auth
5:7ae3f16002c1 Browse Files
Handle more errors. Handle client errors. Match redirect handling with the spec.
1.1 --- a/access.go Wed Aug 13 03:45:24 2014 -0400 1.2 +++ b/access.go Wed Aug 13 05:51:25 2014 -0400 1.3 @@ -88,7 +88,11 @@ 1.4 // must have a valid client 1.5 client, err := getClient(auth, ctx) 1.6 if err != nil { 1.7 - // TODO: return error 1.8 + if err == ClientNotFoundError || err == InvalidClientError { 1.9 + ctx.RenderJSONError(w, ErrorInvalidClient, "Invalid client auth.", ctx.Config.DocumentationDomain) 1.10 + } else { 1.11 + ctx.RenderJSONError(w, ErrorServerError, "Internal server error.", ctx.Config.DocumentationDomain) 1.12 + } 1.13 return 1.14 } 1.15 1.16 @@ -98,9 +102,10 @@ 1.17 // TODO: return error 1.18 return 1.19 } 1.20 - /*if authData.Client.RedirectURI == "" { 1.21 + if authData.RedirectURI == "" { 1.22 + ctx.RenderJSONError(w, ErrorInvalidGrant, "Invalid redirect on grant.", ctx.Config.DocumentationDomain) 1.23 return 1.24 - }*/ // TODO: should this even be checked? 1.25 + } 1.26 if authData.IsExpired() { 1.27 ctx.RenderJSONError(w, ErrorInvalidGrant, "Authorization is expired.", ctx.Config.DocumentationDomain) 1.28 return 1.29 @@ -163,7 +168,11 @@ 1.30 // must have a valid client 1.31 client, err := getClient(auth, ctx) 1.32 if err != nil { 1.33 - // TODO: return error 1.34 + if err == ClientNotFoundError || err == InvalidClientError { 1.35 + ctx.RenderJSONError(w, ErrorInvalidClient, "Invalid client auth.", ctx.Config.DocumentationDomain) 1.36 + } else { 1.37 + ctx.RenderJSONError(w, ErrorServerError, "Internal server error.", ctx.Config.DocumentationDomain) 1.38 + } 1.39 return 1.40 } 1.41 1.42 @@ -173,10 +182,6 @@ 1.43 // TODO: return error 1.44 return 1.45 } 1.46 - if refreshData.Client.RedirectURI == "" { 1.47 - // TODO: should this even be checked? 1.48 - return 1.49 - } 1.50 1.51 // client must be the same as the previous token 1.52 if !refreshData.Client.ID.Equal(client.ID) { 1.53 @@ -184,13 +189,6 @@ 1.54 return 1.55 } 1.56 1.57 - // set rest of data 1.58 - redirectURI := r.Form.Get("redirect_uri") 1.59 - if redirectURI == "" { 1.60 - redirectURI = refreshData.RedirectURI 1.61 - } 1.62 - // TODO: check redirect URI? 1.63 - 1.64 scope := r.Form.Get("scope") 1.65 if scope == "" { 1.66 scope = refreshData.Scope 1.67 @@ -198,9 +196,8 @@ 1.68 1.69 data := AccessData{ 1.70 AuthRequest: AuthRequest{ 1.71 - Client: client, 1.72 - RedirectURI: redirectURI, 1.73 - Scope: scope, 1.74 + Client: client, 1.75 + Scope: scope, 1.76 }, 1.77 PreviousAccessData: &refreshData, 1.78 } 1.79 @@ -233,16 +230,14 @@ 1.80 // must have a valid client 1.81 client, err := getClient(auth, ctx) 1.82 if err != nil { 1.83 - // TODO: return error 1.84 + if err == ClientNotFoundError || err == InvalidClientError { 1.85 + ctx.RenderJSONError(w, ErrorInvalidClient, "Invalid client auth.", ctx.Config.DocumentationDomain) 1.86 + } else { 1.87 + ctx.RenderJSONError(w, ErrorServerError, "Internal server error.", ctx.Config.DocumentationDomain) 1.88 + } 1.89 return 1.90 } 1.91 1.92 - // set redirect uri 1.93 - redirectURI := r.Form.Get("redirect_uri") 1.94 - if redirectURI == "" { 1.95 - redirectURI = client.RedirectURI 1.96 - } 1.97 - 1.98 _, err = ctx.Profiles.GetProfile(username, password) 1.99 if err != nil { 1.100 // TODO: return error 1.101 @@ -251,9 +246,8 @@ 1.102 1.103 data := AccessData{ 1.104 AuthRequest: AuthRequest{ 1.105 - Client: client, 1.106 - RedirectURI: redirectURI, 1.107 - Scope: scope, 1.108 + Client: client, 1.109 + Scope: scope, 1.110 }, 1.111 } 1.112 1.113 @@ -278,21 +272,18 @@ 1.114 // must have a valid client 1.115 client, err := getClient(auth, ctx) 1.116 if err != nil { 1.117 - // TODO: return error 1.118 + if err == ClientNotFoundError || err == InvalidClientError { 1.119 + ctx.RenderJSONError(w, ErrorInvalidClient, "Invalid client auth.", ctx.Config.DocumentationDomain) 1.120 + } else { 1.121 + ctx.RenderJSONError(w, ErrorServerError, "Internal server error.", ctx.Config.DocumentationDomain) 1.122 + } 1.123 return 1.124 } 1.125 1.126 - // set redirect uri 1.127 - redirectURI := r.Form.Get("redirect_uri") 1.128 - if redirectURI == "" { 1.129 - redirectURI = client.RedirectURI 1.130 - } 1.131 - 1.132 data := AccessData{ 1.133 AuthRequest: AuthRequest{ 1.134 - Client: client, 1.135 - RedirectURI: redirectURI, 1.136 - Scope: scope, 1.137 + Client: client, 1.138 + Scope: scope, 1.139 }, 1.140 } 1.141 1.142 @@ -387,16 +378,17 @@ 1.143 } 1.144 client, err := ctx.Clients.GetClient(id) 1.145 if err != nil { 1.146 - // TODO: abstract out errors 1.147 - return Client{}, err 1.148 + if err == ClientNotFoundError { 1.149 + return Client{}, err 1.150 + } 1.151 + // TODO: log error 1.152 + return Client{}, InternalServerError 1.153 } 1.154 if client.Secret != auth.Password { 1.155 - // TODO: return E_UNAUTHORIZED_CLIENT error 1.156 - return Client{}, nil 1.157 + return Client{}, InvalidClientError 1.158 } 1.159 if client.RedirectURI == "" { 1.160 - // TODO: return E_UNAUTHORIZED_CLIENT error 1.161 - return Client{}, nil 1.162 + return Client{}, InvalidClientError 1.163 } 1.164 return client, nil 1.165 }
2.1 --- a/errors.go Wed Aug 13 03:45:24 2014 -0400 2.2 +++ b/errors.go Wed Aug 13 05:51:25 2014 -0400 2.3 @@ -19,6 +19,7 @@ 2.4 InvalidMethodError = errors.New("Invalid request method.") 2.5 InternalServerError = errors.New("Internal server error.") 2.6 ErrorNotAuthenticated = errors.New("Not authenticated.") 2.7 + InvalidClientError = errors.New("Invalid client.") 2.8 ) 2.9 2.10 type URIFormatError string