Customizing User Consent

Localizing consent

When user consent is being asked, the requested claims can be localized when they are rendered. Let's translate the sub claim so it can be rendered in dutch.

The translations must be made in the language override file for the OAuth consent template, which is located at

• usr/share/messages/overrides/ is the base directory for language overrides,
• nl/ is the language prefix, and
• views/oauth/ is the path to the OAuth templates

Added up, the override file for dutch must be stored as usr/share/messages/overrides/nl/views/oauth/messages.

In this file, you can translate the claim names, as well as the claim descriptions, according to the following format:

consent.claim-names.<claim-name>=Some name
consent.claim-descriptions.<claim-name>=Description of the claim

To translate the claim admin, let's create that messages-file with the following contents:

consent.claim-names.sub=Gebruikersnaam
consent.claim-descriptions.sub=De naam waarmee je inlogt

Now to see the translated consent screen in action, force the locality of the request to be dutch by using the ui_locales parameter in the querystring:

https://localhost:8443/authorize?response_type=token&client_id=uc-client&redirect_uri=https://uc-client.example.com/callback&scope=openid+admin&ui_locales=nl&state=29846721323

Notice the translations of the claims follow the translations as they are made in the overridden messages file.

Customizing the user consent template

The consent screen is rendered from a template, which you can change. Note that there are a couple of items in the template that are rendered from configuration, which are:

• a client logo
• the privacy policy URL
• the terms of service URL

To modify the consent template itself, you can override it by creating a new file called consent.vm in the directory usr/share/templates/overrides/views/oauth. For the sake of this tutorial, let's switch the order of the Privacy Policy URL and the Terms of Service URL.

Start out with a copy of the provided consent template. First ensure that the directory exists, then copy it:

mkdir -p usr/share/templates/overrides/views/oauth
cp usr/share/templates/core/views/oauth/consent.vm usr/share/templates/overrides/views/oauth

Next, use your editor to open the consent.vm from the overrides/ directory, and move around the order of the two URLs, to make it look like this:

#if ($_client.get("termsOfServiceUrl"))
    <a href="$!_client.get("termsOfServiceUrl")">#message("views.oauth.consent.termsOfService")</a>
#end

#if ($_client.get("policyUrl"))
    <a href="$!_client.get("policyUrl")">#message("views.oauth.consent.policyDocument")</a>
#end

Save the file, and make a request for a token, asking for consent:

https://localhost:8443/authorize?response_type=token&client_id=uc-client&redirect_uri=https://uc-client.example.com/callback&scope=openid&state=8173646663

That's how easy it is to change a template!