fix: adding missing templates

Author: peppelinux

.gitignore

@@ -1,5 +1,3 @@
-django_op/db.sqlite3
-templates
 static/
 private/
 conf.yaml

example/django_op/oidc_provider/templates/check_session_iframe.html

@@ -0,0 +1,122 @@
+<!DOCTYPE html>
+<html>
+<head lang="en">
+    <meta charset="UTF-8">
+    <title>Session Management - OP iframe</title>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/jsSHA/2.3.1/sha256.js"
+            integrity="sha256-NyuvLfsvfCfE+ceV6/W19H+qVp3M8c9FzAgj72CW39w="
+            crossorigin="anonymous"></script>
+    <script src="https://cdn.polyfill.io/v2/polyfill.min.js?features=fetch&rum=0"></script>
+</head>
+<body>
+
+<script type="application/javascript">
+    (function () {
+        var originCheckResult;
+
+        function calculate(clientId, origin, actual, salt, cb) {
+            try {
+                if (originCheckResult.clientId !== clientId || originCheckResult.origin !== origin) {
+                    throw new Error('client_id and/or origin mismatch');
+                }
+                var opbs = getOPBrowserState(clientId);
+                var stat = 'changed';
+
+                if (opbs) {
+                    console.log('[op_iframe] opbs: ' + opbs+ ' clientId: ' + clientId + ' origin: ' + origin + ' salt: ' + salt);
+                    var shaObj = new jsSHA('SHA-256', 'TEXT');
+                    shaObj.update(clientId + ' ' + origin + ' ' + opbs + ' ' + salt);
+                    var expected = shaObj.getHash('HEX') + (salt ? ('.' + salt) : '');
+
+                    console.log('[op_iframe] actual: ' + actual + ' expected: ' + expected);
+                    if (actual === expected) {
+                        stat = 'unchanged';
+                    }
+
+                    cb(stat);
+                } else if ('hasStorageAccess' in document) {
+                    document.hasStorageAccess().then(function (hasAccess) {
+                        if (!hasAccess) {
+                            cb('error');
+                        } else {
+                            cb(stat);
+                        }
+                    }, cb.bind(undefined, 'error'));
+                } else {
+                    cb(stat);
+                }
+            } catch (err) {
+                cb('error');
+            }
+        }
+
+        function check(clientId, origin, actual, salt, cb) {
+            if (!originCheckResult) {
+                fetch(location.pathname, {
+                    method: 'POST',
+                    headers: {
+                        'Content-Type': 'application/json; charset=utf-8',
+                    },
+                    body: JSON.stringify({client_id: clientId, origin: origin}),
+                    redirect: 'error',
+                }).then(function (response) {
+                    if (response.ok) {
+                        originCheckResult = {
+                            origin: origin,
+                            clientId: clientId,
+                        };
+                        calculate(clientId, origin, actual, salt, cb);
+                    } else {
+                        throw new Error('invalid client_id and/or origin');
+                    }
+                }).catch(cb.bind(undefined, 'error'));
+            } else {
+                calculate(clientId, origin, actual, salt, cb);
+            }
+        }
+
+        function receiveMessage(e) {
+            if (typeof e.data !== 'string') {
+                return;
+            }
+            var parts = e.data.split(' ');
+            var clientId = parts[0];
+            var actual = parts[1];
+            if (parts.length !== 2 || !clientId || !actual) {
+                return;
+            }
+            var actualParts = actual.split('.');
+            var sessionStr = actualParts[0];
+            var salt = actualParts[1];
+            if (!sessionStr || actualParts.length > 2) {
+                return;
+            }
+            check(clientId, e.origin, actual, salt, function (stat) {
+                e.source.postMessage(stat, e.origin);
+            });
+        }
+
+        function getOPBrowserState(clientId) {
+            var cookie = readCookie('sman');
+            return cookie;
+        }
+
+        function readCookie(name) {
+            var nameEQ = name + '=';
+            var ca = document.cookie.split(';');
+            for (var i = 0; i < ca.length; i++) {
+                var c = ca[i];
+                while (c.charAt(0) === ' ') c = c.substring(1, c.length);
+                if (c.indexOf(nameEQ) === 0) {
+                    return c.substring(nameEQ.length, c.length);
+                }
+            }
+            return null;
+        }
+
+        window.addEventListener('message', receiveMessage, false);
+    })();
+</script>
+
+</body>
+</html>

example/django_op/oidc_provider/templates/frontchannel_logout.html

@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<head>
+  <meta charset="utf-8">
+  <title>Logout</title>
+  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+  <meta http-equiv="x-ua-compatible" content="ie=edge">
+  <style>
+    iframe{visibility:hidden;position:absolute;left:0;top:0;height:0;width:0;border:none}
+  </style>
+</head>
+<body>
+  <script>
+    var loaded = 0;
+    var iframes = {{ size }};
+    function redirect() {
+      window.location.replace("{{ postLogoutRedirectUri }}");
+    }
+    function frameOnLoad() {
+      loaded += 1;
+      if (loaded === iframes) {
+        redirect();
+      }
+    }
+    Array.prototype.slice.call(document.querySelectorAll('iframe')).forEach(function (element) {
+      element.onload = frameOnLoad;
+    });
+    setTimeout(redirect, {{ timeout }});
+  </script>
+  {{ frames|safe }}
+</body>
+</html>

