github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenID-Connect-Java-Spring-.../openid-connect-server/src/main/webapp/resources/template/client.html

590 lines
32 KiB
HTML
Raw Blame History

<!-- client -->
<script type="text/html" id="tmpl-client">
<td>
<% if (dynamicallyRegistered) { %>
<span class="dynamically-registered"><i class="icon-globe"></i></span>
<% } %>
</td>
<td>
<%=clientId%>
</td>
<td>
<%=clientName%>
<% if (clientDescription) { %>
<blockquote><small><%=clientDescription%></small></blockquote>
<% } %>
<div class="scope-list"></div>
<!--expandable future information-->
</td>
<td>
<button class="btn btn-edit"><i class="icon-edit"></i> Edit</button> &nbsp;
<button class="btn btn-warning btn-whitelist">Whitelist</button> &nbsp;
<button class="btn btn-danger btn-delete pull-right"><i class="icon-trash icon-white"></i> Delete</button>
</td>
</script>
<script type="text/html" id="tmpl-client-table">
<div class="well well-small">
<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> Refresh</button> &nbsp;
<button class="btn btn-small btn-primary new-client"><i class="icon-plus icon-white"></i> New Client</button>
</div>
<div id="client-table-empty" class="alert alert-info">
There are no registered clients on this server.
</div>
<table id="client-table" class="table table-hover table-striped">
<thead>
<tr>
<th></th>
<th>ID</th>
<th>Name</th>
<th></th>
</tr>
</thead>
<tbody>
</tbody>
</table>
<div class="well well-small">
<button class="btn btn-small refresh-table"><i class="icon-refresh"></i> Refresh</button> &nbsp;
<button class="btn btn-small btn-primary new-client"><i class="icon-plus icon-white"></i> New Client</button>
</div>
</script>
<script type="text/html" id="tmpl-client-form">
<h1><%=(id == null ? 'New' : 'Edit')%> Client</h1>
<form class="form-horizontal tabbable">
<fieldset>
<div class="well well-small">
<button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> Save</button> &nbsp;
<button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> Cancel</button>
</div>
<ul class="nav nav-tabs">
<li class="active"><a data-target="#client-main-tab" data-toggle="tab" href="#">Main</a></li>
<li><a data-target="#client-access-tab" data-toggle="tab" href="#">Access</a></li>
<li><a data-target="#client-secret-tab" data-toggle="tab" href="#">Credentials</a></li>
<li><a data-target="#client-token-tab" data-toggle="tab" href="#">Tokens</a></li>
<li><a data-target="#client-other-tab" data-toggle="tab" href="#">Other</a></li>
</ul>
<div class="tab-content">
<div class="tab-pane active" id="client-main-tab">
<div class="control-group" id="clientName">
<label class="control-label">Client name</label>
<div class="controls">
<input value="<%=clientName%>" maxlength="100" type="text" class="" placeholder="Type something">
<p class="help-block">Human-readable application name</p>
</div>
</div>
<div class="control-group" id="clientId">
<label class="control-label">Client ID</label>
<div class="controls">
<input value="<%=clientId%>" maxlength="100" type="text" class="" placeholder="Type something">
<p class="help-block">Unique identifier. If you leave this blank it will be automatically generated.</p>
</div>
</div>
<div class="control-group" id="redirectUris">
<label class="control-label">Redirect URI(s)</label>
<div class="controls">
</div>
</div>
<div class="control-group" id="clientDescription">
<label class="control-label">Description</label>
<div class="controls">
<textarea class="input-xlarge" placeholder="Type a description" maxlength="200"
rows="3"><%=clientDescription%></textarea>
<p class="help-block">Human-readable text description</p>
</div>
</div>
<div class="control-group" id="logoUri">
<label class="control-label">Logo</label>
<div class="controls">
<input placeholder="http://" value="<%=logoUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL that points to a logo image, will be displayed on approval page</p>
</div>
</div>
<div class="control-group" id="logoBlock">
<div class="controls">
<!-- TODO: this should be an internally-served placeholder graphic -->
<img src="http://placehold.it/275x200&text=Enter a logo URL" alt="logo" id="logoPreview" width="275px" class="thumbnail" />
</div>
</div>
<div class="control-group" id="tosUri">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Terms of Service</label>
<div class="controls">
