identifier">Sector Identifier URI</label>
+				<div class="controls">
+					<input placeholder="https://" value="<%-client.sectorIdentifierUri ? client.sectorIdentifierUri : ''%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.sector-identifier-help">Sector Identifier for JavaScript</p>
+				</div>
+			</div>
+
+	</div>
+	
+	<div class="tab-pane" id="client-secret-tab">
+
+			<div class="control-group" id="tokenEndpointAuthMethod">
+				<label class="control-label" data-i18n="client.client-form.authentication-method">Token Endpoint Authentication Method</label>
+				<div class="controls">
+					<% if (!heartMode) { %>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodBasic" name="tokenEndpointAuthMethod" value="SECRET_BASIC" <%-((client.tokenEndpointAuthMethod == 'SECRET_BASIC') || (!client.tokenEndpointAuthMethod) ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodBasic" class="radio" data-i18n="client.client-form.secret-http">Client Secret over HTTP Basic</label>
+                    </div>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodPost" name="tokenEndpointAuthMethod" value="SECRET_POST" <%-(client.tokenEndpointAuthMethod == 'SECRET_POST' ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodPost" class="radio" data-i18n="client.client-form.secret-post">Client Secret over HTTP POST</label>
+                    </div>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodSymm" name="tokenEndpointAuthMethod" value="SECRET_JWT" <%-(client.tokenEndpointAuthMethod == 'SECRET_JWT' ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodSymm" class="radio" data-i18n="client.client-form.secret-symmetric-jwt">Client Secret via symmetrically-signed JWT assertion</label>
+                    </div>
+					<% } %>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodAssym" name="tokenEndpointAuthMethod" value="PRIVATE_KEY" <%-((client.tokenEndpointAuthMethod == 'PRIVATE_KEY')  || (heartMode && !client.tokenEndpointAuthMethod) ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodAssym" class="radio" data-i18n="client.client-form.secret-asymmetric-jwt">Asymmetrically-signed JWT assertion</label>
+                    </div>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodNone" name="tokenEndpointAuthMethod" value="NONE" <%-(client.tokenEndpointAuthMethod == 'NONE' ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodNone" class="radio" data-i18n="client.client-form.secret-none">No authentication</label>
+                    </div>
+				</div>
+			</div>
+
+			<div id="clientSecretPanel">
+				<label class="control-label" data-i18n="client.client-form.client-secret">Client Secret</label>
+
+				<div class="control-group" id="generateClientSecret">
+					<div class="controls">
+                        <div>
+                            <input id="clientSecretPanelInput" type="checkbox" <%-(client.generateClientSecret == true ? 'checked' : '')%>>
+                            <label for="clientSecretPanelInput" class="checkbox" data-i18n="client.client-form.generate-new-secret">Generate a new client secret?</label>
+                        </div>
+						<p class="help-block" data-i18n="client.client-form.generate-new-secret-help">New secret will be generated when you click 'Save'</p>
+					</div>
+				</div>
+	
+				<div class="control-group" id="displayClientSecret">
+					<div class="controls">
+                        <div>
+                            <label id="displayClientSecretInput" class="checkbox" data-i18n="client.client-form.display-secret">Display/edit client secret:</label>
+                            <input for="displayClientSecretInput" type="checkbox" <%-(client.displayClientSecret == true ? 'checked' : '')%>>
+                        </div>
+					</div>
+				</div>
+	
+    	        <div class="control-group">
+            	    <div class="controls">
+						<div id="clientSecret" class="span3">
+                	    	<input value="<%-client.clientSecret ? client.clientSecret : ''%>" maxlength="100" type="text" placeholder="Type a secret" data-i18n="[placeholder]client.client-form.client-secret-placeholder">
+						</div>
+						<div id="clientSecretGenerated" class="span3">
+							<span class="uneditable-input" data-i18n="client.client-form.generate-on-save">Generate on Save</span>
+						</div>
+						<div id="clientSecretHidden" class="span3"> 
+							<span class="uneditable-input span3">* * * * * * * * * * * *</span>
+						</div>
+	                </div>
+    	        </div>
+
+			</div>
+
+            <div class="control-group" id="tokenEndpointAuthSigningAlg">
+                <label class="control-label" data-i18n="client.client-form.token-signing-algorithm">Token Endpoint Authentication Signing Algorithm</label>
+                <div class="controls">
+					<select>
+						<option value="default" <%-client.tokenEndpointAuthSigningAlg == null ? 'selected ' : ''%> data-i18n="client.client-form.signing.any">Any allowed</option>
+						<option value="HS256" <%-client.tokenEndpointAuthSigningAlg == "HS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs256">HMAC using SHA-256 hash algorithm</option>
+						<option value="HS384" <%-client.tokenEndpointAuthSigningAlg == "HS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs384">HMAC using SHA-384 hash algorithm</option>
+						<option value="HS512" <%-client.tokenEndpointAuthSigningAlg == "HS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs512">HMAC using SHA-512 hash algorithm</option>
+						<option value="RS256" <%-client.tokenEndpointAuthSigningAlg == "RS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs256">RSASSA using SHA-256 hash algorithm</option>
+						<option value="RS384" <%-client.tokenEndpointAuthSigningAlg == "RS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs384">RSASSA using SHA-384 hash algorithm</option>
+						<option value="RS512" <%-client.tokenEndpointAuthSigningAlg == "RS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs512">RSASSA using SHA-512 hash algorithm</option>
+						<option value="PS256" <%-client.tokenEndpointAuthSigningAlg == "PS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.ps256">RSASSA-PSS using SHA-256 and MGF1 with SHA-256</option>
+						<option value="PS384" <%-client.tokenEndpointAuthSigningAlg == "PS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.ps384">RSASSA-PSS using SHA-384 and MGF1 with SHA-384</option>
+						<option value="PS512" <%-client.tokenEndpointAuthSigningAlg == "PS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.ps512">RSASSA-PSS using SHA-512 and MGF1 with SHA-512</option>
+						<option value="ES256" <%-client.tokenEndpointAuthSigningAlg == "ES256" ? 'selected' : ''%> data-i18n="client.client-form.signing.es256">ECDSA using P-256 curve and SHA-256 hash algorithm</option>
+						<option value="ES384" <%-client.tokenEndpointAuthSigningAlg == "ES384" ? 'selected' : ''%> data-i18n="client.client-form.signing.es384">ECDSA using P-384 curve and SHA-384 hash algorithm</option>
+						<option value="ES512" <%-client.tokenEndpointAuthSigningAlg == "ES512" ? 'selected' : ''%> data-i18n="client.client-form.signing.es512">ECDSA using P-512 curve and SHA-512 hash algorithm</option>
+					</select>
+                </div>
+            </div>
+			
+			<div class="control-group">
+				<label class="control-label" data-i18n="client.client-form.jwk-set">Public Key Set</label>
+				<div class="controls" id="jwkSelector">
+					<div>
+                        <input id="jwkstype-uri" type="radio" name="jwksType" value="URI" <%-(client.jwksType == 'URI' ? 'checked' : '')%>>
+                        <label for="jwkstype-uri" class="radio inline" data-i18n="client.client-form.jwks-by-uri">By URI</label>
+                        <input id="jwkstype-value" type="radio" name="jwksType" value="VAL" <%-(client.jwksType == 'VAL' ? 'checked' : '')%>>
+                        <label for="jwkstype-value" class="radio inline" data-i18n="client.client-form.jwks-by-value">By Value</label>
+					</div>
+				</div>
+				<div class="controls" id="jwksUri">
+					<input placeholder="https://" value="<%-client.jwksUri ? client.jwksUri : ''%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.jwk-set-help">URL for the client's JSON Web Key set (must be reachable by the server)</p>
+				</div>
+				<div class="controls" id="jwks">
+					<textarea  class="input-xlarge" placeholder="{ &quot;keys&quot: [ ] }" maxlength="4000" type="text" rows="8"><%- (client.jwks ? JSON.stringify(client.jwks, null, '  ') : "") %></textarea>
+					<p class="help-block" data-i18n="client.client-form.jwk-set-value-help">Key set value (must be a valid JWK Set formatted key)</p>
+				</div>
+			</div>
+	</div>
+
+	<div class="tab-pane" id="client-token-tab">
+            <div class="control-group" id="accessTokenValidityTime">
+                <label class="control-label" data-i18n="client.client-form.access-token-timeout">Access Token Timeout</label>
+                <div class="controls">
+					<div>
+                        <input type="checkbox" id="disableAccessTokenTimeout" <%-(client.accessTokenValiditySeconds == null ? 'checked' : '')%>/>
+                        <label for="disableAccessTokenTimeout" class="checkbox" data-i18n="client.client-form.access-token-no-timeout">Access tokens do not time out</label>
+					</div>
+                    <div>
+                        <input type="text" class="" value="<%-(client.accessTokenValiditySeconds == null ? '' : client.accessTokenValiditySeconds)%>" id="access-token-timeout-time" size="16" style="width:8em;">
+						<select id="access-token-timeout-unit" style="width:8em;">
+							<option data-i18n="client.client-form.seconds">seconds</option>
+							<option data-i18n="client.client-form.minutes">minutes</option>
+							<option data-i18n="client.client-form.hours">hours</option>
+						</select>
+                    </div>
+                    <p class="help-block" data-i18n="client.client-form.token-timeout-help">Enter this time in seconds, minutes, or hours.</p>
+                </div>
+            </div>
+
+
+            <div class="control-group" id="idTokenValidityTime">
+                <label class="control-label" data-i18n="client.client-form.id-token-timeout">ID Token Timeout</label>
+                <div class="controls">
+                    <div>
+                        <input type="text" class="" value="<%-(client.idTokenValiditySeconds == null ? '' : client.idTokenValiditySeconds)%>" id="id-token-timeout-time" size="16" style="width:8em;">
+						<select id="id-token-timeout-unit" style="width:8em;">
+							<option data-i18n="client.client-form.seconds">seconds</option>
+							<option data-i18n="client.client-form.minutes">minutes</option>
+							<option data-i18n="client.client-form.hours">hours</option>
+						</select>
+                    </div>
+                    <p class="help-block" data-i18n="client.client-form.token-timeout-help">Enter this time in seconds, minutes, or hours.</p>
+                </div>
+            </div>
+
+            <div class="control-group">
+                <label class="control-label" data-i18n="client.client-form.refresh-tokens">Refresh Tokens</label>
+                <div class="controls">
+                    <div>
+                        <input type="checkbox" id="allowRefresh" <%-(client.allowRefresh == true ? 'checked' : '')%>>
+                        <label for="allowRefresh" class="checkbox" data-i18n="client.client-form.refresh-tokens-issued">Refresh tokens are issued for this client</label>
+	                    <p class="help-block" data-i18n="client.client-form.refresh-tokens-issued-help">This will add the offline_access scope to the client's scopes.</p>
+                    </div>
+                </div>
+            </div>
+
+            <div class="control-group" id="refreshTokenValidityTime">
+                <div class="controls">
+					<div>
+                        <input type="checkbox" id="reuseRefreshToken" <%-(client.reuseRefreshToken == true ? 'checked' : '')%>>
+                        <label for="reuseRefreshToken" class="checkbox" data-i18n="client.client-form.refresh-tokens-reused">Refresh tokens for this client are re-used</label>
+					</div>
+					<div>
+                        <input type="checkbox" id="clearAccessTokensOnRefresh" <%-(client.clearAccessTokensOnRefresh == true ? 'checked' : '')%>>
+                        <label for="clearAccessTokensOnRefresh" class="checkbox" data-i18n="client.client-form.clear-access-tokens">Active access tokens are revoked when the refresh token is used</label>
+					</div>
+					<div>
+                        <input type="checkbox" id="disableRefreshTokenTimeout" <%-(client.refreshTokenValiditySeconds == null ? 'checked' : '')%>/> 
+                        <label for="disableRefreshTokenTimeout" class="checkbox" data-i18n="client.client-form.refresh-tokens-no-expire">Refresh tokens do not time out</label>
+					</div>
+                    <div>
+                        <input type="text" class="" value="<%-(client.refreshTokenValiditySeconds == null ? '' : client.refreshTokenValiditySeconds)%>" id="refresh-token-timeout-time" size="16" style="width:8em;">
+						<select id="refresh-token-timeout-unit" style="width:8em;">
+							<option data-i18n="client.client-form.seconds">seconds</option>
+							<option data-i18n="client.client-form.minutes">minutes</option>
+							<option data-i18n="client.client-form.hours">hours</option>
+						</select>
+					</div>
+                    <p class="help-block" data-i18n="client.client-form.token-timeout-help">Enter this time in seconds, minutes, or hours.</p>
+                </div>
+            </div>
+
+            <div class="control-group" id="deviceCodeValidityTime">
+                <label class="control-label" data-i18n="client.client-form.device-code-timeout">Device Code Timeout</label>
+                <div class="controls">
+                    <div>
+                        <input type="text" class="" value="<%-(client.deviceCodeValiditySeconds == null ? '' : client.deviceCodeValiditySeconds)%>" id="device-code-timeout-time" size="16" style="width:8em;">
+						<select id="device-code-timeout-unit" style="width:8em;">
+							<option data-i18n="client.client-form.seconds">seconds</option>
+							<option data-i18n="client.client-form.minutes">minutes</option>
+							<option data-i18n="client.client-form.hours">hours</option>
+						</select>
+                    </div>
+                    <p class="help-block" data-i18n="client.client-form.token-timeout-help">Enter this time in seconds, minutes, or hours.</p>
+                </div>
+            </div>
+
+	</div>
+
+	<div class="tab-pane" id="client-crypto-tab">
+            <div class="control-group" id="requestObjectSigningAlg">
+                <label class="control-label" data-i18n="client.client-form.request-object-signing-algorithm">Request Object Signing Algorithm</label>
+                <div class="controls">
+					<select>
+						<option value="default" <%-client.requestObjectSigningAlg == null ? 'selected ' : ''%> data-i18n="client.client-form.signing.default">Use server default</option>
+						<option value="none" <%-client.requestObjectSigningAlg == "none" ? 'selected' : ''%> data-i18n="client.client-form.signing.none">No digital signature</option>
+						<option value="HS256" <%-client.requestObjectSigningAlg == "HS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs256">HMAC using SHA-256 hash algorithm</option>
+						<option value="HS384" <%-client.requestObjectSigningAlg == "HS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs384">HMAC using SHA-384 hash algorithm</option>
+						<option value="HS512" <%-client.requestObjectSigningAlg == "HS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs512">HMAC using SHA-512 hash algorithm</option>
+						<option value="RS256" <%-client.requestObjectSigningAlg == "RS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs256">RSASSA using SHA-256 hash algorithm</option>
+						<option value="RS384" <%-client.requestObjectSigningAlg == "RS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs384">RSASSA using SHA-384 hash algorithm</option>
+						<option value="RS512" <%-client.requestObjectSigningAlg == "RS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs512">RSASSA using SHA-512 hash algorithm</option>
+						<option value="PS256" <%-client.requestObjectSigningAlg == "PS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.ps256">RSASSA-PSS using SHA-256 and MGF1 with SHA-256</option>
+						<option value="PS384" <%-client.requestObjectSigningAlg == "PS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.ps384">RSASSA-PSS using SHA-384 and MGF1 with SHA-384</option>
+						<option value="PS512" <%-client.requestObjectSigningAlg == "PS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.ps512">RSASSA-PSS using SHA-512 and MGF1 with SHA-512</option>
+						<option value="ES256" <%-client.requestObjectSigningAlg == "ES256" ? 'selected' : ''%> data-i18n="client.client-form.signing.es256">ECDSA using P-256 curve and SHA-256 hash algorithm</option>
+						<option value="ES384" <%-client.requestObjectSigningAlg == "ES384" ? 'selected' : ''%> data-i18n="client.client-form.signing.es384">ECDSA using P-384 curve and SHA-384 hash algorithm</option>
+						<option value="ES512" <%-client.requestObjectSigningAlg == "ES512" ? 'selected' : ''%> data-i18n="client.client-form.signing.es512">ECDSA using P-512 curve and SHA-512 hash algorithm</option>
+					</select>
+                </div>
+            </div>
+			
+            <div class="control-group" id="userInfoSignedResponseAlg">
+                <label class="control-label" data-i18n="client.client-form.user-info-signing-algorithm">User Info Endpoint Signing Algorithm</label>
+                <div class="controls">
+					<select>
+						<option value="default" <%-client.userInfoSignedResponseAlg == null ? 'selected ' : ''%> data-i18n="client.client-form.signing.default">Use server default</option>
+						<option value="none" <%-client.userInfoSignedResponseAlg == "none" ? 'selected' : ''%> data-i18n="client.client-form.signing.none">No digital signature</option>
+						<option value="HS256" <%-client.userInfoSignedResponseAlg == "HS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs256">HMAC using SHA-256 hash algorithm</option>
+						<option value="HS384" <%-client.userInfoSignedResponseAlg == "HS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs384">HMAC using SHA-384 hash algorithm</option>
+						<option value="HS512" <%-client.userInfoSignedResponseAlg == "HS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs512">HMAC using SHA-512 hash algorithm</option>
+						<option value="RS256" <%-client.userInfoSignedResponseAlg == "RS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs256">RSASSA using SHA-256 hash algorithm</option>
+						<option value="RS384" <%-client.userInfoSignedResponseAlg == "RS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs384">RSASSA using SHA-384 hash algorithm</option>
+						<option value="RS512" <%-client.userInfoSignedResponseAlg == "RS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs512">RSASSA using SHA-512 hash algorithm</option>
+						<option value="PS256" <%-client.userInfoSignedResponseAlg == "PS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.ps256">RSASSA-PSS using SHA-256 and MGF1 with SHA-256</option>
+						<option value="PS384" <%-client.userInfoSignedResponseAlg == "PS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.ps384">RSASSA-PSS using SHA-384 and MGF1 with SHA-384</option>
+						<option value="PS512" <%-client.userInfoSignedResponseAlg == "PS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.ps512">RSASSA-PSS using SHA-512 and MGF1 with SHA-512</option>
+						<option value="ES256" <%-client.userInfoSignedResponseAlg == "ES256" ? 'selected' : ''%> data-i18n="client.client-form.signing.es256">ECDSA using P-256 curve and SHA-256 hash algorithm</option>
+						<option value="ES384" <%-client.userInfoSignedResponseAlg == "ES384" ? 'selected' : ''%> data-i18n="client.client-form.signing.es384">ECDSA using P-384 curve and SHA-384 hash algorithm</option>
+						<option value="ES512" <%-client.userInfoSignedResponseAlg == "ES512" ? 'selected' : ''%> data-i18n="client.client-form.signing.es512">ECDSA using P-512 curve and SHA-512 hash algorithm</option>
+					</select>
+                </div>
+            </div>
+			
+			<div class="control-group" id="userInfoEncryptedResponseAlg">
+                <label class="control-label" data-i18n="client.client-form.user-info-crypto-algorithm">User Info Endpoint Encryption Algorithm</label>
+                <div class="controls">
+					<select>
+						<option value="default" <%-client.userInfoEncryptedResponseAlg == null ? 'selected ' : ''%> data-i18n="client.client-form.crypto.default">Use server default</option>
+						<option value="none" <%-client.userInfoEncryptedResponseAlg == "none" ? 'selected' : ''%> data-i18n="client.client-form.crypto.none">No encryption</option>
+						<option value="RSA1_5" <%-client.userInfoEncryptedResponseAlg == "RSA1_5" ? 'selected' : ''%> data-i18n="client.client-form.crypto.rsa1-5">RSAES-PKCS1-V1_5</option>
+						<option value="RSA-OAEP" <%-client.userInfoEncryptedResponseAlg == "RSA-OAEP" ? 'selected' : ''%> data-i18n="client.client-form.crypto.rsa-oaep">RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
+						<option value="A128KW" <%-client.userInfoEncryptedResponseAlg == "A128KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a128kw">AES Key Wrap Algorithm using 128 bit keys </option>
+						<option value="A256KW" <%-client.userInfoEncryptedResponseAlg == "A256KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a256kw">AES Key Wrap Algorithm using 256 bit keys</option>
+						<option value="dir" <%-client.userInfoEncryptedResponseAlg == "dir" ? 'selected' : ''%> data-i18n="client.client-form.crypto.dir">Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
+						<option value="ECDH-ES" <%-client.userInfoEncryptedResponseAlg == "ECDH-ES" ? 'selected' : ''%> data-i18n="client.client-form.crypto.ecdh-es">Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
+						<option value="ECDH-ES+A128KW" <%-client.userInfoEncryptedResponseAlg == "ECDH-ES+A128KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.ecdh-es-a128kw">Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
+						<option value="ECDH-ES+A256KW" <%-client.userInfoEncryptedResponseAlg == "ECDH-ES+A256KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.ecdh-es-a256kw">Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
+					</select>
+				</div>
+			</div>
+
+			<div class="control-group" id="userInfoEncryptedResponseEnc">
+                <label class="control-label" data-i18n="client.client-form.user-info-crypto-method">User Info Endpoint Encryption Method</label>
+                <div class="controls">
+					<select>
+						<option value="default" <%-client.userInfoEncryptedResponseEnc == null ? 'selected ' : ''%> data-i18n="client.client-form.crypto.default">Use server default</option>
+						<option value="none" <%-client.userInfoEncryptedResponseEnc == "none" ? 'selected' : ''%> data-i18n="client.client-form.crypto.none">No encryption</option>
+						<option value="A128CBC+HS256" <%-client.userInfoEncryptedResponseEnc == "A128CBC+HS256" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a128cbc-hs256">Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
+						<option value="A256CBC+HS512" <%-client.userInfoEncryptedResponseEnc == "A256CBC+HS512" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a256cbc-hs512">Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
+						<option value="A128GCM" <%-client.userInfoEncryptedResponseEnc == "A128GCM" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a128gcm">AES GCM using 128 bit keys</option>
+						<option value="A256GCM" <%-client.userInfoEncryptedResponseEnc == "A256GCM" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a256gcm">AES GCM using 256 bit keys</option>
+					</select>
+				</div>
+			</div>
+
+            <div class="control-group" id="idTokenSignedResponseAlg">
+                <label class="control-label" data-i18n="client.client-form.id-token-signing-algorithm">ID Token Signing Algorithm</label>
+                <div class="controls">
+					<select>
+						<option value="default" <%-client.idTokenSignedResponseAlg == null ? 'selected ' : ''%> data-i18n="client.client-form.signing.default">Use server default</option>
+						<option value="none" <%-client.idTokenSignedResponseAlg == "none" ? 'selected' : ''%> data-i18n="client.client-form.signing.none">No digital signature</option>
+						<option value="HS256" <%-client.idTokenSignedResponseAlg == "HS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs256">HMAC using SHA-256 hash algorithm</option>
+						<option value="HS384" <%-client.idTokenSignedResponseAlg == "HS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs384">HMAC using SHA-384 hash algorithm</option>
+						<option value="HS512" <%-client.idTokenSignedResponseAlg == "HS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs512">HMAC using SHA-512 hash algorithm</option>
+						<option value="RS256" <%-client.idTokenSignedResponseAlg == "RS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs256">RSASSA using SHA-256 hash algorithm</option>
+						<option value="RS384" <%-client.idTokenSignedResponseAlg == "RS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs384">RSASSA using SHA-384 hash algorithm</option>
+						<option value="RS512" <%-client.idTokenSignedResponseAlg == "RS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs512">RSASSA using SHA-512 hash algorithm</option>
+						<option value="PS256" <%-client.idTokenSignedResponseAlg == "PS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.ps256">RSASSA-PSS using SHA-256 and MGF1 with SHA-256</option>
+						<option value="PS384" <%-client.idTokenSignedResponseAlg == "PS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.ps384">RSASSA-PSS using SHA-384 and MGF1 with SHA-384</option>
+						<option value="PS512" <%-client.idTokenSignedResponseAlg == "PS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.ps512">RSASSA-PSS using SHA-512 and MGF1 with SHA-512</option>
+						<option value="ES256" <%-client.idTokenSignedResponseAlg == "ES256" ? 'selected' : ''%> data-i18n="client.client-form.signing.es256">ECDSA using P-256 curve and SHA-256 hash algorithm</option>
+						<option value="ES384" <%-client.idTokenSignedResponseAlg == "ES384" ? 'selected' : ''%> data-i18n="client.client-form.signing.es384">ECDSA using P-384 curve and SHA-384 hash algorithm</option>
+						<option value="ES512" <%-client.idTokenSignedResponseAlg == "ES512" ? 'selected' : ''%> data-i18n="client.client-form.signing.es512">ECDSA using P-512 curve and SHA-512 hash algorithm</option>
+					</select>
+                </div>
+            </div>
+			
+			<div class="control-group" id="idTokenEncryptedResponseAlg">
+                <label class="control-label" data-i18n="client.client-form.id-token-crypto-algorithm">ID Token Encryption Algorithm</label>
+                <div class="controls">
+					<select>
+						<option value="default" <%-client.idTokenEncryptedResponseAlg == null ? 'selected ' : ''%> data-i18n="client.client-form.crypto.default">Use server default</option>
+						<option value="none" <%-client.idTokenEncryptedResponseAlg == "none" ? 'selected' : ''%> data-i18n="client.client-form.crypto.none">No encryption</option>
+						<option value="RSA1_5" <%-client.idTokenEncryptedResponseAlg == "RSA1_5" ? 'selected' : ''%> data-i18n="client.client-form.crypto.rsa1-5">RSAES-PKCS1-V1_5</option>
+						<option value="RSA-OAEP" <%-client.idTokenEncryptedResponseAlg == "RSA-OAEP" ? 'selected' : ''%> data-i18n="client.client-form.crypto.rsa-oaep">RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
+						<option value="A128KW" <%-client.idTokenEncryptedResponseAlg == "A128KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a128kw">Advanced Encryption Standard (AES) Key Wrap Algorithm using 128 bit keys </option>
+						<option value="A256KW" <%-client.idTokenEncryptedResponseAlg == "A256KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a256kw">AES Key Wrap Algorithm using 256 bit keys</option>
+						<option value="dir" <%-client.idTokenEncryptedResponseAlg == "dir" ? 'selected' : ''%> data-i18n="client.client-form.crypto.dir">Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
+						<option value="ECDH-ES" <%-client.idTokenEncryptedResponseAlg == "ECDH-ES" ? 'selected' : ''%> data-i18n="client.client-form.crypto.ecdh-es">Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
+						<option value="ECDH-ES+A128KW" <%-client.idTokenEncryptedResponseAlg == "ECDH-ES+A128KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.ecdh-es-a128kw">Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
+						<option value="ECDH-ES+A256KW" <%-client.idTokenEncryptedResponseAlg == "ECDH-ES+A256KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.ecdh-es-a256kw">Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
+					</select>
+				</div>
+			</div>
+
+			<div class="control-group" id="idTokenEncryptedResponseEnc">
+                <label class="control-label" data-i18n="client.client-form.id-token-crypto-method">ID Token Encryption Method</label>
+                <div class="controls">
+					<select>
+						<option value="default" <%-client.idTokenEncryptedResponseEnc == null ? 'selected ' : ''%> data-i18n="client.client-form.crypto.default">Use server default</option>
+						<option value="none" <%-client.idTokenEncryptedResponseEnc == "none" ? 'selected' : ''%> data-i18n="client.client-form.crypto.none">No encryption</option>
+						<option value="A128CBC+HS256" <%-client.idTokenEncryptedResponseEnc == "A128CBC+HS256" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a128cbc-hs256">Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
+						<option value="A256CBC+HS512" <%-client.idTokenEncryptedResponseEnc == "A256CBC+HS512" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a256cbc-hs512">Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
+						<option value="A128GCM" <%-client.idTokenEncryptedResponseEnc == "A128GCM" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a128gcm">AES GCM using 128 bit keys</option>
+						<option value="A256GCM" <%-client.idTokenEncryptedResponseEnc == "A256GCM" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a256gcm">AES GCM using 256 bit keys</option>
+					</select>
+				</div>
+			</div>
+
+            <div class="control-group" id="codeChallengeMethod">
+                <label class="control-label" data-i18n="client.client-form.code-challenge-method">Proof Key for Code Exchange (PKCE) Code Challenge Method</label>
+                <div class="controls">
+					<select>
+						<option value="default" <%-client.codeChallengeMethod == null ? 'selected ' : ''%> data-i18n="client.client-form.code-challenge-none">No code challenge</option>
+						<option value="plain" <%-client.codeChallengeMethod == "plain" ? 'selected' : ''%> data-i18n="client.client-form.code-challenge-plain">Plain code challenge</option>
+						<option value="S256" <%-client.codeChallengeMethod == "S256" ? 'selected' : ''%> data-i18n="client.client-form.code-challenge-s256">SHA-256 hash algorithm</option>
+					</select>
+                </div>
+            </div>
+			
+	</div>
+
+	<div class="tab-pane" id="client-other-tab">
+
+			<div class="control-group" id="initiateLoginUri">
+				<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.initiate-login">Initiate Login</span></label>
+				<div class="controls">
+					<input placeholder="https://" value="<%-client.initiateLoginUri ? client.initiateLoginUri : ''%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.initiate-login-help">URL to initiate login on the client</p>
+				</div>
+			</div>
+
+            <div class="control-group" id="claimsRedirectUris">
+                <label class="control-label" data-i18n="client.client-form.claims-redirect-uris">Claims Redirect URI(s)</label>
+                <div class="controls">
+                </div>
+            </div>
+
+			<div class="control-group" id="postLogoutRedirectUris">
+				<label class="control-label"><span data-i18n="client.client-form.post-logout">Post-Logout Redirect</span></label>
+				<div class="controls">
+				</div>
+			</div>
+
+
+            <div class="control-group" id="requireAuthTime">
+                <label class="control-label" data-i18n="client.client-form.require-auth-time">Require Authentication Time</label>
+                <div class="controls">
+                    <div>
+                        <input type="checkbox" <%-(client.requireAuthTime == true ? 'checked' : '')%>/>
+                        <label class="checkbox" data-i18n="client.client-form.require-auth-time-label">Always require that the auth_time claim be sent in the id token</label>
+                    </div>
+                </div>
+            </div>
+
+			<div class="control-group" id="defaultMaxAge">
+				<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.max-age">Default Max Age</span></label>
+				<div class="controls">
+					<input placeholder="" value="<%-client.defaultMaxAge ? client.defaultMaxAge : ''%>" maxlength="10" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.max-age-help">Default maximum session age before re-prompting</p>
+				</div>
+			</div>
+
+            <div class="control-group" id="requestUris">
+                <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.request-uri">Request URIs</span></label>
+                <div class="controls">
+                </div>
+            </div>
+
+            <div class="control-group" id="defaultAcrValues">
+                <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.acr-values">Default ACR Values</span></label>
+                <div class="controls">
+                </div>
+            </div>			
+
+			<div class="control-group" id="applicationType">
+				<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.type">Application Type</span></label>
+				<div class="controls">
+                    <div>
+                    <input id="app-type-native" type="radio" name="applicationType" value="NATIVE" <%-(client.applicationType == 'NATIVE' ? 'checked' : '')%>>
+                    <label for="app-type-native" class="radio inline" data-i18n="client.client-form.type-native">Native</label>
+                    <input id="app-type-web" type="radio" name="applicationType" value="WEB" <%-(client.applicationType == 'WEB' ? 'checked' : '')%>>
+                    <label for="app-type-web" class="radio inline" data-i18n="client.client-form.type-web">Web</label>
+                    </div>
+				</div>
+			</div>
+			
+ 	</div>
+
+
+
+            <div class="well well-small">
+                <button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp; 
+                <button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
+            </div>
+
+        </fieldset>
+    </form>
+
+</script>
+
+<script type="text/html" id="tmpl-client-saved">
+
+	<div>
+		<strong><span data-i18n="client.client-form.id">ID:</span></strong> <input type="text" readonly style="cursor: text" class="token-full input-xxlarge" value="<%- clientId %>" />
+	</div>
+	<% if (secretChanged) { %>
+	<div>
+		<strong><span data-i18n="client.client-form.saved.secret">Secret:</span></strong> <button class="btn btn-mini" id="clientSaveShow" data-i18n="client.client-form.saved.show-secret">Show Secret</button>
+		<input type="text" id="savedClientSecret" readonly style="cursor: text" class="token-full input-xxlarge" value="<%- clientSecret %>" />
+	</div>
+	<% } else if (clientSecret == null || clientSecret == '') { %>
+	<div>
+		<i><span data-i18n="client.client-form.saved.no-secret">No client secret</span></i>
+	</div>
+	<% } else { %>
+	<div>
+		<strong><span data-i18n="client.client-form.saved.secret">Secret:</span></strong> <i><span data-i18n="client.client-form.saved.unchanged">unchanged</span></i>
+	</div>
+	<% } %>
+
+</script>
+
+<script type="text/html" id="tmpl-client-registration-token">
+
+	<div>
+		<strong><span data-i18n="client.client-form.id">ID:</span></strong> <input type="text" readonly style="cursor: text" class="token-full input-xxlarge" value="<%- clientId %>" />
+
+	</div>
+	<div>
+		<strong><span data-i18n="client.client-form.registration-token">Registration Token:</span></strong>
+		<input type="text" id="registrationToken" readonly style="cursor: text" class="token-full input-xxlarge" value="<%- registrationToken %>" />
+	</div>
+
+	<div>
+		<button class="btn btn-warning" id="rotate-token"><i class="icon-retweet icon-white"></i> <span data-i18n="client.client-form.rotate-registration-token">Rotate registration token</span></button>
+	</div>
+
+</script>
+
+<script type="text/html" id="tmpl-client-count">
+		<% if (count == 0) { %>
+			<span class="label label-important">0</span>
+		<% } else if (count != null) { %>
+			<span class="label label-info"><%- count %></span>
+		<% } else { %>
+			<span class="label label-warning">?</span>
+		<% } %>
+</script>
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html b/openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html
new file mode 100644
index 000000000..eda228006
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/dynreg.html
@@ -0,0 +1,621 @@
+<!-- 
+ Copyright 2018 The MIT Internet Trust Consortium
+ 
+ Portions copyright 2011-2013 The MITRE Corporation
+ 
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- self-service dynamic registration -->
+
+<script type="text/html" id="tmpl-dynreg">
+
+<div class="row-fluid">
+
+<div class="span6 well">
+	<h2 data-i18n="dynreg.new-client">Register a new client</h2>
+	<p data-i18n="dynreg.new-client-help">Use this form to register a new client with the authorization server. You will be given a client ID and a registration access token to manage your client.</p>
+	<button class="btn btn-success" id="newreg"><i class="icon-plus icon-white"></i> <span data-i18n="dynreg.new-client-button">New Client</span></button>
+</div>
+<div class="span6 well">
+	<h2 data-i18n="dynreg.edit-existing">Edit an existing client</h2>
+	<p class="help-block" data-i18n="dynreg.edit-existing-help">Use this form to edit a previously-registered client. Paste in your client ID and registration access token to access the client.</p>
+
+	<input type="text" id="clientId" placeholder="Enter Client ID" data-i18n="[placeholder]dynreg.client-id-placeholder"> 
+	<input type="text" id="regtoken" placeholder="Enter Registration Access Token" data-i18n="[placeholder]dynreg.regtoken-placeholder"> 
+	<button class="btn btn-info" id="editreg"><i class="icon-edit icon-white"></i> <span data-i18n="dynreg.edit-existing-button">Edit Client</span></button>
+</div>
+
+</script>
+
+
+<script type="text/html" id="tmpl-dynreg-client-form">
+
+    <% if (client.client_id == null) { %>
+        <h1 data-i18n="client.client-form.new"></h1>
+    <% } else { %>
+        <h1 data-i18n="client.client-form.edit"></h1>
+    <% } %>
+
+
+    <form class="form-horizontal tabbable">
+        <fieldset>
+            <div class="well well-small">
+                <button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp; 
+                <button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
+				<% if (client.client_id) { %>
+				<button class="btn btn-small btn-danger btn-delete pull-right"><i class="icon-trash icon-white"></i> <span data-i18n="common.delete">Delete</span></button>
+				<% } %>
+            </div>
+
+				<ul class="nav nav-tabs">
+                    <li class="active"><a data-target="#client-main-tab" data-toggle="tab" href="#" data-i18n="client.client-form.main">Main</a></li>
+                    <li><a data-target="#client-access-tab" data-toggle="tab" href="#" data-i18n="client.client-form.access">Access</a></li>
+                    <li><a data-target="#client-secret-tab" data-toggle="tab" href="#" data-i18n="client.client-form.credentials">Credentials</a></li>
+                    <li><a data-target="#client-crypto-tab" data-toggle="tab" href="#" data-i18n="client.client-form.cryptography">Crypto</a></li>
+                    <li><a data-target="#client-other-tab" data-toggle="tab" href="#" data-i18n="client.client-form.other">Other</a></li>
+                    <li><a data-target="#client-json-tab" data-toggle="tab" href="#">JSON</a></li>
+				</ul>
+
+<div class="tab-content">
+	<div class="tab-pane active" id="client-main-tab">
+
+		<div class="well">
+
+			<% if (client.client_id) { %>
+			<div class="control-group">
+				<div class="controls">
+					<div class="alert alert-error" data-i18n="[html]dynreg.warning">
+						<strong>Warning!</strong> You MUST protect your <b>Client ID</b>, <b>Client Secret (if provided)</b>, and your <b>Registration Access Token</b>. 
+						If you lose your Client ID or Registration Access Token, you will no longer have access to your client's registration
+						records and you will need to register a new client.
+					</div>
+				</div>
+			</div>
+            <% } %>
+
+            <div class="control-group" id="clientId">
+                <label class="control-label" data-i18n="client.client-form.client-id">Client ID</label>
+                <div class="controls">
+                <% if (client.client_id) { %>
+                    <pre><%-client.client_id%></pre>
+                <% } else { %>
+                    <code data-i18n="dynreg.will-be-generated">Will be generated</code>
+                <% } %>
+                </div>
+            </div>
+
+			<div class="control-group" id="requireClientSecret">
+				<label class="control-label" data-i18n="client.client-form.client-secret">Client Secret</label>
+    	        <div class="control-group">
+            	    <div class="controls">
+						<% if (client.client_id) { %>
+							<% if (client.client_secret) { %>
+								<pre><%- client.client_secret %></pre>
+							<% } else { %>
+								<% if (client.token_endpoint_auth_method == 'none') { %>
+									<pre>None (public client)</pre>
+								<% } else if (client.token_endpoint_auth_method == 'private_key_jwt') { %>
+									<pre>None (private key authentication)</pre>
+								<% } else { %>
+									<p class="text-error"><b>Unknown error:</b> no client secret and unknown auth method.</p>
+								<% } %>
+							<% } %>
+						<% } else { %>
+                            <code data-i18n="dynreg.will-be-generated">Will be generated</code>
+						<% } %>
+	                </div>
+    	        </div>
+			</div>
+
+            <div class="control-group" id="clientConfigurationUri">
+                <label class="control-label" data-i18n="dynreg.configuration-url">Client Configuration URL</label>
+                <div class="controls">
+                <% if (client.registration_client_uri) { %>
+                    <pre><%-client.registration_client_uri%></pre>
+                <% } else { %>
+                    <code data-i18n="dynreg.will-be-generated">Will be generated</code>
+                <% } %>
+                </div>
+            </div>
+
+            <div class="control-group" id="registrationAccessToken">
+                <label class="control-label" data-i18n="client.client-form.registration-access-token">Registration Access Token</label>
+                <div class="controls">
+                <% if (client.registration_access_token) { %>
+                    <pre><%-client.registration_access_token%></pre>
+                <% } else { %>
+                    <code data-i18n="dynreg.will-be-generated">Will be generated</code>
+                <% } %>
+                </div>
+            </div>
+		</div>
+
+            <div class="control-group" id="clientName">
+                <label class="control-label" data-i18n="client.client-form.client-name">Client name</label>
+                <div class="controls">
+                    <input value="<%-client.client_name ? client.client_name : ''%>" maxlength="100" type="text" class="" placeholder="Type something">
+                    <p class="help-block" data-i18n="client.client-form.client-name-help">Human-readable application name</p>
+                </div>
+            </div>
+
+            <div class="control-group" id="redirectUris">
+                <label class="control-label" data-i18n="client.client-form.redirect-uris">Redirect URI(s)</label>
+                <div class="controls">
+                </div>
+            </div>
+
+			<div class="control-group" id="logoUri">
+				<label class="control-label" data-i18n="client.client-form.logo">Logo</label>
+				<div class="controls">
+					<input placeholder="https://" value="<%-client.logo_uri ? client.logo_uri : ''%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.logo-help">URL that points to a logo image, will be displayed on approval page</p>
+				</div>
+			</div>
+
+			<div class="control-group" id="logoBlock">
+				<div class="controls">
+					<img src="resources/images/logo_placeholder.gif" alt="logo" id="logoPreview" width="275px" class="thumbnail" />
+				</div>
+			</div>
+
+			<div class="control-group" id="tosUri">
+				<label class="control-label" data-i18n="client.client-form.terms">Terms of Service</label>
+				<div class="controls">
+					<input placeholder="https://" value="<%-client.tos_uri ? client.tos_uri : ''%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.terms-help">URL for the Terms of Service of this client, will be displayed to the user</p>
+				</div>
+			</div>
+
+			<div class="control-group" id="policyUri">
+				<label class="control-label" data-i18n="client.client-form.policy">Policy</label>
+				<div class="controls">
+					<input placeholder="https://" value="<%-client.policy_uri ? client.policy_uri : ''%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.policy-help">URL for the Policy Statement of this client, will be displayed to the user</p>
+				</div>
+			</div>
+
+			<div class="control-group" id="clientUri">
+				<label class="control-label" data-i18n="client.client-form.home">Home Page</label>
+				<div class="controls">
+					<input placeholder="https://" value="<%-client.client_uri ? client.client_uri : ''%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.home-help">URL for the client's home page, will be displayed to the user</p>
+				</div>
+			</div>
+
+           <div class="control-group" id="softwareId">
+                <label class="control-label" data-i18n="client.client-form.software-id">Software ID</label>
+                <div class="controls">
+                    <input value="<%-client.software_id ? client.software_id : '' %>" maxlength="100" type="text" class="" placeholder="Type something" data-i18n="[placeholder]client.client-form.software-id-placeholder">
+                    <p class="help-block" data-i18n="client.client-form.software-id-help">Identifier for the software in this client</p>
+                </div>
+            </div>
+
+            <div class="control-group" id="softwareVersion">
+                <label class="control-label" data-i18n="client.client-form.software-version">Software Version</label>
+                <div class="controls">
+                    <input value="<%-client.software_version ? client.sofware_version : ''%>" maxlength="100" type="text" class="" placeholder="Type something" data-i18n="[placeholder]client.client-form.software-version-placeholder">
+                    <p class="help-block" data-i18n="client.client-form.software-version-help">Version of the software in this client</p>
+                </div>
+            </div>
+
+            <div class="control-group" id="contacts">
+                <label class="control-label" data-i18n="client.client-form.contacts">Contacts</label>
+                <div class="controls">
+					<p class="help-block" data-i18n="client.client-form.contacts-help">List of contacts for adminstrators of this client.</p>
+					<div></div>
+                </div>
+            </div>
+            <div class="control-group" id="softwareStatement">
+                <label class="control-label" data-i18n="client.client-form.software-statement">Software Statement</label>
+                <div class="controls">
+                    <textarea class="input-xlarge" placeholder="ejy0..." maxlength="4096"
+                              rows="3" data-i18n="[placeholder]client.client-form.software-statement-placeholder"><%-client.software_statement%></textarea>
+                    <p class="help-block" data-i18n="client.client-form.software-statement-help">A software statement is issued by a trusted third party and locks certain elements of a client's registration</p>
+                </div>
+            </div>
+
+	</div>
+	
+	<div class="tab-pane" id="client-access-tab">
+
+            <div class="control-group" id="scope">
+                <label class="control-label" data-i18n="common.scope">Scope</label>
+                <div class="controls">
+                </div>
+            </div>
+
+            <div class="control-group" id="grantTypes">
+                <label class="control-label" data-i18n="client.clien-form.grant-types">Grant Types</label>
+
+                <div class="controls">
+                    <div>
+                        <input id="grantTypes-authorization_code" type="radio" name="grantTypes"
+                            <%-($.inArray("authorization_code", client.grant_types) > -1 ? 'checked' : '')%>>
+                        <label for="grantTypes-authorization_code" class="radio" data-i18n="client.client-form.authorization-code">authorization code</label>
+                    </div>
+
+                    <div>
+                        <input id="grantTypes-client_credentials" type="radio" name="grantTypes"
+                            <%-($.inArray("client_credentials", client.grant_types) > -1 ? 'checked' : '')%>>
+                        <label for="grantTypes-client_credentials" class="radio" data-i18n="client.client-form.client-credentials">client credentials</label>
+                    </div>
+
+                    <div>
+                        <input id="grantTypes-implicit" type="radio" name="grantTypes"
+                            <%-($.inArray("implicit", client.grant_types) > -1 ? 'checked' : '')%>> 
+                        <label for="grantTypes-implicit" class="radio" data-i18n="client.client-form.implicit">implicit</label>
+                    </div>
+
+                    <div>
+                        <input id="grantTypes-redelegate" type="checkbox" name="grantTypes"
+                            <%-($.inArray("urn:ietf:params:oauth:grant_type:redelegate", client.grant_types) > -1 ? 'checked' : '')%>> 
+                        <label for="grantTypes-redelegate" class="checkbox" data-i18n="client.client-form.redelegation">redelegate</label>
+                    </div>
+
+                    <div>
+                        <input id="grantTypes-refresh_token" type="checkbox" name="grantTypes"
+                            <%-($.inArray("refresh_token", client.grant_types) > -1 ? 'checked' : '')%>> 
+                        <label for="grantTypes-refresh_token" class="checkbox" data-i18n="client.client-form.refresh">refresh</label>
+                    </div>
+                </div>
+            </div>
+
+			<div class="control-group" id="responseTypes">
+				<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Response Types</label>
+
+				<div class="controls">
+                    <div>
+                        <input id="responseTypes-code" type="checkbox" <%-($.inArray("code", client.response_types) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-code" class="checkbox">code</label>
+                    </div>
+                    <div>
+                        <input id="responseTypes-token" type="checkbox" <%-($.inArray("token", client.response_types) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-token" class="checkbox">token</label>
+                    </div>
+                    <div>
+                        <input id="responseTypes-idtoken" type="checkbox" <%-($.inArray("id_token", client.response_types) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-idtoken" class="checkbox">id_token</label>
+                    </div>
+                    <div>
+                        <input id="responseTypes-token-idtoken" type="checkbox" <%-($.inArray("token id_token", client.response_types) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-token-idtoken" class="checkbox">token id_token</label>
+                    </div>
+                    <div>
+                        <input id="responseTypes-code-idtoken" type="checkbox" <%-($.inArray("code id_token", client.response_types) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-code-idtoken" class="checkbox">code id_token</label>
+                    </div>
+                    <div>
+                        <input id="responseTypes-code-token" type="checkbox" <%-($.inArray("code token", client.response_types) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-code-token" class="checkbox">code token</label>
+                    </div>
+                    <div>
+                        <input id="responseTypes-code-token-idtoken" type="checkbox" <%-($.inArray("code token id_token", client.response_types) > -1 ? 'checked' : '')%>>
+                        <label for="responseTypes-code-token-idtoken" class="checkbox">code token id_token</label>
+                    </div>
+				</div>
+			</div>
+
+			<div class="control-group" id="subjectType">
+				<label class="control-label" data-i18n="client.client-form.subject-type">Subject Type</label>
+				<div class="controls">
+                    <div>
+                        <input id="control-label-public" type="radio" name="subjectType" value="PUBLIC" <%-(client.subject_type == 'PUBLIC' ? 'checked' : '')%>>
+                        <label for="control-label-public" class="radio inline" data-i18n="client.client-form.public">Public</label>
+                        <input id="control-label-pairwise" type="radio" name="subjectType" value="PAIRWISE" <%-(client.subject_type == 'PAIRWISE' ? 'checked' : '')%>>
+                        <label for="control-label-pairwise" class="radio inline" data-i18n="client.client-form.pairwise">Pairwise</label>
+                    </div>
+				</div>
+			</div>
+
+			<div class="control-group" id="sectorIdentifierUri">
+				<label class="control-label" data-i18n="client.client-form.sector-identifier">Sector Identifier URI</label>
+				<div class="controls">
+					<input placeholder="https://" value="<%-client.sector_identifier_uri ? client.sector_identifier_uri : ''%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.sector-identifier-help">Sector Identifier for JavaScript</p>
+				</div>
+			</div>
+
+	</div>
+	
+	<div class="tab-pane" id="client-secret-tab">
+
+			<div class="control-group" id="tokenEndpointAuthMethod">
+				<label class="control-label" data-i18n="client.client-form.authentication-method">Token Endpoint Authentication Method</label>
+				<div class="controls">
+					<% if (!heartMode) { %>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodBasic" name="tokenEndpointAuthMethod" value="client_secret_basic" <%-(client.token_endpoint_auth_method == 'client_secret_basic' ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodBasic" class="radio" data-i18n="client.client-form.secret-http">Client Secret over HTTP Basic</label>
+                    </div>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodPost" name="tokenEndpointAuthMethod" value="client_secret_post" <%-(client.token_endpoint_auth_method == 'client_secret_post' ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodPost" class="radio" data-i18n="client.client-form.secret-post">Client Secret over HTTP POST</label>
+                    </div>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodSymm" name="tokenEndpointAuthMethod" value="client_secret_jwt" <%-(client.token_endpoint_auth_method == 'client_secret_jwt' ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodSymm" class="radio" data-i18n="client.client-form.secret-symmetric-jwt">Client Secret via symmetrically-signed JWT assertion</label>
+                    </div>
+					<% } %>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodAssym" name="tokenEndpointAuthMethod" value="private_key_jwt" <%-((client.token_endpoint_auth_method == 'private_key_jwt')  || (heartMode && !client.tokenEndpointAuthMethod) ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodAssym" class="radio" data-i18n="client.client-form.secret-asymmetric-jwt">Asymmetrically-signed JWT assertion</label>
+                    </div>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodNone" name="tokenEndpointAuthMethod" value="none" <%-(client.token_endpoint_auth_method == 'none' ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodNone" class="radio" data-i18n="client.client-form.secret-none">No authentication</label>
+                    </div>
+				</div>
+			</div>
+
+            <div class="control-group" id="tokenEndpointAuthSigningAlg">
+                <label class="control-label" data-i18n="client.client-form.token-signing-algorithm">Token Endpoint Authentication Signing Algorithm</label>
+                <div class="controls">
+                    <select>
+                        <option value="default" <%-client.token_endpoint_auth_signing_alg == null ? 'selected ' : ''%> data-i18n="client.client-form.signing.any">Any allowed</option>
+                        <option value="HS256" <%-client.token_endpoint_auth_signing_alg == "HS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.hmac-256">HMAC using SHA-256 hash algorithm</option>
+                        <option value="HS384" <%-client.token_endpoint_auth_signing_alg == "HS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.hmac-384">HMAC using SHA-384 hash algorithm</option>
+                        <option value="HS512" <%-client.token_endpoint_auth_signing_alg == "HS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.hmac-512">HMAC using SHA-512 hash algorithm</option>
+                        <option value="RS256" <%-client.token_endpoint_auth_signing_alg == "RS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.rsassa-256">RSASSA using SHA-256 hash algorithm</option>
+                        <option value="RS384" <%-client.token_endpoint_auth_signing_alg == "RS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.rsassa-384">RSASSA using SHA-384 hash algorithm</option>
+                        <option value="RS512" <%-client.token_endpoint_auth_signing_alg == "RS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.rsassa-512">RSASSA using SHA-512 hash algorithm</option>
+                        <option value="ES256" <%-client.token_endpoint_auth_signing_alg == "ES256" ? 'selected' : ''%> data-i18n="client.client-form.signing.ecdsa-256">ECDSA using P-256 curve and SHA-256 hash algorithm</option>
+                        <option value="ES384" <%-client.token_endpoint_auth_signing_alg == "ES384" ? 'selected' : ''%> data-i18n="client.client-form.signing.ecdsa-384">ECDSA using P-384 curve and SHA-384 hash algorithm</option>
+                        <option value="ES512" <%-client.token_endpoint_auth_signing_alg == "ES512" ? 'selected' : ''%> data-i18n="client.client-form.signing.ecdsa-512">ECDSA using P-512 curve and SHA-512 hash algorithm</option>
+                    </select>
+                </div>
+            </div>
+
+			<div class="control-group">
+				<label class="control-label" data-i18n="client.client-form.jwk-set">Public Key Set</label>
+				<div class="controls" id="jwkSelector">
+					<div>
