From 92fe6bbece4680448a9fc2cdcc80ed00504d5ac3 Mon Sep 17 00:00:00 2001 From: arekkas Date: Fri, 29 Sep 2017 10:35:10 +0200 Subject: [PATCH] all: update swagger definitions and fix failing tests --- cmd/cli/handler_jwk.go | 2 +- cmd/cli/handler_recovation.go | 11 +- cmd/root_test.go | 2 +- docs/api.swagger.json | 274 ++++----- jwk/handler.go | 4 +- jwk/sdk_test.go | 4 +- oauth2/consent_manager.go | 4 +- oauth2/consent_manager_sql.go | 3 - oauth2/consent_manager_test.go | 10 +- oauth2/consent_sdk_test.go | 6 +- oauth2/doc.go | 2 +- oauth2/introspector_test.go | 6 +- oauth2/oauth2_auth_code_test.go | 2 +- oauth2/revocator_test.go | 2 +- sdk/go/hydra/sdk.go | 90 +++ sdk/go/hydra/swagger/README.md | 2 +- sdk/go/hydra/swagger/docs/OAuth2Api.md | 386 ++++++++++++- sdk/go/hydra/swagger/o_auth2_api.go | 64 +++ sdk/go/hydra/swagger/oauth2_api.go | 101 ---- sdk/js/swagger/README.md | 2 +- sdk/js/swagger/docs/OAuth2Api.md | 672 +++++++++++++++++++++- sdk/js/swagger/src/api/OAuth2Api.js | 606 ++++++++++++++++++- sdk/js/swagger/src/index.js | 11 +- sdk/js/swagger/test/api/OAuth2Api.spec.js | 10 + 24 files changed, 1989 insertions(+), 287 deletions(-) delete mode 100644 sdk/go/hydra/swagger/oauth2_api.go diff --git a/cmd/cli/handler_jwk.go b/cmd/cli/handler_jwk.go index a063a11074e..22b46f7c5d8 100644 --- a/cmd/cli/handler_jwk.go +++ b/cmd/cli/handler_jwk.go @@ -41,7 +41,7 @@ func (h *JWKHandler) CreateKeys(cmd *cobra.Command, args []string) { } alg, _ := cmd.Flags().GetString("alg") - keys, response, err := m.CreateJsonWebKeySet(args[0], hydra.CreateJsonWebKeySetPayload{Alg: alg, Kid: kid}) + keys, response, err := m.CreateJsonWebKeySet(args[0], hydra.JsonWebKeySetGeneratorRequest{Alg: alg, Kid: kid}) checkResponse(response, err, http.StatusCreated) fmt.Printf("%s\n", formatResponse(keys)) } diff --git a/cmd/cli/handler_recovation.go b/cmd/cli/handler_recovation.go index 68e59e778fd..d04070c42de 100644 --- a/cmd/cli/handler_recovation.go +++ b/cmd/cli/handler_recovation.go @@ -4,6 +4,8 @@ import ( "fmt" "net/http" + "crypto/tls" + "github.com/ory/hydra/config" hydra "github.com/ory/hydra/sdk/go/hydra/swagger" "github.com/spf13/cobra" @@ -24,7 +26,14 @@ func (h *RevocationHandler) RevokeToken(cmd *cobra.Command, args []string) { } handler := hydra.NewOAuth2ApiWithBasePath(h.Config.ClusterURL) - handler.Configuration.Transport = h.Config.OAuth2Client(cmd).Transport + handler.Configuration.Username = h.Config.ClientID + handler.Configuration.Password = h.Config.ClientSecret + + if skip, _ := cmd.Flags().GetBool("skip-tls-verify"); skip { + handler.Configuration.Transport = &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, + } + } if term, _ := cmd.Flags().GetBool("fake-tls-termination"); term { handler.Configuration.DefaultHeader["X-Forwarded-Proto"] = "https" diff --git a/cmd/root_test.go b/cmd/root_test.go index 4ccd130f94d..5b18248138e 100644 --- a/cmd/root_test.go +++ b/cmd/root_test.go @@ -40,7 +40,7 @@ func TestExecute(t *testing.T) { return err != nil }, }, - {args: []string{"connect", "--id", "admin", "--secret", "pw", "--url", "https://127.0.0.1:4444/"}}, + {args: []string{"connect", "--id", "admin", "--secret", "pw", "--url", "https://127.0.0.1:4444"}}, {args: []string{"clients", "create", "--id", "foobarbaz"}}, {args: []string{"clients", "get", "foobarbaz"}}, {args: []string{"clients", "create", "--id", "public-foo", "--is-public"}}, diff --git a/docs/api.swagger.json b/docs/api.swagger.json index 78d50b20016..b28d5bbc381 100644 --- a/docs/api.swagger.json +++ b/docs/api.swagger.json @@ -12,7 +12,7 @@ ], "swagger": "2.0", "info": { - "description": "Please refer to the user guide for in-depth documentation: https://ory.gitbooks.io/hydra/content/\n\n\nHydra offers OAuth 2.0 and OpenID Connect Core 1.0 capabilities as a service. Hydra is different, because it works with any existing authentication infrastructure, not just LDAP or SAML. By implementing a consent app (works with any programming language) you build a bridge between Hydra and your authentication infrastructure.\nHydra is able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to.\nHydra is suitable for green- (new) and brownfield (existing) projects. If you are not familiar with OAuth 2.0 and are working on a greenfield project, we recommend evaluating if OAuth 2.0 really serves your purpose. Knowledge of OAuth 2.0 is imperative in understanding what Hydra does and how it works.\n\n\nThe official repository is located at https://github.com/ory/hydra\n\n\n### ATTENTION - IMPORTANT NOTE\n\n\nThe swagger generator used to create this documentation does currently not support example responses. To see\nrequest and response payloads click on **\"Show JSON schema\"**:\n![Enable JSON Schema on Apiary](https://storage.googleapis.com/ory.am/hydra/json-schema.png)", + "description": "Please refer to the user guide for in-depth documentation: https://ory.gitbooks.io/hydra/content/\n\n\nHydra offers OAuth 2.0 and OpenID Connect Core 1.0 capabilities as a service. Hydra is different, because it works with any existing authentication infrastructure, not just LDAP or SAML. By implementing a consent app (works with any programming language) you build a bridge between Hydra and your authentication infrastructure.\nHydra is able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to.\nHydra is suitable for green- (new) and brownfield (existing) projects. If you are not familiar with OAuth 2.0 and are working on a greenfield project, we recommend evaluating if OAuth 2.0 really serves your purpose. Knowledge of OAuth 2.0 is imperative in understanding what Hydra does and how it works.\n\n\nThe official repository is located at https://github.com/ory/hydra\n\n\n### Important REST API Documentation Notes\n\nThe swagger generator used to create this documentation does currently not support example responses. To see\nrequest and response payloads click on **\"Show JSON schema\"**:\n![Enable JSON Schema on Apiary](https://storage.googleapis.com/ory.am/hydra/json-schema.png)\n\n\nThe API documentation always refers to the latest tagged version of ORY Hydra. For previous API documentations, please\nrefer to https://github.com/ory/hydra/blob/\u003ctag-id\u003e/docs/api.swagger.yaml - for example:\n\n0.9.13: https://github.com/ory/hydra/blob/v0.9.13/docs/api.swagger.yaml\n0.8.1: https://github.com/ory/hydra/blob/v0.8.1/docs/api.swagger.yaml", "title": "Hydra OAuth2 \u0026 OpenID Connect Server", "contact": { "name": "ORY", @@ -41,7 +41,7 @@ "https" ], "tags": [ - "oauth2" + "oAuth2" ], "summary": "Get list of well known JSON Web Keys", "operationId": "wellKnown", @@ -567,7 +567,7 @@ "name": "Body", "in": "body", "schema": { - "$ref": "#/definitions/createJsonWebKeySetPayload" + "$ref": "#/definitions/jsonWebKeySetGeneratorRequest" } } ], @@ -940,7 +940,7 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/acceptConsentRequestPayload" + "$ref": "#/definitions/consentRequestAcceptance" } } ], @@ -995,7 +995,7 @@ "in": "body", "required": true, "schema": { - "$ref": "#/definitions/rejectConsentRequestPayload" + "$ref": "#/definitions/consentRequestRejection" } } ], @@ -1473,7 +1473,7 @@ }, "/warden/groups": { "get": { - "description": "The subject making the request needs to be assigned to a policy containing:\n\n```\n{\n\"resources\": [\"rn:hydra:warden:groups:\u003cmember\u003e\"],\n\"actions\": [\"get\"],\n\"effect\": \"allow\"\n}\n```", + "description": "The subject making the request needs to be assigned to a policy containing:\n\n```\n{\n\"resources\": [\"rn:hydra:warden:groups\"],\n\"actions\": [\"list\"],\n\"effect\": \"allow\"\n}\n```", "consumes": [ "application/json" ], @@ -1485,10 +1485,9 @@ "https" ], "tags": [ - "warden", - "groups" + "warden" ], - "summary": "Find group IDs by member", + "summary": "Find groups by member", "operationId": "findGroupsByMember", "security": [ { @@ -1499,12 +1498,12 @@ ], "parameters": [ { - "type": "integer", - "format": "int64", + "type": "string", "x-go-name": "Member", "description": "The id of the member to look up.", "name": "member", - "in": "query" + "in": "query", + "required": true } ], "responses": { @@ -1535,8 +1534,7 @@ "https" ], "tags": [ - "warden", - "groups" + "warden" ], "summary": "Create a group", "operationId": "createGroup", @@ -1547,6 +1545,15 @@ ] } ], + "parameters": [ + { + "name": "Body", + "in": "body", + "schema": { + "$ref": "#/definitions/group" + } + } + ], "responses": { "201": { "$ref": "#/responses/groupResponse" @@ -1577,8 +1584,7 @@ "https" ], "tags": [ - "warden", - "groups" + "warden" ], "summary": "Get a group by id", "operationId": "getGroup", @@ -1591,8 +1597,7 @@ ], "parameters": [ { - "type": "integer", - "format": "int64", + "type": "string", "x-go-name": "ID", "description": "The id of the group to look up.", "name": "id", @@ -1628,8 +1633,7 @@ "https" ], "tags": [ - "warden", - "groups" + "warden" ], "summary": "Delete a group by id", "operationId": "deleteGroup", @@ -1642,8 +1646,7 @@ ], "parameters": [ { - "type": "integer", - "format": "int64", + "type": "string", "x-go-name": "ID", "description": "The id of the group to look up.", "name": "id", @@ -1681,8 +1684,7 @@ "https" ], "tags": [ - "warden", - "groups" + "warden" ], "summary": "Add members to a group", "operationId": "addMembersToGroup", @@ -1695,8 +1697,7 @@ ], "parameters": [ { - "type": "integer", - "format": "int64", + "type": "string", "x-go-name": "ID", "description": "The id of the group to modify.", "name": "id", @@ -1707,7 +1708,7 @@ "name": "Body", "in": "body", "schema": { - "$ref": "#/definitions/membersRequest" + "$ref": "#/definitions/groupMembers" } } ], @@ -1739,8 +1740,7 @@ "https" ], "tags": [ - "warden", - "groups" + "warden" ], "summary": "Remove members from a group", "operationId": "removeMembersFromGroup", @@ -1753,8 +1753,7 @@ ], "parameters": [ { - "type": "integer", - "format": "int64", + "type": "string", "x-go-name": "ID", "description": "The id of the group to modify.", "name": "id", @@ -1765,7 +1764,7 @@ "name": "Body", "in": "body", "schema": { - "$ref": "#/definitions/membersRequest" + "$ref": "#/definitions/groupMembers" } } ], @@ -1936,7 +1935,7 @@ "type": "object", "x-go-package": "github.com/ory/hydra/vendor/github.com/ory/herodot" }, - "acceptConsentRequestPayload": { + "consentRequestAcceptance": { "type": "object", "title": "AcceptConsentRequestPayload represents data that will be used to accept a consent request.", "properties": { @@ -1973,26 +1972,18 @@ "x-go-name": "AcceptConsentRequestPayload", "x-go-package": "github.com/ory/hydra/oauth2" }, - "createJsonWebKeySetPayload": { + "consentRequestRejection": { "type": "object", - "required": [ - "alg", - "kid" - ], + "title": "RejectConsentRequestPayload represents data that will be used to reject a consent request.", "properties": { - "alg": { - "description": "The algorithm to be used for creating the key. Supports \"RS256\", \"ES521\" and \"HS256\"", - "type": "string", - "x-go-name": "Algorithm" - }, - "kid": { - "description": "The kid of the key to be created", + "reason": { + "description": "Reason represents the reason why the user rejected the consent request.", "type": "string", - "x-go-name": "KeyID" + "x-go-name": "Reason" } }, - "x-go-name": "createRequest", - "x-go-package": "github.com/ory/hydra/jwk" + "x-go-name": "RejectConsentRequestPayload", + "x-go-package": "github.com/ory/hydra/oauth2" }, "group": { "description": "Group represents a warden group", @@ -2015,73 +2006,19 @@ "x-go-name": "Group", "x-go-package": "github.com/ory/hydra/warden/group" }, - "introspectOAuth2TokenResponsePayload": { + "groupMembers": { "type": "object", "properties": { - "active": { - "description": "Active is a boolean indicator of whether or not the presented token\nis currently active. The specifics of a token's \"active\" state\nwill vary depending on the implementation of the authorization\nserver and the information it keeps about its tokens, but a \"true\"\nvalue return for the \"active\" property will generally indicate\nthat a given token has been issued by this authorization server,\nhas not been revoked by the resource owner, and is within its\ngiven time window of validity (e.g., after its issuance time and\nbefore its expiration time).", - "type": "boolean", - "x-go-name": "Active" - }, - "aud": { - "description": "Audience is a service-specific string identifier or list of string\nidentifiers representing the intended audience for this token.", - "type": "string", - "x-go-name": "Audience" - }, - "client_id": { - "description": "ClientID is aclient identifier for the OAuth 2.0 client that\nrequested this token.", - "type": "string", - "x-go-name": "ClientID" - }, - "exp": { - "description": "Expires at is an integer timestamp, measured in the number of seconds\nsince January 1 1970 UTC, indicating when this token will expire.", - "type": "integer", - "format": "int64", - "x-go-name": "ExpiresAt" - }, - "ext": { - "description": "Extra is arbitrary data set by the session.", - "type": "object", - "additionalProperties": { - "type": "object" + "members": { + "type": "array", + "items": { + "type": "string" }, - "x-go-name": "Extra" - }, - "iat": { - "description": "Issued at is an integer timestamp, measured in the number of seconds\nsince January 1 1970 UTC, indicating when this token was\noriginally issued.", - "type": "integer", - "format": "int64", - "x-go-name": "IssuedAt" - }, - "iss": { - "description": "Issuer is a string representing the issuer of this token", - "type": "string", - "x-go-name": "Issuer" - }, - "nbf": { - "description": "NotBefore is an integer timestamp, measured in the number of seconds\nsince January 1 1970 UTC, indicating when this token is not to be\nused before.", - "type": "integer", - "format": "int64", - "x-go-name": "NotBefore" - }, - "scope": { - "description": "Scope is a JSON string containing a space-separated list of\nscopes associated with this token.", - "type": "string", - "x-go-name": "Scope" - }, - "sub": { - "description": "Subject of the token, as defined in JWT [RFC7519].