<input placeholder="http://" value="<%=tosUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the Terms of Service of this client, will be displayed to the user</p>
</div>
</div>
<div class="control-group" id="policyUri">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Policy</label>
<div class="controls">
<input placeholder="http://" value="<%=policyUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the Policy Statement of this client, will be displayed to the user</p>
</div>
</div>
<div class="control-group" id="clientUri">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Home Page</label>
<div class="controls">
<input placeholder="http://" value="<%=clientUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the client's home page, will be displayed to the user</p>
</div>
</div>
<div class="control-group" id="applicationType">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Application Type</label>
<div class="controls">
<label class="radio inline">
<input type="radio" name="applicationType" value="NATIVE" <%=(applicationType == 'NATIVE' ? 'checked' : '')%>> Native
</label>
<label class="radio inline">
<input type="radio" name="applicationType" value="WEB" <%=(applicationType == 'WEB' ? 'checked' : '')%>> Web
</label>
</div>
</div>
<div class="control-group" id="contacts">
<label class="control-label">Contacts</label>
<div class="controls">
</div>
</div>
</div>
<div class="tab-pane" id="client-access-tab">
<div class="control-group" id="scope">
<label class="control-label">Scope</label>
<div class="controls">
</div>
</div>
<div class="control-group" id="grantTypes">
<label class="control-label">Grant Types</label>
<div class="controls">
<label class="checkbox">
<input id="grantTypes-authorization_code" type="checkbox"
<%=($.inArray("authorization_code", grantTypes) > -1 ? 'checked' : '')%>>
authorization code
</label>
<label class="checkbox">
<input id="grantTypes-client_credentials" type="checkbox"
<%=($.inArray("client_credentials", grantTypes) > -1 ? 'checked' : '')%>> client credentials
</label>
<label class="checkbox">
<input id="grantTypes-password" type="checkbox" <%=($.inArray("password", grantTypes) > -1 ? 'checked' : '')%>> password
</label>
<label class="checkbox">
<input id="grantTypes-implicit" type="checkbox" <%=($.inArray("implicit", grantTypes) > -1 ? 'checked' : '')%>> implicit
</label>
<!--
<label class="checkbox">
<input id="grantTypes-refresh_token" type="checkbox" <%=($.inArray("refresh_token", grantTypes) > -1 ? 'checked' : '')%>> refresh
</label>
-->
<label class="checkbox">
<input id="grantTypes-redelegate" type="checkbox" <%=($.inArray("urn:ietf:params:oauth:grant_type:redelegate", grantTypes) > -1 ? 'checked' : '')%>> redelegate
</label>
</div>
</div>
<div class="control-group" id="responseTypes">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Response Types</label>
<div class="controls">
<label class="checkbox">
<input id="responseTypes-code" type="checkbox" <%=($.inArray("code", responseTypes) > -1 ? 'checked' : '')%>> code
</label>
<label class="checkbox">
<input id="responseTypes-token" type="checkbox" <%=($.inArray("token", responseTypes) > -1 ? 'checked' : '')%>> token
</label>
<label class="checkbox">
<input id="responseTypes-idtoken" type="checkbox" <%=($.inArray("id_token", responseTypes) > -1 ? 'checked' : '')%>> id_token
</label>
<label class="checkbox">
<input id="responseTypes-token-idtoken" type="checkbox" <%=($.inArray("token id_token", responseTypes) > -1 ? 'checked' : '')%>> token id_token
</label>
<label class="checkbox">
<input id="responseTypes-code-idtoken" type="checkbox" <%=($.inArray("code id_token", responseTypes) > -1 ? 'checked' : '')%>> code id_token
</label>
<label class="checkbox">
<input id="responseTypes-code-token" type="checkbox" <%=($.inArray("code token", responseTypes) > -1 ? 'checked' : '')%>> code token
</label>
<label class="checkbox">
<input id="responseTypes-code-token-idtoken" type="checkbox" <%=($.inArray("code token id_token", responseTypes) > -1 ? 'checked' : '')%>> code token id_token
</label>
</div>
</div>
<div class="control-group" id="allowIntrospection">
<label class="control-label">Introspection</label>
<div class="controls">
<label class="checkbox">
<input type="checkbox" <%=(allowIntrospection == true ? 'checked' : '')%>> Allow calls to the Introspection Endpoint?
