From 6d23859009dafc8b8f51d0feec04b850c137e19a Mon Sep 17 00:00:00 2001 From: Serhii Halchenko Date: Mon, 1 Aug 2022 13:27:25 +0200 Subject: [PATCH] feat: add session and requester to refresh token webhook data (#3204) Closes #3203 --- go.mod | 3 +- go.sum | 4 +- .../httpclient-next/.openapi-generator/FILES | 10 + internal/httpclient-next/README.md | 5 + internal/httpclient-next/api/openapi.yaml | 126 ++++ .../httpclient-next/docs/DefaultSession.md | 160 +++++ internal/httpclient-next/docs/Headers.md | 55 ++ .../httpclient-next/docs/IDTokenClaims.md | 393 ++++++++++++ .../docs/OAuth2AccessRequest.md | 135 ++++ .../docs/RefreshTokenHookRequest.md | 64 +- internal/httpclient-next/docs/Session.md | 321 ++++++++++ .../httpclient-next/model_default_session.go | 259 ++++++++ internal/httpclient-next/model_headers.go | 114 ++++ .../httpclient-next/model_id_token_claims.go | 583 ++++++++++++++++++ .../model_o_auth2_access_request.go | 226 +++++++ .../model_refresh_token_hook_request.go | 74 ++- internal/httpclient-next/model_session.go | 475 ++++++++++++++ internal/httpclient/models/default_session.go | 172 ++++++ internal/httpclient/models/headers.go | 50 ++ internal/httpclient/models/id_token_claims.go | 164 +++++ .../models/o_auth2_access_request.go | 59 ++ .../models/refresh_token_hook_request.go | 97 ++- internal/httpclient/models/session.go | 190 ++++++ ...call_refresh_token_hook_if_configured.json | 53 ++ ...call_refresh_token_hook_if_configured.json | 53 ++ ...call_refresh_token_hook_if_configured.json | 53 ++ ...call_refresh_token_hook_if_configured.json | 53 ++ ...call_refresh_token_hook_if_configured.json | 53 ++ ...call_refresh_token_hook_if_configured.json | 53 ++ oauth2/hook.go | 27 + oauth2/oauth2_auth_code_test.go | 26 +- oauth2/session.go | 12 +- spec/api.json | 177 ++++++ spec/swagger.json | 177 ++++++ 34 files changed, 4456 insertions(+), 20 deletions(-) create mode 100644 internal/httpclient-next/docs/DefaultSession.md create mode 100644 internal/httpclient-next/docs/Headers.md create mode 100644 internal/httpclient-next/docs/IDTokenClaims.md create mode 100644 internal/httpclient-next/docs/OAuth2AccessRequest.md create mode 100644 internal/httpclient-next/docs/Session.md create mode 100644 internal/httpclient-next/model_default_session.go create mode 100644 internal/httpclient-next/model_headers.go create mode 100644 internal/httpclient-next/model_id_token_claims.go create mode 100644 internal/httpclient-next/model_o_auth2_access_request.go create mode 100644 internal/httpclient-next/model_session.go create mode 100644 internal/httpclient/models/default_session.go create mode 100644 internal/httpclient/models/headers.go create mode 100644 internal/httpclient/models/id_token_claims.go create mode 100644 internal/httpclient/models/o_auth2_access_request.go create mode 100644 internal/httpclient/models/session.go create mode 100644 oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=jwt-case=0-description=should_pass_request_if_strategy_passes-should_call_refresh_token_hook_if_configured.json create mode 100644 oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=jwt-case=2-description=should_pass_because_prompt=none_and_max_age_<_auth_time-should_call_refresh_token_hook_if_configured.json create mode 100644 oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=jwt-case=5-description=should_pass_with_prompt=login_when_authentication_time_is_recent-should_call_refresh_token_hook_if_configured.json create mode 100644 oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=opaque-case=0-description=should_pass_request_if_strategy_passes-should_call_refresh_token_hook_if_configured.json create mode 100644 oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=opaque-case=2-description=should_pass_because_prompt=none_and_max_age_<_auth_time-should_call_refresh_token_hook_if_configured.json create mode 100644 oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=opaque-case=5-description=should_pass_with_prompt=login_when_authentication_time_is_recent-should_call_refresh_token_hook_if_configured.json diff --git a/go.mod b/go.mod index 38b50fbe129..86302bc483f 100644 --- a/go.mod +++ b/go.mod @@ -17,7 +17,6 @@ require ( github.com/ThalesIgnite/crypto11 v1.2.4 github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d // indirect github.com/cenkalti/backoff/v3 v3.0.0 - github.com/evanphx/json-patch v4.11.0+incompatible github.com/go-bindata/go-bindata v3.1.2+incompatible github.com/go-openapi/errors v0.20.1 github.com/go-openapi/runtime v0.20.0 @@ -48,7 +47,7 @@ require ( github.com/oleiade/reflections v1.0.1 github.com/olekukonko/tablewriter v0.0.1 github.com/ory/analytics-go/v4 v4.0.3 - github.com/ory/fosite v0.42.3-0.20220728130632-c3e0133cfed9 + github.com/ory/fosite v0.42.3-0.20220729111320-05d71b23559c github.com/ory/go-acc v0.2.8 github.com/ory/graceful v0.1.1 github.com/ory/herodot v0.9.13 diff --git a/go.sum b/go.sum index f56dbb7d628..f135b6b5c5a 100644 --- a/go.sum +++ b/go.sum @@ -1368,8 +1368,8 @@ github.com/ory/dockertest/v3 v3.6.3/go.mod h1:EFLcVUOl8qCwp9NyDAcCDtq/QviLtYswW/ github.com/ory/dockertest/v3 v3.8.1 h1:vU/8d1We4qIad2YM0kOwRVtnyue7ExvacPiw1yDm17g= github.com/ory/dockertest/v3 v3.8.1/go.mod h1:wSRQ3wmkz+uSARYMk7kVJFDBGm8x5gSxIhI7NDc+BAQ= github.com/ory/fosite v0.29.0/go.mod h1:0atSZmXO7CAcs6NPMI/Qtot8tmZYj04Nddoold4S2h0= -github.com/ory/fosite v0.42.3-0.20220728130632-c3e0133cfed9 h1:zynOHfotugrZchcWxs8R7fV2a/19X76Z56zB7Ll5SMw= -github.com/ory/fosite v0.42.3-0.20220728130632-c3e0133cfed9/go.mod h1:CR0cBDLr2rNDTNWmu5x9TeB7qt8KA668N/yZbej3FtE= +github.com/ory/fosite v0.42.3-0.20220729111320-05d71b23559c h1:PdO8dsl7FiQG+D+8wNQgr8uM3zGlKLMCvBh10LrlKKU= +github.com/ory/fosite v0.42.3-0.20220729111320-05d71b23559c/go.mod h1:CR0cBDLr2rNDTNWmu5x9TeB7qt8KA668N/yZbej3FtE= github.com/ory/go-acc v0.0.0-20181118080137-ddc355013f90/go.mod h1:sxnvPCxChFuSmTJGj8FdMupeq1BezCiEpDjTUXQ4hf4= github.com/ory/go-acc v0.2.6/go.mod h1:4Kb/UnPcT8qRAk3IAxta+hvVapdxTLWtrr7bFLlEgpw= github.com/ory/go-acc v0.2.8 h1:rOHHAPQjf0u7eHFGWpiXK+gIu/e0GRSJNr9pDukdNC4= diff --git a/internal/httpclient-next/.openapi-generator/FILES b/internal/httpclient-next/.openapi-generator/FILES index c4804d348ed..7d7fadc36b7 100644 --- a/internal/httpclient-next/.openapi-generator/FILES +++ b/internal/httpclient-next/.openapi-generator/FILES @@ -14,11 +14,14 @@ docs/AdminApi.md docs/CompletedRequest.md docs/ConsentRequest.md docs/ConsentRequestSession.md +docs/DefaultSession.md docs/FlushInactiveOAuth2TokensRequest.md docs/FlushLoginConsentRequest.md docs/GenericError.md +docs/Headers.md docs/HealthNotReadyStatus.md docs/HealthStatus.md +docs/IDTokenClaims.md docs/InlineResponse200.md docs/InlineResponse2001.md docs/InlineResponse503.md @@ -29,6 +32,7 @@ docs/JsonWebKeySetGeneratorRequest.md docs/LoginRequest.md docs/LogoutRequest.md docs/MetadataApi.md +docs/OAuth2AccessRequest.md docs/OAuth2Client.md docs/OAuth2TokenIntrospection.md docs/Oauth2TokenResponse.md @@ -41,6 +45,7 @@ docs/RefreshTokenHookRequest.md docs/RefreshTokenHookResponse.md docs/RejectRequest.md docs/RequestWasHandledResponse.md +docs/Session.md docs/TrustJwtGrantIssuerBody.md docs/TrustedJsonWebKey.md docs/TrustedJwtGrantIssuer.md @@ -56,11 +61,14 @@ model_accept_login_request.go model_completed_request.go model_consent_request.go model_consent_request_session.go +model_default_session.go model_flush_inactive_o_auth2_tokens_request.go model_flush_login_consent_request.go model_generic_error.go +model_headers.go model_health_not_ready_status.go model_health_status.go +model_id_token_claims.go model_inline_response_200.go model_inline_response_200_1.go model_inline_response_503.go @@ -70,6 +78,7 @@ model_json_web_key_set.go model_json_web_key_set_generator_request.go model_login_request.go model_logout_request.go +model_o_auth2_access_request.go model_o_auth2_client.go model_o_auth2_token_introspection.go model_oauth2_token_response.go @@ -81,6 +90,7 @@ model_refresh_token_hook_request.go model_refresh_token_hook_response.go model_reject_request.go model_request_was_handled_response.go +model_session.go model_trust_jwt_grant_issuer_body.go model_trusted_json_web_key.go model_trusted_jwt_grant_issuer.go diff --git a/internal/httpclient-next/README.md b/internal/httpclient-next/README.md index 1dbcbc7c4a6..23489d93359 100644 --- a/internal/httpclient-next/README.md +++ b/internal/httpclient-next/README.md @@ -144,11 +144,14 @@ All URIs are relative to _http://localhost_ - [CompletedRequest](docs/CompletedRequest.md) - [ConsentRequest](docs/ConsentRequest.md) - [ConsentRequestSession](docs/ConsentRequestSession.md) +- [DefaultSession](docs/DefaultSession.md) - [FlushInactiveOAuth2TokensRequest](docs/FlushInactiveOAuth2TokensRequest.md) - [FlushLoginConsentRequest](docs/FlushLoginConsentRequest.md) - [GenericError](docs/GenericError.md) +- [Headers](docs/Headers.md) - [HealthNotReadyStatus](docs/HealthNotReadyStatus.md) - [HealthStatus](docs/HealthStatus.md) +- [IDTokenClaims](docs/IDTokenClaims.md) - [InlineResponse200](docs/InlineResponse200.md) - [InlineResponse2001](docs/InlineResponse2001.md) - [InlineResponse503](docs/InlineResponse503.md) @@ -158,6 +161,7 @@ All URIs are relative to _http://localhost_ - [JsonWebKeySetGeneratorRequest](docs/JsonWebKeySetGeneratorRequest.md) - [LoginRequest](docs/LoginRequest.md) - [LogoutRequest](docs/LogoutRequest.md) +- [OAuth2AccessRequest](docs/OAuth2AccessRequest.md) - [OAuth2Client](docs/OAuth2Client.md) - [OAuth2TokenIntrospection](docs/OAuth2TokenIntrospection.md) - [Oauth2TokenResponse](docs/Oauth2TokenResponse.md) @@ -169,6 +173,7 @@ All URIs are relative to _http://localhost_ - [RefreshTokenHookResponse](docs/RefreshTokenHookResponse.md) - [RejectRequest](docs/RejectRequest.md) - [RequestWasHandledResponse](docs/RequestWasHandledResponse.md) +- [Session](docs/Session.md) - [TrustJwtGrantIssuerBody](docs/TrustJwtGrantIssuerBody.md) - [TrustedJsonWebKey](docs/TrustedJsonWebKey.md) - [TrustedJwtGrantIssuer](docs/TrustedJwtGrantIssuer.md) diff --git a/internal/httpclient-next/api/openapi.yaml b/internal/httpclient-next/api/openapi.yaml index 8aa1cd893a6..0047aa5a095 100644 --- a/internal/httpclient-next/api/openapi.yaml +++ b/internal/httpclient-next/api/openapi.yaml @@ -2076,6 +2076,72 @@ components: type: array description: A list of clients. schemas: + DefaultSession: + description: IDTokenSession is a session container for the id token + properties: + expires_at: + additionalProperties: + format: date-time + type: string + type: object + headers: + $ref: "#/components/schemas/Headers" + id_token_claims: + $ref: "#/components/schemas/IDTokenClaims" + subject: + type: string + username: + type: string + type: object + Headers: + description: Headers is the jwt headers + properties: + extra: + additionalProperties: true + type: object + type: object + IDTokenClaims: + description: + IDTokenClaims represent the claims used in open id connect requests + properties: + acr: + type: string + amr: + items: + type: string + type: array + at_hash: + type: string + aud: + items: + type: string + type: array + auth_time: + format: date-time + type: string + c_hash: + type: string + exp: + format: date-time + type: string + ext: + additionalProperties: true + type: object + iat: + format: date-time + type: string + iss: + type: string + jti: + type: string + nonce: + type: string + rat: + format: date-time + type: string + sub: + type: string + type: object JSONRawMessage: title: JSONRawMessage represents a json.RawMessage that works well with JSON, @@ -2412,6 +2478,37 @@ components: session: $ref: "#/components/schemas/consentRequestSession" type: object + Session: + properties: + allowed_top_level_claims: + items: + type: string + type: array + client_id: + type: string + consent_challenge: + type: string + exclude_not_before_claim: + type: boolean + expires_at: + additionalProperties: + format: date-time + type: string + type: object + extra: + additionalProperties: true + type: object + headers: + $ref: "#/components/schemas/Headers" + id_token_claims: + $ref: "#/components/schemas/IDTokenClaims" + kid: + type: string + subject: + type: string + username: + type: string + type: object StringSlicePipeDelimiter: items: type: string @@ -3204,6 +3301,31 @@ components: format: date-time title: NullTime implements sql.NullTime functionality. type: string + oAuth2AccessRequest: + properties: + client_id: + description: ClientID is the identifier of the OAuth 2.0 client. + type: string + grant_types: + description: GrantTypes is the requests grant types. + items: + type: string + type: array + granted_audience: + description: + GrantedAudience is the list of audiences granted to the OAuth 2.0 + client. + items: + type: string + type: array + granted_scopes: + description: + GrantedScopes is the list of scopes granted to the OAuth 2.0 client. + items: + type: string + type: array + title: Requester is a token endpoint's request context. + type: object oAuth2Client: example: metadata: "{}" @@ -3819,6 +3941,10 @@ components: items: type: string type: array + requester: + $ref: "#/components/schemas/oAuth2AccessRequest" + session: + $ref: "#/components/schemas/Session" subject: description: Subject is the identifier of the authenticated end-user. type: string diff --git a/internal/httpclient-next/docs/DefaultSession.md b/internal/httpclient-next/docs/DefaultSession.md new file mode 100644 index 00000000000..025f6d44062 --- /dev/null +++ b/internal/httpclient-next/docs/DefaultSession.md @@ -0,0 +1,160 @@ +# DefaultSession + +## Properties + +| Name | Type | Description | Notes | +| ----------------- | --------------------------------------------------- | ----------- | ---------- | +| **ExpiresAt** | Pointer to [**map[string]time.Time**](time.Time.md) | | [optional] | +| **Headers** | Pointer to [**Headers**](Headers.md) | | [optional] | +| **IdTokenClaims** | Pointer to [**IDTokenClaims**](IDTokenClaims.md) | | [optional] | +| **Subject** | Pointer to **string** | | [optional] | +| **Username** | Pointer to **string** | | [optional] | + +## Methods + +### NewDefaultSession + +`func NewDefaultSession() *DefaultSession` + +NewDefaultSession instantiates a new DefaultSession object This constructor will +assign default values to properties that have it defined, and makes sure +properties required by API are set, but the set of arguments will change when +the set of required properties is changed + +### NewDefaultSessionWithDefaults + +`func NewDefaultSessionWithDefaults() *DefaultSession` + +NewDefaultSessionWithDefaults instantiates a new DefaultSession object This +constructor will only assign default values to properties that have it defined, +but it doesn't guarantee that properties required by API are set + +### GetExpiresAt + +`func (o *DefaultSession) GetExpiresAt() map[string]time.Time` + +GetExpiresAt returns the ExpiresAt field if non-nil, zero value otherwise. + +### GetExpiresAtOk + +`func (o *DefaultSession) GetExpiresAtOk() (*map[string]time.Time, bool)` + +GetExpiresAtOk returns a tuple with the ExpiresAt field if it's non-nil, zero +value otherwise and a boolean to check if the value has been set. + +### SetExpiresAt + +`func (o *DefaultSession) SetExpiresAt(v map[string]time.Time)` + +SetExpiresAt sets ExpiresAt field to given value. + +### HasExpiresAt + +`func (o *DefaultSession) HasExpiresAt() bool` + +HasExpiresAt returns a boolean if a field has been set. + +### GetHeaders + +`func (o *DefaultSession) GetHeaders() Headers` + +GetHeaders returns the Headers field if non-nil, zero value otherwise. + +### GetHeadersOk + +`func (o *DefaultSession) GetHeadersOk() (*Headers, bool)` + +GetHeadersOk returns a tuple with the Headers field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetHeaders + +`func (o *DefaultSession) SetHeaders(v Headers)` + +SetHeaders sets Headers field to given value. + +### HasHeaders + +`func (o *DefaultSession) HasHeaders() bool` + +HasHeaders returns a boolean if a field has been set. + +### GetIdTokenClaims + +`func (o *DefaultSession) GetIdTokenClaims() IDTokenClaims` + +GetIdTokenClaims returns the IdTokenClaims field if non-nil, zero value +otherwise. + +### GetIdTokenClaimsOk + +`func (o *DefaultSession) GetIdTokenClaimsOk() (*IDTokenClaims, bool)` + +GetIdTokenClaimsOk