class IPrivateContactInformations(model.Schema): model.fieldset( "private_contact_informations", label=_("Private contact informations"), fields=[ "private_phones", "private_mails", "private_urls", "private_note" ], ) private_phones = schema.List( title=_("Phones"), value_type=DictRow( title="Value", schema=IPhoneRowSchema, ), required=False, ) widget("private_phones", DataGridFieldFactory, allow_reorder=True) private_mails = schema.List( title=_("E-mails"), value_type=DictRow( title="Value", schema=IMailRowSchema, ), required=False, ) widget("private_mails", DataGridFieldFactory, allow_reorder=True) private_urls = schema.List( title=_("URLs"), value_type=DictRow( title="Value", schema=IUrlRowSchema, ), required=False, ) widget("private_urls", DataGridFieldFactory, allow_reorder=True) private_note = schema.Text(title=_("Internal note"), required=False) read_permission( private_phones="imio.directory.core.ViewContactPrivateInformations", private_mails="imio.directory.core.ViewContactPrivateInformations", private_urls="imio.directory.core.ViewContactPrivateInformations", private_note="imio.directory.core.ViewContactPrivateInformations", ) write_permission( private_phones="imio.directory.core.ModifyContactPrivateInformations", private_mails="imio.directory.core.ModifyContactPrivateInformations", private_urls="imio.directory.core.ModifyContactPrivateInformations", private_note="imio.directory.core.ModifyContactPrivateInformations", )
class ICreateDX(IAction): """Create a Dexterity Type""" location = schema.TextLine( title=_(u'Location'), description=_( u'Select the location where content items should be created'), required=True, ) content_type = schema.Choice( title=_(u'label_content_type', default=u'Content Type'), vocabulary='plone.app.vocabularies.PortalTypes', required=True, default='', missing_value='', ) directives.widget('content_type', SelectFieldWidget) mappings = schema.List( title=_(u'Form field to item field mappings'), description= _(u"""One mapping per line. Format: "formfieldid itemfieldid:fieldtype". Make sure you have at least the title mapping defined, because it will also be used to create the id of the item!""" ), default=[], required=True, value_type=schema.TextLine(), ) directives.widget('mappings', TextLinesFieldWidget)
class ISendForm(Interface): channels = schema.List( title=_(u"send_channels_title", default=u"Channels"), description=_( u"send_channels_description", default=u"Select which channels should receive this Comunicato. " u"All email address subscribed to this channel will receive it. ", ), required=False, missing_value=(), value_type=schema.Choice(source="rer.ufficiostampa.vocabularies.channels"), ) additional_addresses = schema.List( title=_(u"additional_addresses_title", default=u"Additional addresses"), description=_( u"additional_addresses_description", default=u"Insert a list of additional addressed that will receive " u"the mail. One per line. You can use this field also for testing " u"without sending emails to all subscribed addresses.", ), required=False, missing_value=(), value_type=schema.TextLine(), constraint=check_emails, ) notes = schema.Text( title=_(u"notes_title", default=u"Notes"), description=_( u"notes_description", default=u"Additional notes.", ), required=False, ) attachments = schema.List( title=_(u"send_attachments_title", default=u"Attachments"), description=_( u"send_attachments_description", default=u"Select which attachment you want to send via email. " u"You can only select first level Files and Images.", ), required=False, missing_value=(), value_type=schema.Choice(source="rer.ufficiostampa.vocabularies.attachments"), defaultFactory=default_attachments, )
class IContact(IPrivateContactInformations, IContactInformations, IAddress): """ """ directives.order_before(type="IBasic.title") directives.widget(type=RadioFieldWidget) type = schema.Choice( title=_("Type"), source="imio.directory.vocabulary.ContactTypes", required=True, ) directives.order_after(subtitle="IBasic.title") subtitle = schema.TextLine(title=_("Subtitle"), required=False) logo = NamedBlobImage(title=_("Logo"), description=_(""), required=False) model.fieldset("categorization", fields=["selected_entities", "facilities"]) directives.widget(selected_entities=SelectFieldWidget) selected_entities = schema.List( title=_("Selected entities"), description= _("Select entities where this contact will be displayed. Current entity will always be selected." ), value_type=schema.Choice( vocabulary="imio.directory.vocabulary.EntitiesUIDs"), default=[], required=False, ) facilities = schema.List( title=_("Facilities"), description= _("Important! These categories make it possible to highlight and geolocate certain basic services" ), value_type=schema.Choice( vocabulary="imio.directory.vocabulary.Facilities"), required=False, ) directives.widget(facilities=SelectFieldWidget) read_permission(selected_entities="imio.directory.core.AddEntity") write_permission(selected_entities="imio.directory.core.AddEntity")
