auth
auth/errors.go
Implement CSRF prevention and pass info to confirmation. Implement CSRF prevention using the nosurf package. Note that the handler still needs to be wrapped before this will work. Pass info on the authorization being requested (namely the client and the scope) to the RenderConfirmation page so that the user can make an educated decision.
| paddy@6 | 1 package auth |
| paddy@1 | 2 |
| paddy@1 | 3 import "errors" |
| paddy@1 | 4 |
| paddy@1 | 5 const ( |
| paddy@3 | 6 ErrorServerError = "server_error" |
| paddy@3 | 7 ErrorInvalidRequest = "invalid_request" |
| paddy@3 | 8 ErrorAccessDenied = "access_denied" |
| paddy@3 | 9 ErrorInvalidClient = "invalid_client" |
| paddy@3 | 10 ErrorInvalidGrant = "invalid_grant" |
| paddy@3 | 11 ErrorUnauthorizedClient = "unauthorized_client" |
| paddy@3 | 12 ErrorUnsupportedGrantType = "unsupported_grant_type" |
| paddy@3 | 13 ErrorInvalidScope = "invalid_scope" |
| paddy@1 | 14 ) |
| paddy@1 | 15 |
| paddy@1 | 16 var ( |
| paddy@9 | 17 ClientNotFoundError = errors.New("Client not found.") |
| paddy@9 | 18 URIMissingError = errors.New("Redirect URI missing.") |
| paddy@9 | 19 InvalidMethodError = errors.New("Invalid request method.") |
| paddy@9 | 20 InternalServerError = errors.New("Internal server error.") |
| paddy@9 | 21 ErrorNotAuthenticated = errors.New("Not authenticated.") |
| paddy@9 | 22 InvalidClientError = errors.New("Invalid client.") |
| paddy@9 | 23 AuthorizationNotFoundError = errors.New("Authorization not found.") |
| paddy@9 | 24 ProfileNotFoundError = errors.New("Profile not found.") |
| paddy@9 | 25 TokenNotFoundError = errors.New("Token not found.") |
| paddy@14 | 26 NilClientError = errors.New("Client was nil.") |
| paddy@1 | 27 ) |
| paddy@1 | 28 |
| paddy@1 | 29 type URIFormatError string |
| paddy@1 | 30 |
| paddy@1 | 31 func (err URIFormatError) Error() string { |
| paddy@1 | 32 return "Invalid URI format: " + string(err) |
| paddy@1 | 33 } |
| paddy@1 | 34 |
| paddy@1 | 35 type InvalidClientIDError string |
| paddy@1 | 36 |
| paddy@1 | 37 func (err InvalidClientIDError) Error() string { |
| paddy@1 | 38 return "Invalid client ID: " + string(err) |
| paddy@1 | 39 } |
| paddy@1 | 40 |
| paddy@1 | 41 type URIMismatchError struct { |
| paddy@1 | 42 uri string |
| paddy@1 | 43 mismatch string |
| paddy@1 | 44 } |
| paddy@1 | 45 |
| paddy@1 | 46 func (err URIMismatchError) Error() string { |
| paddy@1 | 47 return "Supplied redirect URI " + err.mismatch + " does not match the redirect in the database (" + err.uri + ")" |
| paddy@1 | 48 } |
| paddy@1 | 49 |
| paddy@1 | 50 func NewURIMismatchError(uri, mismatch string) error { |
| paddy@1 | 51 return URIMismatchError{ |
| paddy@1 | 52 uri: uri, |
| paddy@1 | 53 mismatch: mismatch, |
| paddy@1 | 54 } |
| paddy@1 | 55 } |