eu.planete_kraus.Disfluid.gschema.xml.in


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109

<schemalist>
  <schema id="eu.planete_kraus.Disfluid.Client" gettext-domain="@PACKAGE@">
    <key name="client-id" type="s">
      <summary>Client ID</summary>
      <description>
        The client application needs a public presence on the
        world-wide web so that the identity provider can check it is
        not spoofed; this is the public URI where to obtain
        machine-readable information about the application
      </description>
      <default>'https://webid-oidc-demo.planete-kraus.eu/example-application#id'</default>
    </key>
    <key name="key-pair" type="s">
      <summary>Client key pair</summary>
      <description>
        When creating new accounts, use this key pair to certify them
        (in the JWK format); an empty value will generate a new key
        pair
      </description>
      <default>''</default>
    </key>
    <key name="redirect-uri" type="s">
      <summary>Client redirect URI</summary>
      <description>
        When receiving an authorization, the user’s browser is
        redirected to this URI, where the user should be presented
        with a code to paste into the application
      </description>
      <default>'https://webid-oidc-demo.planete-kraus.eu/authorized'</default>
    </key>
  </schema>
  <schema id="eu.planete_kraus.Disfluid.Account">
    <key name="subject" type="s">
      <summary>Account webid</summary>
      <description>
        The accounts are tied to a particular user, through a webid
      </description>
      <default>''</default>
    </key>
    <key name="issuer" type="s">
      <summary>Identity provider</summary>
      <description>
        The account is certified by the server running at this URI
      </description>
      <default>''</default>
    </key>
    <key name="key-pair" type="s">
      <summary>JWK key pair</summary>
      <description>
        Our account is certified to be used with a key pair that the
        application owns; the key is in the JWK format
      </description>
      <default>''</default>
    </key>
    <key name="id-token-header" type="s">
      <summary>Header of the identity token</summary>
      <description>
        How we verified the signature of the ID token; if the account
        needs to be refreshed then it may be empty
      </description>
      <default>''</default>
    </key>
    <key name="id-token" type="s">
      <summary>Identity token</summary>
      <description>
        The identity provider sent an ID token to remind us who you
        are; if the account needs to be refreshed it may be empty
      </description>
      <default>''</default>
    </key>
    <key name="access-token" type="s">
      <summary>Access token</summary>
      <description>
        This token is presented to the resource server when we
        authentify; it is bound to a key whose possession we need to
        prove at the same time; if the account needs to be refreshed
        it may be empty
      </description>
      <default>''</default>
    </key>
    <key name="refresh-token" type="s">
      <summary>Refresh token</summary>
      <description>
        When the account expires, we present this token to the
        identity provider to refresh it; it is also bound to the key
        pair; if the user did not give us refresh permission it may be
        empty
      </description>
      <default>''</default>
    </key>
  </schema>
  <schema id="eu.planete_kraus.Disfluid" path="/eu/planete_kraus/Disfluid/">
    <child name="client" schema="eu.planete_kraus.Disfluid.Client" />
    <child name="main-account" schema="eu.planete_kraus.Disfluid.Account" />
    <!-- https://gitlab.gnome.org/GNOME/glib/-/issues/993, I can’t
         create dynamic accounts because I won’t be able to free
         storage -->
    <child name="other-account-1" schema="eu.planete_kraus.Disfluid.Account" />
    <child name="other-account-2" schema="eu.planete_kraus.Disfluid.Account" />
    <child name="other-account-3" schema="eu.planete_kraus.Disfluid.Account" />
    <child name="other-account-4" schema="eu.planete_kraus.Disfluid.Account" />
    <child name="other-account-5" schema="eu.planete_kraus.Disfluid.Account" />
    <child name="other-account-6" schema="eu.planete_kraus.Disfluid.Account" />
    <child name="other-account-7" schema="eu.planete_kraus.Disfluid.Account" />
    <child name="other-account-8" schema="eu.planete_kraus.Disfluid.Account" />
    <child name="other-account-9" schema="eu.planete_kraus.Disfluid.Account" />
    <child name="other-account-10" schema="eu.planete_kraus.Disfluid.Account" />
  </schema>
</schemalist>