simplesamlphp · cicnavi · Feb 12, 2025 · Feb 7, 2025 · Feb 7, 2025 · Feb 7, 2025
diff --git a/locales/en/LC_MESSAGES/oidc.po b/locales/en/LC_MESSAGES/oidc.po
diff --git a/locales/es/LC_MESSAGES/oidc.po b/locales/es/LC_MESSAGES/oidc.po
diff --git a/locales/fr/LC_MESSAGES/oidc.po b/locales/fr/LC_MESSAGES/oidc.po
diff --git a/locales/hr/LC_MESSAGES/oidc.po b/locales/hr/LC_MESSAGES/oidc.po
diff --git a/locales/it/LC_MESSAGES/oidc.po b/locales/it/LC_MESSAGES/oidc.po
diff --git a/locales/nl/LC_MESSAGES/oidc.po b/locales/nl/LC_MESSAGES/oidc.po
diff --git a/src/Forms/ClientForm.php b/src/Forms/ClientForm.php
@@ -353,40 +353,40 @@ protected function buildForm(): void
         $this->setMethod('POST');
         $this->addComponent($this->csrfProtection, Form::ProtectorId);
 
-        $this->addText('name', '{oidc:client:name}')
+        $this->addText('name', Translate::noop('Name'))
             ->setHtmlAttribute('class', 'full-width')
             ->setMaxLength(255)
             ->setRequired(Translate::noop('Name is required.'));
 
-        $this->addTextArea('description', '{oidc:client:description}', null, 3)
+        $this->addTextArea('description', Translate::noop('Description'), null, 3)
             ->setHtmlAttribute('class', 'full-width');
-        $this->addTextArea('redirect_uri', '{oidc:client:redirect_uri}', null, 5)
+        $this->addTextArea('redirect_uri', Translate::noop('Redirect URI'), null, 5)
             ->setHtmlAttribute('class', 'full-width')
             ->setRequired(Translate::noop('At least one redirect URI is required.'));
 
-        $this->addCheckbox('is_enabled', '{oidc:client:is_enabled}');
+        $this->addCheckbox('is_enabled', Translate::noop('Activated'));
 
         $this->addCheckbox('is_confidential', '{oidc:client:is_confidential}');
 
-        $this->addSelect('auth_source', '{oidc:client:auth_source}:')
+        $this->addSelect('auth_source', Translate::noop('Authentication source'))
             ->setHtmlAttribute('class', 'full-width')
             ->setItems($this->sspBridge->auth()->source()->getSources(), false)
             ->setPrompt(Translate::noop('-'));
 
         $scopes = $this->getScopes();
 
-        $this->addMultiSelect('scopes', '{oidc:client:scopes}', $scopes, 10)
+        $this->addMultiSelect('scopes', Translate::noop('Scopes'), $scopes, 10)
             ->setHtmlAttribute('class', 'full-width')
             ->setRequired(Translate::noop('At least one scope is required.'));
 
-        $this->addText('owner', '{oidc:client:owner}')
+        $this->addText('owner', Translate::noop('Owner'))
             ->setMaxLength(190);
-        $this->addTextArea('post_logout_redirect_uri', '{oidc:client:post_logout_redirect_uri}', null, 5)
+        $this->addTextArea('post_logout_redirect_uri', Translate::noop('Post-logout Redirect URIs'), null, 5)
             ->setHtmlAttribute('class', 'full-width');
-        $this->addTextArea('allowed_origin', '{oidc:client:allowed_origin}', null, 5)
+        $this->addTextArea('allowed_origin', Translate::noop('Allowed origins for public clients'), null, 5)
             ->setHtmlAttribute('class', 'full-width');
 
-        $this->addText('backchannel_logout_uri', '{oidc:client:backchannel_logout_uri}')
+        $this->addText('backchannel_logout_uri', Translate::noop('Back-Channel Logout URI'))
             ->setHtmlAttribute('class', 'full-width');
 
         $this->addText('entity_identifier', 'Entity Identifier')

diff --git a/src/Services/Container.php b/src/Services/Container.php
@@ -30,6 +30,7 @@
 use SimpleSAML\Configuration;
 use SimpleSAML\Database;
 use SimpleSAML\Error\Exception;
+use SimpleSAML\Locale\Translate;
 use SimpleSAML\Metadata\MetaDataStorageHandler;
 use SimpleSAML\Module\oidc\Admin\Menu;
 use SimpleSAML\Module\oidc\Bridges\PsrHttpBridge;
@@ -147,7 +148,11 @@
         $helpers = new Helpers();
         $this->services[Helpers::class] = $helpers;
 
