This change implements handling for the case that a login request
retrieved from Hydra has a pre-defined subject. The login request is
rejected if the requested subject is not part of the presented client
certificate.
- hide client logo if there is no logo URI
- hide client information link if there is no client URI
- use buttons instead of a checkbox for consent
- use Markdown for messages
The primary change in this commit is the introduction of consent management.
A few minor improvements have been made:
- move common header to ui/templates/base.gohtml
- add an I18NService to unify localization
- add a handlers.getLocalizer function
- fix translation extraction and merging in Makefile
- add a new AuthMiddleware to centralize client certificate authentication
- move client certificate handling to internal/handlers/security.go
- improver error handling, allow localization of HTTP error messages
- move internal code to internal directory
- add translations for texts on missing email in client certificate page
- add error handling for missing login_challenge request parameter
- add Markdown support via goldmark
- use https:// URLs in Apache license headers
Jan Dittberner