returns a tuple with the IdTokenClaims field if it's non-nil, +zero value otherwise and a boolean to check if the value has been set. + +### SetIdTokenClaims + +`func (o *DefaultSession) SetIdTokenClaims(v IDTokenClaims)` + +SetIdTokenClaims sets IdTokenClaims field to given value. + +### HasIdTokenClaims + +`func (o *DefaultSession) HasIdTokenClaims() bool` + +HasIdTokenClaims returns a boolean if a field has been set. + +### GetSubject + +`func (o *DefaultSession) GetSubject() string` + +GetSubject returns the Subject field if non-nil, zero value otherwise. + +### GetSubjectOk + +`func (o *DefaultSession) GetSubjectOk() (*string, bool)` + +GetSubjectOk returns a tuple with the Subject field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetSubject + +`func (o *DefaultSession) SetSubject(v string)` + +SetSubject sets Subject field to given value. + +### HasSubject + +`func (o *DefaultSession) HasSubject() bool` + +HasSubject returns a boolean if a field has been set. + +### GetUsername + +`func (o *DefaultSession) GetUsername() string` + +GetUsername returns the Username field if non-nil, zero value otherwise. + +### GetUsernameOk + +`func (o *DefaultSession) GetUsernameOk() (*string, bool)` + +GetUsernameOk returns a tuple with the Username field if it's non-nil, zero +value otherwise and a boolean to check if the value has been set. + +### SetUsername + +`func (o *DefaultSession) SetUsername(v string)` + +SetUsername sets Username field to given value. + +### HasUsername + +`func (o *DefaultSession) HasUsername() bool` + +HasUsername returns a boolean if a field has been set. + +[[Back to Model list]](../README.md#documentation-for-models) +[[Back to API list]](../README.md#documentation-for-api-endpoints) +[[Back to README]](../README.md) diff --git a/internal/httpclient-next/docs/Headers.md b/internal/httpclient-next/docs/Headers.md new file mode 100644 index 00000000000..d4f02a6b7b2 --- /dev/null +++ b/internal/httpclient-next/docs/Headers.md @@ -0,0 +1,55 @@ +# Headers + +## Properties + +| Name | Type | Description | Notes | +| --------- | ------------------------------------------------ | ----------- | ---------- | +| **Extra** | Pointer to **map[string]map[string]interface{}** | | [optional] | + +## Methods + +### NewHeaders + +`func NewHeaders() *Headers` + +NewHeaders instantiates a new Headers object This constructor will assign +default values to properties that have it defined, and makes sure properties +required by API are set, but the set of arguments will change when the set of +required properties is changed + +### NewHeadersWithDefaults + +`func NewHeadersWithDefaults() *Headers` + +NewHeadersWithDefaults instantiates a new Headers object This constructor will +only assign default values to properties that have it defined, but it doesn't +guarantee that properties required by API are set + +### GetExtra + +`func (o *Headers) GetExtra() map[string]map[string]interface{}` + +GetExtra returns the Extra field if non-nil, zero value otherwise. + +### GetExtraOk + +`func (o *Headers) GetExtraOk() (*map[string]map[string]interface{}, bool)` + +GetExtraOk returns a tuple with the Extra field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetExtra + +`func (o *Headers) SetExtra(v map[string]map[string]interface{})` + +SetExtra sets Extra field to given value. + +### HasExtra + +`func (o *Headers) HasExtra() bool` + +HasExtra returns a boolean if a field has been set. + +[[Back to Model list]](../README.md#documentation-for-models) +[[Back to API list]](../README.md#documentation-for-api-endpoints) +[[Back to README]](../README.md) diff --git a/internal/httpclient-next/docs/IDTokenClaims.md b/internal/httpclient-next/docs/IDTokenClaims.md new file mode 100644 index 00000000000..fcc8b4bc7ab --- /dev/null +++ b/internal/httpclient-next/docs/IDTokenClaims.md @@ -0,0 +1,393 @@ +# IDTokenClaims + +## Properties + +| Name | Type | Description | Notes | +| ------------ | ------------------------------------------------ | ----------- | ---------- | +| **Acr** | Pointer to **string** | | [optional] | +| **Amr** | Pointer to **[]string** | | [optional] | +| **AtHash** | Pointer to **string** | | [optional] | +| **Aud** | Pointer to **[]string** | | [optional] | +| **AuthTime** | Pointer to **time.Time** | | [optional] | +| **CHash** | Pointer to **string** | | [optional] | +| **Exp** | Pointer to **time.Time** | | [optional] | +| **Ext** | Pointer to **map[string]map[string]interface{}** | | [optional] | +| **Iat** | Pointer to **time.Time** | | [optional] | +| **Iss** | Pointer to **string** | | [optional] | +| **Jti** | Pointer to **string** | | [optional] | +| **Nonce** | Pointer to **string** | | [optional] | +| **Rat** | Pointer to **time.Time** | | [optional] | +| **Sub** | Pointer to **string** | | [optional] | + +## Methods + +### NewIDTokenClaims + +`func NewIDTokenClaims() *IDTokenClaims` + +NewIDTokenClaims instantiates a new IDTokenClaims object This constructor will +assign default values to properties that have it defined, and makes sure +properties required by API are set, but the set of arguments will change when +the set of required properties is changed + +### NewIDTokenClaimsWithDefaults + +`func NewIDTokenClaimsWithDefaults() *IDTokenClaims` + +NewIDTokenClaimsWithDefaults instantiates a new IDTokenClaims object This +constructor will only assign default values to properties that have it defined, +but it doesn't guarantee that properties required by API are set + +### GetAcr + +`func (o *IDTokenClaims) GetAcr() string` + +GetAcr returns the Acr field if non-nil, zero value otherwise. + +### GetAcrOk + +`func (o *IDTokenClaims) GetAcrOk() (*string, bool)` + +GetAcrOk returns a tuple with the Acr field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetAcr + +`func (o *IDTokenClaims) SetAcr(v string)` + +SetAcr sets Acr field to given value. + +### HasAcr + +`func (o *IDTokenClaims) HasAcr() bool` + +HasAcr returns a boolean if a field has been set. + +### GetAmr + +`func (o *IDTokenClaims) GetAmr() []string` + +GetAmr returns the Amr field if non-nil, zero value otherwise. + +### GetAmrOk + +`func (o *IDTokenClaims) GetAmrOk() (*[]string, bool)` + +GetAmrOk returns a tuple with the Amr field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetAmr + +`func (o *IDTokenClaims) SetAmr(v []string)` + +SetAmr sets Amr field to given value. + +### HasAmr + +`func (o *IDTokenClaims) HasAmr() bool` + +HasAmr returns a boolean if a field has been set. + +### GetAtHash + +`func (o *IDTokenClaims) GetAtHash() string` + +GetAtHash returns the AtHash field if non-nil, zero value otherwise. + +### GetAtHashOk + +`func (o *IDTokenClaims) GetAtHashOk() (*string, bool)` + +GetAtHashOk returns a tuple with the AtHash field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetAtHash + +`func (o *IDTokenClaims) SetAtHash(v string)` + +SetAtHash sets AtHash field to given value. + +### HasAtHash + +`func (o *IDTokenClaims) HasAtHash() bool` + +HasAtHash returns a boolean if a field has been set. + +### GetAud + +`func (o *IDTokenClaims) GetAud() []string` + +GetAud returns the Aud field if non-nil, zero value otherwise. + +### GetAudOk + +`func (o *IDTokenClaims) GetAudOk() (*[]string, bool)` + +GetAudOk returns a tuple with the Aud field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetAud + +`func (o *IDTokenClaims) SetAud(v []string)` + +SetAud sets Aud field to given value. + +### HasAud + +`func (o *IDTokenClaims) HasAud() bool` + +HasAud returns a boolean if a field has been set. + +### GetAuthTime + +`func (o *IDTokenClaims) GetAuthTime() time.Time` + +GetAuthTime returns the AuthTime field if non-nil, zero value otherwise. + +### GetAuthTimeOk + +`func (o *IDTokenClaims) GetAuthTimeOk() (*time.Time, bool)` + +GetAuthTimeOk returns a tuple with the AuthTime field if it's non-nil, zero +value otherwise and a boolean to check if the value has been set. + +### SetAuthTime + +`func (o *IDTokenClaims) SetAuthTime(v time.Time)` + +SetAuthTime sets AuthTime field to given value. + +### HasAuthTime + +`func (o *IDTokenClaims) HasAuthTime() bool` + +HasAuthTime returns a boolean if a field has been set. + +### GetCHash + +`func (o *IDTokenClaims) GetCHash() string` + +GetCHash returns the CHash field if non-nil, zero value otherwise. + +### GetCHashOk + +`func (o *IDTokenClaims) GetCHashOk() (*string, bool)` + +GetCHashOk returns a tuple with the CHash field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetCHash + +`func (o *IDTokenClaims) SetCHash(v string)` + +SetCHash sets CHash field to given value. + +### HasCHash + +`func (o *IDTokenClaims) HasCHash() bool` + +HasCHash returns a boolean if a field has been set. + +### GetExp + +`func (o *IDTokenClaims) GetExp() time.Time` + +GetExp returns the Exp field if non-nil, zero value otherwise. + +### GetExpOk + +`func (o *IDTokenClaims) GetExpOk() (*time.Time, bool)` + +GetExpOk returns a tuple with the Exp field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetExp + +`func (o *IDTokenClaims) SetExp(v time.Time)` + +SetExp sets Exp field to given value. + +### HasExp + +`func (o *IDTokenClaims) HasExp() bool` + +HasExp returns a boolean if a field has been set. + +### GetExt + +`func (o *IDTokenClaims) GetExt() map[string]map[string]interface{}` + +GetExt returns the Ext field if non-nil, zero value otherwise. + +### GetExtOk + +`func (o *IDTokenClaims) GetExtOk() (*map[string]map[string]interface{}, bool)` + +GetExtOk returns a tuple with the Ext field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetExt + +`func (o *IDTokenClaims) SetExt(v map[string]map[string]interface{})` + +SetExt sets Ext field to given value. + +### HasExt + +`func (o *IDTokenClaims) HasExt() bool` + +HasExt returns a boolean if a field has been set. + +### GetIat + +`func (o *IDTokenClaims) GetIat() time.Time` + +GetIat returns the Iat field if non-nil, zero value otherwise. + +### GetIatOk + +`func (o *IDTokenClaims) GetIatOk() (*time.Time, bool)` + +GetIatOk returns a tuple with the Iat field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetIat + +`func (o *IDTokenClaims) SetIat(v time.Time)` + +SetIat sets Iat field to given value. + +### HasIat + +`func (o *IDTokenClaims) HasIat() bool` + +HasIat returns a boolean if a field has been set. + +### GetIss + +`func (o *IDTokenClaims) GetIss() string` + +GetIss returns the Iss field if non-nil, zero value otherwise. + +### GetIssOk + +`func (o *IDTokenClaims) GetIssOk() (*string, bool)` + +GetIssOk returns a tuple with the Iss field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetIss + +`func (o *IDTokenClaims) SetIss(v string)` + +SetIss sets Iss field to given value. + +### HasIss + +`func (o *IDTokenClaims) HasIss() bool` + +HasIss returns a boolean if a field has been set. + +### GetJti + +`func (o *IDTokenClaims) GetJti() string` + +GetJti returns the Jti field if non-nil, zero value otherwise. + +### GetJtiOk + +`func (o *IDTokenClaims) GetJtiOk() (*string, bool)` + +GetJtiOk returns a tuple with the Jti field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetJti + +`func (o *IDTokenClaims) SetJti(v string)` + +SetJti sets Jti field to given value. + +### HasJti + +`func (o *IDTokenClaims) HasJti() bool` + +HasJti returns a boolean if a field has been set. + +### GetNonce + +`func (o *IDTokenClaims) GetNonce() string` + +GetNonce returns the Nonce field if non-nil, zero value otherwise. + +### GetNonceOk + +`func (o *IDTokenClaims) GetNonceOk() (*string, bool)` + +GetNonceOk returns a tuple with the Nonce field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetNonce + +`func (o *IDTokenClaims) SetNonce(v string)` + +SetNonce sets Nonce field to given value. + +### HasNonce + +`func (o *IDTokenClaims) HasNonce() bool` + +HasNonce returns a boolean if a field has been set. + +### GetRat + +`func (o *IDTokenClaims) GetRat() time.Time` + +GetRat returns the Rat field if non-nil, zero value otherwise. + +### GetRatOk + +`func (o *IDTokenClaims) GetRatOk() (*time.Time, bool)` + +GetRatOk returns a tuple with the Rat field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetRat + +`func (o *IDTokenClaims) SetRat(v time.Time)` + +SetRat sets Rat field to given value. + +### HasRat + +`func (o *IDTokenClaims) HasRat() bool` + +HasRat returns a boolean if a field has been set. + +### GetSub + +`func (o *IDTokenClaims) GetSub() string` + +GetSub returns the Sub field if non-nil, zero value otherwise. + +### GetSubOk + +`func (o *IDTokenClaims) GetSubOk() (*string, bool)` + +GetSubOk returns a tuple with the Sub field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetSub + +`func (o *IDTokenClaims) SetSub(v string)` + +SetSub sets Sub field to given value. + +### HasSub + +`func (o *IDTokenClaims) HasSub() bool` + +HasSub returns a boolean if a field has been set. + +[[Back to Model list]](../README.md#documentation-for-models) +[[Back to API list]](../README.md#documentation-for-api-endpoints) +[[Back to README]](../README.md) diff --git a/internal/httpclient-next/docs/OAuth2AccessRequest.md b/internal/httpclient-next/docs/OAuth2AccessRequest.md new file mode 100644 index 00000000000..3876a396407 --- /dev/null +++ b/internal/httpclient-next/docs/OAuth2AccessRequest.md @@ -0,0 +1,135 @@ +# OAuth2AccessRequest + +## Properties + +| Name | Type | Description | Notes | +| ------------------- | ----------------------- | ------------------------------------------------------------------------- | ---------- | +| **ClientId** | Pointer to **string** | ClientID is the identifier of the OAuth 2.0 client. | [optional] | +| **GrantTypes** | Pointer to **[]string** | GrantTypes is the requests grant types. | [optional] | +| **GrantedAudience** | Pointer to **[]string** | GrantedAudience is the list of audiences granted to the OAuth 2.0 client. | [optional] | +| **GrantedScopes** | Pointer to **[]string** | GrantedScopes is the list of scopes granted to the OAuth 2.0 client. | [optional] | + +## Methods + +### NewOAuth2AccessRequest + +`func NewOAuth2AccessRequest() *OAuth2AccessRequest` + +NewOAuth2AccessRequest instantiates a new OAuth2AccessRequest object This +constructor will assign default values to properties that have it defined, and +makes sure properties required by API are set, but the set of arguments will +change when the set of required properties is changed + +### NewOAuth2AccessRequestWithDefaults + +`func NewOAuth2AccessRequestWithDefaults() *OAuth2AccessRequest` + +NewOAuth2AccessRequestWithDefaults instantiates a new OAuth2AccessRequest object +This constructor will only assign default values to properties that have it +defined, but it doesn't guarantee that properties required by API are set + +### GetClientId + +`func (o *OAuth2AccessRequest) GetClientId() string` + +GetClientId returns the ClientId field if non-nil, zero value otherwise. + +### GetClientIdOk + +`func (o *OAuth2AccessRequest) GetClientIdOk() (*string, bool)` + +GetClientIdOk returns a tuple with the ClientId field if it's non-nil, zero +value otherwise and a boolean to check if the value has been set. + +### SetClientId + +`func (o *OAuth2AccessRequest) SetClientId(v string)` + +SetClientId sets ClientId field to given value. + +### HasClientId + +`func (o *OAuth2AccessRequest) HasClientId() bool` + +HasClientId returns a boolean if a field has been set. + +### GetGrantTypes + +`func (o *OAuth2AccessRequest) GetGrantTypes() []string` + +GetGrantTypes returns the GrantTypes field if non-nil, zero value otherwise. + +### GetGrantTypesOk + +`func (o *OAuth2AccessRequest) GetGrantTypesOk() (*[]string, bool)` + +GetGrantTypesOk returns a tuple with the GrantTypes field if it's non-nil, zero +value otherwise and a boolean to check if the value has been set. + +### SetGrantTypes + +`func (o *OAuth2AccessRequest) SetGrantTypes(v []string)` + +SetGrantTypes sets GrantTypes field to given value. + +### HasGrantTypes + +`func (o *OAuth2AccessRequest) HasGrantTypes() bool` + +HasGrantTypes returns a boolean if a field has been set. + +### GetGrantedAudience + +`func (o *OAuth2AccessRequest) GetGrantedAudience() []string` + +GetGrantedAudience returns the GrantedAudience field if non-nil, zero value +otherwise. + +### GetGrantedAudienceOk + +`func (o *OAuth2AccessRequest) GetGrantedAudienceOk() (*[]string, bool)` + +GetGrantedAudienceOk