forked from baron/baron-sso
RP 공개키 등록 UI 및 SSH-RSA 자동 변환 기능 구현
This commit is contained in:
@@ -390,6 +390,29 @@ subtitle = "Define the permission scopes this application can request."
|
||||
private_help = "Server side App: For apps that can safely store a client secret, such as Node.js or Java servers."
|
||||
pkce_help = "PKCE App (SPA/Mobile): For apps that cannot safely store a client secret. PKCE is mandatory."
|
||||
subtitle = "Select application type. Security level determines authentication method."
|
||||
trusted_help = "Operate as a trusted RP using private_key_jwt and public key registration. Headless login is only available for this profile."
|
||||
|
||||
[msg.dev.clients.general.public_key]
|
||||
auth_method_client_secret_basic_help = "Standard authentication method for server-side applications."
|
||||
auth_method_none_help = "Use this for PKCE-based public clients."
|
||||
auth_method_private_key_jwt_help = "Signed key-based client authentication recommended for trusted RP bootstrap and JAR verification."
|
||||
guide_example = "Recommended example: https://rp.example.com/.well-known/jwks.json"
|
||||
guide_intro = "A JWKS URI is not created by Baron. It is the URL where the RP backend exposes its public key."
|
||||
guide_step_1 = "Generate a key pair on the RP server and keep the private key only in the RP backend."
|
||||
guide_step_2 = "Expose the public key from the RP backend through a JWKS (JSON Web Key Set) endpoint."
|
||||
guide_step_3 = "Enter a URL such as https://rp.example.com/.well-known/jwks.json in DevFront."
|
||||
headless_help = "Trusted RPs can keep their own login UI while Baron continues to handle authentication and OIDC progression."
|
||||
jwks_uri_help = "Enter the public key endpoint URL exposed by the RP backend. Example: https://rp.example.com/.well-known/jwks.json"
|
||||
request_object_alg_help = "Specify the JAR (Request Object) signing algorithm used for headless login."
|
||||
source_help = "Register the JWKS URI served by the RP so Baron can verify the public key."
|
||||
subtitle = "Manage the public key and headless login settings required for trusted RP evaluation."
|
||||
|
||||
[msg.dev.clients.general.public_key.validation]
|
||||
headless_requires_alg = "Headless login requires a Request Object Signing Algorithm."
|
||||
headless_requires_private_key_jwt = "Headless login requires token endpoint auth method to be private_key_jwt."
|
||||
headless_requires_public_key = "Headless login requires a JWKS URI."
|
||||
invalid_jwks_uri = "JWKS URI format is invalid."
|
||||
private_key_jwt_requires_public_key = "Signed key-based authentication requires a JWKS URI."
|
||||
|
||||
[msg.dev.clients.help]
|
||||
docs_body = "Includes PKCE, client_secret_basic, redirect URI validation tips."
|
||||
@@ -1368,8 +1391,27 @@ delete = "Delete"
|
||||
[ui.dev.clients.general.security]
|
||||
private = "Server Side App"
|
||||
pkce = "PKCE"
|
||||
trusted = "Trusted RP"
|
||||
title = "Security Settings"
|
||||
|
||||
[ui.dev.clients.general.public_key]
|
||||
auth_method = "Token Endpoint Auth Method"
|
||||
auth_method_client_secret_basic = "client_secret_basic"
|
||||
auth_method_none = "none"
|
||||
auth_method_private_key_jwt = "Signed Key Authentication"
|
||||
guide_toggle = "JWKS URI Setup Guide"
|
||||
headless_disabled = "Headless Disabled"
|
||||
headless_enabled = "Headless Enabled"
|
||||
headless_toggle = "Headless Login"
|
||||
jwks_uri = "JWKS URI"
|
||||
jwks_uri_placeholder = "https://rp.example.com/.well-known/jwks.json"
|
||||
request_object_alg = "Request Object Signing Algorithm"
|
||||
request_object_alg_placeholder = "RS256"
|
||||
source = "Public Key Source"
|
||||
source_uri = "JWKS URI"
|
||||
title = "Public Key Registration"
|
||||
validation_title = "Check before saving"
|
||||
|
||||
[ui.dev.clients.help]
|
||||
docs_body = "Includes PKCE, client_secret_basic, redirect URI validation tips."
|
||||
docs_title = "Docs & Examples"
|
||||
|
||||
Reference in New Issue
Block a user