Mercurial > prosody-modules
view mod_http_oauth2/html/consent.html @ 5716:426c42c11f89
mod_http_oauth2: Make defaults more secure
This should be fine since we don't have a lot of clients to be
backwards-compatible with.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Tue, 14 Nov 2023 23:19:19 +0100 |
parents | 401356232e1b |
children | 111eeffb6adf |
line wrap: on
line source
<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1" /> <title>{site_name} - Authorize {client.client_name}</title> <link rel="stylesheet" href="style.css" /> </head> <body> {state.error& <dialog open="" class="error"> <p>{state.error}</p> <form method="dialog"><button>dismiss</button></form> </dialog>} <header> <h1>{site_name}</h1> </header> <main> <fieldset> <legend>Authorize new application</legend> <p>A new application wants to connect to your account.</p> <form method="post"> <dl> <dt>Name</dt> <dd>{client.client_name}</dd> <dt>Website</dt> <dd><a href="{client.client_uri}">{client.client_uri}</a></dd> {client.tos_uri& <dt>Terms of Service</dt> <dd><a href="{client.tos_uri}">View terms</a></dd>} {client.policy_uri& <dt>Policy</dt> <dd><a href="{client.policy_uri}">View policy</a></dd>} <dt>Requested permissions</dt> <dd>{scopes# <input class="scope" type="checkbox" id="scope_{idx}" name="scope" value="{item}" checked="" /><label class="scope" for="scope_{idx}">{item}</label>} </dd> </dl> <p>To allow <em>{client.client_name}</em> to access your account <em>{state.user.username}@{state.user.host}</em> and associated data, select 'Allow'. Otherwise, select 'Deny'. </p> <input type="hidden" name="user_token" value="{state.user.token}"> <button type="submit" name="consent" value="denied">Deny</button> <button type="submit" name="consent" value="granted">Allow</button> </form> </fieldset> </main> </body> </html>