diff --git a/examples/all_in_one_config/data/templates/C/ciba_user_authorize_failed.html b/examples/all_in_one_config/data/templates/C/ciba_user_authorize_failed.html index edacfa8..9d1fd3b 100755 --- a/examples/all_in_one_config/data/templates/C/ciba_user_authorize_failed.html +++ b/examples/all_in_one_config/data/templates/C/ciba_user_authorize_failed.html @@ -1,4 +1,4 @@ - + diff --git a/examples/all_in_one_config/data/templates/C/ciba_user_authorize_success.html b/examples/all_in_one_config/data/templates/C/ciba_user_authorize_success.html index 41ac0d2..46125d9 100755 --- a/examples/all_in_one_config/data/templates/C/ciba_user_authorize_success.html +++ b/examples/all_in_one_config/data/templates/C/ciba_user_authorize_success.html @@ -1,4 +1,4 @@ - + diff --git a/examples/all_in_one_config/data/templates/C/form_post.html b/examples/all_in_one_config/data/templates/C/form_post.html index 09ea7ad..e3455c4 100755 --- a/examples/all_in_one_config/data/templates/C/form_post.html +++ b/examples/all_in_one_config/data/templates/C/form_post.html @@ -1,4 +1,4 @@ - + diff --git a/examples/all_in_one_config/data/templates/C/labels.properties b/examples/all_in_one_config/data/templates/C/labels.properties index f155a53..b323001 100755 --- a/examples/all_in_one_config/data/templates/C/labels.properties +++ b/examples/all_in_one_config/data/templates/C/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros @@ -55,6 +55,13 @@ $TEXT_CONSENT_ALREADY_APPROVED$=The client requested the following token scopes # Text to describe scopes that need approval $TEXT_CONSENT_PENDING_APPROVAL$=The client requested the following token scopes that have not yet been approved: + +# Text to describe authorization details that already approved +$TEXT_CONSENT_AD_ALREADY_APPROVED$=The client requested the following token authorization details that have been previously approved: + +# Text to describe authorization details that need approval +$TEXT_CONSENT_AD_PENDING_APPROVAL$=The client requested the following token authorization details that have not yet been approved: + # Message to confirm consent $TEXT_CONSENT_APPROVE$=Would you like to approve access to this scope? diff --git a/examples/all_in_one_config/data/templates/C/static/oauth_response.js b/examples/all_in_one_config/data/templates/C/static/oauth_response.js index 0e16352..5c309c8 100755 --- a/examples/all_in_one_config/data/templates/C/static/oauth_response.js +++ b/examples/all_in_one_config/data/templates/C/static/oauth_response.js @@ -1,5 +1,5 @@ /** - * Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project + * Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project */ var form = document.getElementById("redirect_form"); form.submit(); \ No newline at end of file diff --git a/examples/all_in_one_config/data/templates/C/static/styles.css b/examples/all_in_one_config/data/templates/C/static/styles.css index 783f1fd..00c6809 100755 --- a/examples/all_in_one_config/data/templates/C/static/styles.css +++ b/examples/all_in_one_config/data/templates/C/static/styles.css @@ -1,4 +1,4 @@ -/* Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project */ +/* Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project */ * { margin: 0; padding: 0; diff --git a/examples/all_in_one_config/data/templates/C/user_authorize_denied.html b/examples/all_in_one_config/data/templates/C/user_authorize_denied.html index 018acd9..60266cc 100644 --- a/examples/all_in_one_config/data/templates/C/user_authorize_denied.html +++ b/examples/all_in_one_config/data/templates/C/user_authorize_denied.html @@ -1,4 +1,4 @@ - + diff --git a/examples/all_in_one_config/data/templates/C/user_authorize_error.html b/examples/all_in_one_config/data/templates/C/user_authorize_error.html index e1189df..cd71be1 100644 --- a/examples/all_in_one_config/data/templates/C/user_authorize_error.html +++ b/examples/all_in_one_config/data/templates/C/user_authorize_error.html @@ -1,4 +1,4 @@ - + diff --git a/examples/all_in_one_config/data/templates/C/user_authorize_input.html b/examples/all_in_one_config/data/templates/C/user_authorize_input.html index 16b9a14..4cb0f85 100644 --- a/examples/all_in_one_config/data/templates/C/user_authorize_input.html +++ b/examples/all_in_one_config/data/templates/C/user_authorize_input.html @@ -1,4 +1,4 @@ - + diff --git a/examples/all_in_one_config/data/templates/C/user_authorize_permitted.html b/examples/all_in_one_config/data/templates/C/user_authorize_permitted.html index bb2ee79..1b0604b 100644 --- a/examples/all_in_one_config/data/templates/C/user_authorize_permitted.html +++ b/examples/all_in_one_config/data/templates/C/user_authorize_permitted.html @@ -1,4 +1,4 @@ - + diff --git a/examples/all_in_one_config/data/templates/C/user_consent.html b/examples/all_in_one_config/data/templates/C/user_consent.html index 4035551..3e5ecb0 100755 --- a/examples/all_in_one_config/data/templates/C/user_consent.html +++ b/examples/all_in_one_config/data/templates/C/user_consent.html @@ -1,4 +1,4 @@ - + @@ -57,6 +57,25 @@

$TITLE_CONSENT$

[ERPT oauthTokenScopeNewApprovalRepeatable] +

+ +

$TEXT_CONSENT_AD_ALREADY_APPROVED$

+ + + +
+

$TEXT_CONSENT_AD_PENDING_APPROVAL$

+ + [RPT oauthTokenADNewApprovalRepeatable] +
+ [ERPT oauthTokenADNewApprovalRepeatable] + +


$TEXT_CONSENT_APPROVE$

diff --git a/examples/all_in_one_config/data/templates/C/user_error.html b/examples/all_in_one_config/data/templates/C/user_error.html index 2d09300..f61b214 100755 --- a/examples/all_in_one_config/data/templates/C/user_error.html +++ b/examples/all_in_one_config/data/templates/C/user_error.html @@ -1,4 +1,4 @@ - + diff --git a/examples/all_in_one_config/data/templates/cs/labels.properties b/examples/all_in_one_config/data/templates/cs/labels.properties index c2364a2..e62c770 100755 --- a/examples/all_in_one_config/data/templates/cs/labels.properties +++ b/examples/all_in_one_config/data/templates/cs/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros #NLS_MESSAGEFORMAT_NONE @@ -52,6 +52,10 @@ $TEXT_CONSENT_PARAMETER$=Klient poskytl následující parametry požadavku OAut # Text to describe scopes that already approved $TEXT_CONSENT_ALREADY_APPROVED$=Klient požadoval následující rozsahy tokenu, které byly dříve schváleny: +$TEXT_CONSENT_AD_ALREADY_APPROVED$=Klient požadoval následující podrobnosti autorizace tokenu, které byly dříve schváleny: + +$TEXT_CONSENT_AD_PENDING_APPROVAL$=Klient požadoval následující podrobnosti autorizace tokenu, které ještě nebyly schváleny: + # Text to describe scopes that need approval $TEXT_CONSENT_PENDING_APPROVAL$=Klient požadoval následující rozsahy tokenu, které dosud nebyly schváleny: diff --git a/examples/all_in_one_config/data/templates/de/labels.properties b/examples/all_in_one_config/data/templates/de/labels.properties index 681d93f..594a391 100755 --- a/examples/all_in_one_config/data/templates/de/labels.properties +++ b/examples/all_in_one_config/data/templates/de/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros #NLS_MESSAGEFORMAT_NONE @@ -55,6 +55,11 @@ $TEXT_CONSENT_ALREADY_APPROVED$=Der Client hat die folgenden Tokenbereiche angef # Text to describe scopes that need approval $TEXT_CONSENT_PENDING_APPROVAL$=Der Client hat die folgenden Tokenbereiche angefordert, die noch nicht genehmigt wurden: +$TEXT_CONSENT_AD_ALREADY_APPROVED$=Der Kunde hat die folgenden Token-Autorisierungsdetails angefordert, die zuvor genehmigt wurden: + +$TEXT_CONSENT_AD_PENDING_APPROVAL$=Der Kunde hat die folgenden Token-Autorisierungsdetails angefordert, die noch nicht genehmigt wurden: + + # Message to confirm consent $TEXT_CONSENT_APPROVE$=Soll der Zugriff auf diesen Bereich genehmigt werden? diff --git a/examples/all_in_one_config/data/templates/es/labels.properties b/examples/all_in_one_config/data/templates/es/labels.properties index 13b3171..ac359ff 100755 --- a/examples/all_in_one_config/data/templates/es/labels.properties +++ b/examples/all_in_one_config/data/templates/es/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros #NLS_MESSAGEFORMAT_NONE @@ -55,6 +55,10 @@ $TEXT_CONSENT_ALREADY_APPROVED$=El cliente ha solicitado los siguientes ámbitos # Text to describe scopes that need approval $TEXT_CONSENT_PENDING_APPROVAL$=El cliente ha solicitado los siguientes ámbitos de señal que aún no se han aprobado: + +$TEXT_CONSENT_AD_ALREADY_APPROVED$=El cliente solicitó los siguientes detalles de autorización de señal que han sido previamente aprobados: + +$TEXT_CONSENT_AD_PENDING_APPROVAL$=El