</label>
</div>
</div>
</div>
<div class="tab-pane" id="client-secret-tab">
<div class="control-group" id="tokenEndpointAuthMethod">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Token Endpoint Authentication Method</label>
<div class="controls">
<label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="SECRET_BASIC" <%=(tokenEndpointAuthMethod == 'SECRET_BASIC' ? 'checked' : '')%>> Client Secret over HTTP Basic
</label>
<label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="SECRET_POST" <%=(tokenEndpointAuthMethod == 'SECRET_POST' ? 'checked' : '')%>> Client Secret over HTTP POST
</label>
<label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="SECRET_JWT" <%=(tokenEndpointAuthMethod == 'SECRET_JWT' ? 'checked' : '')%>> Client Secret via symmetrically-signed JWT assertion
</label>
<label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="PRIVATE_KEY_JWT" <%=(tokenEndpointAuthMethod == 'PRIVATE_KEY_JWT' ? 'checked' : '')%>> Asymmetrically-signed JWT assertion
</label>
<label class="radio">
<input type="radio" name="tokenEndpointAuthMethod" value="NONE" <%=(tokenEndpointAuthMethod == 'NONE' ? 'checked' : '')%>> No authentication
</label>
</div>
</div>
<div class="control-group" id="requireClientSecret">
<label class="control-label">Client Secret</label>
<div class="controls">
<label class="checkbox">
<input type="checkbox" <%=(requireClientSecret == true ? 'checked' : '')%>> Require client secret?
</label>
</div>
</div>
<div id="clientSecretPanel">
<div class="control-group" id="generateClientSecret">
<div class="controls">
<label class="checkbox">
<input type="checkbox" <%=(generateClientSecret == true ? 'checked' : '')%>> Generate a new client secret?
</label>
<p class="help-block">New secret will be generated when you click 'Save'</p>
</div>
</div>
<div class="control-group" id="displayClientSecret">
<div class="controls">
<label class="checkbox">
<input type="checkbox" <%=(displayClientSecret == true ? 'checked' : '')%>> Display/edit client secret:
</label>
</div>
</div>
<div class="control-group">
<div class="controls">
<div id="clientSecret" class="span3">
<input value="<%=clientSecret%>" maxlength="100" type="text" placeholder="Type a secret">
</div>
<div id="clientSecretGenerated" class="span3">
<span class="uneditable-input">Generate on Save</span>
</div>
<div id="clientSecretHidden" class="span3">
<span class="uneditable-input span3">* * * * * * * * * * * *</span>
</div>
</div>
</div>
</div>
<div class="control-group" id="jwksUri">
<label class="control-label">JWK Set</label>
<div class="controls">
<input placeholder="http://" value="<%=jwksUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL for the client's JSON Web Key set</p>
</div>
</div>
</div>
<div class="tab-pane" id="client-token-tab">
<div class="control-group" id="accessTokenValiditySeconds">
<label class="control-label">Access Token Timeout</label>
<div class="controls">
<div>
<label class="checkbox">
<input type="checkbox" id="disableAccessTokenTimeout" <%=(accessTokenValiditySeconds == null ? 'checked' : '')%>/> Access tokens do not time out
</label>
</div>
<div class="input-append">
<input type="text" class="" value="<%=(accessTokenValiditySeconds == null ? '' : accessTokenValiditySeconds)%>" id="access-token-timeout-seconds" size="16"><span class="add-on">seconds</span>
</div>
<p class="help-block">Enter this time in seconds.</p>
</div>
</div>
<div class="control-group" id="idTokenValiditySeconds">
<label class="control-label">ID Token Timeout</label>
<div class="controls">
<div>
<label class="checkbox">
<input type="checkbox" id="disableIDTokenTimeout" <%=(idTokenValiditySeconds == null ? 'checked' : '')%>/> ID Tokens do not time out
</label>
</div>
<div class="input-append">
<input type="text" class="" value="<%=(idTokenValiditySeconds == null ? '' : idTokenValiditySeconds)%>" id="id-token-timeout-seconds" size="16"><span
class="add-on">seconds</span>
</div>
<p class="help-block">Enter this time in seconds.</p>
</div>
</div>
<div class="control-group">
<label class="control-label">Refresh Tokens</label>
<div class="controls">
<label class="checkbox">
<input type="checkbox" id="allowRefresh" <%=(allowRefresh == true ? 'checked' : '')%>> Refresh tokens are issued for this client