+                        <input id="jwkstype-uri" type="radio" name="jwksType" value="URI" <%-(client.jwksType == 'URI' ? 'checked' : '')%>>
+                        <label for="jwkstype-uri" class="radio inline" data-i18n="client.client-form.jwks-by-uri">By URI</label>
+                        <input id="jwkstype-value" type="radio" name="jwksType" value="VAL" <%-(client.jwksType == 'VAL' ? 'checked' : '')%>>
+                        <label for="jwkstype-value" class="radio inline" data-i18n="client.client-form.jwks-by-value">By Value</label>
+					</div>
+				</div>
+				<div class="controls" id="jwksUri">
+					<input placeholder="https://" value="<%-client.jwks_uri%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.jwk-set-help">URL for the client's JSON Web Key set (must be reachable by the server)</p>
+				</div>
+				<div class="controls" id="jwks">
+					<textarea  class="input-xlarge" placeholder="{ &quot;keys&quot: [ ] }" maxlength="4000" type="text" rows="8"><%- (client.jwks != null ? JSON.stringify(client.jwks, null, '  ') : "") %></textarea>
+					<p class="help-block" data-i18n="client.client-form.jwk-set-value-help">JSON Web Key set</p>
+				</div>
+			</div>
+	</div>
+
+	<div class="tab-pane" id="client-crypto-tab">
+            <div class="control-group" id="requestObjectSigningAlg">
+                <label class="control-label" data-i18n="client.client-form.request-object-signing-algorithm">Request Object Signing Algorithm</label>
+                <div class="controls">
+                    <select>
+                        <option value="default" <%-client.request_object_signing_alg == null ? 'selected ' : ''%> data-i18n="client.client-form.signing.default">Use server default</option>
+                        <option value="none" <%-client.request_object_signing_alg == "none" ? 'selected' : ''%> data-i18n="client.client-form.signing.none">No digital signature</option>
+                        <option value="HS256" <%-client.request_object_signing_alg == "HS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs256">HMAC using SHA-256 hash algorithm</option>
+                        <option value="HS384" <%-client.request_object_signing_alg == "HS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs384">HMAC using SHA-384 hash algorithm</option>
+                        <option value="HS512" <%-client.request_object_signing_alg == "HS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs512">HMAC using SHA-512 hash algorithm</option>
+                        <option value="RS256" <%-client.request_object_signing_alg == "RS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs256">RSASSA using SHA-256 hash algorithm</option>
+                        <option value="RS384" <%-client.request_object_signing_alg == "RS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs384">RSASSA using SHA-384 hash algorithm</option>
+                        <option value="RS512" <%-client.request_object_signing_alg == "RS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs512">RSASSA using SHA-512 hash algorithm</option>
+                        <option value="ES256" <%-client.request_object_signing_alg == "ES256" ? 'selected' : ''%> data-i18n="client.client-form.signing.es256">ECDSA using P-256 curve and SHA-256 hash algorithm</option>
+                        <option value="ES384" <%-client.request_object_signing_alg == "ES384" ? 'selected' : ''%> data-i18n="client.client-form.signing.es384">ECDSA using P-384 curve and SHA-384 hash algorithm</option>
+                        <option value="ES512" <%-client.request_object_signing_alg == "ES512" ? 'selected' : ''%> data-i18n="client.client-form.signing.es512">ECDSA using P-512 curve and SHA-512 hash algorithm</option>
+                    </select>
+                </div>
+            </div>
+			
+            <div class="control-group" id="userInfoSignedResponseAlg">
+                <label class="control-label" data-i18n="client.client-form.user-info-signing-algorithm">User Info Endpoint Signing Algorithm</label>
+                <div class="controls">
+                    <select>
+                        <option value="default" <%-client.userinfo_signed_response_alg == null ? 'selected ' : ''%> data-i18n="client.client-form.signing.default">Use server default</option>
+                        <option value="none" <%-client.userinfo_signed_response_alg == "none" ? 'selected' : ''%> data-i18n="client.client-form.signing.none">No digital signature</option>
+                        <option value="HS256" <%-client.userinfo_signed_response_alg == "HS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs256">HMAC using SHA-256 hash algorithm</option>
+                        <option value="HS384" <%-client.userinfo_signed_response_alg == "HS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs384">HMAC using SHA-384 hash algorithm</option>
+                        <option value="HS512" <%-client.userinfo_signed_response_alg == "HS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs512">HMAC using SHA-512 hash algorithm</option>
+                        <option value="RS256" <%-client.userinfo_signed_response_alg == "RS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs256">RSASSA using SHA-256 hash algorithm</option>
+                        <option value="RS384" <%-client.userinfo_signed_response_alg == "RS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs384">RSASSA using SHA-384 hash algorithm</option>
+                        <option value="RS512" <%-client.userinfo_signed_response_alg == "RS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs512">RSASSA using SHA-512 hash algorithm</option>
+                        <option value="ES256" <%-client.userinfo_signed_response_alg == "ES256" ? 'selected' : ''%> data-i18n="client.client-form.signing.es256">ECDSA using P-256 curve and SHA-256 hash algorithm</option>
+                        <option value="ES384" <%-client.userinfo_signed_response_alg == "ES384" ? 'selected' : ''%> data-i18n="client.client-form.signing.es384">ECDSA using P-384 curve and SHA-384 hash algorithm</option>
+                        <option value="ES512" <%-client.userinfo_signed_response_alg == "ES512" ? 'selected' : ''%> data-i18n="client.client-form.signing.es512">ECDSA using P-512 curve and SHA-512 hash algorithm</option>
+                    </select>
+                </div>
+            </div>
+			
+			<div class="control-group" id="userInfoEncryptedResponseAlg">
+                <label class="control-label" data-i18n="client.client-form.user-info-crypto-algorithm">User Info Endpoint Encryption Algorithm</label>
+                <div class="controls">
+                    <select>
+                        <option value="default" <%-client.userinfo_encrypted_response_alg == null ? 'selected ' : ''%> data-i18n="client.client-form.crypto.default">Use server default</option>
+                        <option value="none" <%-client.userinfo_encrypted_response_alg == "none" ? 'selected' : ''%> data-i18n="client.client-form.crypto.none">No encryption</option>
+                        <option value="RSA1_5" <%-client.userinfo_encrypted_response_alg == "RSA1_5" ? 'selected' : ''%> data-i18n="client.client-form.crypto.rsa1-5">RSAES-PKCS1-V1_5</option>
+                        <option value="RSA-OAEP" <%-client.userinfo_encrypted_response_alg == "RSA-OAEP" ? 'selected' : ''%> data-i18n="client.client-form.crypto.rsa-oaep">RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
+                        <option value="A128KW" <%-client.userinfo_encrypted_response_alg == "A128KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a128kw">AES Key Wrap Algorithm using 128 bit keys </option>
+                        <option value="A256KW" <%-client.userinfo_encrypted_response_alg == "A256KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a256kw">AES Key Wrap Algorithm using 256 bit keys</option>
+                        <option value="dir" <%-client.userinfo_encrypted_response_alg == "dir" ? 'selected' : ''%> data-i18n="client.client-form.crypto.dir">Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
+                        <option value="ECDH-ES" <%-client.userinfo_encrypted_response_alg == "ECDH-ES" ? 'selected' : ''%> data-i18n="client.client-form.crypto.ecdh-es">Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
+                        <option value="ECDH-ES+A128KW" <%-client.userinfo_encrypted_response_alg == "ECDH-ES+A128KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.ecdh-es-a128kw">Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
+                        <option value="ECDH-ES+A256KW" <%-client.userinfo_encrypted_response_alg == "ECDH-ES+A256KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.ecdh-es-a256kw">Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
+                    </select>
+                </div>
+			</div>
+
+			<div class="control-group" id="userInfoEncryptedResponseEnc">
+                <label class="control-label" data-i18n="client.client-form.user-info-crypto-method">User Info Endpoint Encryption Method</label>
+                <div class="controls">
+                    <select>
+                        <option value="default" <%-client.userinfo_encrypted_response_enc == null ? 'selected ' : ''%> data-i18n="client.client-form.crypto.default">Use server default</option>
+                        <option value="none" <%-client.userinfo_encrypted_response_enc == "none" ? 'selected' : ''%> data-i18n="client.client-form.crypto.none">No encryption</option>
+                        <option value="A128CBC+HS256" <%-client.userinfo_encrypted_response_enc == "A128CBC+HS256" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a128cbc-hs256">Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
+                        <option value="A256CBC+HS512" <%-client.userinfo_encrypted_response_enc == "A256CBC+HS512" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a256cbc-hs512">Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
+                        <option value="A128GCM" <%-client.userinfo_encrypted_response_enc == "A128GCM" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a128gcm">AES GCM using 128 bit keys</option>
+                        <option value="A256GCM" <%-client.userinfo_encrypted_response_enc == "A256GCM" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a256gcm">AES GCM using 256 bit keys</option>
+                    </select>
+                </div>
+			</div>
+
+            <div class="control-group" id="idTokenSignedResponseAlg">
+                <label class="control-label" data-i18n="client.client-form.id-token-signing-algorithm">ID Token Signing Algorithm</label>
+                <div class="controls">
+                    <select>
+                        <option value="default" <%-client.id_token_signed_response_alg == null ? 'selected ' : ''%> data-i18n="client.client-form.signing.default">Use server default</option>
+                        <option value="none" <%-client.id_token_signed_response_alg == "none" ? 'selected' : ''%> data-i18n="client.client-form.signing.none">No digital signature</option>
+                        <option value="HS256" <%-client.id_token_signed_response_alg == "HS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs256">HMAC using SHA-256 hash algorithm</option>
+                        <option value="HS384" <%-client.id_token_signed_response_alg == "HS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs384">HMAC using SHA-384 hash algorithm</option>
+                        <option value="HS512" <%-client.id_token_signed_response_alg == "HS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.hs512">HMAC using SHA-512 hash algorithm</option>
+                        <option value="RS256" <%-client.id_token_signed_response_alg == "RS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs256">RSASSA using SHA-256 hash algorithm</option>
+                        <option value="RS384" <%-client.id_token_signed_response_alg == "RS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs384">RSASSA using SHA-384 hash algorithm</option>
+                        <option value="RS512" <%-client.id_token_signed_response_alg == "RS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.rs512">RSASSA using SHA-512 hash algorithm</option>
+                        <option value="ES256" <%-client.id_token_signed_response_alg == "ES256" ? 'selected' : ''%> data-i18n="client.client-form.signing.es256">ECDSA using P-256 curve and SHA-256 hash algorithm</option>
+                        <option value="ES384" <%-client.id_token_signed_response_alg == "ES384" ? 'selected' : ''%> data-i18n="client.client-form.signing.es384">ECDSA using P-384 curve and SHA-384 hash algorithm</option>
+                        <option value="ES512" <%-client.id_token_signed_response_alg == "ES512" ? 'selected' : ''%> data-i18n="client.client-form.signing.es512">ECDSA using P-512 curve and SHA-512 hash algorithm</option>
+                    </select>
+                </div>
+            </div>
+			
+			<div class="control-group" id="idTokenEncryptedResponseAlg">
+                <label class="control-label" data-i18n="client.client-form.id-token-crypto-algorithm">ID Token Encryption Algorithm</label>
+                <div class="controls">
+                    <select>
+                        <option value="default" <%-client.id_token_encrypted_response_alg == null ? 'selected ' : ''%> data-i18n="client.client-form.crypto.default">Use server default</option>
+                        <option value="none" <%-client.id_token_encrypted_response_alg == "none" ? 'selected' : ''%> data-i18n="client.client-form.crypto.none">No encryption</option>
+                        <option value="RSA1_5" <%-client.id_token_encrypted_response_alg == "RSA1_5" ? 'selected' : ''%> data-i18n="client.client-form.crypto.rsa1-5">RSAES-PKCS1-V1_5</option>
+                        <option value="RSA-OAEP" <%-client.id_token_encrypted_response_alg == "RSA-OAEP" ? 'selected' : ''%> data-i18n="client.client-form.crypto.rsa-oaep">RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
+                        <option value="A128KW" <%-client.id_token_encrypted_response_alg == "A128KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a128kw">Advanced Encryption Standard (AES) Key Wrap Algorithm using 128 bit keys </option>
+                        <option value="A256KW" <%-client.id_token_encrypted_response_alg == "A256KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a256kw">AES Key Wrap Algorithm using 256 bit keys</option>
+                        <option value="dir" <%-client.id_token_encrypted_response_alg == "dir" ? 'selected' : ''%> data-i18n="client.client-form.crypto.dir">Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
+                        <option value="ECDH-ES" <%-client.id_token_encrypted_response_alg == "ECDH-ES" ? 'selected' : ''%> data-i18n="client.client-form.crypto.ecdh-es">Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
+                        <option value="ECDH-ES+A128KW" <%-client.id_token_encrypted_response_alg == "ECDH-ES+A128KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.ecdh-es-a128kw">Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
+                        <option value="ECDH-ES+A256KW" <%-client.id_token_encrypted_response_alg == "ECDH-ES+A256KW" ? 'selected' : ''%> data-i18n="client.client-form.crypto.ecdh-es-a256kw">Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
+                    </select>
+                </div>
+			</div>
+
+			<div class="control-group" id="idTokenEncryptedResponseEnc">
+                <label class="control-label" data-i18n="client.client-form.id-token-crypto-method">ID Token Encryption Method</label>
+                <div class="controls">
+                    <select>
+                        <option value="default" <%-client.id_token_encrypted_response_enc == null ? 'selected ' : ''%> data-i18n="client.client-form.crypto.default">Use server default</option>
+                        <option value="none" <%-client.id_token_encrypted_response_enc == "none" ? 'selected' : ''%> data-i18n="client.client-form.crypto.none">No encryption</option>
+                        <option value="A128CBC+HS256" <%-client.id_token_encrypted_response_enc == "A128CBC+HS256" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a128cbc-hs256">Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
+                        <option value="A256CBC+HS512" <%-client.id_token_encrypted_response_enc == "A256CBC+HS512" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a256cbc-hs512">Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
+                        <option value="A128GCM" <%-client.id_token_encrypted_response_enc == "A128GCM" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a128gcm">AES GCM using 128 bit keys</option>
+                        <option value="A256GCM" <%-client.id_token_encrypted_response_enc == "A256GCM" ? 'selected' : ''%> data-i18n="client.client-form.crypto.a256gcm">AES GCM using 256 bit keys</option>
+                    </select>
+                </div>
+			</div>
+
+            <div class="control-group" id="codeChallengeMethod">
+                <label class="control-label" data-i18n="client.client-form.code-challenge-method">Proof Key for Code Exchange (PKCE) Code Challenge Method</label>
+                <div class="controls">
+					<select>
+						<option value="default" <%-client.code_challenge_method == null ? 'selected ' : ''%> data-i18n="client.client-form.code-challenge-none">No code challenge</option>
+						<option value="plain" <%-client.code_challenge_method == "plain" ? 'selected' : ''%> data-i18n="client.client-form.code-challenge-plain">Plain code challenge</option>
+						<option value="S256" <%-client.code_challenge_method == "S256" ? 'selected' : ''%> data-i18n="client.client-form.code-challenge-s256">SHA-256 hash algorithm</option>
+					</select>
+                </div>
+            </div>
+	</div>
+
+	<div class="tab-pane" id="client-other-tab">
+
+            <div class="control-group" id="requireAuthTime">
+                <label class="control-label" data-i18n="client.client-form.require-auth-time">Require Authentication Time</label>
+                <div class="controls">
+                    <div>
+                        <input type="checkbox" <%-(client.require_auth_time == true ? 'checked' : '')%>/>
+                        <label class="checkbox" data-i18n="client.client-form.require-auth-time-label">Always require that the auth_time claim be sent in the id token</label>
+                    </div>
+                </div>
+            </div>
+
+			<div class="control-group" id="defaultMaxAge">
+                <label class="control-label" data-i18n="client.client-form.max-age">Default Max Age</label>
+                <div class="controls">
+                    <input placeholder="" value="<%-client.default_max_age ? client.default_max_age : ''%>" maxlength="10" type="text" class=""/>
+                    <p class="help-block" data-i18n="client.client-form.max-age-help">Default maximum session age before re-prompting</p>
+                </div>
+			</div>
+
+			<div class="control-group" id="initiateLoginUri">
+                <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.initiate-login">Initiate Login</span></label>
+                <div class="controls">
+                    <input placeholder="https://" value="<%-client.initiate_login_uri ? client.initiate_login_uri : ''%>" maxlength="1000" type="text" class=""/>
+                    <p class="help-block" data-i18n="client.client-form.initiate-login-help">URL to initiate login on the client</p>
+                </div>
+			</div>
+
+            <div class="control-group" id="claimsRedirectUris">
+                <label class="control-label" data-i18n="client.client-form.claims-redirect-uris">Claims Redirect URI(s)</label>
+                <div class="controls">
+                </div>
+            </div>
+
+			<div class="control-group" id="postLogoutRedirectUris">
+                <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.post-logout">Post-Logout Redirect</span></label>
+                <div class="controls">
+                </div>
+			</div>
+
+
+            <div class="control-group" id="requestUris">
+                <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.request-uri">Request URIs</span></label>
+                <div class="controls">
+                </div>
+            </div>
+
+            <div class="control-group" id="defaultAcrValues">
+                <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.acr-values">Default ACR Values</span></label>
+                <div class="controls">
+                </div>
+            </div>
+
+			<div class="control-group" id="applicationType">
+				<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.type">Application Type</span></label>
+				<div class="controls">
+					<label class="radio inline">
+						<input type="radio" name="applicationType" value="NATIVE" <%-(client.application_type == 'NATIVE' ? 'checked' : '')%>> <span data-i18n="client.client-form.type-native">Native</span>
+					</label>
+					<label class="radio inline">
+						<input type="radio" name="applicationType" value="WEB" <%-(client.application_type == 'WEB' ? 'checked' : '')%>> <span data-i18n="client.client-form.type-web">Web</span>
+					</label>
+				</div>
+			</div>			
+
+	</div>
+
+	<div class="tab-pane" id="client-json-tab">
+
+<pre>
+<%- JSON.stringify(client, undefined, 2) %>
+</pre>
+
+	</div>
+
+
+
+            <div class="well well-small">
+                <button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp; 
+                <button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
+				<% if (client.client_id) { %>
+                <button class="btn btn-small btn-danger btn-delete pull-right"><i class="icon-trash icon-white"></i> <span data-i18n="common.delete">Delete</span></button>
+				<% } %>
+            </div>
+
+        </fieldset>
+    </form>
+
+</script>
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/grant.html b/openid-connect-server-webapp/src/main/webapp/resources/template/grant.html
new file mode 100644
index 000000000..0ce60e8e9
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/grant.html
@@ -0,0 +1,90 @@
+<!-- 
+ Copyright 2018 The MIT Internet Trust Consortium
+ 
+ Portions copyright 2011-2013 The MITRE Corporation
+ 
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- approved sites (grants) -->
+
+<script type="text/html" id="tmpl-grant-table">
+
+    <div class="well well-small">
+		<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button>
+    </div>
+
+	<div id="grant-approved-tab">
+
+	<p data-i18n="grant.grant-table.text">These are sites you have approved manually. If the same site asks for the same access in the future, it will
+		be granted without prompting.</p>
+
+	<div id="grant-table-empty" class="alert alert-info" data-i18n="grant.grant-table.no-sites">
+		You have not approved any sites.
+	</div>
+
+    <table id="grant-table" class="table table-hover table-striped">
+        <thead>
+        <tr>
+			<th></th>
+            <th data-i18n="grant.grant-table.application">Application</th>
+			<th><i class="icon-time"></i></th>
+            <th><i class="icon-edit"></i></th>
+        </tr>
+        </thead>
+        <tbody>
+        </tbody>
+    </table>
+
+	</div>
+
+    <div class="well well-small">
+		<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button>
+    </div>
+
+</script>
+
+<script type="text/html" id="tmpl-grant">
+	<td>
+		<% if (client.dynamicallyRegistered) { %>
+			<span class="label label-inverse dynamically-registered"><i class="icon-globe icon-white"></i></span>
+		<% } %>
+	</td>
+
+    <td>
+
+        <span title="<%- client.clientId %>"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
+		<div class="client-more-info-block"></div>
+		<div class="scope-list"></div>
+    </td>
+
+
+	<td>
+		<div>
+			<i data-i18n="grant.grant-table.authorized">Authorized:</i> <span title="<%- formattedDate.hoverCreationDate %>"><%- formattedDate.displayCreationDate %></span>
+		</div>
+
+		<div>
+			<i data-i18n="grant.grant-table.last-accessed">Last accessed:</i> <span title="<%- formattedDate.hoverAccessDate %>"><%- formattedDate.displayAccessDate %></span>
+		</div>
+
+		<div>
+			<i data-i18n="common.expires">Expires:</i> <span title="<%- formattedDate.hoverTimeoutDate %>"><%- formattedDate.displayTimeoutDate %></span>
+		</div>
+	</td>
+
+    <td>
+        <button class="btn btn-danger btn-delete pull-right"><i class="icon-trash icon-white"></i> <span data-i18n="common.revoke">Revoke</span></button>
+    </td>
+
+</script>
+
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/rsreg.html b/openid-connect-server-webapp/src/main/webapp/resources/template/rsreg.html
new file mode 100644
index 000000000..e8c1a50a2
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/rsreg.html
@@ -0,0 +1,305 @@
+<!-- 
+ Copyright 2018 The MIT Internet Trust Consortium
+ 
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- self-service resource registration -->
+
+<script type="text/html" id="tmpl-rsreg">
+
+<div class="row-fluid">
+
+<div class="span6 well">
+	<h2 data-i18n="rsreg.new-client">Register a new resource</h2>
+	<p data-i18n="rsreg.new-client-help">Use this form to register a new protected with the authorization server. You will be given a client ID and a registration access token to manage your resource.</p>
+	<button class="btn btn-success" id="newreg"><i class="icon-plus icon-white"></i> <span data-i18n="rsreg.new-client-button">New Resource</span></button>
+</div>
+<div class="span6 well">
+	<h2 data-i18n="rsreg.edit-existing">Edit an existing protected resource</h2>
+	<p class="help-block" data-i18n="rsreg.edit-existing-help">Use this form to edit a previously-registered resource. Paste in your client ID and registration access token to access the resource.</p>
+
+	<input type="text" id="clientId" placeholder="Enter Client ID" data-i18n="[placeholder]rsreg.client-id-placeholder"> 
+	<input type="text" id="regtoken" placeholder="Enter Registration Access Token" data-i18n="[placeholder]rsreg.regtoken-placeholder"> 
+	<button class="btn btn-info" id="editreg"><i class="icon-edit icon-white"></i> <span data-i18n="rsreg.edit-existing-button">Edit Resource</span></button>
+</div>
+
+</script>
+
+
+<script type="text/html" id="tmpl-rsreg-resource-form">
+
+    <% if (client.client_id == null) { %>
+        <h1 data-i18n="rsreg.new"></h1>
+    <% } else { %>
+        <h1 data-i18n="rsreg.edit"></h1>
+    <% } %>
+
+
+    <form class="form-horizontal tabbable">
+        <fieldset>
+            <div class="well well-small">
+                <button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp; 
+                <button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
+                <% if (client.client_id) { %>
+                <button class="btn btn-small btn-danger btn-delete pull-right"><i class="icon-trash icon-white"></i> <span data-i18n="common.delete">Delete</span></button>
+                <% } %>
+            </div>
+
+				<ul class="nav nav-tabs">
+                    <li class="active"><a data-target="#resource-main-tab" data-toggle="tab" href="#" data-i18n="client.client-form.main">Main</a></li>
+                    <li><a data-target="#resource-access-tab" data-toggle="tab" href="#" data-i18n="client.client-form.access">Access</a></li>
+                    <li><a data-target="#resource-secret-tab" data-toggle="tab" href="#" data-i18n="client.client-form.credentials">Credentials</a></li>
+                    <li><a data-target="#resource-json-tab" data-toggle="tab" href="#">JSON</a></li>
+				</ul>
+
+<div class="tab-content">
+	<div class="tab-pane active" id="resource-main-tab">
+
+			<% if (client.client_id) { %>
+			<div class="control-group">
+				<div class="controls">
+					<div class="alert alert-error" data-i18n="[html]rsreg.warning">
+						<strong>Warning!</strong> You MUST protect your <b>Client ID</b>, <b>Client Secret (if provided)</b>, and your <b>Registration Access Token</b>. 
+						If you lose your Client ID or Registration Access Token, you will no longer have access to your client's registration
+						records and you will need to register a new client.
+					</div>
+				</div>
+
+			</div>
+			<% } %>
+		<div class="well">
+            <div class="control-group" id="clientId">
+                <label class="control-label" data-i18n="client.client-form.client-id">Client ID</label>
+                <div class="controls">
+                <% if (client.client_id) { %>
+                    <pre><%-client.client_id%></pre>
+                <% } else { %>
+                    <code data-i18n="dynreg.will-be-generated">Will be generated</code>
+                <% } %>
+                </div>
+            </div>
+
+
+			<div class="control-group" id="requireClientSecret">
+				<label class="control-label">Client Secret</label>
+    	        <div class="control-group">
+            	    <div class="controls">
+						<% if (client.client_id) { %>
+							<% if (client.client_secret) { %>
+								<pre><%- client.client_secret %></pre>
+							<% } else { %>
+								<% if (client.token_endpoint_auth_method == 'none') { %>
+									<pre>None (public client)</pre>
+								<% } else if (client.token_endpoint_auth_method == 'private_key_jwt') { %>
+									<pre>None (private key authentication)</pre>
+								<% } else { %>
+									<p class="text-error"><b>Unknown error:</b> no client secret and unknown auth method.</p>
+								<% } %>
+							<% } %>
+						<% } else { %>
+                            <code data-i18n="dynreg.will-be-generated">Will be generated</code>
+						<% } %>
+	                </div>
+    	        </div>
+
+			</div>
+
+            <div class="control-group" id="clientConfigurationUri">
+                <label class="control-label" data-i18n="dynreg.configuration-url">Client Configuration URL</label>
+                <div class="controls">
+                <% if (client.registration_client_uri) { %>
+                    <pre><%-client.registration_client_uri%></pre>
+                <% } else { %>
+                    <code data-i18n="dynreg.will-be-generated">Will be generated</code>
+                <% } %>
+                </div>
+            </div>
+
+            <div class="control-group" id="registrationAccessToken">
+                <label class="control-label" data-i18n="client.client-form.registration-access-token">Registration Access Token</label>
+                <div class="controls">
+                <% if (client.registration_access_token) { %>
+                    <pre><%-client.registration_access_token%></pre>
+                <% } else { %>
+                    <code data-i18n="dynreg.will-be-generated">Will be generated</code>
+                <% } %>
+                </div>
+            </div>
+
+		</div>
+
+            <div class="control-group" id="clientName">
+                <label class="control-label" data-i18n="client.client-form.client-name">Client name</label>
+                <div class="controls">
+                    <input value="<%-client.client_name ? client.client_name : ''%>" maxlength="100" type="text" class="" placeholder="Type something">
+                    <p class="help-block" data-i18n="client.client-form.client-name-help">Human-readable application name</p>
+                </div>
+            </div>
+
+			<div class="control-group" id="logoUri">
+                <label class="control-label" data-i18n="client.client-form.logo">Logo</label>
+                <div class="controls">
+                    <input placeholder="https://" value="<%-client.logo_uri ? client.logo_uri : ''%>" maxlength="1000" type="text" class=""/>
+                    <p class="help-block" data-i18n="client.client-form.logo-help">URL that points to a logo image, will be displayed on approval page</p>
+                </div>
+			</div>
+
+			<div class="control-group" id="logoBlock">
+				<div class="controls">
+					<img src="resources/images/logo_placeholder.gif" alt="logo" id="logoPreview" width="275px" class="thumbnail" />
+				</div>
+			</div>
+
+			<div class="control-group" id="tosUri">
+                <label class="control-label" data-i18n="client.client-form.terms">Terms of Service</label>
+                <div class="controls">
+                    <input placeholder="https://" value="<%-client.tos_uri ? client.tos_uri : ''%>" maxlength="1000" type="text" class=""/>
+                    <p class="help-block" data-i18n="client.client-form.terms-help">URL for the Terms of Service of this client, will be displayed to the user</p>
+                </div>
+			</div>
+
+			<div class="control-group" id="policyUri">
+                <label class="control-label" data-i18n="client.client-form.policy">Policy</label>
+                <div class="controls">
+                    <input placeholder="https://" value="<%-client.policy_uri ? client.policy_uri : ''%>" maxlength="1000" type="text" class=""/>
+                    <p class="help-block" data-i18n="client.client-form.policy-help">URL for the Policy Statement of this client, will be displayed to the user</p>
+                </div>
+			</div>
+
+			<div class="control-group" id="clientUri">
+                <label class="control-label" data-i18n="client.client-form.home">Home Page</label>
+                <div class="controls">
+                    <input placeholder="https://" value="<%-client.client_uri ? client.client_uri : ''%>" maxlength="1000" type="text" class=""/>
+                    <p class="help-block" data-i18n="client.client-form.home-help">URL for the client's home page, will be displayed to the user</p>
+                </div>
+			</div>
+
+			<div class="control-group" id="applicationType">
+                <label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> <span data-i18n="client.client-form.type">Application Type</span></label>
+                <div class="controls">
+                    <label class="radio inline">
+                        <input type="radio" name="applicationType" value="NATIVE" <%-(client.application_type == 'NATIVE' ? 'checked' : '')%>> <span data-i18n="client.client-form.type-native">Native</span>
+                    </label>
+                    <label class="radio inline">
+                        <input type="radio" name="applicationType" value="WEB" <%-(client.application_type == 'WEB' ? 'checked' : '')%>> <span data-i18n="client.client-form.type-web">Web</span>
+                    </label>
+                </div>
+			</div>
+			
+            <div class="control-group" id="contacts">
+                <label class="control-label" data-i18n="client.client-form.contacts">Contacts</label>
+                <div class="controls">
+                </div>
+            </div>
+
+	</div>
+	
+	<div class="tab-pane" id="resource-access-tab">
+
+            <div class="control-group" id="scope">
+                <label class="control-label" data-i18n="common.scope">Scope</label>
+                <div class="controls">
+                </div>
+            </div>
+	</div>
+	
+	<div class="tab-pane" id="resource-secret-tab">
+
+			<div class="control-group" id="tokenEndpointAuthMethod">
+                <label class="control-label" data-i18n="client.client-form.authentication-method">Token Endpoint Authentication Method</label>
+                <div class="controls">
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodBasic" name="tokenEndpointAuthMethod" value="client_secret_basic" <%-(client.token_endpoint_auth_method == 'client_secret_basic' ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodBasic" class="radio" data-i18n="client.client-form.secret-http">Client Secret over HTTP Basic</label>
+                    </div>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodPost" name="tokenEndpointAuthMethod" value="client_secret_post" <%-(client.token_endpoint_auth_method == 'client_secret_post' ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodPost" class="radio" data-i18n="client.client-form.secret-post">Client Secret over HTTP POST</label>
+                    </div>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodSymm" name="tokenEndpointAuthMethod" value="client_secret_jwt" <%-(client.token_endpoint_auth_method == 'client_secret_jwt' ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodSymm" class="radio" data-i18n="client.client-form.secret-symmetric-jwt">Client Secret via symmetrically-signed JWT assertion</label>
+                    </div>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodAssym" name="tokenEndpointAuthMethod" value="private_key_jwt" <%-(client.token_endpoint_auth_method == 'private_key_jwt' ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodAssym" class="radio" data-i18n="client.client-form.secret-asymmetric-jwt">Asymmetrically-signed JWT assertion</label>
+                    </div>
+                    <div>
+                        <input type="radio" id="tokenEndpointAuthMethodNone" name="tokenEndpointAuthMethod" value="none" <%-(client.token_endpoint_auth_method == 'none' ? 'checked' : '')%>>
+                        <label for="tokenEndpointAuthMethodNone" class="radio" data-i18n="client.client-form.secret-none">No authentication</label>
+                    </div>
+                </div>
+			</div>
+
+            <div class="control-group" id="tokenEndpointAuthSigningAlg">
+                <label class="control-label" data-i18n="client.client-form.token-signing-algorithm">Token Endpoint Authentication Signing Algorithm</label>
+                <div class="controls">
+                    <select>
+                        <option value="default" <%-client.token_endpoint_auth_signing_alg == null ? 'selected ' : ''%> data-i18n="client.client-form.signing.any">Any allowed</option>
+                        <option value="HS256" <%-client.token_endpoint_auth_signing_alg == "HS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.hmac-256">HMAC using SHA-256 hash algorithm</option>
+                        <option value="HS384" <%-client.token_endpoint_auth_signing_alg == "HS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.hmac-384">HMAC using SHA-384 hash algorithm</option>
+                        <option value="HS512" <%-client.token_endpoint_auth_signing_alg == "HS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.hmac-512">HMAC using SHA-512 hash algorithm</option>
+                        <option value="RS256" <%-client.token_endpoint_auth_signing_alg == "RS256" ? 'selected' : ''%> data-i18n="client.client-form.signing.rsassa-256">RSASSA using SHA-256 hash algorithm</option>
+                        <option value="RS384" <%-client.token_endpoint_auth_signing_alg == "RS384" ? 'selected' : ''%> data-i18n="client.client-form.signing.rsassa-384">RSASSA using SHA-384 hash algorithm</option>
+                        <option value="RS512" <%-client.token_endpoint_auth_signing_alg == "RS512" ? 'selected' : ''%> data-i18n="client.client-form.signing.rsassa-512">RSASSA using SHA-512 hash algorithm</option>
+                        <option value="ES256" <%-client.token_endpoint_auth_signing_alg == "ES256" ? 'selected' : ''%> data-i18n="client.client-form.signing.ecdsa-256">ECDSA using P-256 curve and SHA-256 hash algorithm</option>
+                        <option value="ES384" <%-client.token_endpoint_auth_signing_alg == "ES384" ? 'selected' : ''%> data-i18n="client.client-form.signing.ecdsa-384">ECDSA using P-384 curve and SHA-384 hash algorithm</option>
+                        <option value="ES512" <%-client.token_endpoint_auth_signing_alg == "ES512" ? 'selected' : ''%> data-i18n="client.client-form.signing.ecdsa-512">ECDSA using P-512 curve and SHA-512 hash algorithm</option>
+                    </select>
+                </div>
+            </div>
+
+			<div class="control-group">
+				<label class="control-label" data-i18n="client.client-form.jwk-set">Public Key Set</label>
+				<div class="controls" id="jwkSelector">
+					<div>
+                        <input id="jwkstype-uri" type="radio" name="jwksType" value="URI" <%-(client.jwksType == 'URI' ? 'checked' : '')%>>
+                        <label for="jwkstype-uri" class="radio inline" data-i18n="client.client-form.jwks-by-uri">By URI</label>
+                        <input id="jwkstype-value" type="radio" name="jwksType" value="VAL" <%-(client.jwksType == 'VAL' ? 'checked' : '')%>>
+                        <label for="jwkstype-value" class="radio inline" data-i18n="client.client-form.jwks-by-value">By Value</label>
+					</div>
+				</div>
+				<div class="controls" id="jwksUri">
+					<input placeholder="https://" value="<%-client.jwks_uri%>" maxlength="1000" type="text" class=""/>
+					<p class="help-block" data-i18n="client.client-form.jwk-set-help">URL for the client's JSON Web Key set (must be reachable by the server)</p>
+				</div>
+				<div class="controls" id="jwks">
+					<textarea  class="input-xlarge" placeholder="{ &quot;keys&quot: [ ] }" maxlength="4000" type="text" rows="8"><%- (client.jwks != null ? JSON.stringify(client.jwks, null, '  ') : "") %></textarea>
+					<p class="help-block" data-i18n="client.client-form.jwk-set-value-help">JSON Web Key set</p>
+				</div>
+			</div>
+
+	</div>
+
+	<div class="tab-pane" id="resource-json-tab">
+
+<pre>
+<%- JSON.stringify(client, undefined, 2) %>
+</pre>
+
+	</div>
+
+
+
+            <div class="well well-small">
+                <button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp; 
+                <button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
+                <% if (client.client_id) { %>
+                <button class="btn btn-small btn-danger btn-delete pull-right"><i class="icon-trash icon-white"></i> <span data-i18n="common.delete">Delete</span></button>
+                <% } %>
+            </div>
+
+        </fieldset>
+    </form>
+
+</script>
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/scope.html b/openid-connect-server-webapp/src/main/webapp/resources/template/scope.html
new file mode 100644
index 000000000..618ea1640
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/scope.html
@@ -0,0 +1,228 @@
+<!-- 
+ Copyright 2018 The MIT Internet Trust Consortium
+ 
+ Portions copyright 2011-2013 The MITRE Corporation
+ 
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- system scope -->
+<script type="text/html" id="tmpl-system-scope-table">
+
+    <div class="well well-small">
+		<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button> &nbsp;
+        <button class="btn btn-small btn-primary new-scope"><i class="icon-plus icon-white"></i> <span data-i18n="scope.system-scope-table.new">New Scope</span></button>
+    </div>
+
+	<div id="scope-table-empty" class="alert alert-info" data-i18n="scope.system-scope-table.text">
+		There are no system scopes defined. Clients may still have custom scopes.
+	</div>
+
+    <table id="scope-table" class="table table-hover table-striped">
+        <thead>
+        <tr>
+			<th></th>
+            <th data-i18n="common.scope">Scope</th>
+            <th></th>
+        </tr>
+        </thead>
+        <tbody>
+        </tbody>
+    </table>
+
+    <div class="well well-small">
+		<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button> &nbsp; 
+        <button class="btn btn-small btn-primary new-scope"><i class="icon-plus icon-white"></i> <span data-i18n="scope.system-scope-table.new">New Scope</span></button>
+    </div>
+
+</script>
+
+<script type="text/html" id="tmpl-system-scope">
+	<td>
+		<% if (defaultScope) { %>
+			<span class="label label-success default"><i class="icon-flag icon-white"></i></span>
+		<% } %>
+		<% if (restricted) { %>
+			<span class="label label-warning restricted"><i class="icon-ban-circle icon-white"></i></span>
+		<% } %>
+	</td>
+
+    <td>
+        <span class="badge badge-info">
+		<% if (icon) { %>
+			<i class="icon-<%- icon %> icon-white"></i>
+		<% } %>
+		<%- value %>
+		</span>
+        <p><small><%- description %></small></p>
+    </td>
+
+    <td>
+		<div class="btn-group pull-right">
+	        <button class="btn btn-edit"><i class="icon-edit"></i> <span data-i18n="common.edit">Edit</span></button> &nbsp;
+    	    <button class="btn btn-danger btn-delete"><i class="icon-trash icon-white"></i> <span data-i18n="common.delete">Delete</span></button>
+		</div>
+    </td>
+
+</script>
+
+<script type="text/html" id="tmpl-system-scope-form">
+    <% if (id == null) { %>
+        <h1 data-i18n="scope.system-scope-form.new">New Scope</h1>
+    <% } else { %>
+        <h1 data-i18n="scope.system-scope-form.edit">Edit Scope</h1>
+    <% } %>
+
+	<form class="form-horizontal">
+		<fieldset>
+
+            <div class="well well-small">
+                <button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp; 
+				<button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
+            </div>			
+
+			<div class="control-group" id="value">
+				<label class="control-label" data-i18n="scope.system-scope-form.value">Scope value</label>
+				<div class="controls">
+					<input value="<%-value != null ? value : ''%>" type="text" class="" placeholder="scope" data-i18n="[placeholder]scope.system-scope-form.value-placeholder">
+					<p class="help-block" data-i18n="scope.system-scope-form.value-help">Single string with no spaces</p>
+				</div>
+			</div>
+
+			<div class="control-group" id="description">
+				<label class="control-label" data-i18n="common.description">Description</label>
+				<div class="controls">
+					<textarea class="input-xlarge" placeholder="Type a description" maxlength="200" rows="3" data-i18n="[placeholder]scope.system-scope-form.description-placeholder"><%-description != null ? description : ''%></textarea>
+					<p class="help-block" data-i18n="[placeholder]scope.system-scope-form.description-help">Human-readable text description</p>
+				</div>
+			</div>
+
+			<div class="control-group" id="icon">
+				<label class="control-label" data-i18n="scope.system-scope-form.icon">Icon</label>
+				<div class="controls">
+
+					<span id="iconDisplay">
+						<span class="badge badge-info"><i class="icon-<%-icon%> icon-white"></i> 
+							<span id="iconName"><%-icon%></span>
+						</span>
+
+						<input type="hidden" value="<%-icon%>">
+					</span>
+
+					<a href="#iconSelector" role="button" class="btn btn-info" data-toggle="modal"><i class="icon-white icon-picture"></i> <span data-i18n="scope.system-scope-form.select-icon">Select an icon</span></a>
+
+					<div id="iconSelector" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="iconSelectorLabel" aria-hidden="true" style="display: none;">
+						<div class="modal-header">
+							<button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
+							<h3 id="iconSelectorLabel" data-i18n="scope.system-scope-form.select-icon">Select an Icon</h3>
+						</div>
+						<div class="modal-body">
+
+						</div>
+						<div class="modal-footer">
+							<button class="btn" data-dismiss="modal" aria-hidden="true" data-i18n="common.close">Close</button>
+						</div>
+					</div>
+				</div>
+
+			</div>
+
+			<div class="control-group" id="defaultScope">
+				<label class="control-label"><span class="label label-success default"><i class="icon-flag icon-white"></i></span></label>
+				<div class="controls">
+					<label class="checkbox">
+						<input type="checkbox" <%-defaultScope ? 'checked' : '' %>> <span data-i18n="scope.system-scope-form.default">default scope</span>
+					</label>
+					<p class="help-block" data-i18n="scope.system-scope-form.default-help">Newly-created clients get this scope by default?</p>
+				</div>
+			</div>
+
+			<div class="control-group" id="restricted">
+				<label class="control-label"><span class="label label-warning restricted"><i class="icon-ban-circle icon-white"></i></span></label>
+				<div class="controls">
+					<label class="checkbox">
+						<input type="checkbox" <%-restricted ? 'checked' : '' %>> <span data-i18n="scope.system-scope-form.restricted">restricted</span>
+					</label>
+					<p class="help-block" data-i18n="scope.system-scope-form.restricted-help">Restricted scopes are only usable by system administrators and are unavailable to dynamically registered clients and protected resources</p>
+				</div>
+			</div>
+
+            <div class="well well-small">
+                <button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp; 
+                <button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
+            </div>			
+
+		</fieldset>
+	</form>
+</script>
+
+<script type="text/html" id="tmpl-system-scope-icon">
+
+	<div class="row-fluid">
+		<div class="span4" style="margin-top: 5px; margin-bottom: 5px;">
+			<% if (items[0]) { %>
+			<button class="btn btn-block btn-icon" value="<%-items[0]%>"><i class="icon-<%-items[0]%>"></i> <%-items[0]%>
+			<% } %>
+		</div>
+		<div class="span4" style="margin-top: 5px; margin-bottom: 5px;">
+			<% if (items[1]) { %>
+			<button class="btn btn-block btn-icon" value="<%-items[1]%>"><i class="icon-<%-items[1]%>"></i> <%-items[1]%>
+			<% } %>
+		</div>
+		<div class="span4" style="margin-top: 5px; margin-bottom: 5px;">
+			<% if (items[2]) { %>
+			<button class="btn btn-block btn-icon" value="<%-items[2]%>"><i class="icon-<%-items[2]%>"></i> <%-items[2]%>
+			<% } %>
+		</div>
+	</div>
+
+</script>
+
+<script type="text/html" id="tmpl-scope-list">
+
+<% 
+if (_.isEmpty(scopes)) {
+%>
+	<span class="badge badge-important"><i class="icon-warning-sign icon-white"></i> <span data-i18n="scope.scope-list.no-scopes">NO SCOPES</span></span>
+<%
+
+} else {
+
+_.each(scopes, function(s) {
+	var ss = systemScopes.getByValue(s);
+	
+	if (ss) {
+%>
+	<span class="badge badge-<%-ss.get('restricted') ? 'warning' : 'info'%>" 
+<% if (ss.get('description')) { %>
+	title="<%- ss.get('description') %>"
+<% } %>
+
+style="cursor: default;" >
+<% if (ss.get('icon')) { %>
+	<i class="icon-<%-ss.get('icon')%> icon-white"></i>
+<% } %>
+<%-s%>
+</span>
+<%
+	} else {
+%>
+	<span class="badge" style="cursor: default;"><%-s%></span>
+<%
+	}
+
+});
+
+}
+%>
+
+</script>
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/token.html b/openid-connect-server-webapp/src/main/webapp/resources/template/token.html
new file mode 100644
index 000000000..fac353206
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/token.html
@@ -0,0 +1,144 @@
+<!-- 
+ Copyright 2018 The MIT Internet Trust Consortium
+ 
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+ 
+ <script type="text/html" id="tmpl-token-table">
+    <div class="well well-small">
+		<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button> &nbsp;
+    </div>
+
+	<div class="tabbable">
+
+ 		<ul class="nav nav-tabs">
+			<li class="active"><a data-target="#token-access-tab" data-toggle="tab" href="#"><span data-i18n="token.token-table.access-tokens">Access Tokens</span> <span class="label label-info" id="access-token-count">?</span></a></li>
+			<li><a data-target="#token-refresh-tab" data-toggle="tab" href="#"><span data-i18n="token.token-table.refresh-tokens">Refresh Tokens</span> <span class="label label-info" id="refresh-token-count">?</span></a></li>
+		</ul>
+
+	<div class="tab-content">
+
+	<div class="tab-pane active" id="token-access-tab">
+
+	<div><p data-i18n="token.token-table.text">Access tokens are usually short-lived and provide clients with access to specific resources. 
+			ID Tokens are specialized access tokens to facilitate log on using OpenID Connect.</p></div>
+
+	<div id="access-token-table-empty" class="alert alert-info" data-i18n="token.token-table.no-access">
+		There are no active access tokens.
+	</div>
+
+	<div class="pagination paginator-access"></div>
+
+    <table id="access-token-table" class="table table-hover table-striped">
+        <thead>
+        <tr>
+            <th data-i18n="common.client">Client</th>
+            <th data-i18n="token.token-table.token-info">Token Information</th>
+			<th data-i18n="common.expires">Expires</th>
+            <th></th>
+        </tr>
+        </thead>
+        <tbody>
+        </tbody>
+    </table>
+
+	<div class="pagination paginator-access"></div>
+
+	</div>
+
+	<div class="tab-pane" id="token-refresh-tab">
+
+	<div><p data-i18n="token.token-table.text-refresh">Refresh tokens are usually long-lived and provide clients with the ability to get new access tokens without end-user involvement.</p></div>
+
+	<div id="refresh-token-table-empty" class="alert alert-info" data-i18n="token.token-table.no-refresh">
+		There are no active refresh tokens.
+	</div>
+
+	<div class="pagination paginator-refresh"></div>
+
+    <table id="refresh-token-table" class="table table-hover table-striped">
+        <thead>
+        <tr>
+            <th data-i18n="common.client">Client</th>
+            <th data-i18n="token.token-table.token-info">Token Information</th>
+            <th data-i18n="common.expires">Expires</th>
+            <th></th>
+        </tr>
+        </thead>
+        <tbody>
+        </tbody>
+    </table>
+
+	<div class="pagination paginator-refresh"></div>
+
+	</div>
+	</div>
+
+    <div class="well well-small">
+		<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button> &nbsp; 
+    </div>
+</script>
+
+<script type="text/html" id="tmpl-access-token">
+    <td>
+        <span title="<%- client.clientId %>"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
+		<div class="client-more-info-block"></div>
+		<% if (token.refreshTokenId != null) { %>
+		<br />
+		<span class="label label-important" title="This access token was issued with an associated refresh token." data-i18n="[title]token.token-table.associated-refresh">+ <i class="icon-time icon-white"></i> Refresh</span>
+		<% } %>
+    </td>
+
+    <td>
+		<div class="token-value">
+			<code class="token-substring" style="cursor: pointer" data-i18n="[title]token.token-table.click-to-display" title="Click to display full token value"><%- token.value.substr(0,27) %> ...</code>
+			<input type="text" readonly style="cursor: text" class="token-full input-xxlarge" value="<%- token.value %>" />
+		</div>
+		<div class="scope-list"></div>
+    </td>
+
+	<td>
+		<%- formattedExpiration %>
+	</td>
+	
+    <td>
+		<button class="btn btn-danger btn-delete pull-right"><i class="icon-trash icon-white"></i> <span data-i18n="common.revoke">Revoke</span></button>
+    </td>
+
+</script>
+
+<script type="text/html" id="tmpl-refresh-token">
+    <td>
+        <span title="<%- client.clientId %>"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
+		<div class="client-more-info-block"></div>
+		<span class="label label-info" title="Number of associated access tokens" data-i18n="[title]token.token-table.number-of-tokens"><%- accessTokenCount %></span>
+    </td>
+
+    <td>
+		<div class="token-value">
+			<code class="token-substring" style="cursor: pointer" data-i18n="[title]token.token-table.click-to-display" title="Click to display full token value"><%- token.value.substr(0,27) %> ...</code>
+			<input type="text" readonly style="cursor: text" class="token-full input-xxlarge" value="<%- token.value %>" />
+		</div>
+		<div class="scope-list"></div>
+    </td>
+
+	<td>
+		<%- formattedExpiration %>
+	</td>
+	
+    <td>
+		<button class="btn btn-danger btn-delete pull-right"><i class="icon-trash icon-white"></i> <span data-i18n="common.revoke">Revoke</span></button>
+    </td>
+
+</script>
+
diff --git a/openid-connect-server-webapp/src/main/webapp/resources/template/whitelist.html b/openid-connect-server-webapp/src/main/webapp/resources/template/whitelist.html
new file mode 100644
index 000000000..220897ee5
--- /dev/null
+++ b/openid-connect-server-webapp/src/main/webapp/resources/template/whitelist.html
@@ -0,0 +1,109 @@
+<!-- 
+ Copyright 2018 The MIT Internet Trust Consortium
+ 
+ Portions copyright 2011-2013 The MITRE Corporation
+ 
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- whitelist -->
+
+<script type="text/html" id="tmpl-whitelist">
+	<td>
+		<% if (client.dynamicallyRegistered) { %>
+			<span class="label label-inverse dynamically-registered"><i class="icon-globe icon-white"></i></span>
+		<% } %>
+	</td>
+
+    <td>
+        <span title="<%- client.clientId %>"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
+		<div class="client-more-info-block"></div>
+   </td>
+
+    <td>
+		<div class="scope-list"></div>
+    </td>
+
+    <td>
+		<div class="btn-group pull-right">
+	        <button class="btn btn-edit"><i class="icon-edit"></i> <span data-i18n="common.edit">Edit</span></button> &nbsp; 
+			<button class="btn btn-danger btn-delete"><i class="icon-trash icon-white"></i> <span data-i18n="common.delete">Delete</span></button>
+		</div>
+    </td>
+
+</script>
+
+<script type="text/html" id="tmpl-whitelist-table">
+    <div class="well well-small">
+		<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button>
+    </div>
+
+	<div id="whitelist-table-empty" class="alert alert-info" data-i18n="[html]whitelist.whitelist-table.no-sites">
+		There are no whitelisted sites. Use the <strong>whitelist</strong> button on the client management page to create one.
+	</div>
+
+    <table id="whitelist-table" class="table table-hover table-striped">
+        <thead>
+        <tr>
+			<th></th>
+            <th data-i18n="common.client">Client</th>
+            <th data-i18n="common.scopes">Scopes</th>
+            <th><i class="icon-edit"></i></th>
+        </tr>
+        </thead>
+        <tbody>
+        </tbody>
+    </table>
+
+    <div class="well well-small">
+		<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button>
+    </div>
+
+</script>
+
+<script type="text/html" id="tmpl-whitelist-form">
+
+    <% if (whiteList.id == null) { %>
+        <h1 data-i18n="whitelist.whitelist-form.new">New Whitelisted Site</h1>
+    <% } else { %>
+        <h1 data-i18n="whitelist.whitelist-form.edit">Edit Whitelisted Site</h1>
+    <% } %>
+
+    <form class="form-horizontal">
+        <fieldset>
+            <div class="well well-small">
+                <button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp; 
+				<button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
+            </div>
+
+			<div class="control-group" id="clientId">
+				<label class="control-label" data-i18n="common.client">Client</label>
+				<div class="controls">
+			        <span title="<%- client.clientId %>"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
+				</div>
+			</div>
+
+            <div class="control-group" id="scope">
+                <label class="control-label" data-i18n="whitelist.whitelist-form.allowed-scopes">Allowed Scopes</label>
+                <div class="controls">
+                </div>
+            </div>
+
+            <div class="well well-small">
+                <button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp; 
+				<button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
+            </div>
+
+        </fieldset>
+    </form>
+
+</script>
diff --git a/openid-connect-server/pom.xml b/openid-connect-server/pom.xml
index d48678274..77182dfd7 100644
--- a/openid-connect-server/pom.xml
+++ b/openid-connect-server/pom.xml
@@ -23,7 +23,7 @@
 	<parent>
 		<groupId>org.mitre</groupId>
 		<artifactId>openid-connect-parent</artifactId>
-		<version>1.3.5.cnaf</version>
+		<version>1.3.5.cnaf-SNAPSHOT</version>
 		<relativePath>..</relativePath>
 	</parent>
 	<build>
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultIdTokenClaimsEnhancer.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultIdTokenClaimsEnhancer.java
index 82e94e90e..9a0eda25a 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultIdTokenClaimsEnhancer.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultIdTokenClaimsEnhancer.java
@@ -1,10 +1,12 @@
 package org.mitre.openid.connect.service.impl;
 
