view mod_http_oauth2/html/consent.html @ 5386:6f13200c9fc1

mod_http_oauth2: Advertise required registration of redirect URIs Specified in OpenID Connect Discovery 1.0 Seems important to be aware of when registering a client.
author Kim Alvefur <zash@zash.se>
date Sat, 29 Apr 2023 13:26:33 +0200
parents 3a1df3adad0c
children f2c7bb3af600
line wrap: on
line source

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>{site_name} - Authorize {client.client_name}</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
	<main>
	{state.error&<div class="error">
		<p>{state.error}</p>
	</div>}

	<h1>{site_name}</h1>
	<fieldset>
	<legend>Authorize new application</legend>
	<p>A new application wants to connect to your account.</p>
	<dl>
		<dt>Name</dt>
		<dd>{client.client_name}</dd>
		<dt>Website</dt>
		<dd><a href="{client.client_uri}">{client.client_uri}</a></dd>

		{client.tos_uri&
		<dt>Terms of Service</dt>
		<dd><a href="{client.tos_uri}">View terms</a></dd>}

		{client.policy_uri&
		<dt>Policy</dt>
		<dd><a href="{client.policy_uri}">View policy</a></dd>}
	</dl>

	<p>To allow <em>{client.client_name}</em> to access your account
	   <em>{state.user.username}@{state.user.host}</em> and associated data,
	   select 'Allow'. Otherwise, select 'Deny'.
	</p>

	<form method="post">
		<details><summary>Requested permissions</summary>{scopes#
			<input class="scope" type="checkbox" id="scope_{idx}" name="scope" value="{item}" checked><label class="scope" for="scope_{idx}">{item}</label>}
		</details>
		<input type="hidden" name="user_token" value="{state.user.token}">
		<button type="submit" name="consent" value="denied">Deny</button>
		<button type="submit" name="consent" value="granted">Allow</button>
	</form>
	</fieldset>
	</main>
</body>
</html>