sdk: Generate php sdk and point php autoloader to lib folder

Add docs/sdk/php.md

Signed-off-by: Philip Nicolcev <phil.nicolcev@tulip.io>

composer.json

@@ -17,6 +17,6 @@
     "ext-mbstring": "*"
   },
   "autoload": {
-    "psr-4": { "Hydra\\SDK\\" : "sdk/php/swagger/" }
+    "psr-4": { "Hydra\\SDK\\" : "sdk/php/swagger/lib/" }
   }
-}
+}

docs/sdk/php.md

@@ -0,0 +1,90 @@
+## PHP SDK
+
+### Installation
+
+Installation is best done using [composer](https://getcomposer.org/)
+
+Create a composer.json file with the following:
+
+```json
+{
+    "repositories": {
+        "tulip/hydra-php-sdk": { "type": "vcs", "url": "git@git.internal.tulip.io:shared/composer-libraries/hydra-php-sdk.git" }
+    },
+    "require": {
+        "tulip/hydra-php-sdk": "dev-master"
+    }
+}
+```
+
+Then run `composer install` and include the generated autoload file in your script.
+
+### Configuration
+
+#### OAuth2 configuration
+
+We need OAuth2 capabilities in order to make authorized API calls. You can either write your own OAuth2 mechanism or
+use an existing one that has been preconfigured for use with Hydra. Here we use a modified version of the league OAuth2
+client that has had this work done for us.
+
+```sh
+composer require tulip/oauth2-hydra
+```
+
+```php
+// Get an access token using your account credentials.
+// Note that if you are using the Hydra inside docker as per the getting started docs, the domain will be hydra:4444 from
+// within another container.
+$provider = new \Hydra\OAuth2\Provider\OAuth2([
+    'clientId' => 'admin',
+    'clientSecret' => 'demo-password',
+    'domain' => 'http://localhost:4444',
+]);
+
+try {
+    // Get an access token using the client credentials grant.
+    // Note that you must separate multiple scopes with a plus (+)
+    $accessToken = $provider->getAccessToken(
+        'client_credentials', ['scope' => 'hydra.clients']
+    );
+} catch (\Hydra\Oauth2\Provider\Exception\ConnectionException $e) {
+    die("Connection to hydra failed: " . $e->getMessage());
+} catch (\Hydra\Oauth2\Provider\Exception\IdentityProviderException $e) {
+    die("Failed to get an access token: " . $e->getMessage());
+}
+
+```
+
+#### SDK configuration
+
+Using `$accessToken` from the above steps, you may now use the Hydra SDK:
+
+```php
+$config = new \Hydra\SDK\Configuration();
+$config->setHost('http://localhost:4444');
+// Use true in production!
+$config->setSSLVerification(false);
+$config->setAccessToken($accessToken);
+
+// Pass the config into an ApiClient. You will need this client in the next ste.
+$hydraApiClient = new \Hydra\SDK\ApiClient($config);
+```
+
+### API Usage
+
+There are several APIs made available, see [../../sdk/php/swagger/README.md](The full API docs) for a list of clients and methods.
+
+For this example, lets use the OAuth2Api to get a list of clients and use the `$hydraApiClient` from above:
+
+```php
+$hydraOAuth2Api = new \Hydra\SDK\Api\OAuth2Api($hydraApiClient);
+
+try {
+    $clients = $hydraOAuthSDK->listOAuth2Clients();
+} catch ( \Hydra\SDK\ApiException $e) {
+    if ($e->getCode() == 400) {
+        die("Permission denied to get clients. Check the scopes on your access token!");
+    }
+    die("Failed to get clients: ".$e->getMessage());
+}
+```

scripts/run-gensdk.sh

@@ -8,17 +8,22 @@ scripts/run-genswag.sh
 
 rm -rf ./sdk/go/hydra/swagger
 rm -rf ./sdk/js/swagger
+rm -rf ./sdk/php/swagger
 
 # curl -O scripts/swagger-codegen-cli-2.2.3.jar http://central.maven.org/maven2/io/swagger/swagger-codegen-cli/2.2.3/swagger-codegen-cli-2.2.3.jar
 