class ISimpleNoteTable(model.Schema): """ """ widget(simple_group=DataGridFieldFactory) simple_group = schema.List( title=u"Table fields", value_type=DictRow(title=u"Note Table Fields", schema=ITableColumns), required=False, )
class IClassificationFolder(IClassificationCategory): """ """ form.widget(classification_folders=FolderAutocompleteMultiFieldWidget) classification_folders = schema.List( title=_(u"Classification folders"), description=_( u"List of folders / subfolders in which this content is filed"), value_type=schema.Choice(source=ClassificationFolderSourceBinder(), ), required=False, )
class IBasicstuff(model.Schema): """ Here we use the fields defined in ISomefields """ widget(simple_group=DataGridFieldFactory) simple_group = schema.List( title=u"Some simple fields", value_type=DictRow(title=u"My simple fields", schema=ISomefields), required=False, )
class IPartners(model.Schema): """ """ directives.widget(partners=SelectFieldWidget) partners = schema.List( title=u'Partners', description=u'Partner(s) contributing to this resource', required=False, value_type=schema.Choice(vocabulary='foecluster.partners', ), )
class IFocusArea(model.Schema): """ """ directives.widget(focusareas=SelectFieldWidget) focusareas = schema.List( title=u'Focus Areas', description=u'FOE Cluster Focus Areas', required=False, value_type=schema.Choice(vocabulary='foecluster.focusareas', ), )
class INationalities(model.Schema): """ """ directives.widget(nationalities=SelectFieldWidget) nationalities = schema.List( title=u'Nationalities', description=u'Nationalities held by this individual', required=False, value_type=schema.Choice( vocabulary='collective.vocabularies.iso.countries', ), )
class IContactInformations(model.Schema): model.fieldset( "contact_informations", label=_("Contact informations"), fields=["vat_number", "phones", "mails", "urls"], ) vat_number = schema.TextLine(title=_("VAT number"), required=False) phones = schema.List( title=_("Phones"), value_type=DictRow( title="Value", schema=IPhoneRowSchema, ), required=False, ) widget("phones", DataGridFieldFactory, allow_reorder=True) mails = schema.List( title=_("E-mails"), value_type=DictRow( title="Value", schema=IMailRowSchema, ), required=False, ) widget("mails", DataGridFieldFactory, allow_reorder=True) urls = schema.List( title=_("URLs"), value_type=DictRow( title="Value", schema=IUrlRowSchema, ), required=False, ) widget("urls", DataGridFieldFactory, allow_reorder=True)
class ITokenCodeBase(model.Schema): """OID Map: :user_id = user :client_id = client""" user_id = ps.TextLine(title=_('User ID'), required=True) client_id = ps.TextLine(title=_('Client ID'), required=True) scope = ps.List(title=_('List of scopes'), required=False, value_type=ps.TextLine()) expire_at = ps.Datetime(title=_('Token Expire Date'), required=True) @invariant def validate_existance(self, data): """Validate if User and Application Is exists""" return Invalid('')
class ISustainableDevelopmentGoals(model.Schema): """ """ sdgs = schema.List( title=_(u"SDG"), value_type=schema.Choice( vocabulary=u"collective.behavior.sdg.SDGsVocabulary", required=True, ), required=False, ) form.widget('sdgs', linked_checkbox_field_widget, links_record='collective.behavior.sdg.sdgs')
class ITaxResidencies(model.Schema): """ """ directives.widget(taxResidencies=SelectFieldWidget) taxResidencies = schema.List( title=u'Tax Residencies', description=u''' Countries representing the tax residencies held by this individual. ''', required=False, value_type=schema.Choice( vocabulary='collective.vocabularies.iso.countries', ), )
class ICancelSubscriptionsForm(Interface): """ """ channels = schema.List( title=_( u"manage_subscriptions_channels_title", default=u"Deselect the channels that you do not want to be " u"subscribed anymore.", ), description=u"", required=False, defaultFactory=getSubscriptions, missing_value=(), value_type=schema.Choice(source=subscriptionsVocabulary), ) uid = schema.Int(readonly=True, defaultFactory=getUid)
class IVoteEncoding(IEnhancedUserDataSchema): mail = schema.Email(title=_(u"Email"), required=False) form.widget(vote=RadioFieldWidget) vote = schema.Choice(title=_(u"Vote"), required=True, vocabulary=u"ideabox.vocabularies.vote") form.widget(project=MultiSelect2FieldWidget) project = schema.List( title=_(u"Project(s)"), value_type=schema.Choice( title=_(u"Project"), vocabulary=u"ideabox.vocabularies.projects", ), required=True, )
class IDatagridPersons(model.Schema): """ Here we use the fields defined in IPerson for field 'table' """ group = schema.TextLine( title=_(u'Group name'), description=_(u'Group name for persons'), required=False, ) widget(table=DataGridFieldFactory) table = schema.List( title=u"Persons", value_type=DictRow(title=u"personrow", schema=IPerson), required=False, )
