forked from Github-Mirrors/canaille
632 lines
37 KiB
Text
632 lines
37 KiB
Text
# SOME DESCRIPTIVE TITLE.
|
|
# Copyright (C) 2024, Yaal Coop
|
|
# This file is distributed under the same license as the canaille package.
|
|
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
|
|
#
|
|
#, fuzzy
|
|
msgid ""
|
|
msgstr ""
|
|
"Project-Id-Version: canaille 0.0.56\n"
|
|
"Report-Msgid-Bugs-To: \n"
|
|
"POT-Creation-Date: 2024-11-22 17:26+0100\n"
|
|
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
|
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
|
"Language-Team: LANGUAGE <LL@li.org>\n"
|
|
"MIME-Version: 1.0\n"
|
|
"Content-Type: text/plain; charset=UTF-8\n"
|
|
"Content-Transfer-Encoding: 8bit\n"
|
|
|
|
#: ../references/models.rst:2
|
|
#: 022e1b3cf73440848f54dcfa34e42ba7
|
|
msgid "Data models"
|
|
msgstr ""
|
|
|
|
#: ../references/models.rst:4
|
|
#: d149fff6a989475a8be86c904d978f4c
|
|
msgid "This reference details the data models used by Canaille. This is mostly useful for developers."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/backends/models.py:docstring of canaille.backends.models.BackendModel:1
|
|
#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model:1
|
|
#: 89ef1d33d7924bfdb5e279d1103bbcad
|
|
#: a462c61f57f44ad08f0a8e562830af68
|
|
msgid "Bases: :py:class:`object`"
|
|
msgstr ""
|
|
|
|
#: ../../canaille/backends/models.py:docstring of canaille.backends.models.BackendModel:1
|
|
#: b3c50358d06640a7a9fe4e59e7fd9827
|
|
msgid "The backend model abstract class."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/backends/models.py:docstring of canaille.backends.models.BackendModel:3
|
|
#: a930a4499fef45d1b0942fc6c1e36b56
|
|
msgid "It details all the methods and attributes that are expected to be implemented for every model and for every backend."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model:1
|
|
#: 455dfc35495747599564cc0de69b6204
|
|
msgid "The model abstract class."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model:3
|
|
#: d3d24c3cf53649fa9952d0acd46baaec
|
|
msgid "It details all the common attributes shared by every models."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.backends.models.Model.created:1
|
|
#: 0b9f08586ec4479f95610436345a2df4
|
|
msgid "The :class:`~datetime.datetime` that the resource was added to the service provider."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.backends.models.Model.id:1
|
|
#: 73ab147ab6f44612a5d639fc060bbaaf
|
|
msgid "A unique identifier for a SCIM resource as defined by the service provider. Id will be :py:data:`None` until the :meth:`~canaille.backends.models.BackendModel.save` method is called."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.backends.models.Model.id:5
|
|
#: 04db3a45228d44168cbb27c89577d6dc
|
|
msgid "Each representation of the resource MUST include a non-empty \"id\" value. This identifier MUST be unique across the SCIM service provider's entire set of resources. It MUST be a stable, non- reassignable identifier that does not change when the same resource is returned in subsequent requests. The value of the \"id\" attribute is always issued by the service provider and MUST NOT be specified by the client. The string \"bulkId\" is a reserved keyword and MUST NOT be used within any unique identifier value. The attribute characteristics are \"caseExact\" as \"true\", a mutability of \"readOnly\", and a \"returned\" characteristic of \"always\". See Section 9 for additional considerations regarding privacy."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model.identifier:1
|
|
#: 2ea5fc24d36f4c83b49bc6509fc30f36
|
|
msgid "Returns a unique value that will be used to identify the model instance."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/backends/models.py:docstring of canaille.backends.models.Model.identifier:4
|
|
#: 8de478a9d8f44e5ebf9ffd959187d3e7
|
|
msgid "This value will be used in URLs in canaille, so it should be unique and short."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.backends.models.Model.last_modified:1
|
|
#: 9b5885a4658141839d61820edf411982
|
|
msgid "The most recent :class:`~datetime.datetime` that the details of this resource were updated at the service provider."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.backends.models.Model.last_modified:4
|
|
#: 659528401e8e404ca22250d8a132a8af
|
|
msgid "If this resource has never been modified since its initial creation, the value MUST be the same as the value of :attr:`~canaille.backends.models.Model.created`."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/core/models.py:docstring of canaille.core.models.Group:1
|
|
#: ../../canaille/core/models.py:docstring of canaille.core.models.User:1
|
|
#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.AuthorizationCode:1