 java -jar scripts/swagger-codegen-cli-2.2.3.jar generate -i ./docs/api.swagger.json -l go -o ./sdk/go/hydra/swagger
 java -jar scripts/swagger-codegen-cli-2.2.3.jar generate -i ./docs/api.swagger.json -l javascript -o ./sdk/js/swagger
+java -jar scripts/swagger-codegen-cli-2.2.3.jar generate -i ./docs/api.swagger.json -l php -o sdk/php/ \
+    --invoker-package Hydra\\SDK --git-repo-id swagger --git-user-id ory --additional-properties "packagePath=swagger,description=Client for Hydra"
 
 scripts/run-format.sh
 
 git checkout HEAD -- sdk/go/hydra/swagger/configuration.go
 git checkout HEAD -- sdk/go/hydra/swagger/api_client.go
 rm -f ./sdk/js/swagger/package.json
 rm -rf ./sdk/js/swagger/test
+rm -f ./sdk/php/swagger/composer.json ./sdk/php/swagger/phpunit.xml.dist
+rm -rf ./sdk/php/swagger/test
 
 npm run prettier

sdk/php/.swagger-codegen-ignore

@@ -0,0 +1,23 @@
+# Swagger Codegen Ignore
+# Generated by swagger-codegen https://github.com/swagger-api/swagger-codegen
+
+# Use this file to prevent files from being overwritten by the generator.
+# The patterns follow closely to .gitignore or .dockerignore.
+
+# As an example, the C# client generator defines ApiClient.cs.
+# You can make changes and tell Swagger Codgen to ignore just this file by uncommenting the following line:
+#ApiClient.cs
+
+# You can match any string of characters against a directory, file or extension with a single asterisk (*):
+#foo/*/qux
+# The above matches foo/bar/qux and foo/baz/qux, but not foo/bar/baz/qux
+
+# You can recursively match patterns against a directory, file or extension with a double asterisk (**):
+#foo/**/qux
+# This matches foo/bar/qux, foo/baz/qux, and foo/bar/baz/qux
+
+# You can also negate patterns with an exclamation (!).
+# For example, you can ignore all files in a docs folder with the file extension .md:
+#docs/*.md
+# Then explicitly reverse the ignore rule for a single file:
+#!docs/README.md

sdk/php/.swagger-codegen/VERSION

@@ -0,0 +1 @@
+unset

sdk/php/swagger/.php_cs

@@ -0,0 +1,18 @@
+<?php
+
+return Symfony\CS\Config::create()
+    ->level(Symfony\CS\FixerInterface::PSR2_LEVEL)
+    ->setUsingCache(true)
+    ->fixers(
+        [
+            'ordered_use',
+            'phpdoc_order',
+            'short_array_syntax',
+            'strict',
+            'strict_param'
+        ]
+    )
+    ->finder(
+        Symfony\CS\Finder\DefaultFinder::create()
+            ->in(__DIR__)
+    );

sdk/php/swagger/.travis.yml

@@ -0,0 +1,10 @@
+language: php
+sudo: false
+php:
+    - 5.4
+    - 5.5
+    - 5.6
+    - 7.0
+    - hhvm
+before_install: "composer install"
+script: "vendor/bin/phpunit"

