auth
auth/context.go
Require full URLs for Endpoints. The spec says that we SHOULD require full URLs for redirection, but we _can_ offer the ability to set a URL as a "partial URL" if we really must. I see no particular reason to do this, so I've simplified the code by pulling that option out. This means that URLs (as long as they're normalized, which I've filed a bug in the codebase to do) can be checked using simple string comparison, which makes the likelihood of bugs across clientStorage implementations a lot lower.
1.1 --- a/context.go Sun Oct 26 00:53:36 2014 -0400 1.2 +++ b/context.go Sun Oct 26 03:22:41 2014 -0400 1.3 @@ -98,14 +98,13 @@ 1.4 } 1.5 1.6 // CheckEndpoint finds Endpoints in the clientStore associated with the Context that belong 1.7 -// to the Client specified by the passed ID and match the URI passed. If strict is true, only 1.8 -// exact matches for the URI will be returned. If it is false, matches are performed according 1.9 -// to RFC 3986 Section 6. 1.10 -func (c Context) CheckEndpoint(client uuid.ID, URI string, strict bool) (bool, error) { 1.11 +// to the Client specified by the passed ID and match the URI passed. URI matches must be 1.12 +// performed according to RFC 3986 Section 6. 1.13 +func (c Context) CheckEndpoint(client uuid.ID, URI string) (bool, error) { 1.14 if c.clients == nil { 1.15 return false, ErrNoClientStore 1.16 } 1.17 - return c.clients.checkEndpoint(client, URI, strict) 1.18 + return c.clients.checkEndpoint(client, URI) 1.19 } 1.20 1.21 // ListEndpoints finds Endpoints in the clientStore associated with the Context that belong