class IDocumentType(model.Schema): """ """ directives.widget(DocumentType=SelectFieldWidget) DocumentType = schema.List( title=_(u'Document Type'), description=_(u''' OCDS classification of the document '''), default=[], value_type=schema.Choice( vocabulary='ocds.DocumentType' ), required=False, )
class IOptional(model.Schema): """ """ localLang = schema.TextLine( title=_(u'Local Language'), description= _(u'Format example: D20,Language Name,1,1,1/A01,Language Name,0,1,3/..., 0,0,0 or 0,1,3 mapping to primary-intermediate-advanced' ), required=False, ) classTime = schema.List(title=_(u'Class Time'), value_type=schema.Choice( title=_(u"Class Time"), vocabulary='apc.content.ClassTime', required=False, ), required=False)
class ISendinblueSettings(Interface): """ Global sendinblue settings. This describes records stored in the configuration registry and obtainable via plone.registry. """ api_keys = schema.List( title=_("Sendinblue API Key(s)"), description=_( "help_api_keys", default="Enter in your Sendinblue key here. If you have several" + " Sendinblue accounts, you can enter one key per line." + " Log into https://account.sendinblue.com/advanced/api" + " and copy the API Key to this field.", ), value_type=schema.TextLine(title=_("API Key")), default=[], required=True, )
class ICallToActionBehavior(model.Schema): """Call to Action behavior with one list of cta.""" color = schema.TextLine( title=_(u'Background Color of Call to Action'), description=_(u'Hexcode or name: #00aa22, magenta, yellow, ...'), default=u"#D9017A", required=False, ) widget('ctas', DataGridFieldFactory, allow_reorder=True) ctas = schema.List(title=_(u'List of Call to Action'), required=False, value_type=DictRow(title=u"calltoaction", schema=ICalltoactionSchema), missing_value=[], readonly=False) model.fieldset('options', fields=['color', 'ctas'])
class IKursnotiz(model.Schema): """ """ model.fieldset( 'notizen', label=u"Notizen zum Inhalt", fields=['headline', 'teasertext', 'notizen'] ) headline = schema.TextLine(title=u"Überschrift über den Block Notizen", description=u"Du kannst hier eine Überschrift über die Notizen setzen. Keine Eingabe führt zu keiner Überschrift", default=u"Notizen zum Inhalt", required=False,) teasertext = schema.Text(title=u"Einleitungstext vor allen Notizen", required = False) form.widget('notizen', DataGridFieldFactory) notizen = schema.List(title=u'Fragen, Thesen oder Aufgaben für Notizen', description=u'Gib hier Fragen, Thesen oder Aufgaben zu denen sich der Lernende Notizen machen soll.', value_type = DictRow(title=u'Optionen', schema=INotizData))
class IPiece(IEvent): title = schema.TextLine( title=u"Titre", required=False, ) auteur = schema.TextLine( title=u"Auteur", required=False, ) description = schema.TextLine( title=u"Description", required=False, ) text = RichText( title=u"Synopsis", required=False, ) directeurs = RelationList( title=u"Metteur(s) en scène", value_type=RelationChoice( title=u"Directeur", source=RootCatalogSource(portal_type='troupedu8.Directeur', path={'query': 'metteurs-en-scene'}), ), required=True, ) acteurs = RelationList( title=u"Acteur(s)", value_type=RelationChoice( title=u"Acteur", source=RootCatalogSource(portal_type='troupedu8.Acteur', path={'query': 'acteurs'}), ), required=False, ) lieu = RelationChoice( title=u"Lieu", source=RootCatalogSource(portal_type='troupedu8.Lieu', path={'query': 'lieux'}), required=True, ) image = NamedBlobImage( title=u"Photo de la pièce", required=False, ) abonnement = schema.Bool( title=u"Spectacle dans l'abonnement", required=False, ) dates = schema.List( title=u"Dates des représentations", value_type=schema.Datetime(), required=True, ) facebook_url = schema.URI( title=u"Facebook", description=u"URL de l'évènement", required=False, )
class INewsletter(model.Schema): """ Marker interface and Dexterity Python Schema for Newsletter """ # model.fieldset( # 'default', # label=u'Default', # fields=[ # 'sender_email', # 'sender_name', # 'test_email', # 'content_aggregation_sources', # 'output_template', # ], # ) model.fieldset( "personalization", label=_(u"Personalization"), fields=[ "salutations", "fullname_fallback", "unsubscribe_string", "subscriber_confirmation_mail_subject", "subscriber_confirmation_mail_text", "default_prologue", "default_epilogue", "banner", "logo", ], ) model.fieldset("recipients", label=_(u"Recipients"), fields=["exclude_all_subscribers"]) sender_email = schema.TextLine( title=_(u"ENL_label_senderEmail", default=u"Sender email"), description=_( u"ENL_help_senderEmail", default=u"Default for the sender address of the newsletters.", ), required=True, ) sender_name = schema.TextLine( title=_(u"ENL_label_senderName", default=u"Sender name"), description=_( u"ENL_help_senderName", default=u"Default