sdk/php/swagger/README.md

@@ -0,0 +1,210 @@
+# swagger
+Please refer to the user guide for in-depth documentation: https://ory.gitbooks.io/hydra/content/   Hydra offers OAuth 2.0 and OpenID Connect Core 1.0 capabilities as a service. Hydra is different, because it works with any existing authentication infrastructure, not just LDAP or SAML. By implementing a consent app (works with any programming language) you build a bridge between Hydra and your authentication infrastructure. Hydra is able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to. Hydra is suitable for green- (new) and brownfield (existing) projects. If you are not familiar with OAuth 2.0 and are working on a greenfield project, we recommend evaluating if OAuth 2.0 really serves your purpose. Knowledge of OAuth 2.0 is imperative in understanding what Hydra does and how it works.   The official repository is located at https://github.com/ory/hydra   ### Important REST API Documentation Notes  The swagger generator used to create this documentation does currently not support example responses. To see request and response payloads click on **\"Show JSON schema\"**: ![Enable JSON Schema on Apiary](https://storage.googleapis.com/ory.am/hydra/json-schema.png)   The API documentation always refers to the latest tagged version of ORY Hydra. For previous API documentations, please refer to https://github.com/ory/hydra/blob/<tag-id>/docs/api.swagger.yaml - for example:  0.9.13: https://github.com/ory/hydra/blob/v0.9.13/docs/api.swagger.yaml 0.8.1: https://github.com/ory/hydra/blob/v0.8.1/docs/api.swagger.yaml
+
+This PHP package is automatically generated by the [Swagger Codegen](https://github.com/swagger-api/swagger-codegen) project:
+
+- API version: Latest
+- Build package: io.swagger.codegen.languages.PhpClientCodegen
+For more information, please visit [https://www.ory.am](https://www.ory.am)
+
+## Requirements
+
+PHP 5.4.0 and later
+
+## Installation & Usage
+### Composer
+
+To install the bindings via [Composer](http://getcomposer.org/), add the following to `composer.json`:
+
+```
+{
+  "repositories": [
+    {
+      "type": "git",
+      "url": "https://github.com/ory/swagger.git"
+    }
+  ],
+  "require": {
+    "ory/swagger": "*@dev"
+  }
+}
+```
+
+Then run `composer install`
+
+### Manual Installation
+
+Download the files and include `autoload.php`:
+
+```php
+    require_once('/path/to/swagger/autoload.php');
+```
+
+## Tests
+
+To run the unit tests:
+
+```
+composer install
+./vendor/bin/phpunit
+```
+
+## Getting Started
+
+Please follow the [installation procedure](#installation--usage) and then run the following:
+
+```php
+<?php
+require_once(__DIR__ . '/vendor/autoload.php');
+
+// Configure OAuth2 access token for authorization: oauth2
+Hydra\SDK\Configuration::getDefaultConfiguration()->setAccessToken('YOUR_ACCESS_TOKEN');
+
+$api_instance = new Hydra\SDK\Api\HealthApi();
+
+try {
+    $api_instance->getInstanceMetrics();
+} catch (Exception $e) {
+    echo 'Exception when calling HealthApi->getInstanceMetrics: ', $e->getMessage(), PHP_EOL;
+}
+
+?>
+```
+
+## Documentation for API Endpoints
+
+All URIs are relative to *http://localhost*
+
+Class | Method | HTTP request | Description
+------------ | ------------- | ------------- | -------------