\nUsually a machine-readable identifier of the resource owner who\nauthorized this token.", - "type": "string", - "x-go-name": "Subject" - }, - "username": { - "description": "Username is a human-readable identifier for the resource owner who\nauthorized this token.", - "type": "string", - "x-go-name": "Username" + "x-go-name": "Members" } }, - "x-go-name": "swaggerOAuthIntrospectionResponsePayload", - "x-go-package": "github.com/ory/hydra/oauth2" + "x-go-name": "membersRequest", + "x-go-package": "github.com/ory/hydra/warden/group" }, "joseWebKeySetRequest": { "type": "object", @@ -2194,18 +2131,26 @@ "x-go-name": "swaggerJSONWebKeySet", "x-go-package": "github.com/ory/hydra/jwk" }, - "membersRequest": { + "jsonWebKeySetGeneratorRequest": { "type": "object", + "required": [ + "alg", + "kid" + ], "properties": { - "members": { - "type": "array", - "items": { - "type": "string" - }, - "x-go-name": "Members" + "alg": { + "description": "The algorithm to be used for creating the key. Supports \"RS256\", \"ES521\" and \"HS256\"", + "type": "string", + "x-go-name": "Algorithm" + }, + "kid": { + "description": "The kid of the key to be created", + "type": "string", + "x-go-name": "KeyID" } }, - "x-go-package": "github.com/ory/hydra/warden/group" + "x-go-name": "createRequest", + "x-go-package": "github.com/ory/hydra/jwk" }, "oAuth2Client": { "type": "object", @@ -2300,6 +2245,74 @@ "x-go-name": "Client", "x-go-package": "github.com/ory/hydra/client" }, + "oAuth2TokenIntrospection": { + "type": "object", + "properties": { + "active": { + "description": "Active is a boolean indicator of whether or not the presented token\nis currently active. The specifics of a token's \"active\" state\nwill vary depending on the implementation of the authorization\nserver and the information it keeps about its tokens, but a \"true\"\nvalue return for the \"active\" property will generally indicate\nthat a given token has been issued by this authorization server,\nhas not been revoked by the resource owner, and is within its\ngiven time window of validity (e.g., after its issuance time and\nbefore its expiration time).", + "type": "boolean", + "x-go-name": "Active" + }, + "aud": { + "description": "Audience is a service-specific string identifier or list of string\nidentifiers representing the intended audience for this token.", + "type": "string", + "x-go-name": "Audience" + }, + "client_id": { + "description": "ClientID is aclient identifier for the OAuth 2.0 client that\nrequested this token.", + "type": "string", + "x-go-name": "ClientID" + }, + "exp": { + "description": "Expires at is an integer timestamp, measured in the number of seconds\nsince January 1 1970 UTC, indicating when this token will expire.", + "type": "integer", + "format": "int64", + "x-go-name": "ExpiresAt" + }, + "ext": { + "description": "Extra is arbitrary data set by the session.", + "type": "object", + "additionalProperties": { + "type": "object" + }, + "x-go-name": "Extra" + }, + "iat": { + "description": "Issued at is an integer timestamp, measured in the number of seconds\nsince January 1 1970 UTC, indicating when this token was\noriginally issued.", + "type": "integer", + "format": "int64", + "x-go-name": "IssuedAt" + }, + "iss": { + "description": "Issuer is a string representing the issuer of this token", + "type": "string", + "x-go-name": "Issuer" + }, + "nbf": { + "description": "NotBefore is an integer timestamp, measured in the number of seconds\nsince January 1 1970 UTC, indicating when this token is not to be\nused before.", + "type": "integer", + "format": "int64", + "x-go-name": "NotBefore" + }, + "scope": { + "description": "Scope is a JSON string containing a space-separated list of\nscopes associated with this token.", + "type": "string", + "x-go-name": "Scope" + }, + "sub": { + "description": "Subject of the token, as defined in JWT [RFC7519].\nUsually a machine-readable identifier of the resource owner who\nauthorized this token.", + "type": "string", + "x-go-name": "Subject" + }, + "username": { + "description": "Username is a human-readable identifier for the resource owner who\nauthorized this token.", + "type": "string", + "x-go-name": "Username" + } + }, + "x-go-name": "swaggerOAuthIntrospectionResponsePayload", + "x-go-package": "github.com/ory/hydra/oauth2" + }, "oAuth2consentRequest": { "type": "object", "title": "ConsentRequest represents a consent request.", @@ -2402,19 +2415,6 @@ "x-go-name": "swaggerPolicy", "x-go-package": "github.com/ory/hydra/policy" }, - "rejectConsentRequestPayload": { - "type": "object", - "title": "RejectConsentRequestPayload represents data that will be used to reject a consent request.", - "properties": { - "reason": { - "description": "Reason represents the reason why the user rejected the consent request.", - "type": "string", - "x-go-name": "Reason" - } - }, - "x-go-name": "RejectConsentRequestPayload", - "x-go-package": "github.com/ory/hydra/oauth2" - }, "swaggerAcceptConsentRequest": { "type": "object", "required": [ @@ -2423,7 +2423,7 @@ ], "properties": { "Body": { - "$ref": "#/definitions/acceptConsentRequestPayload" + "$ref": "#/definitions/consentRequestAcceptance" }, "id": { "description": "in: path", @@ -2498,7 +2498,7 @@ ], "properties": { "Body": { - "$ref": "#/definitions/createJsonWebKeySetPayload" + "$ref": "#/definitions/jsonWebKeySetGeneratorRequest" }, "set": { "description": "The set\nin: path", @@ -2643,7 +2643,7 @@ "type": "object", "properties": { "Body": { - "$ref": "#/definitions/introspectOAuth2TokenResponsePayload" + "$ref": "#/definitions/oAuth2TokenIntrospection" } }, "x-go-package": "github.com/ory/hydra/oauth2" @@ -2702,7 +2702,7 @@ ], "properties": { "Body": { - "$ref": "#/definitions/rejectConsentRequestPayload" + "$ref": "#/definitions/consentRequestRejection" }, "id": { "description": "in: path", @@ -2987,7 +2987,7 @@ "schema": { "type": "array", "items": { - "type": "string" + "$ref": "#/definitions/group" } } }, @@ -3052,7 +3052,7 @@ "introspectOAuth2TokenResponse": { "description": "The token introspection response", "schema": { - "$ref": "#/definitions/introspectOAuth2TokenResponsePayload" + "$ref": "#/definitions/oAuth2TokenIntrospection" } }, "oAuth2ClientList": { diff --git a/jwk/handler.go b/jwk/handler.go index 651f3ef5cbf..65a91543d56 100644 --- a/jwk/handler.go +++ b/jwk/handler.go @@ -51,7 +51,7 @@ func (h *Handler) SetRoutes(r *httprouter.Router) { r.DELETE("/keys/:set", h.DeleteKeySet) } -// swagger:model createJsonWebKeySetPayload +// swagger:model jsonWebKeySetGeneratorRequest type createRequest struct { // The algorithm to be used for creating the key. Supports "RS256", "ES521" and "HS256" // required: true @@ -68,7 +68,7 @@ type joseWebKeySetRequest struct { Keys []json.RawMessage `json:"keys"` } -// swagger:route GET /.well-known/jwks.json oauth2 wellKnown +// swagger:route GET /.well-known/jwks.json oAuth2 wellKnown // // Get list of well known JSON Web Keys // diff --git a/jwk/sdk_test.go b/jwk/sdk_test.go index 062b01bb117..2d8c74113f0 100644 --- a/jwk/sdk_test.go +++ b/jwk/sdk_test.go @@ -52,7 +52,7 @@ func TestJWKSDK(t *testing.T) { t.Run("JSON Web Key", func(t *testing.T) { t.Run("CreateJwkSetKey", func(t *testing.T) { // Create a key called set-foo - resultKeys, _, err := client.CreateJsonWebKeySet("set-foo", hydra.CreateJsonWebKeySetPayload{ + resultKeys, _, err := client.CreateJsonWebKeySet("set-foo", hydra.JsonWebKeySetGeneratorRequest{ Alg: "HS256", Kid: "key-bar", }) @@ -94,7 +94,7 @@ func TestJWKSDK(t *testing.T) { t.Run("JWK Set", func(t *testing.T) { t.Run("CreateJwkSetKey", func(t *testing.T) { - resultKeys, _, err := client.CreateJsonWebKeySet("set-foo2", hydra.CreateJsonWebKeySetPayload{ + resultKeys, _, err := client.CreateJsonWebKeySet("set-foo2", hydra.JsonWebKeySetGeneratorRequest{ Alg: "HS256", Kid: "key-bar", }) diff --git a/oauth2/consent_manager.go b/oauth2/consent_manager.go index 3d845fadf6e..0bb954c28e5 100644 --- a/oauth2/consent_manager.go +++ b/oauth2/consent_manager.go @@ -37,7 +37,7 @@ func (c *ConsentRequest) IsConsentGranted() bool { // AcceptConsentRequestPayload represents data that will be used to accept a consent request. // -// swagger:model acceptConsentRequestPayload +// swagger:model consentRequestAcceptance type AcceptConsentRequestPayload struct { // AccessTokenExtra represents arbitrary data that will be added to the access token and that will be returned // on introspection and warden requests. @@ -57,7 +57,7 @@ type AcceptConsentRequestPayload struct { // RejectConsentRequestPayload represents data that will be used to reject a consent request. // -// swagger:model rejectConsentRequestPayload +// swagger:model consentRequestRejection type RejectConsentRequestPayload struct { // Reason represents the reason why the user rejected the consent request. Reason string `json:"reason"` diff --git a/oauth2/consent_manager_sql.go b/oauth2/consent_manager_sql.go index 9c54c97a7e5..1e860b4a3cf 100644 --- a/oauth2/consent_manager_sql.go +++ b/oauth2/consent_manager_sql.go @@ -7,8 +7,6 @@ import ( "strings" "time" - "log" - "github.com/jmoiron/sqlx" "github.com/ory/hydra/pkg" "github.com/pborman/uuid" @@ -168,7 +166,6 @@ func (m *ConsentRequestSQLManager) PersistConsentRequest(request *ConsentRequest strings.Join(sqlConsentParams, ", "), ":"+strings.Join(sqlConsentParams, ", :"), ) - log.Printf("Got sql statement: %s", query) if _, err := m.db.NamedExec(query, data); err != nil { return errors.WithStack(err) } diff --git a/oauth2/consent_manager_test.go b/oauth2/consent_manager_test.go index 3e022266add..1205b0a70ed 100644 --- a/oauth2/consent_manager_test.go +++ b/oauth2/consent_manager_test.go @@ -38,14 +38,14 @@ func connectToPGConsent() { consentManagers["postgres"] = s } -func TestConsentRequestManagerReadWrite(t *testing.T) { +func tTestConsentRequestManagerReadWrite(t *testing.T) { req := &ConsentRequest{ ID: "id-1", Audience: "audience", RequestedScopes: []string{"foo", "bar"}, GrantedScopes: []string{"baz", "bar"}, CSRF: "some-csrf", - ExpiresAt: time.Now().Round(time.Second), + ExpiresAt: time.Now().Round(time.Minute), Consent: ConsentRequestAccepted, DenyReason: "some reason", AccessTokenExtra: map[string]interface{}{"atfoo": "bar", "atbaz": "bar"}, @@ -64,6 +64,8 @@ func TestConsentRequestManagerReadWrite(t *testing.T) { got, err := m.GetConsentRequest(req.ID) require.NoError(t, err) + require.Equal(t, req.ExpiresAt.Unix(), got.ExpiresAt.Unix()) + got.ExpiresAt = req.ExpiresAt assert.EqualValues(t, req, got) }) } @@ -76,7 +78,7 @@ func TestConsentRequestManagerUpdate(t *testing.T) { RequestedScopes: []string{"foo", "bar"}, GrantedScopes: []string{"baz", "bar"}, CSRF: "some-csrf", - ExpiresAt: time.Now().Round(time.Second), + ExpiresAt: time.Now().Round(time.Minute), Consent: ConsentRequestRejected, DenyReason: "some reason", AccessTokenExtra: map[string]interface{}{"atfoo": "bar", "atbaz": "bar"}, @@ -92,6 +94,8 @@ func TestConsentRequestManagerUpdate(t *testing.T) { got, err := m.GetConsentRequest(req.ID) require.NoError(t, err) assert.False(t, got.IsConsentGranted()) + require.Equal(t, req.ExpiresAt.Unix(), got.ExpiresAt.Unix()) + got.ExpiresAt = req.ExpiresAt assert.EqualValues(t, req, got) require.NoError(t, m.AcceptConsentRequest(req.ID, new(AcceptConsentRequestPayload))) diff --git a/oauth2/consent_sdk_test.go b/oauth2/consent_sdk_test.go index b730ae91f00..6418daff172 100644 --- a/oauth2/consent_sdk_test.go +++ b/oauth2/consent_sdk_test.go @@ -24,7 +24,7 @@ func TestConsentSDK(t *testing.T) { RequestedScopes: []string{"foo", "bar"}, GrantedScopes: []string{"baz", "bar"}, CSRF: "some-csrf", - ExpiresAt: time.Now().Round(time.Second), + ExpiresAt: time.Now().Round(time.Minute), Consent: ConsentRequestAccepted, DenyReason: "some reason", AccessTokenExtra: map[string]interface{}{"atfoo": "bar", "atbaz": "bar"}, @@ -59,7 +59,7 @@ func TestConsentSDK(t *testing.T) { assert.EqualValues(t, req.RequestedScopes, got.RequestedScopes) assert.EqualValues(t, req.RedirectURL, got.RedirectUrl) - accept := hydra.AcceptConsentRequestPayload{ + accept := hydra.ConsentRequestAcceptance{ Subject: "some-subject", GrantScopes: []string{"scope1", "scope2"}, AccessTokenExtra: map[string]interface{}{"at": "bar"}, @@ -78,7 +78,7 @@ func TestConsentSDK(t *testing.T) { assert.Equal(t, accept.IdTokenExtra, gotMem.IDTokenExtra) assert.True(t, gotMem.IsConsentGranted()) - response, err = client.RejectOAuth2ConsentRequest(req.ID, hydra.RejectConsentRequestPayload{Reason: "MyReason"}) + response, err = client.RejectOAuth2ConsentRequest(req.ID, hydra.ConsentRequestRejection{Reason: "MyReason"}) require.NoError(t, err) assert.EqualValues(t, http.StatusNoContent, response.StatusCode) diff --git a/oauth2/doc.go b/oauth2/doc.go index 4e0a1d5de75..5183314d1a9 100644 --- a/oauth2/doc.go +++ b/oauth2/doc.go @@ -71,7 +71,7 @@ type swaggerOAuthIntrospectionResponse struct { Body swaggerOAuthIntrospectionResponsePayload } -// swagger:model introspectOAuth2TokenResponsePayload +// swagger:model oAuth2TokenIntrospection type swaggerOAuthIntrospectionResponsePayload struct { // Active is a boolean indicator of whether or not the presented token // is currently active. The specifics of a token's "active" state diff --git a/oauth2/introspector_test.go b/oauth2/introspector_test.go index 7d8f7fa15f8..feac4eb939d 100644 --- a/oauth2/introspector_test.go +++ b/oauth2/introspector_test.go @@ -23,7 +23,6 @@ import ( ) func TestIntrospectorSDK(t *testing.T) { - now := time.Now().Round(time.Second) tokens := pkg.Tokens(3) memoryStore := storage.NewExampleStore() memoryStore.Clients["my-client"].Scopes = []string{"fosite", "openid", "photos", "offline", "foo.*"} @@ -48,6 +47,7 @@ func TestIntrospectorSDK(t *testing.T) { handler.SetRoutes(router) server := httptest.NewServer(router) + now := time.Now().Round(time.Minute) createAccessTokenSession("alice", "siri", tokens[0][0], now.Add(time.Hour), memoryStore, fosite.Arguments{"core", "foo.*"}) createAccessTokenSession("siri", "siri", tokens[1][0], now.Add(time.Hour), memoryStore, fosite.Arguments{"core", "foo"}) createAccessTokenSession("siri", "doesnt-exist", tokens[2][0], now.Add(-time.Hour), memoryStore, fosite.Arguments{"core", "foo.