From e5502008d3e64c3f7cec2cb799694262b2270a84 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Thu, 17 Dec 2020 11:26:53 +0300 Subject: [PATCH 01/49] feat: add auth grant jwt support --- driver/config/provider.go | 20 ++ driver/registry.go | 2 + driver/registry_base.go | 23 +++ driver/registry_sql.go | 5 + go.mod | 3 + go.sum | 12 +- grant/jwtbearer/error.go | 13 ++ grant/jwtbearer/grant.go | 35 ++++ grant/jwtbearer/handler.go | 118 ++++++++++++ grant/jwtbearer/manager.go | 31 ++++ grant/jwtbearer/registry.go | 16 ++ grant/jwtbearer/request.go | 24 +++ grant/jwtbearer/validator.go | 32 ++++ persistence/definitions.go | 2 + ...145331_grant_jwk_bearer.cockroach.down.sql | 1 + ...11145331_grant_jwk_bearer.cockroach.up.sql | 13 ++ ...1211145331_grant_jwk_bearer.mysql.down.sql | 1 + ...201211145331_grant_jwk_bearer.mysql.up.sql | 13 ++ ...1145331_grant_jwk_bearer.postgres.down.sql | 1 + ...211145331_grant_jwk_bearer.postgres.up.sql | 13 ++ ...211145331_grant_jwk_bearer.sqlite.down.sql | 1 + ...01211145331_grant_jwk_bearer.sqlite.up.sql | 13 ++ persistence/sql/persister_grant_jwk.go | 174 ++++++++++++++++++ spec/config.json | 42 ++++- x/fosite_storer.go | 1 + 25 files changed, 605 insertions(+), 4 deletions(-) create mode 100644 grant/jwtbearer/error.go create mode 100644 grant/jwtbearer/grant.go create mode 100644 grant/jwtbearer/handler.go create mode 100644 grant/jwtbearer/manager.go create mode 100644 grant/jwtbearer/registry.go create mode 100644 grant/jwtbearer/request.go create mode 100644 grant/jwtbearer/validator.go create mode 100644 persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql create mode 100644 persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql create mode 100644 persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql create mode 100644 persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql create mode 100644 persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql create mode 100644 persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql create mode 100644 persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql create mode 100644 persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql create mode 100644 persistence/sql/persister_grant_jwk.go diff --git a/driver/config/provider.go b/driver/config/provider.go index 56cbb88b7ce..b7e5c87a74d 100644 --- a/driver/config/provider.go +++ b/driver/config/provider.go @@ -64,6 +64,10 @@ const ( KeyExposeOAuth2Debug = "oauth2.expose_internal_errors" KeyOAuth2LegacyErrors = "oauth2.include_legacy_error_fields" KeyExcludeNotBeforeClaim = "oauth2.exclude_not_before_claim" + KeyOAuth2GrantJWTClientAuthOptional = "oauth2.grant.jwt.client_auth_optional" + KeyOAuth2GrantJWTIDOptional = "oauth2.grant.jwt.id_optional" + KeyOAuth2GrantJWTIssuedDateOptional = "oauth2.grant.jwt.issued_date_optional" + KeyOAuth2GrantJWTMaxDuration = "oauth2.grant.jwt.max_duration" ) const DSNMemory = "memory" @@ -423,3 +427,19 @@ func (p *Provider) CGroupsV1AutoMaxProcsEnabled() bool { func (p *Provider) GrantAllClientCredentialsScopesPerDefault() bool { return p.p.Bool(KeyGrantAllClientCredentialsScopesPerDefault) } + +func (p *Provider) GrantJWTClientAuthOptional() bool { + return p.p.Bool(KeyOAuth2GrantJWTClientAuthOptional) +} + +func (p *Provider) GrantJWTIDOptional() bool { + return p.p.Bool(KeyOAuth2GrantJWTIDOptional) +} + +func (p *Provider) GrantJWTIssuedDateOptional() bool { + return p.p.Bool(KeyOAuth2GrantJWTIssuedDateOptional) +} + +func (p *Provider) GrantJWTMaxDuration() time.Duration { + return p.p.DurationF(KeyOAuth2GrantJWTMaxDuration, time.Hour*24*30) +} diff --git a/driver/registry.go b/driver/registry.go index e27e05ae11a..dfcf45ed8f8 100644 --- a/driver/registry.go +++ b/driver/registry.go @@ -3,6 +3,7 @@ package driver import ( "context" + "github.com/ory/hydra/grant/jwtbearer" "github.com/pkg/errors" "github.com/ory/x/errorsx" @@ -43,6 +44,7 @@ type Registry interface { client.Registry consent.Registry jwk.Registry + jwtbearer.Registry oauth2.Registry PrometheusManager() *prometheus.MetricsManager x.TracingProvider diff --git a/driver/registry_base.go b/driver/registry_base.go index e1013c76729..a012c062d88 100644 --- a/driver/registry_base.go +++ b/driver/registry_base.go @@ -12,6 +12,7 @@ import ( "github.com/pkg/errors" + "github.com/ory/hydra/grant/jwtbearer" "github.com/ory/hydra/x/oauth2cors" "github.com/ory/hydra/persistence" @@ -46,6 +47,8 @@ type RegistryBase struct { C *config.Provider ch *client.Handler fh fosite.Hasher + jwtGrantH *jwtbearer.Handler + jwtGrantV *jwtbearer.GrantValidator kh *jwk.Handler cv *client.Validator hh *healthx.Handler @@ -107,6 +110,7 @@ func (m *RegistryBase) RegisterRoutes(admin *x.RouterAdmin, public *x.RouterPubl m.KeyHandler().SetRoutes(admin, public, m.OAuth2AwareMiddleware()) m.ClientHandler().SetRoutes(admin) m.OAuth2Handler().SetRoutes(admin, public, m.OAuth2AwareMiddleware()) + m.JWTGrantHandler().SetRoutes(admin) } func (m *RegistryBase) BuildVersion() string { @@ -186,6 +190,20 @@ func (m *RegistryBase) KeyHandler() *jwk.Handler { return m.kh } +func (m *RegistryBase) JWTGrantHandler() *jwtbearer.Handler { + if m.jwtGrantH == nil { + m.jwtGrantH = jwtbearer.NewHandler(m.r) + } + return m.jwtGrantH +} + +func (m *RegistryBase) GrantValidator() *jwtbearer.GrantValidator { + if m.jwtGrantV == nil { + m.jwtGrantV = jwtbearer.NewGrantValidator() + } + return m.jwtGrantV +} + func (m *RegistryBase) HealthHandler() *healthx.Handler { if m.hh == nil { m.hh = healthx.NewHandler(m.Writer(), m.buildVersion, healthx.ReadyCheckers{ @@ -269,6 +287,10 @@ func (m *RegistryBase) oAuth2Config() *compose.Config { EnablePKCEPlainChallengeMethod: false, TokenURL: urlx.AppendPaths(m.C.PublicURL(), oauth2.TokenPath).String(), RedirectSecureChecker: x.IsRedirectURISecure(m.C), + JWTSkipClientAuth: m.C.GrantJWTClientAuthOptional(), + JWTIDOptional: m.C.GrantJWTIDOptional(), + JWTIssuedDateOptional: m.C.GrantJWTIssuedDateOptional(), + JWTMaxDuration: m.C.GrantJWTMaxDuration(), } } @@ -323,6 +345,7 @@ func (m *RegistryBase) OAuth2Provider() fosite.OAuth2Provider { compose.OAuth2TokenRevocationFactory, compose.OAuth2TokenIntrospectionFactory, compose.OAuth2PKCEFactory, + compose.OAuth2AuthorizeJWTGrantFactory, ) } return m.fop diff --git a/driver/registry_sql.go b/driver/registry_sql.go index c345cdf52c6..1943f66601e 100644 --- a/driver/registry_sql.go +++ b/driver/registry_sql.go @@ -5,6 +5,7 @@ import ( "strings" "time" + "github.com/ory/hydra/grant/jwtbearer" "github.com/ory/x/errorsx" "github.com/luna-duclos/instrumentedsql" @@ -123,3 +124,7 @@ func (m *RegistrySQL) OAuth2Storage() x.FositeStorer { func (m *RegistrySQL) KeyManager() jwk.Manager { return m.Persister() } + +func (m *RegistrySQL) GrantManager() jwtbearer.GrantManager { + return m.Persister() +} diff --git a/go.mod b/go.mod index 09423890825..f46dd454037 100644 --- a/go.mod +++ b/go.mod @@ -74,8 +74,11 @@ require ( golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5 golang.org/x/tools v0.1.0 + golang.org/x/lint v0.0.0-20200302205851-738671d3881b // indirect gopkg.in/DataDog/dd-trace-go.v1 v1.27.1 gopkg.in/square/go-jose.v2 v2.5.1 ) replace github.com/gobuffalo/pop/v5 => github.com/gobuffalo/pop/v5 v5.3.2-0.20201029132236-f36afb546df1 + +replace github.com/ory/fosite => github.com/TinkoffCreditSystems/fosite v0.36.1-0.20201216164135-6cf3d51701e5 diff --git a/go.sum b/go.sum index 9f4bc4d5872..26f01699c34 100644 --- a/go.sum +++ b/go.sum @@ -73,6 +73,9 @@ github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWX github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g= github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c= +github.com/StackExchange/wmi v0.0.0-20180116203802-5d049714c4a6/go.mod h1:3eOhrUMpNV+6aFIbp5/iudMxNCF27Vw2OZgy4xEx0Fg= +github.com/TinkoffCreditSystems/fosite v0.36.1-0.20201216164135-6cf3d51701e5 h1:FdOoaosdGzALG7uHQaX1LLzVmDxLOBbPjqR2aLWObmY= +github.com/TinkoffCreditSystems/fosite v0.36.1-0.20201216164135-6cf3d51701e5/go.mod h1:37r59qkOSPueYKmaA7EHiXrDMF1B+XPN+MgkZgTRg3Y= github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM= github.com/ajg/form v0.0.0-20160822230020-523a5da1a92f h1:zvClvFQwU++UpIUBGC8YmDlfhUrweEy1R1Fj1gu5iIM= github.com/ajg/form v0.0.0-20160822230020-523a5da1a92f/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY= @@ -681,6 +684,8 @@ github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/mock v1.5.0 h1:jlYHihg//f7RRwuPfptm04yp4s7O6Kw8EZiVYIGcH0g= github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= +github.com/golang/mock v1.4.4 h1:l75CXGRSwbaYNpl/Z2X1XIIAMSCquvXgpVZDhwEIJsc= +github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -743,6 +748,7 @@ github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gopherjs/gopherjs v0.0.0-20181004151105-1babbf986f6f/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= +github.com/gookit/color v1.2.5/go.mod h1:AhIE+pS6D4Ql0SQWbBeXPHw7gY0/sjHoA4s/n1KB7xg= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg= @@ -1084,6 +1090,7 @@ github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJ github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/moul/http2curl v0.0.0-20170919181001-9ac6cf4d929b/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ= +github.com/mozilla/tls-observatory v0.0.0-20200317151703-4fa42e1c2dee/go.mod h1:SrKMQvPiws7F7iqYp8/TX+IhxCYhzr6N/1yb8cwHsGk= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg= @@ -1360,7 +1367,6 @@ github.com/smallstep/truststore v0.9.6 h1:vNzEJmaJL0XOZD8uouXLmYu4/aP1UQ/wHUopH3 github.com/smallstep/truststore v0.9.6/go.mod h1:HwHKRcBi0RUxxw1LYDpTRhYC4jZUuxPpkHdVonlkoDM= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/goconvey v0.0.0-20180222194500-ef6db91d284a/go.mod h1:XDJAKZRPZ1CvBcN2aX5YOUTYGHki24fSF0Iv48Ibg0s= github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= @@ -1686,7 +1692,6 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4 h1:b0LrWgu8+q7z4J+0Y3Umo5q1dL7NXBkKBWkaVkAq17E= golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20181003184128-c57b0facaced/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1793,6 +1798,8 @@ golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXR golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/term v0.0.0-20201117132131-f5c789dd3221 h1:/ZHdbVpdR/jk3g30/d4yUL0JU9kksj8+F/bnQUVLGDM= +golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= @@ -2045,7 +2052,6 @@ gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/mail.v2 v2.0.0-20180731213649-a0242b2233b4/go.mod h1:htwXN1Qh09vZJ1NVKxQqHPBaCBbzKhp5GzuJEA4VJWw= gopkg.in/mail.v2 v2.3.1/go.mod h1:htwXN1Qh09vZJ1NVKxQqHPBaCBbzKhp5GzuJEA4VJWw= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= -gopkg.in/square/go-jose.v2 v2.1.9/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/square/go-jose.v2 v2.5.1 h1:7odma5RETjNHWJnR32wx8t+Io4djHE1PqxCFx3iiZ2w= gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= diff --git a/grant/jwtbearer/error.go b/grant/jwtbearer/error.go new file mode 100644 index 00000000000..91a2a1dc4c3 --- /dev/null +++ b/grant/jwtbearer/error.go @@ -0,0 +1,13 @@ +package jwtbearer + +import ( + "net/http" + + "github.com/ory/fosite" +) + +var ErrMissingRequiredParameter = &fosite.RFC6749Error{ + DescriptionField: "One of the required parameters is missing. Check your request parameters.", + ErrorField: "missing_required_parameter", + CodeField: http.StatusBadRequest, +} diff --git a/grant/jwtbearer/grant.go b/grant/jwtbearer/grant.go new file mode 100644 index 00000000000..01a3bd745cc --- /dev/null +++ b/grant/jwtbearer/grant.go @@ -0,0 +1,35 @@ +package jwtbearer + +import ( + "time" +) + +type Grant struct { + ID string `json:"id"` + + // Issuer identifies the principal that issued the JWT assertion (same as iss claim in jwt). + Issuer string `json:"issuer"` + + // Subject identifies the principal that is the subject of the JWT. + Subject string `json:"subject"` + + // Scope contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) + Scope []string `json:"scope"` + + // PublicKeys contains information about public key issued by Issuer, that will be used to check JWT assertion signature. + PublicKey PublicKey `json:"public_key"` + + // CreatedAt indicates, when grant was created. + CreatedAt time.Time `json:"created_at"` + + // ExpiresAt indicates, when grant will expire, so we will reject assertion from Issuer targeting Subject. + ExpiresAt time.Time `json:"expires_at"` +} + +type PublicKey struct { + // Set is basically a name for a group(set) of keys. + Set string `json:"set"` + + // KeyID is key unique identifier (same as kid header in jws/jwt). + KeyID string `json:"kid"` +} diff --git a/grant/jwtbearer/handler.go b/grant/jwtbearer/handler.go new file mode 100644 index 00000000000..364ee0ddf69 --- /dev/null +++ b/grant/jwtbearer/handler.go @@ -0,0 +1,118 @@ +package jwtbearer + +import ( + "encoding/json" + "net/http" + "time" + + "github.com/google/uuid" + "github.com/ory/x/errorsx" + "github.com/ory/x/pagination" + + "github.com/ory/hydra/x" + + "github.com/julienschmidt/httprouter" +) + +const ( + grantJWTBearerPath = "/grants/jwt-bearer" +) + +type Handler struct { + registry InternalRegistry +} + +func NewHandler(r InternalRegistry) *Handler { + return &Handler{registry: r} +} + +func (h *Handler) SetRoutes(admin *x.RouterAdmin) { + admin.GET(grantJWTBearerPath+"/:id", h.Get) + admin.GET(grantJWTBearerPath, h.List) + + admin.POST(grantJWTBearerPath, h.Create) + + admin.DELETE(grantJWTBearerPath+"/:id", h.Delete) +} + +func (h *Handler) Create(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { + var grantRequest grantRequest + + if err := json.NewDecoder(r.Body).Decode(&grantRequest); err != nil { + h.registry.Writer().WriteError(w, r, errorsx.WithStack(err)) + return + } + + if err := h.registry.GrantValidator().Validate(grantRequest); err != nil { + h.registry.Writer().WriteError(w, r, err) + return + } + + grant := Grant{ + ID: uuid.New().String(), + Issuer: grantRequest.Issuer, + Subject: grantRequest.Subject, + Scope: grantRequest.Scope, + PublicKey: PublicKey{ + Set: grantRequest.Issuer, // group all keys by issuer, so set=issuer + KeyID: grantRequest.PublicKeyJWK.KeyID, + }, + CreatedAt: time.Now().UTC().Round(time.Second), + ExpiresAt: grantRequest.ExpiresAt.UTC().Round(time.Second), + } + + if err := h.registry.GrantManager().CreateGrant(r.Context(), grant, grantRequest.PublicKeyJWK); err != nil { + h.registry.Writer().WriteError(w, r, err) + return + } + + h.registry.Writer().WriteCreated(w, r, grantJWTBearerPath+"/"+grant.ID, &grant) +} + +func (h *Handler) Get(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { + var id = ps.ByName("id") + + grant, err := h.registry.GrantManager().GetConcreteGrant(r.Context(), id) + if err != nil { + h.registry.Writer().WriteError(w, r, err) + return + } + + h.registry.Writer().Write(w, r, grant) +} + +func (h *Handler) Delete(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { + var id = ps.ByName("id") + + if err := h.registry.GrantManager().DeleteGrant(r.Context(), id); err != nil { + h.registry.Writer().WriteError(w, r, err) + return + } + + w.WriteHeader(http.StatusNoContent) +} + +func (h *Handler) List(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { + limit, offset := pagination.Parse(r, 100, 0, 500) + var optionalIssuer = ps.ByName("issuer") + + grants, err := h.registry.GrantManager().GetGrants(r.Context(), limit, offset, optionalIssuer) + if err != nil { + h.registry.Writer().WriteError(w, r, err) + return + } + + n, err := h.registry.GrantManager().CountGrants(r.Context()) + if err != nil { + h.registry.Writer().WriteError(w, r, err) + return + } + + pagination.Header(w, r.URL, n, limit, offset) + + if grants == nil { + grants = []Grant{} + } + + h.registry.Writer().Write(w, r, grants) +} diff --git a/grant/jwtbearer/manager.go b/grant/jwtbearer/manager.go new file mode 100644 index 00000000000..5cd4a81c141 --- /dev/null +++ b/grant/jwtbearer/manager.go @@ -0,0 +1,31 @@ +package jwtbearer + +import ( + "context" + "time" + + "gopkg.in/square/go-jose.v2" +) + +type GrantManager interface { + CreateGrant(ctx context.Context, g Grant, publicKey jose.JSONWebKey) error + GetConcreteGrant(ctx context.Context, id string) (Grant, error) + DeleteGrant(ctx context.Context, id string) error + GetGrants(ctx context.Context, limit, offset int, optionalIssuer string) ([]Grant, error) + CountGrants(ctx context.Context) (int, error) +} + +type SQLData struct { + ID string `db:"id"` + Issuer string `db:"issuer"` + Subject string `db:"subject"` + Scope string `db:"scope"` + KeySet string `db:"key_set"` + KeyID string `db:"key_id"` + CreatedAt time.Time `db:"created_at"` + ExpiresAt time.Time `db:"expires_at"` +} + +func (SQLData) TableName() string { + return "hydra_grant_jwk" +} diff --git a/grant/jwtbearer/registry.go b/grant/jwtbearer/registry.go new file mode 100644 index 00000000000..b22c11c22e9 --- /dev/null +++ b/grant/jwtbearer/registry.go @@ -0,0 +1,16 @@ +package jwtbearer + +import ( + "github.com/ory/hydra/x" +) + +type InternalRegistry interface { + x.RegistryWriter + x.RegistryLogger + Registry +} + +type Registry interface { + GrantManager() GrantManager + GrantValidator() *GrantValidator +} diff --git a/grant/jwtbearer/request.go b/grant/jwtbearer/request.go new file mode 100644 index 00000000000..d111e6d651e --- /dev/null +++ b/grant/jwtbearer/request.go @@ -0,0 +1,24 @@ +package jwtbearer + +import ( + "time" + + "gopkg.in/square/go-jose.v2" +) + +type grantRequest struct { + // Issuer identifies the principal that issued the JWT assertion (same as iss claim in jwt). + Issuer string `json:"issuer"` + + // Subject identifies the principal that is the subject of the JWT. + Subject string `json:"subject"` + + // Scope contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) + Scope []string `json:"scope"` + + // PublicKeyJWK contains public key inå JWK format issued by Issuer, that will be used to check JWT assertion signature. + PublicKeyJWK jose.JSONWebKey `json:"jwk"` + + // ExpiresAt indicates, when grant will expire, so we will reject assertion from Issuer targeting Subject. + ExpiresAt time.Time `json:"expires_at"` +} diff --git a/grant/jwtbearer/validator.go b/grant/jwtbearer/validator.go new file mode 100644 index 00000000000..bdcba841f72 --- /dev/null +++ b/grant/jwtbearer/validator.go @@ -0,0 +1,32 @@ +package jwtbearer + +import ( + "github.com/ory/x/errorsx" +) + +type GrantValidator struct { +} + +func NewGrantValidator() *GrantValidator { + return &GrantValidator{} +} + +func (v *GrantValidator) Validate(request grantRequest) error { + if request.Issuer == "" { + return errorsx.WithStack(ErrMissingRequiredParameter.WithHint("Field 'issuer' is required.")) + } + + if request.Subject == "" { + return errorsx.WithStack(ErrMissingRequiredParameter.WithHint("Field 'subject' is required.")) + } + + if request.ExpiresAt.IsZero() { + return errorsx.WithStack(ErrMissingRequiredParameter.WithHint("Field 'expires_at' is required.")) + } + + if request.PublicKeyJWK.KeyID == "" { + return errorsx.WithStack(ErrMissingRequiredParameter.WithHint("Field 'jwk' must contain JWK with kid header.")) + } + + return nil +} diff --git a/persistence/definitions.go b/persistence/definitions.go index c3c6cfa84da..01172394e3e 100644 --- a/persistence/definitions.go +++ b/persistence/definitions.go @@ -5,6 +5,7 @@ import ( "github.com/ory/hydra/client" "github.com/ory/hydra/consent" + "github.com/ory/hydra/grant/jwtbearer" "github.com/ory/hydra/jwk" "github.com/ory/hydra/x" "github.com/ory/x/popx" @@ -18,6 +19,7 @@ type ( client.Manager x.FositeStorer jwk.Manager + jwtbearer.GrantManager MigrationStatus(ctx context.Context) (popx.MigrationStatuses, error) MigrateDown(context.Context, int) error diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql new file mode 100644 index 00000000000..e8935d52fb9 --- /dev/null +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql @@ -0,0 +1 @@ +DROP TABLE IF EXISTS hydra_grant_jwk; diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql new file mode 100644 index 00000000000..0179c7585fb --- /dev/null +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql @@ -0,0 +1,13 @@ +CREATE TABLE IF NOT EXISTS hydra_grant_jwk +( + id UUID PRIMARY KEY, + issuer VARCHAR(255) NOT NULL, + subject VARCHAR(255) NOT NULL, + scope TEXT NOT NULL, + key_set varchar(255) NOT NULL, + key_id varchar(255) NOT NULL, + created_at TIMESTAMP DEFAULT NOW() NOT NULL, + expires_at TIMESTAMP NOT NULL, + UNIQUE (issuer, subject, key_id), + FOREIGN KEY (key_set, key_id) REFERENCES hydra_jwk (sid, kid) ON DELETE CASCADE +); diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql new file mode 100644 index 00000000000..e8935d52fb9 --- /dev/null +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql @@ -0,0 +1 @@ +DROP TABLE IF EXISTS hydra_grant_jwk; diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql new file mode 100644 index 00000000000..83f69413c7b --- /dev/null +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql @@ -0,0 +1,13 @@ +CREATE TABLE IF NOT EXISTS hydra_grant_jwk +( + id VARCHAR(36) PRIMARY KEY, + issuer VARCHAR(255) NOT NULL, + subject VARCHAR(255) NOT NULL, + scope TEXT NOT NULL, + key_set varchar(255) NOT NULL, + key_id varchar(255) NOT NULL, + created_at TIMESTAMP DEFAULT NOW() NOT NULL, + expires_at TIMESTAMP NOT NULL, + UNIQUE (issuer, subject, key_id), + FOREIGN KEY (key_set, key_id) REFERENCES hydra_jwk (sid, kid) ON DELETE CASCADE +); diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql new file mode 100644 index 00000000000..e8935d52fb9 --- /dev/null +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql @@ -0,0 +1 @@ +DROP TABLE IF EXISTS hydra_grant_jwk; diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql new file mode 100644 index 00000000000..0179c7585fb --- /dev/null +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql @@ -0,0 +1,13 @@ +CREATE TABLE IF NOT EXISTS hydra_grant_jwk +( + id UUID PRIMARY KEY, + issuer VARCHAR(255) NOT NULL, + subject VARCHAR(255) NOT NULL, + scope TEXT NOT NULL, + key_set varchar(255) NOT NULL, + key_id varchar(255) NOT NULL, + created_at TIMESTAMP DEFAULT NOW() NOT NULL, + expires_at TIMESTAMP NOT NULL, + UNIQUE (issuer, subject, key_id), + FOREIGN KEY (key_set, key_id) REFERENCES hydra_jwk (sid, kid) ON DELETE CASCADE +); diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql new file mode 100644 index 00000000000..e8935d52fb9 --- /dev/null +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql @@ -0,0 +1 @@ +DROP TABLE IF EXISTS hydra_grant_jwk; diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql new file mode 100644 index 00000000000..787db500cf5 --- /dev/null +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql @@ -0,0 +1,13 @@ +CREATE TABLE IF NOT EXISTS hydra_grant_jwk +( + id UUID PRIMARY KEY, + issuer VARCHAR(255) NOT NULL, + subject VARCHAR(255) NOT NULL, + scope TEXT NOT NULL, + key_set varchar(255) NOT NULL, + key_id varchar(255) NOT NULL, + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + expires_at TIMESTAMP NOT NULL, + UNIQUE (issuer, subject, key_id), + FOREIGN KEY (key_set, key_id) REFERENCES hydra_jwk (sid, kid) ON DELETE CASCADE +); diff --git a/persistence/sql/persister_grant_jwk.go b/persistence/sql/persister_grant_jwk.go new file mode 100644 index 00000000000..7751233aaef --- /dev/null +++ b/persistence/sql/persister_grant_jwk.go @@ -0,0 +1,174 @@ +package sql + +import ( + "context" + "strings" + "time" + + "github.com/ory/hydra/grant/jwtbearer" + "github.com/ory/x/errorsx" + "gopkg.in/square/go-jose.v2" + + "github.com/ory/x/sqlcon" +) + +var _ jwtbearer.GrantManager = &Persister{} + +const scopeSeparator = " " + +func (p *Persister) CreateGrant(ctx context.Context, g jwtbearer.Grant, publicKey jose.JSONWebKey) error { + // add key, if it doesn't exist + if _, err := p.GetKey(ctx, g.PublicKey.Set, g.PublicKey.KeyID); err != nil { + if errorsx.Cause(err) != sqlcon.ErrNoRows { + return err + } + + if err = p.AddKey(ctx, g.PublicKey.Set, &publicKey); err != nil { + return err + } + } + + data := p.sqlDataFromJWTGrant(g) + + return sqlcon.HandleError(p.Connection(ctx).Create(&data)) +} + +func (p *Persister) GetConcreteGrant(ctx context.Context, id string) (jwtbearer.Grant, error) { + var data jwtbearer.SQLData + if err := p.Connection(ctx).Where("id = ?", id).First(&data); err != nil { + return jwtbearer.Grant{}, sqlcon.HandleError(err) + } + + return p.jwtGrantFromSQlData(data), nil +} + +func (p *Persister) DeleteGrant(ctx context.Context, id string) error { + return sqlcon.HandleError(p.Connection(ctx).Destroy(&jwtbearer.SQLData{ID: id})) +} + +func (p *Persister) GetGrants(ctx context.Context, limit, offset int, optionalIssuer string) ([]jwtbearer.Grant, error) { + grantsData := make([]jwtbearer.SQLData, 0) + + query := p.Connection(ctx).Paginate(offset/limit+1, limit).Order("id") + if optionalIssuer != "" { + query = query.Where("issuer = ?", optionalIssuer) + } + + if err := query.All(&grantsData); err != nil { + return nil, sqlcon.HandleError(err) + } + + grants := make([]jwtbearer.Grant, 0, len(grantsData)) + for _, data := range grantsData { + grants = append(grants, p.jwtGrantFromSQlData(data)) + } + + return grants, nil +} + +func (p *Persister) CountGrants(ctx context.Context) (int, error) { + n, err := p.Connection(ctx).Count(&jwtbearer.SQLData{}) + return n, sqlcon.HandleError(err) +} + +func (p *Persister) GetPublicKey(ctx context.Context, issuer string, subject string, keyId string) (*jose.JSONWebKey, error) { + var data jwtbearer.SQLData + query := p.Connection(ctx). + Where("issuer = ?", issuer). + Where("subject = ?", subject). + Where("key_id = ?", keyId) + if err := query.First(&data); err != nil { + return nil, sqlcon.HandleError(err) + } + + keySet, err := p.GetKey(ctx, data.KeySet, keyId) + if err != nil { + return nil, err + } + + return &keySet.Keys[0], nil +} + +func (p *Persister) GetPublicKeys(ctx context.Context, issuer string, subject string) (*jose.JSONWebKeySet, error) { + grantsData := make([]jwtbearer.SQLData, 0) + query := p.Connection(ctx). + Where("issuer = ?", issuer). + Where("subject = ?", subject) + if err := query.All(&grantsData); err != nil { + return nil, sqlcon.HandleError(err) + } + + if len(grantsData) == 0 { + return &jose.JSONWebKeySet{}, nil + } + + // because keys must be grouped by issuer, we can retrieve set name from first grant + keySet, err := p.GetKeySet(ctx, grantsData[0].KeySet) + if err != nil { + return nil, err + } + + // find keys, that belong to grants + filteredKeySet := &jose.JSONWebKeySet{} + for _, data := range grantsData { + if keys := keySet.Key(data.KeyID); len(keys) > 0 { + filteredKeySet.Keys = append(filteredKeySet.Keys, keys...) + } + } + + return filteredKeySet, nil +} + +func (p *Persister) GetPublicKeyScopes(ctx context.Context, issuer string, subject string, keyId string) ([]string, error) { + var data jwtbearer.SQLData + query := p.Connection(ctx). + Where("issuer = ?", issuer). + Where("subject = ?", subject). + Where("key_id = ?", keyId) + if err := query.First(&data); err != nil { + return nil, sqlcon.HandleError(err) + } + + return strings.Split(data.Scope, scopeSeparator), nil +} + +func (p *Persister) IsJWTUsed(ctx context.Context, jti string) (bool, error) { + err := p.ClientAssertionJWTValid(ctx, jti) + if err != nil { + return true, nil + } + + return false, nil +} + +func (p *Persister) MarkJWTUsedForTime(ctx context.Context, jti string, exp time.Time) error { + return p.SetClientAssertionJWT(ctx, jti, exp) +} + +func (p *Persister) sqlDataFromJWTGrant(g jwtbearer.Grant) jwtbearer.SQLData { + return jwtbearer.SQLData{ + ID: g.ID, + Issuer: g.Issuer, + Subject: g.Subject, + Scope: strings.Join(g.Scope, " "), + KeySet: g.PublicKey.Set, + KeyID: g.PublicKey.KeyID, + CreatedAt: g.CreatedAt, + ExpiresAt: g.ExpiresAt, + } +} + +func (p *Persister) jwtGrantFromSQlData(data jwtbearer.SQLData) jwtbearer.Grant { + return jwtbearer.Grant{ + ID: data.ID, + Issuer: data.Issuer, + Subject: data.Subject, + Scope: strings.Split(data.Scope, scopeSeparator), + PublicKey: jwtbearer.PublicKey{ + Set: data.KeySet, + KeyID: data.KeyID, + }, + CreatedAt: data.CreatedAt, + ExpiresAt: data.ExpiresAt, + } +} diff --git a/spec/config.json b/spec/config.json index ffbae139da7..1b04acff0c6 100644 --- a/spec/config.json +++ b/spec/config.json @@ -245,6 +245,37 @@ } } } + }, + "grantJWT": { + "type": "object", + "additionalProperties": false, + "description": "Authorization Grants using JWT configuration", + "properties": { + "client_auth_optional": { + "type": "boolean", + "description": "If false, client authentication is required to get access token.", + "default": false + }, + "id_optional": { + "type": "boolean", + "description": "If false, JTI claim must be present in JWT assertion.", + "default": false + }, + "issued_date_optional": { + "type": "boolean", + "description": "If false, IAT claim must be present in JWT assertion.", + "default": false + }, + "max_duration": { + "description": "Configures how long JWT assertion is considered valid, since being issued.", + "default": "720h", + "allOf": [ + { + "$ref": "#/definitions/duration" + } + ] + } + } } }, "properties": { @@ -853,6 +884,15 @@ ] } } + }, + "grant": { + "type": "object", + "additionalProperties": false, + "properties": { + "jwt": { + "$ref": "#/definitions/grantJWT" + } + } } } }, @@ -1113,4 +1153,4 @@ } } } -} \ No newline at end of file +} diff --git a/x/fosite_storer.go b/x/fosite_storer.go index bc120affa3e..38323d83b34 100644 --- a/x/fosite_storer.go +++ b/x/fosite_storer.go @@ -35,6 +35,7 @@ type FositeStorer interface { oauth2.CoreStorage openid.OpenIDConnectRequestStorage pkce.PKCERequestStorage + oauth2.JWTAuthGrantStorage RevokeRefreshToken(ctx context.Context, requestID string) error From ac8b3f4109cd0dcf64d954df3e8ae1905e9dc6d7 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Thu, 17 Dec 2020 13:21:26 +0300 Subject: [PATCH 02/49] fix: mysql migration for grant jwk and table naming --- grant/jwtbearer/manager.go | 2 +- ...211145331_grant_jwk_bearer.cockroach.down.sql | 2 +- ...01211145331_grant_jwk_bearer.cockroach.up.sql | 4 ++-- ...0201211145331_grant_jwk_bearer.mysql.down.sql | 2 +- .../20201211145331_grant_jwk_bearer.mysql.up.sql | 16 ++++++++-------- ...1211145331_grant_jwk_bearer.postgres.down.sql | 2 +- ...201211145331_grant_jwk_bearer.postgres.up.sql | 4 ++-- ...201211145331_grant_jwk_bearer.sqlite.down.sql | 2 +- ...20201211145331_grant_jwk_bearer.sqlite.up.sql | 4 ++-- x/clean_sql.go | 2 ++ 10 files changed, 21 insertions(+), 19 deletions(-) diff --git a/grant/jwtbearer/manager.go b/grant/jwtbearer/manager.go index 5cd4a81c141..78795fbc864 100644 --- a/grant/jwtbearer/manager.go +++ b/grant/jwtbearer/manager.go @@ -27,5 +27,5 @@ type SQLData struct { } func (SQLData) TableName() string { - return "hydra_grant_jwk" + return "hydra_oauth2_grant_jwk" } diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql index e8935d52fb9..c2d847b9c8c 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql @@ -1 +1 @@ -DROP TABLE IF EXISTS hydra_grant_jwk; +DROP TABLE IF EXISTS hydra_oauth2_grant_jwk; diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql index 0179c7585fb..c7a4082aca4 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql @@ -1,4 +1,4 @@ -CREATE TABLE IF NOT EXISTS hydra_grant_jwk +CREATE TABLE IF NOT EXISTS hydra_oauth2_grant_jwk ( id UUID PRIMARY KEY, issuer VARCHAR(255) NOT NULL, @@ -7,7 +7,7 @@ CREATE TABLE IF NOT EXISTS hydra_grant_jwk key_set varchar(255) NOT NULL, key_id varchar(255) NOT NULL, created_at TIMESTAMP DEFAULT NOW() NOT NULL, - expires_at TIMESTAMP NOT NULL, + expires_at TIMESTAMP DEFAULT NOW() NOT NULL, UNIQUE (issuer, subject, key_id), FOREIGN KEY (key_set, key_id) REFERENCES hydra_jwk (sid, kid) ON DELETE CASCADE ); diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql index e8935d52fb9..c2d847b9c8c 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql @@ -1 +1 @@ -DROP TABLE IF EXISTS hydra_grant_jwk; +DROP TABLE IF EXISTS hydra_oauth2_grant_jwk; diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql index 83f69413c7b..757a3109c1a 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql @@ -1,13 +1,13 @@ -CREATE TABLE IF NOT EXISTS hydra_grant_jwk +CREATE TABLE IF NOT EXISTS hydra_oauth2_grant_jwk ( id VARCHAR(36) PRIMARY KEY, - issuer VARCHAR(255) NOT NULL, - subject VARCHAR(255) NOT NULL, - scope TEXT NOT NULL, - key_set varchar(255) NOT NULL, - key_id varchar(255) NOT NULL, - created_at TIMESTAMP DEFAULT NOW() NOT NULL, - expires_at TIMESTAMP NOT NULL, + issuer VARCHAR(255) NOT NULL, + subject VARCHAR(255) NOT NULL, + scope TEXT NOT NULL, + key_set varchar(255) NOT NULL, + key_id varchar(255) NOT NULL, + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, + expires_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, UNIQUE (issuer, subject, key_id), FOREIGN KEY (key_set, key_id) REFERENCES hydra_jwk (sid, kid) ON DELETE CASCADE ); diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql index e8935d52fb9..c2d847b9c8c 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql @@ -1 +1 @@ -DROP TABLE IF EXISTS hydra_grant_jwk; +DROP TABLE IF EXISTS hydra_oauth2_grant_jwk; diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql index 0179c7585fb..c7a4082aca4 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql @@ -1,4 +1,4 @@ -CREATE TABLE IF NOT EXISTS hydra_grant_jwk +CREATE TABLE IF NOT EXISTS hydra_oauth2_grant_jwk ( id UUID PRIMARY KEY, issuer VARCHAR(255) NOT NULL, @@ -7,7 +7,7 @@ CREATE TABLE IF NOT EXISTS hydra_grant_jwk key_set varchar(255) NOT NULL, key_id varchar(255) NOT NULL, created_at TIMESTAMP DEFAULT NOW() NOT NULL, - expires_at TIMESTAMP NOT NULL, + expires_at TIMESTAMP DEFAULT NOW() NOT NULL, UNIQUE (issuer, subject, key_id), FOREIGN KEY (key_set, key_id) REFERENCES hydra_jwk (sid, kid) ON DELETE CASCADE ); diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql index e8935d52fb9..c2d847b9c8c 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql @@ -1 +1 @@ -DROP TABLE IF EXISTS hydra_grant_jwk; +DROP TABLE IF EXISTS hydra_oauth2_grant_jwk; diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql index 787db500cf5..58265f0cc5f 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql @@ -1,4 +1,4 @@ -CREATE TABLE IF NOT EXISTS hydra_grant_jwk +CREATE TABLE IF NOT EXISTS hydra_oauth2_grant_jwk ( id UUID PRIMARY KEY, issuer VARCHAR(255) NOT NULL, @@ -7,7 +7,7 @@ CREATE TABLE IF NOT EXISTS hydra_grant_jwk key_set varchar(255) NOT NULL, key_id varchar(255) NOT NULL, created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, - expires_at TIMESTAMP NOT NULL, + expires_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP NOT NULL, UNIQUE (issuer, subject, key_id), FOREIGN KEY (key_set, key_id) REFERENCES hydra_jwk (sid, kid) ON DELETE CASCADE ); diff --git a/x/clean_sql.go b/x/clean_sql.go index 30e85d4765a..21f343ecfe4 100644 --- a/x/clean_sql.go +++ b/x/clean_sql.go @@ -24,6 +24,7 @@ func CleanSQL(t *testing.T, db *sqlx.DB) { "hydra_oauth2_obfuscated_authentication_session", "hydra_oauth2_logout_request", "hydra_oauth2_jti_blacklist", + "hydra_oauth2_grant_jwk", "hydra_jwk", "hydra_client", // Migrations @@ -56,6 +57,7 @@ func CleanSQLPop(t *testing.T, c *pop.Connection) { "hydra_oauth2_obfuscated_authentication_session", "hydra_oauth2_logout_request", "hydra_oauth2_jti_blacklist", + "hydra_oauth2_grant_jwk", "hydra_jwk", "hydra_client", // Migrations From 7474634f99842dc5b6be28628c25de1592745014 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Tue, 19 Jan 2021 20:03:19 +0300 Subject: [PATCH 03/49] fix: check grant existence on attempt to delete it --- grant/jwtbearer/manager.go | 2 +- persistence/sql/persister_grant_jwk.go | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/grant/jwtbearer/manager.go b/grant/jwtbearer/manager.go index 78795fbc864..2f9a4f7c20f 100644 --- a/grant/jwtbearer/manager.go +++ b/grant/jwtbearer/manager.go @@ -19,7 +19,7 @@ type SQLData struct { ID string `db:"id"` Issuer string `db:"issuer"` Subject string `db:"subject"` - Scope string `db:"scope"` + Scope string `db:"scope"` KeySet string `db:"key_set"` KeyID string `db:"key_id"` CreatedAt time.Time `db:"created_at"` diff --git a/persistence/sql/persister_grant_jwk.go b/persistence/sql/persister_grant_jwk.go index 7751233aaef..e2a360874ed 100644 --- a/persistence/sql/persister_grant_jwk.go +++ b/persistence/sql/persister_grant_jwk.go @@ -43,7 +43,12 @@ func (p *Persister) GetConcreteGrant(ctx context.Context, id string) (jwtbearer. } func (p *Persister) DeleteGrant(ctx context.Context, id string) error { - return sqlcon.HandleError(p.Connection(ctx).Destroy(&jwtbearer.SQLData{ID: id})) + grant, err := p.GetConcreteGrant(ctx, id) + if err != nil { + return err + } + + return sqlcon.HandleError(p.Connection(ctx).Destroy(&jwtbearer.SQLData{ID: grant.ID})) } func (p *Persister) GetGrants(ctx context.Context, limit, offset int, optionalIssuer string) ([]jwtbearer.Grant, error) { From b67fd7f5bd9c1763bffa4192a3903aeb30f6dd08 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Wed, 20 Jan 2021 15:40:16 +0300 Subject: [PATCH 04/49] style: imports format --- driver/registry.go | 1 + grant/jwtbearer/handler.go | 1 + persistence/sql/persister_grant_jwk.go | 3 ++- 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/driver/registry.go b/driver/registry.go index dfcf45ed8f8..935f6e89e40 100644 --- a/driver/registry.go +++ b/driver/registry.go @@ -4,6 +4,7 @@ import ( "context" "github.com/ory/hydra/grant/jwtbearer" + "github.com/pkg/errors" "github.com/ory/x/errorsx" diff --git a/grant/jwtbearer/handler.go b/grant/jwtbearer/handler.go index 364ee0ddf69..076117dcd06 100644 --- a/grant/jwtbearer/handler.go +++ b/grant/jwtbearer/handler.go @@ -6,6 +6,7 @@ import ( "time" "github.com/google/uuid" + "github.com/ory/x/errorsx" "github.com/ory/x/pagination" diff --git a/persistence/sql/persister_grant_jwk.go b/persistence/sql/persister_grant_jwk.go index e2a360874ed..c07922d2b0a 100644 --- a/persistence/sql/persister_grant_jwk.go +++ b/persistence/sql/persister_grant_jwk.go @@ -5,9 +5,10 @@ import ( "strings" "time" + "gopkg.in/square/go-jose.v2" + "github.com/ory/hydra/grant/jwtbearer" "github.com/ory/x/errorsx" - "gopkg.in/square/go-jose.v2" "github.com/ory/x/sqlcon" ) From aabb2f07f88f6614cb917a09269aecebdc864e07 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Thu, 21 Jan 2021 15:54:23 +0300 Subject: [PATCH 05/49] docs: add swagger docs for grant API --- grant/jwtbearer/doc.go | 124 +++++++++++++++++++++++++++++++++++ grant/jwtbearer/grant.go | 2 +- grant/jwtbearer/handler.go | 79 +++++++++++++++++++++- grant/jwtbearer/request.go | 4 +- grant/jwtbearer/validator.go | 2 +- 5 files changed, 206 insertions(+), 5 deletions(-) create mode 100644 grant/jwtbearer/doc.go diff --git a/grant/jwtbearer/doc.go b/grant/jwtbearer/doc.go new file mode 100644 index 00000000000..4007f628303 --- /dev/null +++ b/grant/jwtbearer/doc.go @@ -0,0 +1,124 @@ +/* + * Copyright © 2015-2018 Aeneas Rekkas + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * @author Aeneas Rekkas + * @copyright 2015-2018 Aeneas Rekkas + * @license Apache-2.0 + */ + +// Package jwtbearer implements jwt-bearer grant management capabilities +// +// JWT-Bearer Grant represents resource owner (RO) permission for client to act on behalf of the RO using jwt. +// Client uses jwt to request access token to act as RO. +package jwtbearer + +import ( + "time" + + "github.com/ory/hydra/x" +) + +// swagger:model createJWTBearerGrantParams +type swaggerCreateJWTBearerGrantParams struct { + // The "issuer" identifies the principal that issued the JWT assertion (same as "iss" claim in JWT). + // required:true + // example: https://jwt-idp.example.com + Issuer string `json:"issuer"` + + // The "subject" identifies the principal that is the subject of the JWT. + // required:true + // example: mike@example.com + Subject string `json:"subject"` + + // The "scope" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) + // required:true + // example: ["openid", "offline"] + Scope []string `json:"scope"` + + // The "jwk" contains public key in JWK format issued by "issuer", that will be used to check JWT assertion signature. + // required:true + JWK x.JSONWebKey `json:"jwk"` + + // The "expires_at" indicates, when grant will expire, so we will reject assertion from "issuer" targeting "subject". + // required:true + ExpiresAt time.Time `json:"expires_at"` +} + +// swagger:parameters createJWTBearerGrant +type swaggerCreateJWTBearerGrantRequestParams struct { + // in: body + Body swaggerCreateJWTBearerGrantParams +} + +// swagger:parameters getJWTBearerGrantList +type swaggerGetJWTBearerGrantListParams struct { + // If Optional "issuer" is supplied, only jwt-bearer grants with this issuer will be returned. + // in: query + // required: false + Issuer string `json:"issuer"` +} + +// swagger:parameters getJWTBearerGrant deleteJWTBearerGrant updateJWTBearerGrant +type swaggerJWTBearerGrantQuery struct { + // The id of the desired grant + // in: path + // required: true + ID string `json:"id"` +} + +// swagger:response JWTBearerGrantList +type swaggerJWTBearerGrantList struct { + // in: body + // type: array + Body []swaggerJWTBearerGrant +} + +// swagger:model JWTBearerGrant +type swaggerJWTBearerGrant struct { + // example: 9edc811f-4e28-453c-9b46-4de65f00217f + ID string `json:"id"` + + // The "issuer" identifies the principal that issued the JWT assertion (same as "iss" claim in JWT). + // example: https://jwt-idp.example.com + Issuer string `json:"issuer"` + + // The "subject" identifies the principal that is the subject of the JWT. + // example: mike@example.com + Subject string `json:"subject"` + + // The "scope" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) + // example: ["openid", "offline"] + Scope []string `json:"scope"` + + // The "public_key" contains information about public key issued by "issuer", that will be used to check JWT assertion signature. + PublicKey swaggerJWTBearerGrantPublicKey `json:"public_key"` + + // The "created_at" indicates, when grant was created. + CreatedAt time.Time `json:"created_at"` + + // The "expires_at" indicates, when grant will expire, so we will reject assertion from "issuer" targeting "subject". + ExpiresAt time.Time `json:"expires_at"` +} + +// swagger:model JWTBearerGrantPublicKey +type swaggerJWTBearerGrantPublicKey struct { + // The "set" is basically a name for a group(set) of keys. Will be the same as "issuer" in grant. + // example: https://jwt-idp.example.com + Set string `json:"set"` + + // The "key_id" is key unique identifier (same as kid header in jws/jwt). + // example: 123e4567-e89b-12d3-a456-426655440000 + KeyID string `json:"kid"` +} diff --git a/grant/jwtbearer/grant.go b/grant/jwtbearer/grant.go index 01a3bd745cc..077d40d7a19 100644 --- a/grant/jwtbearer/grant.go +++ b/grant/jwtbearer/grant.go @@ -27,7 +27,7 @@ type Grant struct { } type PublicKey struct { - // Set is basically a name for a group(set) of keys. + // Set is basically a name for a group(set) of keys. Will be the same as Issuer in grant. Set string `json:"set"` // KeyID is key unique identifier (same as kid header in jws/jwt). diff --git a/grant/jwtbearer/handler.go b/grant/jwtbearer/handler.go index 076117dcd06..a89d8a6d730 100644 --- a/grant/jwtbearer/handler.go +++ b/grant/jwtbearer/handler.go @@ -36,8 +36,28 @@ func (h *Handler) SetRoutes(admin *x.RouterAdmin) { admin.DELETE(grantJWTBearerPath+"/:id", h.Delete) } +// swagger:route POST /grants/jwt-bearer admin createJWTBearerGrant +// +// Create a new jwt-bearer Grant. +// +// This endpoint is capable of creating a new jwt-bearer Grant, by doing this, we are granting permission for client to +// act on behalf of some resource owner. +// +// Consumes: +// - application/json +// +// Produces: +// - application/json +// +// Schemes: http, https +// +// Responses: +// 201: JWTBearerGrant +// 400: genericError +// 409: genericError +// 500: genericError func (h *Handler) Create(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { - var grantRequest grantRequest + var grantRequest createGrantRequest if err := json.NewDecoder(r.Body).Decode(&grantRequest); err != nil { h.registry.Writer().WriteError(w, r, errorsx.WithStack(err)) @@ -70,6 +90,25 @@ func (h *Handler) Create(w http.ResponseWriter, r *http.Request, _ httprouter.Pa h.registry.Writer().WriteCreated(w, r, grantJWTBearerPath+"/"+grant.ID, &grant) } +// swagger:route GET /grants/jwt-bearer/{id} admin getJWTBearerGrant +// +// Fetch jwt-bearer grant information. +// +// This endpoint returns jwt-bearer grant, identified by grant ID. Grant represents resource owner (RO) permission +// for client to act on behalf of the RO. In this case client uses jwt to request access token to act as RO. +// +// Consumes: +// - application/json +// +// Produces: +// - application/json +// +// Schemes: http, https +// +// Responses: +// 200: JWTBearerGrant +// 404: genericError +// 500: genericError func (h *Handler) Get(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { var id = ps.ByName("id") @@ -82,6 +121,26 @@ func (h *Handler) Get(w http.ResponseWriter, r *http.Request, ps httprouter.Para h.registry.Writer().Write(w, r, grant) } +// swagger:route DELETE /grants/jwt-bearer/{id} admin deleteJWTBearerGrant +// +// Delete jwt-bearer grant. +// +// This endpoint will delete jwt-bearer grant, identified by grant ID, so client won't be able to represent +// resource owner (which granted permission), using this grant anymore. All associated public keys with grant +// will also be deleted. +// +// Consumes: +// - application/json +// +// Produces: +// - application/json +// +// Schemes: http, https +// +// Responses: +// 204: emptyResponse +// 404: genericError +// 500: genericError func (h *Handler) Delete(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { var id = ps.ByName("id") @@ -93,6 +152,24 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request, ps httprouter.P w.WriteHeader(http.StatusNoContent) } +// swagger:route GET /grants/jwt-bearer admin getJWTBearerGrantList +// +// Fetch all jwt-bearer grants. +// +// This endpoint returns list of jwt-bearer grants. Grant represents resource owner (RO) permission +// for client to act on behalf of the RO. In this case client uses jwt to request access token to act as RO. +// +// Consumes: +// - application/json +// +// Produces: +// - application/json +// +// Schemes: http, https +// +// Responses: +// 200: JWTBearerGrantList +// 500: genericError func (h *Handler) List(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { limit, offset := pagination.Parse(r, 100, 0, 500) var optionalIssuer = ps.ByName("issuer") diff --git a/grant/jwtbearer/request.go b/grant/jwtbearer/request.go index d111e6d651e..d78b8fae2be 100644 --- a/grant/jwtbearer/request.go +++ b/grant/jwtbearer/request.go @@ -6,7 +6,7 @@ import ( "gopkg.in/square/go-jose.v2" ) -type grantRequest struct { +type createGrantRequest struct { // Issuer identifies the principal that issued the JWT assertion (same as iss claim in jwt). Issuer string `json:"issuer"` @@ -16,7 +16,7 @@ type grantRequest struct { // Scope contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) Scope []string `json:"scope"` - // PublicKeyJWK contains public key inå JWK format issued by Issuer, that will be used to check JWT assertion signature. + // PublicKeyJWK contains public key in JWK format issued by Issuer, that will be used to check JWT assertion signature. PublicKeyJWK jose.JSONWebKey `json:"jwk"` // ExpiresAt indicates, when grant will expire, so we will reject assertion from Issuer targeting Subject. diff --git a/grant/jwtbearer/validator.go b/grant/jwtbearer/validator.go index bdcba841f72..41ba4f5acb3 100644 --- a/grant/jwtbearer/validator.go +++ b/grant/jwtbearer/validator.go @@ -11,7 +11,7 @@ func NewGrantValidator() *GrantValidator { return &GrantValidator{} } -func (v *GrantValidator) Validate(request grantRequest) error { +func (v *GrantValidator) Validate(request createGrantRequest) error { if request.Issuer == "" { return errorsx.WithStack(ErrMissingRequiredParameter.WithHint("Field 'issuer' is required.")) } From c0463b813df09b64a1c4d07f251fadcf286c159a Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Thu, 21 Jan 2021 15:55:03 +0300 Subject: [PATCH 06/49] fix: grant list was not filtered by optional issuer --- grant/jwtbearer/handler.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/grant/jwtbearer/handler.go b/grant/jwtbearer/handler.go index a89d8a6d730..ccafbaefaa9 100644 --- a/grant/jwtbearer/handler.go +++ b/grant/jwtbearer/handler.go @@ -172,7 +172,7 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request, ps httprouter.P // 500: genericError func (h *Handler) List(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { limit, offset := pagination.Parse(r, 100, 0, 500) - var optionalIssuer = ps.ByName("issuer") + var optionalIssuer = r.URL.Query().Get("issuer") grants, err := h.registry.GrantManager().GetGrants(r.Context(), limit, offset, optionalIssuer) if err != nil { From b76c70b629cc166eb54412fdafff3466e9f6da84 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Mon, 25 Jan 2021 13:00:36 +0300 Subject: [PATCH 07/49] test(grant): add tests for jwt-bearer grant --- cypress/integration/admin/grant_jwtbearer.js | 85 ++++++++ grant/jwtbearer/manager_test_helpers.go | 207 +++++++++++++++++++ oauth2/fosite_store_helpers.go | 96 +++++++++ oauth2/registry.go | 3 + persistence/sql/persister_test.go | 8 + 5 files changed, 399 insertions(+) create mode 100644 cypress/integration/admin/grant_jwtbearer.js create mode 100644 grant/jwtbearer/manager_test_helpers.go diff --git a/cypress/integration/admin/grant_jwtbearer.js b/cypress/integration/admin/grant_jwtbearer.js new file mode 100644 index 00000000000..0979b29d5d3 --- /dev/null +++ b/cypress/integration/admin/grant_jwtbearer.js @@ -0,0 +1,85 @@ +describe('The JWT-Bearer Grants Admin Interface', () => { + let d = Cypress.moment().add(1, 'year').milliseconds(0).utc() + const newGrant = () => ({ + issuer: 'token-service', + subject: 'bob@example.com', + expires_at: d.toISOString(), + scope: ['openid', 'offline'], + jwk: { + use: 'sig', + kty: 'RSA', + kid: 'token-service-key', + alg: 'RS256', + n: + 'ue1_WT_RU6Lc65dmmD7llh9Tcu_Xc909be1Yr5xlHUpkVzacHhSgjliSjUnGCuMo1-m3ILktgt3p86ba6bmIk9fK3nKA7OztDymHuuaYGbJVHhDSKcCBMXGFPcBLxtEns7nvMoQ-lkFN-kYgfSfg0iPGXeRo2Io7phqr54pBaEG_xMK9c-rQ_G3Y9eXn1JREEgQd4OvA2UR9Vc4E-xAYMx7V-ZOvMeKBj9HACE8cllnpKlEKLMo5O5BvkpqA1MeOtzL5jxUUH8D37TJvVQ67VgTs40dRwWwRePfIMDHRJSeJ0KTpkgnX4fmaF2xfi53N8hM9PHzzCtaWrjzm1r1Gyw', + e: 'AQAB' + } + }) + + it('should return newly created jwt-bearer grant and grant can be retrieved later', () => { + const grant = newGrant() + const start = Cypress.moment().subtract(1, 'minutes').utc() + const end = Cypress.moment().add(1, 'minutes').utc() + cy.request( + 'POST', + Cypress.env('admin_url') + '/grants/jwt-bearer', + JSON.stringify(grant) + ).then((response) => { + const createdAt = Cypress.moment(response.body.created_at) + const expiresAt = Cypress.moment(response.body.expires_at) + const grantID = response.body.id + + expect(response.body.issuer).to.equal(grant.issuer) + expect(response.body.subject).to.equal(grant.subject) + expect(createdAt.isBetween(start, end)).to.true + expect(expiresAt.isSame(grant.expires_at)).to.true + expect(response.body.scope).to.deep.equal(grant.scope) + expect(response.body.public_key.set).to.equal(grant.issuer) + expect(response.body.public_key.kid).to.equal(grant.jwk.kid) + + cy.request( + 'GET', + Cypress.env('admin_url') + '/grants/jwt-bearer/' + grantID + ).then((response) => { + expect(response.body.issuer).to.equal(grant.issuer) + expect(response.body.subject).to.equal(grant.subject) + expect(response.body.scope).to.deep.equal(grant.scope) + expect(response.body.public_key.set).to.equal(grant.issuer) + expect(response.body.public_key.kid).to.equal(grant.jwk.kid) + }) + }) + }) + + it('should return newly created jwt-bearer grant in grants list', () => { + cy.request('GET', Cypress.env('admin_url') + '/grants/jwt-bearer').then( + (response) => { + expect(response.body).to.length(1) + } + ) + }) + + it('should fail, because the same grant is already exist', () => { + const grant = newGrant() + cy.request({ + method: 'POST', + url: Cypress.env('admin_url') + '/grants/jwt-bearer', + failOnStatusCode: false, + body: JSON.stringify(grant) + }).then((response) => { + expect(response.status).to.equal(409) + }) + }) + + it('should fail, because trying to create grant with no issuer', () => { + const grant = newGrant() + grant.issuer = '' + cy.request({ + method: 'POST', + url: Cypress.env('admin_url') + '/grants/jwt-bearer', + failOnStatusCode: false, + body: JSON.stringify(grant) + }).then((response) => { + expect(response.status).to.equal(400) + }) + }) +}) diff --git a/grant/jwtbearer/manager_test_helpers.go b/grant/jwtbearer/manager_test_helpers.go new file mode 100644 index 00000000000..0e6617d3a2b --- /dev/null +++ b/grant/jwtbearer/manager_test_helpers.go @@ -0,0 +1,207 @@ +/* + * Copyright © 2015-2018 Aeneas Rekkas + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * @author Aeneas Rekkas + * @copyright 