auth: authd/templates/simple.gotmpl annotate

Attach our Scope type to AuthCodes and Tokens. When obtaining an AuthorizationCode or Token, attach a slice of strings, each one a Scope ID, instead of just attaching the encoded string the user passes in. This will allow us to change our Scope encoding down the line, and is more conceptually faithful. Also, if an authorization request is made with an invalid scope, return the invalid_scope error.

paddy@100	1 {{ define "login" }}<html>
paddy@100	2 <head>
paddy@100	3 <title>Log in</title>
paddy@100	4 </head>
paddy@100	5 <body>
paddy@100	6 <h1>Please log into your account</h1>{{ if .errors }}
paddy@100	7 <h2>Errors:</h2>
paddy@100	8 <ul>{{ range .errors }}
paddy@100	9 <li>{{ . }}</li>
paddy@100	10 </ul>{{ end }}{{ end }}
paddy@100	11 <form method="POST">
paddy@100	12 <p>Username: <input type="text" name="login"></p>
paddy@100	13 <p>Password: <input type="password" name="passphrase"></p>
paddy@100	14 <p><input type="submit"></p>
paddy@100	15 </form>
paddy@100	16 </body>
paddy@100	17 </html>{{ end }}
paddy@106	18
paddy@106	19 {{ define "get_grant" }}<html>
paddy@106	20 <head>
paddy@106	21 <title>Grant access</title>
paddy@106	22 </head>
paddy@106	23 <body>{{ if .error }}
paddy@106	24 <h1>Error</h1>
paddy@106	25 <p>{{ .error }}</p>{{ end }}{{ if .internal_error }}
paddy@106	26 <h1>Error</h1>
paddy@106	27 <p>{{ .internal_error }}</p>{{ end }}{{ if not .error }}{{ if not .internal_error }}<h1>Grant access</h1>
paddy@108	28 <p>{{ .client.Name }} is requesting access to your account. if you grant it, you'll be redirected to {{ .redirectURL }}. Their access will be limited to {{ .scope }}. You are granting access for {{ .profile.Name }}.</p>{{ end }}{{ end }}
paddy@108	29 <form method="POST">
paddy@108	30 <input type="submit" name="grant" value="approved">
paddy@132	31 <input type="hidden" name="csrftoken" value="{{ .csrftoken }}">
paddy@108	32 </form>
paddy@106	33 </body>
paddy@106	34 </html>{{ end }}

auth

auth/authd/templates/simple.gotmpl