2022-07-28 18:13:24 +00:00
|
|
|
{% import (
|
|
|
|
|
"source.toby3d.me/toby3d/auth/internal/domain"
|
|
|
|
|
) %}
|
2022-01-04 17:31:33 +00:00
|
|
|
|
2022-01-20 19:50:15 +00:00
|
|
|
{% code type AuthorizePage struct {
|
2022-01-04 17:31:33 +00:00
|
|
|
BaseOf
|
2022-01-31 16:15:38 +00:00
|
|
|
Scope domain.Scopes
|
2022-07-28 18:13:24 +00:00
|
|
|
CodeChallengeMethod domain.CodeChallengeMethod
|
|
|
|
|
ResponseType domain.ResponseType
|
2022-01-04 17:31:33 +00:00
|
|
|
Client *domain.Client
|
2022-01-20 19:50:15 +00:00
|
|
|
Me *domain.Me
|
2022-01-31 16:15:38 +00:00
|
|
|
RedirectURI *domain.URL
|
2022-07-28 18:13:24 +00:00
|
|
|
Providers []*domain.Provider
|
|
|
|
|
CSRF []byte
|
2022-01-04 17:31:33 +00:00
|
|
|
CodeChallenge string
|
|
|
|
|
State string
|
|
|
|
|
} %}
|
2021-07-21 23:04:00 +00:00
|
|
|
|
2023-08-06 00:42:38 +00:00
|
|
|
{% func (p *AuthorizePage) title() %}
|
2023-08-07 03:10:00 +00:00
|
|
|
{% if p.Client.Name != "" %}
|
|
|
|
|
{%= p.t("Authorize %s", p.Client.Name) %}
|
2023-01-14 21:27:37 +00:00
|
|
|
{% else %}
|
2023-08-06 00:42:38 +00:00
|
|
|
{%= p.t("Authorize application") %}
|
2023-01-14 21:27:37 +00:00
|
|
|
{% endif %}
|
2022-01-20 19:50:15 +00:00
|
|
|
{% endfunc %}
|
2021-07-21 23:04:00 +00:00
|
|
|
|
2023-08-06 00:42:38 +00:00
|
|
|
{% func (p *AuthorizePage) body() %}
|
2023-01-14 21:27:37 +00:00
|
|
|
<header>
|
2023-08-07 03:10:00 +00:00
|
|
|
{% if p.Client.Logo != nil %}
|
2023-01-14 21:27:37 +00:00
|
|
|
<img class=""
|
|
|
|
|
crossorigin="anonymous"
|
|
|
|
|
decoding="async"
|
|
|
|
|
height="140"
|
|
|
|
|
importance="high"
|
|
|
|
|
loading="lazy"
|
|
|
|
|
referrerpolicy="no-referrer-when-downgrade"
|
2023-08-07 03:10:00 +00:00
|
|
|
src="{%s p.Client.Logo.String() %}"
|
|
|
|
|
alt="{%s p.Client.Name %}"
|
2023-01-14 21:27:37 +00:00
|
|
|
width="140">
|
|
|
|
|
{% endif %}
|
2021-07-21 23:04:00 +00:00
|
|
|
|
2023-01-14 21:27:37 +00:00
|
|
|
<h2>
|
2023-08-07 03:10:00 +00:00
|
|
|
{% if p.Client.URL != nil %}
|
|
|
|
|
<a href="{%s p.Client.URL.String() %}">
|
2022-01-20 19:50:15 +00:00
|
|
|
{% endif %}
|
2023-08-07 03:10:00 +00:00
|
|
|
{% if p.Client.Name != "" %}
|
|
|
|
|
{%s p.Client.Name %}
|
2022-01-20 19:50:15 +00:00
|
|
|
{% else %}
|
2023-01-14 21:27:37 +00:00
|
|
|
{%s p.Client.ID.String() %}
|
2022-01-20 19:50:15 +00:00
|
|
|
{% endif %}
|
2023-08-07 03:10:00 +00:00
|
|
|
{% if p.Client.URL != nil %}
|
2023-01-14 21:27:37 +00:00
|
|
|
</a>
|
|
|
|
|
{% endif %}
|
|
|
|
|
</h2>
|
|
|
|
|
</header>
|
|
|
|
|
|
|
|
|
|
<main>
|
2023-08-05 19:10:24 +00:00
|
|
|
<aside>
|
|
|
|
|
{% if p.CodeChallengeMethod != domain.CodeChallengeMethodUnd && p.CodeChallenge != "" %}