+*HealthApi* | [**getInstanceMetrics**](docs/Api/HealthApi.md#getinstancemetrics) | **GET** /health/metrics | Show instance metrics (experimental)
+*HealthApi* | [**getInstanceStatus**](docs/Api/HealthApi.md#getinstancestatus) | **GET** /health/status | Check health status of this instance
+*JsonWebKeyApi* | [**createJsonWebKeySet**](docs/Api/JsonWebKeyApi.md#createjsonwebkeyset) | **POST** /keys/{set} | Generate a new JSON Web Key
+*JsonWebKeyApi* | [**deleteJsonWebKey**](docs/Api/JsonWebKeyApi.md#deletejsonwebkey) | **DELETE** /keys/{set}/{kid} | Delete a JSON Web Key
+*JsonWebKeyApi* | [**deleteJsonWebKeySet**](docs/Api/JsonWebKeyApi.md#deletejsonwebkeyset) | **DELETE** /keys/{set} | Delete a JSON Web Key
+*JsonWebKeyApi* | [**getJsonWebKey**](docs/Api/JsonWebKeyApi.md#getjsonwebkey) | **GET** /keys/{set}/{kid} | Retrieve a JSON Web Key
+*JsonWebKeyApi* | [**getJsonWebKeySet**](docs/Api/JsonWebKeyApi.md#getjsonwebkeyset) | **GET** /keys/{set} | Retrieve a JSON Web Key Set
+*JsonWebKeyApi* | [**updateJsonWebKey**](docs/Api/JsonWebKeyApi.md#updatejsonwebkey) | **PUT** /keys/{set}/{kid} | Update a JSON Web Key
+*JsonWebKeyApi* | [**updateJsonWebKeySet**](docs/Api/JsonWebKeyApi.md#updatejsonwebkeyset) | **PUT** /keys/{set} | Update a JSON Web Key Set
+*OAuth2Api* | [**acceptOAuth2ConsentRequest**](docs/Api/OAuth2Api.md#acceptoauth2consentrequest) | **PATCH** /oauth2/consent/requests/{id}/accept | Accept a consent request
+*OAuth2Api* | [**createOAuth2Client**](docs/Api/OAuth2Api.md#createoauth2client) | **POST** /clients | Create an OAuth 2.0 client
+*OAuth2Api* | [**deleteOAuth2Client**](docs/Api/OAuth2Api.md#deleteoauth2client) | **DELETE** /clients/{id} | Deletes an OAuth 2.0 Client
+*OAuth2Api* | [**getOAuth2Client**](docs/Api/OAuth2Api.md#getoauth2client) | **GET** /clients/{id} | Retrieve an OAuth 2.0 Client.
+*OAuth2Api* | [**getOAuth2ConsentRequest**](docs/Api/OAuth2Api.md#getoauth2consentrequest) | **GET** /oauth2/consent/requests/{id} | Receive consent request information
+*OAuth2Api* | [**getWellKnown**](docs/Api/OAuth2Api.md#getwellknown) | **GET** /.well-known/openid-configuration | Server well known configuration
+*OAuth2Api* | [**introspectOAuth2Token**](docs/Api/OAuth2Api.md#introspectoauth2token) | **POST** /oauth2/introspect | Introspect OAuth2 tokens
+*OAuth2Api* | [**listOAuth2Clients**](docs/Api/OAuth2Api.md#listoauth2clients) | **GET** /clients | List OAuth 2.0 Clients
+*OAuth2Api* | [**oauthAuth**](docs/Api/OAuth2Api.md#oauthauth) | **GET** /oauth2/auth | The OAuth 2.0 authorize endpoint
+*OAuth2Api* | [**oauthToken**](docs/Api/OAuth2Api.md#oauthtoken) | **POST** /oauth2/token | The OAuth 2.0 token endpoint
+*OAuth2Api* | [**rejectOAuth2ConsentRequest**](docs/Api/OAuth2Api.md#rejectoauth2consentrequest) | **PATCH** /oauth2/consent/requests/{id}/reject | Reject a consent request
+*OAuth2Api* | [**revokeOAuth2Token**](docs/Api/OAuth2Api.md#revokeoauth2token) | **POST** /oauth2/revoke | Revoke OAuth2 tokens
+*OAuth2Api* | [**updateOAuth2Client**](docs/Api/OAuth2Api.md#updateoauth2client) | **PUT** /clients/{id} | Update an OAuth 2.0 Client
+*OAuth2Api* | [**userinfo**](docs/Api/OAuth2Api.md#userinfo) | **POST** /userinfo | OpenID Connect Userinfo
+*OAuth2Api* | [**wellKnown**](docs/Api/OAuth2Api.md#wellknown) | **GET** /.well-known/jwks.json | Get list of well known JSON Web Keys