|
|
#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Client:1
|
|
#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Consent:1
|
|
#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Token:1
|
|
#: b0cbb8436a2e4726a04c452b6464b07c
|
|
#: a46cf872f3124dfebe8074d928294b37
|
|
#: 490030c82e9f4ca7a39b4dd4e47c6da1
|
|
#: 9593236b11104e0782a0ec1d2422f081
|
|
#: c26fabc7468147da80b51e22269685ff
|
|
#: 3266b57754fd4ab3ad8752c56797ec3f
|
|
msgid "Bases: :py:class:`~canaille.backends.models.Model`"
|
|
msgstr ""
|
|
|
|
#: ../../canaille/core/models.py:docstring of canaille.core.models.Group:1
|
|
#: b508bfbf52f549b0a2e7036942e5ae2e
|
|
msgid "User model, based on the `SCIM Group schema <https://datatracker.ietf.org/doc/html/rfc7643#section-4.2>`_."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.Group.display_name:1
|
|
#: 18d85d6d4d3647f1a2ec4e540fd71f0c
|
|
msgid "A human-readable name for the Group."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.Group.display_name:3
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.client_id:1
|
|
#: 732a62dcb7c14d6ebe0cbb87a056506b
|
|
#: eeba3149bca04af9b37b5b8a6942a31a
|
|
msgid "REQUIRED."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.Group.members:1
|
|
#: d3c1eb7c79cd4c329aa5889db10437c4
|
|
msgid "A list of members of the Group."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.Group.members:3
|
|
#: 84f35590c5e343d794d68c66b238dc99
|
|
msgid "While values MAY be added or removed, sub-attributes of members are \"immutable\". The \"value\" sub-attribute contains the value of an \"id\" attribute of a SCIM resource, and the \"$ref\" sub-attribute must be the URI of a SCIM resource such as a \"User\", or a \"Group\". The intention of the \"Group\" type is to allow the service provider to support nested groups. Service providers MAY require clients to provide a non-empty value by setting the \"required\" attribute characteristic of a sub-attribute of the \"members\" attribute in the \"Group\" resource schema."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/core/models.py:docstring of canaille.core.models.User:1
|
|
#: 693317bbc24b4bb38a0c34eabe8c27a6
|
|
msgid "User model, based on the `SCIM User schema <https://datatracker.ietf.org/doc/html/rfc7643#section-4.1>`_, `Entreprise User Schema Extension <https://datatracker.ietf.org/doc/html/rfc7643#section-4.3>`_ and `SCIM Password Management Extension <https://datatracker.ietf.org/doc/html/draft-hunt-scim-password-mgmt-00.html>`_ draft. Attribute description is based on SCIM and put there for information purpose. The description may not fit the current implementation in Canaille."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/core/models.py:docstring of canaille.core.models.User.can:1
|
|
#: d512cb33bc1b4f34910c1f3d20b00415
|
|
msgid "Whether or not the user has the :class:`~canaille.core.configuration.Permission` according to the :class:`configuration <canaille.core.configuration.ACLSettings>`."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.department:1
|
|
#: a85b1f762528426fb7c866f8acff33a7
|
|
msgid "Identifies the name of a department."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.display_name:1
|
|
#: ccac75608a514817bc2657221c84c8d4
|
|
msgid "The name of the user, suitable for display to end-users."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.display_name:3
|
|
#: 12cb2626a8b8428386ab833d1a57a44c
|
|
msgid "Each user returned MAY include a non-empty displayName value. The name SHOULD be the full name of the User being described, if known (e.g., \"Babs Jensen\" or \"Ms. Barbara J Jensen, III\") but MAY be a username or handle, if that is all that is available (e.g., \"bjensen\"). The value provided SHOULD be the primary textual label by which this User is normally displayed by the service provider when presenting it to end-users."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.emails:1
|
|
#: 1d01bb2833434fefbd8e26282f88c2b5
|
|
msgid "Email addresses for the User."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.emails:3
|
|
#: 2c83d0f48a2c4b20b11e0f59a8fd1015
|
|
msgid "The value SHOULD be specified according to [RFC5321]. Service providers SHOULD canonicalize the value according to [RFC5321], e.g., \"bjensen@example.com\" instead of \"bjensen@EXAMPLE.COM\". The \"display\" sub-attribute MAY be used to return the canonicalized representation of the email value. The \"type\" sub-attribute is used to provide a classification meaningful to the (human) user. The user interface should encourage the use of basic values of \"work\", \"home\", and \"other\" and MAY allow additional type values to be used at the discretion of SCIM clients."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.employee_number:1