returns a tuple with the GrantedAudience field if it's +non-nil, zero value otherwise and a boolean to check if the value has been set. + +### SetGrantedAudience + +`func (o *OAuth2AccessRequest) SetGrantedAudience(v []string)` + +SetGrantedAudience sets GrantedAudience field to given value. + +### HasGrantedAudience + +`func (o *OAuth2AccessRequest) HasGrantedAudience() bool` + +HasGrantedAudience returns a boolean if a field has been set. + +### GetGrantedScopes + +`func (o *OAuth2AccessRequest) GetGrantedScopes() []string` + +GetGrantedScopes returns the GrantedScopes field if non-nil, zero value +otherwise. + +### GetGrantedScopesOk + +`func (o *OAuth2AccessRequest) GetGrantedScopesOk() (*[]string, bool)` + +GetGrantedScopesOk returns a tuple with the GrantedScopes field if it's non-nil, +zero value otherwise and a boolean to check if the value has been set. + +### SetGrantedScopes + +`func (o *OAuth2AccessRequest) SetGrantedScopes(v []string)` + +SetGrantedScopes sets GrantedScopes field to given value. + +### HasGrantedScopes + +`func (o *OAuth2AccessRequest) HasGrantedScopes() bool` + +HasGrantedScopes returns a boolean if a field has been set. + +[[Back to Model list]](../README.md#documentation-for-models) +[[Back to API list]](../README.md#documentation-for-api-endpoints) +[[Back to README]](../README.md) diff --git a/internal/httpclient-next/docs/RefreshTokenHookRequest.md b/internal/httpclient-next/docs/RefreshTokenHookRequest.md index 6684940c29e..6ef539bb925 100644 --- a/internal/httpclient-next/docs/RefreshTokenHookRequest.md +++ b/internal/httpclient-next/docs/RefreshTokenHookRequest.md @@ -2,12 +2,14 @@ ## Properties -| Name | Type | Description | Notes | -| ------------------- | ----------------------- | ------------------------------------------------------------------------- | ---------- | -| **ClientId** | Pointer to **string** | ClientID is the identifier of the OAuth 2.0 client. | [optional] | -| **GrantedAudience** | Pointer to **[]string** | GrantedAudience is the list of audiences granted to the OAuth 2.0 client. | [optional] | -| **GrantedScopes** | Pointer to **[]string** | GrantedScopes is the list of scopes granted to the OAuth 2.0 client. | [optional] | -| **Subject** | Pointer to **string** | Subject is the identifier of the authenticated end-user. | [optional] | +| Name | Type | Description | Notes | +| ------------------- | ------------------------------------------------------------ | ------------------------------------------------------------------------- | ---------- | +| **ClientId** | Pointer to **string** | ClientID is the identifier of the OAuth 2.0 client. | [optional] | +| **GrantedAudience** | Pointer to **[]string** | GrantedAudience is the list of audiences granted to the OAuth 2.0 client. | [optional] | +| **GrantedScopes** | Pointer to **[]string** | GrantedScopes is the list of scopes granted to the OAuth 2.0 client. | [optional] | +| **Requester** | Pointer to [**OAuth2AccessRequest**](OAuth2AccessRequest.md) | | [optional] | +| **Session** | Pointer to [**Session**](Session.md) | | [optional] | +| **Subject** | Pointer to **string** | Subject is the identifier of the authenticated end-user. | [optional] | ## Methods @@ -106,6 +108,56 @@ SetGrantedScopes sets GrantedScopes field to given value. HasGrantedScopes returns a boolean if a field has been set. +### GetRequester + +`func (o *RefreshTokenHookRequest) GetRequester() OAuth2AccessRequest` + +GetRequester returns the Requester field if non-nil, zero value otherwise. + +### GetRequesterOk + +`func (o *RefreshTokenHookRequest) GetRequesterOk() (*OAuth2AccessRequest, bool)` + +GetRequesterOk returns a tuple with the Requester field if it's non-nil, zero +value otherwise and a boolean to check if the value has been set. + +### SetRequester + +`func (o *RefreshTokenHookRequest) SetRequester(v OAuth2AccessRequest)` + +SetRequester sets Requester field to given value. + +### HasRequester + +`func (o *RefreshTokenHookRequest) HasRequester() bool` + +HasRequester returns a boolean if a field has been set. + +### GetSession + +`func (o *RefreshTokenHookRequest) GetSession() Session` + +GetSession returns the Session field if non-nil, zero value otherwise. + +### GetSessionOk + +`func (o *RefreshTokenHookRequest) GetSessionOk() (*Session, bool)` + +GetSessionOk returns a tuple with the Session field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetSession + +`func (o *RefreshTokenHookRequest) SetSession(v Session)` + +SetSession sets Session field to given value. + +### HasSession + +`func (o *RefreshTokenHookRequest) HasSession() bool` + +HasSession returns a boolean if a field has been set. + ### GetSubject `func (o *RefreshTokenHookRequest) GetSubject() string` diff --git a/internal/httpclient-next/docs/Session.md b/internal/httpclient-next/docs/Session.md new file mode 100644 index 00000000000..d36ac392041 --- /dev/null +++ b/internal/httpclient-next/docs/Session.md @@ -0,0 +1,321 @@ +# Session + +## Properties + +| Name | Type | Description | Notes | +| ------------------------- | --------------------------------------------------- | ----------- | ---------- | +| **AllowedTopLevelClaims** | Pointer to **[]string** | | [optional] | +| **ClientId** | Pointer to **string** | | [optional] | +| **ConsentChallenge** | Pointer to **string** | | [optional] | +| **ExcludeNotBeforeClaim** | Pointer to **bool** | | [optional] | +| **ExpiresAt** | Pointer to [**map[string]time.Time**](time.Time.md) | | [optional] | +| **Extra** | Pointer to **map[string]map[string]interface{}** | | [optional] | +| **Headers** | Pointer to [**Headers**](Headers.md) | | [optional] | +| **IdTokenClaims** | Pointer to [**IDTokenClaims**](IDTokenClaims.md) | | [optional] | +| **Kid** | Pointer to **string** | | [optional] | +| **Subject** | Pointer to **string** | | [optional] | +| **Username** | Pointer to **string** | | [optional] | + +## Methods + +### NewSession + +`func NewSession() *Session` + +NewSession instantiates a new Session object This constructor will assign +default values to properties that have it defined, and makes sure properties +required by API are set, but the set of arguments will change when the set of +required properties is changed + +### NewSessionWithDefaults + +`func NewSessionWithDefaults() *Session` + +NewSessionWithDefaults instantiates a new Session object This constructor will +only assign default values to properties that have it defined, but it doesn't +guarantee that properties required by API are set + +### GetAllowedTopLevelClaims + +`func (o *Session) GetAllowedTopLevelClaims() []string` + +GetAllowedTopLevelClaims returns the AllowedTopLevelClaims field if non-nil, +zero value otherwise. + +### GetAllowedTopLevelClaimsOk + +`func (o *Session) GetAllowedTopLevelClaimsOk() (*[]string, bool)` + +GetAllowedTopLevelClaimsOk returns a tuple with the AllowedTopLevelClaims field +if it's non-nil, zero value otherwise and a boolean to check if the value has +been set. + +### SetAllowedTopLevelClaims + +`func (o *Session) SetAllowedTopLevelClaims(v []string)` + +SetAllowedTopLevelClaims sets AllowedTopLevelClaims field to given value. + +### HasAllowedTopLevelClaims + +`func (o *Session) HasAllowedTopLevelClaims() bool` + +HasAllowedTopLevelClaims returns a boolean if a field has been set. + +### GetClientId + +`func (o *Session) GetClientId() string` + +GetClientId returns the ClientId field if non-nil, zero value otherwise. + +### GetClientIdOk + +`func (o *Session) GetClientIdOk() (*string, bool)` + +GetClientIdOk returns a tuple with the ClientId field if it's non-nil, zero +value otherwise and a boolean to check if the value has been set. + +### SetClientId + +`func (o *Session) SetClientId(v string)` + +SetClientId sets ClientId field to given value. + +### HasClientId + +`func (o *Session) HasClientId() bool` + +HasClientId returns a boolean if a field has been set. + +### GetConsentChallenge + +`func (o *Session) GetConsentChallenge() string` + +GetConsentChallenge returns the ConsentChallenge field if non-nil, zero value +otherwise. + +### GetConsentChallengeOk + +`func (o *Session) GetConsentChallengeOk() (*string, bool)` + +GetConsentChallengeOk returns a tuple with the ConsentChallenge field if it's +non-nil, zero value otherwise and a boolean to check if the value has been set. + +### SetConsentChallenge + +`func (o *Session) SetConsentChallenge(v string)` + +SetConsentChallenge sets ConsentChallenge field to given value. + +### HasConsentChallenge + +`func (o *Session) HasConsentChallenge() bool` + +HasConsentChallenge returns a boolean if a field has been set. + +### GetExcludeNotBeforeClaim + +`func (o *Session) GetExcludeNotBeforeClaim() bool` + +GetExcludeNotBeforeClaim returns the ExcludeNotBeforeClaim field if non-nil, +zero value otherwise. + +### GetExcludeNotBeforeClaimOk + +`func (o *Session) GetExcludeNotBeforeClaimOk() (*bool, bool)` + +GetExcludeNotBeforeClaimOk returns a tuple with the ExcludeNotBeforeClaim field +if it's non-nil, zero value otherwise and a boolean to check if the value has +been set. + +### SetExcludeNotBeforeClaim + +`func (o *Session) SetExcludeNotBeforeClaim(v bool)` + +SetExcludeNotBeforeClaim sets ExcludeNotBeforeClaim field to given value. + +### HasExcludeNotBeforeClaim + +`func (o *Session) HasExcludeNotBeforeClaim() bool` + +HasExcludeNotBeforeClaim returns a boolean if a field has been set. + +### GetExpiresAt + +`func (o *Session) GetExpiresAt() map[string]time.Time` + +GetExpiresAt returns the ExpiresAt field if non-nil, zero value otherwise. + +### GetExpiresAtOk + +`func (o *Session) GetExpiresAtOk() (*map[string]time.Time, bool)` + +GetExpiresAtOk returns a tuple with the ExpiresAt field if it's non-nil, zero +value otherwise and a boolean to check if the value has been set. + +### SetExpiresAt + +`func (o *Session) SetExpiresAt(v map[string]time.Time)` + +SetExpiresAt sets ExpiresAt field to given value. + +### HasExpiresAt + +`func (o *Session) HasExpiresAt() bool` + +HasExpiresAt returns a boolean if a field has been set. + +### GetExtra + +`func (o *Session) GetExtra() map[string]map[string]interface{}` + +GetExtra returns the Extra field if non-nil, zero value otherwise. + +### GetExtraOk + +`func (o *Session) GetExtraOk() (*map[string]map[string]interface{}, bool)` + +GetExtraOk returns a tuple with the Extra field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetExtra + +`func (o *Session) SetExtra(v map[string]map[string]interface{})` + +SetExtra sets Extra field to given value. + +### HasExtra + +`func (o *Session) HasExtra() bool` + +HasExtra returns a boolean if a field has been set. + +### GetHeaders + +`func (o *Session) GetHeaders() Headers` + +GetHeaders returns the Headers field if non-nil, zero value otherwise. + +### GetHeadersOk + +`func (o *Session) GetHeadersOk() (*Headers, bool)` + +GetHeadersOk returns a tuple with the Headers field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetHeaders + +`func (o *Session) SetHeaders(v Headers)` + +SetHeaders sets Headers field to given value. + +### HasHeaders + +`func (o *Session) HasHeaders() bool` + +HasHeaders returns a boolean if a field has been set. + +### GetIdTokenClaims + +`func (o *Session) GetIdTokenClaims() IDTokenClaims` + +GetIdTokenClaims returns the IdTokenClaims field if non-nil, zero value +otherwise. + +### GetIdTokenClaimsOk + +`func (o *Session) GetIdTokenClaimsOk() (*IDTokenClaims, bool)` + +GetIdTokenClaimsOk returns a tuple with the IdTokenClaims field if it's non-nil, +zero value otherwise and a boolean to check if the value has been set. + +### SetIdTokenClaims + +`func (o *Session) SetIdTokenClaims(v IDTokenClaims)` + +SetIdTokenClaims sets IdTokenClaims field to given value. + +### HasIdTokenClaims + +`func (o *Session) HasIdTokenClaims() bool` + +HasIdTokenClaims returns a boolean if a field has been set. + +### GetKid + +`func (o *Session) GetKid() string` + +GetKid returns the Kid field if non-nil, zero value otherwise. + +### GetKidOk + +`func (o *Session) GetKidOk() (*string, bool)` + +GetKidOk returns a tuple with the Kid field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetKid + +`func (o *Session) SetKid(v string)` + +SetKid sets Kid field to given value. + +### HasKid + +`func (o *Session) HasKid() bool` + +HasKid returns a boolean if a field has been set. + +### GetSubject + +`func (o *Session) GetSubject() string` + +GetSubject returns the Subject field if non-nil, zero value otherwise. + +### GetSubjectOk + +`func (o *Session) GetSubjectOk() (*string, bool)` + +GetSubjectOk returns a tuple with the Subject field if it's non-nil, zero value +otherwise and a boolean to check if the value has been set. + +### SetSubject + +`func (o *Session) SetSubject(v string)` + +SetSubject sets Subject field to given value. + +### HasSubject + +`func (o *Session) HasSubject() bool` + +HasSubject returns a boolean if a field has been set. + +### GetUsername + +`func (o *Session) GetUsername() string` + +GetUsername returns the Username field if non-nil, zero value otherwise. + +### GetUsernameOk + +`func (o *Session) GetUsernameOk() (*string, bool)` + +GetUsernameOk returns a tuple with the Username field if it's non-nil, zero +value otherwise and a boolean to check if the value has been set. + +### SetUsername + +`func (o *Session) SetUsername(v string)` + +SetUsername sets Username field to given value. + +### HasUsername + +`func (o *Session) HasUsername() bool` + +HasUsername returns a boolean if a field has been set. + +[[Back to Model list]](../README.md#documentation-for-models) +[[Back to API list]](../README.md#documentation-for-api-endpoints) +[[Back to README]](../README.md) diff --git a/internal/httpclient-next/model_default_session.go b/internal/httpclient-next/model_default_session.go new file mode 100644 index 00000000000..2cb9fa97c6b --- /dev/null +++ b/internal/httpclient-next/model_default_session.go @@ -0,0 +1,259 @@ +/* + * Ory Hydra API + * + * Documentation for all of Ory Hydra's APIs. + * + * API version: 1.0.0 + * Contact: hi@ory.sh + */ + +// Code generated by OpenAPI Generator (https://openapi-generator.tech); DO NOT EDIT. + +package client + +import ( + "encoding/json" + "time" +) + +// DefaultSession IDTokenSession is a session container for the id token +type DefaultSession struct { + ExpiresAt *map[string]time.Time `json:"expires_at,omitempty"` + Headers *Headers `json:"headers,omitempty"` + IdTokenClaims *IDTokenClaims `json:"id_token_claims,omitempty"` + Subject *string `json:"subject,omitempty"` + Username *string `json:"username,omitempty"` +} + +// NewDefaultSession instantiates a new DefaultSession object +// This constructor will assign default values to properties that have it defined, +// and makes sure properties required by API are set, but the set of arguments +// will change when the set of required properties is changed +func NewDefaultSession() *DefaultSession { + this := DefaultSession{} + return &this +} + +// NewDefaultSessionWithDefaults instantiates a new DefaultSession object +// This constructor will only assign default values to properties that have it defined, +// but it doesn't guarantee that properties required by API are set +func NewDefaultSessionWithDefaults() *DefaultSession { + this := DefaultSession{} + return &this +} + +// GetExpiresAt returns the ExpiresAt field value if set, zero value otherwise. +func (o *DefaultSession) GetExpiresAt() map[string]time.Time { + if o == nil || o.ExpiresAt == nil { + var ret map[string]time.Time + return ret + } + return *o.ExpiresAt +} + +// GetExpiresAtOk returns a tuple with the ExpiresAt field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *DefaultSession) GetExpiresAtOk() (*map[string]time.Time, bool) { + if o == nil || o.ExpiresAt == nil { + return nil, false + } + return o.ExpiresAt, true +} + +// HasExpiresAt returns a boolean if a field has been set. +func (o *DefaultSession) HasExpiresAt() bool { + if o != nil && o.ExpiresAt != nil { + return true + } + + return false +} + +// SetExpiresAt gets a reference to the given map[string]time.Time and assigns it to the ExpiresAt field. +func (o *DefaultSession) SetExpiresAt(v map[string]time.Time) { + o.ExpiresAt = &v +} + +// GetHeaders returns the Headers