auth
139:026adb0c7fc4
Go to Latest
auth/authd/templates/simple.gotmpl
Test our GetClientHandler function, add isAuthError helper.
Add a helper that identifies whether the error passed to it is an authentication
error or is some other type of error. This is useful fo checking whether or not
an internal error occurred while authenticating users.
Update all instances where we call our authentication helper to make them use
the new error helper. All tests continue to pass.
Add a new test case for retrieving a client as an unauthenticated user. This
clears the client's secret from the response before sending it.
Update the GetClientHandler function to return the secret when the owner of the
client used Basic Auth in the request.
Add a new test case for retrieving a client as an authenticated user, both the
owner and a non-owner user. This makes sure the secret is divulged only in the
appropriate cases.
1 {{ define "login" }}<html>
6 <h1>Please log into your account</h1>{{ if .errors }}
8 <ul>{{ range .errors }}
10 </ul>{{ end }}{{ end }}
12 <p>Username: <input type="text" name="login"></p>
13 <p>Password: <input type="password" name="passphrase"></p>
14 <p><input type="submit"></p>
19 {{ define "get_grant" }}<html>
21 <title>Grant access</title>
25 <p>{{ .error }}</p>{{ end }}{{ if .internal_error }}
27 <p>{{ .internal_error }}</p>{{ end }}{{ if not .error }}{{ if not .internal_error }}<h1>Grant access</h1>
28 <p>{{ .client.Name }} is requesting access to your account. if you grant it, you'll be redirected to {{ .redirectURL }}. Their access will be limited to {{ .scope }}. You are granting access for {{ .profile.Name }}.</p>{{ end }}{{ end }}
30 <input type="submit" name="grant" value="approved">
31 <input type="hidden" name="csrftoken" value="{{ .csrftoken }}">