for the sender name of the newsletters.", ), required=True, ) test_email = schema.TextLine( title=_(u"ENL_label_testEmail", default=u"Test email"), description=_(u"ENL_help_testEmail", default=u"Default for the test email address."), required=True, ) directives.widget( "content_aggregation_sources", pattern_options={ "basePath": get_content_aggregation_sources_base_path, "selectableTypes": ["Collection"], }, ) content_aggregation_sources = relationfield.schema.RelationList( title=_( u"ENL_content_aggregation_sources_label", default=u"Content aggregation sources", ), description=_( u"ENL_content_aggregation_sources_desc", default=u"Choose sources to aggregate newsletter content from.", ), value_type=relationfield.schema.RelationChoice( title=u"content_aggretation_source", vocabulary="plone.app.vocabularies.Catalog", ), required=False, ) salutations = schema.List( title=_(u"ENL_label_salutations", default=u"Subscriber Salutations."), description=_( u"ENL_help_salutations", default=u'Define here possible salutations for subscriber. \ One salutation per line in the form of: "mr|Dear Mr.". \ The left hand value "mr" or "ms" is mapped to salutation \ of each subscriber and then the right hand value, which \ you can customize is used as salutation.', ), default=[u"mr|Dear Mr.", u"ms|Dear Ms.", u"default|Dear"], value_type=schema.TextLine(title=u"salutation"), required=True, ) fullname_fallback = schema.TextLine( title=_( u"ENL_label_fullname_fallback", default=u"Fallback for subscribers without a name.", ), description=_( u"ENL_help_fullname_fallback", default=u"This will be used if the subscriber has no fullname.", ), default=u"Sir or Madam", required=True, ) unsubscribe_string = schema.TextLine( title=_(u"ENL_label_unsubscribe_string", default=u"Text for the 'unsubscribe' link"), description=_( u"ENL_help_unsubscribe_string", default=u"This will replace the placeholder {{UNSUBSCRIBE}}.", ), default=u"Click here to unsubscribe", required=True, ) # Make sure you import: plone.namedfile banner = namedfile.NamedBlobImage( title=_(u"ENL_image_label", default=u"Banner image"), description=_( u"ENL_image_desc", default=u"Banner image, you can include in the templates by" + u"\n adding the {{banner}} placeholder into it." + u" By default it should be 600x200 pixel.", ), required=False, ) # Make sure you import: plone.namedfile logo = namedfile.NamedBlobImage( title=_(u"ENL_logo_label", default=u"Logo image"), description=_( u"ENL_logo_desc", default=u"Logo image, you can include in the templates by\n" + u" adding the {{logo}} placeholder into it.", ), required=False, ) # Make sure to import: plone.app.textfield default_prologue = textfield.RichText( title=_(u"ENL_label_default_header", default=u"Prologue"), description=_( u"ENL_description_text_header", default=u"The default prologue text. This is used as a default \ for new issues. You can use placeholders like\ {{SUBSCRIBER_SALUTATION}} and {{UNSUBSCRIBE}} here.", ), default=_(u"{{SUBSCRIBER_SALUTATION}}<br />"), required=False, ) # Make sure to import: plone.app.textfield default_epilogue = textfield.RichText( title=_(u"ENL_label_default_footer", default=u"Epilogue"), description=_( u"ENL_description_text_footer", default=u"The default epilogue text. This is used as a default \ for new issues. You can use placeholders like\ {{SUBSCRIBER_SALUTATION}} and {{UNSUBSCRIBE}} here.", ), default=_(u"<h1>Community Newsletter for Plone</h1>\n{{UNSUBSCRIBE}}"), required=False, ) # Make sure you import: # plone.app.z3cform.widget.SingleCheckBoxBoolFieldWidget directives.widget(exclude_all_subscribers=SingleCheckBoxBoolFieldWidget) exclude_all_subscribers = schema.Bool( title=_(u"ENL_label_excludeAllSubscribers", default=u"Exclude all subscribers"), description=_( u"ENL_help_excludeAllSubscribers", default=u"If checked, the newsletter/mailing will not be send \ to all subscribers inside the newsletter. Changing this \ setting does not affect already existing issues.", ), required=False, default=False, ) output_template = schema.Choice( title=_(u"enl_label_output_template", default="Output template"), description=_( u"enl_help_output_template", default=u"Choose the template to render the email. ", ), vocabulary=u"Products.EasyNewsletter.OutputTemplates", defaultFactory=get_default_output_template, required=True, ) subscriber_confirmation_mail_subject = schema.TextLine( title=_( u"ENL_label_subscriber_confirmation_mail_subject", default=u"Subscriber confirmation mail subject", ), description=_( u"ENL_description_subscriber_confirmation_mail_subject", default=u"Text used for confirmation email subject. You can \ customize the text, but it should include the \ placeholder: ${portal_url}!", ), default=config.DEFAULT_SUBSCRIBER_CONFIRMATION_MAIL_SUBJECT, required=True, ) subscriber_confirmation_mail_text = schema.Text( title=_( u"ENL_label_subscriber_confirmation_mail_text", default=u"Subscriber confirmation mail text", ), description=_( u"ENL_description_subscriber_confirmation_mail_text", default=u"Text used for confirmation email. You can customize \ the text, but it should include the placeholders: \ ${portal_url}, ${subscriber_email} and \ ${confirmation_url}!", ), default=config.DEFAULT_SUBSCRIBER_CONFIRMATION_MAIL_TEXT, required=True, ) directives.order_after(content_aggregation_sources="IBasic.title") directives.order_after(test_email="IBasic.title") directives.order_after(sender_name="IBasic.title") directives.order_after(sender_email="IBasic.title") directives.order_after(output_template="IRichText.text")