|
|
#: 221bb9f4d412453e8aab759ea9b8e9b1
|
|
msgid "A string identifier, typically numeric or alphanumeric, assigned to a person, typically based on order of hire or association with an organization."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.family_name:1
|
|
#: 2bc5c5485b0e472383061267c89b9843
|
|
msgid "The family name of the User, or last name in most Western languages (e.g., \"Jensen\" given the full name \"Ms. Barbara Jane Jensen, III\")."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.formatted_address:1
|
|
#: 1a46356c5b514ef39560fc6bf3e37a1f
|
|
msgid "The full mailing address, formatted for display or use with a mailing label."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.formatted_address:4
|
|
#: f52de344799e4ceeb276ed4f02955181
|
|
msgid "This attribute MAY contain newlines."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.formatted_name:1
|
|
#: 5c155ee534eb441fba949e3d9607c7ce
|
|
msgid "The full name, including all middle names, titles, and suffixes as appropriate, formatted for display (e.g., \"Ms. Barbara Jane Jensen, III\")."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.given_name:1
|
|
#: b045a3658e1d46aaa2be9115e8412458
|
|
msgid "The given name of the User, or first name in most Western languages (e.g., \"Barbara\" given the full name \"Ms. Barbara Jane Jensen, III\")."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.groups:1
|
|
#: 3ac337f269234f93a9adee6541ae355f
|
|
msgid "A list of groups to which the user belongs, either through direct membership, through nested groups, or dynamically calculated."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.groups:4
|
|
#: 63c40fd148cf4a49b7e68d521d7e6489
|
|
msgid "The values are meant to enable expression of common group-based or role-based access control models, although no explicit authorization model is defined. It is intended that the semantics of group membership and any behavior or authorization granted as a result of membership are defined by the service provider. The canonical types \"direct\" and \"indirect\" are defined to describe how the group membership was derived. Direct group membership indicates that the user is directly associated with the group and SHOULD indicate that clients may modify membership through the \"Group\" resource. Indirect membership indicates that user membership is transitive or dynamic and implies that clients cannot modify indirect group membership through the \"Group\" resource but MAY modify direct group membership through the \"Group\" resource, which may influence indirect memberships. If the SCIM service provider exposes a \"Group\" resource, the \"value\" sub-attribute MUST be the \"id\", and the \"$ref\" sub-attribute must be the URI of the corresponding \"Group\" resources to which the user belongs. Since this attribute has a mutability of \"readOnly\", group membership changes MUST be applied via the \"Group\" Resource (Section 4.2). This attribute has a mutability of \"readOnly\"."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/core/models.py:docstring of canaille.core.models.User.has_password:1
|
|
#: bf9ca86e1fdf4aec978ae51efe4493c3
|
|
msgid "Check whether a password has been set for the user."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.locality:1
|
|
#: 0d4cf2a502c74826bf7403b6740b9982
|
|
msgid "The city or locality component."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.lock_date:1
|
|
#: 0b6933781a174c2bad8d274d52dcc8d0
|
|
msgid "A DateTime indicating when the resource was locked."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/core/models.py:docstring of canaille.core.models.User.locked:1
|
|
#: 1cbdffaaae3d46a885a2cc92bcf846f7
|
|
msgid "Whether the user account has been locked or has expired."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.organization:1
|
|
#: 92976f5262824ee9b3e0a65fb798b8b4
|
|
msgid "Identifies the name of an organization."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.password:1
|
|
#: 2cb2af496f3042c3966013ea767e5406
|
|
msgid "This attribute is intended to be used as a means to set, replace, or compare (i.e., filter for equality) a password. The cleartext value or the hashed value of a password SHALL NOT be returnable by a service provider. If a service provider holds the value locally, the value SHOULD be hashed. When a password is set or changed by the client, the cleartext password SHOULD be processed by the service provider as follows:"
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.password:9
|
|
#: 48b6e0f8a7164393abc72168bccfa18c
|
|
msgid "Prepare the cleartext value for international language comparison. See Section 7.8 of [RFC7644]."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.password:12
|
|