field value if set, zero value otherwise. +func (o *DefaultSession) GetHeaders() Headers { + if o == nil || o.Headers == nil { + var ret Headers + return ret + } + return *o.Headers +} + +// GetHeadersOk returns a tuple with the Headers field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *DefaultSession) GetHeadersOk() (*Headers, bool) { + if o == nil || o.Headers == nil { + return nil, false + } + return o.Headers, true +} + +// HasHeaders returns a boolean if a field has been set. +func (o *DefaultSession) HasHeaders() bool { + if o != nil && o.Headers != nil { + return true + } + + return false +} + +// SetHeaders gets a reference to the given Headers and assigns it to the Headers field. +func (o *DefaultSession) SetHeaders(v Headers) { + o.Headers = &v +} + +// GetIdTokenClaims returns the IdTokenClaims field value if set, zero value otherwise. +func (o *DefaultSession) GetIdTokenClaims() IDTokenClaims { + if o == nil || o.IdTokenClaims == nil { + var ret IDTokenClaims + return ret + } + return *o.IdTokenClaims +} + +// GetIdTokenClaimsOk returns a tuple with the IdTokenClaims field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *DefaultSession) GetIdTokenClaimsOk() (*IDTokenClaims, bool) { + if o == nil || o.IdTokenClaims == nil { + return nil, false + } + return o.IdTokenClaims, true +} + +// HasIdTokenClaims returns a boolean if a field has been set. +func (o *DefaultSession) HasIdTokenClaims() bool { + if o != nil && o.IdTokenClaims != nil { + return true + } + + return false +} + +// SetIdTokenClaims gets a reference to the given IDTokenClaims and assigns it to the IdTokenClaims field. +func (o *DefaultSession) SetIdTokenClaims(v IDTokenClaims) { + o.IdTokenClaims = &v +} + +// GetSubject returns the Subject field value if set, zero value otherwise. +func (o *DefaultSession) GetSubject() string { + if o == nil || o.Subject == nil { + var ret string + return ret + } + return *o.Subject +} + +// GetSubjectOk returns a tuple with the Subject field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *DefaultSession) GetSubjectOk() (*string, bool) { + if o == nil || o.Subject == nil { + return nil, false + } + return o.Subject, true +} + +// HasSubject returns a boolean if a field has been set. +func (o *DefaultSession) HasSubject() bool { + if o != nil && o.Subject != nil { + return true + } + + return false +} + +// SetSubject gets a reference to the given string and assigns it to the Subject field. +func (o *DefaultSession) SetSubject(v string) { + o.Subject = &v +} + +// GetUsername returns the Username field value if set, zero value otherwise. +func (o *DefaultSession) GetUsername() string { + if o == nil || o.Username == nil { + var ret string + return ret + } + return *o.Username +} + +// GetUsernameOk returns a tuple with the Username field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *DefaultSession) GetUsernameOk() (*string, bool) { + if o == nil || o.Username == nil { + return nil, false + } + return o.Username, true +} + +// HasUsername returns a boolean if a field has been set. +func (o *DefaultSession) HasUsername() bool { + if o != nil && o.Username != nil { + return true + } + + return false +} + +// SetUsername gets a reference to the given string and assigns it to the Username field. +func (o *DefaultSession) SetUsername(v string) { + o.Username = &v +} + +func (o DefaultSession) MarshalJSON() ([]byte, error) { + toSerialize := map[string]interface{}{} + if o.ExpiresAt != nil { + toSerialize["expires_at"] = o.ExpiresAt + } + if o.Headers != nil { + toSerialize["headers"] = o.Headers + } + if o.IdTokenClaims != nil { + toSerialize["id_token_claims"] = o.IdTokenClaims + } + if o.Subject != nil { + toSerialize["subject"] = o.Subject + } + if o.Username != nil { + toSerialize["username"] = o.Username + } + return json.Marshal(toSerialize) +} + +type NullableDefaultSession struct { + value *DefaultSession + isSet bool +} + +func (v NullableDefaultSession) Get() *DefaultSession { + return v.value +} + +func (v *NullableDefaultSession) Set(val *DefaultSession) { + v.value = val + v.isSet = true +} + +func (v NullableDefaultSession) IsSet() bool { + return v.isSet +} + +func (v *NullableDefaultSession) Unset() { + v.value = nil + v.isSet = false +} + +func NewNullableDefaultSession(val *DefaultSession) *NullableDefaultSession { + return &NullableDefaultSession{value: val, isSet: true} +} + +func (v NullableDefaultSession) MarshalJSON() ([]byte, error) { + return json.Marshal(v.value) +} + +func (v *NullableDefaultSession) UnmarshalJSON(src []byte) error { + v.isSet = true + return json.Unmarshal(src, &v.value) +} diff --git a/internal/httpclient-next/model_headers.go b/internal/httpclient-next/model_headers.go new file mode 100644 index 00000000000..4f8a5b7ee95 --- /dev/null +++ b/internal/httpclient-next/model_headers.go @@ -0,0 +1,114 @@ +/* + * Ory Hydra API + * + * Documentation for all of Ory Hydra's APIs. + * + * API version: 1.0.0 + * Contact: hi@ory.sh + */ + +// Code generated by OpenAPI Generator (https://openapi-generator.tech); DO NOT EDIT. + +package client + +import ( + "encoding/json" +) + +// Headers Headers is the jwt headers +type Headers struct { + Extra map[string]map[string]interface{} `json:"extra,omitempty"` +} + +// NewHeaders instantiates a new Headers object +// This constructor will assign default values to properties that have it defined, +// and makes sure properties required by API are set, but the set of arguments +// will change when the set of required properties is changed +func NewHeaders() *Headers { + this := Headers{} + return &this +} + +// NewHeadersWithDefaults instantiates a new Headers object +// This constructor will only assign default values to properties that have it defined, +// but it doesn't guarantee that properties required by API are set +func NewHeadersWithDefaults() *Headers { + this := Headers{} + return &this +} + +// GetExtra returns the Extra field value if set, zero value otherwise. +func (o *Headers) GetExtra() map[string]map[string]interface{} { + if o == nil || o.Extra == nil { + var ret map[string]map[string]interface{} + return ret + } + return o.Extra +} + +// GetExtraOk returns a tuple with the Extra field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *Headers) GetExtraOk() (map[string]map[string]interface{}, bool) { + if o == nil || o.Extra == nil { + return nil, false + } + return o.Extra, true +} + +// HasExtra returns a boolean if a field has been set. +func (o *Headers) HasExtra() bool { + if o != nil && o.Extra != nil { + return true + } + + return false +} + +// SetExtra gets a reference to the given map[string]map[string]interface{} and assigns it to the Extra field. +func (o *Headers) SetExtra(v map[string]map[string]interface{}) { + o.Extra = v +} + +func (o Headers) MarshalJSON() ([]byte, error) { + toSerialize := map[string]interface{}{} + if o.Extra != nil { + toSerialize["extra"] = o.Extra + } + return json.Marshal(toSerialize) +} + +type NullableHeaders struct { + value *Headers + isSet bool +} + +func (v NullableHeaders) Get() *Headers { + return v.value +} + +func (v *NullableHeaders) Set(val *Headers) { + v.value = val + v.isSet = true +} + +func (v NullableHeaders) IsSet() bool { + return v.isSet +} + +func (v *NullableHeaders) Unset() { + v.value = nil + v.isSet = false +} + +func NewNullableHeaders(val *Headers) *NullableHeaders { + return &NullableHeaders{value: val, isSet: true} +} + +func (v NullableHeaders) MarshalJSON() ([]byte, error) { + return json.Marshal(v.value) +} + +func (v *NullableHeaders) UnmarshalJSON(src []byte) error { + v.isSet = true + return json.Unmarshal(src, &v.value) +} diff --git a/internal/httpclient-next/model_id_token_claims.go b/internal/httpclient-next/model_id_token_claims.go new file mode 100644 index 00000000000..7807604563b --- /dev/null +++ b/internal/httpclient-next/model_id_token_claims.go @@ -0,0 +1,583 @@ +/* + * Ory Hydra API + * + * Documentation for all of Ory Hydra's APIs. + * + * API version: 1.0.0 + * Contact: hi@ory.sh + */ + +// Code generated by OpenAPI Generator (https://openapi-generator.tech); DO NOT EDIT. + +package client + +import ( + "encoding/json" + "time" +) + +// IDTokenClaims IDTokenClaims represent the claims used in open id connect requests +type IDTokenClaims struct { + Acr *string `json:"acr,omitempty"` + Amr []string `json:"amr,omitempty"` + AtHash *string `json:"at_hash,omitempty"` + Aud []string `json:"aud,omitempty"` + AuthTime *time.Time `json:"auth_time,omitempty"` + CHash *string `json:"c_hash,omitempty"` + Exp *time.Time `json:"exp,omitempty"` + Ext map[string]map[string]interface{} `json:"ext,omitempty"` + Iat *time.Time `json:"iat,omitempty"` + Iss *string `json:"iss,omitempty"` + Jti *string `json:"jti,omitempty"` + Nonce *string `json:"nonce,omitempty"` + Rat *time.Time `json:"rat,omitempty"` + Sub *string `json:"sub,omitempty"` +} + +// NewIDTokenClaims instantiates a new IDTokenClaims object +// This constructor will assign default values to properties that have it defined, +// and makes sure properties required by API are set, but the set of arguments +// will change when the set of required properties is changed +func NewIDTokenClaims() *IDTokenClaims { + this := IDTokenClaims{} + return &this +} + +// NewIDTokenClaimsWithDefaults instantiates a new IDTokenClaims object +// This constructor will only assign default values to properties that have it defined, +// but it doesn't guarantee that properties required by API are set +func NewIDTokenClaimsWithDefaults() *IDTokenClaims { + this := IDTokenClaims{} + return &this +} + +// GetAcr returns the Acr field value if set, zero value otherwise. +func (o *IDTokenClaims) GetAcr() string { + if o == nil || o.Acr == nil { + var ret string + return ret + } + return *o.Acr +} + +// GetAcrOk returns a tuple with the Acr field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetAcrOk() (*string, bool) { + if o == nil || o.Acr == nil { + return nil, false + } + return o.Acr, true +} + +// HasAcr returns a boolean if a field has been set. +func (o *IDTokenClaims) HasAcr() bool { + if o != nil && o.Acr != nil { + return true + } + + return false +} + +// SetAcr gets a reference to the given string and assigns it to the Acr field. +func (o *IDTokenClaims) SetAcr(v string) { + o.Acr = &v +} + +// GetAmr returns the Amr field value if set, zero value otherwise. +func (o *IDTokenClaims) GetAmr() []string { + if o == nil || o.Amr == nil { + var ret []string + return ret + } + return o.Amr +} + +// GetAmrOk returns a tuple with the Amr field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetAmrOk() ([]string, bool) { + if o == nil || o.Amr == nil { + return nil, false + } + return o.Amr, true +} + +// HasAmr returns a boolean if a field has been set. +func (o *IDTokenClaims) HasAmr() bool { + if o != nil && o.Amr != nil { + return true + } + + return false +} + +// SetAmr gets a reference to the given []string and assigns it to the Amr field. +func (o *IDTokenClaims) SetAmr(v []string) { + o.Amr = v +} + +// GetAtHash returns the AtHash field value if set, zero value otherwise. +func (o *IDTokenClaims) GetAtHash() string { + if o == nil || o.AtHash == nil { + var ret string + return ret + } + return *o.AtHash +} + +// GetAtHashOk returns a tuple with the AtHash field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetAtHashOk() (*string, bool) { + if o == nil || o.AtHash == nil { + return nil, false + } + return o.AtHash, true +} + +// HasAtHash returns a boolean if a field has been set. +func (o *IDTokenClaims) HasAtHash() bool { + if o != nil && o.AtHash != nil { + return true + } + + return false +} + +// SetAtHash gets a reference to the given string and assigns it to the AtHash field. +func (o *IDTokenClaims) SetAtHash(v string) { + o.AtHash = &v +} + +// GetAud returns the Aud field value if set, zero value otherwise. +func (o *IDTokenClaims) GetAud() []string { + if o == nil || o.Aud == nil { + var ret []string + return ret + } + return o.Aud +} + +// GetAudOk returns a tuple with the Aud field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetAudOk() ([]string, bool) { + if o == nil || o.Aud == nil { + return nil, false + } + return o.Aud, true +} + +// HasAud returns a boolean if a field has been set. +func (o *IDTokenClaims) HasAud() bool { + if o != nil && o.Aud != nil { + return true + } + + return false +} + +// SetAud gets a reference to the given []string and assigns it to the Aud field. +func (o *IDTokenClaims) SetAud(v []string) { + o.Aud = v +} + +// GetAuthTime returns the AuthTime field value if set, zero value otherwise. +func (o *IDTokenClaims) GetAuthTime() time.Time { + if o == nil || o.AuthTime == nil { + var ret time.Time + return ret + } + return *o.AuthTime +} + +// GetAuthTimeOk returns a tuple with the AuthTime field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetAuthTimeOk() (*time.Time, bool) { + if o == nil || o.AuthTime == nil { + return nil, false + } + return o.AuthTime, true +} + +// HasAuthTime returns a boolean if a field has been set. +func (o *IDTokenClaims) HasAuthTime() bool { + if o != nil && o.AuthTime != nil { + return true + } + + return false +} + +// SetAuthTime gets a reference to the given time.Time and assigns it to the AuthTime field. +func (o *IDTokenClaims) SetAuthTime(v time.Time) { + o.AuthTime = &v +} + +// GetCHash returns the CHash field value if set, zero value otherwise. +func (o *IDTokenClaims) GetCHash() string { + if o == nil || o.CHash == nil { + var ret string + return ret + } + return *o.CHash +} + +// GetCHashOk returns a tuple with the CHash field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetCHashOk() (*string, bool) { + if o == nil || o.CHash == nil { + return nil, false + } + return o.CHash, true +} + +// HasCHash returns a boolean if a field has been set. +func (o *IDTokenClaims) HasCHash() bool { + if o != nil && o.CHash != nil { + return true + } + + return false +} + +// SetCHash gets a reference to the given string and assigns it to the CHash field. +func (o *IDTokenClaims) SetCHash(v string) { + o.CHash = &v +} + +// GetExp returns the Exp field value if set, zero value otherwise. +func (o *IDTokenClaims) GetExp() time.Time { + if o == nil || o.Exp == nil { + var ret time.Time + return ret + } + return *o.Exp +} + +// GetExpOk returns a tuple with the Exp field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetExpOk() (*time.Time, bool) { + if o == nil || o.Exp == nil { + return nil, false + } + return o.Exp, true +} + +// HasExp returns a boolean if a field has been set. +func (o *IDTokenClaims) HasExp() bool { + if o != nil && o.Exp != nil { + return true + } + + return false +} + +// SetExp gets a reference to the given time.Time and assigns it to the Exp field. +func (o *IDTokenClaims) SetExp(v time.Time) { + o.Exp = &v +} + +// GetExt returns the Ext field value if set, zero value otherwise. +func (o *IDTokenClaims) GetExt() map[string]map[string]interface{} { + if o == nil || o.Ext == nil { + var ret map[string]map[string]interface{} + return ret + } + return o.Ext +} + +// GetExtOk returns a tuple with the Ext field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetExtOk() (map[string]map[string]interface{}, bool) { + if o == nil || o.Ext == nil { + return nil, false + } + return o.Ext, true +} + +// HasExt returns a boolean if a field has been set. +func (o *IDTokenClaims) HasExt() bool { + if o != nil && o.Ext != nil { + return true + } + + return false +} + +// SetExt gets a reference to the given map[string]map[string]interface{} and assigns it to the Ext field. +func (o *IDTokenClaims) SetExt(v map[string]map[string]interface{}) { + o.Ext = v +} + +// GetIat returns the Iat field value if set, zero value otherwise. +func (o *IDTokenClaims) GetIat() time.Time { + if o == nil || o.Iat == nil { + var ret time.Time + return ret + } + return *o.Iat +} + +// GetIatOk returns a tuple with the Iat field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetIatOk() (*time.Time, bool) { + if o == nil || o.Iat == nil { + return nil, false + } + return o.Iat, true +} + +// HasIat returns a boolean if a field has been set. +func (o *IDTokenClaims) HasIat() bool { + if o != nil && o.Iat != nil { + return true + } + + return false +} + +// SetIat