cliente solicitó los siguientes detalles de autorización de señal que aún no han sido aprobados: # Message to confirm consent $TEXT_CONSENT_APPROVE$=¿Desea aprobar el acceso a este ámbito? diff --git a/examples/all_in_one_config/data/templates/fr/labels.properties b/examples/all_in_one_config/data/templates/fr/labels.properties index fd32c3f..5d7c4c6 100755 --- a/examples/all_in_one_config/data/templates/fr/labels.properties +++ b/examples/all_in_one_config/data/templates/fr/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros #NLS_MESSAGEFORMAT_NONE @@ -55,6 +55,10 @@ $TEXT_CONSENT_ALREADY_APPROVED$=Le client a demandé les portées de jeton suiva # Text to describe scopes that need approval $TEXT_CONSENT_PENDING_APPROVAL$=Le client a demandé les portées de jeton suivantes qui n'ont pas encore été approuvées : +$TEXT_CONSENT_AD_ALREADY_APPROVED$=Le client a demandé les détails suivants concernant l'autorisation de jeton, qui ont été approuvés précédemment : + +$TEXT_CONSENT_AD_PENDING_APPROVAL$=Le client a demandé les détails suivants concernant l'autorisation de jeton, qui n'ont pas encore été approuvés : + # Message to confirm consent $TEXT_CONSENT_APPROVE$=Souhaitez-vous approuver l'accès à cette portée ? diff --git a/examples/all_in_one_config/data/templates/hu/labels.properties b/examples/all_in_one_config/data/templates/hu/labels.properties index d40a73b..f1ba6c6 100755 --- a/examples/all_in_one_config/data/templates/hu/labels.properties +++ b/examples/all_in_one_config/data/templates/hu/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros #NLS_MESSAGEFORMAT_NONE @@ -55,6 +55,10 @@ $TEXT_CONSENT_ALREADY_APPROVED$=Az ügyfél a következő token hatóköröket k # Text to describe scopes that need approval $TEXT_CONSENT_PENDING_APPROVAL$=Az ügyfél a következő token hatóköröket kérte, amelyek még nem lettek jóváhagyva: +$TEXT_CONSENT_AD_ALREADY_APPROVED$=Az ügyfél a következő, korábban jóváhagyott token engedélyezési részleteket kérte: + +$TEXT_CONSENT_AD_PENDING_APPROVAL$=Az ügyfél a következő token engedélyezési részleteket kérte, amelyeket még nem hagytak jóvá: + # Message to confirm consent $TEXT_CONSENT_APPROVE$=Engedélyezi a hozzáférést ehhez a hatókörhöz? diff --git a/examples/all_in_one_config/data/templates/it/labels.properties b/examples/all_in_one_config/data/templates/it/labels.properties index 2ac2e7e..28e01ac 100755 --- a/examples/all_in_one_config/data/templates/it/labels.properties +++ b/examples/all_in_one_config/data/templates/it/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros #NLS_MESSAGEFORMAT_NONE @@ -55,6 +55,11 @@ $TEXT_CONSENT_ALREADY_APPROVED$=Il client ha richiesto i seguenti ambiti di toke # Text to describe scopes that need approval $TEXT_CONSENT_PENDING_APPROVAL$=Il client ha richiesto i seguenti ambiti di token non ancora approvati: +$TEXT_CONSENT_AD_ALREADY_APPROVED$=Il client ha richiesto i seguenti dettagli di autorizzazione del token che sono stati precedentemente approvati: + +$TEXT_CONSENT_AD_PENDING_APPROVAL$=Il client ha richiesto i seguenti dettagli di autorizzazione del token che non sono ancora stati approvati: + + # Message to confirm consent $TEXT_CONSENT_APPROVE$=Approvare l'accesso a questo ambito? diff --git a/examples/all_in_one_config/data/templates/ja/labels.properties b/examples/all_in_one_config/data/templates/ja/labels.properties index da0732f..7544cbe 100755 --- a/examples/all_in_one_config/data/templates/ja/labels.properties +++ b/examples/all_in_one_config/data/templates/ja/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros #NLS_MESSAGEFORMAT_NONE @@ -55,6 +55,11 @@ $TEXT_CONSENT_ALREADY_APPROVED$=クライアントは、以前に承認された # Text to describe scopes that need approval $TEXT_CONSENT_PENDING_APPROVAL$=クライアントは、まだ承認されていない以下のトークン有効範囲を要求しました。 +$TEXT_CONSENT_AD_ALREADY_APPROVED$=クライアントは、以前に承認された以下のトークン承認詳細を要求しました: + +$TEXT_CONSENT_AD_PENDING_APPROVAL$=クライアントは、まだ承認されていない以下のトークン承認詳細を要求しました: + + # Message to confirm consent $TEXT_CONSENT_APPROVE$=この有効範囲へのアクセスを承認しますか? diff --git a/examples/all_in_one_config/data/templates/ko/labels.properties b/examples/all_in_one_config/data/templates/ko/labels.properties index 616c130..bac333c 100755 --- a/examples/all_in_one_config/data/templates/ko/labels.properties +++ b/examples/all_in_one_config/data/templates/ko/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros #NLS_MESSAGEFORMAT_NONE @@ -55,6 +55,10 @@ $TEXT_CONSENT_ALREADY_APPROVED$=클라이언트가 이전에 승인된 다음 # Text to describe scopes that need approval $TEXT_CONSENT_PENDING_APPROVAL$=클라이언트가 아직 승인되지 않은 다음 토큰 범위를 요청했습니다. +$TEXT_CONSENT_AD_ALREADY_APPROVED$=클라이언트가 이전에 승인된 다음 토큰 권한 부여 세부 정보를 요청했습니다. + +$TEXT_CONSENT_AD_PENDING_APPROVAL$=클라이언트가 아직 승인되지 않은 다음 토큰 인증 세부 정보를 요청했습니다. + # Message to confirm consent $TEXT_CONSENT_APPROVE$=이 범위에 대한 액세스를 허용하겠습니까? diff --git a/examples/all_in_one_config/data/templates/pl/labels.properties b/examples/all_in_one_config/data/templates/pl/labels.properties index 620bb46..dff99b9 100755 --- a/examples/all_in_one_config/data/templates/pl/labels.properties +++ b/examples/all_in_one_config/data/templates/pl/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros #NLS_MESSAGEFORMAT_NONE @@ -55,6 +55,11 @@ $TEXT_CONSENT_ALREADY_APPROVED$=Klient zażądał następujących zasięgów tok # Text to describe scopes that need approval $TEXT_CONSENT_PENDING_APPROVAL$=Klient zażądał następujących zasięgów tokenu, które nie zostały wcześniej zatwierdzone: +$TEXT_CONSENT_AD_ALREADY_APPROVED$=Klient zażądał następujących danych uwierzytelniania za pomocą tokena, które zostały wcześniej zatwierdzone: + +$TEXT_CONSENT_AD_PENDING_APPROVAL$=Klient zażądał następujących danych uwierzytelniania za pomocą tokena, które nie zostały wcześniej zatwierdzone: + + # Message to confirm consent $TEXT_CONSENT_APPROVE$=Czy chcesz zatwierdzić dostęp do tego zasięgu? diff --git a/examples/all_in_one_config/data/templates/pt_BR/labels.properties b/examples/all_in_one_config/data/templates/pt_BR/labels.properties index b73fbfa..e2c25ed 100755 --- a/examples/all_in_one_config/data/templates/pt_BR/labels.properties +++ b/examples/all_in_one_config/data/templates/pt_BR/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros #NLS_MESSAGEFORMAT_NONE @@ -55,6 +55,10 @@ $TEXT_CONSENT_ALREADY_APPROVED$=O cliente solicitou os seguintes escopos de toke # Text to describe scopes that need approval $TEXT_CONSENT_PENDING_APPROVAL$=O cliente solicitou os seguintes escopos de token que ainda não foram aprovados: +$TEXT_CONSENT_AD_ALREADY_APPROVED=O cliente solicitou os seguintes detalhes de autorização de token que já foram aprovados: + +$TEXT_CONSENT_AD_PENDING_APPROVAL$=O cliente solicitou os seguintes detalhes de autorização de token que ainda não foram aprovados: + # Message to confirm consent $TEXT_CONSENT_APPROVE$=Deseja aprovar o acesso a este escopo? diff --git a/examples/all_in_one_config/data/templates/ru/labels.properties b/examples/all_in_one_config/data/templates/ru/labels.properties index 5c02fc8..3392170 100755 --- a/examples/all_in_one_config/data/templates/ru/labels.properties +++ b/examples/all_in_one_config/data/templates/ru/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros #NLS_MESSAGEFORMAT_NONE diff --git a/examples/all_in_one_config/data/templates/zh_CN/labels.properties b/examples/all_in_one_config/data/templates/zh_CN/labels.properties index 0b9596a..e0b6baa 100755 --- a/examples/all_in_one_config/data/templates/zh_CN/labels.properties +++ b/examples/all_in_one_config/data/templates/zh_CN/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros #NLS_MESSAGEFORMAT_NONE @@ -55,6 +55,10 @@ $TEXT_CONSENT_ALREADY_APPROVED$=客户机请求了以下先前已核准的令牌 # Text to describe scopes that need approval $TEXT_CONSENT_PENDING_APPROVAL$=客户机请求了以下尚未核准的令牌作用域: +$TEXT_CONSENT_PENDING_APPROVAL$=客户机请求了以下尚未核准的令牌作用域: + +$TEXT_CONSENT_AD_ALREADY_APPROVED$=客户请求的以下令牌授权详细信息已事先获得批准: + # Message to confirm consent $TEXT_CONSENT_APPROVE$=是否要核准对此作用域的访问? diff --git a/examples/all_in_one_config/data/templates/zh_TW/labels.properties b/examples/all_in_one_config/data/templates/zh_TW/labels.properties index 9f1eb0e..c217e05 100755 --- a/examples/all_in_one_config/data/templates/zh_TW/labels.properties +++ b/examples/all_in_one_config/data/templates/zh_TW/labels.properties @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------------------------------- -# Copyright contributors to the IBM Security Verify Access OIDC Provider Resources project +# Copyright contributors to the IBM Verify Identity Access OIDC