+*PolicyApi* | [**createPolicy**](docs/Api/PolicyApi.md#createpolicy) | **POST** /policies | Create an Access Control Policy
+*PolicyApi* | [**deletePolicy**](docs/Api/PolicyApi.md#deletepolicy) | **DELETE** /policies/{id} | Delete an Access Control Policy
+*PolicyApi* | [**getPolicy**](docs/Api/PolicyApi.md#getpolicy) | **GET** /policies/{id} | Get an Access Control Policy
+*PolicyApi* | [**listPolicies**](docs/Api/PolicyApi.md#listpolicies) | **GET** /policies | List Access Control Policies
+*PolicyApi* | [**updatePolicy**](docs/Api/PolicyApi.md#updatepolicy) | **PUT** /policies/{id} | Update an Access Control Polic
+*WardenApi* | [**addMembersToGroup**](docs/Api/WardenApi.md#addmemberstogroup) | **POST** /warden/groups/{id}/members | Add members to a group
+*WardenApi* | [**createGroup**](docs/Api/WardenApi.md#creategroup) | **POST** /warden/groups | Create a group
+*WardenApi* | [**deleteGroup**](docs/Api/WardenApi.md#deletegroup) | **DELETE** /warden/groups/{id} | Delete a group by id
+*WardenApi* | [**doesWardenAllowAccessRequest**](docs/Api/WardenApi.md#doeswardenallowaccessrequest) | **POST** /warden/allowed | Check if an access request is valid (without providing an access token)
+*WardenApi* | [**doesWardenAllowTokenAccessRequest**](docs/Api/WardenApi.md#doeswardenallowtokenaccessrequest) | **POST** /warden/token/allowed | Check if an access request is valid (providing an access token)
+*WardenApi* | [**getGroup**](docs/Api/WardenApi.md#getgroup) | **GET** /warden/groups/{id} | Get a group by id
+*WardenApi* | [**listGroups**](docs/Api/WardenApi.md#listgroups) | **GET** /warden/groups | List groups
+*WardenApi* | [**removeMembersFromGroup**](docs/Api/WardenApi.md#removemembersfromgroup) | **DELETE** /warden/groups/{id}/members | Remove members from a group
+
+
+## Documentation For Models
+
+ - [ConsentRequest](docs/Model/ConsentRequest.md)
+ - [ConsentRequestAcceptance](docs/Model/ConsentRequestAcceptance.md)
+ - [ConsentRequestManager](docs/Model/ConsentRequestManager.md)
+ - [ConsentRequestRejection](docs/Model/ConsentRequestRejection.md)
+ - [Context](docs/Model/Context.md)
+ - [Firewall](docs/Model/Firewall.md)
+ - [Group](docs/Model/Group.md)
+ - [GroupMembers](docs/Model/GroupMembers.md)
+ - [Handler](docs/Model/Handler.md)
+ - [InlineResponse200](docs/Model/InlineResponse200.md)
+ - [InlineResponse2001](docs/Model/InlineResponse2001.md)
+ - [InlineResponse401](docs/Model/InlineResponse401.md)
+ - [JoseWebKeySetRequest](docs/Model/JoseWebKeySetRequest.md)
+ - [JsonWebKey](docs/Model/JsonWebKey.md)
+ - [JsonWebKeySet](docs/Model/JsonWebKeySet.md)
+ - [JsonWebKeySetGeneratorRequest](docs/Model/JsonWebKeySetGeneratorRequest.md)
+ - [KeyGenerator](docs/Model/KeyGenerator.md)
+ - [Manager](docs/Model/Manager.md)
+ - [OAuth2Client](docs/Model/OAuth2Client.md)
+ - [OAuth2ConsentRequest](docs/Model/OAuth2ConsentRequest.md)
+ - [OAuth2TokenIntrospection](docs/Model/OAuth2TokenIntrospection.md)
+ - [Policy](docs/Model/Policy.md)
+ - [PolicyConditions](docs/Model/PolicyConditions.md)
+ - [RawMessage](docs/Model/RawMessage.md)
+ - [SwaggerAcceptConsentRequest](docs/Model/SwaggerAcceptConsentRequest.md)
+ - [SwaggerCreatePolicyParameters](docs/Model/SwaggerCreatePolicyParameters.md)
+ - [SwaggerDoesWardenAllowAccessRequestParameters](docs/Model/SwaggerDoesWardenAllowAccessRequestParameters.md)