gets a reference to the given time.Time and assigns it to the Iat field. +func (o *IDTokenClaims) SetIat(v time.Time) { + o.Iat = &v +} + +// GetIss returns the Iss field value if set, zero value otherwise. +func (o *IDTokenClaims) GetIss() string { + if o == nil || o.Iss == nil { + var ret string + return ret + } + return *o.Iss +} + +// GetIssOk returns a tuple with the Iss field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetIssOk() (*string, bool) { + if o == nil || o.Iss == nil { + return nil, false + } + return o.Iss, true +} + +// HasIss returns a boolean if a field has been set. +func (o *IDTokenClaims) HasIss() bool { + if o != nil && o.Iss != nil { + return true + } + + return false +} + +// SetIss gets a reference to the given string and assigns it to the Iss field. +func (o *IDTokenClaims) SetIss(v string) { + o.Iss = &v +} + +// GetJti returns the Jti field value if set, zero value otherwise. +func (o *IDTokenClaims) GetJti() string { + if o == nil || o.Jti == nil { + var ret string + return ret + } + return *o.Jti +} + +// GetJtiOk returns a tuple with the Jti field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetJtiOk() (*string, bool) { + if o == nil || o.Jti == nil { + return nil, false + } + return o.Jti, true +} + +// HasJti returns a boolean if a field has been set. +func (o *IDTokenClaims) HasJti() bool { + if o != nil && o.Jti != nil { + return true + } + + return false +} + +// SetJti gets a reference to the given string and assigns it to the Jti field. +func (o *IDTokenClaims) SetJti(v string) { + o.Jti = &v +} + +// GetNonce returns the Nonce field value if set, zero value otherwise. +func (o *IDTokenClaims) GetNonce() string { + if o == nil || o.Nonce == nil { + var ret string + return ret + } + return *o.Nonce +} + +// GetNonceOk returns a tuple with the Nonce field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetNonceOk() (*string, bool) { + if o == nil || o.Nonce == nil { + return nil, false + } + return o.Nonce, true +} + +// HasNonce returns a boolean if a field has been set. +func (o *IDTokenClaims) HasNonce() bool { + if o != nil && o.Nonce != nil { + return true + } + + return false +} + +// SetNonce gets a reference to the given string and assigns it to the Nonce field. +func (o *IDTokenClaims) SetNonce(v string) { + o.Nonce = &v +} + +// GetRat returns the Rat field value if set, zero value otherwise. +func (o *IDTokenClaims) GetRat() time.Time { + if o == nil || o.Rat == nil { + var ret time.Time + return ret + } + return *o.Rat +} + +// GetRatOk returns a tuple with the Rat field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetRatOk() (*time.Time, bool) { + if o == nil || o.Rat == nil { + return nil, false + } + return o.Rat, true +} + +// HasRat returns a boolean if a field has been set. +func (o *IDTokenClaims) HasRat() bool { + if o != nil && o.Rat != nil { + return true + } + + return false +} + +// SetRat gets a reference to the given time.Time and assigns it to the Rat field. +func (o *IDTokenClaims) SetRat(v time.Time) { + o.Rat = &v +} + +// GetSub returns the Sub field value if set, zero value otherwise. +func (o *IDTokenClaims) GetSub() string { + if o == nil || o.Sub == nil { + var ret string + return ret + } + return *o.Sub +} + +// GetSubOk returns a tuple with the Sub field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *IDTokenClaims) GetSubOk() (*string, bool) { + if o == nil || o.Sub == nil { + return nil, false + } + return o.Sub, true +} + +// HasSub returns a boolean if a field has been set. +func (o *IDTokenClaims) HasSub() bool { + if o != nil && o.Sub != nil { + return true + } + + return false +} + +// SetSub gets a reference to the given string and assigns it to the Sub field. +func (o *IDTokenClaims) SetSub(v string) { + o.Sub = &v +} + +func (o IDTokenClaims) MarshalJSON() ([]byte, error) { + toSerialize := map[string]interface{}{} + if o.Acr != nil { + toSerialize["acr"] = o.Acr + } + if o.Amr != nil { + toSerialize["amr"] = o.Amr + } + if o.AtHash != nil { + toSerialize["at_hash"] = o.AtHash + } + if o.Aud != nil { + toSerialize["aud"] = o.Aud + } + if o.AuthTime != nil { + toSerialize["auth_time"] = o.AuthTime + } + if o.CHash != nil { + toSerialize["c_hash"] = o.CHash + } + if o.Exp != nil { + toSerialize["exp"] = o.Exp + } + if o.Ext != nil { + toSerialize["ext"] = o.Ext + } + if o.Iat != nil { + toSerialize["iat"] = o.Iat + } + if o.Iss != nil { + toSerialize["iss"] = o.Iss + } + if o.Jti != nil { + toSerialize["jti"] = o.Jti + } + if o.Nonce != nil { + toSerialize["nonce"] = o.Nonce + } + if o.Rat != nil { + toSerialize["rat"] = o.Rat + } + if o.Sub != nil { + toSerialize["sub"] = o.Sub + } + return json.Marshal(toSerialize) +} + +type NullableIDTokenClaims struct { + value *IDTokenClaims + isSet bool +} + +func (v NullableIDTokenClaims) Get() *IDTokenClaims { + return v.value +} + +func (v *NullableIDTokenClaims) Set(val *IDTokenClaims) { + v.value = val + v.isSet = true +} + +func (v NullableIDTokenClaims) IsSet() bool { + return v.isSet +} + +func (v *NullableIDTokenClaims) Unset() { + v.value = nil + v.isSet = false +} + +func NewNullableIDTokenClaims(val *IDTokenClaims) *NullableIDTokenClaims { + return &NullableIDTokenClaims{value: val, isSet: true} +} + +func (v NullableIDTokenClaims) MarshalJSON() ([]byte, error) { + return json.Marshal(v.value) +} + +func (v *NullableIDTokenClaims) UnmarshalJSON(src []byte) error { + v.isSet = true + return json.Unmarshal(src, &v.value) +} diff --git a/internal/httpclient-next/model_o_auth2_access_request.go b/internal/httpclient-next/model_o_auth2_access_request.go new file mode 100644 index 00000000000..e3f8c1cf589 --- /dev/null +++ b/internal/httpclient-next/model_o_auth2_access_request.go @@ -0,0 +1,226 @@ +/* + * Ory Hydra API + * + * Documentation for all of Ory Hydra's APIs. + * + * API version: 1.0.0 + * Contact: hi@ory.sh + */ + +// Code generated by OpenAPI Generator (https://openapi-generator.tech); DO NOT EDIT. + +package client + +import ( + "encoding/json" +) + +// OAuth2AccessRequest struct for OAuth2AccessRequest +type OAuth2AccessRequest struct { + // ClientID is the identifier of the OAuth 2.0 client. + ClientId *string `json:"client_id,omitempty"` + // GrantTypes is the requests grant types. + GrantTypes []string `json:"grant_types,omitempty"` + // GrantedAudience is the list of audiences granted to the OAuth 2.0 client. + GrantedAudience []string `json:"granted_audience,omitempty"` + // GrantedScopes is the list of scopes granted to the OAuth 2.0 client. + GrantedScopes []string `json:"granted_scopes,omitempty"` +} + +// NewOAuth2AccessRequest instantiates a new OAuth2AccessRequest object +// This constructor will assign default values to properties that have it defined, +// and makes sure properties required by API are set, but the set of arguments +// will change when the set of required properties is changed +func NewOAuth2AccessRequest() *OAuth2AccessRequest { + this := OAuth2AccessRequest{} + return &this +} + +// NewOAuth2AccessRequestWithDefaults instantiates a new OAuth2AccessRequest object +// This constructor will only assign default values to properties that have it defined, +// but it doesn't guarantee that properties required by API are set +func NewOAuth2AccessRequestWithDefaults() *OAuth2AccessRequest { + this := OAuth2AccessRequest{} + return &this +} + +// GetClientId returns the ClientId field value if set, zero value otherwise. +func (o *OAuth2AccessRequest) GetClientId() string { + if o == nil || o.ClientId == nil { + var ret string + return ret + } + return *o.ClientId +} + +// GetClientIdOk returns a tuple with the ClientId field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *OAuth2AccessRequest) GetClientIdOk() (*string, bool) { + if o == nil || o.ClientId == nil { + return nil, false + } + return o.ClientId, true +} + +// HasClientId returns a boolean if a field has been set. +func (o *OAuth2AccessRequest) HasClientId() bool { + if o != nil && o.ClientId != nil { + return true + } + + return false +} + +// SetClientId gets a reference to the given string and assigns it to the ClientId field. +func (o *OAuth2AccessRequest) SetClientId(v string) { + o.ClientId = &v +} + +// GetGrantTypes returns the GrantTypes field value if set, zero value otherwise. +func (o *OAuth2AccessRequest) GetGrantTypes() []string { + if o == nil || o.GrantTypes == nil { + var ret []string + return ret + } + return o.GrantTypes +} + +// GetGrantTypesOk returns a tuple with the GrantTypes field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *OAuth2AccessRequest) GetGrantTypesOk() ([]string, bool) { + if o == nil || o.GrantTypes == nil { + return nil, false + } + return o.GrantTypes, true +} + +// HasGrantTypes returns a boolean if a field has been set. +func (o *OAuth2AccessRequest) HasGrantTypes() bool { + if o != nil && o.GrantTypes != nil { + return true + } + + return false +} + +// SetGrantTypes gets a reference to the given []string and assigns it to the GrantTypes field. +func (o *OAuth2AccessRequest) SetGrantTypes(v []string) { + o.GrantTypes = v +} + +// GetGrantedAudience returns the GrantedAudience field value if set, zero value otherwise. +func (o *OAuth2AccessRequest) GetGrantedAudience() []string { + if o == nil || o.GrantedAudience == nil { + var ret []string + return ret + } + return o.GrantedAudience +} + +// GetGrantedAudienceOk returns a tuple with the GrantedAudience field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *OAuth2AccessRequest) GetGrantedAudienceOk() ([]string, bool) { + if o == nil || o.GrantedAudience == nil { + return nil, false + } + return o.GrantedAudience, true +} + +// HasGrantedAudience returns a boolean if a field has been set. +func (o *OAuth2AccessRequest) HasGrantedAudience() bool { + if o != nil && o.GrantedAudience != nil { + return true + } + + return false +} + +// SetGrantedAudience gets a reference to the given []string and assigns it to the GrantedAudience field. +func (o *OAuth2AccessRequest) SetGrantedAudience(v []string) { + o.GrantedAudience = v +} + +// GetGrantedScopes returns the GrantedScopes field value if set, zero value otherwise. +func (o *OAuth2AccessRequest) GetGrantedScopes() []string { + if o == nil || o.GrantedScopes == nil { + var ret []string + return ret + } + return o.GrantedScopes +} + +// GetGrantedScopesOk returns a tuple with the GrantedScopes field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *OAuth2AccessRequest) GetGrantedScopesOk() ([]string, bool) { + if o == nil || o.GrantedScopes == nil { + return nil, false + } + return o.GrantedScopes, true +} + +// HasGrantedScopes returns a boolean if a field has been set. +func (o *OAuth2AccessRequest) HasGrantedScopes() bool { + if o != nil && o.GrantedScopes != nil { + return true + } + + return false +} + +// SetGrantedScopes gets a reference to the given []string and assigns it to the GrantedScopes field. +func (o *OAuth2AccessRequest) SetGrantedScopes(v []string) { + o.GrantedScopes = v +} + +func (o OAuth2AccessRequest) MarshalJSON() ([]byte, error) { + toSerialize := map[string]interface{}{} + if o.ClientId != nil { + toSerialize["client_id"] = o.ClientId + } + if o.GrantTypes != nil { + toSerialize["grant_types"] = o.GrantTypes + } + if o.GrantedAudience != nil { + toSerialize["granted_audience"] = o.GrantedAudience + } + if o.GrantedScopes != nil { + toSerialize["granted_scopes"] = o.GrantedScopes + } + return json.Marshal(toSerialize) +} + +type NullableOAuth2AccessRequest struct { + value *OAuth2AccessRequest + isSet bool +} + +func (v NullableOAuth2AccessRequest) Get() *OAuth2AccessRequest { + return v.value +} + +func (v *NullableOAuth2AccessRequest) Set(val *OAuth2AccessRequest) { + v.value = val + v.isSet = true +} + +func (v NullableOAuth2AccessRequest) IsSet() bool { + return v.isSet +} + +func (v *NullableOAuth2AccessRequest) Unset() { + v.value = nil + v.isSet = false +} + +func NewNullableOAuth2AccessRequest(val *OAuth2AccessRequest) *NullableOAuth2AccessRequest { + return &NullableOAuth2AccessRequest{value: val, isSet: true} +} + +func (v NullableOAuth2AccessRequest) MarshalJSON() ([]byte, error) { + return json.Marshal(v.value) +} + +func (v *NullableOAuth2AccessRequest) UnmarshalJSON(src []byte) error { + v.isSet = true + return json.Unmarshal(src, &v.value) +} diff --git a/internal/httpclient-next/model_refresh_token_hook_request.go b/internal/httpclient-next/model_refresh_token_hook_request.go index 09e0514af1d..8b86604fd57 100644 --- a/internal/httpclient-next/model_refresh_token_hook_request.go +++ b/internal/httpclient-next/model_refresh_token_hook_request.go @@ -22,7 +22,9 @@ type RefreshTokenHookRequest struct { // GrantedAudience is the list of audiences granted to the OAuth 2.0 client. GrantedAudience []string `json:"granted_audience,omitempty"` // GrantedScopes is the list of scopes granted to the OAuth 2.0 client. - GrantedScopes []string `json:"granted_scopes,omitempty"` + GrantedScopes []string `json:"granted_scopes,omitempty"` + Requester *OAuth2AccessRequest `json:"requester,omitempty"` + Session *Session `json:"session,omitempty"` // Subject is the identifier of the authenticated end-user. Subject *string `json:"subject,omitempty"` } @@ -140,6 +142,70 @@ func (o *RefreshTokenHookRequest) SetGrantedScopes(v []string) { o.GrantedScopes = v } +// GetRequester returns the Requester field value if set, zero value otherwise. +func (o *RefreshTokenHookRequest) GetRequester() OAuth2AccessRequest { + if o == nil || o.Requester == nil { + var ret OAuth2AccessRequest + return ret + } + return *o.Requester +} + +// GetRequesterOk returns a tuple with the Requester field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *RefreshTokenHookRequest) GetRequesterOk() (*OAuth2AccessRequest, bool) { + if o == nil || o.Requester == nil { + return nil, false + } + return o.Requester, true +} + +// HasRequester returns a boolean if a field has been set. +func (o *RefreshTokenHookRequest) HasRequester() bool { + if o != nil && o.Requester != nil { + return true + } + + return false +} + +// SetRequester gets a reference to the given OAuth2AccessRequest and assigns it to the Requester field. +func (o *RefreshTokenHookRequest) SetRequester(v OAuth2AccessRequest) { + o.Requester = &v +} + +// GetSession returns the Session field value if set, zero value otherwise. +func (o *RefreshTokenHookRequest) GetSession() Session { + if o == nil || o.Session == nil { + var ret Session + return ret + } + return *o.Session +} + +// GetSessionOk returns a tuple with the Session field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *RefreshTokenHookRequest) GetSessionOk() (*Session, bool) { + if o == nil || o.Session == nil { + return nil, false + } + return o.Session, true +} + +// HasSession returns a boolean if a field has been set. +func (o *RefreshTokenHookRequest) HasSession() bool { + if o != nil && o.Session != nil { + return true + } + + return false +} + +// SetSession gets a reference to the given Session and assigns it to the Session field. +func (o *RefreshTokenHookRequest) SetSession(v Session) { + o.Session = &v +} + // GetSubject returns the Subject field value if set, zero value otherwise. func (o *RefreshTokenHookRequest) GetSubject() string { if o == nil || o.Subject == nil { @@ -183,6 +249,12 @@ func (o RefreshTokenHookRequest) MarshalJSON() ([]byte, error) { if o.GrantedScopes != nil { toSerialize["granted_scopes"] = o.GrantedScopes } + if o.Requester != nil { + toSerialize["requester"] = o.Requester + } + if o.Session != nil { + toSerialize["session"] = o.Session + } if o.Subject != nil { toSerialize["subject"] = o.Subject } diff --git a/internal/httpclient-next/model_session.go b/internal/httpclient-next/model_session.go new file mode 100644 index 00000000000..eb9a90d7482 --- /dev/null +++ b/internal/httpclient-next/model_session.go @@ -0,0 +1,475 @@ +/* + * Ory Hydra API + * + * Documentation for all of Ory Hydra's APIs. + * + * API version: 1.0.0 + * Contact: hi@ory.sh + */ + +// Code generated by OpenAPI Generator (https://openapi-generator.tech); DO NOT EDIT. + +package client + +import ( + "encoding/json" + "time" +) + +// Session struct for Session +type Session struct { + AllowedTopLevelClaims []string `json:"allowed_top_level_claims,omitempty"` + ClientId *string `json:"client_id,omitempty"` + ConsentChallenge *string `json:"consent_challenge,omitempty"` + ExcludeNotBeforeClaim *bool `json:"exclude_not_before_claim,omitempty"` + ExpiresAt *map[string]time.Time `json:"expires_at,omitempty"` + Extra map[string]map[string]interface{} `json:"extra,omitempty"` + Headers *Headers `json:"headers,omitempty"` + IdTokenClaims *IDTokenClaims `json:"id_token_claims,omitempty"` + Kid *string `json:"kid,omitempty"` + Subject *string `json:"subject,omitempty"` + Username *string `json:"username,omitempty"` +} + +// NewSession instantiates a new Session object +// This constructor will assign default values to properties that have it defined, +// and makes sure properties required by API are set, but the set of arguments +// will change when the set of required properties is changed +func NewSession() *Session { + this := Session{} + return &this +} + +// NewSessionWithDefaults instantiates a new Session object +// This constructor will only assign default values to properties that have it defined, +// but it doesn't guarantee that properties required by API are set +func NewSessionWithDefaults() *Session { + this := Session{} + return &this +} + +// GetAllowedTopLevelClaims returns the AllowedTopLevelClaims field value if set, zero value otherwise. +func (o *Session) GetAllowedTopLevelClaims() []string { + if o == nil || o.AllowedTopLevelClaims == nil { + var ret []string + return ret + } + return o.AllowedTopLevelClaims +} + +// GetAllowedTopLevelClaimsOk returns a tuple with the AllowedTopLevelClaims field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *Session) GetAllowedTopLevelClaimsOk() ([]string, bool) { + if o == nil || o.AllowedTopLevelClaims == nil { + return nil, false + } + return o.AllowedTopLevelClaims, true +} + +// HasAllowedTopLevelClaims returns a boolean if a field has been set. +func (o *Session) HasAllowedTopLevelClaims() bool { + if o != nil && o.AllowedTopLevelClaims != nil { + return true + } + + return false +} + +// SetAllowedTopLevelClaims gets a reference to the given []string and assigns it to the AllowedTopLevelClaims field. +func (o *Session) SetAllowedTopLevelClaims(v []string) { + o.AllowedTopLevelClaims = v +} + +// GetClientId returns the ClientId field value if set, zero value otherwise. +func (o *Session) GetClientId() string { + if o == nil || o.ClientId == nil { + var ret string + return ret + } + return *o.ClientId +} + +// GetClientIdOk returns a tuple with the ClientId field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *Session) GetClientIdOk() (*string, bool) { + if o == nil || o.ClientId == nil { + return nil, false + } + return o.ClientId, true +} + +// HasClientId returns a boolean if a field has been set. +func (o *Session) HasClientId() bool { + if o != nil && o.ClientId != nil { + return true + } + + return false +} + +// SetClientId gets a reference to the given string and assigns it to the ClientId field. +func (o *Session) SetClientId(v string) { + o.ClientId = &v +} + +// GetConsentChallenge returns the ConsentChallenge field value if set, zero value otherwise. +func (o *Session) GetConsentChallenge() string { + if o == nil || o.ConsentChallenge == nil { + var ret string + return ret + } + return *o.ConsentChallenge +} + +// GetConsentChallengeOk returns a tuple with the ConsentChallenge field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *Session) GetConsentChallengeOk() (*string, bool) { + if o == nil || o.ConsentChallenge == nil { + return nil, false + } + return o.ConsentChallenge, true +} + +// HasConsentChallenge returns a boolean if a field has been set. +func (o *Session) HasConsentChallenge() bool { + if o != nil && o.ConsentChallenge != nil { + return true + } + + return false +} + +// SetConsentChallenge gets a reference to the given string and assigns it to the ConsentChallenge field. +func (o *Session) SetConsentChallenge(v string) { + o.ConsentChallenge = &v +} + +// GetExcludeNotBeforeClaim returns the ExcludeNotBeforeClaim field value if set, zero value otherwise. +func (o *Session) GetExcludeNotBeforeClaim() bool { + if o == nil || o.ExcludeNotBeforeClaim == nil { + var ret bool + return ret + } + return *o.ExcludeNotBeforeClaim +} + +// GetExcludeNotBeforeClaimOk returns a tuple with the ExcludeNotBeforeClaim field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *Session) GetExcludeNotBeforeClaimOk() (*bool, bool) { + if o == nil || o.ExcludeNotBeforeClaim == nil { + return nil, false + } + return o.ExcludeNotBeforeClaim, true +} + +// HasExcludeNotBeforeClaim returns a boolean if a field has been set. +func (o *Session) HasExcludeNotBeforeClaim() bool { + if o != nil && o.ExcludeNotBeforeClaim != nil { + return true + } + + return false +} + +// SetExcludeNotBeforeClaim gets a reference to the given bool and assigns it to the ExcludeNotBeforeClaim field. +func (o *Session) SetExcludeNotBeforeClaim(v bool) { + o.ExcludeNotBeforeClaim = &v +} + +// GetExpiresAt returns the ExpiresAt field value if set, zero value otherwise. +func (o *Session) GetExpiresAt() map[string]time.Time { + if o == nil || o.ExpiresAt == nil { + var ret map[string]time.Time + return ret + } + return *o.ExpiresAt +} + +// GetExpiresAtOk returns a tuple with the ExpiresAt field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *Session) GetExpiresAtOk() (*map[string]time.Time, bool) { + if o == nil || o.ExpiresAt == nil { + return nil, false + } + return o.ExpiresAt, true +} + +// HasExpiresAt returns a boolean if a field has been set. +func (o *Session) HasExpiresAt() bool { + if o != nil && o.ExpiresAt != nil { + return true + } + + return false +} + +// SetExpiresAt gets a reference to the given map[string]time.Time and assigns it to the ExpiresAt field. +func (o *Session) SetExpiresAt(v map[string]time.Time) { + o.ExpiresAt = &v +} + +// GetExtra returns the Extra field value if set, zero value otherwise. +func (o *Session) GetExtra() map[string]map[string]interface{} { + if o == nil || o.Extra == nil { + var ret map[string]map[string]interface{} + return ret + } + return o.Extra +} + +// GetExtraOk returns a tuple with the Extra field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *Session) GetExtraOk() (map[string]map[string]interface{}, bool) { + if o == nil || o.Extra == nil { + return nil, false + } + return o.Extra, true +} + +// HasExtra returns a boolean if a field has been set. +func (o *Session) HasExtra() bool { + if o != nil && o.Extra != nil { + return true + } + + return false +} + +// SetExtra gets a reference to the given map[string]map[string]interface{} and assigns it to the Extra field. +func (o *Session) SetExtra(v map[string]map[string]interface{}) { + o.Extra = v +} + +// GetHeaders returns the Headers field value if set, zero value otherwise. +func (o *Session) GetHeaders() Headers { + if o == nil || o.Headers == nil { + var ret Headers + return ret + } + return *o.Headers +} + +// GetHeadersOk returns a tuple with the Headers field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *Session) GetHeadersOk() (*Headers, bool) { + if o == nil || o.Headers == nil { + return nil, false + } + return o.Headers, true +} + +// HasHeaders returns a boolean if a field has been set. +func (o *Session) HasHeaders() bool { + if o != nil && o.Headers != nil { + return true + } + + return false +} + +// SetHeaders gets a reference to the given Headers and assigns it to the Headers field. +func (o *Session) SetHeaders(v Headers) { + o.Headers = &v +} + +// GetIdTokenClaims returns the IdTokenClaims field value if set, zero value otherwise. +func (o *Session) GetIdTokenClaims() IDTokenClaims { + if o == nil || o.IdTokenClaims == nil { + var ret IDTokenClaims + return ret + } + return *o.IdTokenClaims +} + +// GetIdTokenClaimsOk returns a tuple with the IdTokenClaims field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *Session) GetIdTokenClaimsOk() (*IDTokenClaims, bool) { + if o == nil || o.IdTokenClaims == nil { + return nil, false + } + return o.IdTokenClaims, true +} + +// HasIdTokenClaims returns a boolean if a field has been set. +func (o *Session) HasIdTokenClaims() bool { + if o != nil && o.IdTokenClaims != nil { + return true + } + + return false +} + +// SetIdTokenClaims gets a reference to the given IDTokenClaims and assigns it to the IdTokenClaims field. +func (o *Session) SetIdTokenClaims(v IDTokenClaims) { + o.IdTokenClaims = &v +} + +// GetKid returns the Kid field value if set, zero value otherwise. +func (o *Session) GetKid() string { + if o == nil || o.Kid == nil { + var ret string + return ret + } + return *o.Kid +} + +// GetKidOk returns a tuple with the Kid field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *Session) GetKidOk() (*string, bool) { + if o == nil || o.Kid == nil { + return nil, false + } + return o.Kid, true +} + +// HasKid returns a boolean if a field has been set. +func (o *Session) HasKid() bool { + if o != nil && o.Kid != nil { + return true + } + + return false +} + +// SetKid gets a reference to the given string and assigns it to the Kid field. +func (o *Session) SetKid(v string) { + o.Kid = &v +} + +// GetSubject returns the Subject field value if set, zero value otherwise. +func (o *Session) GetSubject() string { + if o == nil || o.Subject == nil { + var ret string + return ret + } + return *o.Subject +} + +// GetSubjectOk returns a tuple with the Subject field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *Session) GetSubjectOk() (*string, bool) { + if o == nil || o.Subject == nil { + return nil, false + } + return o.Subject, true +} + +// HasSubject returns a boolean if a field has been set. +func (o *Session) HasSubject() bool { + if o != nil && o.Subject != nil { + return true + } + + return false +} + +// SetSubject gets a reference to the given string and assigns it to the Subject field. +func (o *Session) SetSubject(v string) { + o.Subject = &v +} + +// GetUsername returns the Username field value if set, zero value otherwise. +func (o *Session) GetUsername() string { + if o == nil || o.Username == nil { + var ret string + return ret + } + return *o.Username +} + +// GetUsernameOk returns a tuple with the Username field value if set, nil otherwise +// and a boolean to check if the value has been set. +func (o *Session) GetUsernameOk() (*string, bool) { + if o == nil || o.Username == nil { + return nil, false + } + return o.Username, true +} + +// HasUsername returns a boolean if a field has been set. +func (o *Session) HasUsername() bool { + if o != nil && o.Username != nil { + return true + } + + return false +} + +// SetUsername gets a reference to the given string and assigns it to the Username field. +func (o *Session) SetUsername(v string) { + o.Username = &v +} + +func (o Session) MarshalJSON() ([]byte, error) { + toSerialize := map[string]interface{}{} + if o.AllowedTopLevelClaims != nil { + toSerialize["allowed_top_level_claims"] = o.AllowedTopLevelClaims + } + if o.ClientId != nil { + toSerialize["client_id"] = o.ClientId + } + if o.ConsentChallenge != nil { + toSerialize["consent_challenge"] = o.ConsentChallenge + } + if o.ExcludeNotBeforeClaim != nil { + toSerialize["exclude_not_before_claim"] = o.ExcludeNotBeforeClaim + } + if o.ExpiresAt != nil { + toSerialize["expires_at"] = o.ExpiresAt + } + if o.Extra != nil { + toSerialize["extra"] = o.Extra + } + if o.Headers != nil { + toSerialize["headers"] = o.Headers + } + if o.IdTokenClaims != nil { + toSerialize["id_token_claims"] = o.IdTokenClaims + } + if o.Kid != nil { + toSerialize["kid"] = o.Kid + } + if o.Subject != nil { + toSerialize["subject"] = o.Subject + } + if o.Username != nil { + toSerialize["username"] = o.Username + } + return json.Marshal(toSerialize) +} + +type NullableSession struct { + value *Session + isSet bool +} + +func (v NullableSession) Get() *Session { + return v.value +} + +func (v *NullableSession) Set(val *Session) { + v.value = val + v.isSet = true +} + +func (v NullableSession) IsSet() bool { + return v.isSet +} + +func (v *NullableSession) Unset() { + v.value = nil + v.isSet = false +} + +func NewNullableSession(val *Session) *NullableSession { + return &NullableSession{value: val, isSet: true} +} + +func (v NullableSession) MarshalJSON() ([]byte, error) { + return json.Marshal(v.value) +} + +func (v *NullableSession) UnmarshalJSON(src []byte) error { + v.isSet = true + return json.Unmarshal(src, &v.value) +} diff --git a/internal/httpclient/models/default_session.go b/internal/httpclient/models/default_session.go new file mode 100644 index 00000000000..4e3cbb731d3 --- /dev/null +++ b/internal/httpclient/models/default_session.go @@ -0,0 +1,172 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + + "github.com/go-openapi/errors" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" + "github.com/go-openapi/validate" +) + +// DefaultSession IDTokenSession is a session container for the id token +// +// swagger:model DefaultSession +type DefaultSession struct { + + // expires at + ExpiresAt map[string]strfmt.DateTime `json:"expires_at,omitempty"` + + // headers + Headers *Headers `json:"headers,omitempty"` + + // id token claims + IDTokenClaims *IDTokenClaims `json:"id_token_claims,omitempty"` + + // subject + Subject string `json:"subject,omitempty"` + + // username + Username string `json:"username,omitempty"` +} + +// Validate validates this default session +func (m *DefaultSession) Validate(formats strfmt.Registry) error { + var res []error + + if err := m.validateExpiresAt(formats); err != nil { + res = append(res, err) + } + + if err := m.validateHeaders(formats); err != nil { + res = append(res, err) + } + + if err := m.validateIDTokenClaims(formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *DefaultSession) validateExpiresAt(formats strfmt.Registry) error { + if swag.IsZero(m.ExpiresAt) { // not required + return nil + } + + for k := range m.ExpiresAt { + + if err := validate.FormatOf("expires_at"+"."+k, "body", "date-time", m.ExpiresAt[k].String(), formats); err != nil { + return err + } + + } + + return nil +} + +func (m *DefaultSession) validateHeaders(formats strfmt.Registry) error { + if swag.IsZero(m.Headers) { // not required + return nil + } + + if m.Headers != nil { + if err := m.Headers.Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("headers") + } + return err + } + } + + return nil +} + +func (m *DefaultSession) validateIDTokenClaims(formats strfmt.Registry) error { + if swag.IsZero(m.IDTokenClaims) { // not required + return nil + } + + if m.IDTokenClaims != nil { + if err := m.IDTokenClaims.Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("id_token_claims") + } + return err + } + } + + return nil +} + +// ContextValidate validate this default session based on the context it is used +func (m *DefaultSession) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateHeaders(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateIDTokenClaims(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *DefaultSession) contextValidateHeaders(ctx context.Context, formats strfmt.Registry) error { + + if m.Headers != nil { + if err := m.Headers.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("headers") + } + return err + } + } + + return nil +} + +func (m *DefaultSession) contextValidateIDTokenClaims(ctx context.Context, formats strfmt.Registry) error { + + if m.IDTokenClaims != nil { + if err := m.IDTokenClaims.