 import java.util.Date;
+
 import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
 import org.mitre.openid.connect.service.IDTokenClaimsEnhancer;
 import org.springframework.security.oauth2.provider.OAuth2Request;
 import org.springframework.stereotype.Service;
+
 import com.nimbusds.jwt.JWTClaimsSet;
 
 @Service("defaultIdTokenClaimsEnhancer")
@@ -13,7 +15,7 @@ public class DefaultIdTokenClaimsEnhancer implements IDTokenClaimsEnhancer {
   @Override
   public void enhanceIdTokenClaims(JWTClaimsSet.Builder claimsBuilder, OAuth2Request request, Date issueTime,
       String sub, OAuth2AccessTokenEntity accessToken) {
-
+    // no-op token claims enhancer
   }
 
 }
diff --git a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java
index 928aa8f15..218e40fb3 100644
--- a/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java
+++ b/openid-connect-server/src/main/java/org/mitre/openid/connect/service/impl/DefaultOIDCTokenService.java
@@ -32,11 +32,10 @@ import org.mitre.jwt.signer.service.impl.SymmetricKeyJWTValidatorCacheService;
 import org.mitre.oauth2.model.AuthenticationHolderEntity;
 import org.mitre.oauth2.model.ClientDetailsEntity;
 import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
-import org.mitre.oauth2.service.AuthenticationHolderEntityService;
+import org.mitre.oauth2.repository.AuthenticationHolderRepository;
 import org.mitre.oauth2.service.OAuth2TokenEntityService;
 import org.mitre.oauth2.service.SystemScopeService;
 import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
-import org.mitre.openid.connect.service.IDTokenClaimsEnhancer;
 import org.mitre.openid.connect.service.OIDCTokenService;
 import org.mitre.openid.connect.util.IdTokenHashUtils;
 import org.mitre.openid.connect.web.AuthenticationTimeStamper;
@@ -81,7 +80,7 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
 	private JWTSigningAndValidationService jwtService;
 
 	@Autowired
-	private AuthenticationHolderEntityService authenticationHolderService;
+	private AuthenticationHolderRepository authenticationHolderRepository;
 
 	@Autowired
 	private ConfigurationPropertiesBean configBean;
@@ -95,9 +94,6 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
 	@Autowired
 	private OAuth2TokenEntityService tokenService;
 
-	@Autowired
-	private IDTokenClaimsEnhancer idTokenClaimsEnhancer;
-
 	@Override
 	public JWT createIdToken(ClientDetailsEntity client, OAuth2Request request, Date issueTime, String sub, OAuth2AccessTokenEntity accessToken) {
 
@@ -145,9 +141,7 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
 		if (!Strings.isNullOrEmpty(nonce)) {
 			idClaims.claim("nonce", nonce);
 		}
-
-		idTokenClaimsEnhancer.enhanceIdTokenClaims(idClaims, request, issueTime, sub, accessToken);
-
+		
 		Set<String> responseTypes = request.getResponseTypes();
 
 		if (responseTypes.contains("token")) {
@@ -273,8 +267,9 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
 		token.setClient(client);
 		token.setScope(scope);
 
-		AuthenticationHolderEntity authHolder = authenticationHolderService.create(authentication);	
-		
+		AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity();
+		authHolder.setAuthentication(authentication);
+		authHolder = authenticationHolderRepository.save(authHolder);
 		token.setAuthenticationHolder(authHolder);
 
 		JWTClaimsSet claims = new JWTClaimsSet.Builder()
@@ -329,11 +324,17 @@ public class DefaultOIDCTokenService implements OIDCTokenService {
 	/**
 	 * @return the authenticationHolderRepository
 	 */
-	public AuthenticationHolderEntityService getAuthenticationHolderService() {
-		return authenticationHolderService;
+	public AuthenticationHolderRepository getAuthenticationHolderRepository() {
+		return authenticationHolderRepository;
 	}
 
-	
+	/**
+	 * @param authenticationHolderRepository the authenticationHolderRepository to set
+	 */
+	public void setAuthenticationHolderRepository(
+			AuthenticationHolderRepository authenticationHolderRepository) {
+		this.authenticationHolderRepository = authenticationHolderRepository;
+	}
 
 	/**
 	 * Hook for subclasses that allows adding custom claims to the JWT
diff --git a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultOIDCTokenService.java b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultOIDCTokenService.java
index 01405474c..5914ff0e1 100644
--- a/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultOIDCTokenService.java
+++ b/openid-connect-server/src/test/java/org/mitre/openid/connect/service/impl/TestDefaultOIDCTokenService.java
@@ -17,25 +17,23 @@ package org.mitre.openid.connect.service.impl;
 
 import java.util.Date;
 
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
 import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
 import org.mitre.oauth2.model.ClientDetailsEntity;
 import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
 import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.runners.MockitoJUnitRunner;
 import org.springframework.security.oauth2.provider.OAuth2Request;
 
 import com.nimbusds.jose.JWSAlgorithm;
 import com.nimbusds.jwt.JWT;
 import com.nimbusds.jwt.JWTClaimsSet;
 
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.mockito.InjectMocks;
-import org.mockito.Mock;
-import org.mockito.Mockito;
-import org.mockito.runners.MockitoJUnitRunner;
-
 @RunWith(MockitoJUnitRunner.class)
 public class TestDefaultOIDCTokenService {
     private static final String CLIENT_ID = "client";
@@ -67,6 +65,7 @@ public class TestDefaultOIDCTokenService {
                 idClaims.claim("test", "foo");
             }
         };
+        
         configure(s);
 