#: ddd96221e9c2438eb6c1d0a9dca2da76
|
|
msgid "Validate the value against server password policy. Note: The definition and enforcement of password policy are beyond the scope of this document."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.password:16
|
|
#: d76e3ac607d140bc951e00ad3392ea2f
|
|
msgid "Ensure that the value is encrypted (e.g., hashed). See Section 9.2 for acceptable hashing and encryption handling when storing or persisting for provisioning workflow reasons."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.password:20
|
|
#: 873d9d6bed204708a8d85cfe4d9d9eaa
|
|
msgid "A service provider that immediately passes the cleartext value on to another system or programming interface MUST pass the value directly over a secured connection (e.g., Transport Layer Security (TLS)). If the value needs to be temporarily persisted for a period of time (e.g., because of a workflow) before provisioning, then the value MUST be protected by some method, such as encryption."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.password:28
|
|
#: 43840faf65d749eba3318ec708692933
|
|
msgid "Testing for an equality match MAY be supported if there is an existing stored hashed value. When testing for equality, the service provider:"
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.password:32
|
|
#: 88ef2343a00a4cf2ab352ac63d38dfc9
|
|
msgid "Prepares the filter value for international language comparison. See Section 7.8 of [RFC7644]."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.password:35
|
|
#: 2ca8f00a08984448bfcdd17b066e8742
|
|
msgid "Generates the salted hash of the filter value and tests for a match with the locally held value."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.password:38
|
|
#: c3f9a3035bdf47e6917199ac4358c006
|
|
msgid "The mutability of the password attribute is \"writeOnly\", indicating that the value MUST NOT be returned by a service provider in any form (the attribute characteristic \"returned\" is \"never\")."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.phone_numbers:1
|
|
#: 97901cdb7c7a48248f43e9d3172a6aef
|
|
msgid "Phone numbers for the user."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.phone_numbers:3
|
|
#: 06c2bdfccac54d558c5f0996124cf0e7
|
|
msgid "The value SHOULD be specified according to the format defined in [RFC3966], e.g., 'tel:+1-201-555-0123'. Service providers SHOULD canonicalize the value according to [RFC3966] format, when appropriate. The \"display\" sub-attribute MAY be used to return the canonicalized representation of the phone number value. The sub- attribute \"type\" often has typical values of \"work\", \"home\", \"mobile\", \"fax\", \"pager\", and \"other\" and MAY allow more types to be defined by the SCIM clients."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.photo:1
|
|
#: 1b1f45abe24f408896ad3f11cc6808c7
|
|
msgid "A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) that points to a resource location representing the user's image."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.photo:5
|
|
#: 9d5908c5c4c943009e34f83028518e5c
|
|
msgid "The resource MUST be a file (e.g., a GIF, JPEG, or PNG image file) rather than a web page containing an image. Service providers MAY return the same image in different sizes, although it is recognized that no standard for describing images of various sizes currently exists. Note that this attribute SHOULD NOT be used to send down arbitrary photos taken by this user; instead, profile photos of the user that are suitable for display when describing the user should be sent. Instead of the standard canonical values for type, this attribute defines the following canonical values to represent popular photo sizes: \"photo\" and \"thumbnail\"."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.postal_code:1
|
|
#: be3a35536d93497eb6d9d585837b2283
|
|
msgid "The zip code or postal code component."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.preferred_language:1
|
|
#: c128776195cd492f9ad3d7949bbc3b54
|
|
msgid "Indicates the user's preferred written or spoken languages and is generally used for selecting a localized user interface."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.preferred_language:4
|
|
#: 2f1af307075f44638377fff8773edfba
|
|
msgid "The value indicates the set of natural languages that are preferred. The format of the value is the same as the HTTP Accept-Language header field (not including \"Accept-Language:\") and is specified in Section 5.3.5 of [RFC7231]. The intent of this value is to enable cloud applications to perform matching of language tags [RFC4647] to the user's language preferences, regardless of what may be indicated by a user agent (which might be shared), or in an interaction that does not involve a user (such as in a delegated OAuth 2.0 [RFC6749] style interaction) where normal HTTP Accept-Language header negotiation cannot take place."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.profile_url:1