class IOAuth2Client(model.Schema): """Meta Info: http://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata""" client_name = ps.TextLine( title=_('Client Name'), description=_( 'Name of the Client to be presented to the End-User. ' 'If desired, representation of this Claim in different ' 'languages and scripts is represented as described in Section 2.1.' ), required=True) redirect_uris = ps.List( title=_('Redirect URIs'), description=_( 'Array of Redirection URI values used by the Client. ' 'One of these registered Redirection URI values MUST ' 'exactly match the redirect_uri parameter value used in each ' 'Authorization Request, with the matching performed as described in ' 'Section 6.2.1 of [RFC3986] (Simple String Comparison).'), value_type=ps.URI(), required=True) response_types = ps.List( title=_('Response Type'), description= _('JSON array containing a list of the OAuth 2.0 response_type values ' 'that the Client is declaring that it will restrict itself to using. ' 'If omitted, the default is that the Client will use only the code Response Type.' ), value_type=ps.Choice(vocabulary='oauth2_client_response_type_options')) grant_types = ps.List( title=_('Grant Types'), description=_( 'JSON array containing a list of the OAuth 2.0 Grant Types that the ' 'Client is declaring that it will restrict itself to using. '), value_type=ps.Choice(vocabulary='oauth2_client_grant_type_options'), required=False) application_type = ps.Choice( title=_('Application Type'), description= _('Kind of the application. The default, if omitted, is web. ' 'The defined values are native or web. Web Clients using the OAuth Implicit ' 'Grant Type MUST only register URLs using the https scheme as redirect_uris; ' 'they MUST NOT use localhost as the hostname. Native Clients MUST only register ' 'redirect_uris using custom URI schemes or URLs using the http: scheme with ' 'localhost as the hostname. Authorization Servers MAY place additional constraints ' 'on Native Clients. Authorization Servers MAY reject Redirection URI values using ' 'the http scheme, other than the localhost case for Native Clients. ' 'The Authorization Server MUST verify that all the registered redirect_uris ' 'conform to these constraints. This prevents sharing a Client ID across different ' 'types of Clients'), vocabulary='oauth2_app_type_options', default='web') contacts = ps.List( title=_('Contact E-mails'), description=_( 'Array of e-mail addresses of people responsible for this Client. ' 'This might be used by some providers to enable a Web user ' 'interface to modify the Client information.'), value_type=ps.TextLine(), required=False) logo_uri = ps.URI( title=_('Logo URI'), description=_( 'URL that references a logo for the Client application. ' 'If present, the server SHOULD display this image to the ' 'End-User during approval. The value of this field MUST point ' 'to a valid image file. If desired, representation of this ' 'Claim in different languages and scripts is represented as ' 'described in Section 2.1.'), required=False) client_uri = ps.URI( title=_('Client URI'), description= _('URL of the home page of the Client. The value of this field MUST point to a ' 'valid Web page. If present, the server SHOULD display this URL to ' 'the End-User in a followable fashion. If desired, representation of this ' 'Claim in different languages and scripts is represented as described in Section 2.1.' ), required=False) policy_uri = ps.URI( title=_('Policy URI'), description= _('URL that the Relying Party Client provides to the End-User to ' 'read about the how the profile data will be used. ' 'The value of this field MUST point to a valid web page. ' 'The OpenID Provider SHOULD display this URL to the End-User if it is given. ' 'If desired, representation of this Claim in different languages and scripts ' 'is represented as described in Section 2.1.'), required=False) tos_uri = ps.URI( title=_('Terms of service URI'), description= _('URL that the Relying Party Client provides to the End-User to read about ' 'the Relying Party\'s terms of service. The value of this field MUST point ' 'to a valid