         JWT token = s.createIdToken(client, request, new Date(), "sub", accessToken);
diff --git a/pom.xml b/pom.xml
index 418f6e7f1..68f7b71c4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -20,7 +20,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>org.mitre</groupId>
 	<artifactId>openid-connect-parent</artifactId>
-	<version>1.3.5.cnaf</version>
+	<version>1.3.5.cnaf-SNAPSHOT</version>
 	<name>MITREid Connect</name>
 	<packaging>pom</packaging>
 	<parent>
diff --git a/uma-server-webapp/pom.xml b/uma-server-webapp/pom.xml
new file mode 100644
index 000000000..25bf84abd
--- /dev/null
+++ b/uma-server-webapp/pom.xml
@@ -0,0 +1,97 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	 <modelVersion>4.0.0</modelVersion>
+	 <parent>
+		<groupId>org.mitre</groupId>
+		<artifactId>openid-connect-parent</artifactId>
+		<version>1.3.3-SNAPSHOT</version>
+		<relativePath>..</relativePath>
+	 </parent>
+	 <artifactId>uma-server-webapp</artifactId>
+	 <packaging>war</packaging>
+	 <name>UMA Server Webapp</name>
+	 <description>Deployable package of the User Managed Access (UMA) server extension to MITREid Connect</description>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<configuration>
+					<source>${java-version}</source>
+					<target>${java-version}</target>
+				</configuration>
+			</plugin>
+			<plugin>
+				<groupId>org.appfuse.plugins</groupId>
+				<artifactId>warpath-maven-plugin</artifactId>
+				<extensions>true</extensions>
+				<executions>
+					<execution>
+						<goals>
+							<goal>add-classes</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
+   			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-war-plugin</artifactId>
+				<configuration>
+					<warName>uma-server-webapp</warName>
+					<overlays>
+						<overlay>
+							<groupId>org.mitre</groupId>
+							<artifactId>openid-connect-server-webapp</artifactId>
+						</overlay>
+					</overlays>
+					<failOnMissingWebXml>false</failOnMissingWebXml>
+				</configuration>
+			</plugin>
+			<plugin>
+				<groupId>org.eclipse.jetty</groupId>
+				<artifactId>jetty-maven-plugin</artifactId>
+				<configuration>
+					<war>${project.build.directory}/uma-server-webapp.war</war>
+					<webAppConfig>
+						<contextPath>/uma-server-webapp</contextPath>
+					</webAppConfig>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+	<dependencies>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-server-webapp</artifactId>
+			<type>war</type>
+		</dependency>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-server-webapp</artifactId>
+			<type>warpath</type>
+		</dependency>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>uma-server</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-client</artifactId>
+		</dependency>
+	</dependencies>
+</project>
diff --git a/uma-server-webapp/pom.xml.versionsBackup b/uma-server-webapp/pom.xml.versionsBackup
new file mode 100644
index 000000000..436fafedd
--- /dev/null
+++ b/uma-server-webapp/pom.xml.versionsBackup
@@ -0,0 +1,121 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2016 The MITRE Corporation
+      and the MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	 <modelVersion>4.0.0</modelVersion>
+	 <parent>
+		<groupId>org.mitre</groupId>
+		<artifactId>openid-connect-parent</artifactId>
+		<version>1.2.7-SNAPSHOT</version>
+		<relativePath>..</relativePath>
+	 </parent>
+	 <artifactId>uma-server-webapp</artifactId>
+	 <packaging>war</packaging>
+	 <name>UMA Server Webapp</name>
+	 <description>Deployable package of the User Managed Access (UMA) server extension to MITREid Connect</description>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<configuration>
+					<source>${java-version}</source>
+					<target>${java-version}</target>
+				</configuration>
+			</plugin>
+			<plugin>
+				<groupId>org.appfuse.plugins</groupId>
+				<artifactId>warpath-maven-plugin</artifactId>
+				<extensions>true</extensions>
+				<executions>
+					<execution>
+						<goals>
+							<goal>add-classes</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
+   			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-war-plugin</artifactId>
+				<configuration>
+					<overlays>
+						<overlay>
+							<groupId>org.mitre</groupId>
+							<artifactId>openid-connect-server-webapp</artifactId>
+						</overlay>
+					</overlays>
+				</configuration>
+			</plugin>
+		</plugins>
+		<pluginManagement>
+			<plugins>
+				<!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.-->
+				<plugin>
+					<groupId>org.eclipse.m2e</groupId>
+					<artifactId>lifecycle-mapping</artifactId>
+					<version>1.0.0</version>
+					<configuration>
+						<lifecycleMappingMetadata>
+							<pluginExecutions>
+								<pluginExecution>
+									<pluginExecutionFilter>
+										<groupId>
+											org.appfuse.plugins
+										</groupId>
+										<artifactId>
+											warpath-maven-plugin
+										</artifactId>
+										<versionRange>
+											[3.5.0,)
+										</versionRange>
+										<goals>
+											<goal>add-classes</goal>
+										</goals>
+									</pluginExecutionFilter>
+									<action>
+										<execute />
+									</action>
+								</pluginExecution>
+							</pluginExecutions>
+						</lifecycleMappingMetadata>
+					</configuration>
+				</plugin>
+			</plugins>
+		</pluginManagement>
+	</build>
+	<dependencies>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-server-webapp</artifactId>
+			<type>war</type>
+		</dependency>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-server-webapp</artifactId>
+			<type>warpath</type>
+		</dependency>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>uma-server</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-client</artifactId>
+		</dependency>
+	</dependencies>
+</project>
diff --git a/uma-server-webapp/src/main/resources/db/hsql/clients.sql b/uma-server-webapp/src/main/resources/db/hsql/clients.sql
new file mode 100755
index 000000000..8d41bcad9
--- /dev/null
+++ b/uma-server-webapp/src/main/resources/db/hsql/clients.sql
@@ -0,0 +1,77 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+SET AUTOCOMMIT FALSE;
+
+START TRANSACTION;
+
+--
+-- Insert client information into the temporary tables. To add clients to the HSQL database, edit things here.
+-- 
+
+INSERT INTO client_details_TEMP (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection) VALUES
+	('client', 'secret', 'Test Client', false, null, 3600, 600, true),
+	('rs', 'secret', 'Test UMA RS', false, null, null, 600, false),
+	('c', 'secret', 'Test UMA Client', false, null, null, 600, false);
+
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES
+	('client', 'openid'),
+	('client', 'profile'),
+	('client', 'email'),
+	('client', 'address'),
+	('client', 'phone'),
+	('client', 'offline_access'),
+	('rs', 'uma_protection'),
+	('c', 'uma_authorization');
+
+INSERT INTO client_redirect_uri_TEMP (owner_id, redirect_uri) VALUES
+	('client', 'http://localhost/'),
+	('client', 'http://localhost:8080/');
+
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES
+	('client', 'authorization_code'),
+	('client', 'urn:ietf:params:oauth:grant_type:redelegate'),
+	('client', 'implicit'),
+	('client', 'refresh_token'),
+	('rs', 'authorization_code'),
+	('rs', 'implicit'),
+	('c', 'authorization_code'),
+	('c', 'implicit');
+	
+--
+-- Merge the temporary clients safely into the database. This is a two-step process to keep clients from being created on every startup with a persistent store.
+--
+
+MERGE INTO client_details 
+  USING (SELECT client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection FROM client_details_TEMP) AS vals(client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection)
+  ON vals.client_id = client_details.client_id
+  WHEN NOT MATCHED THEN 
+    INSERT (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection) VALUES(client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection);
+
+MERGE INTO client_scope 
+  USING (SELECT id, scope FROM client_scope_TEMP, client_details WHERE client_details.client_id = client_scope_TEMP.owner_id) AS vals(id, scope)
+  ON vals.id = client_scope.owner_id AND vals.scope = client_scope.scope
+  WHEN NOT MATCHED THEN 
+    INSERT (owner_id, scope) values (vals.id, vals.scope);
+
+MERGE INTO client_redirect_uri 
+  USING (SELECT id, redirect_uri FROM client_redirect_uri_TEMP, client_details WHERE client_details.client_id = client_redirect_uri_TEMP.owner_id) AS vals(id, redirect_uri)
+  ON vals.id = client_redirect_uri.owner_id AND vals.redirect_uri = client_redirect_uri.redirect_uri
+  WHEN NOT MATCHED THEN 
+    INSERT (owner_id, redirect_uri) values (vals.id, vals.redirect_uri);
+
+MERGE INTO client_grant_type 
+  USING (SELECT id, grant_type FROM client_grant_type_TEMP, client_details WHERE client_details.client_id = client_grant_type_TEMP.owner_id) AS vals(id, grant_type)
+  ON vals.id = client_grant_type.owner_id AND vals.grant_type = client_grant_type.grant_type
+  WHEN NOT MATCHED THEN 
+    INSERT (owner_id, grant_type) values (vals.id, vals.grant_type);
+    
+-- 
+-- Close the transaction and turn autocommit back on
+-- 
+    
+COMMIT;
+
+SET AUTOCOMMIT TRUE;
+
diff --git a/uma-server-webapp/src/main/resources/db/hsql/scopes.sql b/uma-server-webapp/src/main/resources/db/hsql/scopes.sql
new file mode 100755
index 000000000..c3ea0b113
--- /dev/null
+++ b/uma-server-webapp/src/main/resources/db/hsql/scopes.sql
@@ -0,0 +1,35 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+SET AUTOCOMMIT FALSE;
+
+START TRANSACTION;
+
+--
+-- Insert scope information into the temporary tables.
+-- 
+
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope) VALUES
+  ('openid', 'log in using your identity', 'user', false, true),
+  ('profile', 'basic profile information', 'list-alt', false, true),
+  ('email', 'email address', 'envelope', false, true),
+  ('address', 'physical address', 'home', false, true),
+  ('phone', 'telephone number', 'bell', false, true),
+  ('offline_access', 'offline access', 'time', false, false),
+  ('uma_protection', 'manage protected resources', 'briefcase', false, false),
+  ('uma_authorization', 'request access to protected resources', 'share', false, false);
+  
+--
+-- Merge the temporary scopes safely into the database. This is a two-step process to keep scopes from being created on every startup with a persistent store.
+--
+
+MERGE INTO system_scope
+	USING (SELECT scope, description, icon, restricted, default_scope  FROM system_scope_TEMP) AS vals(scope, description, icon, restricted, default_scope)
+	ON vals.scope = system_scope.scope
+	WHEN NOT MATCHED THEN
+	  INSERT (scope, description, icon, restricted, default_scope) VALUES(vals.scope, vals.description, vals.icon, vals.restricted, vals.default_scope);
+
+COMMIT;
+
+SET AUTOCOMMIT TRUE;
diff --git a/uma-server-webapp/src/main/resources/db/mysql/clients.sql b/uma-server-webapp/src/main/resources/db/mysql/clients.sql
new file mode 100755
index 000000000..02444c473
--- /dev/null
+++ b/uma-server-webapp/src/main/resources/db/mysql/clients.sql
@@ -0,0 +1,69 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+SET AUTOCOMMIT = 0;
+
+START TRANSACTION;
+
+--
+-- Insert client information into the temporary tables. To add clients to the HSQL database, edit things here.
+-- 
+
+INSERT INTO client_details_TEMP (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection) VALUES
+	('client', 'secret', 'Test Client', false, null, 3600, 600, true),
+	('rs', 'secret', 'Test UMA RS', false, null, null, 600, false),
+	('c', 'secret', 'Test UMA Client', false, null, null, 600, false);
+
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES
+	('client', 'openid'),
+	('client', 'profile'),
+	('client', 'email'),
+	('client', 'address'),
+	('client', 'phone'),
+	('client', 'offline_access'),
+	('rs', 'uma_protection'),
+	('c', 'uma_authorization');
+
+INSERT INTO client_redirect_uri_TEMP (owner_id, redirect_uri) VALUES
+	('client', 'http://localhost/'),
+	('client', 'http://localhost:8080/');
+	
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES
+	('client', 'authorization_code'),
+	('client', 'urn:ietf:params:oauth:grant_type:redelegate'),
+	('client', 'implicit'),
+	('client', 'refresh_token'),
+	('rs', 'authorization_code'),
+	('rs', 'implicit'),
+	('c', 'authorization_code'),
+	('c', 'implicit');
+	
+--
+-- Merge the temporary clients safely into the database. This is a two-step process to keep clients from being created on every startup with a persistent store.
+--
+
+INSERT INTO client_details (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection)
+  SELECT client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection FROM client_details_TEMP
+  ON DUPLICATE KEY UPDATE client_details.client_id = client_details.client_id;
+
+INSERT INTO client_scope (owner_id, scope)
+  SELECT id, scope FROM client_scope_TEMP, client_details WHERE client_details.client_id = client_scope_TEMP.owner_id
+  ON DUPLICATE KEY UPDATE client_scope.owner_id = client_scope.owner_id;
+
+INSERT INTO client_redirect_uri (owner_id, redirect_uri)
+  SELECT id, redirect_uri FROM client_redirect_uri_TEMP, client_details WHERE client_details.client_id = client_redirect_uri_TEMP.owner_id
+  ON DUPLICATE KEY UPDATE client_redirect_uri.owner_id = client_redirect_uri.owner_id;
+
+INSERT INTO client_grant_type (owner_id, grant_type)
+  SELECT id, grant_type FROM client_grant_type_TEMP, client_details WHERE client_details.client_id = client_grant_type_TEMP.owner_id
+  ON DUPLICATE KEY UPDATE client_grant_type.owner_id = client_grant_type.owner_id;
+    
+-- 
+-- Close the transaction and turn autocommit back on
+-- 
+    
+COMMIT;
+
+SET AUTOCOMMIT = 1;
+
diff --git a/uma-server-webapp/src/main/resources/db/mysql/scopes.sql b/uma-server-webapp/src/main/resources/db/mysql/scopes.sql
new file mode 100755
index 000000000..bdcc0f6e3
--- /dev/null
+++ b/uma-server-webapp/src/main/resources/db/mysql/scopes.sql
@@ -0,0 +1,33 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+SET AUTOCOMMIT = 0;
+
+START TRANSACTION;
+
+--
+-- Insert scope information into the temporary tables.
+-- 
+
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES
+  ('openid', 'log in using your identity', 'user', false, true, false, null),
+  ('profile', 'basic profile information', 'list-alt', false, true, false, null),
+  ('email', 'email address', 'envelope', false, true, false, null),
+  ('address', 'physical address', 'home', false, true, false, null),
+  ('phone', 'telephone number', 'bell', false, true, false, null),
+  ('offline_access', 'offline access', 'time', false, false, false, null),
+  ('uma_protection', 'manage protected resources', 'briefcase', false, false, false, null),
+  ('uma_authorization', 'request access to protected resources', 'share', false, false, false, null);
+  
+--
+-- Merge the temporary scopes safely into the database. This is a two-step process to keep scopes from being created on every startup with a persistent store.
+--
+
+INSERT INTO system_scope (scope, description, icon, restricted, default_scope, structured, structured_param_description) 
+  SELECT scope, description, icon, restricted, default_scope, structured, structured_param_description FROM system_scope_TEMP
+  ON DUPLICATE KEY UPDATE system_scope.scope = system_scope.scope;
+
+COMMIT;
+
+SET AUTOCOMMIT = 1;
diff --git a/uma-server-webapp/src/main/resources/db/oracle/clients_oracle.sql b/uma-server-webapp/src/main/resources/db/oracle/clients_oracle.sql
new file mode 100755
index 000000000..783ff2d3a
--- /dev/null
+++ b/uma-server-webapp/src/main/resources/db/oracle/clients_oracle.sql
@@ -0,0 +1,61 @@
+--
+-- Insert client information into the temporary tables. To add clients to the Oracle database, edit things here.
+-- 
+
+INSERT INTO client_details_TEMP (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection) VALUES
+	('client', 'secret', 'Test Client', 0, null, 3600, 600, 1);
+INSERT INTO client_details_TEMP (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection) VALUES
+	('rs', 'secret', 'Test UMA RS', false, null, null, 600, false);
+INSERT INTO client_details_TEMP (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection) VALUES
+	('c', 'secret', 'Test UMA Client', false, null, null, 600, false);
+
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('client', 'openid');
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('client', 'profile');
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('client', 'email');
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('client', 'address');
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('client', 'phone');
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('client', 'offline_access');
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('rs', 'uma_protection');
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES ('c', 'uma_authorization');
+
+INSERT INTO client_redirect_uri_TEMP (owner_id, redirect_uri) VALUES ('client', 'http://localhost/');
+INSERT INTO client_redirect_uri_TEMP (owner_id, redirect_uri) VALUES ('client', 'http://localhost:8080/');
+
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES ('client', 'authorization_code');
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES ('client', 'urn:ietf:params:oauth:grant_type:redelegate');
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES ('client', 'implicit');
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES ('client', 'refresh_token');
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES ('rs', 'authorization_code');
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES ('rs', 'implicit');
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES ('c', 'authorization_code');
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES ('c', 'implicit');
+	
+--
+-- Merge the temporary clients safely into the database. This is a two-step process to keep clients from being created on every startup with a persistent store.
+--
+
+MERGE INTO client_details 
+  USING (SELECT client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection FROM client_details_TEMP) vals
+  ON (vals.client_id = client_details.client_id)
+  WHEN NOT MATCHED THEN 
+    INSERT (id, client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds,
+    id_token_validity_seconds, allow_introspection) VALUES(client_details_seq.nextval, vals.client_id, vals.client_secret, vals.client_name, vals.dynamically_registered,
+    vals.refresh_token_validity_seconds, vals.access_token_validity_seconds, vals.id_token_validity_seconds, vals.allow_introspection);
+
+MERGE INTO client_scope 
+  USING (SELECT id, scope FROM client_scope_TEMP, client_details WHERE client_details.client_id = client_scope_TEMP.owner_id) vals
+  ON (vals.id = client_scope.owner_id AND vals.scope = client_scope.scope)
+  WHEN NOT MATCHED THEN 
+    INSERT (owner_id, scope) values (vals.id, vals.scope);
+
+MERGE INTO client_redirect_uri 
+  USING (SELECT id, redirect_uri FROM client_redirect_uri_TEMP, client_details WHERE client_details.client_id = client_redirect_uri_TEMP.owner_id) vals
+  ON (vals.id = client_redirect_uri.owner_id AND vals.redirect_uri = client_redirect_uri.redirect_uri)
+  WHEN NOT MATCHED THEN 
+    INSERT (owner_id, redirect_uri) values (vals.id, vals.redirect_uri);
+
+MERGE INTO client_grant_type 
+  USING (SELECT id, grant_type FROM client_grant_type_TEMP, client_details WHERE client_details.client_id = client_grant_type_TEMP.owner_id) vals
+  ON (vals.id = client_grant_type.owner_id AND vals.grant_type = client_grant_type.grant_type)
+  WHEN NOT MATCHED THEN 
+    INSERT (owner_id, grant_type) values (vals.id, vals.grant_type);
diff --git a/uma-server-webapp/src/main/resources/db/oracle/scopes_oracle.sql b/uma-server-webapp/src/main/resources/db/oracle/scopes_oracle.sql
new file mode 100755
index 000000000..a52e021de
--- /dev/null
+++ b/uma-server-webapp/src/main/resources/db/oracle/scopes_oracle.sql
@@ -0,0 +1,31 @@
+--
+-- Insert scope information into the temporary tables.
+-- 
+
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES
+  ('openid', 'log in using your identity', 'user', 0, 1, 0, null);
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES
+  ('profile', 'basic profile information', 'list-alt', 0, 1, 0, null);
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES
+  ('email', 'email address', 'envelope', 0, 1, 0, null);
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES
+  ('address', 'physical address', 'home', 0, 1, 0, null);
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES
+  ('phone', 'telephone number', 'bell', 0, 1, 0, null);
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES
+  ('offline_access', 'offline access', 'time', 0, 0, 0, null);
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES
+  ('uma_protection', 'manage protected resources', 'briefcase', 0, 0, 0, null);
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES
+  ('uma_authorization', 'request access to protected resources', 'share', 0, 0, 0, null);
+  
+--
+-- Merge the temporary scopes safely into the database. This is a two-step process to keep scopes from being created on every startup with a persistent store.
+--
+
+MERGE INTO system_scope
+	USING (SELECT scope, description, icon, restricted, default_scope, structured, structured_param_description FROM system_scope_TEMP) vals
+	ON (vals.scope = system_scope.scope)
+	WHEN NOT MATCHED THEN
+	  INSERT (id, scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES(system_scope_seq.nextval, vals.scope,
+	  vals.description, vals.icon, vals.restricted, vals.default_scope, vals.structured, vals.structured_param_description);
diff --git a/uma-server-webapp/src/main/resources/db/psql/clients.sql b/uma-server-webapp/src/main/resources/db/psql/clients.sql
new file mode 100755
index 000000000..d4c75e7fe
--- /dev/null
+++ b/uma-server-webapp/src/main/resources/db/psql/clients.sql
@@ -0,0 +1,74 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+--SET AUTOCOMMIT = OFF;
+
+START TRANSACTION;
+
+--
+-- Insert client information into the temporary tables. To add clients to the HSQL database, edit things here.
+-- 
+
+INSERT INTO client_details_TEMP (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection) VALUES
+	('client', 'secret', 'Test Client', false, null, 3600, 600, true),
+	('rs', 'secret', 'Test UMA RS', false, null, null, 600, false),
+	('c', 'secret', 'Test UMA Client', false, null, null, 600, false);
+
+INSERT INTO client_scope_TEMP (owner_id, scope) VALUES
+	('client', 'openid'),
+	('client', 'profile'),
+	('client', 'email'),
+	('client', 'address'),
+	('client', 'phone'),
+	('client', 'offline_access'),
+	('rs', 'uma_protection'),
+	('c', 'uma_authorization');
+
+INSERT INTO client_redirect_uri_TEMP (owner_id, redirect_uri) VALUES
+	('client', 'http://localhost/'),
+	('client', 'http://localhost:8080/');
+	
+INSERT INTO client_grant_type_TEMP (owner_id, grant_type) VALUES
+	('client', 'authorization_code'),
+	('client', 'urn:ietf:params:oauth:grant_type:redelegate'),
+	('client', 'implicit'),
+	('client', 'refresh_token'),
+	('rs', 'authorization_code'),
+	('rs', 'implicit'),
+	('c', 'authorization_code'),
+	('c', 'implicit');
+	
+--
+-- Merge the temporary clients safely into the database. This is a two-step process to keep clients from being created on every startup with a persistent store.
+--
+
+INSERT INTO client_details (client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection)
+  SELECT client_id, client_secret, client_name, dynamically_registered, refresh_token_validity_seconds, access_token_validity_seconds, id_token_validity_seconds, allow_introspection FROM client_details_TEMP
+  ON CONFLICT
+  DO NOTHING;
+
+INSERT INTO client_scope (scope)
+  SELECT scope FROM client_scope_TEMP, client_details WHERE client_details.client_id = client_scope_TEMP.owner_id
+  ON CONFLICT
+  DO NOTHING;
+
+INSERT INTO client_redirect_uri (redirect_uri)
+  SELECT redirect_uri FROM client_redirect_uri_TEMP, client_details WHERE client_details.client_id = client_redirect_uri_TEMP.owner_id
+  ON CONFLICT
+  DO NOTHING;
+
+INSERT INTO client_grant_type (grant_type)
+  SELECT grant_type FROM client_grant_type_TEMP, client_details WHERE client_details.client_id = client_grant_type_TEMP.owner_id
+  ON CONFLICT
+  DO NOTHING;
+    
+-- 
+-- Close the transaction and turn autocommit back on
+-- 
+    
+COMMIT;
+
+--SET AUTOCOMMIT = ON;
+
+
diff --git a/uma-server-webapp/src/main/resources/db/psql/scopes.sql b/uma-server-webapp/src/main/resources/db/psql/scopes.sql
new file mode 100755
index 000000000..8b2611b83
--- /dev/null
+++ b/uma-server-webapp/src/main/resources/db/psql/scopes.sql
@@ -0,0 +1,33 @@
+--
+-- Turn off autocommit and start a transaction so that we can use the temp tables
+--
+
+--SET AUTOCOMMIT = OFF;
+
+START TRANSACTION;
+
+--
+-- Insert scope information into the temporary tables.
+-- 
+
+INSERT INTO system_scope_TEMP (scope, description, icon, restricted, default_scope, structured, structured_param_description) VALUES
+  ('openid', 'log in using your identity', 'user', false, true, false, null),
+  ('profile', 'basic profile information', 'list-alt', false, true, false, null),
+  ('email', 'email address', 'envelope', false, true, false, null),
+  ('address', 'physical address', 'home', false, true, false, null),
+  ('phone', 'telephone number', 'bell', false, true, false, null),
+  ('offline_access', 'offline access', 'time', false, false, false, null);
+  
+--
+-- Merge the temporary scopes safely into the database. This is a two-step process to keep scopes from being created on every startup with a persistent store.
+--
+
+INSERT INTO system_scope (scope, description, icon, restricted, default_scope, structured, structured_param_description)
+  SELECT scope, description, icon, restricted, default_scope, structured, structured_param_description FROM system_scope_TEMP
+  ON CONFLICT(scope)
+  DO NOTHING;
+
+COMMIT;
+
+--SET AUTOCOMMIT = ON;
+
diff --git a/uma-server-webapp/src/main/webapp/WEB-INF/endpoint-config.xml b/uma-server-webapp/src/main/webapp/WEB-INF/endpoint-config.xml
new file mode 100644
index 000000000..7c645d23a
--- /dev/null
+++ b/uma-server-webapp/src/main/webapp/WEB-INF/endpoint-config.xml
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+
+	<security:http pattern="/#{T(org.mitre.uma.web.ResourceSetRegistrationEndpoint).URL}/**" use-expressions="true" entry-point-ref="oauthAuthenticationEntryPoint" create-session="never">
+		<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:expression-handler ref="oauthWebExpressionHandler" />
+		<security:csrf disabled="true"/>
+	</security:http>
+
+	<security:http pattern="/#{T(org.mitre.uma.web.PermissionRegistrationEndpoint).URL}/**" use-expressions="true" entry-point-ref="oauthAuthenticationEntryPoint" create-session="never">
+		<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:expression-handler ref="oauthWebExpressionHandler" />
+		<security:csrf disabled="true"/>
+	</security:http>
+	
+	<security:http pattern="/#{T(org.mitre.uma.web.AuthorizationRequestEndpoint).URL}/**" use-expressions="true" entry-point-ref="oauthAuthenticationEntryPoint" create-session="never">
+		<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
+		<security:custom-filter ref="corsFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:expression-handler ref="oauthWebExpressionHandler" />
+		<security:csrf disabled="true"/>
+	</security:http>
+
+</beans>
diff --git a/uma-server-webapp/src/main/webapp/WEB-INF/server-config.xml b/uma-server-webapp/src/main/webapp/WEB-INF/server-config.xml
new file mode 100644
index 000000000..92685552c
--- /dev/null
+++ b/uma-server-webapp/src/main/webapp/WEB-INF/server-config.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+	<bean id="configBean" class="org.mitre.openid.connect.config.ConfigurationPropertiesBean">
+	    
+	    <!-- This property sets the root URL of the server, known as the issuer -->
+		<property name="issuer" value="http://localhost:8080/uma-server-webapp/" />
+		
+		<!-- This property is a URL pointing to a logo image 24px high to be used in the top bar -->
+ 		<property name="logoImageUrl" value="resources/images/openid_connect_small.png" />
+ 		
+ 		<!-- This property sets the display name of the server, displayed in the topbar and page title -->
+ 		<property name="topbarTitle" value="UMA Server" />
+ 		
+		<!-- This property sets the lifetime of registration access tokens, in seconds. Leave it unset (null) for no rotation. -->
+		<!-- <property name="regTokenLifeTime" value="172800" /> -->
+		
+		<!-- This property forces the issuer value to start with "https", recommended on production servers -->
+		<!-- <property name="forceHttps" value="true" /> -->
+		
+		<!-- This property sets the locale for server text -->
+		<!-- <property name="locale" value="sv" /> -->
+
+		<!-- This property sets the set of namespaces for language translation files. The default is "messages". These are checked in the order presented here. -->
+		<property name="languageNamespaces">
+			<list>
+				<value>uma</value>
+				<value>messages</value>
+			</list>
+		</property>
+
+		<!-- This property indicates if a dynamically registered client supports dual flows, such as client_credentials
+		at the same time with authorization_code or implicit -->
+		<!-- <property name="dualClient" value="true" /> -->
+		
+		<!-- This property turns on HEART compliance mode -->
+		<!-- <property name="heartMode" value="true" /> -->
+
+	</bean>
+	
+</beans>
diff --git a/uma-server-webapp/src/main/webapp/WEB-INF/tags/actionmenu.tag b/uma-server-webapp/src/main/webapp/WEB-INF/tags/actionmenu.tag
new file mode 100644
index 000000000..47df4a361
--- /dev/null
+++ b/uma-server-webapp/src/main/webapp/WEB-INF/tags/actionmenu.tag
@@ -0,0 +1,21 @@
+<%@ tag language="java" pageEncoding="UTF-8"%>
+<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
+<%@ taglib prefix="security"
+	uri="http://www.springframework.org/security/tags"%>
+<security:authorize access="hasRole('ROLE_ADMIN')">
+	<li class="nav-header"><spring:message code="sidebar.administrative.title"/></li>
+	<li><a href="manage/#admin/clients" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.administrative.manage_clients"/></a></li>
+	<li><a href="manage/#admin/whitelists" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.administrative.whitelisted_clients"/></a></li>
+	<li><a href="manage/#admin/blacklist" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.administrative.blacklisted_clients"/></a></li>
+	<li><a href="manage/#admin/scope" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.administrative.system_scopes"/></a></li>
+	<li class="divider"></li>
+</security:authorize>
+<li class="nav-header"><spring:message code="sidebar.personal.title"/></li>
+<li><a href="manage/#user/approved" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.personal.approved_sites"/></a></li>
+<li><a href="manage/#user/tokens" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.personal.active_tokens"/></a></li>
+<li><a href="manage/#user/profile" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.personal.profile_information"/></a></li>
+<li><a href="manage/#user/policy" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.personal.resource_policies"/></a></li>
+<li class="divider"></li>
+<li class="nav-header"><spring:message code="sidebar.developer.title"/></li>
+<li><a href="manage/#dev/dynreg" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.developer.client_registration"/></a><li>
+<li><a href="manage/#dev/resource" data-toggle="collapse" data-target=".nav-collapse"><spring:message code="sidebar.developer.resource_registration"/></a><li>
\ No newline at end of file
diff --git a/uma-server-webapp/src/main/webapp/WEB-INF/ui-config.xml b/uma-server-webapp/src/main/webapp/WEB-INF/ui-config.xml
new file mode 100644
index 000000000..2cd7bfc33
--- /dev/null
+++ b/uma-server-webapp/src/main/webapp/WEB-INF/ui-config.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+
+<!-- This file allows you to define components to the UI -->
+
+	<bean class="org.mitre.openid.connect.config.UIConfiguration" id="uiConfiguration">
+		<property name="jsFiles">
+			<set>
+				<value>resources/js/client.js</value>
+				<value>resources/js/grant.js</value>
+				<value>resources/js/scope.js</value>
+				<value>resources/js/whitelist.js</value>
+				<value>resources/js/dynreg.js</value>
+				<value>resources/js/rsreg.js</value>
+				<value>resources/js/token.js</value>
+				<value>resources/js/blacklist.js</value>
+				<value>resources/js/profile.js</value>
+				<value>resources/js/policy.js</value>
+			</set>
+		</property>
+	</bean>
+
+
+</beans>
diff --git a/uma-server-webapp/src/main/webapp/WEB-INF/user-context.xml b/uma-server-webapp/src/main/webapp/WEB-INF/user-context.xml
new file mode 100644
index 000000000..4a2f7bb0d
--- /dev/null
+++ b/uma-server-webapp/src/main/webapp/WEB-INF/user-context.xml
@@ -0,0 +1,142 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:mvc="http://www.springframework.org/schema/mvc"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:security="http://www.springframework.org/schema/security"
+	xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
+	xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd
+		http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.3.xsd
+		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.3.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.3.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.3.xsd">
+
+
+	<!-- Support for external OIDC logins for claims gathering -->
+
+	<mvc:view-controller path="/external_login" view-name="external_login" />
+	
+	<security:http pattern="/external_login**" use-expressions="true" entry-point-ref="http403EntryPoint">
+		<security:intercept-url pattern="/external_login**" access="permitAll"/>	
+	</security:http>
+
+	<security:http disable-url-rewriting="true" use-expressions="true"
+			auto-config="false" entry-point-ref="externalAuthenticationEntryPoint"
+			pattern="/#{T(org.mitre.uma.web.ClaimsCollectionEndpoint).URL}**"> 
+
+		<security:logout logout-url="/logout" />
+		<security:expression-handler ref="oauthWebExpressionHandler" />
+	</security:http>	
+
+	<bean id="externalAuthenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">
+		<constructor-arg type="java.lang.String" value="/openid_connect_login"/>
+	</bean>
+
+	<security:authentication-manager id="externalAuthenticationManager">
+		<security:authentication-provider ref="externalAuthenticationProvider" />
+	</security:authentication-manager>
+
+	<bean id="externalAuthenticationProvider" class="org.mitre.openid.connect.client.OIDCAuthenticationProvider">
+		<property name="authoritiesMapper">
+			<bean class="org.mitre.uma.util.ExternalLoginAuthoritiesMapper" />
+		</property>
+	</bean>
+
+	<bean id="externalAuthenticationFilter" class="org.mitre.openid.connect.client.OIDCAuthenticationFilter">
+		<property name="authenticationManager" ref="externalAuthenticationManager" />
+
+		<property name="issuerService" ref="hybridIssuerService" />
+		<property name="serverConfigurationService" ref="dynamicServerConfigurationService" />
+		<property name="clientConfigurationService" ref="dynamicClientConfigurationService" />
+		<property name="authRequestOptionsService" ref="staticAuthRequestOptionsService" />
+		<property name="authRequestUrlBuilder" ref="plainAuthRequestUrlBuilder" />
+		
+	</bean>
+
+	<bean class="org.mitre.openid.connect.client.service.impl.HybridIssuerService" id="hybridIssuerService">
+		<property name="loginPageUrl" value="external_login" />
+	</bean>
+
+	<bean class="org.mitre.openid.connect.client.service.impl.DynamicServerConfigurationService" id="dynamicServerConfigurationService" />
+
+	<bean class="org.mitre.openid.connect.client.service.impl.DynamicRegistrationClientConfigurationService" id="dynamicClientConfigurationService">
+		<property name="template">
+			<bean class="org.mitre.oauth2.model.RegisteredClient">
+				<property name="clientName" value="HealthAuth Authorization Server" />
+				<property name="scope">
+					<set value-type="java.lang.String">
+						<value>openid</value>
+						<value>profile</value>
+						<value>email</value>
+						<value>phone</value>
+						<value>address</value>
+					</set>
+				</property>
+				<property name="tokenEndpointAuthMethod" value="SECRET_BASIC" />
+				<property name="redirectUris">
+					<set>
+						<value>#{configBean.issuer + "openid_connect_login"}</value>
+					</set>
+				</property>
+			</bean>
+		</property>
+		<property name="registeredClientService">
+			<bean class="org.mitre.uma.service.impl.JpaRegisteredClientService" />
+		</property>
+	</bean>
+
+	<bean class="org.mitre.openid.connect.client.service.impl.StaticAuthRequestOptionsService" id="staticAuthRequestOptionsService" />
+
+	<bean class="org.mitre.openid.connect.client.service.impl.PlainAuthRequestUrlBuilder" id="plainAuthRequestUrlBuilder" />
+
+
+	<!-- Standard configuration -->
+
+	<security:authentication-manager id="authenticationManager">
+		<security:authentication-provider>
+			<security:jdbc-user-service data-source-ref="dataSource"/>
+		</security:authentication-provider>
+	</security:authentication-manager>
+		
+	<mvc:view-controller path="/login" view-name="login" />
+	
+	
+	<!--<security:http pattern="/login**" use-expressions="true" entry-point-ref="http403EntryPoint">
+		<security:intercept-url pattern="/login**" access="permitAll"/>	
+	</security:http>-->
+
+	<security:http authentication-manager-ref="authenticationManager">
+
+		<security:intercept-url pattern="/authorize" access="hasRole('ROLE_USER')" />
+		<security:intercept-url pattern="/**" access="permitAll" />
+
+		<security:form-login login-page="/login" authentication-failure-url="/login?error=failure" authentication-success-handler-ref="authenticationTimeStamper" />
