auth
auth/authcode.go
Attach our Scope type to AuthCodes and Tokens. When obtaining an AuthorizationCode or Token, attach a slice of strings, each one a Scope ID, instead of just attaching the encoded string the user passes in. This will allow us to change our Scope encoding down the line, and is more conceptually faithful. Also, if an authorization request is made with an invalid scope, return the invalid_scope error.
1.1 --- a/authcode.go Fri Feb 20 22:34:43 2015 -0500 1.2 +++ b/authcode.go Tue Mar 03 22:18:28 2015 -0500 1.3 @@ -37,7 +37,7 @@ 1.4 Created time.Time 1.5 ExpiresIn int32 1.6 ClientID uuid.ID 1.7 - Scope string 1.8 + Scopes []string 1.9 RedirectURI string 1.10 State string 1.11 ProfileID uuid.ID 1.12 @@ -95,7 +95,7 @@ 1.13 return nil 1.14 } 1.15 1.16 -func authCodeGrantValidate(w http.ResponseWriter, r *http.Request, context Context) (scope string, profileID uuid.ID, valid bool) { 1.17 +func authCodeGrantValidate(w http.ResponseWriter, r *http.Request, context Context) (scopes []string, profileID uuid.ID, valid bool) { 1.18 enc := json.NewEncoder(w) 1.19 code := r.PostFormValue("code") 1.20 if code == "" { 1.21 @@ -129,7 +129,7 @@ 1.22 renderJSONError(enc, "invalid_grant") 1.23 return 1.24 } 1.25 - return authCode.Scope, authCode.ProfileID, true 1.26 + return authCode.Scopes, authCode.ProfileID, true 1.27 } 1.28 1.29 func authCodeGrantInvalidate(r *http.Request, context Context) error {