|
|
#: aed0249175b44f0b9f2feb1aa515c775
|
|
msgid "A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) and that points to a location representing the user's online profile (e.g., a web page)."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.profile_url:5
|
|
#: daa70d8170444df5a30410cc87f393db
|
|
msgid "URIs are canonicalized per Section 6.2 of [RFC3986]."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/core/models.py:docstring of canaille.core.models.User.readable_fields:1
|
|
#: debf78051e654f52af684f36c1629415
|
|
msgid "The fields the user can read according to the :class:`configuration <canaille.core.configuration.ACLSettings>` configuration."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/core/models.py:docstring of canaille.core.models.User.readable_fields:4
|
|
#: 797042e3224245dbb82b8e2c6c7882be
|
|
msgid "This does not include the :attr:`writable <canaille.core.models.User.writable_fields>` fields."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.region:1
|
|
#: adca0f9fe25e411e8e82b9fd9a78b778
|
|
msgid "The state or region component."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.street:1
|
|
#: 3a12008e383748b9a68f380f06740b99
|
|
msgid "The full street address component, which may include house number, street name, P.O."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.street:4
|
|
#: 28be3cbf04994e0f84565569a0cab6db
|
|
msgid "box, and multi-line extended street address information. This attribute MAY contain newlines."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.title:1
|
|
#: bc37ec09dcf441b18e6a7a14f4fa032b
|
|
msgid "The user's title, such as \"Vice President\"."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.user_name:1
|
|
#: f3748083c91b42a3a188413f1c0b9003
|
|
msgid "A service provider's unique identifier for the user, typically used by the user to directly authenticate to the service provider."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.core.models.User.user_name:4
|
|
#: 5fb20fd2207e4f00941d6491626145fc
|
|
msgid "Often displayed to the user as their unique identifier within the system (as opposed to \"id\" or \"externalId\", which are generally opaque and not user-friendly identifiers). Each User MUST include a non-empty userName value. This identifier MUST be unique across the service provider's entire set of Users. This attribute is REQUIRED and is case insensitive."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/core/models.py:docstring of canaille.core.models.User.writable_fields:1
|
|
#: 118f89cc1cbd40e1904344299ec0ff2f
|
|
msgid "The fields the user can write according to the :class:`configuration <canaille.core.configuration.ACLSettings>`."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.AuthorizationCode:1
|
|
#: 9facc36af225404d9779eaf6bf2bfab7
|
|
msgid "OpenID Connect temporary authorization code definition."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Client:1
|
|
#: 3bdc94d169f4438894bf0425d195e506
|
|
msgid "OpenID Connect client definition, based on the `OAuth 2.0 Dynamic Client Registration protocols <https://datatracker.ietf.org/doc/html/rfc7591.html>`_ and the `OpenID Connect RP-Initiated Logout <https://openid.net/specs/openid-connect-rpinitiated-1_0.html>`_ specifications."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.client_id:3
|
|
#: 9c71570390a0463e962bce31ea5088b3
|
|
msgid "OAuth 2.0 client identifier string. It SHOULD NOT be currently valid for any other registered client, though an authorization server MAY issue the same client identifier to multiple instances of a registered client at its discretion."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.client_id_issued_at:1
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.client_secret:1
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.post_logout_redirect_uris:1
|
|
#: 3c32fe5a481b412bb1e1b937ee4869ec
|
|
#: 044bd6e4946b410198e0d298277e7dd4
|
|
#: 6c48ff3f31a641aa937776cb3fae89b3
|
|
msgid "OPTIONAL."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.client_id_issued_at:3
|
|
#: 2f4229be751d4e5caa1b9069d15f33b8
|
|
msgid "Time at which the client identifier was issued. The time is represented as the number of seconds from 1970-01-01T00:00:00Z as measured in UTC until the date/time of issuance."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.client_name:1
|
|
#: 956366c2776548e6a62315bcb4247b8e
|
|
msgid "Human-readable string name of the client to be presented to the end-user during authorization."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.client_name:4
|