+		<security:custom-filter before="PRE_AUTH_FILTER" ref="externalAuthenticationFilter" />
+		<security:custom-filter ref="authRequestFilter" after="SECURITY_CONTEXT_FILTER" />
+		<security:logout logout-url="/logout" />
+		<security:anonymous />
+		<security:expression-handler ref="oauthWebExpressionHandler" />
+		<security:headers>
+			<security:frame-options policy="DENY" />
+		</security:headers>
+		<security:csrf />
+	</security:http>
+
+</beans>
diff --git a/uma-server-webapp/src/main/webapp/WEB-INF/views/external_login.jsp b/uma-server-webapp/src/main/webapp/WEB-INF/views/external_login.jsp
new file mode 100644
index 000000000..897afdaaa
--- /dev/null
+++ b/uma-server-webapp/src/main/webapp/WEB-INF/views/external_login.jsp
@@ -0,0 +1,42 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@ taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags"%>
+<o:header title="Login"/>
+<o:topbar />
+<div class="container-fluid main">
+	<div class="row-fluid">
+		<div class="span10 offset1">
+
+			<h2>Log In</h2>
+			
+			<p>Enter your email address to log in</p> 
+			
+			<div class="well">
+				<div class="row-fluid">
+	
+					<div class="span8">
+						<form action="openid_connect_login" method="get">
+							<input type="text" class="input-xxlarge" name="identifier" id="identifier" />
+							<input type="submit" value="Log In" />
+						</form>
+					</div>
+	
+				</div>
+
+		</div>
+	</div>
+</div>
+
+<script type="text/javascript">
+	$(document).ready(function () {
+		$('#localhost').on('click', function() {
+			$('#identifier').val('http://localhost:8080/openid-connect-server-webapp/');
+		});
+		$('#mitreidorg').on('click', function() {
+			$('#identifier').val('user@mitreid.org');
+		});
+		
+	});
+</script>
+<o:footer />
\ No newline at end of file
diff --git a/uma-server-webapp/src/main/webapp/resources/js/locale/en/uma.json b/uma-server-webapp/src/main/webapp/resources/js/locale/en/uma.json
new file mode 100644
index 000000000..69ff2e186
--- /dev/null
+++ b/uma-server-webapp/src/main/webapp/resources/js/locale/en/uma.json
@@ -0,0 +1,59 @@
+{
+	"admin": {
+		"policies": "Manage Protected Resource Policies"
+	},
+	"policy" : {
+    	"resource-sets": "Resource Sets",
+    	"edit-policies": "Edit Policies",
+    	"new-policy": "New Policy",
+    	"edit-policy": "Edit Policy",
+    	"loading-policies": "Policies",
+    	"loading-policy": "Policy",
+    	"loading-rs": "Resource Set",
+    	"rs-table": {
+    		"confirm": "Are you sure you want to delete this resource set?",
+    		"no-resource-sets": "There are no resource sets registered. Introduce a protected to this authorization server to let it register some.",
+    		"scopes": "Scopes",
+    		"shared-with": "Shared with:",
+    		"shared-nobody": "NOBODY",
+    		"shared-nobody-tooltip": "This resource is not accessible by anyone else, edit the policies and share it with someone.",
+    		"sharing": "Sharing Policies"
+    	},
+    	"policy-table": {
+    		"new": "Add New Policy",
+    		"return": "Return to list",
+    		"edit": "Edit Policy",
+    		"confirm": "Are you sure you want to delete this policy?",
+    		"delete": "Delete",
+    		"no-policies": "There are no policies for this resource set: This resource set is inaccessible by others.",
+    		"required-claims": "Required Claims",
+    		"required-claims-info": "Users that you share this resource will with need to be able to present the following claims in order to access the resource.",
+    		"remove": "Remove",
+    		"issuers": "Issuers",
+    		"claim": "Claim",
+    		"value": "Value"
+    	},
+    	"policy-form": {
+    		"email-address": "email address",
+    		"share-email": "Share with email address",
+    		"new": "New Policy",
+    		"edit": "Edit Policy",
+    		"claim-name": "claim name",
+    		"friendly-claim-name": "friendly claim name",
+    		"claim-value": "claim value",
+    		"value-type-text": "Text",
+    		"value-type-number": "Number",
+    		"clear-all": "Clear all claims",
+    		"clear-all-confirm": "Are you sure you want to clear all claims from this policy?"
+    	},
+    	"webfinger-error": "Error",
+    	"webfinger-error-description": "The server was unable to find an identity provider for <code>__email__</code>.",
+    	"advanced-error": "Error",
+    	"advanced-error-description": "There was an error saving your advanced claim. Did you fill in all required fields?"
+    },
+    "sidebar": {
+    	"personal": {
+    		"resource_policies": "Manage Protected Resource Policies"
+    	}
+    }
+}
\ No newline at end of file
diff --git a/uma-server-webapp/src/main/webapp/resources/js/locale/zh/uma.json b/uma-server-webapp/src/main/webapp/resources/js/locale/zh/uma.json
new file mode 100644
index 000000000..e2444c4ea
--- /dev/null
+++ b/uma-server-webapp/src/main/webapp/resources/js/locale/zh/uma.json
@@ -0,0 +1,59 @@
+{
+	"admin": {
+		"policies": "管理受保护资源的政策"
+	},
+	"policy" : {
+    	"resource-sets": "资源集",
+    	"edit-policies": "编辑政策",
+    	"new-policy": "新建政策",
+    	"edit-policy": "编辑政策",
+    	"loading-policies": "政策",
+    	"loading-policy": "政策",
+    	"loading-rs": "资源集",
+    	"rs-table": {
+    		"confirm": "确定要删除该资源？",
+    		"no-resource-sets": "尚未有已注册的资源集。您可在此授权服务器中注册一个。",
+    		"scopes": "范围",
+    		"shared-with": "共享给:",
+    		"shared-nobody": "不共享",
+    		"shared-nobody-tooltip": "此资源别人无法访问，请编辑政策使其与其他人共享。",
+    		"sharing": "共享政策"
+    	},
+    	"policy-table": {
+    		"new": "新建政策",
+    		"return": "返回到列表",
+    		"edit": "编辑政策",
+    		"confirm": "确定要删除该政策？",
+    		"delete": "删除",
+    		"no-policies": "此资源集尚未有政策：别人无法访问此资源集。",
+    		"required-claims": "必须的声明",
+    		"required-claims-info": "与您共享此资源的用户必须具备以下声明，才能访问该资源。",
+    		"remove": "移除",
+    		"issuers": "签发者",
+    		"claim": "声明项",
+    		"value": "值"
+    	},
+    	"policy-form": {
+    		"email-address": "email地址",
+    		"share-email": "连带email地址共享",
+    		"new": "新建政策",
+    		"edit": "编辑政策",
+    		"claim-name": "声明项名称",
+    		"friendly-claim-name": "声明的显示名",
+    		"claim-value": "声明的值",
+    		"value-type-text": "文本",
+    		"value-type-number": "数字",
+    		"clear-all": "清除全部声明",
+    		"clear-all-confirm": "您是否要从此政策中清除全部声明？"
+    	},
+    	"webfinger-error": "错误",
+    	"webfinger-error-description": "服务器无法找到<code>__email__</code>的身份提供者。",
+    	"advanced-error": "错误",
+    	"advanced-error-description": "保存高级声明时出错。您是否填写了全部必填项？"
+    },
+    "sidebar": {
+    	"personal": {
+    		"resource_policies": "管理受保护资源的政策"
+    	}
+    }
+}
\ No newline at end of file
diff --git a/uma-server-webapp/src/main/webapp/resources/js/locale/zh_CN/uma.json b/uma-server-webapp/src/main/webapp/resources/js/locale/zh_CN/uma.json
new file mode 100644
index 000000000..e2444c4ea
--- /dev/null
+++ b/uma-server-webapp/src/main/webapp/resources/js/locale/zh_CN/uma.json
@@ -0,0 +1,59 @@
+{
+	"admin": {
+		"policies": "管理受保护资源的政策"
+	},
+	"policy" : {
+    	"resource-sets": "资源集",
+    	"edit-policies": "编辑政策",
+    	"new-policy": "新建政策",
+    	"edit-policy": "编辑政策",
+    	"loading-policies": "政策",
+    	"loading-policy": "政策",
+    	"loading-rs": "资源集",
+    	"rs-table": {
+    		"confirm": "确定要删除该资源？",
+    		"no-resource-sets": "尚未有已注册的资源集。您可在此授权服务器中注册一个。",
+    		"scopes": "范围",
+    		"shared-with": "共享给:",
+    		"shared-nobody": "不共享",
+    		"shared-nobody-tooltip": "此资源别人无法访问，请编辑政策使其与其他人共享。",
+    		"sharing": "共享政策"
+    	},
+    	"policy-table": {
+    		"new": "新建政策",
+    		"return": "返回到列表",
+    		"edit": "编辑政策",
+    		"confirm": "确定要删除该政策？",
+    		"delete": "删除",
+    		"no-policies": "此资源集尚未有政策：别人无法访问此资源集。",
+    		"required-claims": "必须的声明",
+    		"required-claims-info": "与您共享此资源的用户必须具备以下声明，才能访问该资源。",
+    		"remove": "移除",
+    		"issuers": "签发者",
+    		"claim": "声明项",
+    		"value": "值"
+    	},
+    	"policy-form": {
+    		"email-address": "email地址",
+    		"share-email": "连带email地址共享",
+    		"new": "新建政策",
+    		"edit": "编辑政策",
+    		"claim-name": "声明项名称",
+    		"friendly-claim-name": "声明的显示名",
+    		"claim-value": "声明的值",
+    		"value-type-text": "文本",
+    		"value-type-number": "数字",
+    		"clear-all": "清除全部声明",
+    		"clear-all-confirm": "您是否要从此政策中清除全部声明？"
+    	},
+    	"webfinger-error": "错误",
+    	"webfinger-error-description": "服务器无法找到<code>__email__</code>的身份提供者。",
+    	"advanced-error": "错误",
+    	"advanced-error-description": "保存高级声明时出错。您是否填写了全部必填项？"
+    },
+    "sidebar": {
+    	"personal": {
+    		"resource_policies": "管理受保护资源的政策"
+    	}
+    }
+}
\ No newline at end of file
diff --git a/uma-server-webapp/src/main/webapp/resources/js/locale/zh_TW/uma.json b/uma-server-webapp/src/main/webapp/resources/js/locale/zh_TW/uma.json
new file mode 100644
index 000000000..523232832
--- /dev/null
+++ b/uma-server-webapp/src/main/webapp/resources/js/locale/zh_TW/uma.json
@@ -0,0 +1,59 @@
+{
+	"admin": {
+		"policies": "管理受保護資源的政策"
+	},
+	"policy" : {
+    	"resource-sets": "資源集",
+    	"edit-policies": "編輯政策",
+    	"new-policy": "新建政策",
+    	"edit-policy": "編輯政策",
+    	"loading-policies": "政策",
+    	"loading-policy": "政策",
+    	"loading-rs": "資源集",
+    	"rs-table": {
+    		"confirm": "確定要刪除該資源？",
+    		"no-resource-sets": "尚未有已注冊的資源集。您可在此授權伺服器中注冊一個。",
+    		"scopes": "范圍",
+    		"shared-with": "共享給:",
+    		"shared-nobody": "不共享",
+    		"shared-nobody-tooltip": "此資源別人無法訪問，請編輯政策使其與其他人共享。",
+    		"sharing": "共享政策"
+    	},
+    	"policy-table": {
+    		"new": "新建政策",
+    		"return": "返回到列表",
+    		"edit": "編輯政策",
+    		"confirm": "確定要刪除該政策？",
+    		"delete": "刪除",
+    		"no-policies": "此資源集尚未有政策：別人無法訪問此資源集。",
+    		"required-claims": "必須的聲明",
+    		"required-claims-info": "與您共享此資源的用戶必須具備以下聲明，才能訪問該資源。",
+    		"remove": "移除",
+    		"issuers": "簽發者",
+    		"claim": "聲明項",
+    		"value": "值"
+    	},
+    	"policy-form": {
+    		"email-address": "email地址",
+    		"share-email": "連帶email地址共享",
+    		"new": "新建政策",
+    		"edit": "編輯政策",
+    		"claim-name": "聲明項名稱",
+    		"friendly-claim-name": "聲明的顯示名",
+    		"claim-value": "聲明的值",
+    		"value-type-text": "文本",
+    		"value-type-number": "數字",
+    		"clear-all": "清除全部聲明",
+    		"clear-all-confirm": "您是否要從此政策中清除全部聲明？"
+    	},
+    	"webfinger-error": "錯誤",
+    	"webfinger-error-description": "伺服器無法找到<code>__email__</code>的身份提供者。",
+    	"advanced-error": "錯誤",
+    	"advanced-error-description": "保存高級聲明時出錯。您是否填寫了全部必填項？"
+    },
+    "sidebar": {
+    	"personal": {
+    		"resource_policies": "管理受保護資源的政策"
+    	}
+    }
+}
\ No newline at end of file
diff --git a/uma-server-webapp/src/main/webapp/resources/js/policy.js b/uma-server-webapp/src/main/webapp/resources/js/policy.js
new file mode 100644
index 000000000..6a3b6420c
--- /dev/null
+++ b/uma-server-webapp/src/main/webapp/resources/js/policy.js
@@ -0,0 +1,786 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+var ResourceSetModel = Backbone.Model.extend({
+	urlRoot: 'api/resourceset'
+});
+
+var ResourceSetCollection = Backbone.Collection.extend({
+	model: ResourceSetModel,
+	url: 'api/resourceset'
+});
+
+var PolicyModel = Backbone.Model.extend({
+	urlRoot: function() {
+		return 'api/resourceset/' + this.options.rsid + '/policy/';
+	},
+	initialize: function(model, options) {
+		this.options = options;
+	}
+});
+
+var PolicyCollection = Backbone.Collection.extend({
+	model: PolicyModel,
+	url: function() {
+		return 'api/resourceset/' + this.options.rsid + '/policy/';
+	},
+	initialize: function(models, options) {
+		this.options = options;
+	}
+});
+
+var ResourceSetListView = Backbone.View.extend({
+	tagName: 'span',
+	
+	initialize:function (options) {
+		this.options = options;
+	},
+	
+	load:function(callback) {
+    	if (this.model.isFetched &&
+    			this.options.clientList.isFetched &&
+    			this.options.systemScopeList.isFetched) {
+    		callback();
+    		return;
+    	}
+
+    	$('#loadingbox').sheet('show');
+    	$('#loading').html(
+                '<span class="label" id="loading-resourcesets">' + $.t('policy.resource-sets') + '</span> ' +
+                '<span class="label" id="loading-clients">' + $.t('common.clients') + '</span> ' +
+                '<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> '
+    			);
+
+    	$.when(this.model.fetchIfNeeded({success:function(e) {$('#loading-resourcesets').addClass('label-success');}}),
+    			this.options.clientList.fetchIfNeeded({success:function(e) {$('#loading-clients').addClass('label-success');}}),
+    			this.options.systemScopeList.fetchIfNeeded({success:function(e) {$('#loading-scopes').addClass('label-success');}}))
+    			.done(function() {
+    	    		$('#loadingbox').sheet('hide');
+    	    		callback();
+    			});    	
+    },
+	
+    events: {
+        "click .refresh-table":"refreshTable"
+    },
+    
+	render:function (eventName) {
+		$(this.el).html($('#tmpl-resource-set-table').html());
+		
+		var _self = this;
+		
+		_.each(this.model.models, function (resourceSet) {
+			
+			// look up client
+			var client = this.options.clientList.getByClientId(resourceSet.get('clientId'));
+			
+			// if there's no client ID, this is an error!
+			if (client != null) {
+				var view = new ResourceSetView({model: resourceSet, client: client, systemScopeList: _self.options.systemScopeList});
+				view.parentView = _self;
+				$('#resource-set-table', this.el).append(view.render().el);
+			}
+			
+		}, this);
+
+		this.togglePlaceholder();
+        $(this.el).i18n();
+		return this;
+	},
+
+	togglePlaceholder:function() {
+		if (this.model.length > 0) {
+			$('#resource-set-table', this.el).show();
+			$('#resource-set-table-empty', this.el).hide();
+		} else {
+			$('#resource-set-table', this.el).hide();
+			$('#resource-set-table-empty', this.el).show();
+		}
+	},
+	
+    refreshTable:function(e) {
+    	e.preventDefault();
+    	var _self = this;
+    	$('#loadingbox').sheet('show');
+    	$('#loading').html(
+    	        '<span class="label" id="loading-resourcesets">' + $.t('policy.resource-sets') + '</span> ' +
+                '<span class="label" id="loading-clients">' + $.t('common.clients') + '</span> ' +
+                '<span class="label" id="loading-scopes">' + $.t('common.scopes') + '</span> '
+    			);
+
+    	$.when(this.model.fetch({success:function(e) {$('#loading-resourcesets').addClass('label-success');}}),
+    			this.options.clientList.fetch({success:function(e) {$('#loading-clients').addClass('label-success');}}),
+    			this.options.systemScopeList.fetch({success:function(e) {$('#loading-scopes').addClass('label-success');}}))
+    			.done(function() {
+    	    		$('#loadingbox').sheet('hide');
+    	    		_self.render();
+    			});    	
+    }
+
+	
+});
+
+
+var ResourceSetView = Backbone.View.extend({
+	tagName: 'tr',
+	
+	initialize:function(options) {
+    	this.options = options;
+		if (!this.template) {
+			this.template = _.template($('#tmpl-resource-set').html());
+		}
+		
+        if (!this.scopeTemplate) {
+        	this.scopeTemplate = _.template($('#tmpl-scope-list').html());
+        }
+
+        if (!this.moreInfoTemplate) {
+        	this.moreInfoTemplate = _.template($('#tmpl-client-more-info-block').html());
+        }
+
+		this.model.bind('change', this.render, this);
+	},
+
+	render:function(eventName) {
+		
+		var json = {rs: this.model.toJSON(), client: this.options.client.toJSON()};
+		
+		this.$el.html(this.template(json));
+		
+        $('.scope-list', this.el).html(this.scopeTemplate({scopes: this.model.get('scopes'), systemScopes: this.options.systemScopeList}));
+        
+        $('.client-more-info-block', this.el).html(this.moreInfoTemplate({client: this.options.client.toJSON()}));
+		
+		$(this.el).i18n();
+		return this;
+	},
+
+	events:{
+		'click .btn-edit': 'editPolicies',
+		'click .btn-delete': 'deleteResourceSet',
+		'click .toggleMoreInformation': 'toggleMoreInformation'
+	},
+	
+	editPolicies:function(e) {
+		e.preventDefault();
+		app.navigate('user/policy/' + this.model.get('id'), {trigger: true});
+	},
+	
+	deleteResourceSet:function(e) {
+    	e.preventDefault();
+
+        if (confirm($.t('policy.rs-table.confirm'))) {
+            var _self = this;
+
+            this.model.destroy({
+            	dataType: false, processData: false,
+                success:function () {
+                    _self.$el.fadeTo("fast", 0.00, function () { //fade
+                        $(this).slideUp("fast", function () { //slide up
+                            $(this).remove(); //then remove from the DOM
+                            _self.parentView.togglePlaceholder();
+                        });
+                    });
+                },
+                error:function (error, response) {
+            		console.log("An error occurred when deleting a resource set");
+    
+					//Pull out the response text.
+					var responseJson = JSON.parse(response.responseText);
+            		
+            		//Display an alert with an error message
+					$('#modalAlert div.modal-header').html(responseJson.error);
+	        		$('#modalAlert div.modal-body').html(responseJson.error_description);
+            		
+        			 $("#modalAlert").modal({ // wire up the actual modal functionality and show the dialog
+        				 "backdrop" : "static",
+        				 "keyboard" : true,
+        				 "show" : true // ensure the modal is shown immediately
+        			 });
+            	}
+            });
+
+            _self.parentView.delegateEvents();
+        }
+
+        return false;
+		
+	},
+	
+	toggleMoreInformation:function(e) {
+		e.preventDefault();
+		if ($('.moreInformation', this.el).is(':visible')) {
+			// hide it
+			$('.moreInformation', this.el).hide('fast');
+			$('.toggleMoreInformation i', this.el).attr('class', 'icon-chevron-right');
+			$('.moreInformationContainer', this.el).removeClass('alert').removeClass('alert-info').addClass('muted');
+		
+		} else {
+			// show it
+			$('.moreInformation', this.el).show('fast');
+			$('.toggleMoreInformation i', this.el).attr('class', 'icon-chevron-down');
+			$('.moreInformationContainer', this.el).addClass('alert').addClass('alert-info').removeClass('muted');
+		}
+	},
+
+});
+
+var PolicyListView = Backbone.View.extend({
+	tagName: 'span',
+	
+	initialize:function(options) {
+		this.options = options;
+	},
+	
+	load:function(callback) {
+    	if (this.model.isFetched &&
+    			this.options.rs.isFetched &&
+    			this.options.systemScopeList.isFetched) {
+    		callback();
+    		return;
+    	}
+
+    	$('#loadingbox').sheet('show');
+    	$('#loading').html(
+                '<span class="label" id="loading-policies">' + $.t('policy.loading-policies') + '</span> ' + 
+                '<span class="label" id="loading-rs">' + $.t('policy.loading-rs') + '</span> ' + 
+                '<span class="label" id="loading-scopes">' + $.t("common.scopes") + '</span> '
+    			);
+
+    	$.when(this.model.fetchIfNeeded({success:function(e) {$('#loading-policies').addClass('label-success');}}),
+    			this.options.rs.fetchIfNeeded({success:function(e) {$('#loading-rs').addClass('label-success');}}),
+    			this.options.systemScopeList.fetchIfNeeded({success:function(e) {$('#loading-scopes').addClass('label-success');}}))
+    			.done(function() {
+    	    		$('#loadingbox').sheet('hide');
+    	    		callback();
+    			});    	
+    },
+	
+    events:{
+    	'click .btn-add':'addPolicy',
+		'click .btn-cancel':'cancel'
+    },
+
+    cancel:function(e) {
+    	e.preventDefault();
+    	app.navigate('user/policy', {trigger: true});
+    },
+    
+    togglePlaceholder:function() {
+		if (this.model.length > 0) {
+			$('#policy-info', this.el).show();
+			$('#policy-table', this.el).show();
+			$('#policy-table-empty', this.el).hide();
+		} else {
+			$('#policy-info', this.el).hide();
+			$('#policy-table', this.el).hide();
+			$('#policy-table-empty', this.el).show();
+		}
+	},
+	
+	addPolicy:function(e) {
+		e.preventDefault();
+    	app.navigate('user/policy/' + this.options.rs.get('id') +'/new', {trigger: true});
+	},
+	
+	render:function (eventName) {
+		$(this.el).html($('#tmpl-policy-table').html());
+		
+		var _self = this;
+		
+		_.each(this.model.models, function (policy) {
+			
+			var view = new PolicyView({model: policy, systemScopeList: _self.options.systemScopeList, rs: _self.options.rs});
+			view.parentView = _self;
+			$('#policy-table', this.el).append(view.render().el);
+			
+		}, this);
+
+		this.togglePlaceholder();
+       $(this.el).i18n();
+		return this;
+	}
+});
+
+
+var PolicyView = Backbone.View.extend({
+	tagName: 'tr',
+	
+	initialize:function(options) {
+		this.options = options;
+		
+		if (!this.template) {
+			this.template = _.template($('#tmpl-policy').html());
+		}
+
+		if (!this.scopeTemplate) {
+        	this.scopeTemplate = _.template($('#tmpl-scope-list').html());
+        }
+
+
+	},
+	
+	events:{
+		'click .btn-edit':'editPolicy',
+		'click .btn-remove':'removePolicy'
+	},
+	
+	editPolicy:function(e) {
+		e.preventDefault();
+		app.navigate('user/policy/' + this.options.rs.get("id") + '/' + this.model.get('id'), {trigger: true});
+	},
+	
+	removePolicy:function(e) {
+		e.preventDefault();
+		
+		if (confirm($.t('policy.policy-table.confirm'))) {
+            var _self = this;
+	        this.model.destroy({
+            	dataType: false, processData: false,
+	            success:function () {
+	                _self.$el.fadeTo("fast", 0.00, function () { //fade
+	                    $(this).slideUp("fast", function () { //slide up
+	                        $(this).remove(); //then remove from the DOM
+	                        _self.parentView.togglePlaceholder();
+	                    });
+	                });
+	            },
+	            error:function (error, response) {
+	        		console.log("An error occurred when deleting a client");
+	
+					//Pull out the response text.
+					var responseJson = JSON.parse(response.responseText);
+	        		
+	        		//Display an alert with an error message
+					$('#modalAlert div.modal-header').html(responseJson.error);
+	        		$('#modalAlert div.modal-body').html(responseJson.error_description);
+	        		
+	    			 $("#modalAlert").modal({ // wire up the actual modal functionality and show the dialog
+	    				 "backdrop" : "static",
+	    				 "keyboard" : true,
+	    				 "show" : true // ensure the modal is shown immediately
+	    			 });
+	        	}
+	        });
+	
+	        _self.parentView.delegateEvents();
+		}
+	},
+	
+	render:function (eventName) {
+		var json = this.model.toJSON();
+		
+		this.$el.html(this.template(json));
+		
+        $('.scope-list', this.el).html(this.scopeTemplate({scopes: this.model.get('scopes'), systemScopes: this.options.systemScopeList}));
+
+        $(this.el).i18n();
+		return this;		
+	}
+	
+	
+});
+
+
+var PolicyFormView = Backbone.View.extend({
+	tagName: 'div',
+	
+	initialize:function(options) {
+		this.options = options;
+		
+		if (!this.template) {
+			this.template = _.template($('#tmpl-policy-form').html());
+		}
+		
+        this.issuerCollection = new Backbone.Collection();
+
+	},
+	
+	events:{
+		'click .btn-share': 'addWebfingerClaim',
+		'click .btn-share-advanced': 'addAdvancedClaim',
+		'click .btn-clear': 'clearAllClaims',
+		'click .btn-save': 'savePolicy',
+		'click .btn-cancel': 'cancel'
+	},
+	
+	load:function(callback) {
+    	if (this.model.isFetched &&
+    			this.options.rs.isFetched &&
+    			this.options.systemScopeList.isFetched) {
+    		callback();
+    		return;
+    	}
+
+    	$('#loadingbox').sheet('show');
+    	$('#loading').html(
+                '<span class="label" id="loading-policies">' + $.t('policy.loading-policy') + '</span> ' + 
+                '<span class="label" id="loading-rs">' + $.t('policy.loading-rs') + '</span> ' + 
+                '<span class="label" id="loading-scopes">' + $.t("common.scopes") + '</span> '
+    			);
+
+    	$.when(this.model.fetchIfNeeded({success:function(e) {$('#loading-policies').addClass('label-success');}}),
+    			this.options.rs.fetchIfNeeded({success:function(e) {$('#loading-rs').addClass('label-success');}}),
+    			this.options.systemScopeList.fetchIfNeeded({success:function(e) {$('#loading-scopes').addClass('label-success');}}))
+    			.done(function() {
+    	    		$('#loadingbox').sheet('hide');
+    	    		callback();
+    			});    	
+    },
+
+    addWebfingerClaim:function(e) {
+    	e.preventDefault();
+    	
+    	// post to the webfinger helper and get the response back
+    	
+    	var _self = this;
+    	
+    	var email = $('#email', this.el).val();
+    	
+    	$('#loadingbox').sheet('show');
+    	$('#loading').html(
+                'Looking up identity provider...'
+    			);
+
+    	var base = $('base').attr('href');
+    	$.getJSON(base + '/api/emailsearch?' + $.param({'identifier': email}), function(data) {
+
+    		// grab the current state of the scopes checkboxes just in case
+        	var scopes = $('#scopes input[type="checkbox"]:checked').map(function(idx, elem) { return $(elem).val(); }).get();
+        	
+        	_self.model.set({
+        		scopes: scopes,
+    			claimsRequired: data
+    		}, {trigger: false});
+
+    		_self.render();
+
+    		$('#loadingbox').sheet('hide');
+    		
+    	}).error(function(jqXHR, textStatus, errorThrown) {
+    		console.log("An error occurred when doing a webfinger lookup", errorThrown);
+    	    
+    		$('#loadingbox').sheet('hide');
+
+    		//Display an alert with an error message
+			$('#modalAlert div.modal-header').html($.t('policy.webfinger-error'));
+    		$('#modalAlert div.modal-body').html($.t('policy.webfinger-error-description', {email: email}));
+    		
+			 $("#modalAlert").modal({ // wire up the actual modal functionality and show the dialog
+				 "backdrop" : "static",
+				 "keyboard" : true,
+				 "show" : true // ensure the modal is shown immediately
+			 });
+    	});
+    	
+    },
+    
+    addAdvancedClaim:function(e) {
+    	e.preventDefault();
+    	
+    	var name = $('#name', this.el).val();
+    	var friendly = $('#friendly-name', this.el).val();
+    	var rawValue = $('#value', this.el).val();
+    	var valueType = $('#value-type', this.el).val();
+    	var value = null;
+    	if (valueType == 'number') {
+    		value = Number(rawValue);
+    	} else if (valueType == 'boolean') {
+    		value = (rawValue.toLowerCase() == 'true');
+    	} else if (valueType == 'json') {
+    		value = JSON.parse(rawValue);
+    	} else {
+    		// treat it as a string, the default
+    		value = rawValue;
+    	}
+
+    	var issuers = this.issuerCollection.pluck('item');
+    	
+    	console.log(name, friendly, rawValue, valueType, value, issuers);
+    	
+    	if (!_.isEmpty(issuers) 
+    			&& name
+    			&& value) {
+    		// we've got a valid claim, add it to our set
+    		// grab the current state of the scopes checkboxes just in case
+        	var scopes = $('#scopes input[type="checkbox"]:checked').map(function(idx, elem) { return $(elem).val(); }).get();
+        
+        	var claimsRequired = this.model.get('claimsRequired');
+        	if (!claimsRequired) {
+        		claimsRequired = [];
+        	}
+        	claimsRequired.push({
+        		name: name,
+        		friendlyName: friendly,
+        		value: value,
+        		issuer: issuers
+        	});
+        	
+        	this.model.set({
+        		scopes: scopes,
+    			claimsRequired: claimsRequired
+    		}, {trigger: false});
+
+        	$('#name', this.el).val('');
+        	$('#friendly-name', this.el).val('');
+        	$('#value', this.el).val('');
+        	$('#value-type', this.el).val('text');
+
+        	this.render();
+        	
+        	// re-select the advanced tab
+        	$('a[data-target="#policy-advanced-tab"]', this.el).tab('show')
+        	
+    	} else {
+    		// something is missing
+    		$('#loadingbox').sheet('hide');
+
+    		//Display an alert with an error message
+			$('#modalAlert div.modal-header').html($.t('policy.advanced-error'));
+    		$('#modalAlert div.modal-body').html($.t('policy.advanced-error-description'));
+    		
+			 $("#modalAlert").modal({ // wire up the actual modal functionality and show the dialog
+				 "backdrop" : "static",
+				 "keyboard" : true,
+				 "show" : true // ensure the modal is shown immediately
+			 });
+    	}
+    },
+    
+    clearAllClaims:function(e) {
+    	e.preventDefault();
+
+    	if (confirm($.t('policy.policy-form.clear-all-confirm'))) {
+    	
+	    	var scopes = $('#scopes input[type="checkbox"]:checked').map(function(idx, elem) { return $(elem).val(); }).get();
+	        
+	    	var claimsRequired = [];
+	    	
+	    	this.model.set({
+	    		scopes: scopes,
+				claimsRequired: claimsRequired
+			}, {trigger: false});
+	
+	    	this.render();
+    	}  	
+    },
+    
+    savePolicy:function(e) {
+    	e.preventDefault();
+    	
+    	// get all the scopes that are checked
+    	var scopes = $('#scopes input[type="checkbox"]:checked').map(function(idx, elem) { return $(elem).val(); }).get();
+    	
+    	var valid = this.model.set({
+    		scopes: scopes
+    	});
+    	
+		if (valid) {
+			
+			var _self = this;
+			this.model.save({}, {
+				success:function() {
+					app.systemScopeList.add(_self.model);
+					
+					// refresh the associated RS
+					_self.options.rs.fetch({success: function() {
+						app.navigate('user/policy/' + _self.options.rs.get('id'), {trigger: true});
+					}});
+					
+				},
+				error:function(error, response) {
+					
+					//Pull out the response text.
+					var responseJson = JSON.parse(response.responseText);
+	    			
+    				//Display an alert with an error message
+    				$('#modalAlert div.modal-header').html(responseJson.error);
+            		$('#modalAlert div.modal-body').html(responseJson.error_description);
+            		
+        			 $("#modalAlert").modal({ // wire up the actual modal functionality and show the dialog
+        				 "backdrop" : "static",
+        				 "keyboard" : true,
+        				 "show" : true // ensure the modal is shown immediately
+        			 });
+	    		}
+			});
+		}
+
+		return false;
+    	
+    },
+    
+    cancel:function(e) {
+    	e.preventDefault();
+		app.navigate('user/policy/' + this.options.rs.get('id'), {trigger: true});
+    },
+    
+    render:function (eventName) {
+		var json = this.model.toJSON();
+		var rs = this.options.rs.toJSON();
+		
+		this.$el.html(this.template({policy: json, rs: rs}));
+		
+        // build and bind issuer view
+        var issuerView = new ListWidgetView({
+        	placeholder: $.t('policy.policy-form.issuer-placeholder'), 
+        	helpBlockText: $.t('policy.policy-form.issuer-help'),
+            collection: this.issuerCollection});
+        $("#issuers .controls",this.el).html(issuerView.render().el);
+
+        $(this.el).i18n();
+
+		return this;
+	}
+});
+
+
+ui.routes.push({path: "user/policy", name: "policy", callback:
+	function() {
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([
+	        {text:$.t('admin.home'), href:""},
+	        {text:$.t('policy.resource-sets'), href:"manage/#user/policy"}
+		]);
+		
+		this.updateSidebar('user/policy');
+		
+		var view = new ResourceSetListView({model: this.resourceSetList, clientList: this.clientList, systemScopeList: this.systemScopeList});
+	
+		view.load(function() {
+			$('#content').html(view.render().el);
+			setPageTitle($.t('policy.resource-sets'));
+		});
+		
+	}
+});
+
+ui.routes.push({path: "user/policy/:rsid", name: "editPolicies", callback:
+	function(rsid) {
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([
+	        {text:$.t('admin.home'), href:""},
+	        {text:$.t('policy.resource-sets'), href:"manage/#user/policy"},
+	        {text:$.t('policy.edit-policies'), href:"manage/#user/policy/" + rsid}
+		]);
+		
+		this.updateSidebar('user/policy');
+		
+		var rs = this.resourceSetList.get(rsid);
+		var policies = null;
+		if (rs == null) {
+			// need to load it directly
+			policies = new PolicyCollection([], {rsid: rsid});
+			rs = new ResourceSetModel({id: rsid});
+			this.resourceSetList.add(rs); // it will be loaded below, don't need to load it again in the future
+		} else {
+			// the resource set is loaded, preload the claims
+			policies = new PolicyCollection(rs.get('policies'), {rsid: rsid});
+			policies.isFetched = true;
+		}
+		
+		var view = new PolicyListView({model: policies, rs: rs, systemScopeList: this.systemScopeList});
+		
+		view.load(function() {
+			$('#content').html(view.render().el);
+			setPageTitle($.t('policy.edit-policy'));
+		});
+		
+	}
+});
+
+ui.routes.push({path: "user/policy/:rsid/new", name: "newPolicy", callback:
+	function(rsid) {
+
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([
+	        {text:$.t('admin.home'), href:""},
+	        {text:$.t('policy.resource-sets'), href:"manage/#user/policy"},
+	        {text:$.t('policy.edit-policies'), href:"manage/#user/policy/" + rsid},
+	        {text:$.t('policy.new-policy'), href:"manage/#user/policy/" + rsid + "/new"}
+		]);
+		
+		this.updateSidebar('user/policy');
+		
+		var policy = policy = new PolicyModel({}, {rsid: rsid});
+	
+		var rs = this.resourceSetList.get(rsid);
+		if (rs == null) {
+			// need to load it directly
+			rs = new ResourceSetModel({id: rsid});
+			this.resourceSetList.add(rs); // it will be loaded below, don't need to load it again in the future
+		}
+		
+		var view = new PolicyFormView({model: policy, rs: rs, systemScopeList: this.systemScopeList});
+		
+		view.load(function() {
+			$('#content').html(view.render().el);
+			setPageTitle($.t('policy.edit-policy'));
+		});
+	}
+});
+
+ui.routes.push({path: "user/policy/:rsid/:pid", name: "editPolicy", callback:
+	function(rsid, pid) {
+		this.breadCrumbView.collection.reset();
+		this.breadCrumbView.collection.add([
+	        {text:$.t('admin.home'), href:""},
+	        {text:$.t('policy.resource-sets'), href:"manage/#user/policy"},
+	        {text:$.t('policy.edit-policies'), href:"manage/#user/policy/" + rsid},
+	        {text:$.t('policy.edit-policy'), href:"manage/#user/policy/" + rsid + "/" + pid}
+		]);
+		
+		this.updateSidebar('user/policy');
+		
+		var rs = this.resourceSetList.get(rsid);
+		var policy = null;
+		if (rs == null) {
+			// need to load it directly
+			policy = new PolicyModel({id: pid}, {rsid: rsid});
+			rs = new ResourceSetModel({id: rsid});
+			this.resourceSetList.add(rs); // it will be loaded below, don't need to load it again in the future
+		} else {
+			// the resource set is loaded, preload the claims
+			_.each(rs.get('policies'), function(p) {
+				if (p.id == pid) {
+					policy = new PolicyModel(p, {rsid: rsid});
+					policy.isFetched = true;
+				}
+			});
+			if (policy == null) {
+	    		// need to load it directly
+	    		policy = new PolicyModel({id: pid}, {rsid: rsid});
+			}
+		}
+		
+		var view = new PolicyFormView({model: policy, rs: rs, systemScopeList: this.systemScopeList});
+		
+		view.load(function() {
+			$('#content').html(view.render().el);
+			setPageTitle($.t('policy.edit-policy'));
+		});
+		
+		
+	}
+});
+
+ui.templates.push('resources/template/policy.html');
+
+ui.init.push(function(app) {
+	app.resourceSetList = new ResourceSetCollection();
+});
diff --git a/uma-server-webapp/src/main/webapp/resources/template/policy.html b/uma-server-webapp/src/main/webapp/resources/template/policy.html
new file mode 100644
index 000000000..576da1b1a
--- /dev/null
+++ b/uma-server-webapp/src/main/webapp/resources/template/policy.html
@@ -0,0 +1,255 @@
+<!-- 
+ Copyright 2018 The MIT Internet Trust Consortium
+ 
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<!-- policy: resource sets and claims -->
+
+<script type="text/html" id="tmpl-resource-set-table">
+    <div class="well well-small">
+		<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button>
+    </div>
+
+	<div id="resource-set-table-empty" class="alert alert-info" data-i18n="policy.rs-table.no-resource-sets">
+		There are no resource sets registered. Introduce a protected to this authorization server to let it register some.
+	</div>
+
+    <table id="resource-set-table" class="table table-hover table-striped">
+        <thead>
+        </thead>
+        <tbody>
+        </tbody>
+    </table>
+
+    <div class="well well-small">
+		<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> <span data-i18n="common.refresh">Refresh</span></button>
+    </div>
+
+</script>
+
+<script type="text/html" id="tmpl-resource-set">
+    <td>
+		<%- rs.name %>
+   </td>
+
+    <td>
+        <span title="<%- client.clientId %>"><%- client.clientName != null ? client.clientName : ( client.clientId.substr(0,8) + '...' ) %></span>
+		<div class="client-more-info-block"></div>
+		<div class="scope-list"></div>
+		<div><span class="text-warning" data-i18n="policy.rs-table.shared-with"><i class="icon-share"></i> Shared with:</span>
+			<% if (!_.isEmpty(rs.policies)) { 
+				%><span class="label label-info"><%- _.size(rs.policies) %></span>
+			<% } else { %>
+				<span class="label label-important" data-i18n="policy.rs-table.shared-nobody;[title]policy.rs-table.shared-nobody-tooltip" title="This resource is not accessible by anyone else, edit the policies and share it with someone.">NOBODY</span> 
+			<% } %>
+
+			
+		</div>
+    </td>
+
+    <td>
+		<div class="btn-group pull-right">
+			<button class="btn btn-info btn-edit"><i class="icon-share icon-white"></i> <span data-i18n="policy.rs-table.sharing">Sharing Policies</span></button> &nbsp;
+	        <button class="btn btn-danger btn-delete"><i class="icon-trash icon-white"></i> <span data-i18n="policy.rs-table.delete">Delete</span></button> &nbsp; 
+		</div>
+    </td>
+
+</script>
+
+<script type="text/html" id="tmpl-policy-table">
+    <div class="well well-small">
