<?xml version='1.0' encoding='UTF-8'?>
<rougail version="0.10">
  <variables>
    <family name="oauth2_client" description="OAuth2 client">
      <variable name="oauth2_client_server_domainname" type="domainname" description="OAuth2 server domain name" mandatory='True'/>
      <variable name="oauth2_is_client_application" type="boolean" description="OAuth2 client is an application" mandatory='True'>
        <value>False</value>
      </variable>
      <variable name="oauth2_client_name" description="OAuth2 client name" mandatory='True'/>
      <variable name="oauth2_client_description" description="OAuth2 client description" mandatory='True'/>
      <variable name="oauth2_client_login" type="web_address" description="OAuth2 URL to valid login"/>
      <family name="external">
        <variable name="oauth2_client_external" type="web_address" description="OAuth2 client external" mandatory='True' multi="True"/>
        <variable name="oauth2_client_family" description="OAuth2 family">
          <value>users</value>
        </variable>
      </family>
      <variable name="oauth2_client_category" description="OAuth2 category" mandatory='True'>
        <value>Défaut</value>
      </variable>
      <variable name="oauth2_client_logo" description="OAuth2 logo" mandatory='True'>
        <value>demo.png</value>
      </variable>
      <variable name="oauth2_client_id" description="OAuth2 ID" mandatory='True' hidden='True'/>
      <variable name="oauth2_client_secret" type="password" description="OAuth2 secret" mandatory='True' hidden='True'/>
      <variable name="oauth2_client_token_signature_algo" type="choice" description="OAuth2 token signature algorithm" mandatory='True' hidden='True'>
        <value>HS512</value>
        <choice>HS512</choice>
        <choice>RS256</choice>
      </variable>
      <variable name="oauth2_server_domainname" type="domainname" description="OAuth2 server domain name" mandatory='True' hidden='True'/>
    </family>
  </variables>
  <constraints>
    <fill name="get_provider_name">
      <param type="variable">zone_name_eth0</param>
      <param>OAuth2</param>
      <target>oauth2_client_server_domainname</target>
    </fill>
    <fill name="normalize_family">
      <param type="variable">domain_name_eth0</param>
      <target>oauth2_client_id</target>
    </fill>
    <fill name="get_password">
      <param name="server_name" type="variable">domain_name_eth0</param>
      <param name="username" type="variable">oauth2_client_id</param>
      <param name="description">remote</param>
      <param name="type">cleartext</param>
      <param name="hide" type="variable">hide_secret</param>
      <target>oauth2_client_secret</target>
    </fill>
    <fill name="set_linked_multi_variables">
      <param type="variable">oauth2_client_server_domainname</param>
      <param name="linked_value_0" type="variable">domain_name_eth0</param>
      <param name="linked_provider_0">oauth2</param>
      <param name="linked_value_1" type="variable">oauth2_client_secret</param>
      <param name="linked_provider_1">oauth2_secret</param>
      <param name="linked_value_2" type="variable" propertyerror="False">oauth2_client_name</param>
      <param name="linked_provider_2">oauth2_name</param>
      <param name="linked_value_3" type="variable" propertyerror="False">oauth2_client_description</param>
      <param name="linked_provider_3">oauth2_description</param>
      <param name="linked_value_4" type="variable" propertyerror="False">oauth2_client_external</param>
      <param name="linked_provider_4">oauth2_external</param>
      <param name="linked_value_5" type="variable" propertyerror="False">oauth2_client_family</param>
      <param name="linked_provider_5">oauth2_family</param>
      <param name="linked_value_6" type="variable">oauth2_client_category</param>
      <param name="linked_provider_6">oauth2_category</param>
      <param name="linked_value_7" type="variable">oauth2_client_logo</param>
      <param name="linked_provider_7">oauth2_logo</param>
      <param name="linked_value_8" type="variable">oauth2_client_login</param>
      <param name="linked_provider_8">oauth2_login</param>
      <param name="allow_none_8" type="boolean">True</param>
      <param name="linked_value_9" type="variable">oauth2_client_token_signature_algo</param>
      <param name="linked_provider_9">oauth2_token_signature_algo</param>
      <param name="linked_returns">external_domainname</param>
      <target>oauth2_server_domainname</target>
    </fill>
    <fill name="calc_oauth2_client_external">
      <param type="variable" optional="True">revprox_client_external_domainnames</param>
      <param type="variable" optional="True">revprox_client_location</param>
      <target>oauth2_client_external</target>
    </fill>
    <condition name="disabled_if_in" source="oauth2_is_client_application">
      <param>False</param>
      <target type="variable">oauth2_client_name</target>
      <target type="variable">oauth2_client_description</target>
      <target type="variable">oauth2_client_external</target>
      <target type="variable">oauth2_client_family</target>
    </condition>
  </constraints>
</rougail>