example/django_op/oidc_provider/templates/logout.html

@@ -0,0 +1,87 @@
+<!DOCTYPE html>
+<head>
+    <meta charset="utf-8">
+    <title>Logout Request</title>
+    <meta name="viewport"
+          content="width=device-width, initial-scale=1, shrink-to-fit=no">
+    <meta http-equiv="x-ua-compatible" content="ie=edge">
+    <style>
+        @import url(https://fonts.googleapis.com/css?family=Roboto:400,100);
+
+        button, h1 {
+            text-align: center
+        }
+
+        h1 {
+            font-weight: 100;
+            font-size: 1.3em
+        }
+
+        body {
+            font-family: Roboto, sans-serif;
+            margin-top: 25px;
+            margin-bottom: 25px
+        }
+
+        .container {
+            padding: 0 40px 10px;
+            width: 274px;
+            background-color: #F7F7F7;
+            margin: 0 auto 10px;
+            border-radius: 2px;
+            box-shadow: 0 2px 2px rgba(0, 0, 0, .3);
+            overflow: hidden
+        }
+
+        button {
+            font-size: 14px;
+            font-family: Arial, sans-serif;
+            font-weight: 700;
+            height: 36px;
+            padding: 0 8px;
+            width: 100%;
+            display: block;
+            margin-bottom: 10px;
+            position: relative;
+            border: 0;
+            color: #fff;
+            text-shadow: 0 1px rgba(0, 0, 0, .1);
+            background-color: #4d90fe;
+            cursor: pointer
+        }
+
+        button:hover {
+            border: 0;
+            text-shadow: 0 1px rgba(0, 0, 0, .3);
+            background-color: #357ae8
+        }
+    </style>
+</head>
+<body>
+<div class="container">
+    <h1>Do you want to sign-out from {{ op }}?</h1>
+    <script>
+        function logout() {
+            var form = document.getElementById('op.logoutForm');
+            var input = document.createElement('input');
+            input.type = 'hidden';
+            input.name = 'logout';
+            input.value = 'yes';
+            form.appendChild(input);
+            form.submit();
+        }
+
+        function rpLogoutOnly() {
+            var form = document.getElementById('op.logoutForm');
+            form.submit();
+        }
+    </script>
+    <form id="op.logoutForm" method="post"
+          action={{ do_logout }}>
+        <input type="hidden" name="sjwt"
+               value="{{ sjwt }}"/></form>
+    <button onclick="logout()">Yes, sign me out</button>
+    <button onclick="rpLogoutOnly()">No, stay signed in</button>
+</div>
+</body>
+</html>

example/django_op/oidc_provider/templates/oidc_login.html

@@ -0,0 +1,39 @@
+<!doctype html>
+
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <title>Please login</title>
+</head>
+
+<body>
+<h1>{{ page_header }}</h1>
+
+<form action="{{ action }}" method="post">
+    <input type="hidden" name="token" value="{{ token }}">
+
+    <p>
+        <label for="username">{{ user_label }}</label>
+        <input type="text" id="username" name="username" autofocus
+               required>
+    </p>
+
+    <p>
+        <label for="password">{{ passwd_label }}</label>
+        <input type="password" id="password" name="password" required>
+    </p>
+
+    <p>
+        <img src="{{ logo_uri }}" alt="{{ logo_label }}">
+    </p>
+    <p>
+        <a href="{{ tos_uri }}">{{ tos_label }}</a>
+    </p>
+    <p>
+        <a href="{{ policy_uri }}">{{ policy_label }}</a>
+    </p>
+
+    <input type="submit" value="{{ submit_btn }}">
+</form>
+</body>
+</html>

example/django_op/oidc_provider/templates/post_logout.html

@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Post Logout</title>
+</head>
+<body>
+    <h1>You have now been logged out from this server!</h1>
+</body>
+</html>

example/django_op/oidc_provider/templates/user_pass.jinja2

@@ -0,0 +1,39 @@
+<!doctype html>
+
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <title>Please login</title>
+</head>
+
+<body>
+<h1>{{ page_header }}</h1>
+
+<form action="{{ action }}" method="post">
+    <input type="hidden" name="token" value="{{ token }}">
+
+    <p>
+        <label for="username">{{ user_label }}</label>
+        <input type="text" id="username" name="username" autofocus
+               required>
+    </p>
+
+    <p>
+        <label for="password">{{ passwd_label }}</label>
+        <input type="password" id="password" name="password" required>
+    </p>
+
+    <p>
+        <img src="{{ logo_uri }}" alt="{{ logo_label }}">
+    </p>
+    <p>
+        <a href="{{ tos_uri }}">{{ tos_label }}</a>
+    </p>
+    <p>
+        <a href="{{ policy_uri }}">{{ policy_label }}</a>
+    </p>
+
+    <input type="submit" value="{{ submit_btn }}">
+</form>
+</body>
+</html>