+        <button class="btn btn-small btn-success btn-add"><i class="icon-plus icon-white"></i> <span data-i18n="policy.policy-table.new">Add New Policy</span></button>
+		<button class="btn btn-small btn-cancel"><i class="icon-list"></i> <span data-i18n="policy.policy-table.return">Return to list</span></button>
+    </div>
+
+	<div id="policy-info" class="alert alert-info" data-i18n="policy.policy-table.required-claims-info">
+		Users that you share this resource will with need to be able to present the following claims in order to access the resource.
+	</div>
+
+	<div id="policy-table-empty" class="alert alert-danger" data-i18n="policy.policy-table.no-policies">
+		There are no policies for this resource set: This resource set is inaccessible by others.
+	</div>
+
+    <table id="policy-table" class="table table-hover table-striped">
+        <thead>
+			<tr>
+				<th data-i18n="policy.policy-table.required-claims">Required Claims</th>
+				<th data-i18n="policy.rs-table.scopes">Scopes</th>
+				<th></th>			
+        </thead>
+        <tbody>
+        </tbody>
+    </table>
+
+    <div class="well well-small">
+        <button class="btn btn-small btn-success btn-add"><i class="icon-plus icon-white"></i> <span data-i18n="policy.policy-table.new">Add New Policy</span></button>
+		<button class="btn btn-small btn-cancel"><i class="icon-list"></i> <span data-i18n="policy.policy-table.return">Return to list</span></button>
+    </div>
+
+</script>
+
+<script type="text/html" id="tmpl-policy">
+    <td>
+		<div class="well">
+			<table class="table table-condensed">
+				<tbody>
+					<% _.each(claimsRequired, function(claim) { %>
+					<tr>
+						<td>
+						<% _.each(claim.issuer, function(issuer) { %>
+							<span class="label label-info"><%- issuer %></span>
+						<% }); %>
+						</td>
+						<td>
+							<%- claim.friendlyName ? claim.friendlyName : claim.name %>
+						</td>
+						<td>
+							<%- JSON.stringify(claim.value) %>
+						</td>
+					</tr>
+					<% }); %>
+				</tbody>
+
+			</table>
+		</div>
+   </td>
+
+    <td>
+		<div class="scope-list"></div>
+    </td>
+
+    <td>
+		<div class="btn-group pull-right">
+	        <button class="btn btn-default btn-edit"><i class="icon-share"></i> <span data-i18n="policy.policy-table.edit">Edit Policy</span></button> &nbsp; 
+	        <button class="btn btn-danger btn-remove"><i class="icon-trash icon-white"></i> <span data-i18n="policy.policy-table.remove">Remove</span></button> &nbsp; 
+		</div>
+    </td>
+
+</script>
+
+<script type="text/html" id="tmpl-policy-form">
+
+    <% if (policy.id == null) { %>
+        <h1 data-i18n="policy.policy-form.new">New Policy</h1>
+    <% } else { %>
+        <h1 data-i18n="policy.policy-form.edit">Edit Policy</h1>
+    <% } %>
+
+   <div class="well well-small">
+        <button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp; 
+		<button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
+    </div>
+
+	<ul class="nav nav-tabs">
+		<li class="active"><a data-target="#policy-webfinger-tab" data-toggle="tab" href="#" data-i18n="policy.policy-form.webfinger">Webfinger</a></li>
+		<li><a data-target="#policy-advanced-tab" data-toggle="tab" href="#" data-i18n="policy.policy-form.advanced">Advanced</a></li>
+	</ul>
+	
+<div class="tab-content">
+	<div class="tab-pane active" id="policy-webfinger-tab">
+		<div id="add-required-claim" class="well">
+			<form class="form-horizontal">
+				<fieldset>
+					<input type="text" id="email" placeholder="email address" data-i18n="[placeholder]policy.policy-form.email-address" />
+					<button class="btn btn-info btn-share"><i class="icon-share icon-white"></i> <span data-i18n="policy.policy-form.share-email">Share with email address</span></button>
+				</fieldset>
+			</form>
+		</div>
+	</div>
+
+	<divdiv class="tab-pane" id="policy-advanced-tab">
+		<div class="well">
+			<form class="form-horizontal">
+				<fieldset>
+					<div id="issuers" class="control-group">
+						<div class="controls">
+						</div>
+					</div>
+					<div class="control-group">
+						<div class="controls">
+							<input type="text" id="name" placeholder="claim name" data-i18n="[placeholder]policy.policy-form.claim-name" />
+							<input type="text" id="friendly-name" placeholder="friendly claim name" data-i18n="[placeholder]policy.policy-form.friendly-claim-name" />
+						</div>
+					</div>
+					<div class="control-group">
+						<div class="controls">
+							<input type="text" id="value" placeholder="claim value" data-i18n="[placeholder]policy.policy-form.claim-value" />
+							<select id="value-type">
+								<option value="text" selected="selected" data-i18n="policy.policy-form.value-type-text">Text</option>
+								<option value="number" data-i18n="policy.policy-form.value-type-number">Number</option>
+								<option value="boolean" data-i18n="policy.policy-form.value-type-boolean">Boolean</option>
+								<option value="json" data-i18n="policy.policy-form.value-type-json">JSON</option>
+							</select>
+						</div>
+					</div>
+					<div class="control-group">
+						<div class="controls">
+							<button class="btn btn-info btn-share-advanced"><i class="icon-share icon-white"></i> <span data-i18n="policy.policy-form.share-advanced">Add to claim set</span></button>
+							<button class="btn btn-danger btn-clear"><i class="icon-trash icon-white"></i> <span data-i18n="policy.policy-form.clear-all">Clear all claims</span></button>
+						</div>
+					</div>
+				</fieldset>
+			</form>
+		</div>
+
+	</div>
+</div>
+
+	<form class="form-horizontal">
+		<fieldset>
+
+            <div class="control-group" id="scopes">
+                <label class="control-label" data-i18n="common.scope">Scopes:</label>
+                <div class="controls">
+					<% _.each(rs.scopes, function(scope) { %>
+                    <div>
+                        <input type="checkbox" id="scope-<%- scope %>"
+                            <%-($.inArray(scope, policy.scopes) > -1 ? 'checked' : '')%> value="<%- scope %>">
+                        <label for="scope-<%- scope %>" class="checkbox"><%- scope %></label>
+                    </div>
+					<% }); %>
+                </div>
+            </div>
+
+		</fieldset>
+	</form>
+
+			<table class="table table-striped table-hover">
+				<tbody>
+					<% _.each(policy.claimsRequired, function(claim) { %>
+					<tr>
+						<td>
+						<% _.each(claim.issuer, function(issuer) { %>
+							<span class="label label-info"><%- issuer %></span>
+						<% }); %>
+						</td>
+						<td>
+							<%- claim.friendlyName ? claim.friendlyName : claim.name %>
+						</td>
+						<td>
+							<%- JSON.stringify(claim.value) %>
+						</td>
+					</tr>
+					<% }); %>
+				</tbody>
+
+			</table>
+
+   <div class="well well-small">
+        <button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> <span data-i18n="common.save">Save</span></button> &nbsp; 
+		<button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
+    </div>
+
+</script>
+
+ 
\ No newline at end of file
diff --git a/uma-server/pom.xml b/uma-server/pom.xml
new file mode 100644
index 000000000..a1ffeb1a9
--- /dev/null
+++ b/uma-server/pom.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2018 The MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.mitre</groupId>
+		<artifactId>openid-connect-parent</artifactId>
+		<version>1.3.3-SNAPSHOT</version>
+		<relativePath>..</relativePath>
+	</parent>
+	<artifactId>uma-server</artifactId>
+	<name>UMA Server Library</name>
+	<description>User Managed Access (UMA) extension of the MITREid Connect server</description>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<configuration>
+					<source>${java-version}</source>
+					<target>${java-version}</target>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+	<dependencies>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-server</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-client</artifactId>
+		</dependency>
+	</dependencies>
+</project>
\ No newline at end of file
diff --git a/uma-server/pom.xml.versionsBackup b/uma-server/pom.xml.versionsBackup
new file mode 100644
index 000000000..f7d805b06
--- /dev/null
+++ b/uma-server/pom.xml.versionsBackup
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    Copyright 2016 The MITRE Corporation
+      and the MIT Internet Trust Consortium
+   
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+   
+      http://www.apache.org/licenses/LICENSE-2.0
+   
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+ -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.mitre</groupId>
+		<artifactId>openid-connect-parent</artifactId>
+		<version>1.2.7-SNAPSHOT</version>
+		<relativePath>..</relativePath>
+	</parent>
+	<artifactId>uma-server</artifactId>
+	<name>UMA Server Library</name>
+	<description>User Managed Access (UMA) extension of the MITREid Connect server</description>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-compiler-plugin</artifactId>
+				<configuration>
+					<source>${java-version}</source>
+					<target>${java-version}</target>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+	<dependencies>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-server</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.mitre</groupId>
+			<artifactId>openid-connect-client</artifactId>
+		</dependency>
+	</dependencies>
+</project>
\ No newline at end of file
diff --git a/uma-server/src/main/java/org/mitre/uma/repository/impl/JpaPermissionRepository.java b/uma-server/src/main/java/org/mitre/uma/repository/impl/JpaPermissionRepository.java
new file mode 100644
index 000000000..6f460d200
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/repository/impl/JpaPermissionRepository.java
@@ -0,0 +1,107 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.repository.impl;
+
+import java.util.Collection;
+
+import javax.persistence.EntityManager;
+import javax.persistence.PersistenceContext;
+import javax.persistence.TypedQuery;
+
+import org.mitre.uma.model.Permission;
+import org.mitre.uma.model.PermissionTicket;
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.uma.repository.PermissionRepository;
+import org.mitre.util.jpa.JpaUtil;
+import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
+
+/**
+ * @author jricher
+ *
+ */
+@Repository
+public class JpaPermissionRepository implements PermissionRepository {
+
+	@PersistenceContext(unitName="defaultPersistenceUnit")
+	private EntityManager em;
+
+	@Override
+	@Transactional(value="defaultTransactionManager")
+	public PermissionTicket save(PermissionTicket p) {
+		return JpaUtil.saveOrUpdate(p.getId(), em, p);
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.repository.PermissionRepository#getByTicket(java.lang.String)
+	 */
+	@Override
+	public PermissionTicket getByTicket(String ticket) {
+		TypedQuery<PermissionTicket> query = em.createNamedQuery(PermissionTicket.QUERY_TICKET, PermissionTicket.class);
+		query.setParameter(PermissionTicket.PARAM_TICKET, ticket);
+		return JpaUtil.getSingleResult(query.getResultList());
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.repository.PermissionRepository#getAll()
+	 */
+	@Override
+	public Collection<PermissionTicket> getAll() {
+		TypedQuery<PermissionTicket> query = em.createNamedQuery(PermissionTicket.QUERY_ALL, PermissionTicket.class);
+		return query.getResultList();
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.repository.PermissionRepository#saveRawPermission(org.mitre.uma.model.Permission)
+	 */
+	@Override
+	@Transactional(value="defaultTransactionManager")
+	public Permission saveRawPermission(Permission p) {
+		return JpaUtil.saveOrUpdate(p.getId(), em, p);
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.repository.PermissionRepository#getById(java.lang.Long)
+	 */
+	@Override
+	public Permission getById(Long permissionId) {
+		return em.find(Permission.class, permissionId);
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.repository.PermissionRepository#getPermissionTicketsForResourceSet(org.mitre.uma.model.ResourceSet)
+	 */
+	@Override
+	public Collection<PermissionTicket> getPermissionTicketsForResourceSet(ResourceSet rs) {
+		TypedQuery<PermissionTicket> query = em.createNamedQuery(PermissionTicket.QUERY_BY_RESOURCE_SET, PermissionTicket.class);
+		query.setParameter(PermissionTicket.PARAM_RESOURCE_SET_ID, rs.getId());
+		return query.getResultList();
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.repository.PermissionRepository#remove(org.mitre.uma.model.PermissionTicket)
+	 */
+	@Override
+	@Transactional(value="defaultTransactionManager")
+	public void remove(PermissionTicket ticket) {
+		PermissionTicket found = getByTicket(ticket.getTicket());
+		if (found != null) {
+			em.remove(found);
+		}
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/repository/impl/JpaResourceSetRepository.java b/uma-server/src/main/java/org/mitre/uma/repository/impl/JpaResourceSetRepository.java
new file mode 100644
index 000000000..e19236c39
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/repository/impl/JpaResourceSetRepository.java
@@ -0,0 +1,97 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.repository.impl;
+
+import java.util.Collection;
+
+import javax.persistence.EntityManager;
+import javax.persistence.PersistenceContext;
+import javax.persistence.TypedQuery;
+
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.uma.repository.ResourceSetRepository;
+import org.mitre.util.jpa.JpaUtil;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
+
+/**
+ * @author jricher
+ *
+ */
+@Repository
+public class JpaResourceSetRepository implements ResourceSetRepository {
+
+	@PersistenceContext(unitName="defaultPersistenceUnit")
+	private EntityManager em;
+	private static Logger logger = LoggerFactory.getLogger(JpaResourceSetRepository.class);
+
+	@Override
+	@Transactional(value="defaultTransactionManager")
+	public ResourceSet save(ResourceSet rs) {
+		return JpaUtil.saveOrUpdate(rs.getId(), em, rs);
+	}
+
+	@Override
+	public ResourceSet getById(Long id) {
+		return em.find(ResourceSet.class, id);
+	}
+
+	@Override
+	@Transactional(value="defaultTransactionManager")
+	public void remove(ResourceSet rs) {
+		ResourceSet found = getById(rs.getId());
+		if (found != null) {
+			em.remove(found);
+		} else {
+			logger.info("Tried to remove unknown resource set: " + rs.getId());
+		}
+	}
+
+	@Override
+	public Collection<ResourceSet> getAllForOwner(String owner) {
+		TypedQuery<ResourceSet> query = em.createNamedQuery(ResourceSet.QUERY_BY_OWNER, ResourceSet.class);
+		query.setParameter(ResourceSet.PARAM_OWNER, owner);
+		return query.getResultList();
+	}
+
+	@Override
+	public Collection<ResourceSet> getAllForOwnerAndClient(String owner, String clientId) {
+		TypedQuery<ResourceSet> query = em.createNamedQuery(ResourceSet.QUERY_BY_OWNER_AND_CLIENT, ResourceSet.class);
+		query.setParameter(ResourceSet.PARAM_OWNER, owner);
+		query.setParameter(ResourceSet.PARAM_CLIENTID, clientId);
+		return query.getResultList();
+	}
+
+	@Override
+	public Collection<ResourceSet> getAll() {
+		TypedQuery<ResourceSet> query = em.createNamedQuery(ResourceSet.QUERY_ALL, ResourceSet.class);
+		return query.getResultList();
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.repository.ResourceSetRepository#getAllForClient(org.mitre.oauth2.model.ClientDetailsEntity)
+	 */
+	@Override
+	public Collection<ResourceSet> getAllForClient(String clientId) {
+		TypedQuery<ResourceSet> query = em.createNamedQuery(ResourceSet.QUERY_BY_CLIENT, ResourceSet.class);
+		query.setParameter(ResourceSet.PARAM_CLIENTID, clientId);
+		return query.getResultList();
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/service/impl/DefaultPermissionService.java b/uma-server/src/main/java/org/mitre/uma/service/impl/DefaultPermissionService.java
new file mode 100644
index 000000000..8b9c379e4
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/service/impl/DefaultPermissionService.java
@@ -0,0 +1,96 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.service.impl;
+
+import java.sql.Date;
+import java.util.Set;
+import java.util.UUID;
+
+import org.mitre.oauth2.service.SystemScopeService;
+import org.mitre.uma.model.Permission;
+import org.mitre.uma.model.PermissionTicket;
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.uma.repository.PermissionRepository;
+import org.mitre.uma.service.PermissionService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.oauth2.common.exceptions.InsufficientScopeException;
+import org.springframework.stereotype.Service;
+
+/**
+ * @author jricher
+ *
+ */
+@Service
+public class DefaultPermissionService implements PermissionService {
+
+	@Autowired
+	private PermissionRepository repository;
+
+	@Autowired
+	private SystemScopeService scopeService;
+
+	private Long permissionExpirationSeconds = 60L * 60L; // 1 hr
+
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.service.PermissionService#create(org.mitre.uma.model.ResourceSet, java.util.Set)
+	 */
+	@Override
+	public PermissionTicket createTicket(ResourceSet resourceSet, Set<String> scopes) {
+
+		// check to ensure that the scopes requested are a subset of those in the resource set
+
+		if (!scopeService.scopesMatch(resourceSet.getScopes(), scopes)) {
+			throw new InsufficientScopeException("Scopes of resource set are not enough for requested permission.");
+		}
+
+		Permission perm = new Permission();
+		perm.setResourceSet(resourceSet);
+		perm.setScopes(scopes);
+
+		PermissionTicket ticket = new PermissionTicket();
+		ticket.setPermission(perm);
+		ticket.setTicket(UUID.randomUUID().toString());
+		ticket.setExpiration(new Date(System.currentTimeMillis() + permissionExpirationSeconds * 1000L));
+
+		return repository.save(ticket);
+
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.service.PermissionService#getByTicket(java.lang.String)
+	 */
+	@Override
+	public PermissionTicket getByTicket(String ticket) {
+		return repository.getByTicket(ticket);
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.service.PermissionService#updateTicket(org.mitre.uma.model.PermissionTicket)
+	 */
+	@Override
+	public PermissionTicket updateTicket(PermissionTicket ticket) {
+		if (ticket.getId() != null) {
+			return repository.save(ticket);
+		} else {
+			return null;
+		}
+
+	}
+
+
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/service/impl/DefaultResourceSetService.java b/uma-server/src/main/java/org/mitre/uma/service/impl/DefaultResourceSetService.java
new file mode 100644
index 000000000..a5c3e5ec4
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/service/impl/DefaultResourceSetService.java
@@ -0,0 +1,149 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.service.impl;
+
+import java.util.Collection;
+
+import org.mitre.oauth2.model.ClientDetailsEntity;
+import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
+import org.mitre.oauth2.repository.OAuth2TokenRepository;
+import org.mitre.uma.model.PermissionTicket;
+import org.mitre.uma.model.Policy;
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.uma.repository.PermissionRepository;
+import org.mitre.uma.repository.ResourceSetRepository;
+import org.mitre.uma.service.ResourceSetService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Primary;
+import org.springframework.stereotype.Service;
+
+/**
+ * @author jricher
+ *
+ */
+@Service
+@Primary
+public class DefaultResourceSetService implements ResourceSetService {
+
+	private static final Logger logger = LoggerFactory.getLogger(DefaultResourceSetService.class);
+
+	@Autowired
+	private ResourceSetRepository repository;
+
+	@Autowired
+	private OAuth2TokenRepository tokenRepository;
+
+	@Autowired
+	private PermissionRepository ticketRepository;
+
+	@Override
+	public ResourceSet saveNew(ResourceSet rs) {
+
+		if (rs.getId() != null) {
+			throw new IllegalArgumentException("Can't save a new resource set with an ID already set to it.");
+		}
+
+		if (!checkScopeConsistency(rs)) {
+			throw new IllegalArgumentException("Can't save a resource set with inconsistent claims.");
+		}
+
+		ResourceSet saved = repository.save(rs);
+
+		return saved;
+
+	}
+
+	@Override
+	public ResourceSet getById(Long id) {
+		return repository.getById(id);
+	}
+
+	@Override
+	public ResourceSet update(ResourceSet oldRs, ResourceSet newRs) {
+
+		if (oldRs.getId() == null || newRs.getId() == null
+				|| !oldRs.getId().equals(newRs.getId())) {
+
+			throw new IllegalArgumentException("Resource set IDs mismatched");
+
+		}
+
+		if (!checkScopeConsistency(newRs)) {
+			throw new IllegalArgumentException("Can't save a resource set with inconsistent claims.");
+		}
+
+		newRs.setOwner(oldRs.getOwner()); // preserve the owner tag across updates
+		newRs.setClientId(oldRs.getClientId()); // preserve the client id across updates
+
+		ResourceSet saved = repository.save(newRs);
+
+		return saved;
+
+	}
+
+	@Override
+	public void remove(ResourceSet rs) {
+		// find all the access tokens issued against this resource set and revoke them
+		Collection<OAuth2AccessTokenEntity> tokens = tokenRepository.getAccessTokensForResourceSet(rs);
+		for (OAuth2AccessTokenEntity token : tokens) {
+			tokenRepository.removeAccessToken(token);
+		}
+
+		// find all outstanding tickets issued against this resource set and revoke them too
+		Collection<PermissionTicket> tickets = ticketRepository.getPermissionTicketsForResourceSet(rs);
+		for (PermissionTicket ticket : tickets) {
+			ticketRepository.remove(ticket);
+		}
+
+		repository.remove(rs);
+	}
+
+	@Override
+	public Collection<ResourceSet> getAllForOwner(String owner) {
+		return repository.getAllForOwner(owner);
+	}
+
+	@Override
+	public Collection<ResourceSet> getAllForOwnerAndClient(String owner, String clientId) {
+		return repository.getAllForOwnerAndClient(owner, clientId);
+	}
+
+	private boolean checkScopeConsistency(ResourceSet rs) {
+		if (rs.getPolicies() == null) {
+			// nothing to check, no problem!
+			return true;
+		}
+		for (Policy policy : rs.getPolicies()) {
+			if (!rs.getScopes().containsAll(policy.getScopes())) {
+				return false;
+			}
+		}
+		// we've checked everything, we're good
+		return true;
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.service.ResourceSetService#getAllForClient(org.mitre.oauth2.model.ClientDetailsEntity)
+	 */
+	@Override
+	public Collection<ResourceSet> getAllForClient(ClientDetailsEntity client) {
+		return repository.getAllForClient(client.getClientId());
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/service/impl/DefaultUmaTokenService.java b/uma-server/src/main/java/org/mitre/uma/service/impl/DefaultUmaTokenService.java
new file mode 100644
index 000000000..62bd24eac
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/service/impl/DefaultUmaTokenService.java
@@ -0,0 +1,120 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.service.impl;
+
+import java.util.Date;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.UUID;
+
+import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
+import org.mitre.oauth2.model.AuthenticationHolderEntity;
+import org.mitre.oauth2.model.ClientDetailsEntity;
+import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
+import org.mitre.oauth2.repository.AuthenticationHolderRepository;
+import org.mitre.oauth2.service.ClientDetailsEntityService;
+import org.mitre.oauth2.service.OAuth2TokenEntityService;
+import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
+import org.mitre.uma.model.Permission;
+import org.mitre.uma.model.PermissionTicket;
+import org.mitre.uma.model.Policy;
+import org.mitre.uma.service.UmaTokenService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.stereotype.Service;
+
+import com.google.common.collect.Lists;
+import com.google.common.collect.Sets;
+import com.nimbusds.jose.JWSAlgorithm;
+import com.nimbusds.jose.JWSHeader;
+import com.nimbusds.jwt.JWTClaimsSet;
+import com.nimbusds.jwt.SignedJWT;
+
+/**
+ * @author jricher
+ *
+ */
+@Service("defaultUmaTokenService")
+public class DefaultUmaTokenService implements UmaTokenService {
+
+	@Autowired
+	private AuthenticationHolderRepository authenticationHolderRepository;
+
+	@Autowired
+	private OAuth2TokenEntityService tokenService;
+
+	@Autowired
+	private ClientDetailsEntityService clientService;
+
+	@Autowired
+	private ConfigurationPropertiesBean config;
+
+	@Autowired
+	private JWTSigningAndValidationService jwtService;
+
+
+	@Override
+	public OAuth2AccessTokenEntity createRequestingPartyToken(OAuth2Authentication o2auth, PermissionTicket ticket, Policy policy) {
+		OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();
+		AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity();
+		authHolder.setAuthentication(o2auth);
+		authHolder = authenticationHolderRepository.save(authHolder);
+
+		token.setAuthenticationHolder(authHolder);
+
+		ClientDetailsEntity client = clientService.loadClientByClientId(o2auth.getOAuth2Request().getClientId());
+		token.setClient(client);
+
+		Set<String> ticketScopes = ticket.getPermission().getScopes();
+		Set<String> policyScopes = policy.getScopes();
+
+		Permission perm = new Permission();
+		perm.setResourceSet(ticket.getPermission().getResourceSet());
+		perm.setScopes(new HashSet<>(Sets.intersection(ticketScopes, policyScopes)));
+
+		token.setPermissions(Sets.newHashSet(perm));
+
+		JWTClaimsSet.Builder claims = new JWTClaimsSet.Builder();
+
+		claims.audience(Lists.newArrayList(ticket.getPermission().getResourceSet().getId().toString()));
+		claims.issuer(config.getIssuer());
+		claims.jwtID(UUID.randomUUID().toString());
+
+		if (config.getRqpTokenLifeTime() != null) {
+			Date exp = new Date(System.currentTimeMillis() + config.getRqpTokenLifeTime() * 1000L);
+
+			claims.expirationTime(exp);
+			token.setExpiration(exp);
+		}
+
+
+		JWSAlgorithm signingAlgorithm = jwtService.getDefaultSigningAlgorithm();
+		JWSHeader header = new JWSHeader(signingAlgorithm, null, null, null, null, null, null, null, null, null,
+				jwtService.getDefaultSignerKeyId(),
+				null, null);
+		SignedJWT signed = new SignedJWT(header, claims.build());
+
+		jwtService.signJwt(signed);
+
+		token.setJwt(signed);
+
+		tokenService.saveAccessToken(token);
+
+		return token;
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/service/impl/JpaRegisteredClientService.java b/uma-server/src/main/java/org/mitre/uma/service/impl/JpaRegisteredClientService.java
new file mode 100644
index 000000000..8ceb548e8
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/service/impl/JpaRegisteredClientService.java
@@ -0,0 +1,95 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.service.impl;
+
+import java.util.Collection;
+
+import javax.persistence.EntityManager;
+import javax.persistence.PersistenceContext;
+import javax.persistence.TypedQuery;
+
+import org.mitre.oauth2.model.RegisteredClient;
+import org.mitre.openid.connect.client.service.RegisteredClientService;
+import org.mitre.uma.model.SavedRegisteredClient;
+import org.mitre.uma.service.SavedRegisteredClientService;
+import org.mitre.util.jpa.JpaUtil;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+/**
+ * @author jricher
+ *
+ */
+@Service
+public class JpaRegisteredClientService implements RegisteredClientService, SavedRegisteredClientService{
+
+	@PersistenceContext(unitName="defaultPersistenceUnit")
+	private EntityManager em;
+
+	/* (non-Javadoc)
+	 * @see org.mitre.openid.connect.client.service.RegisteredClientService#getByIssuer(java.lang.String)
+	 */
+	@Override
+	public RegisteredClient getByIssuer(String issuer) {
+		SavedRegisteredClient saved = getSavedRegisteredClientFromStorage(issuer);
+
+		if (saved == null) {
+			return null;
+		} else {
+			return saved.getRegisteredClient();
+		}
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.openid.connect.client.service.RegisteredClientService#save(java.lang.String, org.mitre.oauth2.model.RegisteredClient)
+	 */
+	@Override
+	@Transactional(value="defaultTransactionManager")
+	public void save(String issuer, RegisteredClient client) {
+
+
+		SavedRegisteredClient saved = getSavedRegisteredClientFromStorage(issuer);
+
+		if (saved == null) {
+			saved = new SavedRegisteredClient();
+			saved.setIssuer(issuer);
+		}
+
+		saved.setRegisteredClient(client);
+
+		em.persist(saved);
+
+	}
+
+	private SavedRegisteredClient getSavedRegisteredClientFromStorage(String issuer) {
+		TypedQuery<SavedRegisteredClient> query = em.createQuery("SELECT c from SavedRegisteredClient c where c.issuer = :issuer", SavedRegisteredClient.class);
+		query.setParameter("issuer", issuer);
+
+		SavedRegisteredClient saved = JpaUtil.getSingleResult(query.getResultList());
+		return saved;
+	}
+
+	/**
+	 * @return
+	 */
+	@Override
+	public Collection<SavedRegisteredClient> getAll() {
+		TypedQuery<SavedRegisteredClient> query = em.createQuery("SELECT c from SavedRegisteredClient c", SavedRegisteredClient.class);
+		return query.getResultList();
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/service/impl/MatchAllClaimsOnAnyPolicy.java b/uma-server/src/main/java/org/mitre/uma/service/impl/MatchAllClaimsOnAnyPolicy.java
new file mode 100644
index 000000000..7d480bf61
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/service/impl/MatchAllClaimsOnAnyPolicy.java
@@ -0,0 +1,89 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.service.impl;
+
+import java.util.Collection;
+import java.util.HashSet;
+
+import org.mitre.uma.model.Claim;
+import org.mitre.uma.model.ClaimProcessingResult;
+import org.mitre.uma.model.PermissionTicket;
+import org.mitre.uma.model.Policy;
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.uma.service.ClaimsProcessingService;
+import org.springframework.stereotype.Service;
+
+/**
+ * Tests if all the claims in the required set have a matching
+ * value in the supplied set.
+ *
+ * @author jricher
+ *
+ */
+@Service("matchAllClaimsOnAnyPolicy")
+public class MatchAllClaimsOnAnyPolicy implements ClaimsProcessingService {
+
+	/* (non-Javadoc)
+	 * @see org.mitre.uma.service.ClaimsProcessingService#claimsAreSatisfied(java.util.Collection, java.util.Collection)
+	 */
+	@Override
+	public ClaimProcessingResult claimsAreSatisfied(ResourceSet rs, PermissionTicket ticket) {
+		Collection<Claim> allUnmatched = new HashSet<>();
+		for (Policy policy : rs.getPolicies()) {
+			Collection<Claim> unmatched = checkIndividualClaims(policy.getClaimsRequired(), ticket.getClaimsSupplied());
+			if (unmatched.isEmpty()) {
+				// we found something that's satisfied the claims, let's go with it!
+				return new ClaimProcessingResult(policy);
+			} else {
+				// otherwise add it to the stack to send back
+				allUnmatched.addAll(unmatched);
+			}
+		}
+
+		// otherwise, tell the caller that we'll need some set of these fulfilled somehow
+		return new ClaimProcessingResult(allUnmatched);
+	}
+
+	private Collection<Claim> checkIndividualClaims(Collection<Claim> claimsRequired, Collection<Claim> claimsSupplied) {
+
+		Collection<Claim> claimsUnmatched = new HashSet<>(claimsRequired);
+
+		// see if each of the required claims has a counterpart in the supplied claims set
+		for (Claim required : claimsRequired) {
+			for (Claim supplied : claimsSupplied) {
+
+				if (required.getIssuer().containsAll(supplied.getIssuer())) {
+					// it's from the right issuer
+
+					if (required.getName().equals(supplied.getName()) &&
+							required.getValue().equals(supplied.getValue())) {
+
+						// the claim matched, pull it from the set
+						claimsUnmatched.remove(required);
+
+					}
+
+				}
+			}
+		}
+
+		// if there's anything left then the claims aren't satisfied, return the leftovers
+		return claimsUnmatched;
+
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/service/impl/UmaDataServiceExtension_1_3.java b/uma-server/src/main/java/org/mitre/uma/service/impl/UmaDataServiceExtension_1_3.java
new file mode 100644
index 000000000..6e9fba180
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/service/impl/UmaDataServiceExtension_1_3.java
@@ -0,0 +1,715 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.service.impl;
+
+import static org.mitre.util.JsonUtils.readSet;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
+import org.mitre.oauth2.model.RegisteredClient;
+import org.mitre.oauth2.repository.OAuth2TokenRepository;
+import org.mitre.openid.connect.ClientDetailsEntityJsonProcessor;
+import org.mitre.openid.connect.service.MITREidDataService;
+import org.mitre.openid.connect.service.MITREidDataServiceExtension;
+import org.mitre.openid.connect.service.MITREidDataServiceMaps;
+import org.mitre.openid.connect.service.impl.MITREidDataServiceSupport;
+import org.mitre.uma.model.Claim;
+import org.mitre.uma.model.Permission;
+import org.mitre.uma.model.PermissionTicket;
+import org.mitre.uma.model.Policy;
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.uma.model.SavedRegisteredClient;
+import org.mitre.uma.repository.PermissionRepository;
+import org.mitre.uma.repository.ResourceSetRepository;
+import org.mitre.uma.service.SavedRegisteredClientService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import com.google.gson.JsonElement;
+import com.google.gson.JsonParser;
+import com.google.gson.stream.JsonReader;
+import com.google.gson.stream.JsonToken;
+import com.google.gson.stream.JsonWriter;
+
+/**
+ * @author jricher
+ *
+ */
+@Service("umaDataExtension_1_3")
+public class UmaDataServiceExtension_1_3 extends MITREidDataServiceSupport implements MITREidDataServiceExtension {
+
+	private static final String THIS_VERSION = MITREidDataService.MITREID_CONNECT_1_3;
+
+	private static final String REGISTERED_CLIENT = "registeredClient";
+	private static final String URI = "uri";
+	private static final String NAME = "name";
+	private static final String TYPE = "type";
+	private static final String VALUE = "value";
+	private static final String CLIENT_ID = "clientId";
+	private static final String EXPIRATION = "expiration";
+	private static final String ID = "id";
+	private static final String ICON_URI = "iconUri";
+	private static final String OWNER = "owner";
+	private static final String POLICIES = "policies";
+	private static final String SCOPES = "scopes";
+	private static final String CLAIMS_REQUIRED = "claimsRequired";
+	private static final String ISSUER = "issuer";
+	private static final String CLAIM_TOKEN_FORMAT = "claimTokenFormat";
+	private static final String CLAIM_TYPE = "claimType";
+	private static final String FRIENDLY_NAME = "friendlyName";
+	private static final String PERMISSIONS = "permissions";
+	private static final String RESOURCE_SET = "resourceSet";
+	private static final String PERMISSION_TICKETS = "permissionTickets";
+	private static final String PERMISSION = "permission";
+	private static final String TICKET = "ticket";
+	private static final String CLAIMS_SUPPLIED = "claimsSupplied";
+	private static final String SAVED_REGISTERED_CLIENTS = "savedRegisteredClients";
+	private static final String RESOURCE_SETS = "resourceSets";
+	private static final String TOKEN_PERMISSIONS = "tokenPermissions";
+	private static final String TOKEN_ID = "tokenId";
+
+	private static final Logger logger = LoggerFactory.getLogger(UmaDataServiceExtension_1_3.class);
+
+
+
+	@Autowired
+	private SavedRegisteredClientService registeredClientService;
+	@Autowired
+	private ResourceSetRepository resourceSetRepository;
+	@Autowired
+	private PermissionRepository permissionRepository;
+	@Autowired
+	private OAuth2TokenRepository tokenRepository;
+
+	private Map<Long, Set<Long>> tokenToPermissionRefs = new HashMap<>();
+
+	/* (non-Javadoc)
+	 * @see org.mitre.openid.connect.service.MITREidDataServiceExtension#supportsVersion(java.lang.String)
+	 */
+	@Override
+	public boolean supportsVersion(String version) {
+		return THIS_VERSION.equals(version);
+
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.openid.connect.service.MITREidDataServiceExtension#exportExtensionData(com.google.gson.stream.JsonWriter)
+	 */
+	@Override
+	public void exportExtensionData(JsonWriter writer) throws IOException {
+		writer.name(SAVED_REGISTERED_CLIENTS);
+		writer.beginArray();
+		writeSavedRegisteredClients(writer);
+		writer.endArray();
+
+		writer.name(RESOURCE_SETS);
+		writer.beginArray();
+		writeResourceSets(writer);
+		writer.endArray();
+
+		writer.name(PERMISSION_TICKETS);
+		writer.beginArray();
+		writePermissionTickets(writer);
+		writer.endArray();
+
+		writer.name(TOKEN_PERMISSIONS);
+		writer.beginArray();
+		writeTokenPermissions(writer);
+		writer.endArray();
+	}
+
+	/**
+	 * @param writer
+	 * @throws IOException
+	 */
+	private void writeTokenPermissions(JsonWriter writer) throws IOException {
+		for (OAuth2AccessTokenEntity token : tokenRepository.getAllAccessTokens()) {
+			if (!token.getPermissions().isEmpty()) { // skip tokens that don't have the permissions structure attached
+				writer.beginObject();
+				writer.name(TOKEN_ID).value(token.getId());
+				writer.name(PERMISSIONS);
+				writer.beginArray();
+				for (Permission p : token.getPermissions()) {
+					writer.beginObject();
+					writer.name(RESOURCE_SET).value(p.getResourceSet().getId());
+					writer.name(SCOPES);
+					writer.beginArray();
+					for (String s : p.getScopes()) {
+						writer.value(s);
+					}
+					writer.endArray();
+					writer.endObject();
+				}
+				writer.endArray();
+
+				writer.endObject();
+			}
+		}
+	}
+
+	/**
+	 * @param writer
+	 * @throws IOException
+	 */
+	private void writePermissionTickets(JsonWriter writer) throws IOException {
+		for (PermissionTicket ticket : permissionRepository.getAll()) {
+			writer.beginObject();
+
+			writer.name(CLAIMS_SUPPLIED);
+			writer.beginArray();
+			for (Claim claim : ticket.getClaimsSupplied()) {
+				writer.beginObject();
+
+				writer.name(ISSUER);
+				writer.beginArray();
+				for (String issuer : claim.getIssuer()) {
+					writer.value(issuer);
+				}
+				writer.endArray();
+				writer.name(CLAIM_TOKEN_FORMAT);
+				writer.beginArray();