web page. The OpenID Provider SHOULD display this URL to ' 'the End-User if it is given. If desired, representation of this Claim ' 'in different languages and scripts is represented as described in Section 2.1.' ), required=False) jwks_uri = ps.URI( title=_('JWKS URI'), description= _('URL for the Client\'s JSON Web Key Set [JWK] document. If the Client signs requests ' 'to the Server, it contains the signing key(s) the Server uses to validate signatures ' 'from the Client. The JWK Set MAY also contain the Client\'s encryption keys(s), ' 'which are used by the Server to encrypt responses to the Client. When both signing ' 'and encryption keys are made available, a use (Key Use) parameter value is ' 'REQUIRED for all keys in the referenced JWK Set to indicate each key\'s intended usage. ' 'Although some algorithms allow the same key to be used for both signatures and ' 'encryption, doing so is NOT RECOMMENDED, as it is less secure. ' 'The JWK x5c parameter MAY be used to provide X.509 representations of keys provided. ' 'When used, the bare key values MUST still be present and MUST match those in ' 'the certificate.'), required=False) # jwks: https://tools.ietf.org/html/draft-ietf-jose-json-web-key-41#section-3 jwks = ps.Dict( title=_('JSON Web Key Set'), description= _('JSON Object. JSON Web Key Set [JWK] document, passed by value. ' 'The semantics of the jwks parameter are the same as the jwks_uri parameter, ' 'other than that the JWK Set is passed by value, rather than by reference. ' 'This parameter is intended only to be used by Clients that, for some reason, ' 'are unable to use the jwks_uri parameter, for instance, by native applications ' 'that might not have a location to host the contents of the JWK Set. ' 'If a Client can use jwks_uri, it MUST NOT use jwks. One significant downside of ' 'jwks is that it does not enable key rotation (which jwks_uri does, as described ' 'in Section 10 of OpenID Connect Core 1.0 [OpenID.Core]). ' 'The jwks_uri and jwks parameters MUST NOT be used together.'), required=False) sector_identifier_uri = ps.URI( title=_('Sector Identifier URI'), description= _('URL using the https scheme to be used in calculating Pseudonymous Identifiers ' 'by the OP. The URL references a file with a single JSON array of redirect_uri values. ' 'Please see Section 5. Providers that use pairwise sub (subject) values SHOULD ' 'utilize the sector_identifier_uri value provided in the Subject Identifier calculation ' 'for pairwise identifiers.')) subject_type = ps.Choice( title=_('Subject Type'), description= _('subject_type requested for responses to this Client. ' 'The subject_types_supported Discovery parameter contains a list of ' 'the supported subject_type values for this server. Valid types include ' 'pairwise and public.'), values=('pairwise', 'public'), required=False) id_token_signed_response_alg = ps.Choice( title=_('ID Token Response algorithms'), description= _('JWS alg algorithm [JWA] REQUIRED for signing the ID Token issued to this Client.' 'The value none MUST NOT be used as the ID Token alg value unless the ' 'Client uses only Response Types that return no ID Token from the ' 'Authorization Endpoint (such as when only using the Authorization Code Flow). ' 'The default, if omitted, is RS256. The public key for validating the ' 'signature is provided by retrieving the JWK Set referenced by the ' 'jwks_uri element from OpenID Connect Discovery 1.0 [OpenID.Discovery].' ), vocabulary='oauth2_client_jwt_algs_options', required=False) id_token_encrypted_response_alg = ps.Choice( title=_('ID Token encrypted response algorithm'), description= _('JWE alg algorithm [JWA] REQUIRED for encrypting the ID Token issued to this Client. ' 'If this is requested, the response will be signed then encrypted, with the result ' 'being a Nested JWT, as defined in [JWT]. The default, if omitted, is that no ' 'encryption is performed.'), vocabulary='oauth2_client_jwt_algs_options', required=False) id_token_encrypted_response_enc = ps.Choice( title=_('ID Token encrypted response enc'), description= _('JWE enc algorithm [JWA] REQUIRED for encrypting the ID Token issued to this Client. ' 'If id_token_encrypted_response_alg is specified, the default for this value is ' 'A128CBC-HS256. When id_token_encrypted_response_enc is included, ' 'id_token_encrypted_response_alg MUST also be provided.'), vocabulary='oauth2_client_jwt_enc_options', required=False) userinfo_signed_response_alg = ps.Choice( title=_('userinfo_signed_response_alg'), description= _('JWS alg algorithm [JWA] REQUIRED for signing UserInfo Responses. ' 'If this is specified, the response will be JWT [JWT] serialized, and signed using JWS. ' 'The default, if omitted, is for the UserInfo Response to return the Claims as a ' 'UTF-8 encoded JSON object using the application/json