feat: use new fosite and add tests for refresh webhook

go.mod

@@ -17,7 +17,6 @@ require (
 	github.com/ThalesIgnite/crypto11 v1.2.4
 	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect
 	github.com/cenkalti/backoff/v3 v3.0.0
-	github.com/evanphx/json-patch v4.11.0+incompatible
 	github.com/go-bindata/go-bindata v3.1.2+incompatible
 	github.com/go-openapi/errors v0.20.1
 	github.com/go-openapi/runtime v0.20.0
@@ -48,7 +47,7 @@ require (
 	github.com/oleiade/reflections v1.0.1
 	github.com/olekukonko/tablewriter v0.0.1
 	github.com/ory/analytics-go/v4 v4.0.3
-	github.com/ory/fosite v0.42.3-0.20220728130632-c3e0133cfed9
+	github.com/ory/fosite v0.42.3-0.20220729111320-05d71b23559c
 	github.com/ory/go-acc v0.2.8
 	github.com/ory/graceful v0.1.1
 	github.com/ory/herodot v0.9.13

go.sum

@@ -1368,8 +1368,8 @@ github.com/ory/dockertest/v3 v3.6.3/go.mod h1:EFLcVUOl8qCwp9NyDAcCDtq/QviLtYswW/
 github.com/ory/dockertest/v3 v3.8.1 h1:vU/8d1We4qIad2YM0kOwRVtnyue7ExvacPiw1yDm17g=
 github.com/ory/dockertest/v3 v3.8.1/go.mod h1:wSRQ3wmkz+uSARYMk7kVJFDBGm8x5gSxIhI7NDc+BAQ=
 github.com/ory/fosite v0.29.0/go.mod h1:0atSZmXO7CAcs6NPMI/Qtot8tmZYj04Nddoold4S2h0=
-github.com/ory/fosite v0.42.3-0.20220728130632-c3e0133cfed9 h1:zynOHfotugrZchcWxs8R7fV2a/19X76Z56zB7Ll5SMw=
-github.com/ory/fosite v0.42.3-0.20220728130632-c3e0133cfed9/go.mod h1:CR0cBDLr2rNDTNWmu5x9TeB7qt8KA668N/yZbej3FtE=
+github.com/ory/fosite v0.42.3-0.20220729111320-05d71b23559c h1:PdO8dsl7FiQG+D+8wNQgr8uM3zGlKLMCvBh10LrlKKU=
+github.com/ory/fosite v0.42.3-0.20220729111320-05d71b23559c/go.mod h1:CR0cBDLr2rNDTNWmu5x9TeB7qt8KA668N/yZbej3FtE=
 github.com/ory/go-acc v0.0.0-20181118080137-ddc355013f90/go.mod h1:sxnvPCxChFuSmTJGj8FdMupeq1BezCiEpDjTUXQ4hf4=
 github.com/ory/go-acc v0.2.6/go.mod h1:4Kb/UnPcT8qRAk3IAxta+hvVapdxTLWtrr7bFLlEgpw=
 github.com/ory/go-acc v0.2.8 h1:rOHHAPQjf0u7eHFGWpiXK+gIu/e0GRSJNr9pDukdNC4=