+				for (String format : claim.getClaimTokenFormat()) {
+					writer.value(format);
+				}
+				writer.endArray();
+				writer.name(CLAIM_TYPE).value(claim.getClaimType());
+				writer.name(FRIENDLY_NAME).value(claim.getFriendlyName());
+				writer.name(NAME).value(claim.getName());
+				writer.name(VALUE).value(claim.getValue().toString());
+				writer.endObject();
+			}
+			writer.endArray();
+
+			writer.name(EXPIRATION).value(toUTCString(ticket.getExpiration()));
+
+			writer.name(PERMISSION);
+			writer.beginObject();
+			Permission p = ticket.getPermission();
+			writer.name(RESOURCE_SET).value(p.getResourceSet().getId());
+			writer.name(SCOPES);
+			writer.beginArray();
+			for (String s : p.getScopes()) {
+				writer.value(s);
+			}
+			writer.endArray();
+			writer.endObject();
+
+			writer.name(TICKET).value(ticket.getTicket());
+
+			writer.endObject();
+		}
+
+
+	}
+
+	/**
+	 * @param writer
+	 * @throws IOException
+	 */
+	private void writeResourceSets(JsonWriter writer) throws IOException {
+		for (ResourceSet rs : resourceSetRepository.getAll()) {
+			writer.beginObject();
+			writer.name(ID).value(rs.getId());
+			writer.name(CLIENT_ID).value(rs.getClientId());
+			writer.name(ICON_URI).value(rs.getIconUri());
+			writer.name(NAME).value(rs.getName());
+			writer.name(TYPE).value(rs.getType());
+			writer.name(URI).value(rs.getUri());
+			writer.name(OWNER).value(rs.getOwner());
+			writer.name(POLICIES);
+			writer.beginArray();
+			for (Policy policy : rs.getPolicies()) {
+				writer.beginObject();
+				writer.name(NAME).value(policy.getName());
+				writer.name(SCOPES);
+				writer.beginArray();
+				for (String scope : policy.getScopes()) {
+					writer.value(scope);
+				}
+				writer.endArray();
+				writer.name(CLAIMS_REQUIRED);
+				writer.beginArray();
+				for (Claim claim : policy.getClaimsRequired()) {
+					writer.beginObject();
+
+					writer.name(ISSUER);
+					writer.beginArray();
+					for (String issuer : claim.getIssuer()) {
+						writer.value(issuer);
+					}
+					writer.endArray();
+					writer.name(CLAIM_TOKEN_FORMAT);
+					writer.beginArray();
+					for (String format : claim.getClaimTokenFormat()) {
+						writer.value(format);
+					}
+					writer.endArray();
+					writer.name(CLAIM_TYPE).value(claim.getClaimType());
+					writer.name(FRIENDLY_NAME).value(claim.getFriendlyName());
+					writer.name(NAME).value(claim.getName());
+					writer.name(VALUE).value(claim.getValue().toString());
+					writer.endObject();
+				}
+				writer.endArray();
+				writer.endObject();
+			}
+			writer.endArray();
+			writer.name(SCOPES);
+			writer.beginArray();
+			for (String scope : rs.getScopes()) {
+				writer.value(scope);
+			}
+			writer.endArray();
+			writer.endObject();
+			logger.debug("Finished writing resource set {}", rs.getId());
+		}
+
+	}
+
+	/**
+	 * @param writer
+	 */
+	private void writeSavedRegisteredClients(JsonWriter writer) throws IOException {
+		for (SavedRegisteredClient src : registeredClientService.getAll()) {
+			writer.beginObject();
+			writer.name(ISSUER).value(src.getIssuer());
+			writer.name(REGISTERED_CLIENT).value(src.getRegisteredClient().getSource().toString());
+			writer.endObject();
+			logger.debug("Wrote saved registered client {}", src.getId());
+		}
+		logger.info("Done writing saved registered clients");
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.openid.connect.service.MITREidDataServiceExtension#importExtensionData(com.google.gson.stream.JsonReader)
+	 */
+	@Override
+	public boolean importExtensionData(String name, JsonReader reader) throws IOException {
+		if (name.equals(SAVED_REGISTERED_CLIENTS)) {
+			readSavedRegisteredClients(reader);
+			return true;
+		} else if (name.equals(RESOURCE_SETS)) {
+			readResourceSets(reader);
+			return true;
+		} else if (name.equals(PERMISSION_TICKETS)) {
+			readPermissionTickets(reader);
+			return true;
+		} else if (name.equals(TOKEN_PERMISSIONS)) {
+			readTokenPermissions(reader);
+			return true;
+		} else {
+			return false;
+		}
+	}
+
+	/**
+	 * @param reader
+	 */
+	private void readTokenPermissions(JsonReader reader) throws IOException {
+		reader.beginArray();
+		while(reader.hasNext()) {
+			reader.beginObject();
+			Long tokenId = null;
+			Set<Long> permissions = new HashSet<>();
+			while (reader.hasNext()) {
+				switch(reader.peek()) {
+					case END_OBJECT:
+						continue;
+					case NAME:
+						String name = reader.nextName();
+						if (name.equals(TOKEN_ID)) {
+							tokenId = reader.nextLong();
+						} else if (name.equals(PERMISSIONS)) {
+							reader.beginArray();
+							while (reader.hasNext()) {
+								Permission p = new Permission();
+								Long rsid = null;
+								Set<String> scope = new HashSet<>();
+								reader.beginObject();
+								while (reader.hasNext()) {
+									switch (reader.peek()) {
+										case END_OBJECT:
+											continue;
+										case NAME:
+											String pname = reader.nextName();
+											if (reader.peek() == JsonToken.NULL) {
+												reader.skipValue();
+											} else if (pname.equals(RESOURCE_SET)) {
+												rsid = reader.nextLong();
+											} else if (pname.equals(SCOPES)) {
+												scope = readSet(reader);
+											} else {
+												logger.debug("Found unexpected entry");
+												reader.skipValue();
+											}
+											break;
+										default:
+											logger.debug("Found unexpected entry");
+											reader.skipValue();
+											continue;
+									}
+								}
+								reader.endObject();
+								p.setScopes(scope);
+								Permission saved = permissionRepository.saveRawPermission(p);
+								permissionToResourceRefs.put(saved.getId(), rsid);
+								permissions.add(saved.getId());
+							}
+							reader.endArray();
+						}
+						break;
+					default:
+						logger.debug("Found unexpected entry");
+						reader.skipValue();
+						continue;
+				}
+			}
+			reader.endObject();
+			tokenToPermissionRefs.put(tokenId, permissions);
+		}
+		reader.endArray();
+
+	}
+
+	private Map<Long, Long> permissionToResourceRefs = new HashMap<>();
+
+	/**
+	 * @param reader
+	 */
+	private void readPermissionTickets(JsonReader reader) throws IOException {
+		JsonParser parser = new JsonParser();
+		reader.beginArray();
+		while (reader.hasNext()) {
+			PermissionTicket ticket = new PermissionTicket();
+			reader.beginObject();
+			while (reader.hasNext()) {
+				switch (reader.peek()) {
+					case END_OBJECT:
+						continue;
+					case NAME:
+						String name = reader.nextName();
+						if (reader.peek() == JsonToken.NULL) {
+							reader.skipValue();
+						} else if (name.equals(CLAIMS_SUPPLIED)) {
+							Set<Claim> claimsSupplied = new HashSet<>();
+							reader.beginArray();
+							while (reader.hasNext()) {
+								Claim c = new Claim();
+								reader.beginObject();
+								while (reader.hasNext()) {
+									switch (reader.peek()) {
+										case END_OBJECT:
+											continue;
+										case NAME:
+											String cname = reader.nextName();
+											if (reader.peek() == JsonToken.NULL) {
+												reader.skipValue();
+											} else if (cname.equals(ISSUER)) {
+												c.setIssuer(readSet(reader));
+											} else if (cname.equals(CLAIM_TOKEN_FORMAT)) {
+												c.setClaimTokenFormat(readSet(reader));
+											} else if (cname.equals(CLAIM_TYPE)) {
+												c.setClaimType(reader.nextString());
+											} else if (cname.equals(FRIENDLY_NAME)) {
+												c.setFriendlyName(reader.nextString());
+											} else if (cname.equals(NAME)) {
+												c.setName(reader.nextString());
+											} else if (cname.equals(VALUE)) {
+												JsonElement e = parser.parse(reader.nextString());
+												c.setValue(e);
+											} else {
+												logger.debug("Found unexpected entry");
+												reader.skipValue();
+											}
+											break;
+										default:
+											logger.debug("Found unexpected entry");
+											reader.skipValue();
+											continue;
+									}
+								}
+								reader.endObject();
+								claimsSupplied.add(c);
+							}
+							reader.endArray();
+							ticket.setClaimsSupplied(claimsSupplied);
+						} else if (name.equals(EXPIRATION)) {
+							ticket.setExpiration(utcToDate(reader.nextString()));
+						} else if (name.equals(PERMISSION)) {
+							Permission p = new Permission();
+							Long rsid = null;
+							reader.beginObject();
+							while (reader.hasNext()) {
+								switch (reader.peek()) {
+									case END_OBJECT:
+										continue;
+									case NAME:
+										String pname = reader.nextName();
+										if (reader.peek() == JsonToken.NULL) {
+											reader.skipValue();
+										} else if (pname.equals(RESOURCE_SET)) {
+											rsid = reader.nextLong();
+										} else if (pname.equals(SCOPES)) {
+											p.setScopes(readSet(reader));
+										} else {
+											logger.debug("Found unexpected entry");
+											reader.skipValue();
+										}
+										break;
+									default:
+										logger.debug("Found unexpected entry");
+										reader.skipValue();
+										continue;
+								}
+							}
+							reader.endObject();
+							Permission saved = permissionRepository.saveRawPermission(p);
+							permissionToResourceRefs.put(saved.getId(), rsid);
+							ticket.setPermission(saved);
+						} else if (name.equals(TICKET)) {
+							ticket.setTicket(reader.nextString());
+						} else {
+							logger.debug("Found unexpected entry");
+							reader.skipValue();
+						}
+						break;
+					default:
+						logger.debug("Found unexpected entry");
+						reader.skipValue();
+						continue;
+				}
+			}
+			reader.endObject();
+			permissionRepository.save(ticket);
+		}
+		reader.endArray();
+	}
+
+
+	private Map<Long, Long> resourceSetOldToNewIdMap = new HashMap<>();
+
+	/**
+	 * @param reader
+	 */
+	private void readResourceSets(JsonReader reader) throws IOException {
+		JsonParser parser = new JsonParser();
+		reader.beginArray();
+		while (reader.hasNext()) {
+			Long oldId = null;
+			ResourceSet rs = new ResourceSet();
+			reader.beginObject();
+			while (reader.hasNext()) {
+				switch (reader.peek()) {
+					case END_OBJECT:
+						continue;
+					case NAME:
+						String name = reader.nextName();
+						if (reader.peek() == JsonToken.NULL) {
+							reader.skipValue();
+						} else if (name.equals(ID)) {
+							oldId = reader.nextLong();
+						} else if (name.equals(CLIENT_ID)) {
+							rs.setClientId(reader.nextString());
+						} else if (name.equals(ICON_URI)) {
+							rs.setIconUri(reader.nextString());
+						} else if (name.equals(NAME)) {
+							rs.setName(reader.nextString());
+						} else if (name.equals(TYPE)) {
+							rs.setType(reader.nextString());
+						} else if (name.equals(URI)) {
+							rs.setUri(reader.nextString());
+						} else if (name.equals(OWNER)) {
+							rs.setOwner(reader.nextString());
+						} else if (name.equals(POLICIES)) {
+							Set<Policy> policies = new HashSet<>();
+							reader.beginArray();
+							while (reader.hasNext()) {
+								Policy p = new Policy();
+								reader.beginObject();
+								while (reader.hasNext()) {
+									switch (reader.peek()) {
+										case END_OBJECT:
+											continue;
+										case NAME:
+											String pname = reader.nextName();
+											if (reader.peek() == JsonToken.NULL) {
+												reader.skipValue();
+											} else if (pname.equals(NAME)) {
+												p.setName(reader.nextString());
+											} else if (pname.equals(SCOPES)) {
+												p.setScopes(readSet(reader));
+											} else if (pname.equals(CLAIMS_REQUIRED)) {
+												Set<Claim> claimsRequired = new HashSet<>();
+												reader.beginArray();
+												while (reader.hasNext()) {
+													Claim c = new Claim();
+													reader.beginObject();
+													while (reader.hasNext()) {
+														switch (reader.peek()) {
+															case END_OBJECT:
+																continue;
+															case NAME:
+																String cname = reader.nextName();
+																if (reader.peek() == JsonToken.NULL) {
+																	reader.skipValue();
+																} else if (cname.equals(ISSUER)) {
+																	c.setIssuer(readSet(reader));
+																} else if (cname.equals(CLAIM_TOKEN_FORMAT)) {
+																	c.setClaimTokenFormat(readSet(reader));
+																} else if (cname.equals(CLAIM_TYPE)) {
+																	c.setClaimType(reader.nextString());
+																} else if (cname.equals(FRIENDLY_NAME)) {
+																	c.setFriendlyName(reader.nextString());
+																} else if (cname.equals(NAME)) {
+																	c.setName(reader.nextString());
+																} else if (cname.equals(VALUE)) {
+																	JsonElement e = parser.parse(reader.nextString());
+																	c.setValue(e);
+																} else {
+																	logger.debug("Found unexpected entry");
+																	reader.skipValue();
+																}
+																break;
+															default:
+																logger.debug("Found unexpected entry");
+																reader.skipValue();
+																continue;
+														}
+													}
+													reader.endObject();
+													claimsRequired.add(c);
+												}
+												reader.endArray();
+												p.setClaimsRequired(claimsRequired);
+											} else {
+												logger.debug("Found unexpected entry");
+												reader.skipValue();
+											}
+											break;
+										default:
+											logger.debug("Found unexpected entry");
+											reader.skipValue();
+											continue;
+									}
+								}
+								reader.endObject();
+								policies.add(p);
+							}
+							reader.endArray();
+							rs.setPolicies(policies);
+						} else if (name.equals(SCOPES)) {
+							rs.setScopes(readSet(reader));
+						} else {
+							logger.debug("Found unexpected entry");
+							reader.skipValue();
+						}
+						break;
+					default:
+						logger.debug("Found unexpected entry");
+						reader.skipValue();
+						continue;
+				}
+			}
+			reader.endObject();
+			Long newId = resourceSetRepository.save(rs).getId();
+			resourceSetOldToNewIdMap.put(oldId, newId);
+		}
+		reader.endArray();
+		logger.info("Done reading resource sets");
+	}
+
+	/**
+	 * @param reader
+	 */
+	private void readSavedRegisteredClients(JsonReader reader) throws IOException{
+		reader.beginArray();
+		while (reader.hasNext()) {
+			String issuer = null;
+			String clientString = null;
+			reader.beginObject();
+			while (reader.hasNext()) {
+				switch (reader.peek()) {
+					case END_OBJECT:
+						continue;
+					case NAME:
+						String name = reader.nextName();
+						if (reader.peek() == JsonToken.NULL) {
+							reader.skipValue();
+						} else if (name.equals(ISSUER)) {
+							issuer = reader.nextString();
+						} else if (name.equals(REGISTERED_CLIENT)) {
+							clientString = reader.nextString();
+						} else {
+							logger.debug("Found unexpected entry");
+							reader.skipValue();
+						}
+						break;
+					default:
+						logger.debug("Found unexpected entry");
+						reader.skipValue();
+						continue;
+				}
+			}
+			reader.endObject();
+			RegisteredClient client = ClientDetailsEntityJsonProcessor.parseRegistered(clientString);
+			registeredClientService.save(issuer, client);
+			logger.debug("Saved registered client");
+		}
+		reader.endArray();
+		logger.info("Done reading saved registered clients");
+	}
+
+	/* (non-Javadoc)
+	 * @see org.mitre.openid.connect.service.MITREidDataServiceExtension#fixExtensionObjectReferences()
+	 */
+	@Override
+	public void fixExtensionObjectReferences(MITREidDataServiceMaps maps) {
+		for (Long permissionId : permissionToResourceRefs.keySet()) {
+			Long oldResourceId = permissionToResourceRefs.get(permissionId);
+			Long newResourceId = resourceSetOldToNewIdMap.get(oldResourceId);
+			Permission p = permissionRepository.getById(permissionId);
+			ResourceSet rs = resourceSetRepository.getById(newResourceId);
+			p.setResourceSet(rs);
+			permissionRepository.saveRawPermission(p);
+			logger.debug("Mapping rsid " + oldResourceId + " to " + newResourceId + " for permission " + permissionId);
+		}
+		for (Long tokenId : tokenToPermissionRefs.keySet()) {
+			Long newTokenId = maps.getAccessTokenOldToNewIdMap().get(tokenId);
+			OAuth2AccessTokenEntity token = tokenRepository.getAccessTokenById(newTokenId);
+
+			Set<Permission> permissions = new HashSet<>();
+			for (Long permissionId : tokenToPermissionRefs.get(tokenId)) {
+				Permission p = permissionRepository.getById(permissionId);
+				permissions.add(p);
+			}
+
+			token.setPermissions(permissions);
+			tokenRepository.saveAccessToken(token);
+		}
+		permissionToResourceRefs.clear();
+		resourceSetOldToNewIdMap.clear();
+		tokenToPermissionRefs.clear();
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/util/ExternalLoginAuthoritiesMapper.java b/uma-server/src/main/java/org/mitre/uma/util/ExternalLoginAuthoritiesMapper.java
new file mode 100644
index 000000000..9626eba04
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/util/ExternalLoginAuthoritiesMapper.java
@@ -0,0 +1,45 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.util;
+
+import java.util.Collection;
+
+import org.mitre.openid.connect.client.OIDCAuthoritiesMapper;
+import org.mitre.openid.connect.model.UserInfo;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+
+import com.google.common.collect.Sets;
+import com.nimbusds.jwt.JWT;
+
+/**
+ * Utility class to map all external logins to the ROLE_EXTERNAL_USER authority
+ * to prevent them from accessing other parts of the server.
+ *
+ * @author jricher
+ *
+ */
+public class ExternalLoginAuthoritiesMapper implements OIDCAuthoritiesMapper {
+
+	private static final GrantedAuthority ROLE_EXTERNAL_USER = new SimpleGrantedAuthority("ROLE_EXTERNAL_USER");
+
+	@Override
+	public Collection<? extends GrantedAuthority> mapAuthorities(JWT idToken, UserInfo userInfo) {
+		return Sets.newHashSet(ROLE_EXTERNAL_USER);
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/view/ResourceSetEntityAbbreviatedView.java b/uma-server/src/main/java/org/mitre/uma/view/ResourceSetEntityAbbreviatedView.java
new file mode 100644
index 000000000..9f581fb67
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/view/ResourceSetEntityAbbreviatedView.java
@@ -0,0 +1,119 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+package org.mitre.uma.view;
+
+import java.io.IOException;
+import java.io.Writer;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
+import org.mitre.openid.connect.view.HttpCodeView;
+import org.mitre.openid.connect.view.JsonEntityView;
+import org.mitre.uma.model.ResourceSet;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Component;
+import org.springframework.validation.BeanPropertyBindingResult;
+import org.springframework.web.servlet.view.AbstractView;
+
+import com.google.common.base.Strings;
+import com.google.gson.ExclusionStrategy;
+import com.google.gson.FieldAttributes;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.JsonObject;
+import com.google.gson.LongSerializationPolicy;
+
+@Component(ResourceSetEntityAbbreviatedView.VIEWNAME)
+public class ResourceSetEntityAbbreviatedView extends AbstractView {
+	private static Logger logger = LoggerFactory.getLogger(JsonEntityView.class);
+
+	public static final String VIEWNAME = "resourceSetEntityAbbreviatedView";
+
+	public static final String LOCATION = "location";
+
+	@Autowired
+	private ConfigurationPropertiesBean config;
+
+	private Gson gson = new GsonBuilder()
+			.setExclusionStrategies(new ExclusionStrategy() {
+
+				@Override
+				public boolean shouldSkipField(FieldAttributes f) {
+
+					return false;
+				}
+
+				@Override
+				public boolean shouldSkipClass(Class<?> clazz) {
+					// skip the JPA binding wrapper
+					if (clazz.equals(BeanPropertyBindingResult.class)) {
+						return true;
+					}
+					return false;
+				}
+
+			})
+			.serializeNulls()
+			.setDateFormat("yyyy-MM-dd'T'HH:mm:ssZ")
+			.setLongSerializationPolicy(LongSerializationPolicy.STRING)
+			.create();
+
+	@Override
+	protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) {
+
+		response.setContentType("application/json");
+
+
+		HttpStatus code = (HttpStatus) model.get(HttpCodeView.CODE);
+		if (code == null) {
+			code = HttpStatus.OK; // default to 200
+		}
+
+		response.setStatus(code.value());
+
+		String location = (String) model.get(LOCATION);
+		if (!Strings.isNullOrEmpty(location)) {
+			response.setHeader(HttpHeaders.LOCATION, location);
+		}
+
+		try {
+
+			Writer out = response.getWriter();
+			ResourceSet rs = (ResourceSet) model.get(JsonEntityView.ENTITY);
+
+			JsonObject o = new JsonObject();
+
+			o.addProperty("_id", rs.getId().toString()); // set the ID to a string
+			o.addProperty("user_access_policy_uri", config.getIssuer() + "manage/user/policy/" + rs.getId());
+
+
+			gson.toJson(o, out);
+
+		} catch (IOException e) {
+
+			logger.error("IOException in ResourceSetEntityView.java: ", e);
+
+		}
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/view/ResourceSetEntityView.java b/uma-server/src/main/java/org/mitre/uma/view/ResourceSetEntityView.java
new file mode 100644
index 000000000..e34e47431
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/view/ResourceSetEntityView.java
@@ -0,0 +1,121 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+package org.mitre.uma.view;
+
+import java.io.IOException;
+import java.io.Writer;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
+import org.mitre.openid.connect.view.JsonEntityView;
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.util.JsonUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Component;
+import org.springframework.validation.BeanPropertyBindingResult;
+import org.springframework.web.servlet.view.AbstractView;
+
+import com.google.common.base.Strings;
+import com.google.gson.ExclusionStrategy;
+import com.google.gson.FieldAttributes;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.JsonObject;
+import com.google.gson.LongSerializationPolicy;
+
+@Component(ResourceSetEntityView.VIEWNAME)
+public class ResourceSetEntityView extends AbstractView {
+	private static Logger logger = LoggerFactory.getLogger(JsonEntityView.class);
+
+	public static final String VIEWNAME = "resourceSetEntityView";
+
+	@Autowired
+	private ConfigurationPropertiesBean config;
+
+	private Gson gson = new GsonBuilder()
+			.setExclusionStrategies(new ExclusionStrategy() {
+
+				@Override
+				public boolean shouldSkipField(FieldAttributes f) {
+
+					return false;
+				}
+
+				@Override
+				public boolean shouldSkipClass(Class<?> clazz) {
+					// skip the JPA binding wrapper
+					if (clazz.equals(BeanPropertyBindingResult.class)) {
+						return true;
+					}
+					return false;
+				}
+
+			})
+			.serializeNulls()
+			.setDateFormat("yyyy-MM-dd'T'HH:mm:ssZ")
+			.setLongSerializationPolicy(LongSerializationPolicy.STRING)
+			.create();
+
+	@Override
+	protected void renderMergedOutputModel(Map<String, Object> model, HttpServletRequest request, HttpServletResponse response) {
+
+		response.setContentType("application/json");
+
+
+		HttpStatus code = (HttpStatus) model.get("code");
+		if (code == null) {
+			code = HttpStatus.OK; // default to 200
+		}
+
+		response.setStatus(code.value());
+
+		String location = (String) model.get("location");
+		if (!Strings.isNullOrEmpty(location)) {
+			response.setHeader(HttpHeaders.LOCATION, location);
+		}
+
+		try {
+
+			Writer out = response.getWriter();
+			ResourceSet rs = (ResourceSet) model.get("entity");
+
+			JsonObject o = new JsonObject();
+
+			o.addProperty("_id", rs.getId().toString()); // send the id as a string
+			o.addProperty("user_access_policy_uri", config.getIssuer() + "manage/resource/" + rs.getId());
+			o.addProperty("name", rs.getName());
+			o.addProperty("uri", rs.getUri());
+			o.addProperty("type", rs.getType());
+			o.add("scopes", JsonUtils.getAsArray(rs.getScopes()));
+			o.addProperty("icon_uri", rs.getIconUri());
+
+			gson.toJson(o, out);
+
+		} catch (IOException e) {
+
+			logger.error("IOException in ResourceSetEntityView.java: ", e);
+
+		}
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/web/AuthorizationRequestEndpoint.java b/uma-server/src/main/java/org/mitre/uma/web/AuthorizationRequestEndpoint.java
new file mode 100644
index 000000000..04f837844
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/web/AuthorizationRequestEndpoint.java
@@ -0,0 +1,202 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.web;
+
+import java.util.Map;
+
+import org.mitre.oauth2.model.OAuth2AccessTokenEntity;
+import org.mitre.oauth2.service.OAuth2TokenEntityService;
+import org.mitre.oauth2.service.SystemScopeService;
+import org.mitre.oauth2.web.AuthenticationUtilities;
+import org.mitre.openid.connect.view.HttpCodeView;
+import org.mitre.openid.connect.view.JsonEntityView;
+import org.mitre.openid.connect.view.JsonErrorView;
+import org.mitre.uma.model.Claim;
+import org.mitre.uma.model.ClaimProcessingResult;
+import org.mitre.uma.model.PermissionTicket;
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.uma.service.ClaimsProcessingService;
+import org.mitre.uma.service.PermissionService;
+import org.mitre.uma.service.UmaTokenService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.google.common.collect.ImmutableMap;
+import com.google.gson.JsonArray;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParser;
+import com.google.gson.JsonPrimitive;
+
+/**
+ * @author jricher
+ *
+ */
+@Controller
+@RequestMapping("/" + AuthorizationRequestEndpoint.URL)
+public class AuthorizationRequestEndpoint {
+	// Logger for this class
+	private static final Logger logger = LoggerFactory.getLogger(AuthorizationRequestEndpoint.class);
+
+	public static final String RPT = "rpt";
+	public static final String TICKET = "ticket";
+	public static final String URL = "authz_request";
+
+	@Autowired
+	private PermissionService permissionService;
+
+	@Autowired
+	private OAuth2TokenEntityService tokenService;
+
+	@Autowired
+	private ClaimsProcessingService claimsProcessingService;
+
+	@Autowired
+	private UmaTokenService umaTokenService;
+
+	@RequestMapping(method = RequestMethod.POST, consumes = MimeTypeUtils.APPLICATION_JSON_VALUE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String authorizationRequest(@RequestBody String jsonString, Model m, Authentication auth) {
+
+		AuthenticationUtilities.ensureOAuthScope(auth, SystemScopeService.UMA_AUTHORIZATION_SCOPE);
+
+		JsonParser parser = new JsonParser();
+		JsonElement e = parser.parse(jsonString);
+
+		if (e.isJsonObject()) {
+			JsonObject o = e.getAsJsonObject();
+
+			if (o.has(TICKET)) {
+
+				OAuth2AccessTokenEntity incomingRpt = null;
+				if (o.has(RPT)) {
+					String rptValue = o.get(RPT).getAsString();
+					incomingRpt = tokenService.readAccessToken(rptValue);
+				}
+
+				String ticketValue = o.get(TICKET).getAsString();
+
+				PermissionTicket ticket = permissionService.getByTicket(ticketValue);
+
+				if (ticket != null) {
+					// found the ticket, see if it's any good
+
+					ResourceSet rs = ticket.getPermission().getResourceSet();
+
+					if (rs.getPolicies() == null || rs.getPolicies().isEmpty()) {
+						// the required claims are empty, this resource has no way to be authorized
+
+						m.addAttribute(JsonErrorView.ERROR, "not_authorized");
+						m.addAttribute(JsonErrorView.ERROR_MESSAGE, "This resource set can not be accessed.");
+						m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
+						return JsonErrorView.VIEWNAME;
+					} else {
+						// claims weren't empty or missing, we need to check against what we have
+
+						ClaimProcessingResult result = claimsProcessingService.claimsAreSatisfied(rs, ticket);
+
+
+						if (result.isSatisfied()) {
+							// the service found what it was looking for, issue a token
+
+							// we need to downscope this based on the required set that was matched if it was matched
+							OAuth2Authentication o2auth = (OAuth2Authentication) auth;
+
+							OAuth2AccessTokenEntity token = umaTokenService.createRequestingPartyToken(o2auth, ticket, result.getMatched());
+
+							// if we have an inbound RPT, throw it out because we're replacing it
+							if (incomingRpt != null) {
+								tokenService.revokeAccessToken(incomingRpt);
+							}
+
+							Map<String, String> entity = ImmutableMap.of("rpt", token.getValue());
+
+							m.addAttribute(JsonEntityView.ENTITY, entity);
+
+							return JsonEntityView.VIEWNAME;
+
+						} else {
+
+							// if we got here, the claim didn't match, forward the user to the claim gathering endpoint
+							JsonObject entity = new JsonObject();
+
+							entity.addProperty(JsonErrorView.ERROR, "need_info");
+							JsonObject details = new JsonObject();
+
+							JsonObject rpClaims = new JsonObject();
+							rpClaims.addProperty("redirect_user", true);
+							rpClaims.addProperty("ticket", ticketValue);
+							JsonArray req = new JsonArray();
+							for (Claim claim : result.getUnmatched()) {
+								JsonObject c = new JsonObject();
+								c.addProperty("name", claim.getName());
+								c.addProperty("friendly_name", claim.getFriendlyName());
+								c.addProperty("claim_type", claim.getClaimType());
+								JsonArray f = new JsonArray();
+								for (String format : claim.getClaimTokenFormat()) {
+									f.add(new JsonPrimitive(format));
+								}
+								c.add("claim_token_format", f);
+								JsonArray i = new JsonArray();
+								for (String issuer : claim.getIssuer()) {
+									i.add(new JsonPrimitive(issuer));
+								}
+								c.add("issuer", i);
+								req.add(c);
+							}
+							rpClaims.add("required_claims", req);
+							details.add("requesting_party_claims", rpClaims);
+							entity.add("error_details", details);
+
+							m.addAttribute(JsonEntityView.ENTITY, entity);
+							return JsonEntityView.VIEWNAME;
+						}
+
+
+					}
+				} else {
+					// ticket wasn't found, return an error
+					m.addAttribute(HttpStatus.BAD_REQUEST);
+					m.addAttribute(JsonErrorView.ERROR, "invalid_ticket");
+					return JsonErrorView.VIEWNAME;
+				}
+
+			} else {
+				m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
+				m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Missing JSON elements.");
+				return JsonErrorView.VIEWNAME;
+			}
+
+
+		} else {
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
+			m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Malformed JSON request.");
+			return JsonErrorView.VIEWNAME;
+		}
+
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/web/ClaimsCollectionEndpoint.java b/uma-server/src/main/java/org/mitre/uma/web/ClaimsCollectionEndpoint.java
new file mode 100644
index 000000000..52061e4eb
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/web/ClaimsCollectionEndpoint.java
@@ -0,0 +1,152 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.web;
+
+import java.util.Set;
+
+import org.mitre.oauth2.model.ClientDetailsEntity;
+import org.mitre.oauth2.service.ClientDetailsEntityService;
+import org.mitre.openid.connect.model.OIDCAuthenticationToken;
+import org.mitre.openid.connect.model.UserInfo;
+import org.mitre.openid.connect.view.HttpCodeView;
+import org.mitre.uma.model.Claim;
+import org.mitre.uma.model.PermissionTicket;
+import org.mitre.uma.service.PermissionService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.util.UriComponentsBuilder;
+
+import com.google.common.base.Strings;
+import com.google.common.collect.Sets;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonPrimitive;
+
+/**
+ *
+ * Collect claims interactively from the end user.
+ *
+ * @author jricher
+ *
+ */
+@Controller
+@PreAuthorize("hasRole('ROLE_EXTERNAL_USER')")
+@RequestMapping("/" + ClaimsCollectionEndpoint.URL)
+public class ClaimsCollectionEndpoint {
+	// Logger for this class
+	private static final Logger logger = LoggerFactory.getLogger(ClaimsCollectionEndpoint.class);
+
+	public static final String URL = "rqp_claims";
+
+	@Autowired
+	private ClientDetailsEntityService clientService;
+
+	@Autowired
+	private PermissionService permissionService;
+
+
+	@RequestMapping(method = RequestMethod.GET)
+	public String collectClaims(@RequestParam("client_id") String clientId, @RequestParam(value = "redirect_uri", required = false) String redirectUri,
+			@RequestParam("ticket") String ticketValue, @RequestParam(value = "state", required = false) String state,
+			Model m, OIDCAuthenticationToken auth) {
+
+
+		ClientDetailsEntity client = clientService.loadClientByClientId(clientId);
+
+		PermissionTicket ticket = permissionService.getByTicket(ticketValue);
+
+		if (client == null || ticket == null) {
+			logger.info("Client or ticket not found: " + clientId + " :: " + ticketValue);
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		// we've got a client and ticket, let's attach the claims that we have from the token and userinfo
+
+		// subject
+		Set<Claim> claimsSupplied = Sets.newHashSet(ticket.getClaimsSupplied());
+
+		String issuer = auth.getIssuer();
+		UserInfo userInfo = auth.getUserInfo();
+
+		claimsSupplied.add(mkClaim(issuer, "sub", new JsonPrimitive(auth.getSub())));
+		if (userInfo.getEmail() != null) {
+			claimsSupplied.add(mkClaim(issuer, "email", new JsonPrimitive(userInfo.getEmail())));
+		}
+		if (userInfo.getEmailVerified() != null) {
+			claimsSupplied.add(mkClaim(issuer, "email_verified", new JsonPrimitive(userInfo.getEmailVerified())));
+		}
+		if (userInfo.getPhoneNumber() != null) {
+			claimsSupplied.add(mkClaim(issuer, "phone_number", new JsonPrimitive(auth.getUserInfo().getPhoneNumber())));
+		}
+		if (userInfo.getPhoneNumberVerified() != null) {
+			claimsSupplied.add(mkClaim(issuer, "phone_number_verified", new JsonPrimitive(auth.getUserInfo().getPhoneNumberVerified())));
+		}
+		if (userInfo.getPreferredUsername() != null) {
+			claimsSupplied.add(mkClaim(issuer, "preferred_username", new JsonPrimitive(auth.getUserInfo().getPreferredUsername())));
+		}
+		if (userInfo.getProfile() != null) {
+			claimsSupplied.add(mkClaim(issuer, "profile", new JsonPrimitive(auth.getUserInfo().getProfile())));
+		}
+
+		ticket.setClaimsSupplied(claimsSupplied);
+		
+		PermissionTicket updatedTicket = permissionService.updateTicket(ticket);
+		
+		if (Strings.isNullOrEmpty(redirectUri)) {
+			if (client.getClaimsRedirectUris().size() == 1) {
+				redirectUri = client.getClaimsRedirectUris().iterator().next(); // get the first (and only) redirect URI to use here
+				logger.info("No redirect URI passed in, using registered value: " + redirectUri);
+			} else {
+				throw new RedirectMismatchException("Unable to find redirect URI and none passed in.");
+			}
+		} else {
+			if (!client.getClaimsRedirectUris().contains(redirectUri)) {
+				throw new RedirectMismatchException("Claims redirect did not match the registered values.");
+			}
+		}
+
+		UriComponentsBuilder template = UriComponentsBuilder.fromUriString(redirectUri);
+		template.queryParam("authorization_state", "claims_submitted");
+		if (!Strings.isNullOrEmpty(state)) {
+			template.queryParam("state", state);
+		}
+
+		String uriString = template.toUriString();
+		logger.info("Redirecting to " + uriString);
+
+		return "redirect:" + uriString;
+	}
+
+
+	private Claim mkClaim(String issuer, String name, JsonElement value) {
+		Claim c = new Claim();
+		c.setIssuer(Sets.newHashSet(issuer));
+		c.setName(name);
+		c.setValue(value);
+		return c;
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/web/PermissionRegistrationEndpoint.java b/uma-server/src/main/java/org/mitre/uma/web/PermissionRegistrationEndpoint.java
new file mode 100644
index 000000000..a3b660129
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/web/PermissionRegistrationEndpoint.java
@@ -0,0 +1,155 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.web;
+
+import static org.mitre.oauth2.web.AuthenticationUtilities.ensureOAuthScope;
+import static org.mitre.util.JsonUtils.getAsLong;
+import static org.mitre.util.JsonUtils.getAsStringSet;
+
+import java.util.Set;
+
+import org.mitre.oauth2.model.SystemScope;
+import org.mitre.oauth2.service.SystemScopeService;
+import org.mitre.openid.connect.view.JsonEntityView;
+import org.mitre.openid.connect.view.JsonErrorView;
+import org.mitre.uma.model.PermissionTicket;
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.uma.service.PermissionService;
+import org.mitre.uma.service.ResourceSetService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.Authentication;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParseException;
+import com.google.gson.JsonParser;
+
+/**
+ * @author jricher
+ *
+ */
+@Controller
+@RequestMapping("/" + PermissionRegistrationEndpoint.URL)
+@PreAuthorize("hasRole('ROLE_USER')")
+public class PermissionRegistrationEndpoint {
+	// Logger for this class
+	private static final Logger logger = LoggerFactory.getLogger(PermissionRegistrationEndpoint.class);
+
+	public static final String URL = "permission";
+
+	@Autowired
+	private PermissionService permissionService;
+
+	@Autowired
+	private ResourceSetService resourceSetService;
+
+	@Autowired
+	private SystemScopeService scopeService;
+
+	private JsonParser parser = new JsonParser();
+
+	@RequestMapping(method = RequestMethod.POST, consumes = MimeTypeUtils.APPLICATION_JSON_VALUE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String getPermissionTicket(@RequestBody String jsonString, Model m, Authentication auth) {
+
+		ensureOAuthScope(auth, SystemScopeService.UMA_PROTECTION_SCOPE);
+
+		try {
+
+			// parse the permission request
+
+			JsonElement el = parser.parse(jsonString);
+			if (el.isJsonObject()) {
+				JsonObject o = el.getAsJsonObject();
+
+				Long rsid = getAsLong(o, "resource_set_id");
+				Set<String> scopes = getAsStringSet(o, "scopes");