+ - [SwaggerDoesWardenAllowTokenAccessRequestParameters](docs/Model/SwaggerDoesWardenAllowTokenAccessRequestParameters.md)
+ - [SwaggerGetPolicyParameters](docs/Model/SwaggerGetPolicyParameters.md)
+ - [SwaggerJsonWebKeyQuery](docs/Model/SwaggerJsonWebKeyQuery.md)
+ - [SwaggerJwkCreateSet](docs/Model/SwaggerJwkCreateSet.md)
+ - [SwaggerJwkSetQuery](docs/Model/SwaggerJwkSetQuery.md)
+ - [SwaggerJwkUpdateSet](docs/Model/SwaggerJwkUpdateSet.md)
+ - [SwaggerJwkUpdateSetKey](docs/Model/SwaggerJwkUpdateSetKey.md)
+ - [SwaggerListPolicyParameters](docs/Model/SwaggerListPolicyParameters.md)
+ - [SwaggerListPolicyResponse](docs/Model/SwaggerListPolicyResponse.md)
+ - [SwaggerOAuthConsentRequest](docs/Model/SwaggerOAuthConsentRequest.md)
+ - [SwaggerOAuthConsentRequestPayload](docs/Model/SwaggerOAuthConsentRequestPayload.md)
+ - [SwaggerOAuthIntrospectionRequest](docs/Model/SwaggerOAuthIntrospectionRequest.md)
+ - [SwaggerOAuthIntrospectionResponse](docs/Model/SwaggerOAuthIntrospectionResponse.md)
+ - [SwaggerOAuthTokenResponse](docs/Model/SwaggerOAuthTokenResponse.md)
+ - [SwaggerOAuthTokenResponseBody](docs/Model/SwaggerOAuthTokenResponseBody.md)
+ - [SwaggerRejectConsentRequest](docs/Model/SwaggerRejectConsentRequest.md)
+ - [SwaggerRevokeOAuth2TokenParameters](docs/Model/SwaggerRevokeOAuth2TokenParameters.md)
+ - [SwaggerUpdatePolicyParameters](docs/Model/SwaggerUpdatePolicyParameters.md)
+ - [SwaggerWardenAccessRequestResponseParameters](docs/Model/SwaggerWardenAccessRequestResponseParameters.md)
+ - [SwaggerWardenTokenAccessRequestResponse](docs/Model/SwaggerWardenTokenAccessRequestResponse.md)
+ - [SwaggeruserinfoResponse](docs/Model/SwaggeruserinfoResponse.md)
+ - [SwaggeruserinfoResponsePayload](docs/Model/SwaggeruserinfoResponsePayload.md)
+ - [TokenAllowedRequest](docs/Model/TokenAllowedRequest.md)
+ - [WardenAccessRequest](docs/Model/WardenAccessRequest.md)
+ - [WardenAccessRequestResponse](docs/Model/WardenAccessRequestResponse.md)
+ - [WardenTokenAccessRequest](docs/Model/WardenTokenAccessRequest.md)
+ - [WardenTokenAccessRequestResponse](docs/Model/WardenTokenAccessRequestResponse.md)
+ - [WellKnown](docs/Model/WellKnown.md)
+ - [Writer](docs/Model/Writer.md)
+
+
+## Documentation For Authorization
+
+
+## basic
+
+- **Type**: HTTP basic authentication
+
+## oauth2
+
+- **Type**: OAuth
+- **Flow**: accessCode
+- **Authorization URL**: https://your-hydra-instance.com/oauth2/auth
+- **Scopes**: 
+ - **hydra.clients**: A scope required to manage OAuth 2.0 Clients
+ - **hydra.consent**: A scope required to fetch and modify consent requests
+ - **hydra.health**: A scope required to get health information
+ - **hydra.keys.create**: A scope required to create JSON Web Keys
+ - **hydra.keys.delete**: A scope required to delete JSON Web Keys
+ - **hydra.keys.get**: A scope required to fetch JSON Web Keys
+ - **hydra.keys.update**: A scope required to get JSON Web Keys
+ - **hydra.policies**: A scope required to manage access control policies
+ - **hydra.warden**: A scope required to make access control inquiries
+ - **hydra.warden.groups**: A scope required to manage warden groups
+ - **offline**: A scope required when requesting refresh tokens
+ - **openid**: Request an OpenID Connect ID Token
+
+
+## Author
+
+hi@ory.am
+
+