diff --git a/.changeset/wise-queens-fix.md b/.changeset/wise-queens-fix.md new file mode 100644 index 00000000000..740a98a08c3 --- /dev/null +++ b/.changeset/wise-queens-fix.md @@ -0,0 +1,5 @@ +--- +"@wso2is/identity-apps-core": minor +--- + +Added support to display authorization details on the consent screen. This optional field, if included in the authorize request, will be shown on the consent screen when user consent is required. diff --git a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources.properties b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources.properties index 264d72a463a..4b2e8ce87fe 100644 --- a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources.properties +++ b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources.properties @@ -192,6 +192,7 @@ under.construction=This page is under construction by.selecting.following.attributes=By selecting the following attributes you agree to share them with select.all=Select All requested.scopes=Obtain permission for +requested.authorization.details=Gain consent for requested.attributes=Know some of your details please.select.approve.always=Please select either "Approve Once" or "Approve Always" to provide consent to requested scopes to continue ok=Ok diff --git a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_de_DE.properties b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_de_DE.properties index fdae8aa9b3c..8ba7dca54ae 100644 --- a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_de_DE.properties +++ b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_de_DE.properties @@ -183,6 +183,7 @@ under.construction=Diese Seite befindet sich im Aufbau by.selecting.following.attributes=Durch die Auswahl der folgenden Attribute erklären Sie sich damit einverstanden, sie mit (...) zu teilen select.all=Alle auswählen requested.scopes=Genehmigung für (...) erhalten +requested.authorization.details=Holen Sie die Zustimmung dazu ein requested.attributes=einige Ihrer Details kennen please.select.approve.always=Bitte wählen Sie entweder "Einmal zulassen" oder "immer zulassen",um den angeforderten Bereiche zuzustimmen und fortzufahren ok=ok diff --git a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_es_ES.properties b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_es_ES.properties index 229ee36387c..25379d04864 100644 --- a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_es_ES.properties +++ b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_es_ES.properties @@ -183,6 +183,7 @@ under.construction=Esta página se encuentra en construcción by.selecting.following.attributes=Al seleccionar los siguientes atributos, acepta compartirlos select.all=Seleccionar todo requested.scopes=Obtener permiso para +requested.authorization.details=Obtener el consentimiento para requested.attributes=Conocer algunos de sus datos please.select.approve.always=Seleccione "aprobar una vez" o "aprobar siempre" para proporcionar consentimiento a los ámbitos solicitados para continuar ok=OK diff --git a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_fr_FR.properties b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_fr_FR.properties index 8455850ed3b..9c77ce61997 100644 --- a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_fr_FR.properties +++ b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_fr_FR.properties @@ -183,6 +183,7 @@ under.construction=Cette page est en cours de construction by.selecting.following.attributes=En sélectionnant les attributs suivants, vous acceptez de les partager avec select.all=Sélectionner tout requested.scopes=Obtenez la permission pour +requested.authorization.details=Obtenir le consentement pour requested.attributes= Connaître certaines de vos données personnelles please.select.approve.always=Veuillez sélectionner "Approuver une fois" ou "Approuver toujours" pour donner votre consentement pour transmettre les informations demandés ok=Ok diff --git a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_ja_JP.properties b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_ja_JP.properties index e9d0ff788a7..65f4e140057 100644 --- a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_ja_JP.properties +++ b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_ja_JP.properties @@ -183,6 +183,7 @@ under.construction=このページは現在作成中です by.selecting.following.attributes=以下の属性を選択することで、それらを共有することに同意したものとみなされます select.all=すべて選択 requested.scopes=以下への許可を取得: +requested.authorization.details=同意を得る requested.attributes=詳細を理解してください please.select.approve.always=スコープを継続する場合は、「一度だけ承認」または「常に承認」のいずれかを選択してください ok=了解 