+
+				if (rsid == null || scopes == null || scopes.isEmpty()){
+					// missing information
+					m.addAttribute("code", HttpStatus.BAD_REQUEST);
+					m.addAttribute("errorMessage", "Missing required component of permission registration request.");
+					return JsonErrorView.VIEWNAME;
+				}
+
+				// trim any restricted scopes
+				Set<SystemScope> scopesRequested = scopeService.fromStrings(scopes);
+				scopesRequested = scopeService.removeRestrictedAndReservedScopes(scopesRequested);
+				scopes = scopeService.toStrings(scopesRequested);
+
+				ResourceSet resourceSet = resourceSetService.getById(rsid);
+
+				// requested resource set doesn't exist
+				if (resourceSet == null) {
+					m.addAttribute("code", HttpStatus.NOT_FOUND);
+					m.addAttribute("errorMessage", "Requested resource set not found: " + rsid);
+					return JsonErrorView.VIEWNAME;
+				}
+
+				// authorized user of the token doesn't match owner of the resource set
+				if (!resourceSet.getOwner().equals(auth.getName())) {
+					m.addAttribute("code", HttpStatus.FORBIDDEN);
+					m.addAttribute("errorMessage", "Party requesting permission is not owner of resource set, expected " + resourceSet.getOwner() + " got " + auth.getName());
+					return JsonErrorView.VIEWNAME;
+				}
+
+				// create the permission
+				PermissionTicket permission = permissionService.createTicket(resourceSet, scopes);
+
+				if (permission != null) {
+					// we've created the permission, return the ticket
+					JsonObject out = new JsonObject();
+					out.addProperty("ticket", permission.getTicket());
+					m.addAttribute("entity", out);
+
+					m.addAttribute("code", HttpStatus.CREATED);
+
+					return JsonEntityView.VIEWNAME;
+				} else {
+					// there was a failure creating the permission object
+
+					m.addAttribute("code", HttpStatus.INTERNAL_SERVER_ERROR);
+					m.addAttribute("errorMessage", "Unable to save permission and generate ticket.");
+
+					return JsonErrorView.VIEWNAME;
+				}
+
+			} else {
+				// malformed request
+				m.addAttribute("code", HttpStatus.BAD_REQUEST);
+				m.addAttribute("errorMessage", "Malformed JSON request.");
+				return JsonErrorView.VIEWNAME;
+			}
+		} catch (JsonParseException e) {
+			// malformed request
+			m.addAttribute("code", HttpStatus.BAD_REQUEST);
+			m.addAttribute("errorMessage", "Malformed JSON request.");
+			return JsonErrorView.VIEWNAME;
+		}
+
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/web/PolicyAPI.java b/uma-server/src/main/java/org/mitre/uma/web/PolicyAPI.java
new file mode 100644
index 000000000..2b1feda58
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/web/PolicyAPI.java
@@ -0,0 +1,391 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.web;
+
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Set;
+
+import org.mitre.openid.connect.view.HttpCodeView;
+import org.mitre.openid.connect.view.JsonEntityView;
+import org.mitre.openid.connect.view.JsonErrorView;
+import org.mitre.openid.connect.web.RootController;
+import org.mitre.uma.model.Claim;
+import org.mitre.uma.model.Policy;
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.uma.service.ResourceSetService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.Authentication;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.google.common.collect.Sets;
+import com.google.gson.Gson;
+
+/**
+ * API for managing policies on resource sets.
+ *
+ * @author jricher
+ *
+ */
+@Controller
+@RequestMapping("/" + PolicyAPI.URL)
+@PreAuthorize("hasRole('ROLE_USER')")
+public class PolicyAPI {
+
+	// Logger for this class
+	private static final Logger logger = LoggerFactory.getLogger(PolicyAPI.class);
+
+	public static final String URL = RootController.API_URL + "/resourceset";
+	public static final String POLICYURL = "/policy";
+
+	private Gson gson = new Gson();
+
+	@Autowired
+	private ResourceSetService resourceSetService;
+
+	/**
+	 * List all resource sets for the current user
+	 * @param m
+	 * @param auth
+	 * @return
+	 */
+	@RequestMapping(value = "", method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String getResourceSetsForCurrentUser(Model m, Authentication auth) {
+
+		Collection<ResourceSet> resourceSets = resourceSetService.getAllForOwner(auth.getName());
+
+		m.addAttribute(JsonEntityView.ENTITY, resourceSets);
+
+		return JsonEntityView.VIEWNAME;
+	}
+
+	/**
+	 * Get the indicated resource set
+	 * @param rsid
+	 * @param m
+	 * @param auth
+	 * @return
+	 */
+	@RequestMapping(value = "/{rsid}", method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String getResourceSet(@PathVariable (value = "rsid") Long rsid, Model m, Authentication auth) {
+
+		ResourceSet rs = resourceSetService.getById(rsid);
+
+		if (rs == null) {
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		if (!rs.getOwner().equals(auth.getName())) {
+			logger.warn("Unauthorized resource set request from bad user; expected " + rs.getOwner() + " got " + auth.getName());
+
+			// authenticated user didn't match the owner of the resource set
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		m.addAttribute(JsonEntityView.ENTITY, rs);
+
+		return JsonEntityView.VIEWNAME;
+	}
+
+	/**
+	 * Delete the indicated resource set
+	 * @param rsid
+	 * @param m
+	 * @param auth
+	 * @return
+	 */
+	@RequestMapping(value = "/{rsid}", method = RequestMethod.DELETE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String deleteResourceSet(@PathVariable (value = "rsid") Long rsid, Model m, Authentication auth) {
+
+		ResourceSet rs = resourceSetService.getById(rsid);
+
+		if (rs == null) {
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		if (!rs.getOwner().equals(auth.getName())) {
+			logger.warn("Unauthorized resource set request from bad user; expected " + rs.getOwner() + " got " + auth.getName());
+
+			// authenticated user didn't match the owner of the resource set
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		resourceSetService.remove(rs);
+		m.addAttribute(HttpCodeView.CODE, HttpStatus.NO_CONTENT);
+		return HttpCodeView.VIEWNAME;
+
+	}
+
+	/**
+	 * List all the policies for the given resource set
+	 * @param rsid
+	 * @param m
+	 * @param auth
+	 * @return
+	 */
+	@RequestMapping(value = "/{rsid}" + POLICYURL, method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String getPoliciesForResourceSet(@PathVariable (value = "rsid") Long rsid, Model m, Authentication auth) {
+
+		ResourceSet rs = resourceSetService.getById(rsid);
+
+		if (rs == null) {
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		if (!rs.getOwner().equals(auth.getName())) {
+			logger.warn("Unauthorized resource set request from bad user; expected " + rs.getOwner() + " got " + auth.getName());
+
+			// authenticated user didn't match the owner of the resource set
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		m.addAttribute(JsonEntityView.ENTITY, rs.getPolicies());
+
+		return JsonEntityView.VIEWNAME;
+	}
+
+	/**
+	 * Create a new policy on the given resource set
+	 * @param rsid
+	 * @param m
+	 * @param auth
+	 * @return
+	 */
+	@RequestMapping(value = "/{rsid}" + POLICYURL, method = RequestMethod.POST, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String createNewPolicyForResourceSet(@PathVariable (value = "rsid") Long rsid, @RequestBody String jsonString, Model m, Authentication auth) {
+		ResourceSet rs = resourceSetService.getById(rsid);
+
+		if (rs == null) {
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		if (!rs.getOwner().equals(auth.getName())) {
+			logger.warn("Unauthorized resource set request from bad user; expected " + rs.getOwner() + " got " + auth.getName());
+
+			// authenticated user didn't match the owner of the resource set
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		Policy p = gson.fromJson(jsonString, Policy.class);
+
+		if (p.getId() != null) {
+			logger.warn("Tried to add a policy with a non-null ID: " + p.getId());
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		for (Claim claim : p.getClaimsRequired()) {
+			if (claim.getId() != null) {
+				logger.warn("Tried to add a policy with a non-null claim ID: " + claim.getId());
+				m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
+				return HttpCodeView.VIEWNAME;
+			}
+		}
+
+		rs.getPolicies().add(p);
+		ResourceSet saved = resourceSetService.update(rs, rs);
+
+		// find the new policy object
+		Collection<Policy> newPolicies = Sets.difference(new HashSet<>(saved.getPolicies()), new HashSet<>(rs.getPolicies()));
+
+		if (newPolicies.size() == 1) {
+			Policy newPolicy = newPolicies.iterator().next();
+			m.addAttribute(JsonEntityView.ENTITY, newPolicy);
+			return JsonEntityView.VIEWNAME;
+		} else {
+			logger.warn("Unexpected result trying to add a new policy object: " + newPolicies);
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.INTERNAL_SERVER_ERROR);
+			return HttpCodeView.VIEWNAME;
+		}
+
+	}
+
+	/**
+	 * Get a specific policy
+	 * @param rsid
+	 * @param pid
+	 * @param m
+	 * @param auth
+	 * @return
+	 */
+	@RequestMapping(value = "/{rsid}" + POLICYURL + "/{pid}", method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String getPolicy(@PathVariable (value = "rsid") Long rsid, @PathVariable (value = "pid") Long pid, Model m, Authentication auth) {
+
+		ResourceSet rs = resourceSetService.getById(rsid);
+
+		if (rs == null) {
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		if (!rs.getOwner().equals(auth.getName())) {
+			logger.warn("Unauthorized resource set request from bad user; expected " + rs.getOwner() + " got " + auth.getName());
+
+			// authenticated user didn't match the owner of the resource set
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		for (Policy policy : rs.getPolicies()) {
+			if (policy.getId().equals(pid)) {
+				// found it!
+				m.addAttribute(JsonEntityView.ENTITY, policy);
+				return JsonEntityView.VIEWNAME;
+			}
+		}
+
+		// if we made it this far, we haven't found it
+		m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+		return HttpCodeView.VIEWNAME;
+	}
+
+	/**
+	 * Update a specific policy
+	 * @param rsid
+	 * @param pid
+	 * @param jsonString
+	 * @param m
+	 * @param auth
+	 * @return
+	 */
+	@RequestMapping(value = "/{rsid}" + POLICYURL + "/{pid}", method = RequestMethod.PUT, consumes = MimeTypeUtils.APPLICATION_JSON_VALUE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String setClaimsForResourceSet(@PathVariable (value = "rsid") Long rsid, @PathVariable (value = "pid") Long pid, @RequestBody String jsonString, Model m, Authentication auth) {
+
+		ResourceSet rs = resourceSetService.getById(rsid);
+
+		if (rs == null) {
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		if (!rs.getOwner().equals(auth.getName())) {
+			logger.warn("Unauthorized resource set request from bad user; expected " + rs.getOwner() + " got " + auth.getName());
+
+			// authenticated user didn't match the owner of the resource set
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		Policy p = gson.fromJson(jsonString, Policy.class);
+
+		if (!pid.equals(p.getId())) {
+			logger.warn("Policy ID mismatch, expected " + pid + " got " + p.getId());
+
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
+			return HttpCodeView.VIEWNAME;
+		}
+
+		for (Policy policy : rs.getPolicies()) {
+			if (policy.getId().equals(pid)) {
+				// found it!
+
+				// find the existing claim IDs, make sure we're not overwriting anything from another policy
+				Set<Long> claimIds = new HashSet<>();
+				for (Claim claim : policy.getClaimsRequired()) {
+					claimIds.add(claim.getId());
+				}
+
+				for (Claim claim : p.getClaimsRequired()) {
+					if (claim.getId() != null && !claimIds.contains(claim.getId())) {
+						logger.warn("Tried to add a policy with a an unmatched claim ID: got " + claim.getId() + " expected " + claimIds);
+						m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
+						return HttpCodeView.VIEWNAME;
+					}
+				}
+
+				// update the existing object with the new values
+				policy.setClaimsRequired(p.getClaimsRequired());
+				policy.setName(p.getName());
+				policy.setScopes(p.getScopes());
+
+				resourceSetService.update(rs, rs);
+
+				m.addAttribute(JsonEntityView.ENTITY, policy);
+				return JsonEntityView.VIEWNAME;
+			}
+		}
+
+		// if we made it this far, we haven't found it
+		m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+		return HttpCodeView.VIEWNAME;
+	}
+
+	/**
+	 * Delete a specific policy
+	 * @param rsid
+	 * @param pid
+	 * @param m
+	 * @param auth
+	 * @return
+	 */
+	@RequestMapping(value = "/{rsid}" + POLICYURL + "/{pid}", method = RequestMethod.DELETE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String deleteResourceSet(@PathVariable ("rsid") Long rsid, @PathVariable (value = "pid") Long pid, Model m, Authentication auth) {
+
+		ResourceSet rs = resourceSetService.getById(rsid);
+
+		if (rs == null) {
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+			m.addAttribute(JsonErrorView.ERROR, "not_found");
+			return JsonErrorView.VIEWNAME;
+		}
+
+		if (!auth.getName().equals(rs.getOwner())) {
+
+			logger.warn("Unauthorized resource set request from bad user; expected " + rs.getOwner() + " got " + auth.getName());
+
+			// it wasn't issued to this user
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
+			return JsonErrorView.VIEWNAME;
+		}
+
+
+		for (Policy policy : rs.getPolicies()) {
+			if (policy.getId().equals(pid)) {
+				// found it!
+				rs.getPolicies().remove(policy);
+				resourceSetService.update(rs, rs);
+
+				m.addAttribute(HttpCodeView.CODE, HttpStatus.NO_CONTENT);
+				return HttpCodeView.VIEWNAME;
+			}
+		}
+
+		// if we made it this far, we haven't found it
+		m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+		return HttpCodeView.VIEWNAME;
+
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/web/ResourceSetRegistrationEndpoint.java b/uma-server/src/main/java/org/mitre/uma/web/ResourceSetRegistrationEndpoint.java
new file mode 100644
index 000000000..ce10568fb
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/web/ResourceSetRegistrationEndpoint.java
@@ -0,0 +1,317 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+package org.mitre.uma.web;
+
+
+import static org.mitre.oauth2.web.AuthenticationUtilities.ensureOAuthScope;
+import static org.mitre.util.JsonUtils.getAsLong;
+import static org.mitre.util.JsonUtils.getAsString;
+import static org.mitre.util.JsonUtils.getAsStringSet;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+
+import org.mitre.oauth2.model.SystemScope;
+import org.mitre.oauth2.service.SystemScopeService;
+import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
+import org.mitre.openid.connect.view.HttpCodeView;
+import org.mitre.openid.connect.view.JsonEntityView;
+import org.mitre.openid.connect.view.JsonErrorView;
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.uma.service.ResourceSetService;
+import org.mitre.uma.view.ResourceSetEntityAbbreviatedView;
+import org.mitre.uma.view.ResourceSetEntityView;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.google.common.base.Strings;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+import com.google.gson.JsonParseException;
+import com.google.gson.JsonParser;
+
+@Controller
+@RequestMapping("/" + ResourceSetRegistrationEndpoint.URL)
+@PreAuthorize("hasRole('ROLE_USER')")
+public class ResourceSetRegistrationEndpoint {
+
+	private static final Logger logger = LoggerFactory.getLogger(ResourceSetRegistrationEndpoint.class);
+
+	public static final String DISCOVERY_URL = "resource_set";
+	public static final String URL = DISCOVERY_URL + "/resource_set";
+
+	@Autowired
+	private ResourceSetService resourceSetService;
+
+	@Autowired
+	private ConfigurationPropertiesBean config;
+
+	@Autowired
+	private SystemScopeService scopeService;
+
+	private JsonParser parser = new JsonParser();
+
+	@RequestMapping(method = RequestMethod.POST, produces = MimeTypeUtils.APPLICATION_JSON_VALUE, consumes = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String createResourceSet(@RequestBody String jsonString, Model m, Authentication auth) {
+		ensureOAuthScope(auth, SystemScopeService.UMA_PROTECTION_SCOPE);
+
+		ResourceSet rs = parseResourceSet(jsonString);
+
+		if (rs == null) { // there was no resource set in the body
+			logger.warn("Resource set registration missing body.");
+
+			m.addAttribute("code", HttpStatus.BAD_REQUEST);
+			m.addAttribute("error_description", "Resource request was missing body.");
+			return JsonErrorView.VIEWNAME;
+		}
+
+		if (auth instanceof OAuth2Authentication) {
+			// if it's an OAuth mediated call, it's on behalf of a client, so store that
+			OAuth2Authentication o2a = (OAuth2Authentication) auth;
+			rs.setClientId(o2a.getOAuth2Request().getClientId());
+			rs.setOwner(auth.getName()); // the username is going to be in the auth object
+		} else {
+			// this one shouldn't be called if it's not OAuth
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
+			m.addAttribute(JsonErrorView.ERROR_MESSAGE, "This call must be made with an OAuth token");
+			return JsonErrorView.VIEWNAME;
+		}
+
+		rs = validateScopes(rs);
+
+		if (Strings.isNullOrEmpty(rs.getName()) // there was no name (required)
+				|| rs.getScopes() == null // there were no scopes (required)
+				) {
+
+			logger.warn("Resource set registration missing one or more required fields.");
+
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
+			m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Resource request was missing one or more required fields.");
+			return JsonErrorView.VIEWNAME;
+		}
+
+		ResourceSet saved = resourceSetService.saveNew(rs);
+
+		m.addAttribute(HttpCodeView.CODE, HttpStatus.CREATED);
+		m.addAttribute(JsonEntityView.ENTITY, saved);
+		m.addAttribute(ResourceSetEntityAbbreviatedView.LOCATION, config.getIssuer() + URL + "/" + saved.getId());
+
+		return ResourceSetEntityAbbreviatedView.VIEWNAME;
+
+	}
+
+	@RequestMapping(value = "/{id}", method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String readResourceSet(@PathVariable ("id") Long id, Model m, Authentication auth) {
+		ensureOAuthScope(auth, SystemScopeService.UMA_PROTECTION_SCOPE);
+
+		ResourceSet rs = resourceSetService.getById(id);
+
+		if (rs == null) {
+			m.addAttribute("code", HttpStatus.NOT_FOUND);
+			m.addAttribute("error", "not_found");
+			return JsonErrorView.VIEWNAME;
+		} else {
+
+			rs = validateScopes(rs);
+
+			if (!auth.getName().equals(rs.getOwner())) {
+
+				logger.warn("Unauthorized resource set request from wrong user; expected " + rs.getOwner() + " got " + auth.getName());
+
+				// it wasn't issued to this user
+				m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
+				return JsonErrorView.VIEWNAME;
+			} else {
+				m.addAttribute(JsonEntityView.ENTITY, rs);
+				return ResourceSetEntityView.VIEWNAME;
+			}
+
+		}
+
+	}
+
+	@RequestMapping(value = "/{id}", method = RequestMethod.PUT, consumes = MimeTypeUtils.APPLICATION_JSON_VALUE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String updateResourceSet(@PathVariable ("id") Long id, @RequestBody String jsonString, Model m, Authentication auth) {
+		ensureOAuthScope(auth, SystemScopeService.UMA_PROTECTION_SCOPE);
+
+		ResourceSet newRs = parseResourceSet(jsonString);
+
+		if (newRs == null // there was no resource set in the body
+				|| Strings.isNullOrEmpty(newRs.getName()) // there was no name (required)
+				|| newRs.getScopes() == null // there were no scopes (required)
+				|| newRs.getId() == null || !newRs.getId().equals(id) // the IDs didn't match
+				) {
+
+			logger.warn("Resource set registration missing one or more required fields.");
+
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.BAD_REQUEST);
+			m.addAttribute(JsonErrorView.ERROR_MESSAGE, "Resource request was missing one or more required fields.");
+			return JsonErrorView.VIEWNAME;
+		}
+
+		ResourceSet rs = resourceSetService.getById(id);
+
+		if (rs == null) {
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+			m.addAttribute(JsonErrorView.ERROR, "not_found");
+			return JsonErrorView.VIEWNAME;
+		} else {
+			if (!auth.getName().equals(rs.getOwner())) {
+
+				logger.warn("Unauthorized resource set request from bad user; expected " + rs.getOwner() + " got " + auth.getName());
+
+				// it wasn't issued to this user
+				m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
+				return JsonErrorView.VIEWNAME;
+			} else {
+
+				ResourceSet saved = resourceSetService.update(rs, newRs);
+
+				m.addAttribute(JsonEntityView.ENTITY, saved);
+				m.addAttribute(ResourceSetEntityAbbreviatedView.LOCATION, config.getIssuer() + URL + "/" + rs.getId());
+				return ResourceSetEntityAbbreviatedView.VIEWNAME;
+			}
+
+		}
+	}
+
+	@RequestMapping(value = "/{id}", method = RequestMethod.DELETE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String deleteResourceSet(@PathVariable ("id") Long id, Model m, Authentication auth) {
+		ensureOAuthScope(auth, SystemScopeService.UMA_PROTECTION_SCOPE);
+
+		ResourceSet rs = resourceSetService.getById(id);
+
+		if (rs == null) {
+			m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+			m.addAttribute(JsonErrorView.ERROR, "not_found");
+			return JsonErrorView.VIEWNAME;
+		} else {
+			if (!auth.getName().equals(rs.getOwner())) {
+
+				logger.warn("Unauthorized resource set request from bad user; expected " + rs.getOwner() + " got " + auth.getName());
+
+				// it wasn't issued to this user
+				m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
+				return JsonErrorView.VIEWNAME;
+			} else if (auth instanceof OAuth2Authentication &&
+					!((OAuth2Authentication)auth).getOAuth2Request().getClientId().equals(rs.getClientId())){
+
+				logger.warn("Unauthorized resource set request from bad client; expected " + rs.getClientId() + " got " + ((OAuth2Authentication)auth).getOAuth2Request().getClientId());
+
+				// it wasn't issued to this client
+				m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
+				return JsonErrorView.VIEWNAME;
+			} else {
+
+				// user and client matched
+				resourceSetService.remove(rs);
+
+				m.addAttribute(HttpCodeView.CODE, HttpStatus.NO_CONTENT);
+				return HttpCodeView.VIEWNAME;
+			}
+
+		}
+	}
+
+	@RequestMapping(method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String listResourceSets(Model m, Authentication auth) {
+		ensureOAuthScope(auth, SystemScopeService.UMA_PROTECTION_SCOPE);
+
+		String owner = auth.getName();
+
+		Collection<ResourceSet> resourceSets = Collections.emptySet();
+		if (auth instanceof OAuth2Authentication) {
+			// if it's an OAuth mediated call, it's on behalf of a client, so look that up too
+			OAuth2Authentication o2a = (OAuth2Authentication) auth;
+			resourceSets = resourceSetService.getAllForOwnerAndClient(owner, o2a.getOAuth2Request().getClientId());
+		} else {
+			// otherwise get everything for the current user
+			resourceSets = resourceSetService.getAllForOwner(owner);
+		}
+
+		// build the entity here and send to the display
+
+		Set<String> ids = new HashSet<>();
+		for (ResourceSet resourceSet : resourceSets) {
+			ids.add(resourceSet.getId().toString()); // add them all as strings so that gson renders them properly
+		}
+
+		m.addAttribute(JsonEntityView.ENTITY, ids);
+		return JsonEntityView.VIEWNAME;
+	}
+
+	private ResourceSet parseResourceSet(String jsonString) {
+
+		try {
+			JsonElement el = parser.parse(jsonString);
+
+			if (el.isJsonObject()) {
+				JsonObject o = el.getAsJsonObject();
+
+				ResourceSet rs = new ResourceSet();
+				rs.setId(getAsLong(o, "_id"));
+				rs.setName(getAsString(o, "name"));
+				rs.setIconUri(getAsString(o, "icon_uri"));
+				rs.setType(getAsString(o, "type"));
+				rs.setScopes(getAsStringSet(o, "scopes"));
+				rs.setUri(getAsString(o, "uri"));
+
+				return rs;
+
+			}
+
+			return null;
+
+		} catch (JsonParseException e) {
+			return null;
+		}
+
+	}
+
+
+	/**
+	 *
+	 * Make sure the resource set doesn't have any restricted or reserved scopes.
+	 *
+	 * @param rs
+	 */
+	private ResourceSet validateScopes(ResourceSet rs) {
+		// scopes that the client is asking for
+		Set<SystemScope> requestedScopes = scopeService.fromStrings(rs.getScopes());
+
+		// the scopes that the resource set can have must be a subset of the dynamically allowed scopes
+		Set<SystemScope> allowedScopes = scopeService.removeRestrictedAndReservedScopes(requestedScopes);
+
+		rs.setScopes(scopeService.toStrings(allowedScopes));
+
+		return rs;
+	}
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/web/UmaDiscoveryEndpoint.java b/uma-server/src/main/java/org/mitre/uma/web/UmaDiscoveryEndpoint.java
new file mode 100644
index 000000000..6dc8717ad
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/web/UmaDiscoveryEndpoint.java
@@ -0,0 +1,79 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.web;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.mitre.oauth2.web.IntrospectionEndpoint;
+import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
+import org.mitre.openid.connect.view.JsonEntityView;
+import org.mitre.openid.connect.web.DynamicClientRegistrationEndpoint;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.Lists;
+
+/**
+ * @author jricher
+ *
+ */
+@Controller
+public class UmaDiscoveryEndpoint {
+
+	@Autowired
+	private ConfigurationPropertiesBean config;
+
+	@RequestMapping(".well-known/uma-configuration")
+	public String umaConfiguration(Model model) {
+
+		Map<String, Object> m = new HashMap<>();
+
+		String issuer = config.getIssuer();
+		ImmutableSet<String> tokenProfiles = ImmutableSet.of("bearer");
+		ArrayList<String> grantTypes = Lists.newArrayList("authorization_code", "implicit", "urn:ietf:params:oauth:grant-type:jwt-bearer", "client_credentials", "urn:ietf:params:oauth:grant_type:redelegate");
+
+		m.put("version", "1.0");
+		m.put("issuer", issuer);
+		m.put("pat_profiles_supported", tokenProfiles);
+		m.put("aat_profiles_supported", tokenProfiles);
+		m.put("rpt_profiles_supported", tokenProfiles);
+		m.put("pat_grant_types_supported", grantTypes);
+		m.put("aat_grant_types_supported", grantTypes);
+		m.put("claim_token_profiles_supported", ImmutableSet.of());
+		m.put("uma_profiles_supported", ImmutableSet.of());
+		m.put("dynamic_client_endpoint", issuer + DynamicClientRegistrationEndpoint.URL);
+		m.put("token_endpoint", issuer + "token");
+		m.put("authorization_endpoint", issuer + "authorize");
+		m.put("requesting_party_claims_endpoint", issuer + ClaimsCollectionEndpoint.URL);
+		m.put("introspection_endpoint", issuer + IntrospectionEndpoint.URL);
+		m.put("resource_set_registration_endpoint", issuer + ResourceSetRegistrationEndpoint.DISCOVERY_URL);
+		m.put("permission_registration_endpoint", issuer + PermissionRegistrationEndpoint.URL);
+		m.put("rpt_endpoint", issuer + AuthorizationRequestEndpoint.URL);
+
+
+
+		model.addAttribute("entity", m);
+		return JsonEntityView.VIEWNAME;
+	}
+
+
+}
diff --git a/uma-server/src/main/java/org/mitre/uma/web/UserClaimSearchHelper.java b/uma-server/src/main/java/org/mitre/uma/web/UserClaimSearchHelper.java
new file mode 100644
index 000000000..377326470
--- /dev/null
+++ b/uma-server/src/main/java/org/mitre/uma/web/UserClaimSearchHelper.java
@@ -0,0 +1,117 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.web;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.mitre.openid.connect.client.model.IssuerServiceResponse;
+import org.mitre.openid.connect.client.service.impl.WebfingerIssuerService;
+import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
+import org.mitre.openid.connect.model.UserInfo;
+import org.mitre.openid.connect.service.UserInfoService;
+import org.mitre.openid.connect.view.HttpCodeView;
+import org.mitre.openid.connect.view.JsonEntityView;
+import org.mitre.openid.connect.view.JsonErrorView;
+import org.mitre.openid.connect.web.RootController;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.Authentication;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.util.MimeTypeUtils;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+
+import com.google.common.collect.ImmutableSet;
+
+
+/**
+ * @author jricher
+ *
+ */
+@Controller
+@RequestMapping("/" + UserClaimSearchHelper.URL)
+@PreAuthorize("hasRole('ROLE_USER')")
+public class UserClaimSearchHelper {
+
+	public static final String URL = RootController.API_URL + "/emailsearch";
+
+	private WebfingerIssuerService webfingerIssuerService = new WebfingerIssuerService();
+
+	@Autowired
+	private UserInfoService userInfoService;
+
+	@Autowired
+	private ConfigurationPropertiesBean config;
+
+
+	@RequestMapping(method = RequestMethod.GET, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
+	public String search(@RequestParam(value = "identifier") String email, Model m, Authentication auth, HttpServletRequest req) {
+
+		// check locally first
+		UserInfo localUser = userInfoService.getByEmailAddress(email);
+
+		if (localUser != null) {
+			Map<String, Object> e = new HashMap<>();
+			e.put("issuer", ImmutableSet.of(config.getIssuer()));
+			e.put("name", "email");
+			e.put("value", localUser.getEmail());
+
+			Map<String, Object> ev = new HashMap<>();
+			ev.put("issuer", ImmutableSet.of(config.getIssuer()));
+			ev.put("name", "email_verified");
+			ev.put("value", localUser.getEmailVerified());
+
+			Map<String, Object> s = new HashMap<>();
+			s.put("issuer", ImmutableSet.of(config.getIssuer()));
+			s.put("name", "sub");
+			s.put("value", localUser.getSub());
+
+			m.addAttribute(JsonEntityView.ENTITY, ImmutableSet.of(e, ev, s));
+			return JsonEntityView.VIEWNAME;
+		} else {
+
+			// otherwise do a webfinger lookup
+			IssuerServiceResponse resp = webfingerIssuerService.getIssuer(req);
+
+			if (resp != null && resp.getIssuer() != null) {
+				// we found an issuer, return that
+				Map<String, Object> e = new HashMap<>();
+				e.put("issuer", ImmutableSet.of(resp.getIssuer()));
+				e.put("name", "email");
+				e.put("value", email);
+
+				Map<String, Object> ev = new HashMap<>();
+				ev.put("issuer", ImmutableSet.of(resp.getIssuer()));
+				ev.put("name", "email_verified");
+				ev.put("value", true);
+
+				m.addAttribute(JsonEntityView.ENTITY, ImmutableSet.of(e, ev));
+				return JsonEntityView.VIEWNAME;
+			} else {
+				m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
+				return JsonErrorView.VIEWNAME;
+			}
+		}
+	}
+
+}
diff --git a/uma-server/src/test/java/META-INF/MANIFEST.MF b/uma-server/src/test/java/META-INF/MANIFEST.MF
new file mode 100644
index 000000000..254272e1c
--- /dev/null
+++ b/uma-server/src/test/java/META-INF/MANIFEST.MF
@@ -0,0 +1,3 @@
+Manifest-Version: 1.0
+Class-Path: 
+
diff --git a/uma-server/src/test/java/org/mitre/uma/service/impl/TestDefaultPermissionService.java b/uma-server/src/test/java/org/mitre/uma/service/impl/TestDefaultPermissionService.java
new file mode 100644
index 000000000..0a2063cb3
--- /dev/null
+++ b/uma-server/src/test/java/org/mitre/uma/service/impl/TestDefaultPermissionService.java
@@ -0,0 +1,173 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.service.impl;
+
+import static org.mockito.Matchers.anySetOf;
+
+import java.util.Set;
+import java.util.UUID;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mitre.oauth2.service.SystemScopeService;
+import org.mitre.uma.model.PermissionTicket;
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.uma.repository.PermissionRepository;
+import org.mockito.AdditionalAnswers;
+import org.mockito.InjectMocks;
+import org.mockito.Matchers;
+import org.mockito.Mock;
+import org.mockito.invocation.InvocationOnMock;
+import org.mockito.runners.MockitoJUnitRunner;
+import org.mockito.stubbing.Answer;
+import org.springframework.security.oauth2.common.exceptions.InsufficientScopeException;
+
+import com.google.common.collect.ImmutableSet;
+
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.not;
+
+import static org.mockito.Mockito.when;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertThat;
+
+/**
+ * @author jricher
+ *
+ */
+@RunWith(MockitoJUnitRunner.class)
+public class TestDefaultPermissionService {
+
+	@Mock
+	private PermissionRepository permissionRepository;
+
+	@Mock
+	private SystemScopeService scopeService;
+
+	@InjectMocks
+	private DefaultPermissionService permissionService;
+
+	private Set<String> scopes1 = ImmutableSet.of("foo", "bar", "baz");
+	private Set<String> scopes2 = ImmutableSet.of("alpha", "beta", "betest");
+
+	private ResourceSet rs1;
+	private ResourceSet rs2;
+
+	private String rs1Name = "resource set 1";
+	private String rs1Owner = "resource set owner 1";
+	private Long rs1Id = 1L;
+
+	private String rs2Name = "resource set 2";
+	private String rs2Owner = "resource set owner 2";
+	private Long rs2Id = 2L;
+
+
+	@Before
+	public void prepare() {
+		rs1 = new ResourceSet();
+		rs1.setName(rs1Name);
+		rs1.setOwner(rs1Owner);
+		rs1.setId(rs1Id );
+		rs1.setScopes(scopes1);
+
+		rs2 = new ResourceSet();
+		rs2.setName(rs2Name);
+		rs2.setOwner(rs2Owner);
+		rs2.setId(rs2Id);
+		rs2.setScopes(scopes2);
+
+		// have the repository just pass the argument through
+		when(permissionRepository.save(Matchers.any(PermissionTicket.class))).then(AdditionalAnswers.returnsFirstArg());
+
+		when(scopeService.scopesMatch(anySetOf(String.class), anySetOf(String.class))).then(new Answer<Boolean>() {
+
+			@Override
+			public Boolean answer(InvocationOnMock invocation) throws Throwable {
+				Object[] arguments = invocation.getArguments();
+				@SuppressWarnings("unchecked")
+				Set<String> expected = (Set<String>) arguments[0];
+				@SuppressWarnings("unchecked")
+				Set<String> actual = (Set<String>) arguments[1];
+
+				return expected.containsAll(actual);
+			}
+		});
+
+	}
+
+
+	/**
+	 * Test method for {@link org.mitre.uma.service.impl.DefaultPermissionService#createTicket(org.mitre.uma.model.ResourceSet, java.util.Set)}.
+	 */
+	@Test
+	public void testCreate_ticket() {
+
+		PermissionTicket perm = permissionService.createTicket(rs1, scopes1);
+
+		// we want there to be a non-null ticket
+		assertNotNull(perm.getTicket());
+	}
+
+	@Test
+	public void testCreate_uuid() {
+		PermissionTicket perm = permissionService.createTicket(rs1, scopes1);
+
+		// we expect this to be a UUID
+		UUID uuid = UUID.fromString(perm.getTicket());
+
+		assertNotNull(uuid);
+
+	}
+
+	@Test
+	public void testCreate_differentTicketsSameClient() {
+
+		PermissionTicket perm1 = permissionService.createTicket(rs1, scopes1);
+		PermissionTicket perm2 = permissionService.createTicket(rs1, scopes1);
+
+		assertNotNull(perm1.getTicket());
+		assertNotNull(perm2.getTicket());
+
+		// make sure these are different from each other
+		assertThat(perm1.getTicket(), not(equalTo(perm2.getTicket())));
+
+	}
+
+	@Test
+	public void testCreate_differentTicketsDifferentClient() {
+
+		PermissionTicket perm1 = permissionService.createTicket(rs1, scopes1);
+		PermissionTicket perm2 = permissionService.createTicket(rs2, scopes2);
+
+		assertNotNull(perm1.getTicket());
+		assertNotNull(perm2.getTicket());
+
+		// make sure these are different from each other
+		assertThat(perm1.getTicket(), not(equalTo(perm2.getTicket())));
+
+	}
+
+	@Test(expected = InsufficientScopeException.class)
+	public void testCreate_scopeMismatch() {
+		@SuppressWarnings("unused")
+		// try to get scopes outside of what we're allowed to do, this should throw an exception
+		PermissionTicket perm = permissionService.createTicket(rs1, scopes2);
+	}
+
+}
diff --git a/uma-server/src/test/java/org/mitre/uma/service/impl/TestDefaultResourceSetService.java b/uma-server/src/test/java/org/mitre/uma/service/impl/TestDefaultResourceSetService.java
new file mode 100644
index 000000000..52ca091be
--- /dev/null
+++ b/uma-server/src/test/java/org/mitre/uma/service/impl/TestDefaultResourceSetService.java
@@ -0,0 +1,101 @@
+/*******************************************************************************
+ * Copyright 2018 The MIT Internet Trust Consortium
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *******************************************************************************/
+
+package org.mitre.uma.service.impl;
+
+import static org.mockito.Matchers.any;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mitre.uma.model.ResourceSet;
+import org.mitre.uma.repository.ResourceSetRepository;
+import org.mockito.AdditionalAnswers;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.runners.MockitoJUnitRunner;
+
+import static org.mockito.Mockito.when;
+
+/**
+ * @author jricher
+ *
+ */
+@RunWith(MockitoJUnitRunner.class)
+public class TestDefaultResourceSetService {
+
+	@Mock
+	private ResourceSetRepository repository;
+
+	@InjectMocks
+	private DefaultResourceSetService resourceSetService;
+
+	/**
+	 * @throws java.lang.Exception
+	 */
+	@Before
+	public void setUp() throws Exception {
+
+		when(repository.save(any(ResourceSet.class))).then(AdditionalAnswers.returnsFirstArg());
+
+	}
+
+	/**
+	 * Test method for {@link org.mitre.uma.service.impl.DefaultResourceSetService#saveNew(org.mitre.uma.model.ResourceSet)}.
+	 */
+	@Test(expected = IllegalArgumentException.class)
+	public void testSaveNew_hasId() {
+
+		ResourceSet rs = new ResourceSet();
+		rs.setId(1L);
+
+		resourceSetService.saveNew(rs);
+
+	}
+
+	@Test(expected = IllegalArgumentException.class)
+	public void testUpdate_nullId() {
+		ResourceSet rs = new ResourceSet();
+		rs.setId(1L);
+
+		ResourceSet rs2 = new ResourceSet();
+
+		resourceSetService.update(rs, rs2);
+	}
+
+	@Test(expected = IllegalArgumentException.class)
+	public void testUpdate_nullId2() {
+		ResourceSet rs = new ResourceSet();
+
+		ResourceSet rs2 = new ResourceSet();
+		rs2.setId(1L);
+
+		resourceSetService.update(rs, rs2);
+	}
+
+	@Test(expected = IllegalArgumentException.class)
+	public void testUpdate_mismatchedIds() {
+		ResourceSet rs = new ResourceSet();
+		rs.setId(1L);
+
+		ResourceSet rs2 = new ResourceSet();
+		rs2.setId(2L);
+
+		resourceSetService.update(rs, rs2);
+
+	}
+
+}