-        $csrfProtection = new CsrfProtection('{oidc:client:csrf_error}', $session);
+        $csrfProtection = new CsrfProtection(
+            Translate::noop('Your session has expired. Please return to the home page and try again.'),
+            $session,
+        );
+
         $formFactory = new FormFactory(
             $moduleConfig,
             $csrfProtection,

diff --git a/templates/clients.twig b/templates/clients.twig
@@ -53,10 +53,10 @@
                     <small>{{ client.description }}</small>
                     <br>
                     <small>
-                        {{ 'Registration:'|trans }} {{ client.registrationType.description }} |
-                        {{ 'Created at:'|trans }} {{ client.createdAt ? client.createdAt|date() : 'n/a' }} |
-                        {{ 'Updated at:'|trans }} {{ client.updatedAt ? client.updatedAt|date() : 'n/a' }} |
-                        {{ 'Expires at:'|trans }} {{ client.expiresAt ? client.expiresAt|date() : 'never' }}
+                        {{ 'Registration'|trans }}: {{ client.registrationType.description }} |
+                        {{ 'Created at'|trans }}: {{ client.createdAt ? client.createdAt|date() : 'n/a' }} |
+                        {{ 'Updated at'|trans }}: {{ client.updatedAt ? client.updatedAt|date() : 'n/a' }} |
+                        {{ 'Expires at'|trans }}: {{ client.expiresAt ? client.expiresAt|date() : 'never'|trans }}
                     </small>
                 </td>
                 <td>

diff --git a/templates/clients/includes/form.twig b/templates/clients/includes/form.twig
@@ -87,7 +87,7 @@
             <span class="pure-form-message red-text">{{ form.scopes.getError }}</span>
         {% endif %}
 
-        <label for="frm-backchannel_logout_uri">{{ 'Back-Channel Logout URI'|trans }}</label>
+        <label for="frm-backchannel_logout_uri">{{ 'Back-channel Logout URI'|trans }}</label>
         {{ form.backchannel_logout_uri.control | raw }}
         <span class="pure-form-message">
             {% trans %}Enter if client supports Back-Channel Logout specification. When logout is initiated at the OpenID Provider, it will send a Logout Token to this URI in order to notify the client about that event. Must be a valid URI. Example: https://example.org/foo?bar=1{% endtrans %}
@@ -96,7 +96,7 @@
             <span class="pure-form-message red-text">{{ form.backchannel_logout_uri.getError }}</span>
         {% endif %}
 
-        <label for="frm-post_logout_redirect_uri">{{ 'Post-Logout Redirect URIs'|trans }}</label>
+        <label for="frm-post_logout_redirect_uri">{{ 'Post-logout Redirect URIs'|trans }}</label>
         {{ form.post_logout_redirect_uri.control | raw }}
         <span class="pure-form-message">
             {% trans %}Allowed redirect URIs to use after client initiated logout. Must be a valid URI, one per line. Example: https://example.org/foo?bar=1{% endtrans %}

diff --git a/templates/clients/show.twig b/templates/clients/show.twig
@@ -40,10 +40,10 @@
     </div>
 
     <div class="">
-        {{ 'Registration:'|trans }} {{ client.registrationType.description }} |
-        {{ 'Created at:'|trans }} {{ client.createdAt ? client.createdAt|date() : 'n/a' }} |
-        {{ 'Updated at:'|trans }} {{ client.updatedAt ? client.updatedAt|date() : 'n/a' }} |
-        {{ 'Expires at:'|trans }} {{ client.expiresAt ? client.expiresAt|date() : 'never' }}
+        {{ 'Registration'|trans }}: {{ client.registrationType.description }} |
+        {{ 'Created at'|trans }}: {{ client.createdAt ? client.createdAt|date() : 'n/a' }} |
+        {{ 'Updated at'|trans }}: {{ client.updatedAt ? client.updatedAt|date() : 'n/a' }} |
+        {{ 'Expires at'|trans }}: {{ client.expiresAt ? client.expiresAt|date() : 'never'|trans }}
     </div>
 
     <br>

diff --git a/templates/config/migrations.twig b/templates/config/migrations.twig
@@ -22,9 +22,7 @@
     {% endif %}
 
     <div class="message-box">
-        Before running the migrations, make sure that the database user has proper privileges to change the scheme
-        (for example, <kbd>alter, create, drop, index</kbd>). After running the migrations, it is a good practice to remove
-        those privileges.
+        {{ 'Before running the migrations, make sure that the database user has proper privileges to change the scheme (for example, <kbd>alter, create, drop, index</kbd>). After running the migrations, it is a good practice to remove those privileges.'|trans }}
     </div>
 
 {% endblock oidcContent -%}
diff --git a/templates/includes/menu.twig b/templates/includes/menu.twig
@@ -5,7 +5,7 @@
             <li>
                 <a href="{{ item.hrefPath }}"
                    class="{{ item.hrefPath == oidcMenu.activeHrefPath ? 'active' : '' }}"
-                > {{ item.label }} </a>
+                > {{ item.label|trans }} </a>
             </li>
             {% endfor %}
         </ul>

diff --git a/templates/logout.twig b/templates/logout.twig
@@ -5,22 +5,22 @@
 {% block oidcContent %}
     <h2>
         {% if wasLogoutActionCalled %}
-            {{ '{oidc:logout:page_title_success}'|trans }}
+            {{ 'Logout Successful'|trans }}
         {% else %}
-            {{ '{oidc:logout:page_title_fail}'|trans }}
+            {{ 'Logout Failed'|trans }}
         {% endif %}
     </h2>
 