Provider Resources project # ------------------------------------------------------------------------------------------------- # Generic static macros #NLS_MESSAGEFORMAT_NONE @@ -55,6 +55,9 @@ $TEXT_CONSENT_ALREADY_APPROVED$=用戶端要求下列先前已經核准的記號 # Text to describe scopes that need approval $TEXT_CONSENT_PENDING_APPROVAL$=用戶端要求下列尚未核准的記號範圍: +$TEXT_CONSENT_AD_ALREADY_APPROVED$=用戶端要求了先前已核准的下列記號授權詳細資料: + +$TEXT_CONSENT_AD_PENDING_APPROVAL$=用戶端要求了下列尚未獲得核准的記號授權詳細資料: # Message to confirm consent $TEXT_CONSENT_APPROVE$=您要核准此範圍的存取嗎? diff --git a/examples/yaml_config/mapping.yaml b/examples/yaml_config/mapping.yaml index 3bcbfb1..0918582 100755 --- a/examples/yaml_config/mapping.yaml +++ b/examples/yaml_config/mapping.yaml @@ -704,4 +704,32 @@ rules: IDMappingExtUtils.traceString("sub validation failed for : " + sub); } } - IDMappingExtUtils.traceString("STSUU: " + stsuu.toString()); \ No newline at end of file + IDMappingExtUtils.traceString("STSUU: " + stsuu.toString()); + - name: preauth_notifycode + rule_type: javascript + content: | + importClass(Packages.com.tivoli.am.fim.trustserver.sts.utilities.IDMappingExtUtils); + IDMappingExtUtils.traceString("CODE$$" + preauth.getTransactionCode()+"$"); + - name: preauth_userauth + rule_type: javascript + content: | + importClass(Packages.com.tivoli.am.fim.trustserver.sts.utilities.IDMappingExtUtils); + importClass(Packages.com.tivoli.am.fim.trustserver.sts.utilities.OAuthMappingExtUtils); + importClass(Packages.com.ibm.security.access.httpclient.HttpClient); + + IDMappingExtUtils.traceString("CallbackURL$$" + preauth.getCallbackURL() + '$$'); + var payload = preauth.getPayload(); + if (preauth.isCallback()) { + if (payload.status === "approved") { + var metadata = {}; + metadata.uid = "prabbit"; + metadata.given_name = "peter"; + metadata.family_name = "rabbit"; + metadata.preferred_username = "peter@zoo.org"; + preauth.approved(metadata); + } else if (payload.status === "denied") { + IDMappingExtUtils.traceString("denied " ); + preauth.denied(); + } else { + OAuthMappingExtUtils.throwSTSCustomUserMessageException("Expecting authentication status", 400, "invalid_request"); + } diff --git a/examples/yaml_config/openid_credential.json b/examples/yaml_config/openid_credential.json new file mode 100644 index 0000000..fd69b0d --- /dev/null +++ b/examples/yaml_config/openid_credential.json @@ -0,0 +1,65 @@ +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "Generated schema for Root", + "type": "object", + "properties": { + "type": { + "type": "string" + }, + "credential_configuration_id": { + "type": "string" + }, + "claims": { + "type": "object", + "properties": { + "org.iso.18013.5.1": { + "type": "object", + "properties": { + "given_name": { + "type": "object", + "properties": {}, + "required": [] + }, + "family_name": { + "type": "object", + "properties": {}, + "required": [] + }, + "birth_date": { + "type": "object", + "properties": {}, + "required": [] + } + }, + "required": [ + "given_name", + "family_name", + "birth_date" + ] + }, + "org.iso.18013.5.1.aamva": { + "type": "object", + "properties": { + "organ_donor": { + "type": "object", + "properties": {}, + "required": [] + } + }, + "required": [ + "organ_donor" + ] + } + }, + "required": [ + "org.iso.18013.5.1", + "org.iso.18013.5.1.aamva" + ] + } + }, + "required": [ + "type", + "credential_configuration_id", + "claims" + ] + } \ No newline at end of file diff --git a/examples/yaml_config/templates.zip b/examples/yaml_config/templates.zip index 00b5a86..1e6535e 100755 Binary files a/examples/yaml_config/templates.zip and b/examples/yaml_config/templates.zip differ diff --git a/resources/config_starter_kit/data/rules.yaml b/resources/config_starter_kit/data/rules.yaml index 72cf6b7..e131de7 100755 --- a/resources/config_starter_kit/data/rules.yaml +++ b/resources/config_starter_kit/data/rules.yaml @@ -164,4 +164,32 @@ rules: IDMappingExtUtils.traceString("sub validation failed for : " + sub); } } - IDMappingExtUtils.traceString("STSUU: " + stsuu.toString()); \ No newline at end of file + IDMappingExtUtils.traceString("STSUU: " + stsuu.toString()); + - name: preauth_notifycode + rule_type: javascript + content: | + importClass(Packages.com.tivoli.am.fim.trustserver.sts.utilities.IDMappingExtUtils); + IDMappingExtUtils.traceString("CODE$$" + preauth.getTransactionCode()+"$"); + - name: preauth_userauth + rule_type: javascript + content: | + importClass(Packages.com.tivoli.am.fim.trustserver.sts.utilities.IDMappingExtUtils); + importClass(Packages.com.tivoli.am.fim.trustserver.sts.utilities.OAuthMappingExtUtils); + importClass(Packages.com.ibm.security.access.httpclient.HttpClient); + + IDMappingExtUtils.traceString("CallbackURL$$" + preauth.getCallbackURL() + '$$'); + var payload = preauth.getPayload(); + if (preauth.isCallback()) { + if (payload.status === "approved") { + var metadata = {}; + metadata.uid = "prabbit"; + metadata.given_name = "peter"; + metadata.family_name = "rabbit"; + metadata.preferred_username = "peter@zoo.org"; + preauth.approved(metadata); + } else if (payload.status === "denied") { + IDMappingExtUtils.traceString("denied " ); + preauth.denied(); + } else { + OAuthMappingExtUtils.throwSTSCustomUserMessageException("Expecting authentication status", 400, "invalid_request"); + } diff --git a/resources/config_starter_kit/data/templates.zip b/resources/config_starter_kit/data/templates.zip index 00b5a86..1e6535e 100755 Binary files a/resources/config_starter_kit/data/templates.zip and b/resources/config_starter_kit/data/templates.zip differ diff --git a/resources/db/db2/update_isvaop_24.12.sql b/resources/db/db2/update_isvaop_24.12.sql new file mode 100644 index 0000000..b1a1c50 --- /dev/null +++ b/resources/db/db2/update_isvaop_24.12.sql @@ -0,0 +1,123 @@ +/* + * IBM Confidential + * PID 5725-V89 5725-V90 5737-F02 + * + * Copyright IBM Corp. 2022, 2024 + */ + +CREATE TABLE OAUTH20_TOKEN_CACHE +( + TOKEN_ID VARCHAR(512) NOT NULL + CONSTRAINT PK_LOOKUPKEY PRIMARY KEY, + TYPE VARCHAR(64) NOT NULL, + SUB_TYPE VARCHAR(64), + DATE_CREATED BIGINT, + DATE_LAST_USED BIGINT, + LIFETIME INT, + TOKEN_STRING VARCHAR(512) NOT NULL, + CLIENT_ID VARCHAR(256) NOT NULL, + USERNAME VARCHAR(256) NOT NULL, + SCOPE VARCHAR(512) NOT NULL, + REDIRECT_URI VARCHAR(256), + STATE_ID VARCHAR(64) NOT NULL, + TOKEN_ENABLED CHAR NOT NULL, + PREV_TOKEN_STRING VARCHAR(512), + CHECK (TOKEN_ENABLED IN ('Y', 'N')) +); + +CREATE INDEX OAUTH20CACHE_ST ON OAUTH20_TOKEN_CACHE (STATE_ID ASC); +CREATE INDEX OAUTH20CACHE_TKSTRING ON OAUTH20_TOKEN_CACHE (TOKEN_STRING); +CREATE INDEX OAUTH20CACHE_PTKSTRING ON OAUTH20_TOKEN_CACHE (PREV_TOKEN_STRING); +CREATE INDEX OAUTH20CACHE_LIFETIME ON OAUTH20_TOKEN_CACHE (LIFETIME ASC); +CREATE INDEX OAUTH20CACHE_UCID ON OAUTH20_TOKEN_CACHE (USERNAME, CLIENT_ID); + + +CREATE TABLE OAUTH20_TOKEN_EXTRA_ATTRIBUTE +( + STATE_ID VARCHAR(256), + ATTR_NAME VARCHAR(256), + ATTR_VALUE VARCHAR(256), + SENSITIVE CHAR DEFAULT 'N', + READ_ONLY CHAR DEFAULT 'N', + CHECK (SENSITIVE IN ('Y', 'N')), + CHECK (READ_ONLY IN ('Y', 'N')) +); + +CREATE INDEX EXTRAATTR_STATE_ID ON OAUTH20_TOKEN_EXTRA_ATTRIBUTE (STATE_ID ASC); +CREATE INDEX EXTRAATTR_NAME ON OAUTH20_TOKEN_EXTRA_ATTRIBUTE (ATTR_NAME ASC); + + +CREATE TABLE OAUTH20_JTI +( + JWT_TYPE INT NOT NULL, + JWT_ID VARCHAR(200) NOT NULL, + EXPIRED_AT BIGINT NOT NULL, + + CONSTRAINT PK_JTIS PRIMARY KEY (JWT_TYPE, JWT_ID) +); + +CREATE INDEX JTIS_EXPIRED ON OAUTH20_JTI (EXPIRED_AT); + +CREATE TABLE OAUTH_TRUSTED_CLIENT +( + TRUSTED_CLIENT_ID VARCHAR(256) NOT NULL + CONSTRAINT PK_UNIQUEID PRIMARY KEY, + USERNAME VARCHAR(256) NOT NULL, + CLIENT_ID VARCHAR(256) NOT NULL +); + +CREATE INDEX TRUSTEDCLIENTS_USERNAME ON OAUTH_TRUSTED_CLIENT (USERNAME); +CREATE INDEX TRUSTEDCLIENTS_USERNAMECLIENTID ON OAUTH_TRUSTED_CLIENT (USERNAME, CLIENT_ID); + + +CREATE TABLE OAUTH_SCOPE +( + TRUSTED_CLIENT_ID VARCHAR(256) NOT NULL, + SCOPE VARCHAR(256) NOT NULL, + + CONSTRAINT PK_UNIQUEIDSCOPE PRIMARY KEY (TRUSTED_CLIENT_ID, SCOPE), + FOREIGN KEY (TRUSTED_CLIENT_ID) REFERENCES OAUTH_TRUSTED_CLIENT (TRUSTED_CLIENT_ID) ON DELETE CASCADE +); + +CREATE TABLE OAUTH_AUTHORIZATION_DETAILS +( + TRUSTED_CLIENT_ID VARCHAR(256) NOT NULL, + COMPARE_TYPE VARCHAR(256), + ID VARCHAR(256) NOT NULL , + AUTHORIZATION_DETAILS CLOB, + + CONSTRAINT PK_UNIQUEIDAD PRIMARY KEY (TRUSTED_CLIENT_ID, ID), + FOREIGN KEY (TRUSTED_CLIENT_ID) REFERENCES OAUTH_TRUSTED_CLIENT (TRUSTED_CLIENT_ID) ON DELETE CASCADE +); + + + +CREATE TABLE OAUTH20_DYNAMIC_CLIENT +( + CLIENT_ID VARCHAR(256) NOT NULL + CONSTRAINT DYN_PK_LOOKUPKEY PRIMARY KEY, + DEFINITION_ID BIGINT NOT NULL, + DEFINITION_NAME VARCHAR(200), + OWNER_USERNAME VARCHAR(256), + DYN_DATA CLOB +); + +CREATE INDEX OAUTH20DYNCLIENT_DEF ON OAUTH20_DYNAMIC_CLIENT (DEFINITION_ID); +CREATE INDEX OAUTH20DYNCLIENTS_USER ON OAUTH20_DYNAMIC_CLIENT (OWNER_USERNAME); + + +CREATE TABLE DMAP_ENTRIES +( + DMAP_KEY VARCHAR(256) NOT NULL, + DMAP_PARTITION VARCHAR(256) NOT NULL, + DMAP_VALUE CLOB NOT NULL, + DMAP_EXPIRY BIGINT, + PRIMARY KEY (DMAP_KEY, DMAP_PARTITION) +); + +CREATE INDEX DMAP_EXPIRY_INDEX ON DMAP_ENTRIES (DMAP_EXPIRY); + +ALTER TABLE OAUTH20_TOKEN_EXTRA_ATTRIBUTE ALTER COLUMN ATTR_VALUE SET DATA TYPE VARCHAR(1024); + +ALTER TABLE OAUTH20_TOKEN_CACHE ADD COLUMN AUTHORIZATION_DETAILS CLOB; +COMMIT; diff --git a/resources/db/oracle/update_isvaop_24.12.sql b/resources/db/oracle/update_isvaop_24.12.sql new file mode 100644 index 0000000..d134b59 --- /dev/null +++ b/resources/db/oracle/update_isvaop_24.12.sql @@ -0,0 +1,114 @@ +/* + * IBM Confidential + * PID 5725-V89 5725-V90 5737-F02 + * + * Copyright IBM Corp. 2022, 2024 + */ + +CREATE TABLE OAUTH20_TOKEN_CACHE +( + TOKEN_ID VARCHAR2(512) NOT NULL, + TYPE VARCHAR2(64) NOT NULL, + SUB_TYPE VARCHAR2(64), + DATE_CREATED NUMBER(19, 0), + DATE_LAST_USED NUMBER(19, 0), + LIFETIME NUMBER(11, 0), + TOKEN_STRING VARCHAR2(512) NOT NULL, + CLIENT_ID VARCHAR2(256) NOT NULL, + USERNAME VARCHAR2(256) NOT NULL, + SCOPE VARCHAR2(512), + REDIRECT_URI VARCHAR2(256), + STATE_ID VARCHAR2(64) NOT NULL, + TOKEN_ENABLED CHAR NOT NULL, + PREV_TOKEN_STRING VARCHAR2(512), + CONSTRAINT PK_LOOKUPKEY PRIMARY KEY (TOKEN_ID), + CONSTRAINT CHECK_TOKEN_ENABLED CHECK (TOKEN_ENABLED IN ('Y', 'N')) +); + +CREATE INDEX OAUTH20CACHE_ST ON OAUTH20_TOKEN_CACHE (STATE_ID ASC); +CREATE INDEX OAUTH20CACHE_TKSTRING ON OAUTH20_TOKEN_CACHE (TOKEN_STRING); +CREATE INDEX OAUTH20CACHE_PTKSTRING ON OAUTH20_TOKEN_CACHE (PREV_TOKEN_STRING); +CREATE INDEX OAUTH20CACHE_LIFETIME ON OAUTH20_TOKEN_CACHE (LIFETIME ASC); +CREATE INDEX OAUTH20CACHE_UCID ON OAUTH20_TOKEN_CACHE (USERNAME, CLIENT_ID); + +CREATE TABLE OAUTH20_TOKEN_EXTRA_ATTRIBUTE +( + STATE_ID VARCHAR2(256), + ATTR_NAME VARCHAR2(256), + ATTR_VALUE VARCHAR2(256), + SENSITIVE CHAR DEFAULT 'N', + READ_ONLY CHAR DEFAULT 'N', + CONSTRAINT CHECK_SENSITIVE CHECK (SENSITIVE IN ('Y', 'N')), + CONSTRAINT CHECK_READ_ONLY CHECK (READ_ONLY IN ('Y', 'N')) +); + +ALTER TABLE OAUTH20_TOKEN_EXTRA_ATTRIBUTE add primary key (STATE_ID, ATTR_NAME); + +CREATE TABLE OAUTH20_JTI +( + JWT_TYPE INT NOT NULL, + JWT_ID VARCHAR(200) NOT NULL, + EXPIRED_AT NUMBER(19, 0) NOT NULL, + CONSTRAINT PK_JTIS PRIMARY KEY (JWT_TYPE, JWT_ID) +); + +CREATE INDEX JTIS_EXPIRED ON OAUTH20_JTI (EXPIRED_AT); + +CREATE TABLE OAUTH_TRUSTED_CLIENT +( + TRUSTED_CLIENT_ID VARCHAR2(256) NOT NULL, + USERNAME VARCHAR2(256) NOT NULL, + CLIENT_ID VARCHAR2(256) NOT NULL, + CONSTRAINT PK_UNIQUEID PRIMARY KEY (TRUSTED_CLIENT_ID) +); + +CREATE INDEX TRUSTEDCLIENTS_USERNAME ON OAUTH_TRUSTED_CLIENT (USERNAME); +CREATE INDEX TRUSTEDCLIENTS_USER_CLIENTID ON OAUTH_TRUSTED_CLIENT (USERNAME, CLIENT_ID); + +CREATE TABLE OAUTH_SCOPE +( + TRUSTED_CLIENT_ID VARCHAR2(256) NOT NULL, + SCOPE VARCHAR2(256), + CONSTRAINT PK_UNIQUEIDSCOPE PRIMARY KEY (TRUSTED_CLIENT_ID, SCOPE), + FOREIGN KEY (TRUSTED_CLIENT_ID) REFERENCES OAUTH_TRUSTED_CLIENT (TRUSTED_CLIENT_ID) ON DELETE CASCADE +); + +CREATE TABLE OAUTH_AUTHORIZATION_DETAILS ( + TRUSTED_CLIENT_ID VARCHAR(256) NOT NULL, + COMPARE_TYPE VARCHAR(256), + ID VARCHAR(256) NOT NULL, + AUTHORIZATION_DETAILS CLOB, + CONSTRAINT PK_UNIQUEIDAD PRIMARY KEY (TRUSTED_CLIENT_ID, ID), + FOREIGN KEY (TRUSTED_CLIENT_ID) REFERENCES OAUTH_TRUSTED_CLIENT (TRUSTED_CLIENT_ID) ON DELETE CASCADE +); + +CREATE TABLE OAUTH20_DYNAMIC_CLIENT +( + CLIENT_ID VARCHAR2(256) NOT NULL, + DEFINITION_ID NUMBER(19, 0) NOT NULL, + DEFINITION_NAME VARCHAR2(200), + OWNER_USERNAME VARCHAR2(256), + DYN_DATA CLOB, + CONSTRAINT DYN_PK_LOOKUPKEY PRIMARY KEY (CLIENT_ID) +); + +CREATE INDEX OAUTH20DYNCLIENT_DEF ON OAUTH20_DYNAMIC_CLIENT (DEFINITION_ID); +CREATE INDEX OAUTH20DYNCLIENTS_USER ON OAUTH20_DYNAMIC_CLIENT (OWNER_USERNAME); + +CREATE TABLE DMAP_ENTRIES +( + DMAP_KEY