diff --git a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_pt_BR.properties b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_pt_BR.properties index 1f7e5c49d1f..c1356c1103e 100644 --- a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_pt_BR.properties +++ b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_pt_BR.properties @@ -180,6 +180,7 @@ under.construction=Esta página está em construção by.selecting.following.attributes=Ao selecionar os atributos abaixo, você concorda em compartilhá-los com select.all=Selecionar tudo requested.scopes=Obter permissão para +requested.authorization.details=Obtenha consentimento para requested.attributes=Conheça alguns dos seus detalhes please.select.approve.always=Selecione "aprovar uma vez" ou "aprovar sempre" para fornecer consentimento aos escopos solicitados para continuar ok=OK diff --git a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_pt_PT.properties b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_pt_PT.properties index d4d26211a5f..baae7479892 100644 --- a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_pt_PT.properties +++ b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_pt_PT.properties @@ -183,6 +183,7 @@ under.construction=Esta página está em construção by.selecting.following.attributes=Ao selecionar os seguintes atributos, você concorda em compartilhá-los select.all=Selecionar tudo requested.scopes=Obter permissão para +requested.authorization.details=Obtenha consentimento para requested.attributes=Conheça alguns dos seus detalhes please.select.approve.always=Selecione "aprovar uma vez" ou "aprovar sempre" para fornecer consentimento aos escopos solicitados para continuar ok=OK diff --git a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_zh_CN.properties b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_zh_CN.properties index 1076f9eee2f..46865bb6aca 100644 --- a/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_zh_CN.properties +++ b/identity-apps-core/apps/authentication-portal/src/main/resources/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources_zh_CN.properties @@ -183,6 +183,7 @@ under.construction=此页面正在建设中 by.selecting.following.attributes=通过选择以下属性,您同意与之共享 select.all=全选 requested.scopes=获得许可 +requested.authorization.details==获得同意 requested.attributes=了解您的一些细节 please.select.approve.always=请选择“一次批准”或“批准”以提供要求继续的范围的同意 ok=行 diff --git a/identity-apps-core/apps/authentication-portal/src/main/webapp/oauth2_authz.jsp b/identity-apps-core/apps/authentication-portal/src/main/webapp/oauth2_authz.jsp index a5a86614250..44a30d0fd90 100644 --- a/identity-apps-core/apps/authentication-portal/src/main/webapp/oauth2_authz.jsp +++ b/identity-apps-core/apps/authentication-portal/src/main/webapp/oauth2_authz.jsp @@ -1,6 +1,6 @@ <%-- ~ - ~ Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). All Rights Reserved. + ~ Copyright (c) 2023-2025, WSO2 LLC. (https://www.wso2.com). All Rights Reserved. ~ ~ This software is the property of WSO2 LLC. and its suppliers, if any. ~ Dissemination of any information or reproduction of any material contained @@ -10,6 +10,7 @@ --%> <%@ page import="org.apache.commons.collections.CollectionUtils" %> +<%@ page import="org.apache.commons.collections.MapUtils" %> <%@ page import="org.apache.commons.lang.StringUtils" %> <%@ page import="org.owasp.encoder.Encode" %> <%@ page import="org.wso2.carbon.identity.application.authentication.endpoint.util.Constants" %> @@ -25,6 +26,7 @@ <%@ page import="java.io.File" %> <%@ page import="java.util.Set" %> <%@ page import="org.json.JSONArray" %> +<%@ page import="org.json.JSONException" %> <%@ page import="org.json.JSONObject" %> <%@ taglib prefix="layout" uri="org.wso2.identity.apps.taglibs.layout.controller" %> @@ -62,6 +64,24 @@ } boolean displayScopes = Boolean.parseBoolean(getServletContext().getInitParameter("displayScopes")); + + final Map authorizationDetailsToBeDisplayed = new HashMap<>(); + try { + final String authorizationDetailsParam = request.getParameter("authorization_details"); + if (StringUtils.isNotBlank(authorizationDetailsParam)) { + final JSONArray authorizationDetails = new JSONArray(authorizationDetailsParam); + for (int index = 0; index < authorizationDetails.length(); index++) { + JSONObject authorizationDetail = authorizationDetails.getJSONObject(index); + + // Check if consent description is not empty, otherwise use type. + final String description = authorizationDetail.optString("_description", authorizationDetail.getString("type")); + final String authorizationDetailId = "authorization_detail_id_" + authorizationDetail.getString("_id"); + authorizationDetailsToBeDisplayed.put(authorizationDetailId, description); + } + } + } catch (JSONException e) { + // Ignore the error + } %> <%-- Data for the layout from the page --%> @@ -233,6 +253,45 @@ } %> + <% + if (MapUtils.isNotEmpty(authorizationDetailsToBeDisplayed)) { + %> +