|
#: 4d83c77c154048298477394cfcb5fc9a
|
|
msgid "If omitted, the authorization server MAY display the raw \"client_id\" value to the end-user instead. It is RECOMMENDED that clients always send this field. The value of this field MAY be internationalized, as described in Section 2.2."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.client_secret:3
|
|
#: dce117516b124deab7b810b6c54fa0ac
|
|
msgid "OAuth 2.0 client secret string. If issued, this MUST be unique for each \"client_id\" and SHOULD be unique for multiple instances of a client using the same \"client_id\". This value is used by confidential clients to authenticate to the token endpoint, as described in OAuth 2.0 [RFC6749], Section 2.3.1."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.client_secret_expires_at:1
|
|
#: b85460cc7e254321ac121e50eaffbd3a
|
|
msgid "REQUIRED if \"client_secret\" is issued."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.client_secret_expires_at:3
|
|
#: a760adab225b4b7f8569ac1aedcd0fe4
|
|
msgid "Time at which the client secret will expire or 0 if it will not expire. The time is represented as the number of seconds from 1970-01-01T00:00:00Z as measured in UTC until the date/time of expiration."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.client_uri:1
|
|
#: 368fa31181994524b25de364044e969d
|
|
msgid "URL string of a web page providing information about the client."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.client_uri:3
|
|
#: 0a20833287484008ac3e4a7377b83fae
|
|
msgid "If present, the server SHOULD display this URL to the end-user in a clickable fashion. It is RECOMMENDED that clients always send this field. The value of this field MUST point to a valid web page. The value of this field MAY be internationalized, as described in Section 2.2."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.contacts:1
|
|
#: 9b6834ade33a4cd6941bb4ce4fbbe533
|
|
msgid "Array of strings representing ways to contact people responsible for this client, typically email addresses."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.contacts:4
|
|
#: af5b08bc89ec4d77b081ecb7134fa27f
|
|
msgid "The authorization server MAY make these contact addresses available to end-users for support requests for the client. See Section 6 for information on Privacy Considerations."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:1
|
|
#: a98a93fb09664916a5e87eb824142864
|
|
msgid "Array of OAuth 2.0 grant type strings that the client can use at the token endpoint. These grant types are defined as follows:"
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:4
|
|
#: 5b3b26e17f8b4debb5f24b1f09741112
|
|
msgid "\"authorization_code\": The authorization code grant type defined in OAuth 2.0, Section 4.1."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:7
|
|
#: 2e3fc7ab9197457a9cb841b2ad5db74c
|
|
msgid "\"implicit\": The implicit grant type defined in OAuth 2.0, Section 4.2."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:10
|
|
#: 4b0a5a3917a1404489a1c35523b3101e
|
|
msgid "\"password\": The resource owner password credentials grant type defined in OAuth 2.0, Section 4.3."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:13
|
|
#: 857eea7248a341aa921cd8fd5b724fbe
|
|
msgid "\"client_credentials\": The client credentials grant type defined in OAuth 2.0, Section 4.4."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:16
|
|
#: f5f2816191814d21bfec694ca69ff1d1
|
|
msgid "\"refresh_token\": The refresh token grant type defined in OAuth 2.0, Section 6."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:19
|
|
#: c541d54100d34722acd417b25e98bd5c
|
|
msgid "\"urn:ietf:params:oauth:grant-type:jwt-bearer\": The JWT Bearer Token Grant Type defined in OAuth JWT Bearer Token Profiles [RFC7523]."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:23
|
|
#: 2ea0af9e26be4d2db3d332e953e8ca8b
|
|
msgid "\"urn:ietf:params:oauth:grant-type:saml2-bearer\": The SAML 2.0 Bearer Assertion Grant defined in OAuth SAML 2 Bearer Token Profiles [RFC7522]."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.grant_types:27
|
|
#: 57292fb5f1634d3bba1da0262c280fcb
|
|
msgid "If the token endpoint is used in the grant type, the value of this parameter MUST be the same as the value of the \"grant_type\" parameter passed to the token endpoint defined in the grant type definition. Authorization servers MAY allow for other values as defined in the grant type extension process described in OAuth 2.0, Section 4.5. If omitted, the default behavior is that the client will use only the \"authorization_code\" Grant Type."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.jwk:1
|
|
#: d4b452db75264d40be92a7a921f87428
|
|
msgid "Client's JSON Web Key Set [RFC7517] document value, which contains the client's public keys."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.jwk:4