<input type="checkbox" id="reuseRefreshToken" <%=(reuseRefreshToken == true ? 'checked' : '')%>> Refresh tokens for this client are re-used
</label>
</div>
</div>
<div class="control-group" id="refreshTokenValiditySeconds">
<div class="controls">
<div>
<label class="checkbox">
<input type="checkbox" id="disableRefreshTokenTimeout" <%=(refreshTokenValiditySeconds == null ? 'checked' : '')%>/> Refresh tokens do not time out
</label>
</div>
<div class="input-append">
<input type="text" class="" value="<%=(refreshTokenValiditySeconds == null ? '' : refreshTokenValiditySeconds)%>" id="refresh-token-timeout-seconds" size="16"><span class="add-on">seconds</span>
</div>
<p class="help-block">Enter this time in seconds.</p>
</div>
</div>
</div>
<div class="tab-pane" id="client-other-tab">
<div class="control-group" id="subjectType">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Subject Type</label>
<div class="controls">
<label class="radio inline">
<input type="radio" name="subjectType" value="PUBLIC" <%=(subjectType == 'PUBLIC' ? 'checked' : '')%>> Public
</label>
<label class="radio inline">
<input type="radio" name="subjectType" value="PAIRWISE" <%=(subjectType == 'PAIRWISE' ? 'checked' : '')%>> Pairwise
</label>
</div>
</div>
<div class="control-group" id="initiateLoginUri">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Initiate Login</label>
<div class="controls">
<input placeholder="http://" value="<%=initiateLoginUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL to initiate login on the client</p>
</div>
</div>
<div class="control-group" id="postLogoutRedirectUri">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Post-Logout Redirect</label>
<div class="controls">
<input placeholder="http://" value="<%=postLogoutRedirectUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">URL to redirect the client to after a logout operation</p>
</div>
</div>
<div class="control-group" id="requireAuthTime">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Require Auth Time</label>
<div class="controls">
<label class="checkbox">
<input type="checkbox" <%=(requireAuthTime == true ? 'checked' : '')%>> Always require that the auth_time claim be sent in the id token
</label>
</div>
</div>
<div class="control-group" id="defaultMaxAge">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Default Max Age</label>
<div class="controls">
<input placeholder="" value="<%=defaultMaxAge%>" maxlength="1000" type="text" class=""/>
<p class="help-block">Default maximum session age before re-prompting</p>
</div>
</div>
<div class="control-group" id="requestUris">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Request URIs</label>
<div class="controls">
</div>
</div>
<div class="control-group" id="defaultAcrValues">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Default ACR Values</label>
<div class="controls">
</div>
</div>
<div class="control-group" id="requestObjectSigningAlg">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Request Object Signing Algorithm</label>
<div class="controls">
<select>
<!-- TODO: this should be filled out by the server, perhaps? -->
<option value="none" <%=requestObjectSigningAlg == "none" ? 'selected' : ''%>>No digital signature</option>
<option value="HS256" <%=requestObjectSigningAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
<option value="HS384" <%=requestObjectSigningAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
<option value="HS512" <%=requestObjectSigningAlg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
<option value="RS256" <%=requestObjectSigningAlg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
<option value="RS384" <%=requestObjectSigningAlg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
<option value="RS512" <%=requestObjectSigningAlg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
<option value="ES256" <%=requestObjectSigningAlg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
<option value="ES384" <%=requestObjectSigningAlg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
<option value="ES512" <%=requestObjectSigningAlg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