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("id_token_claims") + } + return err + } + } + + return nil +} + +// MarshalBinary interface implementation +func (m *DefaultSession) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *DefaultSession) UnmarshalBinary(b []byte) error { + var res DefaultSession + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/internal/httpclient/models/headers.go b/internal/httpclient/models/headers.go new file mode 100644 index 00000000000..e8d8cfee0b6 --- /dev/null +++ b/internal/httpclient/models/headers.go @@ -0,0 +1,50 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" +) + +// Headers Headers is the jwt headers +// +// swagger:model Headers +type Headers struct { + + // extra + Extra interface{} `json:"extra,omitempty"` +} + +// Validate validates this headers +func (m *Headers) Validate(formats strfmt.Registry) error { + return nil +} + +// ContextValidate validates this headers based on context it is used +func (m *Headers) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + +// MarshalBinary interface implementation +func (m *Headers) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *Headers) UnmarshalBinary(b []byte) error { + var res Headers + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/internal/httpclient/models/id_token_claims.go b/internal/httpclient/models/id_token_claims.go new file mode 100644 index 00000000000..0b6d0820e86 --- /dev/null +++ b/internal/httpclient/models/id_token_claims.go @@ -0,0 +1,164 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + + "github.com/go-openapi/errors" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" + "github.com/go-openapi/validate" +) + +// IDTokenClaims IDTokenClaims represent the claims used in open id connect requests +// +// swagger:model IDTokenClaims +type IDTokenClaims struct { + + // acr + Acr string `json:"acr,omitempty"` + + // amr + Amr []string `json:"amr"` + + // at hash + AtHash string `json:"at_hash,omitempty"` + + // aud + Aud []string `json:"aud"` + + // auth time + // Format: date-time + AuthTime strfmt.DateTime `json:"auth_time,omitempty"` + + // c hash + CHash string `json:"c_hash,omitempty"` + + // exp + // Format: date-time + Exp strfmt.DateTime `json:"exp,omitempty"` + + // ext + Ext interface{} `json:"ext,omitempty"` + + // iat + // Format: date-time + Iat strfmt.DateTime `json:"iat,omitempty"` + + // iss + Iss string `json:"iss,omitempty"` + + // jti + Jti string `json:"jti,omitempty"` + + // nonce + Nonce string `json:"nonce,omitempty"` + + // rat + // Format: date-time + Rat strfmt.DateTime `json:"rat,omitempty"` + + // sub + Sub string `json:"sub,omitempty"` +} + +// Validate validates this ID token claims +func (m *IDTokenClaims) Validate(formats strfmt.Registry) error { + var res []error + + if err := m.validateAuthTime(formats); err != nil { + res = append(res, err) + } + + if err := m.validateExp(formats); err != nil { + res = append(res, err) + } + + if err := m.validateIat(formats); err != nil { + res = append(res, err) + } + + if err := m.validateRat(formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *IDTokenClaims) validateAuthTime(formats strfmt.Registry) error { + if swag.IsZero(m.AuthTime) { // not required + return nil + } + + if err := validate.FormatOf("auth_time", "body", "date-time", m.AuthTime.String(), formats); err != nil { + return err + } + + return nil +} + +func (m *IDTokenClaims) validateExp(formats strfmt.Registry) error { + if swag.IsZero(m.Exp) { // not required + return nil + } + + if err := validate.FormatOf("exp", "body", "date-time", m.Exp.String(), formats); err != nil { + return err + } + + return nil +} + +func (m *IDTokenClaims) validateIat(formats strfmt.Registry) error { + if swag.IsZero(m.Iat) { // not required + return nil + } + + if err := validate.FormatOf("iat", "body", "date-time", m.Iat.String(), formats); err != nil { + return err + } + + return nil +} + +func (m *IDTokenClaims) validateRat(formats strfmt.Registry) error { + if swag.IsZero(m.Rat) { // not required + return nil + } + + if err := validate.FormatOf("rat", "body", "date-time", m.Rat.String(), formats); err != nil { + return err + } + + return nil +} + +// ContextValidate validates this ID token claims based on context it is used +func (m *IDTokenClaims) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + +// MarshalBinary interface implementation +func (m *IDTokenClaims) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *IDTokenClaims) UnmarshalBinary(b []byte) error { + var res IDTokenClaims + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/internal/httpclient/models/o_auth2_access_request.go b/internal/httpclient/models/o_auth2_access_request.go new file mode 100644 index 00000000000..05ad2240515 --- /dev/null +++ b/internal/httpclient/models/o_auth2_access_request.go @@ -0,0 +1,59 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" +) + +// OAuth2AccessRequest Requester is a token endpoint's request context. +// +// swagger:model oAuth2AccessRequest +type OAuth2AccessRequest struct { + + // ClientID is the identifier of the OAuth 2.0 client. + ClientID string `json:"client_id,omitempty"` + + // GrantTypes is the requests grant types. + GrantTypes []string `json:"grant_types"` + + // GrantedAudience is the list of audiences granted to the OAuth 2.0 client. + GrantedAudience []string `json:"granted_audience"` + + // GrantedScopes is the list of scopes granted to the OAuth 2.0 client. + GrantedScopes []string `json:"granted_scopes"` +} + +// Validate validates this o auth2 access request +func (m *OAuth2AccessRequest) Validate(formats strfmt.Registry) error { + return nil +} + +// ContextValidate validates this o auth2 access request based on context it is used +func (m *OAuth2AccessRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + +// MarshalBinary interface implementation +func (m *OAuth2AccessRequest) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *OAuth2AccessRequest) UnmarshalBinary(b []byte) error { + var res OAuth2AccessRequest + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/internal/httpclient/models/refresh_token_hook_request.go b/internal/httpclient/models/refresh_token_hook_request.go index a43c1e185aa..8b86e8daf8d 100644 --- a/internal/httpclient/models/refresh_token_hook_request.go +++ b/internal/httpclient/models/refresh_token_hook_request.go @@ -8,6 +8,7 @@ package models import ( "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -26,17 +27,111 @@ type RefreshTokenHookRequest struct { // GrantedScopes is the list of scopes granted to the OAuth 2.0 client. GrantedScopes []string `json:"granted_scopes"` + // requester + Requester *OAuth2AccessRequest `json:"requester,omitempty"` + + // session + Session *Session `json:"session,omitempty"` + // Subject is the identifier of the authenticated end-user. Subject string `json:"subject,omitempty"` } // Validate validates this refresh token hook request func (m *RefreshTokenHookRequest) Validate(formats strfmt.Registry) error { + var res []error + + if err := m.validateRequester(formats); err != nil { + res = append(res, err) + } + + if err := m.validateSession(formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *RefreshTokenHookRequest) validateRequester(formats strfmt.Registry) error { + if swag.IsZero(m.Requester) { // not required + return nil + } + + if m.Requester != nil { + if err := m.Requester.Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("requester") + } + return err + } + } + + return nil +} + +func (m *RefreshTokenHookRequest) validateSession(formats strfmt.Registry) error { + if swag.IsZero(m.Session) { // not required + return nil + } + + if m.Session != nil { + if err := m.Session.Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("session") + } + return err + } + } + return nil } -// ContextValidate validates this refresh token hook request based on context it is used +// ContextValidate validate this refresh token hook request based on the context it is used func (m *RefreshTokenHookRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateRequester(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateSession(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *RefreshTokenHookRequest) contextValidateRequester(ctx context.Context, formats strfmt.Registry) error { + + if m.Requester != nil { + if err := m.Requester.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("requester") + } + return err + } + } + + return nil +} + +func (m *RefreshTokenHookRequest) contextValidateSession(ctx context.Context, formats strfmt.Registry) error { + + if m.Session != nil { + if err := m.Session.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("session") + } + return err + } + } + return nil } diff --git a/internal/httpclient/models/session.go b/internal/httpclient/models/session.go new file mode 100644 index 00000000000..2bb413e8b5c --- /dev/null +++ b/internal/httpclient/models/session.go @@ -0,0 +1,190 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + + "github.com/go-openapi/errors" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" + "github.com/go-openapi/validate" +) + +// Session session +// +// swagger:model Session +type Session struct { + + // allowed top level claims + AllowedTopLevelClaims []string `json:"allowed_top_level_claims"` + + // client id + ClientID string `json:"client_id,omitempty"` + + // consent challenge + ConsentChallenge string `json:"consent_challenge,omitempty"` + + // exclude not before claim + ExcludeNotBeforeClaim bool `json:"exclude_not_before_claim,omitempty"` + + // expires at + ExpiresAt map[string]strfmt.DateTime `json:"expires_at,omitempty"` + + // extra + Extra interface{} `json:"extra,omitempty"` + + // headers + Headers *Headers `json:"headers,omitempty"` + + // id token claims + IDTokenClaims *IDTokenClaims `json:"id_token_claims,omitempty"` + + // kid + Kid string `json:"kid,omitempty"` + + // subject + Subject string `json:"subject,omitempty"` + + // username + Username string `json:"username,omitempty"` +} + +// Validate validates this session +func (m *Session) Validate(formats strfmt.Registry) error { + var res []error + + if err := m.validateExpiresAt(formats); err != nil { + res = append(res, err) + } + + if err := m.validateHeaders(formats); err != nil { + res = append(res, err) + } + + if err := m.validateIDTokenClaims(formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *Session) validateExpiresAt(formats strfmt.Registry) error { + if swag.IsZero(m.ExpiresAt) { // not required + return nil + } + + for k := range m.ExpiresAt { + + if err := validate.FormatOf("expires_at"+"."+k, "body", "date-time", m.ExpiresAt[k].String(), formats); err != nil { + return err + } + + } + + return nil +} + +func (m *Session) validateHeaders(formats strfmt.Registry) error { + if swag.IsZero(m.Headers) { // not required + return nil + } + + if m.Headers != nil { + if err := m.Headers.Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("headers") + } + return err + } + } + + return nil +} + +func (m *Session) validateIDTokenClaims(formats strfmt.Registry) error { + if swag.IsZero(m.IDTokenClaims) { // not required + return nil + } + + if m.IDTokenClaims != nil { + if err := m.IDTokenClaims.Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("id_token_claims") + } + return err + } + } + + return nil +} + +// ContextValidate validate this session based on the context it is used +func (m *Session) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateHeaders(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateIDTokenClaims(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *Session) contextValidateHeaders(ctx context.Context, formats strfmt.Registry) error { + + if m.Headers != nil { + if err := m.Headers.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("headers") + } + return err + } + } + + return nil +} + +func (m *Session) contextValidateIDTokenClaims(ctx context.Context, formats strfmt.Registry) error { + + if m.IDTokenClaims != nil { + if err := m.IDTokenClaims.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("id_token_claims") + } + return err + } + } + + return nil +} + +// MarshalBinary interface implementation +func (m *Session) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *Session) UnmarshalBinary(b []byte) error { + var res Session + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=jwt-case=0-description=should_pass_request_if_strategy_passes-should_call_refresh_token_hook_if_configured.json b/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=jwt-case=0-description=should_pass_request_if_strategy_passes-should_call_refresh_token_hook_if_configured.json new file mode 100644 index 00000000000..66fbfb5af98 --- /dev/null +++ b/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=jwt-case=0-description=should_pass_request_if_strategy_passes-should_call_refresh_token_hook_if_configured.json @@ -0,0 +1,53 @@ +{ + "subject": "foo", + "session": { + "id_token": { + "id_token_claims": { + "jti": "", + "iss": "http://localhost:4444/", + "sub": "foo", + "aud": [ + "app-client" + ], + "nonce": "", + "at_hash": "", + "acr": "1", + "amr": null, + "c_hash": "", + "ext": { + "sid": "" + } + }, + "headers": { + "extra": { + } + }, + "username": "", + "subject": "foo" + }, + "extra": {}, + "client_id": "app-client", + "consent_challenge": "", + "exclude_not_before_claim": false, + "allowed_top_level_claims": [] + }, + "requester": { + "client_id": "app-client", + "granted_scopes": [ + "offline", + "openid", + "hydra.*" + ], + "granted_audience": [], + "grant_types": [ + "refresh_token" + ] + }, + "client_id": "app-client", + "granted_scopes": [ + "offline", + "openid", + "hydra.*" + ], + "granted_audience": [] +} diff --git a/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=jwt-case=2-description=should_pass_because_prompt=none_and_max_age_<_auth_time-should_call_refresh_token_hook_if_configured.json b/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=jwt-case=2-description=should_pass_because_prompt=none_and_max_age_<_auth_time-should_call_refresh_token_hook_if_configured.json new file mode 100644 index 00000000000..66fbfb5af98 --- /dev/null +++ b/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=jwt-case=2-description=should_pass_because_prompt=none_and_max_age_<_auth_time-should_call_refresh_token_hook_if_configured.json @@ -0,0 +1,53 @@ +{ + "subject": "foo", + "session": { + "id_token": { + "id_token_claims": { + "jti": "", + "iss": "http://localhost:4444/", + "sub": "foo", + "aud": [ + "app-client" + ], + "nonce": "", + "at_hash": "", + "acr": "1", + "amr": null, + "c_hash": "", + "ext": { + "sid": "" + } + }, + "headers": { + "extra": { + } + }, + "username": "", + "subject": "foo" + }, + "extra": {}, + "client_id": "app-client", + "consent_challenge": "", + "exclude_not_before_claim": false, + "allowed_top_level_claims": [] + }, + "requester": { + "client_id": "app-client", + "granted_scopes": [ + "offline", + "openid", + "hydra.*" + ], + "granted_audience": [], + "grant_types": [ + "refresh_token" + ] + }, + "client_id": "app-client", + "granted_scopes": [ + "offline", + "openid", + "hydra.*" + ], + "granted_audience": [] +} diff --git a/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=jwt-case=5-description=should_pass_with_prompt=login_when_authentication_time_is_recent-should_call_refresh_token_hook_if_configured.json b/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=jwt-case=5-description=should_pass_with_prompt=login_when_authentication_time_is_recent-should_call_refresh_token_hook_if_configured.json new file mode 100644 index 00000000000..66fbfb5af98 --- /dev/null +++ b/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=jwt-case=5-description=should_pass_with_prompt=login_when_authentication_time_is_recent-should_call_refresh_token_hook_if_configured.json @@ -0,0 +1,53 @@ +{ + "subject": "foo", + "session": { + "id_token": { + "id_token_claims": { + "jti": "", + "iss": "http://localhost:4444/", + "sub": "foo", + "aud": [ + "app-client" + ], + "nonce": "", + "at_hash": "", + "acr": "1", + "amr": null, + "c_hash": "", + "ext": { + "sid": "" + } + }, + "headers": { + "extra": { + } + }, + "username": "", + "subject": "foo" + }, + "extra": {}, + "client_id": "app-client", + "consent_challenge": "", + "exclude_not_before_claim": false, + "allowed_top_level_claims": [] + }, + "requester": { + "client_id": "app-client", + "granted_scopes": [ + "offline", + "openid", + "hydra.*" + ], + "granted_audience": [], + "grant_types": [ + "refresh_token" + ] + }, + "client_id": "app-client", + "granted_scopes": [ + "offline", + "openid", + "hydra.