|
|
#: bf3972f670c941ad85e0478d1808ff37
|
|
msgid "The value of this field MUST be a JSON object containing a valid JWK Set. These keys can be used by higher-level protocols that use signing or encryption. This parameter is intended to be used by clients that cannot use the \"jwks_uri\" parameter, such as native clients that cannot host public URLs. The \"jwks_uri\" and \"jwks\" parameters MUST NOT both be present in the same request or response."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.jwks_uri:1
|
|
#: 268c5ebb6d01426daf157137967ceb71
|
|
msgid "URL string referencing the client's JSON Web Key (JWK) Set [RFC7517] document, which contains the client's public keys."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.jwks_uri:4
|
|
#: 7fc031400ba5483787d3755a50404f52
|
|
msgid "The value of this field MUST point to a valid JWK Set document. These keys can be used by higher-level protocols that use signing or encryption. For instance, these keys might be used by some applications for validating signed requests made to the token endpoint when using JWTs for client authentication [RFC7523]. Use of this parameter is preferred over the \"jwks\" parameter, as it allows for easier key rotation. The \"jwks_uri\" and \"jwks\" parameters MUST NOT both be present in the same request or response."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.logo_uri:1
|
|
#: 2e7ce4c75ee742bca61f56435df8c8ba
|
|
msgid "URL string that references a logo for the client."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.logo_uri:3
|
|
#: 9b60b488494740178fa0eb696a830276
|
|
msgid "If present, the server SHOULD display this image to the end-user during approval. The value of this field MUST point to a valid image file. The value of this field MAY be internationalized, as described in Section 2.2."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.policy_uri:1
|
|
#: 6196df903f044a869d63d7bfe59029ec
|
|
msgid "URL string that points to a human-readable privacy policy document that describes how the deployment organization collects, uses, retains, and discloses personal data."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.policy_uri:5
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.tos_uri:5
|
|
#: 4a2485a600f84752af39a53edb626de6
|
|
#: 7107cb606a41467ba4620b8833bce409
|
|
msgid "The authorization server SHOULD display this URL to the end-user if it is provided. The value of this field MUST point to a valid web page. The value of this field MAY be internationalized, as described in Section 2.2."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.post_logout_redirect_uris:3
|
|
#: c72d1bb71dd94b548279d1efbc710585
|
|
msgid "Array of URLs supplied by the RP to which it MAY request that the End-User's User Agent be redirected using the post_logout_redirect_uri parameter after a logout has been performed. These URLs SHOULD use the https scheme and MAY contain port, path, and query parameter components; however, they MAY use the http scheme, provided that the Client Type is confidential, as defined in Section 2.1 of OAuth 2.0 [RFC6749], and provided the OP allows the use of http RP URIs."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.redirect_uris:1
|
|
#: 2e06e42021994d9880933a147f75ac42
|
|
msgid "Array of redirection URI strings for use in redirect-based flows such as the authorization code and implicit flows."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.redirect_uris:4
|
|
#: d620c8983f004e97b068e92227d397ca
|
|
msgid "As required by Section 2 of OAuth 2.0 [RFC6749], clients using flows with redirection MUST register their redirection URI values. Authorization servers that support dynamic registration for redirect-based flows MUST implement support for this metadata value."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.response_types:1
|
|
#: 0199d813ba7048eab35fcd268b27bfcc
|
|
msgid "Array of the OAuth 2.0 response type strings that the client can use at the authorization endpoint. These response types are defined as follows:"
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.response_types:5
|
|
#: 4bab6b2fed8a4f1ab9108994d6fb98e0
|
|
msgid "\"code\": The authorization code response type defined in OAuth 2.0, Section 4.1."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.response_types:8
|
|
#: 00457e11ffec4ca3b872fb7f97e43510
|
|
msgid "\"token\": The implicit response type defined in OAuth 2.0, Section 4.2."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.response_types:11
|
|
#: 7fd3e01f1e3e4a3e98a4a71071fde775
|
|