VARCHAR2(256) NOT NULL, + DMAP_PARTITION VARCHAR2(256) NOT NULL, + DMAP_VALUE CLOB NOT NULL, + DMAP_EXPIRY NUMBER(19, 0) NOT NULL, + PRIMARY KEY (DMAP_KEY, DMAP_PARTITION) +); + +CREATE INDEX DMAP_EXPIRY_INDEX ON DMAP_ENTRIES (DMAP_EXPIRY); + +ALTER TABLE OAUTH20_TOKEN_EXTRA_ATTRIBUTE MODIFY ATTR_VALUE VARCHAR(1024); + + +ALTER TABLE OAUTH20_TOKEN_CACHE ADD AUTHORIZATION_DETAILS CLOB; + +COMMIT; \ No newline at end of file diff --git a/resources/db/pg/update_isvaop_24.12.sql b/resources/db/pg/update_isvaop_24.12.sql new file mode 100644 index 0000000..46e1504 --- /dev/null +++ b/resources/db/pg/update_isvaop_24.12.sql @@ -0,0 +1,108 @@ +/* + * IBM Confidential + * PID 5725-V89 5725-V90 5737-F02 + * + * Copyright IBM Corp. 2021, 2024 + */ + +CREATE TABLE IF NOT EXISTS OAUTH20_TOKEN_CACHE ( + TOKEN_ID VARCHAR(512) NOT NULL, + TYPE VARCHAR(64) NOT NULL, + SUB_TYPE VARCHAR(64), + DATE_CREATED BIGINT, + DATE_LAST_USED BIGINT, + LIFETIME INT, + TOKEN_STRING VARCHAR(512) NOT NULL, + CLIENT_ID VARCHAR(256) NOT NULL, + USERNAME VARCHAR(256) NOT NULL, + SCOPE VARCHAR(512), + REDIRECT_URI VARCHAR(256), + STATE_ID VARCHAR(64) NOT NULL, + TOKEN_ENABLED CHAR NOT NULL, + PREV_TOKEN_STRING VARCHAR(512), + CONSTRAINT PK_LOOKUPKEY PRIMARY KEY (TOKEN_ID) +); + +CREATE INDEX IF NOT EXISTS OAUTH20CACHE_ST ON OAUTH20_TOKEN_CACHE (STATE_ID ASC); +CREATE INDEX IF NOT EXISTS OAUTH20CACHE_PTKSTRING ON OAUTH20_TOKEN_CACHE (PREV_TOKEN_STRING); +CREATE INDEX IF NOT EXISTS OAUTH20CACHE_LIFETIME ON OAUTH20_TOKEN_CACHE (LIFETIME ASC); +CREATE INDEX IF NOT EXISTS OAUTH20CACHE_UCID ON OAUTH20_TOKEN_CACHE (USERNAME, CLIENT_ID); + + +CREATE TABLE IF NOT EXISTS OAUTH20_TOKEN_EXTRA_ATTRIBUTE ( + STATE_ID VARCHAR(256), + ATTR_NAME VARCHAR(256), + ATTR_VALUE VARCHAR(256), + SENSITIVE CHAR DEFAULT 'N', + READ_ONLY CHAR DEFAULT 'N', + CONSTRAINT PK_UNIQUEIDEXTRA PRIMARY KEY (STATE_ID, ATTR_NAME) +); + +CREATE INDEX IF NOT EXISTS EXTRAATTR_STATE_ID ON OAUTH20_TOKEN_EXTRA_ATTRIBUTE (STATE_ID ASC); + + +CREATE TABLE IF NOT EXISTS OAUTH20_JTI ( + JWT_TYPE INT NOT NULL, + JWT_ID VARCHAR(200) NOT NULL, + EXPIRED_AT BIGINT NOT NULL, + CONSTRAINT PK_JTIS PRIMARY KEY(JWT_TYPE, JWT_ID) +); + +CREATE INDEX IF NOT EXISTS IX_JTIS_EXPIRED ON OAUTH20_JTI (EXPIRED_AT); + + +CREATE TABLE IF NOT EXISTS OAUTH_TRUSTED_CLIENT ( + TRUSTED_CLIENT_ID VARCHAR(256) NOT NULL, + USERNAME VARCHAR(256) NOT NULL, + CLIENT_ID VARCHAR(256) NOT NULL, + CONSTRAINT PK_UNIQUEID PRIMARY KEY (TRUSTED_CLIENT_ID) +); + +CREATE INDEX IF NOT EXISTS TRUSTEDCLIENTS_USERNAME ON OAUTH_TRUSTED_CLIENT (USERNAME); +CREATE INDEX IF NOT EXISTS TRUSTEDCLIENTS_USERCLIENT ON OAUTH_TRUSTED_CLIENT (USERNAME, CLIENT_ID); + + +CREATE TABLE IF NOT EXISTS OAUTH_SCOPE ( + TRUSTED_CLIENT_ID VARCHAR(256) NOT NULL, + SCOPE VARCHAR(256) NOT NULL, + CONSTRAINT PK_UNIQUEIDSCOPE PRIMARY KEY (TRUSTED_CLIENT_ID, SCOPE), + FOREIGN KEY (TRUSTED_CLIENT_ID) REFERENCES OAUTH_TRUSTED_CLIENT(TRUSTED_CLIENT_ID) ON DELETE CASCADE +); + + +CREATE TABLE OAUTH_AUTHORIZATION_DETAILS ( + TRUSTED_CLIENT_ID VARCHAR(256) NOT NULL, + COMPARE_TYPE VARCHAR , + ID VARCHAR NOT NULL, + AUTHORIZATION_DETAILS TEXT, + + CONSTRAINT PK_UNIQUEIDAD PRIMARY KEY (TRUSTED_CLIENT_ID, ID), + FOREIGN KEY (TRUSTED_CLIENT_ID) REFERENCES OAUTH_TRUSTED_CLIENT (TRUSTED_CLIENT_ID) ON DELETE CASCADE +); + +CREATE TABLE IF NOT EXISTS OAUTH20_DYNAMIC_CLIENT ( + CLIENT_ID VARCHAR(256) NOT NULL, + DEFINITION_ID BIGINT NOT NULL, + DEFINITION_NAME VARCHAR(200), + OWNER_USERNAME VARCHAR(256), + DYN_DATA TEXT, + CONSTRAINT DYN_PK_LOOKUPKEY PRIMARY KEY (CLIENT_ID) +); + +CREATE INDEX IF NOT EXISTS OAUTH20DYNCLIENT_DEF ON OAUTH20_DYNAMIC_CLIENT (DEFINITION_ID); +CREATE INDEX IF NOT EXISTS OAUTH20DYNCLIENTS_USER ON OAUTH20_DYNAMIC_CLIENT (OWNER_USERNAME); + + +CREATE TABLE IF NOT EXISTS DMAP_ENTRIES ( + DMAP_KEY VARCHAR(256) NOT NULL, + DMAP_PARTITION VARCHAR(256) NOT NULL, + DMAP_VALUE TEXT NOT NULL, + DMAP_EXPIRY BIGINT, + PRIMARY KEY (DMAP_KEY, DMAP_PARTITION) +); + +CREATE INDEX IF NOT EXISTS DMAP_EXPIRY_INDEX ON DMAP_ENTRIES(DMAP_EXPIRY); + +ALTER TABLE OAUTH20_TOKEN_EXTRA_ATTRIBUTE ALTER COLUMN ATTR_VALUE TYPE VARCHAR(1024); + +ALTER TABLE OAUTH20_TOKEN_CACHE ADD COLUMN AUTHORIZATION_DETAILS TEXT; \ No newline at end of file