auth

Paddy 2014-11-02 Parent:dd75d24475c0 Child:f97ca45d5657

64:c29c7df35905 Go to Latest

auth/http.go

Parse the redirect URI early, add new failure modes to tests. When obtaining a grant code, parse the redirect_uri early as a URL, so we can fail without even hitting the database, if possible. Add a test to cover the scenario where the client doesn't specify an endpoint, and the client has no endpoints registered. Add a test to cover the scenario where the client has two endpoints registered, but doesn't specify an endpoint. Fix the test that tested for invalid URLs by actually using an invalid URL. Apparently, "not a URL" is a valid URL. Go figure.

Download raw file

View source Diff to previous Annotate

1 package auth

3 import (

4 "html/template"

5 "net/http"

6 "net/url"

7 "time"

9 "code.secondbit.org/uuid"

12 const (

13 getGrantTemplateName = "get_grant"

14 defaultGrantExpiration = 600 // default to ten minute grant expirations

17 // GetGrantHandler presents and processes the page for asking a user to grant access

18 // to their data. See RFC 6749, Section 4.1.

19 func GetGrantHandler(w http.ResponseWriter, r *http.Request, context Context) {

20 if r.URL.Query().Get("client_id") == "" {

21 w.WriteHeader(http.StatusBadRequest)

22 context.Render(w, getGrantTemplateName, map[string]interface{}{

23 "error": template.HTML("Client ID must be specified in the request."),

24 })

25 return

27 clientID, err := uuid.Parse(r.URL.Query().Get("client_id"))

28 if err != nil {

29 w.WriteHeader(http.StatusBadRequest)

30 context.Render(w, getGrantTemplateName, map[string]interface{}{

31 "error": template.HTML("client_id is not a valid Client ID."),

32 })

33 return

35 redirectURI := r.URL.Query().Get("redirect_uri")

36 redirectURL, err := url.Parse(redirectURI)

37 if err != nil {

38 w.WriteHeader(http.StatusBadRequest)

39 context.Render(w, getGrantTemplateName, map[string]interface{}{

40 "error": template.HTML("The redirect_uri specified is not valid."),

41 })

42 return

44 client, err := context.GetClient(clientID)

45 if err != nil {

46 if err == ErrClientNotFound {

47 w.WriteHeader(http.StatusBadRequest)

48 context.Render(w, getGrantTemplateName, map[string]interface{}{

49 "error": template.HTML("The specified Client couldn’t be found."),

50 })

51 } else {

52 w.WriteHeader(http.StatusInternalServerError)

53 context.Render(w, getGrantTemplateName, map[string]interface{}{

54 "internal_error": template.HTML(err.Error()),

55 })

57 return

59 // whether a redirect URI is valid or not depends on the number of endpoints

60 // the client has registered

61 numEndpoints, err := context.CountEndpoints(clientID)

62 if err != nil {

63 w.WriteHeader(http.StatusInternalServerError)

64 context.Render(w, getGrantTemplateName, map[string]interface{}{

65 "internal_error": template.HTML(err.Error()),

66 })

67 return

69 var validURI bool

70 if redirectURI != "" {

71 // BUG(paddy): We really should normalize URIs before trying to compare them.

72 validURI, err = context.CheckEndpoint(clientID, redirectURI)

73 if err != nil {

74 w.WriteHeader(http.StatusInternalServerError)

75 context.Render(w, getGrantTemplateName, map[string]interface{}{

76 "internal_error": template.HTML(err.Error()),

77 })

78 return

80 } else if redirectURI == "" && numEndpoints == 1 {

81 // if we don't specify the endpoint and there's only one endpoint, the

82 // request is valid, and we're redirecting to that one endpoint

83 validURI = true

84 endpoints, err := context.ListEndpoints(clientID, 1, 0)

85 if err != nil {

86 w.WriteHeader(http.StatusInternalServerError)

87 context.Render(w, getGrantTemplateName, map[string]interface{}{

88 "internal_error": template.HTML(err.Error()),

89 })

90 return

92 if len(endpoints) != 1 {

93 validURI = false

94 } else {

95 redirectURI = endpoints[0].URI.String()

97 } else {

98 validURI = false

100 if !validURI {

101 w.WriteHeader(http.StatusBadRequest)

102 context.Render(w, getGrantTemplateName, map[string]interface{}{

103 "error": template.HTML("The redirect_uri specified is not valid."),

104 })

105 return

107 scope := r.URL.Query().Get("scope")

108 state := r.URL.Query().Get("state")

109 if r.URL.Query().Get("response_type") != "code" {

110 redirectURL.Query().Add("error", "invalid_request")

111 redirectURL.Query().Add("state", state)

112 http.Redirect(w, r, redirectURL.String(), http.StatusFound)

113 return

115 if r.Method == "POST" {

116 // BUG(paddy): We need to implement CSRF protection when obtaining a grant code.

117 if r.PostFormValue("grant") == "approved" {

118 code := uuid.NewID().String()

119 grant := Grant{

120 Code: code,

121 Created: time.Now(),

122 ExpiresIn: defaultGrantExpiration,

123 ClientID: clientID,

124 Scope: scope,

125 RedirectURI: redirectURI,

126 State: state,

127 }

128 err := context.SaveGrant(grant)

129 if err != nil {

130 redirectURL.Query().Add("error", "server_error")

131 redirectURL.Query().Add("state", state)

132 http.Redirect(w, r, redirectURL.String(), http.StatusFound)

133 return

134 }

135 redirectURL.Query().Add("code", code)

136 redirectURL.Query().Add("state", state)

137 http.Redirect(w, r, redirectURL.String(), http.StatusFound)

138 return

140 redirectURL.Query().Add("error", "access_denied")

141 redirectURL.Query().Add("state", state)

142 http.Redirect(w, r, redirectURL.String(), http.StatusFound)

143 return

145 w.WriteHeader(http.StatusOK)

146 context.Render(w, getGrantTemplateName, map[string]interface{}{

147 "client": client,