</select>
</div>
</div>
<div class="control-group" id="userInfoSignedResponseAlg">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> User Info Endpoint Signing Algorithm</label>
<div class="controls">
<select>
<!-- TODO: this should be filled out by the server, perhaps? -->
<option value="none" <%=userInfoSignedResponseAlg == "none" ? 'selected' : ''%>>No digital signature</option>
<option value="HS256" <%=userInfoSignedResponseAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
<option value="HS384" <%=userInfoSignedResponseAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
<option value="HS512" <%=userInfoSignedResponseAlg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
<option value="RS256" <%=userInfoSignedResponseAlg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
<option value="RS384" <%=userInfoSignedResponseAlg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
<option value="RS512" <%=userInfoSignedResponseAlg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
<option value="ES256" <%=userInfoSignedResponseAlg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
<option value="ES384" <%=userInfoSignedResponseAlg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
<option value="ES512" <%=userInfoSignedResponseAlg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
</select>
</div>
</div>
<div class="control-group" id="userInfoEncryptedResponseAlg">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> User Info Endpoint Encryption Algorithm</label>
<div class="controls">
<select>
<!-- TODO: this should be filled out by the server, perhaps? -->
<option value="RSA1_5" <%=userInfoEncryptedResponseAlg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option>
<option value="RSA-OAEP" <%=userInfoEncryptedResponseAlg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
<option value="A128KW" <%=userInfoEncryptedResponseAlg == "A128KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 128 bit keys </option>
<option value="A256KW" <%=userInfoEncryptedResponseAlg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option>
<option value="dir" <%=userInfoEncryptedResponseAlg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
<option value="ECDH-ES" <%=userInfoEncryptedResponseAlg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
<option value="ECDH-ES+A128KW" <%=userInfoEncryptedResponseAlg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
<option value="ECDH-ES+A256KW" <%=userInfoEncryptedResponseAlg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
</select>
</div>
</div>
<div class="control-group" id="userInfoEncryptedResponseEnc">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> User Info Endpoint Encryption Method</label>
<div class="controls">
<select>
<!-- TODO: this should be filled out by the server, perhaps? -->
<option value="A128CBC+HS256" <%=userInfoEncryptedResponseEnc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
<option value="A256CBC+HS512" <%=userInfoEncryptedResponseEnc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
<option value="A128GCM" <%=userInfoEncryptedResponseEnc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option>
<option value="A256GCM" <%=userInfoEncryptedResponseEnc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option>
</select>
</div>
</div>
<div class="control-group" id="idTokenSignedResponseAlg">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> ID Token Signing Algorithm</label>
<div class="controls">
<select>
<!-- TODO: this should be filled out by the server, perhaps? -->
<option value="none" <%=idTokenSignedResponseAlg == "none" ? 'selected' : ''%>>No digital signature</option>
<option value="HS256" <%=idTokenSignedResponseAlg == "HS256" ? 'selected' : ''%>>HMAC using SHA-256 hash algorithm</option>
<option value="HS384" <%=idTokenSignedResponseAlg == "HS384" ? 'selected' : ''%>>HMAC using SHA-384 hash algorithm</option>
<option value="HS512" <%=idTokenSignedResponseAlg == "HS512" ? 'selected' : ''%>>HMAC using SHA-512 hash algorithm</option>
<option value="RS256" <%=idTokenSignedResponseAlg == "RS256" ? 'selected' : ''%>>RSASSA using SHA-256 hash algorithm</option>