content-type.' ), vocabulary='oauth2_client_jwt_algs_options', required=False) userinfo_encrypted_response_alg = ps.Choice( title=_('userinfo encrypted response algorithm'), description= _('JWE [JWE] alg algorithm [JWA] REQUIRED for encrypting UserInfo ' 'Responses. If both signing and encryption are requested, the response will ' 'be signed then encrypted, with the result being a Nested JWT, as defined in ' '[JWT]. The default, if omitted, is that no encryption is performed.' ), vocabulary='oauth2_client_jwt_algs_options', required=False) request_object_signing_alg = ps.Choice( title=_('request_object_signing_alg'), description= _('JWS [JWS] alg algorithm [JWA] that MUST be used for signing Request Objects sent ' 'to the OP. All Request Objects from this Client MUST be rejected, ' 'if not signed with this algorithm. Request Objects are described in Section 6.1 of ' 'OpenID Connect Core 1.0 [OpenID.Core]. This algorithm MUST be used both when the ' 'Request Object is passed by value (using the request parameter) and when ' 'it is passed by reference (using the request_uri parameter). ' 'Servers SHOULD support RS256. The value none MAY be used. The default, if omitted, ' 'is that any algorithm supported by the OP and the RP MAY be used.'), vocabulary='oauth2_client_jwt_algs_options', required=False) request_object_encryption_alg = ps.Choice( title=_('request_object_encryption_alg'), description= _('JWE [JWE] alg algorithm [JWA] the RP is declaring that it may use for ' 'encrypting Request Objects sent to the OP. This parameter SHOULD be included when ' 'symmetric encryption will be used, since this signals to the OP that a client_secret ' 'value needs to be returned from which the symmetric key will be derived, ' 'that might not otherwise be returned. The RP MAY still use other supported encryption ' 'algorithms or send unencrypted Request Objects, even when this parameter is present. ' 'If both signing and encryption are requested, the Request Object will be signed then ' 'encrypted, with the result being a Nested JWT, as defined in [JWT]. ' 'The default, if omitted, is that the RP is not declaring whether it might encrypt any ' 'Request Objects.'), vocabulary='oauth2_client_req_obj_algs_options', required=False) request_object_encryption_enc = ps.Choice( title=_('request_object_encryption_enc'), description= _('WE enc algorithm [JWA] the RP is declaring that it may use for encrypting ' 'Request Objects sent to the OP. If request_object_encryption_alg is specified, ' 'the default for this value is A128CBC-HS256. When request_object_encryption_enc ' 'is included, request_object_encryption_alg MUST also be provided.'), vocabulary='oauth2_client_jwt_enc_options', required=False) token_endpoint_auth_method = ps.Choice( title=_('token_endpoint_auth_method'), description= _('Requested Client Authentication method for the Token Endpoint. ' 'The options are client_secret_post, client_secret_basic, client_secret_jwt, ' 'private_key_jwt, and none, as described in Section 9 of ' 'OpenID Connect Core 1.0 [OpenID.Core]. Other authentication methods MAY be ' 'defined by extensions. If omitted, the default is client_secret_basic -- ' 'the HTTP Basic Authentication Scheme specified in Section 2.3.1 of ' 'OAuth 2.0 [RFC6749].'), vocabulary='oauth2_client_token_endpoint_auth_method_options', required=False) token_endpoint_auth_signing_alg = ps.Choice( title=_('token_endpoint_auth_signing_alg'), description= _('JWS [JWS] alg algorithm [JWA] that MUST be used for signing the JWT [JWT] ' 'used to authenticate the Client at the Token Endpoint for the private_key_jwt ' 'and client_secret_jwt authentication methods. All Token Requests using these ' 'authentication methods from this Client MUST be rejected, if the JWT is not ' 'signed with this algorithm. Servers SHOULD support RS256. ' 'The value none MUST NOT be used. The default, if omitted, is that any ' 'algorithm supported by the OP and the RP MAY be used.'), vocabulary='oauth2_client_jwt_algs_options', required=False) default_max_age = ps.Decimal( title=_('Default Maximum Age'), description= _('Default Maximum Authentication Age. Specifies that the End-User MUST be ' 'actively authenticated if the End-User was authenticated longer ago than ' 'the specified number of seconds. The max_age request parameter overrides this ' 'default value. If omitted, no default Maximum Authentication Age is specified.' ), required=False) require_auth_time = ps.Bool( title=_('Is require auth time'), description= _('Boolean value specifying whether the auth_time Claim in the ID Token is REQUIRED. ' 'It is REQUIRED when the value is true. (If this is false, the auth_time Claim ' 'can still be dynamically requested as an individual Claim for the ID Token using ' 'the claims request parameter described in Section 5.5.1 of OpenID Connect Core 1.0 ' '[OpenID.Core].) If