*"}) @@ -62,7 +62,7 @@ func TestIntrospectorSDK(t *testing.T) { description string expectErr bool scopes []string - assert func(*testing.T, *hydra.IntrospectOAuth2TokenResponsePayload) + assert func(*testing.T, *hydra.OAuth2TokenIntrospection) }{ { description: "should fail because invalid token was supplied", @@ -95,7 +95,7 @@ func TestIntrospectorSDK(t *testing.T) { token: tokens[0][1], expectErr: false, scopes: []string{"foo.bar"}, - assert: func(t *testing.T, c *hydra.IntrospectOAuth2TokenResponsePayload) { + assert: func(t *testing.T, c *hydra.OAuth2TokenIntrospection) { assert.Equal(t, "alice", c.Sub) assert.Equal(t, now.Add(time.Hour).Unix(), c.Exp, "expires at") assert.Equal(t, now.Unix(), c.Iat, "issued at") diff --git a/oauth2/oauth2_auth_code_test.go b/oauth2/oauth2_auth_code_test.go index 5505cc65c06..acf42d67765 100644 --- a/oauth2/oauth2_auth_code_test.go +++ b/oauth2/oauth2_auth_code_test.go @@ -29,7 +29,7 @@ func TestAuthCode(t *testing.T) { assert.Equal(t, r.URL.Query().Get("consent"), cr.Id) assert.True(t, strings.Contains(cr.RedirectUrl, "oauth2/auth?client_id=app-client")) - response, err = consentClient.AcceptOAuth2ConsentRequest(r.URL.Query().Get("consent"), hydra.AcceptConsentRequestPayload{ + response, err = consentClient.AcceptOAuth2ConsentRequest(r.URL.Query().Get("consent"), hydra.ConsentRequestAcceptance{ Subject: "foo", GrantScopes: []string{"hydra.*", "offline"}, }) diff --git a/oauth2/revocator_test.go b/oauth2/revocator_test.go index 4aea66ea81a..6addb61ae99 100644 --- a/oauth2/revocator_test.go +++ b/oauth2/revocator_test.go @@ -26,7 +26,7 @@ func createAccessTokenSession(subject, client string, token string, expiresAt ti if scopes != nil { ar.GrantedScopes = scopes } - ar.RequestedAt = time.Now().Round(time.Second) + ar.RequestedAt = time.Now().Round(time.Minute) ar.Client = &fosite.DefaultClient{ID: client} ar.Session.SetExpiresAt(fosite.AccessToken, expiresAt) ar.Session.(*oauth2.Session).Extra = map[string]interface{}{"foo": "bar"} diff --git a/sdk/go/hydra/sdk.go b/sdk/go/hydra/sdk.go index c31c94f3a05..ebbd2570f8f 100644 --- a/sdk/go/hydra/sdk.go +++ b/sdk/go/hydra/sdk.go @@ -1 +1,91 @@ package hydra + +import ( + "github.com/ory/hydra/sdk/go/hydra/swagger" + "github.com/pkg/errors" + "context" + "golang.org/x/oauth2/clientcredentials" +) + +// SDK contains all relevant API clients for interacting with ORY Hydra. +type SDK struct { + *swagger.OAuth2Api + *swagger.JsonWebKeyApi + *swagger.WardenApi + *swagger.PolicyApi + + Configuration *Configuration +} + +// Configuration configures the SDK. +type Configuration struct { + // EndpointURL should point to the url of ORY Hydra, for example: http://localhost:4444 + EndpointURL string + + // ClientID is the id of the management client. The management client should have appropriate access rights + // and the ability to request the client_credentials grant. + ClientID string + + // ClientSecret is the secret of the management client. + ClientSecret string + + // Scopes is a list of scopes the SDK should request. If no scopes are given, this defaults to `hydra.*` + Scopes []string +} + +func removeTrailingSlash(path string) string { + for len(path) > 0 && path[len(path)-1] == '/' { + path = path[0: len(path)-1] + } + return path +} + +// NewSDK instantiates a new SDK instance or returns an error. +func NewSDK(c *Configuration) (*SDK, error) { + if c.EndpointURL == "" { + return nil, errors.New("Please specify an EndpointURL url") + } + if c.ClientSecret == "" { + return nil, errors.New("Please specify a client id") + } + if c.ClientID == "" { + return nil, errors.New("Please specify a client secret") + } + if len(c.Scopes) == 0 { + c.Scopes = []string{"hydra.*"} + } + + c.EndpointURL = removeTrailingSlash(c.EndpointURL) + + oAuth2Config := clientcredentials.Config{ + ClientSecret: c.ClientSecret, + ClientID: c.ClientID, + Scopes: c.Scopes, + TokenURL: c.EndpointURL + "/oauth2/token", + } + oAuth2Client := oAuth2Config.Client(context.Background()) + + o := swagger.NewOAuth2ApiWithBasePath(c.EndpointURL) + o.Configuration.Transport = oAuth2Client.Transport + o.Configuration.Username = c.ClientID + o.Configuration.Password = c.ClientSecret + + j := swagger.NewJsonWebKeyApiWithBasePath(c.EndpointURL) + j.Configuration.Transport = oAuth2Client.Transport + + w := swagger.NewWardenApiWithBasePath(c.EndpointURL) + w.Configuration.Transport = oAuth2Client.Transport + + p := swagger.NewPolicyApiWithBasePath(c.EndpointURL) + p.Configuration.Transport = oAuth2Client.Transport + + sdk := &SDK{ + OAuth2Api: o, + JsonWebKeyApi: j, + WardenApi: w, + PolicyApi: p, + Configuration: c, + } + + return sdk, nil +} diff --git a/sdk/go/hydra/swagger/README.md b/sdk/go/hydra/swagger/README.md index a64e435601f..ab01427e90d 100644 --- a/sdk/go/hydra/swagger/README.md +++ b/sdk/go/hydra/swagger/README.md @@ -44,7 +44,7 @@ Class | Method | HTTP request | Description *OAuth2Api* | [**RejectOAuth2ConsentRequest**](docs/OAuth2Api.md#rejectoauth2consentrequest) | **Patch** /oauth2/consent/requests/{id}/reject | Reject a consent request *OAuth2Api* | [**RevokeOAuth2Token**](docs/OAuth2Api.md#revokeoauth2token) | **Post** /oauth2/revoke | Revoke OAuth2 tokens *OAuth2Api* | [**UpdateOAuth2Client**](docs/OAuth2Api.md#updateoauth2client) | **Put** /clients/{id} | Update an OAuth 2.0 Client -*Oauth2Api* | [**WellKnown**](docs/Oauth2Api.md#wellknown) | **Get** /.well-known/jwks.json | Get list of well known JSON Web Keys +*OAuth2Api* | [**WellKnown**](docs/OAuth2Api.md#wellknown) | **Get** /.well-known/jwks.json | Get list of well known JSON Web Keys *PolicyApi* | [**CreatePolicy**](docs/PolicyApi.md#createpolicy) | **Post** /policies | Create an Access Control Policy *PolicyApi* | [**DeletePolicy**](docs/PolicyApi.md#deletepolicy) | **Delete** /policies/{id} | Delete an Access Control Policy *PolicyApi* | [**GetPolicy**](docs/PolicyApi.md#getpolicy) | **Get** /policies/{id} | Get an Access Control Policy diff --git a/sdk/go/hydra/swagger/docs/OAuth2Api.md b/sdk/go/hydra/swagger/docs/OAuth2Api.md index f8919b2ee49..a165e338d10 100644 --- a/sdk/go/hydra/swagger/docs/OAuth2Api.md +++ b/sdk/go/hydra/swagger/docs/OAuth2Api.md @@ -1,12 +1,394 @@ -# \Oauth2Api +# \OAuth2Api All URIs are relative to *http://localhost* Method | HTTP request | Description ------------- | ------------- | ------------- -[**WellKnown**](Oauth2Api.md#WellKnown) | **Get** /.well-known/jwks.json | Get list of well known JSON Web Keys +[**AcceptOAuth2ConsentRequest**](OAuth2Api.md#AcceptOAuth2ConsentRequest) | **Patch** /oauth2/consent/requests/{id}/accept | Accept a consent request +[**CreateOAuth2Client**](OAuth2Api.md#CreateOAuth2Client) | **Post** /clients | Create an OAuth 2.0 client +[**DeleteOAuth2Client**](OAuth2Api.md#DeleteOAuth2Client) | **Delete** /clients/{id} | Deletes an OAuth 2.0 Client +[**GetOAuth2Client**](OAuth2Api.md#GetOAuth2Client) | **Get** /clients/{id} | Retrieve an OAuth 2.0 Client. +[**GetOAuth2ConsentRequest**](OAuth2Api.md#GetOAuth2ConsentRequest) | **Get** /oauth2/consent/requests/{id} | Receive consent request information +[**GetWellKnown**](OAuth2Api.md#GetWellKnown) | **Get** /.well-known/openid-configuration | Server well known configuration +[**IntrospectOAuth2Token**](OAuth2Api.md#IntrospectOAuth2Token) | **Post** /oauth2/introspect | Introspect OAuth2 tokens +[**ListOAuth2Clients**](OAuth2Api.md#ListOAuth2Clients) | **Get** /clients | List OAuth 2.0 Clients +[**OauthAuth**](OAuth2Api.md#OauthAuth) | **Get** /oauth2/auth | The OAuth 2.0 authorize endpoint +[**OauthToken**](OAuth2Api.md#OauthToken) | **Post** /oauth2/token | The OAuth 2.0 token endpoint +[**RejectOAuth2ConsentRequest**](OAuth2Api.md#RejectOAuth2ConsentRequest) | **Patch** /oauth2/consent/requests/{id}/reject | Reject a consent request +[**RevokeOAuth2Token**](OAuth2Api.md#RevokeOAuth2Token) | **Post** /oauth2/revoke | Revoke OAuth2 tokens +[**UpdateOAuth2Client**](OAuth2Api.md#UpdateOAuth2Client) | **Put** /clients/{id} | Update an OAuth 2.0 Client +[**WellKnown**](OAuth2Api.md#WellKnown) | **Get** /.well-known/jwks.json | Get list of well known JSON Web Keys +# **AcceptOAuth2ConsentRequest** +> AcceptOAuth2ConsentRequest($id, $body) + +Accept a consent request + +Call this endpoint to accept a consent request. This usually happens when a user agrees to give access rights to an application. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:oauth2:consent:requests:\"], \"actions\": [\"accept\"], \"effect\": \"allow\" } ``` + + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **string**| | + **body** | [**ConsentRequestAcceptance**](ConsentRequestAcceptance.md)| | + +### Return type + +void (empty response body) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + +# **CreateOAuth2Client** +> OAuth2Client CreateOAuth2Client($body) + +Create an OAuth 2.0 client + +If you pass `client_secret` the secret will be used, otherwise a random secret will be generated. The secret will be returned in the response and you will not be able to retrieve it later on. Write the secret down and keep it somwhere safe. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"create\"], \"effect\": \"allow\" } ``` Additionally, the context key \"owner\" is set to the owner of the client, allowing policies such as: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"create\"], \"effect\": \"allow\", \"conditions\": { \"owner\": { \"type\": \"EqualsSubjectCondition\" } } } ``` + + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**OAuth2Client**](OAuth2Client.md)| | + +### Return type + +[**OAuth2Client**](oAuth2Client.md) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + +# **DeleteOAuth2Client** +> DeleteOAuth2Client($id) + +Deletes an OAuth 2.0 Client + +The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients:\"], \"actions\": [\"delete\"], \"effect\": \"allow\" } ``` Additionally, the context key \"owner\" is set to the owner of the client, allowing policies such as: ``` { \"resources\": [\"rn:hydra:clients:\"], \"actions\": [\"delete\"], \"effect\": \"allow\", \"conditions\": { \"owner\": { \"type\": \"EqualsSubjectCondition\" } } } ``` + + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **string**| The id of the OAuth 2.0 Client. | + +### Return type + +void (empty response body) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + +# **GetOAuth2Client** +> OAuth2Client GetOAuth2Client($id) + +Retrieve an OAuth 2.0 Client. + +This endpoint never returns passwords. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients:\"], \"actions\": [\"get\"], \"effect\": \"allow\" } ``` Additionally, the context key \"owner\" is set to the owner of the client, allowing policies such as: ``` { \"resources\": [\"rn:hydra:clients:\"], \"actions\": [\"get\"], \"effect\": \"allow\", \"conditions\": { \"owner\": { \"type\": \"EqualsSubjectCondition\" } } } ``` + + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **string**| The id of the OAuth 2.0 Client. | + +### Return type + +[**OAuth2Client**](oAuth2Client.md) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + +# **GetOAuth2ConsentRequest** +> OAuth2consentRequest GetOAuth2ConsentRequest($id) + +Receive consent request information + +Call this endpoint to receive information on consent requests. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:oauth2:consent:requests:\"], \"actions\": [\"get\"], \"effect\": \"allow\" } ``` + + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **string**| The id of the OAuth 2.0 Consent Request. | + +### Return type + +[**OAuth2consentRequest**](oAuth2consentRequest.md) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + +# **GetWellKnown** +> WellKnown GetWellKnown() + +Server well known configuration + +The well known endpoint an be used to retrieve information for OpenID Connect clients. We encourage you to not roll your own OpenID Connect client but to use an OpenID Connect client library instead. You can learn more on this flow at https://openid.net/specs/openid-connect-discovery-1_0.html + + +### Parameters +This endpoint does not need any parameter. + +### Return type + +[**WellKnown**](wellKnown.md) + +### Authorization + +No authorization required + +### HTTP request headers + + - **Content-Type**: application/json, application/x-www-form-urlencoded + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + +# **IntrospectOAuth2Token** +> OAuth2TokenIntrospection IntrospectOAuth2Token($token, $scope) + +Introspect OAuth2 tokens + +The introspection endpoint allows to check if a token (both refresh and access) is active or not. An active token is neither expired nor revoked. If a token is active, additional information on the token will be included. You can set additional data for a token by setting `accessTokenExtra` during the consent flow. + + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **token** | **string**| The string value of the token. For access tokens, this is the \"access_token\" value returned from the token endpoint defined in OAuth 2.0 [RFC6749], Section 5.1. This endpoint DOES NOT accept refresh tokens for validation. | + **scope** | **string**| An optional, space separated list of required scopes. If the access token was not granted one of the scopes, the result of active will be false. | [optional] + +### Return type + +[**OAuth2TokenIntrospection**](oAuth2TokenIntrospection.md) + +### Authorization + +[basic](../README.md#basic), [oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/x-www-form-urlencoded + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + +# **ListOAuth2Clients** +> []OAuth2Client ListOAuth2Clients() + +List OAuth 2.0 Clients + +This endpoint never returns passwords. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"get\"], \"effect\": \"allow\" } ``` + + +### Parameters +This endpoint does not need any parameter. + +### Return type + +[**[]OAuth2Client**](oAuth2Client.md) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + +# **OauthAuth** +> OauthAuth() + +The OAuth 2.0 authorize endpoint + +This endpoint is not documented here because you should never use your own implementation to perform OAuth2 flows. OAuth2 is a very popular protocol and a library for your programming language will exists. To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc6749 + + +### Parameters +This endpoint does not need any parameter. + +### Return type + +void (empty response body) + +### Authorization + +No authorization required + +### HTTP request headers + + - **Content-Type**: application/x-www-form-urlencoded + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + +# **OauthToken** +> InlineResponse2001 OauthToken() + +The OAuth 2.0 token endpoint + +This endpoint is not documented here because you should never use your own implementation to perform OAuth2 flows. OAuth2 is a very popular protocol and a library for your programming language will exists. To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc6749 + + +### Parameters +This endpoint does not need any parameter. + +### Return type + +[**InlineResponse2001**](inline_response_200_1.md) + +### Authorization + +[basic](../README.md#basic), [oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/x-www-form-urlencoded + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + +# **RejectOAuth2ConsentRequest** +> RejectOAuth2ConsentRequest($id, $body) + +Reject a consent request + +Call this endpoint to reject a consent request. This usually happens when a user denies access rights to an application. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:oauth2:consent:requests:\"], \"actions\": [\"reject\"], \"effect\": \"allow\" } ``` + + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **string**| | + **body** | [**ConsentRequestRejection**](ConsentRequestRejection.md)| | + +### Return type + +void (empty response body) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + +# **RevokeOAuth2Token** +> RevokeOAuth2Token($token) + +Revoke OAuth2 tokens + +Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access token can no longer be used to make access requests, and a revoked refresh token can no longer be used to refresh an access token. Revoking a refresh token also invalidates the access token that was created with it. + + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **token** | **string**| | + +### Return type + +void (empty response body) + +### Authorization + +[basic](../README.md#basic) + +### HTTP request headers + + - **Content-Type**: application/x-www-form-urlencoded + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + +# **UpdateOAuth2Client** +> OAuth2Client UpdateOAuth2Client($id, $body) + +Update an OAuth 2.0 Client + +If you pass `client_secret` the secret will be updated and returned via the API. This is the only time you will be able to retrieve the client secret, so write it down and keep it safe. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"update\"], \"effect\": \"allow\" } ``` Additionally, the context key \"owner\" is set to the owner of the client, allowing policies such as: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"update\"], \"effect\": \"allow\", \"conditions\": { \"owner\": { \"type\": \"EqualsSubjectCondition\" } } } ``` + + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **string**| | + **body** | [**OAuth2Client**](OAuth2Client.md)| | + +### Return type + +[**OAuth2Client**](oAuth2Client.md) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + +[[Back to top]](#) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to Model list]](../README.md#documentation-for-models) [[Back to README]](../README.md) + # **WellKnown** > JsonWebKeySet WellKnown() diff --git a/sdk/go/hydra/swagger/o_auth2_api.go b/sdk/go/hydra/swagger/o_auth2_api.go index 26a92b571c7..fe2aab0df88 100644 --- a/sdk/go/hydra/swagger/o_auth2_api.go +++ b/sdk/go/hydra/swagger/o_auth2_api.go @@ -888,3 +888,67 @@ func (a OAuth2Api) UpdateOAuth2Client(id string, body OAuth2Client) (*OAuth2Clie err = json.Unmarshal(localVarHttpResponse.Body(), &successPayload) return successPayload, localVarAPIResponse, err } + +/** + * Get list of well known JSON Web Keys + * The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:keys:hydra.openid.id-token:public\"], \"actions\": [\"GET\"], \"effect\": \"allow\" } ``` + * + * @return *JsonWebKeySet + */ +func (a OAuth2Api) WellKnown() (*JsonWebKeySet, *APIResponse, error) { + + var localVarHttpMethod = strings.ToUpper("Get") + // create path and map variables + localVarPath := a.Configuration.BasePath + "/.well-known/jwks.json" + + localVarHeaderParams := make(map[string]string) + localVarQueryParams := url.Values{} + localVarFormParams := make(map[string]string) + var localVarPostBody interface{} + var localVarFileName string + var localVarFileBytes []byte + // authentication '(oauth2)' required + // oauth required + if a.Configuration.AccessToken != "" { + localVarHeaderParams["Authorization"] = "Bearer " + a.Configuration.AccessToken + } + // add default headers if any + for key := range a.Configuration.DefaultHeader { + localVarHeaderParams[key] = a.Configuration.DefaultHeader[key] + } + + // to determine the Content-Type header + localVarHttpContentTypes := []string{"application/json"} + + // set Content-Type header + localVarHttpContentType := a.Configuration.APIClient.SelectHeaderContentType(localVarHttpContentTypes) + if localVarHttpContentType != "" { + localVarHeaderParams["Content-Type"] = localVarHttpContentType + } + // to determine the Accept header + localVarHttpHeaderAccepts := []string{ + "application/json", + } + + // set Accept header + localVarHttpHeaderAccept := a.Configuration.APIClient.SelectHeaderAccept(localVarHttpHeaderAccepts) + if localVarHttpHeaderAccept != "" { + localVarHeaderParams["Accept"] = localVarHttpHeaderAccept + } + var successPayload = new(JsonWebKeySet) + localVarHttpResponse, err := a.Configuration.APIClient.CallAPI(localVarPath, localVarHttpMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, localVarFileName, localVarFileBytes) + + var localVarURL, _ = url.Parse(localVarPath) + localVarURL.RawQuery = localVarQueryParams.Encode() + var localVarAPIResponse = &APIResponse{Operation: "WellKnown", Method: localVarHttpMethod, RequestURL: localVarURL.String()} + if localVarHttpResponse != nil { + localVarAPIResponse.Response = localVarHttpResponse.RawResponse + localVarAPIResponse.Payload = localVarHttpResponse.Body() + } + + if err != nil { + return successPayload, localVarAPIResponse, err + } + err = json.Unmarshal(localVarHttpResponse.Body(), &successPayload) + return successPayload, localVarAPIResponse, err +} diff --git a/sdk/go/hydra/swagger/oauth2_api.go b/sdk/go/hydra/swagger/oauth2_api.go deleted file mode 100644 index 303ce142f3c..00000000000 --- a/sdk/go/hydra/swagger/oauth2_api.go +++ /dev/null @@ -1,101 +0,0 @@ -/* - * Hydra OAuth2 & OpenID Connect Server - * - * Please refer to the user guide for in-depth documentation: https://ory.gitbooks.io/hydra/content/ Hydra offers OAuth 2.0 and OpenID Connect Core 1.0 capabilities as a service. Hydra is different, because it works with any existing authentication infrastructure, not just LDAP or SAML. By implementing a consent app (works with any programming language) you build a bridge between Hydra and your authentication infrastructure. Hydra is able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to. Hydra is suitable for green- (new) and brownfield (existing) projects. If you are not familiar with OAuth 2.0 and are working on a greenfield project, we recommend evaluating if OAuth 2.0 really serves your purpose. Knowledge of OAuth 2.0 is imperative in understanding what Hydra does and how it works. The official repository is located at https://github.com/ory/hydra ### Important REST API Documentation Notes The swagger generator used to create this documentation does currently not support example responses. To see request and response payloads click on **\"Show JSON schema\"**: ![Enable JSON Schema on Apiary](https://storage.googleapis.com/ory.am/hydra/json-schema.png) The API documentation always refers to the latest tagged version of ORY Hydra. For previous API documentations, please refer to https://github.com/ory/hydra/blob//docs/api.swagger.yaml - for example: 0.9.13: https://github.com/ory/hydra/blob/v0.9.13/docs/api.swagger.yaml 0.8.1: https://github.com/ory/hydra/blob/v0.8.1/docs/api.swagger.yaml - * - * OpenAPI spec version: Latest - * Contact: hi@ory.am - * Generated by: https://github.com/swagger-api/swagger-codegen.git - */ - -package swagger - -import ( - "encoding/json" - "net/url" - "strings" -) - -type Oauth2Api struct { - Configuration *Configuration -} - -func NewOauth2Api() *Oauth2Api { - configuration := NewConfiguration() - return &Oauth2Api{ - Configuration: configuration, - } -} - -func NewOauth2ApiWithBasePath(basePath string) *Oauth2Api { - configuration := NewConfiguration() - configuration.BasePath = basePath - - return &Oauth2Api{ - Configuration: configuration, - } -} - -/** - * Get list of well known JSON Web Keys - * The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:keys:hydra.openid.id-token:public\"], \"actions\": [\"GET\"], \"effect\": \"allow\" } ``` - * - * @return *JsonWebKeySet - */ -func (a Oauth2Api) WellKnown() (*JsonWebKeySet, *APIResponse, error) { - - var localVarHttpMethod = strings.ToUpper("Get") - // create path and map variables - localVarPath := a.Configuration.BasePath + "/.well-known/jwks.json" - - localVarHeaderParams := make(map[string]string) - localVarQueryParams := url.Values{} - localVarFormParams := make(map[string]string) - var localVarPostBody interface{} - var localVarFileName string - var localVarFileBytes []byte - // authentication '(oauth2)' required - // oauth required - if a.Configuration.AccessToken != "" { - localVarHeaderParams["Authorization"] = "Bearer " + a.Configuration.AccessToken - } - // add default headers if any - for key := range a.Configuration.DefaultHeader { - localVarHeaderParams[key] = a.Configuration.DefaultHeader[key] - } - - // to determine the Content-Type header - localVarHttpContentTypes := []string{"application/json"} - - // set Content-Type header - localVarHttpContentType := a.Configuration.APIClient.SelectHeaderContentType(localVarHttpContentTypes) - if localVarHttpContentType != "" { - localVarHeaderParams["Content-Type"] = localVarHttpContentType - } - // to determine the Accept header - localVarHttpHeaderAccepts := []string{ - "application/json", - } - - // set Accept header - localVarHttpHeaderAccept := a.Configuration.APIClient.SelectHeaderAccept(localVarHttpHeaderAccepts) - if localVarHttpHeaderAccept != "" { - localVarHeaderParams["Accept"] = localVarHttpHeaderAccept - } - var successPayload = new(JsonWebKeySet) - localVarHttpResponse, err := a.Configuration.APIClient.CallAPI(localVarPath, localVarHttpMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, localVarFileName, localVarFileBytes) - - var localVarURL, _ = url.Parse(localVarPath) - localVarURL.RawQuery = localVarQueryParams.Encode() - var localVarAPIResponse = &APIResponse{Operation: "WellKnown", Method: localVarHttpMethod, RequestURL: localVarURL.String()} - if localVarHttpResponse != nil { - localVarAPIResponse.Response = localVarHttpResponse.RawResponse - localVarAPIResponse.Payload = localVarHttpResponse.Body() - } - - if err != nil { - return successPayload, localVarAPIResponse, err - } - err = json.Unmarshal(localVarHttpResponse.Body(), &successPayload) - return successPayload, localVarAPIResponse, err -} diff --git a/sdk/js/swagger/README.md b/sdk/js/swagger/README.md index 8184b153276..e00b6cf767e 100644 --- a/sdk/js/swagger/README.md +++ b/sdk/js/swagger/README.md @@ -143,7 +143,7 @@ Class | Method | HTTP request | Description *HydraOAuth2OpenIdConnectServer.OAuth2Api* | [**rejectOAuth2ConsentRequest**](docs/OAuth2Api.md#rejectOAuth2ConsentRequest) | **PATCH** /oauth2/consent/requests/{id}/reject | Reject a consent request *HydraOAuth2OpenIdConnectServer.OAuth2Api* | [**revokeOAuth2Token**](docs/OAuth2Api.md#revokeOAuth2Token) | **POST** /oauth2/revoke | Revoke OAuth2 tokens *HydraOAuth2OpenIdConnectServer.OAuth2Api* | [**updateOAuth2Client**](docs/OAuth2Api.md#updateOAuth2Client) | **PUT** /clients/{id} | Update an OAuth 2.0 Client -*HydraOAuth2OpenIdConnectServer.Oauth2Api* | [**wellKnown**](docs/Oauth2Api.md#wellKnown) | **GET** /.well-known/jwks.json | Get list of well known JSON Web Keys +*HydraOAuth2OpenIdConnectServer.OAuth2Api* | [**wellKnown**](docs/OAuth2Api.md#wellKnown) | **GET** /.well-known/jwks.json | Get list of well known JSON Web Keys *HydraOAuth2OpenIdConnectServer.PolicyApi* | [**createPolicy**](docs/PolicyApi.md#createPolicy) | **POST** /policies | Create an Access Control Policy *HydraOAuth2OpenIdConnectServer.PolicyApi* | [**deletePolicy**](docs/PolicyApi.md#deletePolicy) | **DELETE** /policies/{id} | Delete an Access Control Policy *HydraOAuth2OpenIdConnectServer.PolicyApi* | [**getPolicy**](docs/PolicyApi.md#getPolicy) | **GET** /policies/{id} | Get an Access Control Policy diff --git a/sdk/js/swagger/docs/OAuth2Api.md b/sdk/js/swagger/docs/OAuth2Api.md index 2e852295767..dc6243e2c8e 100644 --- a/sdk/js/swagger/docs/OAuth2Api.md +++ b/sdk/js/swagger/docs/OAuth2Api.md @@ -1,12 +1,678 @@ -# HydraOAuth2OpenIdConnectServer.Oauth2Api +# HydraOAuth2OpenIdConnectServer.OAuth2Api All URIs are relative to *http://localhost* Method | HTTP request | Description ------------- | ------------- | ------------- -[**wellKnown**](Oauth2Api.md#wellKnown) | **GET** /.well-known/jwks.json | Get list of well known JSON Web Keys +[**acceptOAuth2ConsentRequest**](OAuth2Api.md#acceptOAuth2ConsentRequest) | **PATCH** /oauth2/consent/requests/{id}/accept | Accept a consent request +[**createOAuth2Client**](OAuth2Api.md#createOAuth2Client) | **POST** /clients | Create an OAuth 2.0 client +[**deleteOAuth2Client**](OAuth2Api.md#deleteOAuth2Client) | **DELETE** /clients/{id} | Deletes an OAuth 2.0 Client +[**getOAuth2Client**](OAuth2Api.md#getOAuth2Client) | **GET** /clients/{id} | Retrieve an OAuth 2.0 Client. +[**getOAuth2ConsentRequest**](OAuth2Api.md#getOAuth2ConsentRequest) | **GET** /oauth2/consent/requests/{id} | Receive consent request information +[**getWellKnown**](OAuth2Api.md#getWellKnown) | **GET** /.well-known/openid-configuration | Server well known configuration +[**introspectOAuth2Token**](OAuth2Api.md#introspectOAuth2Token) | **POST** /oauth2/introspect | Introspect OAuth2 tokens +[**listOAuth2Clients**](OAuth2Api.md#listOAuth2Clients) | **GET** /clients | List OAuth 2.0 Clients +[**oauthAuth**](OAuth2Api.md#oauthAuth) | **GET** /oauth2/auth | The OAuth 2.0 authorize endpoint +[**oauthToken**](OAuth2Api.md#oauthToken) | **POST** /oauth2/token | The OAuth 2.0 token endpoint +[**rejectOAuth2ConsentRequest**](OAuth2Api.md#rejectOAuth2ConsentRequest) | **PATCH** /oauth2/consent/requests/{id}/reject | Reject a consent request +[**revokeOAuth2Token**](OAuth2Api.md#revokeOAuth2Token) | **POST** /oauth2/revoke | Revoke OAuth2 tokens +[**updateOAuth2Client**](OAuth2Api.md#updateOAuth2Client) | **PUT** /clients/{id} | Update an OAuth 2.0 Client +[**wellKnown**](OAuth2Api.md#wellKnown) | **GET** /.well-known/jwks.json | Get list of well known JSON Web Keys + +# **acceptOAuth2ConsentRequest** +> acceptOAuth2ConsentRequest(id, body) + +Accept a consent request + +Call this endpoint to accept a consent request. This usually happens when a user agrees to give access rights to an application. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:oauth2:consent:requests:<request-id>\"], \"actions\": [\"accept\"], \"effect\": \"allow\" } ``` + +### Example +```javascript +var HydraOAuth2OpenIdConnectServer = require('hydra_o_auth2__open_id_connect_server'); +var defaultClient = HydraOAuth2OpenIdConnectServer.ApiClient.instance; + +// Configure OAuth2 access token for authorization: oauth2 +var oauth2 = defaultClient.authentications['oauth2']; +oauth2.accessToken = 'YOUR ACCESS TOKEN'; + +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); + +var id = "id_example"; // String | + +var body = new HydraOAuth2OpenIdConnectServer.ConsentRequestAcceptance(); // ConsentRequestAcceptance | + + +var callback = function(error, data, response) { + if (error) { + console.error(error); + } else { + console.log('API called successfully.'); + } +}; +apiInstance.acceptOAuth2ConsentRequest(id, body, callback); +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **body** | [**ConsentRequestAcceptance**](ConsentRequestAcceptance.md)| | + +### Return type + +null (empty response body) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + +# **createOAuth2Client** +> OAuth2Client createOAuth2Client(body) + +Create an OAuth 2.0 client + +If you pass `client_secret` the secret will be used, otherwise a random secret will be generated. The secret will be returned in the response and you will not be able to retrieve it later on. Write the secret down and keep it somwhere safe. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"create\"], \"effect\": \"allow\" } ``` Additionally, the context key \"owner\" is set to the owner of the client, allowing policies such as: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"create\"], \"effect\": \"allow\", \"conditions\": { \"owner\": { \"type\": \"EqualsSubjectCondition\" } } } ``` + +### Example +```javascript +var HydraOAuth2OpenIdConnectServer = require('hydra_o_auth2__open_id_connect_server'); +var defaultClient = HydraOAuth2OpenIdConnectServer.ApiClient.instance; + +// Configure OAuth2 access token for authorization: oauth2 +var oauth2 = defaultClient.authentications['oauth2']; +oauth2.accessToken = 'YOUR ACCESS TOKEN'; + +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); + +var body = new HydraOAuth2OpenIdConnectServer.OAuth2Client(); // OAuth2Client | + + +var callback = function(error, data, response) { + if (error) { + console.error(error); + } else { + console.log('API called successfully. Returned data: ' + data); + } +}; +apiInstance.createOAuth2Client(body, callback); +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **body** | [**OAuth2Client**](OAuth2Client.md)| | + +### Return type + +[**OAuth2Client**](OAuth2Client.md) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + +# **deleteOAuth2Client** +> deleteOAuth2Client(id) + +Deletes an OAuth 2.0 Client + +The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients:<some-id>\"], \"actions\": [\"delete\"], \"effect\": \"allow\" } ``` Additionally, the context key \"owner\" is set to the owner of the client, allowing policies such as: ``` { \"resources\": [\"rn:hydra:clients:<some-id>\"], \"actions\": [\"delete\"], \"effect\": \"allow\", \"conditions\": { \"owner\": { \"type\": \"EqualsSubjectCondition\" } } } ``` + +### Example +```javascript +var HydraOAuth2OpenIdConnectServer = require('hydra_o_auth2__open_id_connect_server'); +var defaultClient = HydraOAuth2OpenIdConnectServer.ApiClient.instance; + +// Configure OAuth2 access token for authorization: oauth2 +var oauth2 = defaultClient.authentications['oauth2']; +oauth2.accessToken = 'YOUR ACCESS TOKEN'; + +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); + +var id = "id_example"; // String | The id of the OAuth 2.0 Client. + + +var callback = function(error, data, response) { + if (error) { + console.error(error); + } else { + console.log('API called successfully.'); + } +}; +apiInstance.deleteOAuth2Client(id, callback); +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| The id of the OAuth 2.0 Client. | + +### Return type + +null (empty response body) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + +# **getOAuth2Client** +> OAuth2Client getOAuth2Client(id) + +Retrieve an OAuth 2.0 Client. + +This endpoint never returns passwords. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients:<some-id>\"], \"actions\": [\"get\"], \"effect\": \"allow\" } ``` Additionally, the context key \"owner\" is set to the owner of the client, allowing policies such as: ``` { \"resources\": [\"rn:hydra:clients:<some-id>\"], \"actions\": [\"get\"], \"effect\": \"allow\", \"conditions\": { \"owner\": { \"type\": \"EqualsSubjectCondition\" } } } ``` + +### Example +```javascript +var HydraOAuth2OpenIdConnectServer = require('hydra_o_auth2__open_id_connect_server'); +var defaultClient = HydraOAuth2OpenIdConnectServer.ApiClient.instance; + +// Configure OAuth2 access token for authorization: oauth2 +var oauth2 = defaultClient.authentications['oauth2']; +oauth2.accessToken = 'YOUR ACCESS TOKEN'; + +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); + +var id = "id_example"; // String | The id of the OAuth 2.0 Client. + + +var callback = function(error, data, response) { + if (error) { + console.error(error); + } else { + console.log('API called successfully. Returned data: ' + data); + } +}; +apiInstance.getOAuth2Client(id, callback); +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| The id of the OAuth 2.0 Client. | + +### Return type + +[**OAuth2Client**](OAuth2Client.md) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + +# **getOAuth2ConsentRequest** +> OAuth2consentRequest getOAuth2ConsentRequest(id) + +Receive consent request information + +Call this endpoint to receive information on consent requests. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:oauth2:consent:requests:<request-id>\"], \"actions\": [\"get\"], \"effect\": \"allow\" } ``` + +### Example +```javascript +var HydraOAuth2OpenIdConnectServer = require('hydra_o_auth2__open_id_connect_server'); +var defaultClient = HydraOAuth2OpenIdConnectServer.ApiClient.instance; + +// Configure OAuth2 access token for authorization: oauth2 +var oauth2 = defaultClient.authentications['oauth2']; +oauth2.accessToken = 'YOUR ACCESS TOKEN'; + +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); + +var id = "id_example"; // String | The id of the OAuth 2.0 Consent Request. + + +var callback = function(error, data, response) { + if (error) { + console.error(error); + } else { + console.log('API called successfully. Returned data: ' + data); + } +}; +apiInstance.getOAuth2ConsentRequest(id, callback); +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| The id of the OAuth 2.0 Consent Request. | + +### Return type + +[**OAuth2consentRequest**](OAuth2consentRequest.md) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + +# **getWellKnown** +> WellKnown getWellKnown() + +Server well known configuration + +The well known endpoint an be used to retrieve information for OpenID Connect clients. We encourage you to not roll your own OpenID Connect client but to use an OpenID Connect client library instead. You can learn more on this flow at https://openid.net/specs/openid-connect-discovery-1_0.html + +### Example +```javascript +var HydraOAuth2OpenIdConnectServer = require('hydra_o_auth2__open_id_connect_server'); + +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); + +var callback = function(error, data, response) { + if (error) { + console.error(error); + } else { + console.log('API called successfully. Returned data: ' + data); + } +}; +apiInstance.getWellKnown(callback); +``` + +### Parameters +This endpoint does not need any parameter. + +### Return type + +[**WellKnown**](WellKnown.md) + +### Authorization + +No authorization required + +### HTTP request headers + + - **Content-Type**: application/json, application/x-www-form-urlencoded + - **Accept**: application/json + + +# **introspectOAuth2Token** +> OAuth2TokenIntrospection introspectOAuth2Token(token, opts) + +Introspect OAuth2 tokens + +The introspection endpoint allows to check if a token (both refresh and access) is active or not. An active token is neither expired nor revoked. If a token is active, additional information on the token will be included. You can set additional data for a token by setting `accessTokenExtra` during the consent flow. + +### Example +```javascript +var HydraOAuth2OpenIdConnectServer = require('hydra_o_auth2__open_id_connect_server'); +var defaultClient = HydraOAuth2OpenIdConnectServer.ApiClient.instance; + +// Configure HTTP basic authorization: basic +var basic = defaultClient.authentications['basic']; +basic.username = 'YOUR USERNAME'; +basic.password = 'YOUR PASSWORD'; + +// Configure OAuth2 access token for authorization: oauth2 +var oauth2 = defaultClient.authentications['oauth2']; +oauth2.accessToken = 'YOUR ACCESS TOKEN'; + +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); + +var token = "token_example"; // String | The string value of the token. For access tokens, this is the \"access_token\" value returned from the token endpoint defined in OAuth 2.0 [RFC6749], Section 5.1. This endpoint DOES NOT accept refresh tokens for validation. + +var opts = { + 'scope': "scope_example" // String | An optional, space separated list of required scopes. If the access token was not granted one of the scopes, the result of active will be false. +}; + +var callback = function(error, data, response) { + if (error) { + console.error(error); + } else { + console.log('API called successfully. Returned data: ' + data); + } +}; +apiInstance.introspectOAuth2Token(token, opts, callback); +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **token** | **String**| The string value of the token. For access tokens, this is the \"access_token\" value returned from the token endpoint defined in OAuth 2.0 [RFC6749], Section 5.1. This endpoint DOES NOT accept refresh tokens for validation. | + **scope** | **String**| An optional, space separated list of required scopes. If the access token was not granted one of the scopes, the result of active will be false. | [optional] + +### Return type + +[**OAuth2TokenIntrospection**](OAuth2TokenIntrospection.md) + +### Authorization + +[basic](../README.md#basic), [oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/x-www-form-urlencoded + - **Accept**: application/json + + +# **listOAuth2Clients** +> [OAuth2Client] listOAuth2Clients() + +List OAuth 2.0 Clients + +This endpoint never returns passwords. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"get\"], \"effect\": \"allow\" } ``` + +### Example +```javascript +var HydraOAuth2OpenIdConnectServer = require('hydra_o_auth2__open_id_connect_server'); +var defaultClient = HydraOAuth2OpenIdConnectServer.ApiClient.instance; + +// Configure OAuth2 access token for authorization: oauth2 +var oauth2 = defaultClient.authentications['oauth2']; +oauth2.accessToken = 'YOUR ACCESS TOKEN'; + +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); + +var callback = function(error, data, response) { + if (error) { + console.error(error); + } else { + console.log('API called successfully. Returned data: ' + data); + } +}; +apiInstance.listOAuth2Clients(callback); +``` + +### Parameters +This endpoint does not need any parameter. + +### Return type + +[**[OAuth2Client]**](OAuth2Client.md) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + +# **oauthAuth** +> oauthAuth() + +The OAuth 2.0 authorize endpoint + +This endpoint is not documented here because you should never use your own implementation to perform OAuth2 flows. OAuth2 is a very popular protocol and a library for your programming language will exists. To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc6749 + +### Example +```javascript +var HydraOAuth2OpenIdConnectServer = require('hydra_o_auth2__open_id_connect_server'); + +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); + +var callback = function(error, data, response) { + if (error) { + console.error(error); + } else { + console.log('API called successfully.'); + } +}; +apiInstance.oauthAuth(callback); +``` + +### Parameters +This endpoint does not need any parameter. + +### Return type + +null (empty response body) + +### Authorization + +No authorization required + +### HTTP request headers + + - **Content-Type**: application/x-www-form-urlencoded + - **Accept**: application/json + + +# **oauthToken** +> InlineResponse2001 oauthToken() + +The OAuth 2.0 token endpoint + +This endpoint is not documented here because you should never use your own implementation to perform OAuth2 flows. OAuth2 is a very popular protocol and a library for your programming language will exists. To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc6749 + +### Example +```javascript +var HydraOAuth2OpenIdConnectServer = require('hydra_o_auth2__open_id_connect_server'); +var defaultClient = HydraOAuth2OpenIdConnectServer.ApiClient.instance; + +// Configure HTTP basic authorization: basic +var basic = defaultClient.authentications['basic']; +basic.username = 'YOUR USERNAME'; +basic.password = 'YOUR PASSWORD'; + +// Configure OAuth2 access token for authorization: oauth2 +var oauth2 = defaultClient.authentications['oauth2']; +oauth2.accessToken = 'YOUR ACCESS TOKEN'; + +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); + +var callback = function(error, data, response) { + if (error) { + console.error(error); + } else { + console.log('API called successfully. Returned data: ' + data); + } +}; +apiInstance.oauthToken(callback); +``` + +### Parameters +This endpoint does not need any parameter. + +### Return type + +[**InlineResponse2001**](InlineResponse2001.md) + +### Authorization + +[basic](../README.md#basic), [oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/x-www-form-urlencoded + - **Accept**: application/json + + +# **rejectOAuth2ConsentRequest** +> rejectOAuth2ConsentRequest(id, body) + +Reject a consent request + +Call this endpoint to reject a consent request. This usually happens when a user denies access rights to an application. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:oauth2:consent:requests:<request-id>\"], \"actions\": [\"reject\"], \"effect\": \"allow\" } ``` + +### Example +```javascript +var HydraOAuth2OpenIdConnectServer = require('hydra_o_auth2__open_id_connect_server'); +var defaultClient = HydraOAuth2OpenIdConnectServer.ApiClient.instance; + +// Configure OAuth2 access token for authorization: oauth2 +var oauth2 = defaultClient.authentications['oauth2']; +oauth2.accessToken = 'YOUR ACCESS TOKEN'; + +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); + +var id = "id_example"; // String | + +var body = new HydraOAuth2OpenIdConnectServer.ConsentRequestRejection(); // ConsentRequestRejection | + + +var callback = function(error, data, response) { + if (error) { + console.error(error); + } else { + console.log('API called successfully.'); + } +}; +apiInstance.rejectOAuth2ConsentRequest(id, body, callback); +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **body** | [**ConsentRequestRejection**](ConsentRequestRejection.md)| | + +### Return type + +null (empty response body) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + + +# **revokeOAuth2Token** +> revokeOAuth2Token(token) + +Revoke OAuth2 tokens + +Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access token can no longer be used to make access requests, and a revoked refresh token can no longer be used to refresh an access token. Revoking a refresh token also invalidates the access token that was created with it. + +### Example +```javascript +var HydraOAuth2OpenIdConnectServer = require('hydra_o_auth2__open_id_connect_server'); +var defaultClient = HydraOAuth2OpenIdConnectServer.ApiClient.instance; + +// Configure HTTP basic authorization: basic +var basic = defaultClient.authentications['basic']; +basic.username = 'YOUR USERNAME'; +basic.password = 'YOUR PASSWORD'; + +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); + +var token = "token_example"; // String | + + +var callback = function(error, data, response) { + if (error) { + console.error(error); + } else { + console.log('API called successfully.'); + } +}; +apiInstance.revokeOAuth2Token(token, callback); +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **token** | **String**| | + +### Return type + +null (empty response body) + +### Authorization + +[basic](../README.md#basic) + +### HTTP request headers + + - **Content-Type**: application/x-www-form-urlencoded + - **Accept**: application/json + + +# **updateOAuth2Client** +> OAuth2Client updateOAuth2Client(id, body) + +Update an OAuth 2.0 Client + +If you pass `client_secret` the secret will be updated and returned via the API. This is the only time you will be able to retrieve the client secret, so write it down and keep it safe. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"update\"], \"effect\": \"allow\" } ``` Additionally, the context key \"owner\" is set to the owner of the client, allowing policies such as: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"update\"], \"effect\": \"allow\", \"conditions\": { \"owner\": { \"type\": \"EqualsSubjectCondition\" } } } ``` + +### Example +```javascript +var HydraOAuth2OpenIdConnectServer = require('hydra_o_auth2__open_id_connect_server'); +var defaultClient = HydraOAuth2OpenIdConnectServer.ApiClient.instance; + +// Configure OAuth2 access token for authorization: oauth2 +var oauth2 = defaultClient.authentications['oauth2']; +oauth2.accessToken = 'YOUR ACCESS TOKEN'; + +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); + +var id = "id_example"; // String | + +var body = new HydraOAuth2OpenIdConnectServer.OAuth2Client(); // OAuth2Client | + + +var callback = function(error, data, response) { + if (error) { + console.error(error); + } else { + console.log('API called successfully. Returned data: ' + data); + } +}; +apiInstance.updateOAuth2Client(id, body, callback); +``` + +### Parameters + +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- + **id** | **String**| | + **body** | [**OAuth2Client**](OAuth2Client.md)| | + +### Return type + +[**OAuth2Client**](OAuth2Client.md) + +### Authorization + +[oauth2](../README.md#oauth2) + +### HTTP request headers + + - **Content-Type**: application/json + - **Accept**: application/json + # **wellKnown** > JsonWebKeySet wellKnown() @@ -24,7 +690,7 @@ var defaultClient = HydraOAuth2OpenIdConnectServer.ApiClient.instance; var oauth2 = defaultClient.authentications['oauth2']; oauth2.accessToken = 'YOUR ACCESS TOKEN'; -var apiInstance = new HydraOAuth2OpenIdConnectServer.Oauth2Api(); +var apiInstance = new HydraOAuth2OpenIdConnectServer.OAuth2Api(); var callback = function(error, data, response) { if (error) { diff --git a/sdk/js/swagger/src/api/OAuth2Api.js b/sdk/js/swagger/src/api/OAuth2Api.js index 34f519bb9f1..6ed40a07afb 100644 --- a/sdk/js/swagger/src/api/OAuth2Api.js +++ b/sdk/js/swagger/src/api/OAuth2Api.js @@ -17,29 +17,29 @@ (function(root, factory) { if (typeof define === 'function' && define.amd) { // AMD. Register as an anonymous module. - define(['ApiClient', 'model/InlineResponse401', 'model/JsonWebKeySet'], factory); + define(['ApiClient', 'model/ConsentRequestAcceptance', 'model/ConsentRequestRejection', 'model/InlineResponse2001', 'model/InlineResponse401', 'model/JsonWebKeySet', 'model/OAuth2Client', 'model/OAuth2TokenIntrospection', 'model/OAuth2consentRequest', 'model/WellKnown'], factory); } else if (typeof module === 'object' && module.exports) { // CommonJS-like environments that support module.exports, like Node. - module.exports = factory(require('../ApiClient'), require('../model/InlineResponse401'), require('../model/JsonWebKeySet')); + module.exports = factory(require('../ApiClient'), require('../model/ConsentRequestAcceptance'), require('../model/ConsentRequestRejection'), require('../model/InlineResponse2001'), require('../model/InlineResponse401'), require('../model/JsonWebKeySet'), require('../model/OAuth2Client'), require('../model/OAuth2TokenIntrospection'), require('../model/OAuth2consentRequest'), require('../model/WellKnown')); } else { // Browser globals (root is window) if (!root.HydraOAuth2OpenIdConnectServer) { root.HydraOAuth2OpenIdConnectServer = {}; } - root.HydraOAuth2OpenIdConnectServer.Oauth2Api = factory(root.HydraOAuth2OpenIdConnectServer.ApiClient, root.HydraOAuth2OpenIdConnectServer.InlineResponse401, root.HydraOAuth2OpenIdConnectServer.JsonWebKeySet); + root.HydraOAuth2OpenIdConnectServer.OAuth2Api = factory(root.HydraOAuth2OpenIdConnectServer.ApiClient, root.HydraOAuth2OpenIdConnectServer.ConsentRequestAcceptance, root.HydraOAuth2OpenIdConnectServer.ConsentRequestRejection, root.HydraOAuth2OpenIdConnectServer.InlineResponse2001, root.HydraOAuth2OpenIdConnectServer.InlineResponse401, root.HydraOAuth2OpenIdConnectServer.JsonWebKeySet, root.HydraOAuth2OpenIdConnectServer.OAuth2Client, root.HydraOAuth2OpenIdConnectServer.OAuth2TokenIntrospection, root.HydraOAuth2OpenIdConnectServer.OAuth2consentRequest, root.HydraOAuth2OpenIdConnectServer.WellKnown); } -}(this, function(ApiClient, InlineResponse401, JsonWebKeySet) { +}(this, function(ApiClient, ConsentRequestAcceptance, ConsentRequestRejection, InlineResponse2001, InlineResponse401, JsonWebKeySet, OAuth2Client, OAuth2TokenIntrospection, OAuth2consentRequest, WellKnown) { 'use strict'; /** - * Oauth2 service. - * @module api/Oauth2Api + * OAuth2 service. + * @module api/OAuth2Api * @version Latest */ /** - * Constructs a new Oauth2Api. - * @alias module:api/Oauth2Api + * Constructs a new OAuth2Api. + * @alias module:api/OAuth2Api * @class * @param {module:ApiClient} apiClient Optional API client implementation to use, * default to {@link module:ApiClient#instance} if unspecified. @@ -48,9 +48,595 @@ this.apiClient = apiClient || ApiClient.instance; + /** + * Callback function to receive the result of the acceptOAuth2ConsentRequest operation. + * @callback module:api/OAuth2Api~acceptOAuth2ConsentRequestCallback + * @param {String} error Error message, if any. + * @param data This operation does not return a value. + * @param {String} response The complete HTTP response. + */ + + /** + * Accept a consent request + * Call this endpoint to accept a consent request. This usually happens when a user agrees to give access rights to an application. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:oauth2:consent:requests:<request-id>\"], \"actions\": [\"accept\"], \"effect\": \"allow\" } ``` + * @param {String} id + * @param {module:model/ConsentRequestAcceptance} body + * @param {module:api/OAuth2Api~acceptOAuth2ConsentRequestCallback} callback The callback function, accepting three arguments: error, data, response + */ + this.acceptOAuth2ConsentRequest = function(id, body, callback) { + var postBody = body; + + // verify the required parameter 'id' is set + if (id === undefined || id === null) { + throw new Error("Missing the required parameter 'id' when calling acceptOAuth2ConsentRequest"); + } + + // verify the required parameter 'body' is set + if (body === undefined || body === null) { + throw new Error("Missing the required parameter 'body' when calling acceptOAuth2ConsentRequest"); + } + + + var pathParams = { + 'id': id + }; + var queryParams = { + }; + var headerParams = { + }; + var formParams = { + }; + + var authNames = ['oauth2']; + var contentTypes = ['application/json']; + var accepts = ['application/json']; + var returnType = null; + + return this.apiClient.callApi( + '/oauth2/consent/requests/{id}/accept', 'PATCH', + pathParams, queryParams, headerParams, formParams, postBody, + authNames, contentTypes, accepts, returnType, callback + ); + } + + /** + * Callback function to receive the result of the createOAuth2Client operation. + * @callback module:api/OAuth2Api~createOAuth2ClientCallback + * @param {String} error Error message, if any. + * @param {module:model/OAuth2Client} data The data returned by the service call. + * @param {String} response The complete HTTP response. + */ + + /** + * Create an OAuth 2.0 client + * If you pass `client_secret` the secret will be used, otherwise a random secret will be generated. The secret will be returned in the response and you will not be able to retrieve it later on. Write the secret down and keep it somwhere safe. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"create\"], \"effect\": \"allow\" } ``` Additionally, the context key \"owner\" is set to the owner of the client, allowing policies such as: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"create\"], \"effect\": \"allow\", \"conditions\": { \"owner\": { \"type\": \"EqualsSubjectCondition\" } } } ``` + * @param {module:model/OAuth2Client} body + * @param {module:api/OAuth2Api~createOAuth2ClientCallback} callback The callback function, accepting three arguments: error, data, response + * data is of type: {@link module:model/OAuth2Client} + */ + this.createOAuth2Client = function(body, callback) { + var postBody = body; + + // verify the required parameter 'body' is set + if (body === undefined || body === null) { + throw new Error("Missing the required parameter 'body' when calling createOAuth2Client"); + } + + + var pathParams = { + }; + var queryParams = { + }; + var headerParams = { + }; + var formParams = { + }; + + var authNames = ['oauth2']; + var contentTypes = ['application/json']; + var accepts = ['application/json']; + var returnType = OAuth2Client; + + return this.apiClient.callApi( + '/clients', 'POST', + pathParams, queryParams, headerParams, formParams, postBody, + authNames, contentTypes, accepts, returnType, callback + ); + } + + /** + * Callback function to receive the result of the deleteOAuth2Client operation. + * @callback module:api/OAuth2Api~deleteOAuth2ClientCallback + * @param {String} error Error message, if any. + * @param data This operation does not return a value. + * @param {String} response The complete HTTP response. + */ + + /** + * Deletes an OAuth 2.0 Client + * The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients:<some-id>\"], \"actions\": [\"delete\"], \"effect\": \"allow\" } ``` Additionally, the context key \"owner\" is set to the owner of the client, allowing policies such as: ``` { \"resources\": [\"rn:hydra:clients:<some-id>\"], \"actions\": [\"delete\"], \"effect\": \"allow\", \"conditions\": { \"owner\": { \"type\": \"EqualsSubjectCondition\" } } } ``` + * @param {String} id The id of the OAuth 2.0 Client. + * @param {module:api/OAuth2Api~deleteOAuth2ClientCallback} callback The callback function, accepting three arguments: error, data, response + */ + this.deleteOAuth2Client = function(id, callback) { + var postBody = null; + + // verify the required parameter 'id' is set + if (id === undefined || id === null) { + throw new Error("Missing the required parameter 'id' when calling deleteOAuth2Client"); + } + + + var pathParams = { + 'id': id + }; + var queryParams = { + }; + var headerParams = { + }; + var formParams = { + }; + + var authNames = ['oauth2']; + var contentTypes = ['application/json']; + var accepts = ['application/json']; + var returnType = null; + + return this.apiClient.callApi( + '/clients/{id}', 'DELETE', + pathParams, queryParams, headerParams, formParams, postBody, + authNames, contentTypes, accepts, returnType, callback + ); + } + + /** + * Callback function to receive the result of the getOAuth2Client operation. + * @callback module:api/OAuth2Api~getOAuth2ClientCallback + * @param {String} error Error message, if any. + * @param {module:model/OAuth2Client} data The data returned by the service call. + * @param {String} response The complete HTTP response. + */ + + /** + * Retrieve an OAuth 2.0 Client. + * This endpoint never returns passwords. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients:<some-id>\"], \"actions\": [\"get\"], \"effect\": \"allow\" } ``` Additionally, the context key \"owner\" is set to the owner of the client, allowing policies such as: ``` { \"resources\": [\"rn:hydra:clients:<some-id>\"], \"actions\": [\"get\"], \"effect\": \"allow\", \"conditions\": { \"owner\": { \"type\": \"EqualsSubjectCondition\" } } } ``` + * @param {String} id The id of the OAuth 2.0 Client. + * @param {module:api/OAuth2Api~getOAuth2ClientCallback} callback The callback function, accepting three arguments: error, data, response + * data is of type: {@link module:model/OAuth2Client} + */ + this.getOAuth2Client = function(id, callback) { + var postBody = null; + + // verify the required parameter 'id' is set + if (id === undefined || id === null) { + throw new Error("Missing the required parameter 'id' when calling getOAuth2Client"); + } + + + var pathParams = { + 'id': id + }; + var queryParams = { + }; + var headerParams = { + }; + var formParams = { + }; + + var authNames = ['oauth2']; + var contentTypes = ['application/json']; + var accepts = ['application/json']; + var returnType = OAuth2Client; + + return this.apiClient.callApi( + '/clients/{id}', 'GET', + pathParams, queryParams, headerParams, formParams, postBody, + authNames, contentTypes, accepts, returnType, callback + ); + } + + /** + * Callback function to receive the result of the getOAuth2ConsentRequest operation. + * @callback module:api/OAuth2Api~getOAuth2ConsentRequestCallback + * @param {String} error Error message, if any. + * @param {module:model/OAuth2consentRequest} data The data returned by the service call. + * @param {String} response The complete HTTP response. + */ + + /** + * Receive consent request information + * Call this endpoint to receive information on consent requests. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:oauth2:consent:requests:<request-id>\"], \"actions\": [\"get\"], \"effect\": \"allow\" } ``` + * @param {String} id The id of the OAuth 2.0 Consent Request. + * @param {module:api/OAuth2Api~getOAuth2ConsentRequestCallback} callback The callback function, accepting three arguments: error, data, response + * data is of type: {@link module:model/OAuth2consentRequest} + */ + this.getOAuth2ConsentRequest = function(id, callback) { + var postBody = null; + + // verify the required parameter 'id' is set + if (id === undefined || id === null) { + throw new Error("Missing the required parameter 'id' when calling getOAuth2ConsentRequest"); + } + + + var pathParams = { + 'id': id + }; + var queryParams = { + }; + var headerParams = { + }; + var formParams = { + }; + + var authNames = ['oauth2']; + var contentTypes = ['application/json']; + var accepts = ['application/json']; + var returnType = OAuth2consentRequest; + + return this.apiClient.callApi( + '/oauth2/consent/requests/{id}', 'GET', + pathParams, queryParams, headerParams, formParams, postBody, + authNames, contentTypes, accepts, returnType, callback + ); + } + + /** + * Callback function to receive the result of the getWellKnown operation. + * @callback module:api/OAuth2Api~getWellKnownCallback + * @param {String} error Error message, if any. + * @param {module:model/WellKnown} data The data returned by the service call. + * @param {String} response The complete HTTP response. + */ + + /** + * Server well known configuration + * The well known endpoint an be used to retrieve information for OpenID Connect clients. We encourage you to not roll your own OpenID Connect client but to use an OpenID Connect client library instead. You can learn more on this flow at https://openid.net/specs/openid-connect-discovery-1_0.html + * @param {module:api/OAuth2Api~getWellKnownCallback} callback The callback function, accepting three arguments: error, data, response + * data is of type: {@link module:model/WellKnown} + */ + this.getWellKnown = function(callback) { + var postBody = null; + + + var pathParams = { + }; + var queryParams = { + }; + var headerParams = { + }; + var formParams = { + }; + + var authNames = []; + var contentTypes = ['application/json', 'application/x-www-form-urlencoded']; + var accepts = ['application/json']; + var returnType = WellKnown; + + return this.apiClient.callApi( + '/.well-known/openid-configuration', 'GET', + pathParams, queryParams, headerParams, formParams, postBody, + authNames, contentTypes, accepts, returnType, callback + ); + } + + /** + * Callback function to receive the result of the introspectOAuth2Token operation. + * @callback module:api/OAuth2Api~introspectOAuth2TokenCallback + * @param {String} error Error message, if any. + * @param {module:model/OAuth2TokenIntrospection} data The data returned by the service call. + * @param {String} response The complete HTTP response. + */ + + /** + * Introspect OAuth2 tokens + * The introspection endpoint allows to check if a token (both refresh and access) is active or not. An active token is neither expired nor revoked. If a token is active, additional information on the token will be included. You can set additional data for a token by setting `accessTokenExtra` during the consent flow. + * @param {String} token The string value of the token. For access tokens, this is the \"access_token\" value returned from the token endpoint defined in OAuth 2.0 [RFC6749], Section 5.1. This endpoint DOES NOT accept refresh tokens for validation. + * @param {Object} opts Optional parameters + * @param {String} opts.scope An optional, space separated list of required scopes. If the access token was not granted one of the scopes, the result of active will be false. + * @param {module:api/OAuth2Api~introspectOAuth2TokenCallback} callback The callback function, accepting three arguments: error, data, response + * data is of type: {@link module:model/OAuth2TokenIntrospection} + */ + this.introspectOAuth2Token = function(token, opts, callback) { + opts = opts || {}; + var postBody = null; + + // verify the required parameter 'token' is set + if (token === undefined || token === null) { + throw new Error("Missing the required parameter 'token' when calling introspectOAuth2Token"); + } + + + var pathParams = { + }; + var queryParams = { + }; + var headerParams = { + }; + var formParams = { + 'token': token, + 'scope': opts['scope'] + }; + + var authNames = ['basic', 'oauth2']; + var contentTypes = ['application/x-www-form-urlencoded']; + var accepts = ['application/json']; + var returnType = OAuth2TokenIntrospection; + + return this.apiClient.callApi( + '/oauth2/introspect', 'POST', + pathParams, queryParams, headerParams, formParams, postBody, + authNames, contentTypes, accepts, returnType, callback + ); + } + + /** + * Callback function to receive the result of the listOAuth2Clients operation. + * @callback module:api/OAuth2Api~listOAuth2ClientsCallback + * @param {String} error Error message, if any. + * @param {Array.} data The data returned by the service call. + * @param {String} response The complete HTTP response. + */ + + /** + * List OAuth 2.0 Clients + * This endpoint never returns passwords. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"get\"], \"effect\": \"allow\" } ``` + * @param {module:api/OAuth2Api~listOAuth2ClientsCallback} callback The callback function, accepting three arguments: error, data, response + * data is of type: {@link Array.} + */ + this.listOAuth2Clients = function(callback) { + var postBody = null; + + + var pathParams = { + }; + var queryParams = { + }; + var headerParams = { + }; + var formParams = { + }; + + var authNames = ['oauth2']; + var contentTypes = ['application/json']; + var accepts = ['application/json']; + var returnType = [OAuth2Client]; + + return this.apiClient.callApi( + '/clients', 'GET', + pathParams, queryParams, headerParams, formParams, postBody, + authNames, contentTypes, accepts, returnType, callback + ); + } + + /** + * Callback function to receive the result of the oauthAuth operation. + * @callback module:api/OAuth2Api~oauthAuthCallback + * @param {String} error Error message, if any. + * @param data This operation does not return a value. + * @param {String} response The complete HTTP response. + */ + + /** + * The OAuth 2.0 authorize endpoint + * This endpoint is not documented here because you should never use your own implementation to perform OAuth2 flows. OAuth2 is a very popular protocol and a library for your programming language will exists. To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc6749 + * @param {module:api/OAuth2Api~oauthAuthCallback} callback The callback function, accepting three arguments: error, data, response + */ + this.oauthAuth = function(callback) { + var postBody = null; + + + var pathParams = { + }; + var queryParams = { + }; + var headerParams = { + }; + var formParams = { + }; + + var authNames = []; + var contentTypes = ['application/x-www-form-urlencoded']; + var accepts = ['application/json']; + var returnType = null; + + return this.apiClient.callApi( + '/oauth2/auth', 'GET', + pathParams, queryParams, headerParams, formParams, postBody, + authNames, contentTypes, accepts, returnType, callback + ); + } + + /** + * Callback function to receive the result of the oauthToken operation. + * @callback module:api/OAuth2Api~oauthTokenCallback + * @param {String} error Error message, if any. + * @param {module:model/InlineResponse2001} data The data returned by the service call. + * @param {String} response The complete HTTP response. + */ + + /** + * The OAuth 2.0 token endpoint + * This endpoint is not documented here because you should never use your own implementation to perform OAuth2 flows. OAuth2 is a very popular protocol and a library for your programming language will exists. To learn more about this flow please refer to the specification: https://tools.ietf.org/html/rfc6749 + * @param {module:api/OAuth2Api~oauthTokenCallback} callback The callback function, accepting three arguments: error, data, response + * data is of type: {@link module:model/InlineResponse2001} + */ + this.oauthToken = function(callback) { + var postBody = null; + + + var pathParams = { + }; + var queryParams = { + }; + var headerParams = { + }; + var formParams = { + }; + + var authNames = ['basic', 'oauth2']; + var contentTypes = ['application/x-www-form-urlencoded']; + var accepts = ['application/json']; + var returnType = InlineResponse2001; + + return this.apiClient.callApi( + '/oauth2/token', 'POST', + pathParams, queryParams, headerParams, formParams, postBody, + authNames, contentTypes, accepts, returnType, callback + ); + } + + /** + * Callback function to receive the result of the rejectOAuth2ConsentRequest operation. + * @callback module:api/OAuth2Api~rejectOAuth2ConsentRequestCallback + * @param {String} error Error message, if any. + * @param data This operation does not return a value. + * @param {String} response The complete HTTP response. + */ + + /** + * Reject a consent request + * Call this endpoint to reject a consent request. This usually happens when a user denies access rights to an application. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:oauth2:consent:requests:<request-id>\"], \"actions\": [\"reject\"], \"effect\": \"allow\" } ``` + * @param {String} id + * @param {module:model/ConsentRequestRejection} body + * @param {module:api/OAuth2Api~rejectOAuth2ConsentRequestCallback} callback The callback function, accepting three arguments: error, data, response + */ + this.rejectOAuth2ConsentRequest = function(id, body, callback) { + var postBody = body; + + // verify the required parameter 'id' is set + if (id === undefined || id === null) { + throw new Error("Missing the required parameter 'id' when calling rejectOAuth2ConsentRequest"); + } + + // verify the required parameter 'body' is set + if (body === undefined || body === null) { + throw new Error("Missing the required parameter 'body' when calling rejectOAuth2ConsentRequest"); + } + + + var pathParams = { + 'id': id + }; + var queryParams = { + }; + var headerParams = { + }; + var formParams = { + }; + + var authNames = ['oauth2']; + var contentTypes = ['application/json']; + var accepts = ['application/json']; + var returnType = null; + + return this.apiClient.callApi( + '/oauth2/consent/requests/{id}/reject', 'PATCH', + pathParams, queryParams, headerParams, formParams, postBody, + authNames, contentTypes, accepts, returnType, callback + ); + } + + /** + * Callback function to receive the result of the revokeOAuth2Token operation. + * @callback module:api/OAuth2Api~revokeOAuth2TokenCallback + * @param {String} error Error message, if any. + * @param data This operation does not return a value. + * @param {String} response The complete HTTP response. + */ + + /** + * Revoke OAuth2 tokens + * Revoking a token (both access and refresh) means that the tokens will be invalid. A revoked access token can no longer be used to make access requests, and a revoked refresh token can no longer be used to refresh an access token. Revoking a refresh token also invalidates the access token that was created with it. + * @param {String} token + * @param {module:api/OAuth2Api~revokeOAuth2TokenCallback} callback The callback function, accepting three arguments: error, data, response + */ + this.revokeOAuth2Token = function(token, callback) { + var postBody = null; + + // verify the required parameter 'token' is set + if (token === undefined || token === null) { + throw new Error("Missing the required parameter 'token' when calling revokeOAuth2Token"); + } + + + var pathParams = { + }; + var queryParams = { + }; + var headerParams = { + }; + var formParams = { + 'token': token + }; + + var authNames = ['basic']; + var contentTypes = ['application/x-www-form-urlencoded']; + var accepts = ['application/json']; + var returnType = null; + + return this.apiClient.callApi( + '/oauth2/revoke', 'POST', + pathParams, queryParams, headerParams, formParams, postBody, + authNames, contentTypes, accepts, returnType, callback + ); + } + + /** + * Callback function to receive the result of the updateOAuth2Client operation. + * @callback module:api/OAuth2Api~updateOAuth2ClientCallback + * @param {String} error Error message, if any. + * @param {module:model/OAuth2Client} data The data returned by the service call. + * @param {String} response The complete HTTP response. + */ + + /** + * Update an OAuth 2.0 Client + * If you pass `client_secret` the secret will be updated and returned via the API. This is the only time you will be able to retrieve the client secret, so write it down and keep it safe. The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"update\"], \"effect\": \"allow\" } ``` Additionally, the context key \"owner\" is set to the owner of the client, allowing policies such as: ``` { \"resources\": [\"rn:hydra:clients\"], \"actions\": [\"update\"], \"effect\": \"allow\", \"conditions\": { \"owner\": { \"type\": \"EqualsSubjectCondition\" } } } ``` + * @param {String} id + * @param {module:model/OAuth2Client} body + * @param {module:api/OAuth2Api~updateOAuth2ClientCallback} callback The callback function, accepting three arguments: error, data, response + * data is of type: {@link module:model/OAuth2Client} + */ + this.updateOAuth2Client = function(id, body, callback) { + var postBody = body; + + // verify