#

# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.

#

# Copyright (c) 2014 ForgeRock AS

#

# The contents of this file are subject to the terms

# of the Common Development and Distribution License

# (the License). You may not use this file except in

# compliance with the License.

#

# You can obtain a copy of the License at

# http://forgerock.org/license/CDDLv1.0.html

# See the License for the specific language governing

# permission and limitations under the License.

#

# When distributing Covered Code, include this CDDL

# Header Notice in each file and include the License file

# at http://forgerock.org/license/CDDLv1.0.html

# If applicable, add the following below the CDDL Header,

# with the fields enclosed by brackets [] replaced by

# your own identifying information:

# "Portions Copyrighted [year] [name of copyright owner]"

#

openidconnect-service-description=OpenID Connect id_token bearer

header_name=Name of header referencing the ID Token

issuer_name=Name of OpenID Connect ID Token Issuer

issuer_name.help= Value must match the iss field in issued ID Token

crypto_context_type=OpenID Connect validation configuration type

crypto_context_type.help=Please select either 1. the issuer discovery url, 2. the issuer jwk url, or 3. the client_secret.

crypto_context_value=OpenID Connect validation configuration value

crypto_context_value.help=The discovery url, or jwk url, or the client_secret, corresponding to the selection above.

crypto_context_value.help.txt=If discovery or jwk url entered, entry must be in valid url format.

princial_mapper_class=Principal mapper class

princial_mapper_class.help=Class which implements mapping of jwt state to a Principal in the local identity repository

princial_mapper_class.help.txt=Any custom implementation must implement the \

<code>org.forgerock.openam.authentication.modules.common.mapping.AttributeMapper</code> interface.

account_provider_class=Account provider class

account_provider_class.help=Name of the class implementing the account provider.

account_provider_class.help.txt=This class is used by the module to find the account from the attributes mapped by the Account Mapper \

<a href="http://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims" target="_blank">OpenID Connect Core 1.0 Specification</a>, \

section 5.4. on how to request the inclusion of additional attributes in issued ID Tokens.

local_to_jwt_attr_mappings=Mapping of local LDAP attributes to jwt attributes

local_to_jwt_attr_mappings.help=Format: jwt_attribute=local_ldap_attribute

local_to_jwt_attr_mappings.help.txt=Mappings allow jwt entries to drive principal lookup. This entry determines how \

to translate between local LDAP attributes and the entries in the jwt. See \

http://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims on how to request the inclusion of additional \

attributes in issued ID Tokens.

listed_audience_name=Audience name

listed_audience_name.help=A case sensitive string

listed_audience_name.help.txt=The audience name for this OpenID Conenct module. This will be used to check that the \

ID token received is intended for this module as an audience.

listed_authorized_parties=List of accepted authorized parties

listed_authorized_parties.help=A list of case sensitive strings which can be either string or URI values

listed_authorized_parties.help.txt=A list of authorized parties which this module will accept ID tokens from. This \

will be checked against the authorized party claim of the ID token.

verification_failed=Verification of the ID Token failed.

jws_signing_exception=JWS token signing evaluation failure.

issuer_mismatch=The issuer configured for the module, and the issuer string in discovery document referenced by \

configuration url, do not match.

token_issuer_mismatch=The issuer configured for the module, and the issuer string in the jwt, do not match.

jwt_parse_error=The ID Token jwt specified in the header could not be parsed.

missing_header=No ID Token was found referenced by the specified header.

jwk_not_loaded=The json web key state could not be loaded.

principal_mapper_instantiation_error=The principal mapper could not be instantiated.

principal_mapping_failure=No principal in the local id repo could be found.

no_attributes_mapped=None of the attributes specified in the mappings could be found in the Id Token.

id_token_bad_audience=ID token is not for this audience.

invalid_authorized_party=ID token was received from invalid authorized party.

authorized_party_not_in_audience=Authorized party was present in ID token, but its value was not found in the \

audience claim.

no_audience_claim=No audience claim present in ID token.