omitted, the default value is false.'), required=False) default_acr_values = ps.TextLine( title=_('default_acr_values'), description= _('Default requested Authentication Context Class Reference values. ' 'Array of strings that specifies the default acr values that the OP ' 'is being requested to use for processing requests from this Client, ' 'with the values appearing in order of preference. The Authentication Context ' 'Class satisfied by the authentication performed is returned as the acr ' 'Claim Value in the issued ID Token. The acr Claim is requested as a Voluntary ' 'Claim by this parameter. The acr_values_supported discovery element contains a ' 'list of the supported acr values supported by this server. Values specified in ' 'the acr_values request parameter or an individual acr Claim request override ' 'these default values.'), required=False) initiate_login_uri = ps.URI( title=_('initiate_login_uri'), description= _('URI using the https scheme that a third party can use to initiate a login by the RP, ' 'as specified in Section 4 of OpenID Connect Core 1.0 [OpenID.Core]. ' 'The URI MUST accept requests via both GET and POST. The Client MUST understand ' 'the login_hint and iss parameters and SHOULD support the target_link_uri parameter.' ), required=False) request_uris = ps.List( title=_('request_uris'), description= _('Array of request_uri values that are pre-registered by the RP for use at the OP. ' 'Servers MAY cache the contents of the files referenced by these URIs and not ' 'retrieve them at the time they are used in a request. OPs can require that ' 'request_uri values used be pre-registered with the require_request_uri_registration ' 'discovery parameter. If the contents of the request file could ever change, these URI ' 'values SHOULD include the base64url encoded SHA-256 hash value of the file contents ' 'referenced by the URI as the value of the URI fragment. If the fragment value used for ' 'a URI changes, that signals the server that its cached value for that URI with the old ' 'fragment value is no longer valid.'), value_type=ps.URI(), required=False) # http://openid.net/specs/openid-connect-session-1_0.html#OPMetadata post_logout_redirect_uri = ps.List( title=_('post_logout_redirect_uri'), description= _('Array of URLs supplied by the RP to which it MAY request that the End-User\'s ' 'User Agent be redirected using the post_logout_redirect_uri parameter after a ' 'logout has been performed.'), value_type=ps.URI(), required=False) # https://www.rfc-editor.org/rfc/rfc7591.txt scope = ps.TextLine( title=_('Scope'), description=_( 'String containing a space-separated list of scope values (as' 'described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client' 'can use when requesting access tokens. The semantics of values in' 'this list are service specific. If omitted, an authorization' 'server MAY register a client with a default set of scopes.'), required=False) software_id = ps.TextLine( title=_('Software ID'), description=_( 'A unique identifier string (e.g., a Universally Unique Identifier' '(UUID)) assigned by the client developer or software publisher' 'used by registration endpoints to identify the client software to' 'be dynamically registered.'), required=False) client_id = ps.TextLine( title=_('Client ID'), description=_( 'OAuth 2.0 client identifier string. It SHOULD NOT be' 'currently valid for any other registered client, though an' 'authorization server MAY issue the same client identifier to' 'multiple instances of a registered client at its discretion.'), required=True) client_secret = ps.TextLine( title=_('Client Secret'), description=_( 'OAuth 2.0 client secret string. If issued, this MUST' 'be unique for each "client_id" and SHOULD be unique for multiple' 'instances of a client using the same "client_id". This value is' 'used by confidential clients to authenticate to the token' 'endpoint, as described in OAuth 2.0 [RFC6749], Section 2.3.1.'), required=False) client_type = ps.Choice( title=_('Client Type'), description=_('Type clients, i.e public or secret'), vocabulary='oauth2_client_type_options', required=False) client_id_issued_at = ps.Datetime( title=_('Client ID Issued at'), description=_( 'Time at which the client identifier was issued. The' 'time is represented as the number of seconds from' '1970-01-01T00:00:00Z as measured in UTC until the date/time of' 'issuance.')) client_secret_expires_at = ps.Datetime( title=_('Client Secret Expire at'), description=_( 'REQUIRED if "client_secret" is issued. Time at which the client' 'secret will expire or 0 if it will not expire. The time is' 'represented as the number of seconds from 1970-01-01T00:00:00Z as' 'measured in UTC until the date/time of expiration.'), required=False) domain = ps.TextLine(title=_('FQ Domain Name'), description=_(''), required=False)