the required parameter 'id' is set + if (id === undefined || id === null) { + throw new Error("Missing the required parameter 'id' when calling updateOAuth2Client"); + } + + // verify the required parameter 'body' is set + if (body === undefined || body === null) { + throw new Error("Missing the required parameter 'body' when calling updateOAuth2Client"); + } + + + var pathParams = { + 'id': id + }; + var queryParams = { + }; + var headerParams = { + }; + var formParams = { + }; + + var authNames = ['oauth2']; + var contentTypes = ['application/json']; + var accepts = ['application/json']; + var returnType = OAuth2Client; + + return this.apiClient.callApi( + '/clients/{id}', 'PUT', + pathParams, queryParams, headerParams, formParams, postBody, + authNames, contentTypes, accepts, returnType, callback + ); + } + /** * Callback function to receive the result of the wellKnown operation. - * @callback module:api/Oauth2Api~wellKnownCallback + * @callback module:api/OAuth2Api~wellKnownCallback * @param {String} error Error message, if any. * @param {module:model/JsonWebKeySet} data The data returned by the service call. * @param {String} response The complete HTTP response. @@ -59,7 +645,7 @@ /** * Get list of well known JSON Web Keys * The subject making the request needs to be assigned to a policy containing: ``` { \"resources\": [\"rn:hydra:keys:hydra.openid.id-token:public\"], \"actions\": [\"GET\"], \"effect\": \"allow\" } ``` - * @param {module:api/Oauth2Api~wellKnownCallback} callback The callback function, accepting three arguments: error, data, response + * @param {module:api/OAuth2Api~wellKnownCallback} callback The callback function, accepting three arguments: error, data, response * data is of type: {@link module:model/JsonWebKeySet} */ this.wellKnown = function(callback) { diff --git a/sdk/js/swagger/src/index.js b/sdk/js/swagger/src/index.js index 3120734d84a..32f05b5eac7 100644 --- a/sdk/js/swagger/src/index.js +++ b/sdk/js/swagger/src/index.js @@ -17,12 +17,12 @@ (function(factory) { if (typeof define === 'function' && define.amd) { // AMD. Register as an anonymous module. - define(['ApiClient', 'model/ConsentRequestAcceptance', 'model/ConsentRequestManager', 'model/ConsentRequestRejection', 'model/Context', 'model/Firewall', 'model/Group', 'model/GroupMembers', 'model/Handler', 'model/InlineResponse200', 'model/InlineResponse2001', 'model/InlineResponse401', 'model/JoseWebKeySetRequest', 'model/JsonWebKey', 'model/JsonWebKeySet', 'model/JsonWebKeySetGeneratorRequest', 'model/KeyGenerator', 'model/Manager', 'model/OAuth2Client', 'model/OAuth2TokenIntrospection', 'model/OAuth2consentRequest', 'model/Policy', 'model/PolicyConditions', 'model/RawMessage', 'model/SwaggerAcceptConsentRequest', 'model/SwaggerCreatePolicyParameters', 'model/SwaggerDoesWardenAllowAccessRequestParameters', 'model/SwaggerDoesWardenAllowTokenAccessRequestParameters', 'model/SwaggerGetPolicyParameters', 'model/SwaggerJsonWebKeyQuery', 'model/SwaggerJwkCreateSet', 'model/SwaggerJwkSetQuery', 'model/SwaggerJwkUpdateSet', 'model/SwaggerJwkUpdateSetKey', 'model/SwaggerListPolicyParameters', 'model/SwaggerListPolicyResponse', 'model/SwaggerOAuthConsentRequest', 'model/SwaggerOAuthConsentRequestPayload', 'model/SwaggerOAuthIntrospectionRequest', 'model/SwaggerOAuthIntrospectionResponse', 'model/SwaggerOAuthTokenResponse', 'model/SwaggerOAuthTokenResponseBody', 'model/SwaggerRejectConsentRequest', 'model/SwaggerRevokeOAuth2TokenParameters', 'model/SwaggerUpdatePolicyParameters', 'model/SwaggerWardenAccessRequestResponseParameters', 'model/SwaggerWardenTokenAccessRequestResponse', 'model/TokenAllowedRequest', 'model/WardenAccessRequest', 'model/WardenAccessRequestResponse', 'model/WardenTokenAccessRequest', 'model/WardenTokenAccessRequestResponsePayload', 'model/WellKnown', 'model/Writer', 'api/HealthApi', 'api/JsonWebKeyApi', 'api/OAuth2Api', 'api/Oauth2Api', 'api/PolicyApi', 'api/WardenApi'], factory); + define(['ApiClient', 'model/ConsentRequestAcceptance', 'model/ConsentRequestManager', 'model/ConsentRequestRejection', 'model/Context', 'model/Firewall', 'model/Group', 'model/GroupMembers', 'model/Handler', 'model/InlineResponse200', 'model/InlineResponse2001', 'model/InlineResponse401', 'model/JoseWebKeySetRequest', 'model/JsonWebKey', 'model/JsonWebKeySet', 'model/JsonWebKeySetGeneratorRequest', 'model/KeyGenerator', 'model/Manager', 'model/OAuth2Client', 'model/OAuth2TokenIntrospection', 'model/OAuth2consentRequest', 'model/Policy', 'model/PolicyConditions', 'model/RawMessage', 'model/SwaggerAcceptConsentRequest', 'model/SwaggerCreatePolicyParameters', 'model/SwaggerDoesWardenAllowAccessRequestParameters', 'model/SwaggerDoesWardenAllowTokenAccessRequestParameters', 'model/SwaggerGetPolicyParameters', 'model/SwaggerJsonWebKeyQuery', 'model/SwaggerJwkCreateSet', 'model/SwaggerJwkSetQuery', 'model/SwaggerJwkUpdateSet', 'model/SwaggerJwkUpdateSetKey', 'model/SwaggerListPolicyParameters', 'model/SwaggerListPolicyResponse', 'model/SwaggerOAuthConsentRequest', 'model/SwaggerOAuthConsentRequestPayload', 'model/SwaggerOAuthIntrospectionRequest', 'model/SwaggerOAuthIntrospectionResponse', 'model/SwaggerOAuthTokenResponse', 'model/SwaggerOAuthTokenResponseBody', 'model/SwaggerRejectConsentRequest', 'model/SwaggerRevokeOAuth2TokenParameters', 'model/SwaggerUpdatePolicyParameters', 'model/SwaggerWardenAccessRequestResponseParameters', 'model/SwaggerWardenTokenAccessRequestResponse', 'model/TokenAllowedRequest', 'model/WardenAccessRequest', 'model/WardenAccessRequestResponse', 'model/WardenTokenAccessRequest', 'model/WardenTokenAccessRequestResponsePayload', 'model/WellKnown', 'model/Writer', 'api/HealthApi', 'api/JsonWebKeyApi', 'api/OAuth2Api', 'api/PolicyApi', 'api/WardenApi'], factory); } else if (typeof module === 'object' && module.exports) { // CommonJS-like environments that support module.exports, like Node. - module.exports = factory(require('./ApiClient'), require('./model/ConsentRequestAcceptance'), require('./model/ConsentRequestManager'), require('./model/ConsentRequestRejection'), require('./model/Context'), require('./model/Firewall'), require('./model/Group'), require('./model/GroupMembers'), require('./model/Handler'), require('./model/InlineResponse200'), require('./model/InlineResponse2001'), require('./model/InlineResponse401'), require('./model/JoseWebKeySetRequest'), require('./model/JsonWebKey'), require('./model/JsonWebKeySet'), require('./model/JsonWebKeySetGeneratorRequest'), require('./model/KeyGenerator'), require('./model/Manager'), require('./model/OAuth2Client'), require('./model/OAuth2TokenIntrospection'), require('./model/OAuth2consentRequest'), require('./model/Policy'), require('./model/PolicyConditions'), require('./model/RawMessage'), require('./model/SwaggerAcceptConsentRequest'), require('./model/SwaggerCreatePolicyParameters'), require('./model/SwaggerDoesWardenAllowAccessRequestParameters'), require('./model/SwaggerDoesWardenAllowTokenAccessRequestParameters'), require('./model/SwaggerGetPolicyParameters'), require('./model/SwaggerJsonWebKeyQuery'), require('./model/SwaggerJwkCreateSet'), require('./model/SwaggerJwkSetQuery'), require('./model/SwaggerJwkUpdateSet'), require('./model/SwaggerJwkUpdateSetKey'), require('./model/SwaggerListPolicyParameters'), require('./model/SwaggerListPolicyResponse'), require('./model/SwaggerOAuthConsentRequest'), require('./model/SwaggerOAuthConsentRequestPayload'), require('./model/SwaggerOAuthIntrospectionRequest'), require('./model/SwaggerOAuthIntrospectionResponse'), require('./model/SwaggerOAuthTokenResponse'), require('./model/SwaggerOAuthTokenResponseBody'), require('./model/SwaggerRejectConsentRequest'), require('./model/SwaggerRevokeOAuth2TokenParameters'), require('./model/SwaggerUpdatePolicyParameters'), require('./model/SwaggerWardenAccessRequestResponseParameters'), require('./model/SwaggerWardenTokenAccessRequestResponse'), require('./model/TokenAllowedRequest'), require('./model/WardenAccessRequest'), require('./model/WardenAccessRequestResponse'), require('./model/WardenTokenAccessRequest'), require('./model/WardenTokenAccessRequestResponsePayload'), require('./model/WellKnown'), require('./model/Writer'), require('./api/HealthApi'), require('./api/JsonWebKeyApi'), require('./api/OAuth2Api'), require('./api/Oauth2Api'), require('./api/PolicyApi'), require('./api/WardenApi')); + module.exports = factory(require('./ApiClient'), require('./model/ConsentRequestAcceptance'), require('./model/ConsentRequestManager'), require('./model/ConsentRequestRejection'), require('./model/Context'), require('./model/Firewall'), require('./model/Group'), require('./model/GroupMembers'), require('./model/Handler'), require('./model/InlineResponse200'), require('./model/InlineResponse2001'), require('./model/InlineResponse401'), require('./model/JoseWebKeySetRequest'), require('./model/JsonWebKey'), require('./model/JsonWebKeySet'), require('./model/JsonWebKeySetGeneratorRequest'), require('./model/KeyGenerator'), require('./model/Manager'), require('./model/OAuth2Client'), require('./model/OAuth2TokenIntrospection'), require('./model/OAuth2consentRequest'), require('./model/Policy'), require('./model/PolicyConditions'), require('./model/RawMessage'), require('./model/SwaggerAcceptConsentRequest'), require('./model/SwaggerCreatePolicyParameters'), require('./model/SwaggerDoesWardenAllowAccessRequestParameters'), require('./model/SwaggerDoesWardenAllowTokenAccessRequestParameters'), require('./model/SwaggerGetPolicyParameters'), require('./model/SwaggerJsonWebKeyQuery'), require('./model/SwaggerJwkCreateSet'), require('./model/SwaggerJwkSetQuery'), require('./model/SwaggerJwkUpdateSet'), require('./model/SwaggerJwkUpdateSetKey'), require('./model/SwaggerListPolicyParameters'), require('./model/SwaggerListPolicyResponse'), require('./model/SwaggerOAuthConsentRequest'), require('./model/SwaggerOAuthConsentRequestPayload'), require('./model/SwaggerOAuthIntrospectionRequest'), require('./model/SwaggerOAuthIntrospectionResponse'), require('./model/SwaggerOAuthTokenResponse'), require('./model/SwaggerOAuthTokenResponseBody'), require('./model/SwaggerRejectConsentRequest'), require('./model/SwaggerRevokeOAuth2TokenParameters'), require('./model/SwaggerUpdatePolicyParameters'), require('./model/SwaggerWardenAccessRequestResponseParameters'), require('./model/SwaggerWardenTokenAccessRequestResponse'), require('./model/TokenAllowedRequest'), require('./model/WardenAccessRequest'), require('./model/WardenAccessRequestResponse'), require('./model/WardenTokenAccessRequest'), require('./model/WardenTokenAccessRequestResponsePayload'), require('./model/WellKnown'), require('./model/Writer'), require('./api/HealthApi'), require('./api/JsonWebKeyApi'), require('./api/OAuth2Api'), require('./api/PolicyApi'), require('./api/WardenApi')); } -}(function(ApiClient, ConsentRequestAcceptance, ConsentRequestManager, ConsentRequestRejection, Context, Firewall, Group, GroupMembers, Handler, InlineResponse200, InlineResponse2001, InlineResponse401, JoseWebKeySetRequest, JsonWebKey, JsonWebKeySet, JsonWebKeySetGeneratorRequest, KeyGenerator, Manager, OAuth2Client, OAuth2TokenIntrospection, OAuth2consentRequest, Policy, PolicyConditions, RawMessage, SwaggerAcceptConsentRequest, SwaggerCreatePolicyParameters, SwaggerDoesWardenAllowAccessRequestParameters, SwaggerDoesWardenAllowTokenAccessRequestParameters, SwaggerGetPolicyParameters, SwaggerJsonWebKeyQuery, SwaggerJwkCreateSet, SwaggerJwkSetQuery, SwaggerJwkUpdateSet, SwaggerJwkUpdateSetKey, SwaggerListPolicyParameters, SwaggerListPolicyResponse, SwaggerOAuthConsentRequest, SwaggerOAuthConsentRequestPayload, SwaggerOAuthIntrospectionRequest, SwaggerOAuthIntrospectionResponse, SwaggerOAuthTokenResponse, SwaggerOAuthTokenResponseBody, SwaggerRejectConsentRequest, SwaggerRevokeOAuth2TokenParameters, SwaggerUpdatePolicyParameters, SwaggerWardenAccessRequestResponseParameters, SwaggerWardenTokenAccessRequestResponse, TokenAllowedRequest, WardenAccessRequest, WardenAccessRequestResponse, WardenTokenAccessRequest, WardenTokenAccessRequestResponsePayload, WellKnown, Writer, HealthApi, JsonWebKeyApi, OAuth2Api, Oauth2Api, PolicyApi, WardenApi) { +}(function(ApiClient, ConsentRequestAcceptance, ConsentRequestManager, ConsentRequestRejection, Context, Firewall, Group, GroupMembers, Handler, InlineResponse200, InlineResponse2001, InlineResponse401, JoseWebKeySetRequest, JsonWebKey, JsonWebKeySet, JsonWebKeySetGeneratorRequest, KeyGenerator, Manager, OAuth2Client, OAuth2TokenIntrospection, OAuth2consentRequest, Policy, PolicyConditions, RawMessage, SwaggerAcceptConsentRequest, SwaggerCreatePolicyParameters, SwaggerDoesWardenAllowAccessRequestParameters, SwaggerDoesWardenAllowTokenAccessRequestParameters, SwaggerGetPolicyParameters, SwaggerJsonWebKeyQuery, SwaggerJwkCreateSet, SwaggerJwkSetQuery, SwaggerJwkUpdateSet, SwaggerJwkUpdateSetKey, SwaggerListPolicyParameters, SwaggerListPolicyResponse, SwaggerOAuthConsentRequest, SwaggerOAuthConsentRequestPayload, SwaggerOAuthIntrospectionRequest, SwaggerOAuthIntrospectionResponse, SwaggerOAuthTokenResponse, SwaggerOAuthTokenResponseBody, SwaggerRejectConsentRequest, SwaggerRevokeOAuth2TokenParameters, SwaggerUpdatePolicyParameters, SwaggerWardenAccessRequestResponseParameters, SwaggerWardenTokenAccessRequestResponse, TokenAllowedRequest, WardenAccessRequest, WardenAccessRequestResponse, WardenTokenAccessRequest, WardenTokenAccessRequestResponsePayload, WellKnown, Writer, HealthApi, JsonWebKeyApi, OAuth2Api, PolicyApi, WardenApi) { 'use strict'; /** @@ -342,11 +342,6 @@ * @property {module:api/OAuth2Api} */ OAuth2Api: OAuth2Api, - /** - * The Oauth2Api service constructor. - * @property {module:api/Oauth2Api} - */ - Oauth2Api: Oauth2Api, /** * The PolicyApi service constructor. * @property {module:api/PolicyApi} diff --git a/sdk/js/swagger/test/api/OAuth2Api.spec.js b/sdk/js/swagger/test/api/OAuth2Api.spec.js index 0f0b1c8d0e4..a779b1c2b6f 100644 --- a/sdk/js/swagger/test/api/OAuth2Api.spec.js +++ b/sdk/js/swagger/test/api/OAuth2Api.spec.js @@ -181,6 +181,16 @@ done(); }); }); + describe('wellKnown', function() { + it('should call wellKnown successfully', function(done) { + //uncomment below and update the code to test wellKnown + //instance.wellKnown(function(error) { + // if (error) throw error; + //expect().to.be(); + //}); + done(); + }); + }); }); }));