2015-2018 Aeneas Rekkas + * @license Apache-2.0 + */ + +package jwtbearer + +import ( + "context" + "sort" + "testing" + "time" + + "github.com/google/uuid" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" + "gopkg.in/square/go-jose.v2" + + "github.com/ory/hydra/jwk" +) + +func TestHelperGrantManagerCreateGetDeleteGrant(m GrantManager) func(t *testing.T) { + testGenerator := &jwk.RS256Generator{} + tokenServicePubKey1 := jose.JSONWebKey{} + tokenServicePubKey2 := jose.JSONWebKey{} + mikePubKey := jose.JSONWebKey{} + + return func(t *testing.T) { + keySet, err := testGenerator.Generate("tokenServicePubKey1", "sig") + require.NoError(t, err) + tokenServicePubKey1 = keySet.Keys[1] + + keySet, err = testGenerator.Generate("tokenServicePubKey2", "sig") + require.NoError(t, err) + tokenServicePubKey2 = keySet.Keys[1] + + keySet, err = testGenerator.Generate("mikePubKey", "sig") + require.NoError(t, err) + mikePubKey = keySet.Keys[1] + + storedGrants, err := m.GetGrants(context.TODO(), 100, 0, "") + require.NoError(t, err) + assert.Len(t, storedGrants, 0) + + count, err := m.CountGrants(context.TODO()) + require.NoError(t, err) + assert.Equal(t, 0, count) + + createdAt := time.Now().UTC().Round(time.Second) + expiresAt := createdAt.AddDate(1, 0, 0) + grant := Grant{ + ID: uuid.New().String(), + Issuer: "token-service", + Subject: "bob@example.com", + Scope: []string{"openid", "offline"}, + PublicKey: PublicKey{ + Set: "token-service", + KeyID: "public:tokenServicePubKey1", + }, + CreatedAt: createdAt, + ExpiresAt: expiresAt, + } + err = m.CreateGrant(context.TODO(), grant, tokenServicePubKey1) + require.NoError(t, err) + + storedGrant, err := m.GetConcreteGrant(context.TODO(), grant.ID) + require.NoError(t, err) + assert.Equal(t, grant.ID, storedGrant.ID) + assert.Equal(t, grant.Issuer, storedGrant.Issuer) + assert.Equal(t, grant.Subject, storedGrant.Subject) + assert.Equal(t, grant.Scope, storedGrant.Scope) + assert.Equal(t, grant.PublicKey, storedGrant.PublicKey) + assert.Equal(t, grant.CreatedAt.Format(time.RFC3339), storedGrant.CreatedAt.Format(time.RFC3339)) + assert.Equal(t, grant.ExpiresAt.Format(time.RFC3339), storedGrant.ExpiresAt.Format(time.RFC3339)) + + grant2 := Grant{ + ID: uuid.New().String(), + Issuer: "token-service", + Subject: "maria@example.com", + Scope: []string{"openid"}, + PublicKey: PublicKey{ + Set: "token-service", + KeyID: "public:tokenServicePubKey2", + }, + CreatedAt: createdAt.Add(time.Minute * 5), + ExpiresAt: expiresAt, + } + err = m.CreateGrant(context.TODO(), grant2, tokenServicePubKey2) + require.NoError(t, err) + + grant3 := Grant{ + ID: uuid.New().String(), + Issuer: "https://mike.example.com", + Subject: "mike@example.com", + Scope: []string{"permissions", "openid", "offline"}, + PublicKey: PublicKey{ + Set: "https://mike.example.com", + KeyID: "public:mikePubKey", + }, + CreatedAt: createdAt.Add(time.Hour), + ExpiresAt: expiresAt, + } + err = m.CreateGrant(context.TODO(), grant3, mikePubKey) + require.NoError(t, err) + + count, err = m.CountGrants(context.TODO()) + require.NoError(t, err) + assert.Equal(t, 3, count) + + storedGrants, err = m.GetGrants(context.TODO(), 100, 0, "") + sort.Slice(storedGrants, func(i, j int) bool { + return storedGrants[i].CreatedAt.Before(storedGrants[j].CreatedAt) + }) + require.NoError(t, err) + require.Len(t, storedGrants, 3) + assert.Equal(t, grant.ID, storedGrants[0].ID) + assert.Equal(t, grant2.ID, storedGrants[1].ID) + assert.Equal(t, grant3.ID, storedGrants[2].ID) + + storedGrants, err = m.GetGrants(context.TODO(), 100, 0, "token-service") + sort.Slice(storedGrants, func(i, j int) bool { + return storedGrants[i].CreatedAt.Before(storedGrants[j].CreatedAt) + }) + require.NoError(t, err) + require.Len(t, storedGrants, 2) + assert.Equal(t, grant.ID, storedGrants[0].ID) + assert.Equal(t, grant2.ID, storedGrants[1].ID) + + err = m.DeleteGrant(context.TODO(), grant2.ID) + require.NoError(t, err) + + _, err = m.GetConcreteGrant(context.TODO(), grant2.ID) + require.Error(t, err) + + count, err = m.CountGrants(context.TODO()) + require.NoError(t, err) + assert.Equal(t, 2, count) + + } +} + +func TestHelperGrantManagerErrors(m GrantManager) func(t *testing.T) { + testGenerator := &jwk.RS256Generator{} + pubKey1 := jose.JSONWebKey{} + pubKey2 := jose.JSONWebKey{} + + return func(t *testing.T) { + keySet, err := testGenerator.Generate("pubKey1", "sig") + require.NoError(t, err) + pubKey1 = keySet.Keys[1] + + keySet, err = testGenerator.Generate("pubKey2", "sig") + require.NoError(t, err) + pubKey2 = keySet.Keys[1] + + createdAt := time.Now() + expiresAt := createdAt.AddDate(1, 0, 0) + grant := Grant{ + ID: uuid.New().String(), + Issuer: "issuer", + Subject: "subject", + Scope: []string{"openid", "offline"}, + PublicKey: PublicKey{ + Set: "set", + KeyID: "public:pubKey1", + }, + CreatedAt: createdAt, + ExpiresAt: expiresAt, + } + err = m.CreateGrant(context.TODO(), grant, pubKey1) + require.NoError(t, err) + + grant.ID = uuid.New().String() + err = m.CreateGrant(context.TODO(), grant, pubKey1) + require.Error(t, err) + + grant2 := grant + grant2.PublicKey = PublicKey{ + Set: "set", + KeyID: "public:pubKey2", + } + err = m.CreateGrant(context.TODO(), grant2, pubKey2) + require.NoError(t, err) + + nonExistingGrantID := uuid.New().String() + err = m.DeleteGrant(context.TODO(), nonExistingGrantID) + require.Error(t, err) + + _, err = m.GetConcreteGrant(context.TODO(), nonExistingGrantID) + require.Error(t, err) + } +} diff --git a/oauth2/fosite_store_helpers.go b/oauth2/fosite_store_helpers.go index 1def3c0d715..d88acaa3ccf 100644 --- a/oauth2/fosite_store_helpers.go +++ b/oauth2/fosite_store_helpers.go @@ -29,6 +29,10 @@ import ( "time" "github.com/gobuffalo/pop/v5" + "gopkg.in/square/go-jose.v2" + + "github.com/ory/fosite/handler/oauth2" + "github.com/ory/hydra/grant/jwtbearer" "github.com/ory/hydra/x" @@ -179,6 +183,7 @@ func TestHelperRunner(t *testing.T, store InternalRegistry, k string) { t.Run(fmt.Sprintf("case=testFositeStoreClientAssertionJWTValid/db=%s", k), testFositeStoreClientAssertionJWTValid(store)) t.Run(fmt.Sprintf("case=testHelperDeleteAccessTokens/db=%s", k), testHelperDeleteAccessTokens(store)) t.Run(fmt.Sprintf("case=testHelperRevokeAccessToken/db=%s", k), testHelperRevokeAccessToken(store)) + t.Run(fmt.Sprintf("case=testFositeJWTBearerGrantStorage/db=%s", k), testFositeJWTBearerGrantStorage(store)) } func testHelperRequestIDMultiples(m InternalRegistry, _ string) func(t *testing.T) { @@ -691,6 +696,97 @@ func testFositeStoreClientAssertionJWTValid(m InternalRegistry) func(*testing.T) } } +func testFositeJWTBearerGrantStorage(x InternalRegistry) func(t *testing.T) { + return func(t *testing.T) { + grantManager := x.GrantManager() + keyManager := x.KeyManager() + keyGenerators := x.KeyGenerators() + keyGenerator, ok := keyGenerators[string(jose.RS256)] + require.True(t, ok) + grantStorage := x.OAuth2Storage().(oauth2.JWTAuthGrantStorage) + + t.Run("case=associated key added with grant", func(t *testing.T) { + keySet, err := keyGenerator.Generate("token-service-key", "sig") + require.NoError(t, err) + + publicKey := keySet.Keys[1] + issuer := "token-service" + subject := "bob@example.com" + grant := jwtbearer.Grant{ + ID: uuid.New(), + Issuer: issuer, + Subject: subject, + Scope: []string{"openid"}, + PublicKey: jwtbearer.PublicKey{Set: issuer, KeyID: publicKey.KeyID}, + CreatedAt: time.Now().UTC().Round(time.Second), + ExpiresAt: time.Now().UTC().Round(time.Second).AddDate(1, 0, 0), + } + + storedKeySet, err := grantStorage.GetPublicKeys(context.TODO(), issuer, subject) + require.NoError(t, err) + require.Len(t, storedKeySet.Keys, 0) + + err = grantManager.CreateGrant(context.TODO(), grant, publicKey) + require.NoError(t, err) + + storedKeySet, err = grantStorage.GetPublicKeys(context.TODO(), issuer, subject) + require.NoError(t, err) + assert.Len(t, storedKeySet.Keys, 1) + + storedKey, err := grantStorage.GetPublicKey(context.TODO(), issuer, subject, publicKey.KeyID) + require.NoError(t, err) + assert.Equal(t, publicKey.KeyID, storedKey.KeyID) + assert.Equal(t, publicKey.Use, storedKey.Use) + assert.Equal(t, publicKey.Key, storedKey.Key) + + storedKeySet, err = keyManager.GetKey(context.TODO(), issuer, publicKey.KeyID) + require.NoError(t, err) + assert.Equal(t, publicKey.KeyID, storedKeySet.Keys[0].KeyID) + assert.Equal(t, publicKey.Use, storedKeySet.Keys[0].Use) + assert.Equal(t, publicKey.Key, storedKeySet.Keys[0].Key) + }) + + t.Run("case=only associated key returns", func(t *testing.T) { + keySet, err := keyGenerator.Generate("some-key", "sig") + require.NoError(t, err) + + err = keyManager.AddKeySet(context.TODO(), "some-set", keySet) + require.NoError(t, err) + + keySet, err = keyGenerator.Generate("maria-key", "sig") + require.NoError(t, err) + + publicKey := keySet.Keys[1] + issuer := "maria" + subject := "maria@example.com" + grant := jwtbearer.Grant{ + ID: uuid.New(), + Issuer: issuer, + Subject: subject, + Scope: []string{"openid"}, + PublicKey: jwtbearer.PublicKey{Set: issuer, KeyID: publicKey.KeyID}, + CreatedAt: time.Now().UTC().Round(time.Second), + ExpiresAt: time.Now().UTC().Round(time.Second).AddDate(1, 0, 0), + } + + err = grantManager.CreateGrant(context.TODO(), grant, publicKey) + require.NoError(t, err) + + storedKeySet, err := grantStorage.GetPublicKeys(context.TODO(), issuer, subject) + require.NoError(t, err) + assert.Len(t, storedKeySet.Keys, 1) + assert.Equal(t, publicKey.KeyID, storedKeySet.Keys[0].KeyID) + assert.Equal(t, publicKey.Use, storedKeySet.Keys[0].Use) + assert.Equal(t, publicKey.Key, storedKeySet.Keys[0].Key) + + storedKeySet, err = grantStorage.GetPublicKeys(context.TODO(), issuer, "non-existing-subject") + require.NoError(t, err) + assert.Len(t, storedKeySet.Keys, 0) + }) + + } +} + func doTestCommit(m InternalRegistry, t *testing.T, createFn func(context.Context, string, fosite.Requester) error, getFn func(context.Context, string, fosite.Session) (fosite.Requester, error), diff --git a/oauth2/registry.go b/oauth2/registry.go index b9a57fc07f5..83d0bb07509 100644 --- a/oauth2/registry.go +++ b/oauth2/registry.go @@ -5,12 +5,15 @@ import ( "github.com/ory/fosite/handler/openid" "github.com/ory/hydra/client" "github.com/ory/hydra/consent" + "github.com/ory/hydra/grant/jwtbearer" "github.com/ory/hydra/jwk" "github.com/ory/hydra/x" ) type InternalRegistry interface { client.Registry + jwk.Registry + jwtbearer.Registry x.RegistryWriter x.RegistryLogger consent.Registry diff --git a/persistence/sql/persister_test.go b/persistence/sql/persister_test.go index 0c0c53780b5..6a16ae21b31 100644 --- a/persistence/sql/persister_test.go +++ b/persistence/sql/persister_test.go @@ -4,6 +4,9 @@ import ( "testing" "github.com/pborman/uuid" + + "github.com/ory/hydra/grant/jwtbearer" + "github.com/stretchr/testify/require" "github.com/ory/hydra/internal/testhelpers" @@ -59,5 +62,10 @@ func TestManagers(t *testing.T) { jwk.TestHelperManagerKeySet(m.KeyManager(), ks, uuid.New()) }) }) + + t.Run("package=grant/jwtbearer/manager="+k, func(t *testing.T) { + t.Run("case=create-get-delete", jwtbearer.TestHelperGrantManagerCreateGetDeleteGrant(m.GrantManager())) + t.Run("case=errors", jwtbearer.TestHelperGrantManagerErrors(m.GrantManager())) + }) } } From a5a33d8fd20052b3d893d23fd0a075a546b341ae Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Thu, 4 Mar 2021 12:04:52 +0300 Subject: [PATCH 08/49] test(grant): add public key scopes tests --- grant/jwtbearer/manager_test_helpers.go | 6 +++--- oauth2/fosite_store_helpers.go | 9 ++++++++- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/grant/jwtbearer/manager_test_helpers.go b/grant/jwtbearer/manager_test_helpers.go index 0e6617d3a2b..d4d393e784e 100644 --- a/grant/jwtbearer/manager_test_helpers.go +++ b/grant/jwtbearer/manager_test_helpers.go @@ -187,7 +187,7 @@ func TestHelperGrantManagerErrors(m GrantManager) func(t *testing.T) { grant.ID = uuid.New().String() err = m.CreateGrant(context.TODO(), grant, pubKey1) - require.Error(t, err) + require.Error(t, err, "error expected, because combination of issuer + subject + key_id must be unique") grant2 := grant grant2.PublicKey = PublicKey{ @@ -199,9 +199,9 @@ func TestHelperGrantManagerErrors(m GrantManager) func(t *testing.T) { nonExistingGrantID := uuid.New().String() err = m.DeleteGrant(context.TODO(), nonExistingGrantID) - require.Error(t, err) + require.Error(t, err, "expect error, when deleting non-existing grant") _, err = m.GetConcreteGrant(context.TODO(), nonExistingGrantID) - require.Error(t, err) + require.Error(t, err, "expect error, when fetching non-existing grant") } } diff --git a/oauth2/fosite_store_helpers.go b/oauth2/fosite_store_helpers.go index d88acaa3ccf..599ba1f8591 100644 --- a/oauth2/fosite_store_helpers.go +++ b/oauth2/fosite_store_helpers.go @@ -716,7 +716,7 @@ func testFositeJWTBearerGrantStorage(x InternalRegistry) func(t *testing.T) { ID: uuid.New(), Issuer: issuer, Subject: subject, - Scope: []string{"openid"}, + Scope: []string{"openid", "offline"}, PublicKey: jwtbearer.PublicKey{Set: issuer, KeyID: publicKey.KeyID}, CreatedAt: time.Now().UTC().Round(time.Second), ExpiresAt: time.Now().UTC().Round(time.Second).AddDate(1, 0, 0), @@ -739,6 +739,10 @@ func testFositeJWTBearerGrantStorage(x InternalRegistry) func(t *testing.T) { assert.Equal(t, publicKey.Use, storedKey.Use) assert.Equal(t, publicKey.Key, storedKey.Key) + storedScopes, err := grantStorage.GetPublicKeyScopes(context.TODO(), issuer, subject, publicKey.KeyID) + require.NoError(t, err) + assert.Equal(t, grant.Scope, storedScopes) + storedKeySet, err = keyManager.GetKey(context.TODO(), issuer, publicKey.KeyID) require.NoError(t, err) assert.Equal(t, publicKey.KeyID, storedKeySet.Keys[0].KeyID) @@ -782,6 +786,9 @@ func testFositeJWTBearerGrantStorage(x InternalRegistry) func(t *testing.T) { storedKeySet, err = grantStorage.GetPublicKeys(context.TODO(), issuer, "non-existing-subject") require.NoError(t, err) assert.Len(t, storedKeySet.Keys, 0) + + _, err = grantStorage.GetPublicKeyScopes(context.TODO(), issuer, "non-existing-subject", publicKey.KeyID) + require.Error(t, err) }) } From 8120145da8e6b562f8a17a70d1e0a09b146c2399 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Thu, 4 Mar 2021 15:48:16 +0300 Subject: [PATCH 09/49] fix(grant) delete assosiated grant public key on grant deletion --- oauth2/fosite_store_helpers.go | 71 ++++++++++++++++++++++++++ persistence/sql/persister_grant_jwk.go | 9 +++- 2 files changed, 79 insertions(+), 1 deletion(-) diff --git a/oauth2/fosite_store_helpers.go b/oauth2/fosite_store_helpers.go index 599ba1f8591..0846b9c8298 100644 --- a/oauth2/fosite_store_helpers.go +++ b/oauth2/fosite_store_helpers.go @@ -791,6 +791,77 @@ func testFositeJWTBearerGrantStorage(x InternalRegistry) func(t *testing.T) { require.Error(t, err) }) + t.Run("case=associated key is deleted, when granted is deleted", func(t *testing.T) { + keySet, err := keyGenerator.Generate("hackerman-key", "sig") + require.NoError(t, err) + + publicKey := keySet.Keys[1] + issuer := "aeneas" + subject := "aeneas@example.com" + grant := jwtbearer.Grant{ + ID: uuid.New(), + Issuer: issuer, + Subject: subject, + Scope: []string{"openid", "offline"}, + PublicKey: jwtbearer.PublicKey{Set: issuer, KeyID: publicKey.KeyID}, + CreatedAt: time.Now().UTC().Round(time.Second), + ExpiresAt: time.Now().UTC().Round(time.Second).AddDate(1, 0, 0), + } + + err = grantManager.CreateGrant(context.TODO(), grant, publicKey) + require.NoError(t, err) + + _, err = grantStorage.GetPublicKey(context.TODO(), issuer, subject, grant.PublicKey.KeyID) + require.NoError(t, err) + + _, err = keyManager.GetKey(context.TODO(), issuer, publicKey.KeyID) + require.NoError(t, err) + + err = grantManager.DeleteGrant(context.TODO(), grant.ID) + require.NoError(t, err) + + _, err = grantStorage.GetPublicKey(context.TODO(), issuer, subject, publicKey.KeyID) + assert.Error(t, err) + + _, err = keyManager.GetKey(context.TODO(), issuer, publicKey.KeyID) + assert.Error(t, err) + }) + + t.Run("case=associated grant is deleted, when key is deleted", func(t *testing.T) { + keySet, err := keyGenerator.Generate("vladimir-key", "sig") + require.NoError(t, err) + + publicKey := keySet.Keys[1] + issuer := "vladimir" + subject := "vladimir@example.com" + grant := jwtbearer.Grant{ + ID: uuid.New(), + Issuer: issuer, + Subject: subject, + Scope: []string{"openid", "offline"}, + PublicKey: jwtbearer.PublicKey{Set: issuer, KeyID: publicKey.KeyID}, + CreatedAt: time.Now().UTC().Round(time.Second), + ExpiresAt: time.Now().UTC().Round(time.Second).AddDate(1, 0, 0), + } + + err = grantManager.CreateGrant(context.TODO(), grant, publicKey) + require.NoError(t, err) + + _, err = grantStorage.GetPublicKey(context.TODO(), issuer, subject, publicKey.KeyID) + require.NoError(t, err) + + _, err = keyManager.GetKey(context.TODO(), issuer, publicKey.KeyID) + require.NoError(t, err) + + err = keyManager.DeleteKey(context.TODO(), issuer, publicKey.KeyID) + require.NoError(t, err) + + _, err = keyManager.GetKey(context.TODO(), issuer, publicKey.KeyID) + assert.Error(t, err) + + _, err = grantManager.GetConcreteGrant(context.TODO(), grant.ID) + assert.Error(t, err) + }) } } diff --git a/persistence/sql/persister_grant_jwk.go b/persistence/sql/persister_grant_jwk.go index c07922d2b0a..4d6f4d74900 100644 --- a/persistence/sql/persister_grant_jwk.go +++ b/persistence/sql/persister_grant_jwk.go @@ -5,6 +5,7 @@ import ( "strings" "time" + "github.com/gobuffalo/pop/v5" "gopkg.in/square/go-jose.v2" "github.com/ory/hydra/grant/jwtbearer" @@ -49,7 +50,13 @@ func (p *Persister) DeleteGrant(ctx context.Context, id string) error { return err } - return sqlcon.HandleError(p.Connection(ctx).Destroy(&jwtbearer.SQLData{ID: grant.ID})) + return p.transaction(ctx, func(ctx context.Context, c *pop.Connection) error { + if err := p.Connection(ctx).Destroy(&jwtbearer.SQLData{ID: grant.ID}); err != nil { + return sqlcon.HandleError(err) + } + + return p.DeleteKey(ctx, grant.PublicKey.Set, grant.PublicKey.KeyID) + }) } func (p *Persister) GetGrants(ctx context.Context, limit, offset int, optionalIssuer string) ([]jwtbearer.Grant, error) { From ebc1bd7b176bbda0966667a5ddfdd84f1117639d Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Thu, 4 Mar 2021 18:03:56 +0300 Subject: [PATCH 10/49] feat(fosite) use fosite v0.38.0 --- driver/config/provider.go | 8 +++---- driver/registry_base.go | 38 +++++++++++++++++----------------- go.mod | 4 ---- go.sum | 19 +++++++---------- oauth2/fosite_store_helpers.go | 4 ++-- x/fosite_storer.go | 3 ++- 6 files changed, 35 insertions(+), 41 deletions(-) diff --git a/driver/config/provider.go b/driver/config/provider.go index b7e5c87a74d..b9d42645a01 100644 --- a/driver/config/provider.go +++ b/driver/config/provider.go @@ -428,18 +428,18 @@ func (p *Provider) GrantAllClientCredentialsScopesPerDefault() bool { return p.p.Bool(KeyGrantAllClientCredentialsScopesPerDefault) } -func (p *Provider) GrantJWTClientAuthOptional() bool { +func (p *Provider) GrantTypeJWTBearerClientAuthOptional() bool { return p.p.Bool(KeyOAuth2GrantJWTClientAuthOptional) } -func (p *Provider) GrantJWTIDOptional() bool { +func (p *Provider) GrantTypeJWTBearerIDOptional() bool { return p.p.Bool(KeyOAuth2GrantJWTIDOptional) } -func (p *Provider) GrantJWTIssuedDateOptional() bool { +func (p *Provider) GrantTypeJWTBearerIssuedDateOptional() bool { return p.p.Bool(KeyOAuth2GrantJWTIssuedDateOptional) } -func (p *Provider) GrantJWTMaxDuration() time.Duration { +func (p *Provider) GrantTypeJWTBearerMaxDuration() time.Duration { return p.p.DurationF(KeyOAuth2GrantJWTMaxDuration, time.Hour*24*30) } diff --git a/driver/registry_base.go b/driver/registry_base.go index a012c062d88..f3f565d2ea6 100644 --- a/driver/registry_base.go +++ b/driver/registry_base.go @@ -273,24 +273,24 @@ func (m *RegistryBase) CookieStore() sessions.Store { func (m *RegistryBase) oAuth2Config() *compose.Config { return &compose.Config{ - AccessTokenLifespan: m.C.AccessTokenLifespan(), - RefreshTokenLifespan: m.C.RefreshTokenLifespan(), - AuthorizeCodeLifespan: m.C.AuthCodeLifespan(), - IDTokenLifespan: m.C.IDTokenLifespan(), - IDTokenIssuer: m.C.IssuerURL().String(), - HashCost: m.C.BCryptCost(), - ScopeStrategy: m.ScopeStrategy(), - SendDebugMessagesToClients: m.C.ShareOAuth2Debug(), - UseLegacyErrorFormat: m.C.OAuth2LegacyErrors(), - EnforcePKCE: m.C.PKCEEnforced(), - EnforcePKCEForPublicClients: m.C.EnforcePKCEForPublicClients(), - EnablePKCEPlainChallengeMethod: false, - TokenURL: urlx.AppendPaths(m.C.PublicURL(), oauth2.TokenPath).String(), - RedirectSecureChecker: x.IsRedirectURISecure(m.C), - JWTSkipClientAuth: m.C.GrantJWTClientAuthOptional(), - JWTIDOptional: m.C.GrantJWTIDOptional(), - JWTIssuedDateOptional: m.C.GrantJWTIssuedDateOptional(), - JWTMaxDuration: m.C.GrantJWTMaxDuration(), + AccessTokenLifespan: m.C.AccessTokenLifespan(), + RefreshTokenLifespan: m.C.RefreshTokenLifespan(), + AuthorizeCodeLifespan: m.C.AuthCodeLifespan(), + IDTokenLifespan: m.C.IDTokenLifespan(), + IDTokenIssuer: m.C.IssuerURL().String(), + HashCost: m.C.BCryptCost(), + ScopeStrategy: m.ScopeStrategy(), + SendDebugMessagesToClients: m.C.ShareOAuth2Debug(), + UseLegacyErrorFormat: m.C.OAuth2LegacyErrors(), + EnforcePKCE: m.C.PKCEEnforced(), + EnforcePKCEForPublicClients: m.C.EnforcePKCEForPublicClients(), + EnablePKCEPlainChallengeMethod: false, + TokenURL: urlx.AppendPaths(m.C.PublicURL(), oauth2.TokenPath).String(), + RedirectSecureChecker: x.IsRedirectURISecure(m.C), + GrantTypeJWTBearerCanSkipClientAuth: m.C.GrantTypeJWTBearerClientAuthOptional(), + GrantTypeJWTBearerIDOptional: m.C.GrantTypeJWTBearerIDOptional(), + GrantTypeJWTBearerIssuedDateOptional: m.C.GrantTypeJWTBearerIssuedDateOptional(), + GrantTypeJWTBearerMaxDuration: m.C.GrantTypeJWTBearerMaxDuration(), } } @@ -345,7 +345,7 @@ func (m *RegistryBase) OAuth2Provider() fosite.OAuth2Provider { compose.OAuth2TokenRevocationFactory, compose.OAuth2TokenIntrospectionFactory, compose.OAuth2PKCEFactory, - compose.OAuth2AuthorizeJWTGrantFactory, + compose.RFC7523AssertionGrantFactory, ) } return m.fop diff --git a/go.mod b/go.mod index f46dd454037..62534210add 100644 --- a/go.mod +++ b/go.mod @@ -65,7 +65,6 @@ require ( github.com/sawadashota/encrypta v0.0.2 github.com/sirupsen/logrus v1.8.1 github.com/spf13/cobra v1.1.3 - github.com/sqs/goreturns v0.0.0-20181028201513-538ac6014518 // indirect github.com/stretchr/testify v1.7.0 github.com/tidwall/gjson v1.7.1 github.com/toqueteos/webbrowser v1.2.0 @@ -74,11 +73,8 @@ require ( golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5 golang.org/x/tools v0.1.0 - golang.org/x/lint v0.0.0-20200302205851-738671d3881b // indirect gopkg.in/DataDog/dd-trace-go.v1 v1.27.1 gopkg.in/square/go-jose.v2 v2.5.1 ) replace github.com/gobuffalo/pop/v5 => github.com/gobuffalo/pop/v5 v5.3.2-0.20201029132236-f36afb546df1 - -replace github.com/ory/fosite => github.com/TinkoffCreditSystems/fosite v0.36.1-0.20201216164135-6cf3d51701e5 diff --git a/go.sum b/go.sum index 26f01699c34..9f8391a0511 100644 --- a/go.sum +++ b/go.sum @@ -73,9 +73,6 @@ github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWX github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g= github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c= -github.com/StackExchange/wmi v0.0.0-20180116203802-5d049714c4a6/go.mod h1:3eOhrUMpNV+6aFIbp5/iudMxNCF27Vw2OZgy4xEx0Fg= -github.com/TinkoffCreditSystems/fosite v0.36.1-0.20201216164135-6cf3d51701e5 h1:FdOoaosdGzALG7uHQaX1LLzVmDxLOBbPjqR2aLWObmY= -github.com/TinkoffCreditSystems/fosite v0.36.1-0.20201216164135-6cf3d51701e5/go.mod h1:37r59qkOSPueYKmaA7EHiXrDMF1B+XPN+MgkZgTRg3Y= github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM= github.com/ajg/form v0.0.0-20160822230020-523a5da1a92f h1:zvClvFQwU++UpIUBGC8YmDlfhUrweEy1R1Fj1gu5iIM= github.com/ajg/form v0.0.0-20160822230020-523a5da1a92f/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY= @@ -682,10 +679,9 @@ github.com/golang/mock v1.4.0/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt github.com/golang/mock v1.4.1/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.3/go.mod h1:UOMv5ysSaYNkG+OFQykRIcU/QvvxJf3p21QfJ2Bt3cw= github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= +github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/mock v1.5.0 h1:jlYHihg//f7RRwuPfptm04yp4s7O6Kw8EZiVYIGcH0g= github.com/golang/mock v1.5.0/go.mod h1:CWnOUgYIOo4TcNZ0wHX3YZCqsaM1I1Jvs6v3mP3KVu8= -github.com/golang/mock v1.4.4 h1:l75CXGRSwbaYNpl/Z2X1XIIAMSCquvXgpVZDhwEIJsc= -github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -748,7 +744,7 @@ github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gopherjs/gopherjs v0.0.0-20181004151105-1babbf986f6f/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gookit/color v1.2.5/go.mod h1:AhIE+pS6D4Ql0SQWbBeXPHw7gY0/sjHoA4s/n1KB7xg= +github.com/gopherjs/gopherjs v0.0.0-20181004151105-1babbf986f6f/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1 h1:EGx4pi6eqNxGaHF6qqu48+N2wcFQ5qg5FXgOdqsJ5d8= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg= @@ -1090,7 +1086,6 @@ github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJ github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A= github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= github.com/moul/http2curl v0.0.0-20170919181001-9ac6cf4d929b/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ= -github.com/mozilla/tls-observatory v0.0.0-20200317151703-4fa42e1c2dee/go.mod h1:SrKMQvPiws7F7iqYp8/TX+IhxCYhzr6N/1yb8cwHsGk= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg= @@ -1160,6 +1155,7 @@ github.com/ory/dockertest/v3 v3.6.2/go.mod h1:EFLcVUOl8qCwp9NyDAcCDtq/QviLtYswW/ github.com/ory/dockertest/v3 v3.6.3 h1:L8JWiGgR+fnj90AEOkTFIEp4j5uWAK72P3IUsYgn2cs= github.com/ory/dockertest/v3 v3.6.3/go.mod h1:EFLcVUOl8qCwp9NyDAcCDtq/QviLtYswW/VbWzUnTNE= github.com/ory/fosite v0.29.0/go.mod h1:0atSZmXO7CAcs6NPMI/Qtot8tmZYj04Nddoold4S2h0= +github.com/ory/fosite v0.29.0/go.mod h1:0atSZmXO7CAcs6NPMI/Qtot8tmZYj04Nddoold4S2h0= github.com/ory/fosite v0.39.0 h1:u1Ct/ME7XYzREvufr7ehBIdq/KatjVLIYg/ABqWzprw= github.com/ory/fosite v0.39.0/go.mod h1:37r59qkOSPueYKmaA7EHiXrDMF1B+XPN+MgkZgTRg3Y= github.com/ory/go-acc v0.0.0-20181118080137-ddc355013f90/go.mod h1:sxnvPCxChFuSmTJGj8FdMupeq1BezCiEpDjTUXQ4hf4= @@ -1215,8 +1211,6 @@ github.com/ory/x v0.0.181/go.mod h1:SGETCUk1DgQC30bb7y4hjhkKGQ1x0YOsldrmGmy6MNc= github.com/ory/x v0.0.189/go.mod h1:uJK3Re/AF6F3LCNnwqzeU/ftmexCpjqwfdyrDc6PbcM= github.com/ory/x v0.0.205/go.mod h1:A1s4iwmFIppRXZLF3J9GGWeY/HpREVm0Dk5z/787iek= github.com/ory/x v0.0.207/go.mod