<% if rodauth.oauth_application[rodauth.oauth_applications_tos_uri_column] %> <%= link_to rodauth.oauth_applications_tos_uri_label, rodauth.oauth_application[rodauth.oauth_applications_tos_uri_column], class: "list-group-item" %> <% end %> <% if rodauth.oauth_application[rodauth.oauth_applications_policy_uri_column] %> <%= link_to rodauth.oauth_applications_policy_uri_label, rodauth.oauth_application[rodauth.oauth_applications_policy_uri_column], class: "list-group-item" %> <% end %>

<%= rodauth.oauth_grants_scopes_label %>

<% rodauth.authorize_scopes.each do |scope| %> <% if rodauth.features.include?(:oidc) && scope == "offline_access" %> <%= hidden_field_tag "scope[]", scope %> <% else %>

<%= check_box_tag "scope[]", scope, id: scope, class: "form-check-input" %> <%= label_tag scope, scope, class: "form-check-label" %>

<% end %> <% end %> <%= hidden_field_tag :client_id, params[:client_id] %> <% %i[access_type response_type response_mode state redirect_uri].each do |oauth_param| %> <% if params[oauth_param] %> <%= hidden_field_tag oauth_param, params[oauth_param] %> <% end %> <% end %> <% if rodauth.features.include?(:oauth_resource_indicators) && rodauth.resource_indicators %> <% rodauth.resource_indicators.each do |resource| %> <%= hidden_field_tag "resource", resource %> <% end %> <% end %> <% if rodauth.features.include?(:oauth_pkce) %> <% if params[:code_challenge] %> <%= hidden_field_tag :code_challenge, params[:code_challenge] %> <% end %> <% if params[:code_challenge_method] %> <%= hidden_field_tag :code_challenge_method, params[:code_challenge_method] %> <% end %> <% end %> <% if rodauth.features.include?(:oidc) %> <% if params[:prompt] %> <%= hidden_field_tag :prompt, params[:prompt] %> <% end %> <% if params[:nonce] %> <%= hidden_field_tag :nonce, params[:nonce] %> <% end %> <% if params[:ui_locales] %> <%= hidden_field_tag :ui_locales, params[:ui_locales] %> <% end %> <% if params[:claims_locales] %> <%= hidden_field_tag :claims_locales, params[:claims_locales] %> <% end %> <% if params[:claims] %> <%= hidden_field_tag :claims, sanitize(params[:claims]) %> <% end %> <% if params[:acr_values] %> <%= hidden_field_tag :acr_values, params[:acr_values] %> <% end %> <% end %>

<%= submit_tag rodauth.oauth_authorize_button, class: "btn btn-outline-primary" %> <%= link_to rodauth.oauth_cancel_button, "#{rodauth.redirect_uri}?error=access_denied&error_description=The+resource+owner+or+authorization+server+denied+the+request#{"&state=\#{CGI.escape(rodauth.state)}" if params[:state] }", class: "btn btn-outline-danger" %>

<%= rodauth.oauth_applications_contacts_label %>

<%= rodauth.oauth_grants_scopes_label %>