|
|
|
|
|
<p class="with-icon">
|
|
|
|
|
<span class="icon"
|
|
|
|
|
role="img"
|
|
|
|
|
aria-label="closed lock with key">🔐</span>
|
|
|
|
|
|
2023-08-06 00:42:38 +00:00
|
|
|
{%= p.t(`This client uses %sPKCE%s with the %s%s%s method.`, `<abbr title="Proof of Key Code Exchange">`,
|
2023-08-05 19:10:24 +00:00
|
|
|
`</abbr>`, `<code>`, p.CodeChallengeMethod, `</code>`) %}
|
|
|
|
|
</p>
|
|
|
|
|
{% else %}
|
|
|
|
|
<details>
|
|
|
|
|
<summary class="with-icon">
|
|
|
|
|
<span class="icon"
|
|
|
|
|
role="img"
|
|
|
|
|
aria-label="unlock">🔓</span>
|
|
|
|
|
|
2023-08-06 00:42:38 +00:00
|
|
|
{%= p.t(`This client does not use %sPKCE%s!`, `<abbr title="Proof of Key Code Exchange">`, `</abbr>`) %}
|
2023-08-05 19:10:24 +00:00
|
|
|
</summary>
|
|
|
|
|
<p>
|
2023-08-06 00:42:38 +00:00
|
|
|
{%= p.t(`%sProof of Key Code Exchange%s is a mechanism that protects against attackers in the middle hijacking `+
|
2023-08-05 19:10:24 +00:00
|
|
|
`your application's authentication process. You can still authorize this application without this protection, `+
|
|
|
|
|
`but you must independently verify the security of this connection. If you have any doubts - stop the process `+
|
|
|
|
|
` and contact the developers.`, `<dfn id="PKCE">`, `</dfn>`) %}
|
|
|
|
|
</p>
|
|
|
|
|
</details>
|
|
|
|
|
{% endif %}
|
|
|
|
|
</aside>
|
|
|
|
|
|
2023-01-14 21:27:37 +00:00
|
|
|
<form class=""
|
|
|
|
|
accept-charset="utf-8"
|
|
|
|
|
action="/authorize/verify"
|
|
|
|
|
autocomplete="off"
|
|
|
|
|
enctype="application/x-www-form-urlencoded"
|
|
|
|
|
method="post"
|
|
|
|
|
novalidate="true"
|
|
|
|
|
target="_self">
|
|
|
|
|
|
|
|
|
|
{% if p.CSRF != nil %}
|
|
|
|
|
<input type="hidden"
|
|
|
|
|
name="_csrf"
|
|
|
|
|
value="{%z p.CSRF %}">
|
|
|
|
|
{% endif %}
|
2022-01-20 19:50:15 +00:00
|
|
|
|
2023-01-14 21:27:37 +00:00
|
|
|
{% for key, val := range map[string]string{
|
2023-01-16 10:19:22 +00:00
|
|
|
"client_id": p.Client.ID.String(),
|
|
|
|
|
"redirect_uri": p.RedirectURI.String(),
|
|
|
|
|
"response_type": p.ResponseType.String(),
|
|
|
|
|
"state": p.State,
|
|
|
|
|
} %}
|
2023-01-14 21:27:37 +00:00
|
|
|
<input type="hidden"
|
|
|
|
|
name="{%s key %}"
|
|
|
|
|
value="{%s val %}">
|
|
|
|
|
{% endfor %}
|
|
|
|
|
|
|
|
|
|
{% if len(p.Scope) > 0 %}
|
|
|
|
|
<fieldset>
|
2023-08-06 00:42:38 +00:00
|
|
|
<legend>{%= p.t("Scopes") %}</legend>
|
2023-01-14 21:27:37 +00:00
|
|
|
|
|
|
|
|
{% for _, scope := range p.Scope %}
|
|
|
|
|
<div>
|
|
|
|
|
<label>
|
|
|
|
|
<input type="checkbox"
|
|
|
|
|
name="scope[]"
|
|
|
|
|
value="{%s scope.String() %}"
|
|
|
|
|
checked>
|
|
|
|
|
|
|
|
|
|
{%s scope.String() %}
|
|
|