msgid "If the authorization endpoint is used by the grant type, the value of this parameter MUST be the same as the value of the \"response_type\" parameter passed to the authorization endpoint defined in the grant type definition. Authorization servers MAY allow for other values as defined in the grant type extension process is described in OAuth 2.0, Section 4.5. If omitted, the default is that the client will use only the \"code\" response type."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.scope:1
|
|
#: 8b411c3c4d744e66a74e7e4bf52e621c
|
|
msgid "String containing a space-separated list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) that the client can use when requesting access tokens."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.scope:5
|
|
#: 953f41806c6e4932b7c4edf6f0ddd507
|
|
msgid "The semantics of values in this list are service specific. If omitted, an authorization server MAY register a client with a default set of scopes."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.software_id:1
|
|
#: 4fc9f0306c584316aa4c1b3c2d844099
|
|
msgid "A unique identifier string (e.g., a Universally Unique Identifier (UUID)) assigned by the client developer or software publisher used by registration endpoints to identify the client software to be dynamically registered."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.software_id:6
|
|
#: 2125d1eb4c6b4718b6c4331052fe7faa
|
|
msgid "Unlike \"client_id\", which is issued by the authorization server and SHOULD vary between instances, the \"software_id\" SHOULD remain the same for all instances of the client software. The \"software_id\" SHOULD remain the same across multiple updates or versions of the same piece of software. The value of this field is not intended to be human readable and is usually opaque to the client and authorization server."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.software_version:1
|
|
#: 40e1b0990ec746bf8c9d05c246211b2f
|
|
msgid "A version identifier string for the client software identified by \"software_id\"."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.software_version:4
|
|
#: 34d17136e48a479b9fe5b56d79bae90b
|
|
msgid "The value of the \"software_version\" SHOULD change on any update to the client software identified by the same \"software_id\". The value of this field is intended to be compared using string equality matching and no other comparison semantics are defined by this specification. The value of this field is outside the scope of this specification, but it is not intended to be human readable and is usually opaque to the client and authorization server. The definition of what constitutes an update to client software that would trigger a change to this value is specific to the software itself and is outside the scope of this specification."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:1
|
|
#: 4c0d764f9b464300b91cb575bec81042
|
|
msgid "String indicator of the requested authentication method for the token endpoint. Values defined by this specification are:"
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:4
|
|
#: 06c9b086f72f4839b8e624dafa032e65
|
|
msgid "\"none\": The client is a public client as defined in OAuth 2.0, Section 2.1, and does not have a client secret."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:7
|
|
#: f0c62329f807478fba3956bb2b215eff
|
|
msgid "\"client_secret_post\": The client uses the HTTP POST parameters as defined in OAuth 2.0, Section 2.3.1."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:10
|
|
#: 6aae16f0c1f44fbca7c2cf890999a8d7
|
|
msgid "\"client_secret_basic\": The client uses HTTP Basic as defined in OAuth 2.0, Section 2.3.1."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.token_endpoint_auth_method:13
|
|
#: 93316ec1de384670bee6411eeeee736a
|
|
msgid "Additional values can be defined via the IANA \"OAuth Token Endpoint Authentication Methods\" registry established in Section 4.2. Absolute URIs can also be used as values for this parameter without being registered. If unspecified or omitted, the default is \"client_secret_basic\", denoting the HTTP Basic authentication scheme as specified in Section 2.3.1 of OAuth 2.0."
|
|
msgstr ""
|
|
|
|
#: ../../docstring of canaille.oidc.basemodels.Client.tos_uri:1
|
|
#: 688470bc69ac41dcbde0543cf71e5479
|
|
msgid "URL string that points to a human-readable terms of service document for the client that describes a contractual relationship between the end-user and the client that the end-user accepts when authorizing the client."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Consent:1
|
|
#: fbc25995a4954ad89cf6363836c086b9
|
|
msgid "Long-term user consent to an application."
|
|
msgstr ""
|
|
|
|
#: ../../canaille/oidc/basemodels.py:docstring of canaille.oidc.basemodels.Token:1
|
|
#: c24dba2ff5d047d18e4c44c48289f2dc
|
|
msgid "OpenID Connect token definition."
|
|
msgstr ""
|