h1:sBgvUAcmc2lmtOBe5VMcV2vNAlADT4bkFHomG29y7N4= -github.com/ory/x v0.0.233 h1:AiBvucFkE054XJ04OnUziM9Ect5nR/NbMe5101EBjVE= -github.com/ory/x v0.0.233/go.mod h1:0mSGWLFgcqckIvgexka1GJK/sshYrFFkU7lPajzGTFw= github.com/ory/x v0.0.237 h1:sFcWr8EcOYrPb30tsWk3BZM7jdzHeBAqaOSHveizmfs= github.com/ory/x v0.0.237/go.mod h1:KPgNsUzpztH15EZdw5HjurtTe+mXQ34yqMCCTb5BZAc= github.com/pact-foundation/pact-go v1.0.4/go.mod h1:uExwJY4kCzNPcHRj+hCR/HBbOOIwwtUjcrb0b5/5kLM= @@ -1367,6 +1361,7 @@ github.com/smallstep/truststore v0.9.6 h1:vNzEJmaJL0XOZD8uouXLmYu4/aP1UQ/wHUopH3 github.com/smallstep/truststore v0.9.6/go.mod h1:HwHKRcBi0RUxxw1LYDpTRhYC4jZUuxPpkHdVonlkoDM= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d h1:zE9ykElWQ6/NYmHa3jpm/yHnI4xSofP+UP6SpjHcSeM= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= +github.com/smartystreets/goconvey v0.0.0-20180222194500-ef6db91d284a/go.mod h1:XDJAKZRPZ1CvBcN2aX5YOUTYGHki24fSF0Iv48Ibg0s= github.com/smartystreets/goconvey v1.6.4 h1:fv0U8FUIMPNf1L9lnHLvLhgicrIVChEkdzIKYqbNC9s= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= @@ -1692,6 +1687,7 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4 h1:b0LrWgu8+q7z4J+0Y3Umo5q1dL7NXBkKBWkaVkAq17E= golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= +golang.org/x/oauth2 v0.0.0-20181003184128-c57b0facaced/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1795,11 +1791,11 @@ golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210319071255-635bc2c9138d h1:jbzgAvDZn8aEnytae+4ou0J0GwFZoHR0hOrTg4qH8GA= golang.org/x/sys v0.0.0-20210319071255-635bc2c9138d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= +golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/term v0.0.0-20201117132131-f5c789dd3221 h1:/ZHdbVpdR/jk3g30/d4yUL0JU9kksj8+F/bnQUVLGDM= -golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= +golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= @@ -2052,6 +2048,7 @@ gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/mail.v2 v2.0.0-20180731213649-a0242b2233b4/go.mod h1:htwXN1Qh09vZJ1NVKxQqHPBaCBbzKhp5GzuJEA4VJWw= gopkg.in/mail.v2 v2.3.1/go.mod h1:htwXN1Qh09vZJ1NVKxQqHPBaCBbzKhp5GzuJEA4VJWw= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= +gopkg.in/square/go-jose.v2 v2.1.9/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/square/go-jose.v2 v2.5.1 h1:7odma5RETjNHWJnR32wx8t+Io4djHE1PqxCFx3iiZ2w= gopkg.in/square/go-jose.v2 v2.5.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= diff --git a/oauth2/fosite_store_helpers.go b/oauth2/fosite_store_helpers.go index 0846b9c8298..2e236808a9c 100644 --- a/oauth2/fosite_store_helpers.go +++ b/oauth2/fosite_store_helpers.go @@ -29,9 +29,9 @@ import ( "time" "github.com/gobuffalo/pop/v5" + "github.com/ory/fosite/handler/rfc7523" "gopkg.in/square/go-jose.v2" - "github.com/ory/fosite/handler/oauth2" "github.com/ory/hydra/grant/jwtbearer" "github.com/ory/hydra/x" @@ -703,7 +703,7 @@ func testFositeJWTBearerGrantStorage(x InternalRegistry) func(t *testing.T) { keyGenerators := x.KeyGenerators() keyGenerator, ok := keyGenerators[string(jose.RS256)] require.True(t, ok) - grantStorage := x.OAuth2Storage().(oauth2.JWTAuthGrantStorage) + grantStorage := x.OAuth2Storage().(rfc7523.RFC7523KeyStorage) t.Run("case=associated key added with grant", func(t *testing.T) { keySet, err := keyGenerator.Generate("token-service-key", "sig") diff --git a/x/fosite_storer.go b/x/fosite_storer.go index 38323d83b34..aeb3a5633c1 100644 --- a/x/fosite_storer.go +++ b/x/fosite_storer.go @@ -28,6 +28,7 @@ import ( "github.com/ory/fosite/handler/oauth2" "github.com/ory/fosite/handler/openid" "github.com/ory/fosite/handler/pkce" + "github.com/ory/fosite/handler/rfc7523" ) type FositeStorer interface { @@ -35,7 +36,7 @@ type FositeStorer interface { oauth2.CoreStorage openid.OpenIDConnectRequestStorage pkce.PKCERequestStorage - oauth2.JWTAuthGrantStorage + rfc7523.RFC7523KeyStorage RevokeRefreshToken(ctx context.Context, requestID string) error From 434bfa7334f68eafdba2d67193336b8b078768fa Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Thu, 4 Mar 2021 18:08:16 +0300 Subject: [PATCH 11/49] docs(readme): correct command to reset db in tests --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7c0dc5301d8..bc1586f4697 100644 --- a/README.md +++ b/README.md @@ -500,7 +500,7 @@ you are trying to fix something very specific and need the database tests all th suggest that you initialize the databases with: ```shell script -make resetdb +make test-resetdb export TEST_DATABASE_MYSQL='mysql://root:secret@(127.0.0.1:3444)/mysql?parseTime=true&multiStatements=true' export TEST_DATABASE_POSTGRESQL='postgres://postgres:secret@127.0.0.1:3445/postgres?sslmode=disable' export TEST_DATABASE_COCKROACHDB='cockroach://root@127.0.0.1:3446/defaultdb?sslmode=disable' @@ -536,7 +536,7 @@ type of tests very difficult, but thankfully you can run the e2e test in the bro or if you would like to test one of the databases: ```shell script -make resetdb +make test-resetdb export TEST_DATABASE_MYSQL='mysql://root:secret@(127.0.0.1:3444)/mysql?parseTime=true&multiStatements=true' export TEST_DATABASE_POSTGRESQL='postgres://postgres:secret@127.0.0.1:3445/postgres?sslmode=disable' export TEST_DATABASE_COCKROACHDB='cockroach://root@127.0.0.1:3446/defaultdb?sslmode=disable' From 81ba0ed67b41c8684f9e2170e6dcc8be5c9726ce Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Fri, 5 Mar 2021 14:40:03 +0300 Subject: [PATCH 12/49] feat(grant): add flush handler --- grant/jwtbearer/doc.go | 13 +++++++++ grant/jwtbearer/handler.go | 36 +++++++++++++++++++++++++ grant/jwtbearer/manager.go | 1 + grant/jwtbearer/manager_test_helpers.go | 17 +++++++++--- grant/jwtbearer/request.go | 6 +++++ persistence/sql/persister_grant_jwk.go | 9 +++++++ 6 files changed, 78 insertions(+), 4 deletions(-) diff --git a/grant/jwtbearer/doc.go b/grant/jwtbearer/doc.go index 4007f628303..233d7c80c37 100644 --- a/grant/jwtbearer/doc.go +++ b/grant/jwtbearer/doc.go @@ -122,3 +122,16 @@ type swaggerJWTBearerGrantPublicKey struct { // example: 123e4567-e89b-12d3-a456-426655440000 KeyID string `json:"kid"` } + +// swagger:parameters flushInactiveJWTBearerGrants +type swaggerFlushInactiveJWTBearerGrantsRequestParams struct { + // in: body + Body swaggerFlushInactiveJWTBearerGrantsParams +} + +// swagger:model flushInactiveJWTBearerGrantsParams +type swaggerFlushInactiveJWTBearerGrantsParams struct { + // The "notAfter" sets after which point grants should not be flushed. This is useful when you want to keep a history + // of recently added grants. + NotAfter time.Time `json:"notAfter"` +} diff --git a/grant/jwtbearer/handler.go b/grant/jwtbearer/handler.go index ccafbaefaa9..d815812bfed 100644 --- a/grant/jwtbearer/handler.go +++ b/grant/jwtbearer/handler.go @@ -34,6 +34,7 @@ func (h *Handler) SetRoutes(admin *x.RouterAdmin) { admin.POST(grantJWTBearerPath, h.Create) admin.DELETE(grantJWTBearerPath+"/:id", h.Delete) + admin.POST(grantJWTBearerPath+"/flush", h.FlushHandler) } // swagger:route POST /grants/jwt-bearer admin createJWTBearerGrant @@ -194,3 +195,38 @@ func (h *Handler) List(w http.ResponseWriter, r *http.Request, ps httprouter.Par h.registry.Writer().Write(w, r, grants) } + +// swagger:route POST /grants/jwt-bearer/flush admin flushInactiveJWTBearerGrants +// +// Flush Expired jwt-bearer grants. +// +// This endpoint flushes expired jwt-bearer grants from the database. You can set a time after which no tokens will be +// not be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be flushed as they are deleted +// automatically when performing the refresh flow. +// +// Consumes: +// - application/json +// +// Schemes: http, https +// +// Responses: +// 204: emptyResponse +// 500: genericError +func (h *Handler) FlushHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { + var request flushInactiveGrantsRequest + if err := json.NewDecoder(r.Body).Decode(&request); err != nil { + h.registry.Writer().WriteError(w, r, err) + return + } + + if request.NotAfter.IsZero() { + request.NotAfter = time.Now().UTC() + } + + if err := h.registry.GrantManager().FlushInactiveGrants(r.Context(), request.NotAfter); err != nil { + h.registry.Writer().WriteError(w, r, err) + return + } + + w.WriteHeader(http.StatusNoContent) +} diff --git a/grant/jwtbearer/manager.go b/grant/jwtbearer/manager.go index 2f9a4f7c20f..f8304c967d0 100644 --- a/grant/jwtbearer/manager.go +++ b/grant/jwtbearer/manager.go @@ -13,6 +13,7 @@ type GrantManager interface { DeleteGrant(ctx context.Context, id string) error GetGrants(ctx context.Context, limit, offset int, optionalIssuer string) ([]Grant, error) CountGrants(ctx context.Context) (int, error) + FlushInactiveGrants(ctx context.Context, notAfter time.Time) error } type SQLData struct { diff --git a/grant/jwtbearer/manager_test_helpers.go b/grant/jwtbearer/manager_test_helpers.go index d4d393e784e..f8910d2823d 100644 --- a/grant/jwtbearer/manager_test_helpers.go +++ b/grant/jwtbearer/manager_test_helpers.go @@ -98,7 +98,7 @@ func TestHelperGrantManagerCreateGetDeleteGrant(m GrantManager) func(t *testing. KeyID: "public:tokenServicePubKey2", }, CreatedAt: createdAt.Add(time.Minute * 5), - ExpiresAt: expiresAt, + ExpiresAt: createdAt.Add(-time.Minute * 5), } err = m.CreateGrant(context.TODO(), grant2, tokenServicePubKey2) require.NoError(t, err) @@ -113,7 +113,7 @@ func TestHelperGrantManagerCreateGetDeleteGrant(m GrantManager) func(t *testing. KeyID: "public:mikePubKey", }, CreatedAt: createdAt.Add(time.Hour), - ExpiresAt: expiresAt, + ExpiresAt: createdAt.Add(-time.Hour * 24), } err = m.CreateGrant(context.TODO(), grant3, mikePubKey) require.NoError(t, err) @@ -141,16 +141,25 @@ func TestHelperGrantManagerCreateGetDeleteGrant(m GrantManager) func(t *testing. assert.Equal(t, grant.ID, storedGrants[0].ID) assert.Equal(t, grant2.ID, storedGrants[1].ID) - err = m.DeleteGrant(context.TODO(), grant2.ID) + err = m.DeleteGrant(context.TODO(), grant.ID) require.NoError(t, err) - _, err = m.GetConcreteGrant(context.TODO(), grant2.ID) + _, err = m.GetConcreteGrant(context.TODO(), grant.ID) require.Error(t, err) count, err = m.CountGrants(context.TODO()) require.NoError(t, err) assert.Equal(t, 2, count) + err = m.FlushInactiveGrants(context.TODO(), grant2.ExpiresAt) + require.NoError(t, err) + + count, err = m.CountGrants(context.TODO()) + require.NoError(t, err) + assert.Equal(t, 1, count) + + _, err = m.GetConcreteGrant(context.TODO(), grant2.ID) + assert.NoError(t, err) } } diff --git a/grant/jwtbearer/request.go b/grant/jwtbearer/request.go index d78b8fae2be..6159a244859 100644 --- a/grant/jwtbearer/request.go +++ b/grant/jwtbearer/request.go @@ -22,3 +22,9 @@ type createGrantRequest struct { // ExpiresAt indicates, when grant will expire, so we will reject assertion from Issuer targeting Subject. ExpiresAt time.Time `json:"expires_at"` } + +type flushInactiveGrantsRequest struct { + // NotAfter sets after which point grants should not be flushed. This is useful when you want to keep a history + // of recently added grants. + NotAfter time.Time `json:"notAfter"` +} diff --git a/persistence/sql/persister_grant_jwk.go b/persistence/sql/persister_grant_jwk.go index 4d6f4d74900..31093cc665b 100644 --- a/persistence/sql/persister_grant_jwk.go +++ b/persistence/sql/persister_grant_jwk.go @@ -2,6 +2,7 @@ package sql import ( "context" + "fmt" "strings" "time" @@ -185,3 +186,11 @@ func (p *Persister) jwtGrantFromSQlData(data jwtbearer.SQLData) jwtbearer.Grant ExpiresAt: data.ExpiresAt, } } + +func (p *Persister) FlushInactiveGrants(ctx context.Context, notAfter time.Time) error { + return sqlcon.HandleError(p.Connection(ctx).RawQuery( + fmt.Sprintf("DELETE FROM %s WHERE expires_at < ? AND expires_at < ?", jwtbearer.SQLData{}.TableName()), + time.Now().UTC(), + notAfter, + ).Exec()) +} From 995db848c8553c09254bbf73e8f5df9c9665b3ee Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Fri, 5 Mar 2021 15:47:54 +0300 Subject: [PATCH 13/49] style: goimports --- oauth2/fosite_store_helpers.