+
+
+ +
+
+ <%= i18n(resourceBundle, customText, "requested.authorization.details") %> +
+
+
+
+
+ <% + for (Map.Entry authorizationDetailEntry : authorizationDetailsToBeDisplayed.entrySet()) { + %> +
+
+ + +
+
+ <% + } + %> +
+
+
+
+
+
+ <% + } + %> +
diff --git a/identity-apps-core/apps/authentication-portal/src/main/webapp/oauth2_consent.jsp b/identity-apps-core/apps/authentication-portal/src/main/webapp/oauth2_consent.jsp index 9fcaa1160f2..c0bcddffe4c 100644 --- a/identity-apps-core/apps/authentication-portal/src/main/webapp/oauth2_consent.jsp +++ b/identity-apps-core/apps/authentication-portal/src/main/webapp/oauth2_consent.jsp @@ -1,6 +1,6 @@ <%-- ~ - ~ Copyright (c) 2021, WSO2 LLC. (https://www.wso2.com). All Rights Reserved. + ~ Copyright (c) 2021-2025, WSO2 LLC. (https://www.wso2.com). All Rights Reserved. ~ ~ This software is the property of WSO2 LLC. and its suppliers, if any. ~ Dissemination of any information or reproduction of any material contained @@ -10,6 +10,7 @@ --%> <%@ page import="org.apache.commons.collections.CollectionUtils" %> +<%@ page import="org.apache.commons.collections.MapUtils" %> <%@ page import="org.apache.commons.lang.ArrayUtils" %> <%@ page import="org.apache.commons.lang.StringUtils" %> <%@ page import="org.owasp.encoder.Encode" %> @@ -29,6 +30,7 @@ <%@ page import="java.util.stream.Stream" %> <%@ page import="java.util.Set" %> <%@ page import="org.json.JSONArray" %> +<%@ page import="org.json.JSONException" %> <%@ page import="org.json.JSONObject" %> <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <%@ taglib prefix="layout" uri="org.wso2.identity.apps.taglibs.layout.controller" %> @@ -57,22 +59,22 @@ JSONArray scopeArray = new JSONArray (jsonObj.get("scopes").toString()); for (int scopeCount = 0; scopeCount < scopeArray.length(); scopeCount++) { JSONObject scope = (JSONObject) scopeArray.get(scopeCount); - + // Get the displayName. String displayName = (String) scope.get("displayName"); - + // Use optString to get description; it returns "" if the key is not found. String description = scope.optString("description", ""); // Check if description is not empty, otherwise use displayName. String scopeName = !StringUtils.isBlank(description) ? description : displayName; - + // Add the determined scopeName to the scopes list. scopes.add(scopeName); - + // Add the identifier to the scopesWithMetadata list scopesWithMetadata.add((String) scope.get("identifier")); - } + } scopeDetails.put(key,scopes); } } @@ -169,6 +171,24 @@ scopesSize = openIdScopes.size(); } int claimSize = requestedClaimList.length + mandatoryClaimList.length; + + final Map authorizationDetailsToBeDisplayed = new HashMap<>(); + try { + final String authorizationDetailsParam = request.getParameter("authorization_details"); + if (StringUtils.isNotBlank(authorizationDetailsParam)) { + org.json.JSONArray authorizationDetails = new JSONArray(authorizationDetailsParam); + for (int index = 0; index < authorizationDetails.length(); index++) { + JSONObject authorizationDetail = authorizationDetails.getJSONObject(index); + + // Check if consent description is not empty, otherwise use type. + final String description = authorizationDetail.optString("_description", authorizationDetail.getString("type")); + final String authorizationDetailId = "authorization_detail_id_" + authorizationDetail.getString("_id"); + authorizationDetailsToBeDisplayed.put(authorizationDetailId, description); + } + } + } catch (JSONException e) { + // Ignore the error + } %> @@ -204,7 +224,7 @@ <% } %> <% if (!(ArrayUtils.isNotEmpty(mandatoryClaimList) || ArrayUtils.isNotEmpty(requestedClaimList) || CollectionUtils.isNotEmpty(openIdScopes) - || CollectionUtils.isNotEmpty(scopesWithMetadata))){ + || CollectionUtils.isNotEmpty(scopesWithMetadata) || MapUtils.isNotEmpty(authorizationDetailsToBeDisplayed))) { %>
- +

<%=AuthenticationEndpointUtil.i18n(resourceBundle, "this.will.allow.application.to")%>:

@@ -392,6 +412,42 @@ } } %> + + <% + if (MapUtils.isNotEmpty(authorizationDetailsToBeDisplayed)) { + %> +
+ +
+
+ <%= i18n(resourceBundle, customText, "requested.authorization.details") %> +
+
+
+
+
+ <% + for (Map.Entry authorizationDetailEntry : authorizationDetailsToBeDisplayed.entrySet()) { + %> +
+
+ + +
+
+ <% + } + %> +
+
+
+
+ <% + } + %> +