 
     <div>
         <h3>
-            {{ '{oidc:logout:info_title}'|trans }}
+            {{ 'Info'|trans }}
         </h3>
         <p>
             {% if wasLogoutActionCalled %}
-                {{ '{oidc:logout:info_message_success}'|trans }}
+                {{ 'You can now close this window or navigate to another page.'|trans }}
             {% else %}
-                {{ '{oidc:logout:info_message_fail}'|trans }}
+                {{ 'Requested session was not found or it is expired.'|trans }}
             {% endif %}
         </p>
     </div>

diff --git a/templates/tests/trust-chain-resolution.twig b/templates/tests/trust-chain-resolution.twig
@@ -54,13 +54,13 @@
         <h4>{{ 'Resolved chains'|trans }}</h4>
         {% if trustChainBag|default %}
             <p>
-                {{ 'Total chains:'|trans }} {{ trustChainBag.getCount }}
+                {{ 'Total chains'|trans }}: {{ trustChainBag.getCount }}
             </p>
             {% for index, trustChain in trustChainBag.getAll %}
                 <p>
-                {{ loop.index }}. {{ 'Trust Anchor ID:'|trans }} {{ trustChain.getResolvedTrustAnchor.getIssuer }}
+                {{ loop.index }}. {{ 'Trust Anchor ID'|trans }}: {{ trustChain.getResolvedTrustAnchor.getIssuer }}
                 <br><br>
-                {{ 'Path:'|trans }}
+                {{ 'Path'|trans }}:
                 <br>
                 {% for entity in trustChain.getEntities %}
                     {% if loop.index > 1 %}
@@ -69,7 +69,7 @@
                 {% endfor %}
 
                 <br>
-                {{ 'Resolved metadata:' }}<br>
+                {{ 'Resolved metadata' }}:<br>
                 {% if resolvedMetadata[index]|default is not empty %}
                     <code class="code-box code-box-content">
                         {{- resolvedMetadata[index]|json_encode(constant('JSON_PRETTY_PRINT') b-or constant('JSON_UNESCAPED_SLASHES')) -}}

diff --git a/tests/unit/src/Factories/FormFactoryTest.php b/tests/unit/src/Factories/FormFactoryTest.php
@@ -0,0 +1,66 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\Module\oidc\unit\Factories;
+
+use PHPUnit\Framework\Attributes\CoversClass;
+use PHPUnit\Framework\Attributes\UsesClass;
+use PHPUnit\Framework\MockObject\MockObject;
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Module\oidc\Bridges\SspBridge;
+use SimpleSAML\Module\oidc\Factories\FormFactory;
+use SimpleSAML\Module\oidc\Forms\ClientForm;
+use SimpleSAML\Module\oidc\Forms\Controls\CsrfProtection;
+use SimpleSAML\Module\oidc\Helpers;
+use SimpleSAML\Module\oidc\ModuleConfig;
+
+#[CoversClass(FormFactory::class)]
+#[UsesClass(ClientForm::class)]
+class FormFactoryTest extends TestCase
+{
+    protected MockObject $moduleConfigMock;
+    protected MockObject $csrfProtectionMock;
+    protected MockObject $sspBridgeMock;
+    protected MockObject $helpersMock;
+
+    protected function setUp(): void
+    {
+        $this->moduleConfigMock = $this->createMock(ModuleConfig::class);
+        $this->csrfProtectionMock = $this->createMock(CsrfProtection::class);
+        $this->sspBridgeMock = $this->createMock(SspBridge::class);
+        $this->helpersMock = $this->createMock(Helpers::class);
+    }
+
+    protected function sut(
+        ?ModuleConfig $moduleConfig = null,
+        ?CsrfProtection $csrfProtection = null,
+        ?SspBridge $sspBridge = null,
+        ?Helpers $helpers = null,
+    ): FormFactory {
+        $moduleConfig ??= $this->moduleConfigMock;
+        $csrfProtection ??= $this->csrfProtectionMock;
+        $sspBridge ??= $this->sspBridgeMock;
+        $helpers ??= $this->helpersMock;
+
+        return new FormFactory(
+            $moduleConfig,
+            $csrfProtection,
+            $sspBridge,
+            $helpers,
+        );
+    }
+
+    public function testCanConstruct(): void
+    {
+        $this->assertInstanceOf(FormFactory::class, $this->sut());
+    }
+
+    public function testCanBuildClientForm(): void
+    {
+        $this->assertInstanceOf(
+            ClientForm::class,
+            $this->sut()->build(ClientForm::class),
+        );
+    }
+}