<option value="RS384" <%=idTokenSignedResponseAlg == "RS384" ? 'selected' : ''%>>RSASSA using SHA-384 hash algorithm</option>
<option value="RS512" <%=idTokenSignedResponseAlg == "RS512" ? 'selected' : ''%>>RSASSA using SHA-512 hash algorithm</option>
<option value="ES256" <%=idTokenSignedResponseAlg == "ES256" ? 'selected' : ''%>>ECDSA using P-256 curve and SHA-256 hash algorithm</option>
<option value="ES384" <%=idTokenSignedResponseAlg == "ES384" ? 'selected' : ''%>>ECDSA using P-384 curve and SHA-384 hash algorithm</option>
<option value="ES512" <%=idTokenSignedResponseAlg == "ES512" ? 'selected' : ''%>>ECDSA using P-512 curve and SHA-512 hash algorithm</option>
</select>
</div>
</div>
<div class="control-group" id="idTokenEncryptedResponseAlg">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> ID Token Encryption Algorithm</label>
<div class="controls">
<select>
<!-- TODO: this should be filled out by the server, perhaps? -->
<option value="RSA1_5" <%=idTokenEncryptedResponseAlg == "RSA1_5" ? 'selected' : ''%>>RSAES-PKCS1-V1_5</option>
<option value="RSA-OAEP" <%=idTokenEncryptedResponseAlg == "RSA-OAEP" ? 'selected' : ''%>>RSAES using Optimal Asymmetric Encryption Padding (OAEP)</option>
<option value="A128KW" <%=idTokenEncryptedResponseAlg == "A128KW" ? 'selected' : ''%>>Advanced Encryption Standard (AES) Key Wrap Algorithm using 128 bit keys </option>
<option value="A256KW" <%=idTokenEncryptedResponseAlg == "A256KW" ? 'selected' : ''%>>AES Key Wrap Algorithm using 256 bit keys</option>
<option value="dir" <%=idTokenEncryptedResponseAlg == "dir" ? 'selected' : ''%>>Direct use of a shared symmetric key as the Content Master Key (CMK) for the block encryption step</option>
<option value="ECDH-ES" <%=idTokenEncryptedResponseAlg == "ECDH-ES" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement using the Concat KDF, with the agreed-upon key being used directly as the Content Master Key (CMK)</option>
<option value="ECDH-ES+A128KW" <%=idTokenEncryptedResponseAlg == "ECDH-ES+A128KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A128KW function</option>
<option value="ECDH-ES+A256KW" <%=idTokenEncryptedResponseAlg == "ECDH-ES+A256KW" ? 'selected' : ''%>>Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per ECDH-ES and Section 4.7, but where the agreed-upon key is used to wrap the Content Master Key (CMK) with the A256KW function</option>
</select>
</div>
</div>
<div class="control-group" id="idTokenEncryptedResponseEnc">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> ID Token Encryption Method</label>
<div class="controls">
<select>
<!-- TODO: this should be filled out by the server, perhaps? -->
<option value="A128CBC+HS256" <%=idTokenEncryptedResponseEnc == "A128CBC+HS256" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in Cipher Block Chaining (CBC) mode with PKCS #5 padding with an integrity calculation using HMAC SHA-256, using a 256 bit CMK (and 128 bit CEK)</option>
<option value="A256CBC+HS512" <%=idTokenEncryptedResponseEnc == "A256CBC+HS512" ? 'selected' : ''%>>Composite Authenticated Encryption algorithm using AES in CBC mode with PKCS #5 padding with an integrity calculation using HMAC SHA-512, using a 512 bit CMK (and 256 bit CEK)</option>
<option value="A128GCM" <%=idTokenEncryptedResponseEnc == "A128GCM" ? 'selected' : ''%>>AES GCM using 128 bit keys</option>
<option value="A256GCM" <%=idTokenEncryptedResponseEnc == "A256GCM" ? 'selected' : ''%>>AES GCM using 256 bit keys</option>
</select>
</div>
</div>
<div class="control-group" id="sectorIdentifierUri">
<label class="control-label"><span class="label label-default nyi"><i class="icon-road icon-white"></i> NYI </span> Sector Identifier URI</label>
<div class="controls">
<input placeholder="http://" value="<%=sectorIdentifierUri%>" maxlength="1000" type="text" class=""/>
<p class="help-block">Sector Identifier for JavaScript</p>
</div>
</div>
</div>
<div class="well well-small">
<button class="btn btn-small btn-save btn-success"><i class="icon-ok-circle icon-white"></i> Save</button> &nbsp;
<button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> Cancel</button>
</div>
</fieldset>
</form>
</script>
Reference in New Issue View Git Blame Copy Permalink