auth

Paddy 2014-08-16 Parent:fc5df8e68c7b Child:9fc5fd8196b4

17:1f04b1146cad Go to Latest

auth/client.go

Implement CSRF prevention and pass info to confirmation. Implement CSRF prevention using the nosurf package. Note that the handler still needs to be wrapped before this will work. Pass info on the authorization being requested (namely the client and the scope) to the RenderConfirmation page so that the user can make an educated decision.

Download raw file
View source Diff to previous Annotate
History
1 package auth
2
3 import (
4 "secondbit.org/uuid"
5 )
6
7 // Client information
8 type Client struct {
9 ID uuid.ID
10 Secret string
11 RedirectURI string
12 OwnerID uuid.ID
13 Name string
14 Logo string
15 }
16
17 func GetClient(id uuid.ID, ctx Context) (Client, error) {
18 return ctx.Clients.GetClient(id)
19 }
20
21 func createClient(name, logo, redirectURI string, owner uuid.ID, ctx Context) (Client, error) {
22 return ctx.Clients.CreateClient(name, logo, redirectURI, owner)
23 }
24
25 func updateClient(client *Client, name, logo, redirectURI *string, ctx Context) error {
26 if client == nil {
27 return NilClientError
28 }
29 err := ctx.Clients.UpdateClient(client.ID, name, logo, redirectURI)
30 if err != nil {
31 return err
32 }
33 if name != nil {
34 client.Name = *name
35 }
36 if logo != nil {
37 client.Logo = *logo
38 }
39 if redirectURI != nil {
40 client.RedirectURI = *redirectURI
41 }
42 return nil
43 }
44
45 func removeClient(id uuid.ID, ctx Context) error {
46 return ctx.Clients.RemoveClient(id)
47 }
48
49 func listClients(id uuid.ID, page, num int, ctx Context) ([]Client, error) {
50 return ctx.Clients.ListClients(id, page, num)
51 }