internal/httpclient-next/README.md

@@ -144,11 +144,14 @@ All URIs are relative to _http://localhost_
 - [CompletedRequest](docs/CompletedRequest.md)
 - [ConsentRequest](docs/ConsentRequest.md)
 - [ConsentRequestSession](docs/ConsentRequestSession.md)
+- [DefaultSession](docs/DefaultSession.md)
 - [FlushInactiveOAuth2TokensRequest](docs/FlushInactiveOAuth2TokensRequest.md)
 - [FlushLoginConsentRequest](docs/FlushLoginConsentRequest.md)
 - [GenericError](docs/GenericError.md)
+- [Headers](docs/Headers.md)
 - [HealthNotReadyStatus](docs/HealthNotReadyStatus.md)
 - [HealthStatus](docs/HealthStatus.md)
+- [IDTokenClaims](docs/IDTokenClaims.md)
 - [InlineResponse200](docs/InlineResponse200.md)
 - [InlineResponse2001](docs/InlineResponse2001.md)
 - [InlineResponse503](docs/InlineResponse503.md)
@@ -169,6 +172,8 @@ All URIs are relative to _http://localhost_
 - [RefreshTokenHookResponse](docs/RefreshTokenHookResponse.md)
 - [RejectRequest](docs/RejectRequest.md)
 - [RequestWasHandledResponse](docs/RequestWasHandledResponse.md)
+- [Requester](docs/Requester.md)
+- [Session](docs/Session.md)
 - [TrustJwtGrantIssuerBody](docs/TrustJwtGrantIssuerBody.md)
 - [TrustedJsonWebKey](docs/TrustedJsonWebKey.md)
 - [TrustedJwtGrantIssuer](docs/TrustedJwtGrantIssuer.md)

internal/httpclient-next/api/openapi.yaml

@@ -2079,66 +2079,67 @@ components:
     DefaultSession:
       description: IDTokenSession is a session container for the id token
       properties:
-        Claims:
-          $ref: '#/components/schemas/IDTokenClaims'
-        ExpiresAt:
+        expires_at:
           additionalProperties:
             format: date-time
             type: string
           type: object
-        Headers:
-          $ref: '#/components/schemas/Headers'
-        Subject:
+        headers:
+          $ref: "#/components/schemas/Headers"
+        id_token_claims:
+          $ref: "#/components/schemas/IDTokenClaims"
+        subject:
           type: string
-        Username:
+        username:
           type: string
       type: object
     Headers:
       description: Headers is the jwt headers
       properties:
-        Extra:
+        extra:
           additionalProperties: true
           type: object
       type: object
     IDTokenClaims:
-      description: IDTokenClaims represent the claims used in open id connect requests
+      description:
+        IDTokenClaims represent the claims used in open id connect requests
       properties:
-        AccessTokenHash:
+        acr:
           type: string
-        Audience:
+        amr:
           items:
             type: string
           type: array
-        AuthTime:
-          format: date-time
+        at_hash:
           type: string
-        AuthenticationContextClassReference:
-          type: string
-        AuthenticationMethodsReferences:
+        aud:
           items:
             type: string
           type: array
-        CodeHash:
+        auth_time:
+          format: date-time
+          type: string
+        c_hash:
           type: string
-        ExpiresAt:
+        exp:
           format: date-time
           type: string
-        Extra:
+        ext:
           additionalProperties: true
           type: object
-        IssuedAt:
+        iat:
           format: date-time
           type: string
-        Issuer:
+        iss:
           type: string
-        JTI:
+        jti:
           type: string
-        Nonce:
+        nonce:
           type: string
-        RequestedAt:
+        rat:
           format: date-time
           type: string
-        Subject:
+        sub:
           type: string
       type: object
     JSONRawMessage:
@@ -2479,19 +2480,6 @@ components:
       type: object
     Session:
       properties:
-        Claims:
-          $ref: '#/components/schemas/IDTokenClaims'
-        ExpiresAt:
-          additionalProperties:
-            format: date-time
-            type: string
-          type: object
-        Headers:
-          $ref: '#/components/schemas/Headers'
-        Subject:
-          type: string
-        Username:
-          type: string
         allowed_top_level_claims:
           items:
             type: string
@@ -2502,11 +2490,24 @@ components:
           type: string
         exclude_not_before_claim:
           type: boolean
+        expires_at:
+          additionalProperties:
+            format: date-time
+            type: string
+          type: object
         extra:
           additionalProperties: true
           type: object
+        headers:
+          $ref: "#/components/schemas/Headers"
+        id_token_claims:
+          $ref: "#/components/schemas/IDTokenClaims"
         kid:
           type: string
+        subject:
+          type: string
+        username:
+          type: string
       type: object
     StringSlicePipeDelimiter:
       items:
@@ -3916,9 +3917,9 @@ components:
             type: string
           type: array
         requester:
-          $ref: '#/components/schemas/requester'
+          $ref: "#/components/schemas/requester"
         session:
-          $ref: '#/components/schemas/Session'
+          $ref: "#/components/schemas/Session"
         subject:
           description: Subject is the identifier of the authenticated end-user.
           type: string
@@ -3986,14 +3987,15 @@ components:
             type: string
           type: array
         granted_audience:
-          description: GrantedAudience is the list of audiences granted to the OAuth
-            2.0 client.
+          description:
+            GrantedAudience is the list of audiences granted to the OAuth 2.0
+            client.
           items:
             type: string
           type: array
         granted_scopes:
-          description: GrantedScopes is the list of scopes granted to the OAuth 2.0
-            client.
+          description:
+            GrantedScopes is the list of scopes granted to the OAuth 2.0 client.
           items:
             type: string
           type: array