|
|
</label>
|
|
|
|
|
</div>
|
2022-01-20 19:50:15 +00:00
|
|
|
{% endfor %}
|
2023-01-14 21:27:37 +00:00
|
|
|
</fieldset>
|
2023-08-05 19:10:24 +00:00
|
|
|
{% else %}
|
|
|
|
|
<aside>
|
2023-08-06 00:42:38 +00:00
|
|
|
<p>{%= p.t(`No scopes is requested: the application will only get your profile URL.`) %}</p>
|
2023-08-05 19:10:24 +00:00
|
|
|
</aside>
|
2023-01-14 21:27:37 +00:00
|
|
|
{% endif %}
|
2022-01-20 19:50:15 +00:00
|
|
|
|
2023-01-14 21:27:37 +00:00
|
|
|
{% if p.CodeChallenge != "" %}
|
2023-01-16 10:19:22 +00:00
|
|
|
{% for key, val := range map[string]string{
|
|
|
|
|
"code_challenge": p.CodeChallenge,
|
|
|
|
|
"code_challenge_method": p.CodeChallengeMethod.String(),
|
|
|
|
|
} %}
|
2023-01-14 21:27:37 +00:00
|
|
|
<input type="hidden"
|
2023-01-16 10:19:22 +00:00
|
|
|
name="{%s key %}"
|
|
|
|
|
value="{%s val %}">
|
|
|
|
|
{% endfor %}
|
2023-01-14 21:27:37 +00:00
|
|
|
{% endif %}
|
2022-01-20 19:50:15 +00:00
|
|
|
|
2023-01-14 21:27:37 +00:00
|
|
|
{% if p.Me != nil %}
|
|
|
|
|
<input type="hidden"
|
|
|
|
|
name="me"
|
|
|
|
|
value="{%s p.Me.String() %}">
|
|
|
|
|
{% endif %}
|
2022-01-20 19:50:15 +00:00
|
|
|
|
2023-01-14 21:27:37 +00:00
|
|
|
{% if len(p.Providers) > 0 %}
|
|
|
|
|
<select name="provider"
|
|
|
|
|
autocomplete
|
|
|
|
|
required>
|
2022-01-31 16:15:38 +00:00
|
|
|
|
2023-01-14 21:27:37 +00:00
|
|
|
{% for _, provider := range p.Providers %}
|
|
|
|
|
<option value="{%s provider.UID %}"
|
2022-01-31 16:15:38 +00:00
|
|
|
{% if provider.UID == "mastodon" %}selected{% endif %}>
|
|
|
|
|
|
2023-01-14 21:27:37 +00:00
|
|
|
{%s provider.Name %}
|
|
|
|
|
</option>
|
|
|
|
|
{% endfor %}
|
|
|
|
|
</select>
|
|
|
|
|
{% else %}
|
|
|
|
|
<input type="hidden"
|
|
|
|
|
name="provider"
|
|
|
|
|
value="direct">
|
|
|
|
|
{% endif %}
|
2022-01-31 16:15:38 +00:00
|
|
|
|
2023-01-14 21:27:37 +00:00
|
|
|
<button type="submit"
|
|
|
|
|
name="authorize"
|
|
|
|
|
value="deny">
|
2022-01-20 19:50:15 +00:00
|
|
|
|
2023-08-06 00:42:38 +00:00
|
|
|
{%= p.t("Deny") %}
|
2023-01-14 21:27:37 +00:00
|
|
|
</button>
|
2022-01-20 19:50:15 +00:00
|
|
|
|
2023-01-14 21:27:37 +00:00
|
|
|
<button type="submit"
|
|
|
|
|
name="authorize"
|
|
|
|
|
value="allow">
|
2022-01-20 19:50:15 +00:00
|
|
|
|
2023-08-06 00:42:38 +00:00
|
|
|
{%= p.t("Allow") %}
|
2023-01-14 21:27:37 +00:00
|
|
|
</button>
|
2023-08-05 19:10:24 +00:00
|
|
|
|
|
|
|
|
<aside>
|
2023-08-06 00:42:38 +00:00
|
|
|
<p>{%= p.t(`You will be redirected to %s%s%s`, `<code>`, p.RedirectURI, `</code>`) %}</p>
|
2023-08-05 19:10:24 +00:00
|
|
|
</aside>
|
2023-01-14 21:27:37 +00:00
|
|
|
</form>
|
|
|
|
|
</main>
|
|
|
|
|
{% endfunc %}
|
