auth: client.go annotate

Implement CSRF prevention and pass info to confirmation. Implement CSRF prevention using the nosurf package. Note that the handler still needs to be wrapped before this will work. Pass info on the authorization being requested (namely the client and the scope) to the RenderConfirmation page so that the user can make an educated decision.

paddy@6	1 package auth
paddy@0	2
paddy@0	3 import (
paddy@0	4 "secondbit.org/uuid"
paddy@0	5 )
paddy@0	6
paddy@0	7 // Client information
paddy@0	8 type Client struct {
paddy@0	9 ID uuid.ID
paddy@0	10 Secret string
paddy@0	11 RedirectURI string
paddy@0	12 OwnerID uuid.ID
paddy@0	13 Name string
paddy@0	14 Logo string
paddy@0	15 }
paddy@0	16
paddy@0	17 func GetClient(id uuid.ID, ctx Context) (Client, error) {
paddy@13	18 return ctx.Clients.GetClient(id)
paddy@0	19 }
paddy@0	20
paddy@0	21 func createClient(name, logo, redirectURI string, owner uuid.ID, ctx Context) (Client, error) {
paddy@13	22 return ctx.Clients.CreateClient(name, logo, redirectURI, owner)
paddy@0	23 }
paddy@0	24
paddy@0	25 func updateClient(client Client, name, logo, redirectURI string, ctx Context) error {
paddy@13	26 if client == nil {
paddy@14	27 return NilClientError
paddy@13	28 }
paddy@15	29 err := ctx.Clients.UpdateClient(client.ID, name, logo, redirectURI)
paddy@13	30 if err != nil {
paddy@13	31 return err
paddy@13	32 }
paddy@13	33 if name != nil {
paddy@13	34 client.Name = *name
paddy@13	35 }
paddy@13	36 if logo != nil {
paddy@13	37 client.Logo = *logo
paddy@13	38 }
paddy@13	39 if redirectURI != nil {
paddy@13	40 client.RedirectURI = *redirectURI
paddy@13	41 }
paddy@0	42 return nil
paddy@0	43 }
paddy@0	44
paddy@0	45 func removeClient(id uuid.ID, ctx Context) error {
paddy@13	46 return ctx.Clients.RemoveClient(id)
paddy@0	47 }
paddy@0	48
paddy@0	49 func listClients(id uuid.ID, page, num int, ctx Context) ([]Client, error) {
paddy@13	50 return ctx.Clients.ListClients(id, page, num)
paddy@0	51 }

auth

auth/client.go