internal/httpclient-next/docs/DefaultSession.md

@@ -2,58 +2,33 @@
 
 ## Properties
 
-Name | Type | Description | Notes
------------- | ------------- | ------------- | -------------
-**Claims** | Pointer to [**IDTokenClaims**](IDTokenClaims.md) |  | [optional] 
-**ExpiresAt** | Pointer to [**map[string]time.Time**](time.Time.md) |  | [optional] 
-**Headers** | Pointer to [**Headers**](Headers.md) |  | [optional] 
-**Subject** | Pointer to **string** |  | [optional] 
-**Username** | Pointer to **string** |  | [optional] 
+| Name              | Type                                                | Description | Notes      |
+| ----------------- | --------------------------------------------------- | ----------- | ---------- |
+| **ExpiresAt**     | Pointer to [**map[string]time.Time**](time.Time.md) |             | [optional] |
+| **Headers**       | Pointer to [**Headers**](Headers.md)                |             | [optional] |
+| **IdTokenClaims** | Pointer to [**IDTokenClaims**](IDTokenClaims.md)    |             | [optional] |
+| **Subject**       | Pointer to **string**                               |             | [optional] |
+| **Username**      | Pointer to **string**                               |             | [optional] |
 
 ## Methods
 
 ### NewDefaultSession
 
 `func NewDefaultSession() *DefaultSession`
 
-NewDefaultSession instantiates a new DefaultSession object
-This constructor will assign default values to properties that have it defined,
-and makes sure properties required by API are set, but the set of arguments
-will change when the set of required properties is changed
+NewDefaultSession instantiates a new DefaultSession object This constructor will
+assign default values to properties that have it defined, and makes sure
+properties required by API are set, but the set of arguments will change when
+the set of required properties is changed
 
 ### NewDefaultSessionWithDefaults
 
 `func NewDefaultSessionWithDefaults() *DefaultSession`
 
-NewDefaultSessionWithDefaults instantiates a new DefaultSession object
-This constructor will only assign default values to properties that have it defined,
+NewDefaultSessionWithDefaults instantiates a new DefaultSession object This
+constructor will only assign default values to properties that have it defined,
 but it doesn't guarantee that properties required by API are set
 
-### GetClaims
-
-`func (o *DefaultSession) GetClaims() IDTokenClaims`
-
-GetClaims returns the Claims field if non-nil, zero value otherwise.
-
-### GetClaimsOk
-
-`func (o *DefaultSession) GetClaimsOk() (*IDTokenClaims, bool)`
-
-GetClaimsOk returns a tuple with the Claims field if it's non-nil, zero value otherwise
-and a boolean to check if the value has been set.
-
-### SetClaims
-
-`func (o *DefaultSession) SetClaims(v IDTokenClaims)`
-
-SetClaims sets Claims field to given value.
-
-### HasClaims
-
-`func (o *DefaultSession) HasClaims() bool`
-
-HasClaims returns a boolean if a field has been set.
-
 ### GetExpiresAt
 
 `func (o *DefaultSession) GetExpiresAt() map[string]time.Time`
@@ -64,8 +39,8 @@ GetExpiresAt returns the ExpiresAt field if non-nil, zero value otherwise.
 
