auth
auth/authd/templates/simple.gotmpl
Let's test our verifyClient function. C'mon, it'll be fun! Add a function that tests the verifyClient function to our unit test suite. Basically, make sure that all the conceivable types of input have the right logic flow for what a "valid client" is. Also leave a note in client.go that makes it clear that public clients _should not be issued secrets in the first place_, because a public client that is issued a secret and specifies its client ID using the `client_id` POST body format will be told that it is not a valid client. While there are ways around this, the spec clearly states that non-confidential clients are not supposed to be issued secrets, so this seems like a nice way to conform to the spec or break trying.
| paddy@100 | 1 {{ define "login" }}<html> |
| paddy@100 | 2 <head> |
| paddy@100 | 3 <title>Log in</title> |
| paddy@100 | 4 </head> |
| paddy@100 | 5 <body> |
| paddy@100 | 6 <h1>Please log into your account</h1>{{ if .errors }} |
| paddy@100 | 7 <h2>Errors:</h2> |
| paddy@100 | 8 <ul>{{ range .errors }} |
| paddy@100 | 9 <li>{{ . }}</li> |
| paddy@100 | 10 </ul>{{ end }}{{ end }} |
| paddy@100 | 11 <form method="POST"> |
| paddy@100 | 12 <p>Username: <input type="text" name="login"></p> |
| paddy@100 | 13 <p>Password: <input type="password" name="passphrase"></p> |
| paddy@100 | 14 <p><input type="submit"></p> |
| paddy@100 | 15 </form> |
| paddy@100 | 16 </body> |
| paddy@100 | 17 </html>{{ end }} |
| paddy@106 | 18 |
| paddy@106 | 19 {{ define "get_grant" }}<html> |
| paddy@106 | 20 <head> |
| paddy@106 | 21 <title>Grant access</title> |
| paddy@106 | 22 </head> |
| paddy@106 | 23 <body>{{ if .error }} |
| paddy@106 | 24 <h1>Error</h1> |
| paddy@106 | 25 <p>{{ .error }}</p>{{ end }}{{ if .internal_error }} |
| paddy@106 | 26 <h1>Error</h1> |
| paddy@106 | 27 <p>{{ .internal_error }}</p>{{ end }}{{ if not .error }}{{ if not .internal_error }}<h1>Grant access</h1> |
| paddy@108 | 28 <p>{{ .client.Name }} is requesting access to your account. if you grant it, you'll be redirected to {{ .redirectURL }}. Their access will be limited to {{ .scope }}. You are granting access for {{ .profile.Name }}.</p>{{ end }}{{ end }} |
| paddy@108 | 29 <form method="POST"> |
| paddy@108 | 30 <input type="submit" name="grant" value="approved"> |
| paddy@108 | 31 </form> |
| paddy@106 | 32 </body> |
| paddy@106 | 33 </html>{{ end }} |