*" + ], + "granted_audience": [] +} diff --git a/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=opaque-case=0-description=should_pass_request_if_strategy_passes-should_call_refresh_token_hook_if_configured.json b/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=opaque-case=0-description=should_pass_request_if_strategy_passes-should_call_refresh_token_hook_if_configured.json new file mode 100644 index 00000000000..66fbfb5af98 --- /dev/null +++ b/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=opaque-case=0-description=should_pass_request_if_strategy_passes-should_call_refresh_token_hook_if_configured.json @@ -0,0 +1,53 @@ +{ + "subject": "foo", + "session": { + "id_token": { + "id_token_claims": { + "jti": "", + "iss": "http://localhost:4444/", + "sub": "foo", + "aud": [ + "app-client" + ], + "nonce": "", + "at_hash": "", + "acr": "1", + "amr": null, + "c_hash": "", + "ext": { + "sid": "" + } + }, + "headers": { + "extra": { + } + }, + "username": "", + "subject": "foo" + }, + "extra": {}, + "client_id": "app-client", + "consent_challenge": "", + "exclude_not_before_claim": false, + "allowed_top_level_claims": [] + }, + "requester": { + "client_id": "app-client", + "granted_scopes": [ + "offline", + "openid", + "hydra.*" + ], + "granted_audience": [], + "grant_types": [ + "refresh_token" + ] + }, + "client_id": "app-client", + "granted_scopes": [ + "offline", + "openid", + "hydra.*" + ], + "granted_audience": [] +} diff --git a/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=opaque-case=2-description=should_pass_because_prompt=none_and_max_age_<_auth_time-should_call_refresh_token_hook_if_configured.json b/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=opaque-case=2-description=should_pass_because_prompt=none_and_max_age_<_auth_time-should_call_refresh_token_hook_if_configured.json new file mode 100644 index 00000000000..66fbfb5af98 --- /dev/null +++ b/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=opaque-case=2-description=should_pass_because_prompt=none_and_max_age_<_auth_time-should_call_refresh_token_hook_if_configured.json @@ -0,0 +1,53 @@ +{ + "subject": "foo", + "session": { + "id_token": { + "id_token_claims": { + "jti": "", + "iss": "http://localhost:4444/", + "sub": "foo", + "aud": [ + "app-client" + ], + "nonce": "", + "at_hash": "", + "acr": "1", + "amr": null, + "c_hash": "", + "ext": { + "sid": "" + } + }, + "headers": { + "extra": { + } + }, + "username": "", + "subject": "foo" + }, + "extra": {}, + "client_id": "app-client", + "consent_challenge": "", + "exclude_not_before_claim": false, + "allowed_top_level_claims": [] + }, + "requester": { + "client_id": "app-client", + "granted_scopes": [ + "offline", + "openid", + "hydra.*" + ], + "granted_audience": [], + "grant_types": [ + "refresh_token" + ] + }, + "client_id": "app-client", + "granted_scopes": [ + "offline", + "openid", + "hydra.*" + ], + "granted_audience": [] +} diff --git a/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=opaque-case=5-description=should_pass_with_prompt=login_when_authentication_time_is_recent-should_call_refresh_token_hook_if_configured.json b/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=opaque-case=5-description=should_pass_with_prompt=login_when_authentication_time_is_recent-should_call_refresh_token_hook_if_configured.json new file mode 100644 index 00000000000..66fbfb5af98 --- /dev/null +++ b/oauth2/.snapshots/TestAuthCodeWithMockStrategy-strategy=opaque-case=5-description=should_pass_with_prompt=login_when_authentication_time_is_recent-should_call_refresh_token_hook_if_configured.json @@ -0,0 +1,53 @@ +{ + "subject": "foo", + "session": { + "id_token": { + "id_token_claims": { + "jti": "", + "iss": "http://localhost:4444/", + "sub": "foo", + "aud": [ + "app-client" + ], + "nonce": "", + "at_hash": "", + "acr": "1", + "amr": null, + "c_hash": "", + "ext": { + "sid": "" + } + }, + "headers": { + "extra": { + } + }, + "username": "", + "subject": "foo" + }, + "extra": {}, + "client_id": "app-client", + "consent_challenge": "", + "exclude_not_before_claim": false, + "allowed_top_level_claims": [] + }, + "requester": { + "client_id": "app-client", + "granted_scopes": [ + "offline", + "openid", + "hydra.*" + ], + "granted_audience": [], + "grant_types": [ + "refresh_token" + ] + }, + "client_id": "app-client", + "granted_scopes": [ + "offline", + "openid", + "hydra.*" + ], + "granted_audience": [] +} diff --git a/oauth2/hook.go b/oauth2/hook.go index 9086db3796c..b8e8c9e2502 100644 --- a/oauth2/hook.go +++ b/oauth2/hook.go @@ -17,12 +17,30 @@ import ( // AccessRequestHook is called when an access token is being refreshed. type AccessRequestHook func(ctx context.Context, requester fosite.AccessRequester) error +// Requester is a token endpoint's request context. +// +// swagger:model oAuth2AccessRequest +type Requester struct { + // ClientID is the identifier of the OAuth 2.0 client. + ClientID string `json:"client_id"` + // GrantedScopes is the list of scopes granted to the OAuth 2.0 client. + GrantedScopes []string `json:"granted_scopes"` + // GrantedAudience is the list of audiences granted to the OAuth 2.0 client. + GrantedAudience []string `json:"granted_audience"` + // GrantTypes is the requests grant types. + GrantTypes []string `json:"grant_types"` +} + // RefreshTokenHookRequest is the request body sent to the refresh token hook. // // swagger:model refreshTokenHookRequest type RefreshTokenHookRequest struct { // Subject is the identifier of the authenticated end-user. Subject string `json:"subject"` + // Session is the request's session.. + Session *Session `json:"session"` + // Requester is a token endpoint's request context. + Requester Requester `json:"requester"` // ClientID is the identifier of the OAuth 2.0 client. ClientID string `json:"client_id"` // GrantedScopes is the list of scopes granted to the OAuth 2.0 client. @@ -58,7 +76,16 @@ func RefreshTokenHook(config *config.Provider) AccessRequestHook { return nil } + requesterInfo := Requester{ + ClientID: requester.GetClient().GetID(), + GrantedScopes: requester.GetGrantedScopes(), + GrantedAudience: requester.GetGrantedAudience(), + GrantTypes: requester.GetGrantTypes(), + } + reqBody := RefreshTokenHookRequest{ + Session: session, + Requester: requesterInfo, Subject: session.GetSubject(), ClientID: requester.GetClient().GetID(), GrantedScopes: requester.GetGrantedScopes(), diff --git a/oauth2/oauth2_auth_code_test.go b/oauth2/oauth2_auth_code_test.go index 0170db86df0..5899fdb0a07 100644 --- a/oauth2/oauth2_auth_code_test.go +++ b/oauth2/oauth2_auth_code_test.go @@ -59,6 +59,7 @@ import ( hydraoauth2 "github.com/ory/hydra/oauth2" "github.com/ory/hydra/x" "github.com/ory/x/pointerx" + "github.com/ory/x/snapshotx" "github.com/ory/x/urlx" ) @@ -1033,12 +1034,33 @@ func TestAuthCodeWithMockStrategy(t *testing.T) { hs := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { assert.Equal(t, r.Header.Get("Content-Type"), "application/json; charset=UTF-8") + expectedGrantedScopes := []string{"openid", "offline", "hydra.*"} + expectedSubject := "foo" + var hookReq hydraoauth2.RefreshTokenHookRequest require.NoError(t, json.NewDecoder(r.Body).Decode(&hookReq)) - require.Equal(t, hookReq.Subject, "foo") - require.ElementsMatch(t, hookReq.GrantedScopes, []string{"openid", "offline", "hydra.*"}) + require.Equal(t, hookReq.Subject, expectedSubject) + require.ElementsMatch(t, hookReq.GrantedScopes, expectedGrantedScopes) require.ElementsMatch(t, hookReq.GrantedAudience, []string{}) require.Equal(t, hookReq.ClientID, oauthConfig.ClientID) + require.NotEmpty(t, hookReq.Session) + require.Equal(t, hookReq.Session.Subject, expectedSubject) + require.Equal(t, hookReq.Session.ClientID, oauthConfig.ClientID) + require.Equal(t, hookReq.Session.Extra, map[string]interface{}{}) + require.NotEmpty(t, hookReq.Requester) + require.Equal(t, hookReq.Requester.ClientID, oauthConfig.ClientID) + require.ElementsMatch(t, hookReq.Requester.GrantedScopes, expectedGrantedScopes) + + except := []string{ + "session.kid", + "session.id_token.expires_at", + "session.id_token.headers.extra.kid", + "session.id_token.id_token_claims.iat", + "session.id_token.id_token_claims.exp", + "session.id_token.id_token_claims.rat", + "session.id_token.id_token_claims.auth_time", + } + snapshotx.SnapshotTExcept(t, hookReq, except) claims := map[string]interface{}{ "hooked": true, diff --git a/oauth2/session.go b/oauth2/session.go index 5ce4c03f1a1..979fe0a4f8f 100644 --- a/oauth2/session.go +++ b/oauth2/session.go @@ -33,13 +33,13 @@ import ( ) type Session struct { - *openid.DefaultSession `json:"idToken"` + *openid.DefaultSession `json:"id_token"` Extra map[string]interface{} `json:"extra"` - KID string - ClientID string - ConsentChallenge string - ExcludeNotBeforeClaim bool - AllowedTopLevelClaims []string + KID string `json:"kid"` + ClientID string `json:"client_id"` + ConsentChallenge string `json:"consent_challenge"` + ExcludeNotBeforeClaim bool `json:"exclude_not_before_claim"` + AllowedTopLevelClaims []string `json:"allowed_top_level_claims"` } func NewSession(subject string) *Session { diff --git a/spec/api.json b/spec/api.json index 22d67eaf936..359a8a9b3d5 100755 --- a/spec/api.json +++ b/spec/api.json @@ -32,6 +32,100 @@ } }, "schemas": { + "DefaultSession": { + "description": "IDTokenSession is a session container for the id token", + "properties": { + "expires_at": { + "additionalProperties": { + "format": "date-time", + "type": "string" + }, + "type": "object" + }, + "headers": { + "$ref": "#/components/schemas/Headers" + }, + "id_token_claims": { + "$ref": "#/components/schemas/IDTokenClaims" + }, + "subject": { + "type": "string" + }, + "username": { + "type": "string" + } + }, + "type": "object" + }, + "Headers": { + "description": "Headers is the jwt headers", + "properties": { + "extra": { + "additionalProperties": true, + "type": "object" + } + }, + "type": "object" + }, + "IDTokenClaims": { + "description": "IDTokenClaims represent the claims used in open id connect requests", + "properties": { + "acr": { + "type": "string" + }, + "amr": { + "items": { + "type": "string" + }, + "type": "array" + }, + "at_hash": { + "type": "string" + }, + "aud": { + "items": { + "type": "string" + }, + "type": "array" + }, + "auth_time": { + "format": "date-time", + "type": "string" + }, + "c_hash": { + "type": "string" + }, + "exp": { + "format": "date-time", + "type": "string" + }, + "ext": { + "additionalProperties": true, + "type": "object" + }, + "iat": { + "format": "date-time", + "type": "string" + }, + "iss": { + "type": "string" + }, + "jti": { + "type": "string" + }, + "nonce": { + "type": "string" + }, + "rat": { + "format": "date-time", + "type": "string" + }, + "sub": { + "type": "string" + } + }, + "type": "object" + }, "JSONRawMessage": { "title": "JSONRawMessage represents a json.RawMessage that works well with JSON, SQL, and Swagger.", "type": "object" @@ -175,6 +269,52 @@ }, "type": "object" }, + "Session": { + "properties": { + "allowed_top_level_claims": { + "items": { + "type": "string" + }, + "type": "array" + }, + "client_id": { + "type": "string" + }, + "consent_challenge": { + "type": "string" + }, + "exclude_not_before_claim": { + "type": "boolean" + }, + "expires_at": { + "additionalProperties": { + "format": "date-time", + "type": "string" + }, + "type": "object" + }, + "extra": { + "additionalProperties": true, + "type": "object" + }, + "headers": { + "$ref": "#/components/schemas/Headers" + }, + "id_token_claims": { + "$ref": "#/components/schemas/IDTokenClaims" + }, + "kid": { + "type": "string" + }, + "subject": { + "type": "string" + }, + "username": { + "type": "string" + } + }, + "type": "object" + }, "StringSlicePipeDelimiter": { "items": { "type": "string" @@ -598,6 +738,37 @@ "title": "NullTime implements sql.NullTime functionality.", "type": "string" }, + "oAuth2AccessRequest": { + "properties": { + "client_id": { + "description": "ClientID is the identifier of the OAuth 2.0 client.", + "type": "string" + }, + "grant_types": { + "description": "GrantTypes is the requests grant types.", + "items": { + "type": "string" + }, + "type": "array" + }, + "granted_audience": { + "description": "GrantedAudience is the list of audiences granted to the OAuth 2.0 client.", + "items": { + "type": "string" + }, + "type": "array" + }, + "granted_scopes": { + "description": "GrantedScopes is the list of scopes granted to the OAuth 2.0 client.", + "items": { + "type": "string" + }, + "type": "array" + } + }, + "title": "Requester is a token endpoint's request context.", + "type": "object" + }, "oAuth2Client": { "properties": { "allowed_cors_origins": { @@ -993,6 +1164,12 @@ }, "type": "array" }, + "requester": { + "$ref": "#/components/schemas/oAuth2AccessRequest" + }, + "session": { + "$ref": "#/components/schemas/Session" + }, "subject": { "description": "Subject is the identifier of the authenticated end-user.", "type": "string" diff --git a/spec/swagger.json b/spec/swagger.json index 60122e04613..0fed6bbe9f1 100755 --- a/spec/swagger.json +++ b/spec/swagger.json @@ -2300,6 +2300,100 @@ } }, "definitions": { + "DefaultSession": { + "description": "IDTokenSession is a session container for the id token", + "type": "object", + "properties": { + "expires_at": { + "type": "object", + "additionalProperties": { + "type": "string", + "format": "date-time" + } + }, + "headers": { + "$ref": "#/definitions/Headers" + }, + "id_token_claims": { + "$ref": "#/definitions/IDTokenClaims" + }, + "subject": { + "type": "string" + }, + "username": { + "type": "string" + } + } + }, + "Headers": { + "description": "Headers is the jwt headers", + "type": "object", + "properties": { + "extra": { + "type": "object", + "additionalProperties": true + } + } + }, + "IDTokenClaims": { + "description": "IDTokenClaims represent the claims used in open id connect requests", + "type": "object", + "properties": { + "acr": { + "type": "string" + }, + "amr": { + "type": "array", + "items": { + "type": "string" + } + }, + "at_hash": { + "type": "string" + }, + "aud": { + "type": "array", + "items": { + "type": "string" + } + }, + "auth_time": { + "type": "string", + "format": "date-time" + }, + "c_hash": { + "type": "string" + }, + "exp": { + "type": "string", + "format": "date-time" + }, + "ext": { + "type": "object", + "additionalProperties": true + }, + "iat": { + "type": "string", + "format": "date-time" + }, + "iss": { + "type": "string" + }, + "jti": { + "type": "string" + }, + "nonce": { + "type": "string" + }, + "rat": { + "type": "string", + "format": "date-time" + }, + "sub": { + "type": "string" + } + } + }, "JSONRawMessage": { "type": "object", "title": "JSONRawMessage represents a json.RawMessage that works well with JSON, SQL, and Swagger." @@ -2442,6 +2536,52 @@ } } }, + "Session": { + "type": "object", + "properties": { + "allowed_top_level_claims": { + "type": "array", + "items": { + "type": "string" + } + }, + "client_id": { + "type": "string" + }, + "consent_challenge": { + "type": "string" + }, + "exclude_not_before_claim": { + "type": "boolean" + }, + "expires_at": { + "type": "object", + "additionalProperties": { + "type": "string", + "format": "date-time" + } + }, + "extra": { + "type": "object", + "additionalProperties": true + }, + "headers": { + "$ref": "#/definitions/Headers" + }, + "id_token_claims": { + "$ref": "#/definitions/IDTokenClaims" + }, + "kid": { + "type": "string" + }, + "subject": { + "type": "string" + }, + "username": { + "type": "string" + } + } + }, "StringSlicePipeDelimiter": { "type": "array", "title": "StringSlicePipeDelimiter de/encodes the string slice to/from a SQL string.", @@ -2859,6 +2999,37 @@ "format": "date-time", "title": "NullTime implements sql.NullTime functionality." }, + "oAuth2AccessRequest": { + "type": "object", + "title": "Requester is a token endpoint's request context.", + "properties": { + "client_id": { + "description": "ClientID is the identifier of the OAuth 2.0 client.", + "type": "string" + }, + "grant_types": { + "description": "GrantTypes is the requests grant types.", + "type": "array", + "items": { + "type": "string" + } + }, + "granted_audience": { + "description": "GrantedAudience is the list of audiences granted to the OAuth 2.0 client.", + "type": "array", + "items": { + "type": "string" + } + }, + "granted_scopes": { + "description": "GrantedScopes is the list of scopes granted to the OAuth 2.0 client.", + "type": "array", + "items": { + "type": "string" + } + } + } + }, "oAuth2Client": { "type": "object", "title": "Client represents an OAuth 2.0 Client.", @@ -3256,6 +3427,12 @@ "type": "string" } }, + "requester": { + "$ref": "#/definitions/oAuth2AccessRequest" + }, + "session": { + "$ref": "#/definitions/Session" + }, "subject": { "description": "Subject is the identifier of the authenticated end-user.", "type": "string"