 `func (o *DefaultSession) GetExpiresAtOk() (*map[string]time.Time, bool)`
 
-GetExpiresAtOk returns a tuple with the ExpiresAt field if it's non-nil, zero value otherwise
-and a boolean to check if the value has been set.
+GetExpiresAtOk returns a tuple with the ExpiresAt field if it's non-nil, zero
+value otherwise and a boolean to check if the value has been set.
 
 ### SetExpiresAt
 
@@ -89,8 +64,8 @@ GetHeaders returns the Headers field if non-nil, zero value otherwise.
 
 `func (o *DefaultSession) GetHeadersOk() (*Headers, bool)`
 
-GetHeadersOk returns a tuple with the Headers field if it's non-nil, zero value otherwise
-and a boolean to check if the value has been set.
+GetHeadersOk returns a tuple with the Headers field if it's non-nil, zero value
+otherwise and a boolean to check if the value has been set.
 
 ### SetHeaders
 
@@ -104,6 +79,32 @@ SetHeaders sets Headers field to given value.
 
 HasHeaders returns a boolean if a field has been set.
 
+### GetIdTokenClaims
+
+`func (o *DefaultSession) GetIdTokenClaims() IDTokenClaims`
+
+GetIdTokenClaims returns the IdTokenClaims field if non-nil, zero value
+otherwise.
+
+### GetIdTokenClaimsOk
+
+`func (o *DefaultSession) GetIdTokenClaimsOk() (*IDTokenClaims, bool)`
+
+GetIdTokenClaimsOk returns a tuple with the IdTokenClaims field if it's non-nil,
+zero value otherwise and a boolean to check if the value has been set.
+
+### SetIdTokenClaims
+
+`func (o *DefaultSession) SetIdTokenClaims(v IDTokenClaims)`
+
+SetIdTokenClaims sets IdTokenClaims field to given value.
+
+### HasIdTokenClaims
+
+`func (o *DefaultSession) HasIdTokenClaims() bool`
+
+HasIdTokenClaims returns a boolean if a field has been set.
+
 ### GetSubject
 
 `func (o *DefaultSession) GetSubject() string`
@@ -114,8 +115,8 @@ GetSubject returns the Subject field if non-nil, zero value otherwise.
 
 `func (o *DefaultSession) GetSubjectOk() (*string, bool)`
 
-GetSubjectOk returns a tuple with the Subject field if it's non-nil, zero value otherwise
-and a boolean to check if the value has been set.
+GetSubjectOk returns a tuple with the Subject field if it's non-nil, zero value
+otherwise and a boolean to check if the value has been set.
 
 ### SetSubject
 
@@ -139,8 +140,8 @@ GetUsername returns the Username field if non-nil, zero value otherwise.
 
 `func (o *DefaultSession) GetUsernameOk() (*string, bool)`
 
-GetUsernameOk returns a tuple with the Username field if it's non-nil, zero value otherwise
-and a boolean to check if the value has been set.
+GetUsernameOk returns a tuple with the Username field if it's non-nil, zero
+value otherwise and a boolean to check if the value has been set.
 
 ### SetUsername
 
@@ -154,7 +155,6 @@ SetUsername sets Username field to given value.
 
 HasUsername returns a boolean if a field has been set.
 
-
-[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
-
-
+[[Back to Model list]](../README.md#documentation-for-models)
+[[Back to API list]](../README.md#documentation-for-api-endpoints)
+[[Back to README]](../README.md)