re-implemented first part: authorization

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>

de.srsoftware.oidc.web/src/main/resources/de/clients.html

@@ -2,9 +2,9 @@
     <head>
         <meta charset="utf-8">
         <title>Light OIDC</title>
-        <script src="common.js"></script>
-        <script src="user.js"></script>
-        <script src="clients.js"></script>
+        <script src="scripts/common.js"></script>
+        <script src="scripts/user.js"></script>
+        <script src="scripts/clients.js"></script>
         <link rel="stylesheet" href="style.css" />
     </head>
     <body>

de.srsoftware.oidc.web/src/main/resources/de/navigation.html

@@ -1,5 +1,6 @@
 <a href="index.html">Übersicht</a>
 <a href="clients.html" class="MANAGE_CLIENTS">Clients</a>
 <a href="users.html" class="MANAGE_USERS">Benutzer</a>
+<a href="https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth" target="_blank">Spec</a>
 <a href="settings.html">Einstellungen</a>
 <a href="logout.html">Ausloggen</a>

de.srsoftware.oidc.web/src/main/resources/en/authorization.html

@@ -2,9 +2,9 @@
 <head>
     <meta charset="utf-8">
     <title>Light OIDC</title>
-    <script src="common.js"></script>
-    <script src="user.js"></script>
-    <script src="authorization.js"></script>
+    <script src="scripts/common.js"></script>
+    <script src="scripts/user.js"></script>
+    <script src="scripts/authorization.js"></script>
     <link rel="stylesheet" href="style.css" />
 </head>
 <body>

de.srsoftware.oidc.web/src/main/resources/en/clients.html

@@ -2,9 +2,9 @@
     <head>
         <meta charset="utf-8">
         <title>Light OIDC</title>
-        <script src="common.js"></script>
-        <script src="user.js"></script>
-        <script src="clients.js"></script>
+        <script src="scripts/common.js"></script>
+        <script src="scripts/user.js"></script>
+        <script src="scripts/clients.js"></script>
         <link rel="stylesheet" href="style.css" />
     </head>
     <body>

de.srsoftware.oidc.web/src/main/resources/en/edit_client.html

@@ -2,9 +2,9 @@
 <head>
     <meta charset="utf-8">
     <title>Light OIDC</title>
-    <script src="common.js"></script>
-    <script src="user.js"></script>
-    <script src="edit_client.js"></script>
+    <script src="scripts/common.js"></script>
+    <script src="scripts/user.js"></script>
+    <script src="scripts/edit_client.js"></script>
     <link rel="stylesheet" href="style.css" />
 </head>
 <body>

de.srsoftware.oidc.web/src/main/resources/en/index.html

@@ -2,8 +2,8 @@
     <head>
         <meta charset="utf-8">
         <title>Light OIDC</title>
-        <script src="common.js"></script>
-        <script src="user.js"></script>
+        <script src="scripts/common.js"></script>
+        <script src="scripts/user.js"></script>
         <link rel="stylesheet" href="style.css" />
     </head>
     <body>

de.srsoftware.oidc.web/src/main/resources/en/login.html

@@ -2,8 +2,8 @@
     <head>
         <meta charset="utf-8">
         <title>Light OIDC</title>
-        <script src="common.js"></script>
-        <script src="login.js"></script>
+        <script src="scripts/common.js"></script>
+        <script src="scripts/login.js"></script>
         <link rel="stylesheet" href="style.css" />
     </head>
     <body>

de.srsoftware.oidc.web/src/main/resources/en/logout.html

@@ -2,8 +2,8 @@
     <head>
         <meta charset="utf-8">
         <title>Light OIDC</title>
-        <script src="common.js"></script>
-        <script src="logout.js"></script>
+        <script src="scripts/common.js"></script>
+        <script src="scripts/logout.js"></script>
         <link rel="stylesheet" href="style.css" />
     </head>
     <body>

de.srsoftware.oidc.web/src/main/resources/en/navigation.html

@@ -1,5 +1,6 @@
 <a href="index.html">Dashboard</a>
 <a href="clients.html" class="MANAGE_CLIENTS">Clients</a>
 <a href="users.html" class="MANAGE_USERS">Users</a>
+<a href="https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth" target="_blank">Spec</a>
 <a href="settings.html">Settings</a>
 <a href="logout.html">Logout</a>

de.srsoftware.oidc.web/src/main/resources/en/new_client.html

@@ -2,9 +2,9 @@
 <head>
     <meta charset="utf-8">
     <title>Light OIDC</title>
-    <script src="common.js"></script>
-    <script src="user.js"></script>
-    <script src="new_client.js"></script>
+    <script src="scripts/common.js"></script>
+    <script src="scripts/user.js"></script>
+    <script src="scripts/new_client.js"></script>
     <link rel="stylesheet" href="style.css" />
 </head>
 <body>

de.srsoftware.oidc.web/src/main/resources/en/scripts/authorization.js

@@ -39,14 +39,19 @@ async function handleResponse(response){
         }
         show('missing_scopes');
     } else {
-        console.log(response);
+        console.log("handleResponse(…) ← ",response);
         if (response.status == 401){
             login();
             return;
         }
-        var text = await response.text();
-        setText('error',"Error: <br/>"+text);
+        var json = await response.json();
+        setText('error',"Error: <br/>"+json.error_description);
         show('error');
+        if (json.error != "invalid_request_uri"){
+            var url = params.get('redirect_uri') + '?' + new URLSearchParams(json).toString();
+            console.log('redirecting to '+url);
+            redirect(url);
+        }
     }
 }
 
@@ -56,7 +61,7 @@ function grantAutorization(days){
 }
 
 function denyAutorization(){
-    redirect(params.get('redirect_uri')+"?error=access denied");
+    redirect(params.get('redirect_uri')+"?error=consent_required");
 }
 
 function backendAutorization(){

de.srsoftware.oidc.web/src/main/resources/en/settings.html

@@ -2,9 +2,9 @@
 <head>
     <meta charset="utf-8">
     <title>Light OIDC</title>
-    <script src="common.js"></script>
-    <script src="user.js"></script>
-    <script src="settings.js"></script>
+    <script src="scripts/common.js"></script>
+    <script src="scripts/user.js"></script>
+    <script src="scripts/settings.js"></script>
     <link rel="stylesheet" href="style.css" />
 </head>
 <body>