letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
01ba7abc2a7de4113e889fe3bcceed4e9e8bc4e2
letro-authentication-service/templates/pages/consent.html
Quentin Gliech 99e05b4a4f Fix the authorization grant template 
It previously relied on the client being in the authorization grant,
which is not the case anymore. This commit also adds a test to ensure
we're not breaking this template in the future.
2023-01-31 16:50:48 +01:00

92 lines
4.0 KiB
HTML
Raw Blame History

{#
Copyright 2022 The Matrix.org Foundation C.I.C.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
#}
{% extends "base.html" %}
{% block content %}
<section class="flex items-center justify-center flex-1">
<div class="w-96 m-2">
<form method="POST" class="grid grid-cols-1 gap-6">
<div class="rounded-lg bg-grey-25 dark:bg-grey-450 p-2 flex flex-col">
<div class="text-center">
<div class="bg-white rounded w-16 h-16 overflow-hidden mx-auto">
{% if client.logo_uri %}
<img class="w-16 h-16" src="{{ client.logo_uri }}" />
{% endif %}
</div>
<h1 class="text-lg text-center font-medium"><a target="_blank" href="{{ client.client_uri }}" class="text-accent">{{ client.client_name | default(value=client.client_id) }}</a></h1>
<h1>at {{ grant.redirect_uri }}</h1>
<h1>wants to access your Matrix account</h1>
</div>
<div class="flex items-center m-2">
<div class="px-4 flex-1">
<p>This will allow <a target="_blank" href="{{ client.client_uri }}" class="text-accent">{{ client.client_name | default(value=client.client_id) }}</a> to:</p>
<p class="my-2">
<ul class="list-disc">
{% for scope in grant.scope | split(pat=" ") %}
{% if scope == "openid" %}
<li>See your profile info and contact details</li>
{% elif scope is matching("^urn:matrix:org.matrix.msc2967.client:device:") %}
<li>View your existing messages and data</li>
<li>Send new messages on your behalf</li>
{% else %}
<li>{{ scope }}</li>
{% endif %}
{% endfor %}
</ul>
</p>
<p class="font-bold my-2">Make sure that you trust {{ client.client_name }}</p>
<p>
You may be sharing sensitive information with this site or app.
{% if client.policy_uri or client.tos_uri %}
Find out how {{ client.client_name }} will handle your data by reviewing it's
{% if client.policy_uri %}
<a target="_blank" href="{{ client.policy_uri }}" class="text-accent">privacy policy</a>{% if not client.tos_uri %}.{% endif %}
{% endif %}
{% if client.policy_uri and client.tos_uri%}
and
{% endif %}
{% if client.tos_uri %}
<a target="_blank" href="{{ client.tos_uri }}" class="text-accent">terms of service</a>.
{% endif %}
{% endif %}
</p>
</div>
</div>
</div>
<input type="hidden" name="csrf" value="{{ csrf_token }}" />
<div class="grid grid-cols-2 gap-4">
{{ back_to_client::link(
text="Cancel",
class=button::outline_error_class(),
uri=grant.redirect_uri,
mode=grant.response_mode,
params=dict(error="access_denied", state=grant.state)
) }}
{{ button::button(text="Allow") }}
</div>
</form>
<div class="text-center mt-4">
Not {{ current_session.user.username }}?
{{ logout::button(text="Sign out", class=button::text_class(), csrf_token=csrf_token, post_logout_action=action) }}
</div>
</div>
</section>
{% endblock content %}
Reference in New Issue View Git Blame Copy Permalink