Migrate all resources to json contents;

improve token decoding & logging error messages

src/oidc_test/templates/home.html

@@ -61,33 +61,30 @@
     </div>
   {% endif %}
   <hr>
-  {% if user %}
-  <p class="center">
-    Fetch resources from the resource server with your authentication token:
-  </p>
-  <div class="actions">
-    <button onclick="get_resource('time', '{{ user.access_token }}', '{{ oidc_provider_settings.id }}')">Time</button>
-    <button onclick="get_resource('bs', '{{ user.access_token }}', '{{ oidc_provider_settings.id }}')">BS</button>
-  </div>
-  <div class="resourceResult">
-    <div id="resource" class="resource"></div>
-    <div id="msg" class="msg error"></div>
-  </div>
-  <hr>
-  {% endif %}
   <div class="content">
-    <p>
-      These links should get different response codes depending on the authorization:
+    <p class="center">
+      Resources validated by scope:
     </p>
     <div class="links-to-check">
-      <a href="resource/public">Public</a>
-      <a href="resource/protected">Auth protected content</a>
-      <a href="resource/protected-by-foorole">Auth + foorole protected content</a>
-      <a href="resource/protected-by-foorole-or-barrole">Auth + foorole or barrole protected content</a>
-      <a href="resource/protected-by-barrole">Auth + barrole protected content</a>
-      <a href="resource/protected-by-foorole-and-barrole">Auth + foorole and barrole protected content</a>
-      <a href="resource/fast_api_depends" class="hidden">Using FastAPI Depends</a>
-      <!--<a href="resource/introspect">Introspect token (401 expected)</a>-->
+      <button resource-id="time" onclick="get_resource('time', '{{ user.access_token }}', '{{ oidc_provider_settings.id }}')">Time</button>
+      <button resource-id="bs" onclick="get_resource('bs', '{{ user.access_token }}', '{{ oidc_provider_settings.id }}')">BS</button>
+    </div>
+    <p>
+      Resources validated by role:
+    </p>
+    <div class="links-to-check">
+      <button resource-id="public" onclick="get_resource('public', '{{ user.access_token }}', '{{ oidc_provider_settings.id }}')">Public</button>
+      <button resource-id="protected" onclick="get_resource('protected', '{{ user.access_token }}', '{{ oidc_provider_settings.id }}')">Auth protected content</button>
+      <button resource-id="protected-by-foorole" onclick="get_resource('protected-by-foorole', '{{ user.access_token }}', '{{ oidc_provider_settings.id }}')">Auth + foorole protected content</button>
+      <button resource-id="protected-by-foorole-or-barrole" onclick="get_resource('protected-by-foorole-or-barrole', '{{ user.access_token }}', '{{ oidc_provider_settings.id }}')">Auth + foorole or barrole protected content</button>
+      <button resource-id="protected-by-barrole" onclick="get_resource('protected-by-barrole', '{{ user.access_token }}', '{{ oidc_provider_settings.id }}')">Auth + barrole protected content</button>
+      <button resource-id="protected-by-foorole-and-barrole" onclick="get_resource('protected-by-foorole-and-barrole', '{{ user.access_token }}', '{{ oidc_provider_settings.id }}')">Auth + foorole and barrole protected content</button>
+      <button resource-id="fast_api_depends" class="hidden" onclick="get_resource('fast_api_depends', '{{ user.access_token }}', '{{ oidc_provider_settings.id }}')">Using FastAPI Depends</button>
+      <!--<button resource-id="introspect" onclick="get_resource('introspect', '{{ user.access_token }}', '{{ oidc_provider_settings.id }}')">Introspect token (401 expected)</button>-->
+    </div>
+    <div class="resourceResult">
+      <div id="resource" class="resource"></div>
+      <div id="msg" class="msg error"></div>
     </div>
     {% if resources %}
       <p>