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/oauth2/fosite_store_helpers.go b/oauth2/fosite_store_helpers.go index 2e236808a9c..d9f5d5e73e7 100644 --- a/oauth2/fosite_store_helpers.go +++ b/oauth2/fosite_store_helpers.go @@ -29,9 +29,10 @@ import ( "time" "github.com/gobuffalo/pop/v5" - "github.com/ory/fosite/handler/rfc7523" "gopkg.in/square/go-jose.v2" + "github.com/ory/fosite/handler/rfc7523" + "github.com/ory/hydra/grant/jwtbearer" "github.com/ory/hydra/x" From dc6354f1e82ce5214dd493b2b617af3ac699f946 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Wed, 24 Mar 2021 15:08:43 +0300 Subject: [PATCH 14/49] feat(config): changed config names for grant jwt --- driver/config/provider.go | 6 +++--- spec/config.json | 14 +++++++------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/driver/config/provider.go b/driver/config/provider.go index b9d42645a01..e0d808f887a 100644 --- a/driver/config/provider.go +++ b/driver/config/provider.go @@ -65,9 +65,9 @@ const ( KeyOAuth2LegacyErrors = "oauth2.include_legacy_error_fields" KeyExcludeNotBeforeClaim = "oauth2.exclude_not_before_claim" KeyOAuth2GrantJWTClientAuthOptional = "oauth2.grant.jwt.client_auth_optional" - KeyOAuth2GrantJWTIDOptional = "oauth2.grant.jwt.id_optional" - KeyOAuth2GrantJWTIssuedDateOptional = "oauth2.grant.jwt.issued_date_optional" - KeyOAuth2GrantJWTMaxDuration = "oauth2.grant.jwt.max_duration" + KeyOAuth2GrantJWTIDOptional = "oauth2.grant.jwt.jti_optional" + KeyOAuth2GrantJWTIssuedDateOptional = "oauth2.grant.jwt.iat_optional" + KeyOAuth2GrantJWTMaxDuration = "oauth2.grant.jwt.max_ttl" ) const DSNMemory = "memory" diff --git a/spec/config.json b/spec/config.json index 1b04acff0c6..d37d324a6ac 100644 --- a/spec/config.json +++ b/spec/config.json @@ -246,28 +246,28 @@ } } }, - "grantJWT": { + "grantJwt": { "type": "object", "additionalProperties": false, "description": "Authorization Grants using JWT configuration", "properties": { "client_auth_optional": { "type": "boolean", - "description": "If false, client authentication is required to get access token.", + "description": "If false, client authentication is required to get access token. If true client authentication is not required.", "default": false }, - "id_optional": { + "jti_optional": { "type": "boolean", "description": "If false, JTI claim must be present in JWT assertion.", "default": false }, - "issued_date_optional": { + "iat_optional": { "type": "boolean", "description": "If false, IAT claim must be present in JWT assertion.", "default": false }, - "max_duration": { - "description": "Configures how long JWT assertion is considered valid, since being issued.", + "max_ttl": { + "description": "Configures what the maximum age of a JWT assertion can be. Uses JWT's EXP claim and JWT IAT claim to calculate assertion age. Assertion, that exceeds max age will be denied. Useful as a safety measure and recommended to not be set to 720h max.", "default": "720h", "allOf": [ { @@ -890,7 +890,7 @@ "additionalProperties": false, "properties": { "jwt": { - "$ref": "#/definitions/grantJWT" + "$ref": "#/definitions/grantJwt" } } } From af667321b020af516196151cbde89a996a3895a3 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Mon, 5 Apr 2021 13:38:44 +0200 Subject: [PATCH 15/49] docs: add dummy page for oauth2 jwt grant type --- docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx | 8 ++++++++ docs/sidebar.json | 1 + 2 files changed, 9 insertions(+) create mode 100644 docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx diff --git a/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx b/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx new file mode 100644 index 00000000000..91dec429a29 --- /dev/null +++ b/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx @@ -0,0 +1,8 @@ +--- +id: oauth2-grant-type-jwt-bearer-profile +title: JSON Web Token (JWT) Profile (RFC7523) +--- + +Ory Hydra is capable of performing the [JSON Web Token (JWT) Profile +for OAuth 2.0 Client Authentication and Authorization Grants](https://tools.ietf.org/html/rfc7523). + diff --git a/docs/sidebar.json b/docs/sidebar.json index 6540a52391a..71a91107671 100644 --- a/docs/sidebar.json +++ b/docs/sidebar.json @@ -29,6 +29,7 @@ "dependencies-environment", "production", "guides/tracing", + "guides/oauth2-grant-type-jwt-bearer", "guides/secrets-key-rotation", "guides/kubernetes-helm-chart", "guides/ssl-https-tls", From 5948c87855c131e3e3369377218ec1437b6f1ef1 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Mon, 24 May 2021 17:09:49 +0300 Subject: [PATCH 16/49] docs(jwtbearer): Add docs for grant jwt bearer --- .../guides/oauth2-grant-type-jwt-bearer.mdx | 80 ++++++++++++++++++- 1 file changed, 78 insertions(+), 2 deletions(-) diff --git a/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx b/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx index 91dec429a29..f1efd1634fe 100644 --- a/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx +++ b/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx @@ -1,8 +1,84 @@ --- -id: oauth2-grant-type-jwt-bearer-profile +id: oauth2-grant-type-jwt-bearer title: JSON Web Token (JWT) Profile (RFC7523) --- Ory Hydra is capable of performing the [JSON Web Token (JWT) Profile -for OAuth 2.0 Client Authentication and Authorization Grants](https://tools.ietf.org/html/rfc7523). +for OAuth 2.0 Client Authentication and Authorization Grants](https://tools.ietf.org/html/rfc7523). This guide defines +how a JWT Bearer Token can be used to request an access token when a client wishes to utilize an existing trust +relationship, expressed through the semantics of the JWT, without a direct user-approval step at the authorization +server (Hydra). + +## Requesting access token using JWT + +To use a Bearer JWT as an authorization grant, the client uses an access token request as defined in [Section 4.1 of the +OAuth Assertion Framework RFC7521](https://datatracker.ietf.org/doc/html/rfc7521#section-4.1) with the following specific +parameter values and encodings. + +The value of the "grant_type" is "urn:ietf:params:oauth:grant-type:jwt-bearer". + +The value of the "assertion" parameter MUST contain a single JWT. + +The "scope" parameter may be used, as defined in the OAuth Assertion Framework [RFC7521](https://datatracker.ietf.org/doc/html/rfc7521), +to indicate the requested scope. + +Authentication of the client can be optional and is controlled by `oauth2.grant.jwt.client_auth_optional` setting. + +## JWT Requirements + + 1. The JWT MUST contain an "iss" (issuer) claim that contains a unique identifier for the entity that issued the JWT. + Either client id or assertion server identifier. + 2. The JWT MUST contain a "sub" (subject) claim identifying the principal that is the subject of the + JWT (e.g. user email). + 3. The JWT MUST contain an "aud" (audience) claim containing a value that identifies the authorization + server (Hydra) as an intended audience. So this value must be Hydra Token URL. + 4. The JWT MUST contain an "exp" (expiration time) claim that limits the time window during which the JWT + can be used. Can be controlled by `oauth2.grant.jwt.max_ttl` setting. + 5. The JWT MAY contain an "nbf" (not before) claim that identifies the time before which the token MUST NOT be + accepted for processing by Hydra. Controlled by `oauth2.grant.jwt.jti_optional` setting. + 6. The JWT MAY contain an "iat" (issued at) claim that identifies the time at which the JWT was issued. Controlled by + `oauth2.grant.jwt.iat_optional` If "iat" is not passed, then current time (when assertion is received by Hydra) + will be considered as issued date. + 7. The JWT MAY contain a "jti" (JWT ID) claim that provides a unique identifier for the token. Controlled by + `oauth2.grant.jwt.jti_optional` setting. **Note**: If "jti" is configured to be required, then Hydra will reject + all assertions with the same "jti", if "jti" was already used by some assertion, and this assertion is + not expired yet (see "exp" claim). + 9. The JWT MUST be digitally signed. + +## How Hydra checks assertion + +So now we know what requirements are for JWT. But how Hydra knows if passed assertion is valid and how Hydra checks it? + +Last requirement in JWT requirements list is "The JWT MUST be digitally signed", if Hydra **has** public key +for the JWT assertion and key signature check, using this public key, **passes**, then Hydra considers claims +in this assertion as **trusted** and will check them: + + 1. Hydra checks that "iss" (issuer) claim is presented and it is the same as issuer, registered for the public key + (more on this later). + 2. Hydra checks that "sub" (subject) claim is presented and it is the same as subject, registered for the public key + (more on this later). + 3. Hydra checks that "aud" (audience) claim is equal to Hydra Token URL. + 4. Hydra calculates TTL for assertion based on "iat" claim and checks if TTL exceeds an "exp" (expiration time) claim. + 5. If JWT contains an "nbf" (not before) claim, then Hydra checks the time, before which the token must no be + accepted, is passed. + 6. Hydra checks that "iat" (issued at) claim is presented if it is required. + 7. Hydra checks that "jti" (JWT ID) claim is presented if it is required and is not in used already by + another assertion. + 8. If scopes were passed in request, then Hydra will check them against scope white list for current assertion ( + see "Creating grant" below). + +If every check is **passed**, Hydra will **issue** access token. But how to register public key for assertion? + +## Creating grant (registering public key) + +In order to register public key for concrete issuer and subject we need to create **Grant** +using [Administrative Endpoints](../reference/api.mdx). Grant creation can be expressed like: "User explicitly grants +permission to represent itself using using assertion for concrete issuer and subject using a pair of keys, public one +will be stored in Hydra to check signature". + +During grant creation you can also set "scopes", this will serve as scope whitelist, so assertions for this issuer and +subject can only contain scopes from this list or no scopes at all. + +`expires_at` field in grant creation request sets grants max lifetime. If grant expires, **no more** assertion for this +issuer and subject will pass check. From de70e4e097fd95c077fb07717f87914c58851bc3 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Tue, 25 May 2021 15:49:22 +0300 Subject: [PATCH 17/49] doc(jwtbearer) change naming --- grant/jwtbearer/doc.go | 18 +++++++++--------- grant/jwtbearer/handler.go | 16 ++++++++-------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/grant/jwtbearer/doc.go b/grant/jwtbearer/doc.go index 233d7c80c37..6088b018383 100644 --- a/grant/jwtbearer/doc.go +++ b/grant/jwtbearer/doc.go @@ -30,7 +30,7 @@ import ( "github.com/ory/hydra/x" ) -// swagger:model createJWTBearerGrantParams +// swagger:model createJwtBearerGrantParams type swaggerCreateJWTBearerGrantParams struct { // The "issuer" identifies the principal that issued the JWT assertion (same as "iss" claim in JWT). // required:true @@ -56,13 +56,13 @@ type swaggerCreateJWTBearerGrantParams struct { ExpiresAt time.Time `json:"expires_at"` } -// swagger:parameters createJWTBearerGrant +// swagger:parameters createJwtBearerGrant type swaggerCreateJWTBearerGrantRequestParams struct { // in: body Body swaggerCreateJWTBearerGrantParams } -// swagger:parameters getJWTBearerGrantList +// swagger:parameters getJwtBearerGrantList type swaggerGetJWTBearerGrantListParams struct { // If Optional "issuer" is supplied, only jwt-bearer grants with this issuer will be returned. // in: query @@ -70,7 +70,7 @@ type swaggerGetJWTBearerGrantListParams struct { Issuer string `json:"issuer"` } -// swagger:parameters getJWTBearerGrant deleteJWTBearerGrant updateJWTBearerGrant +// swagger:parameters getJwtBearerGrant deleteJwtBearerGrant updateJwtBearerGrant type swaggerJWTBearerGrantQuery struct { // The id of the desired grant // in: path @@ -78,14 +78,14 @@ type swaggerJWTBearerGrantQuery struct { ID string `json:"id"` } -// swagger:response JWTBearerGrantList +// swagger:response JwtBearerGrantList type swaggerJWTBearerGrantList struct { // in: body // type: array Body []swaggerJWTBearerGrant } -// swagger:model JWTBearerGrant +// swagger:model JwtBearerGrant type swaggerJWTBearerGrant struct { // example: 9edc811f-4e28-453c-9b46-4de65f00217f ID string `json:"id"` @@ -112,7 +112,7 @@ type swaggerJWTBearerGrant struct { ExpiresAt time.Time `json:"expires_at"` } -// swagger:model JWTBearerGrantPublicKey +// swagger:model JwtBearerGrantPublicKey type swaggerJWTBearerGrantPublicKey struct { // The "set" is basically a name for a group(set) of keys. Will be the same as "issuer" in grant. // example: https://jwt-idp.example.com @@ -123,13 +123,13 @@ type swaggerJWTBearerGrantPublicKey struct { KeyID string `json:"kid"` } -// swagger:parameters flushInactiveJWTBearerGrants +// swagger:parameters flushInactiveJwtBearerGrants type swaggerFlushInactiveJWTBearerGrantsRequestParams struct { // in: body Body swaggerFlushInactiveJWTBearerGrantsParams } -// swagger:model flushInactiveJWTBearerGrantsParams +// swagger:model flushInactiveJwtBearerGrantsParams type swaggerFlushInactiveJWTBearerGrantsParams struct { // The "notAfter" sets after which point grants should not be flushed. This is useful when you want to keep a history // of recently added grants. diff --git a/grant/jwtbearer/handler.go b/grant/jwtbearer/handler.go index d815812bfed..e3d80a2f2c2 100644 --- a/grant/jwtbearer/handler.go +++ b/grant/jwtbearer/handler.go @@ -37,7 +37,7 @@ func (h *Handler) SetRoutes(admin *x.RouterAdmin) { admin.POST(grantJWTBearerPath+"/flush", h.FlushHandler) } -// swagger:route POST /grants/jwt-bearer admin createJWTBearerGrant +// swagger:route POST /grants/jwt-bearer admin createJwtBearerGrant // // Create a new jwt-bearer Grant. // @@ -53,7 +53,7 @@ func (h *Handler) SetRoutes(admin *x.RouterAdmin) { // Schemes: http, https // // Responses: -// 201: JWTBearerGrant +// 201: JwtBearerGrant // 400: genericError // 409: genericError // 500: genericError @@ -91,7 +91,7 @@ func (h *Handler) Create(w http.ResponseWriter, r *http.Request, _ httprouter.Pa h.registry.Writer().WriteCreated(w, r, grantJWTBearerPath+"/"+grant.ID, &grant) } -// swagger:route GET /grants/jwt-bearer/{id} admin getJWTBearerGrant +// swagger:route GET /grants/jwt-bearer/{id} admin getJwtBearerGrant // // Fetch jwt-bearer grant information. // @@ -107,7 +107,7 @@ func (h *Handler) Create(w http.ResponseWriter, r *http.Request, _ httprouter.Pa // Schemes: http, https // // Responses: -// 200: JWTBearerGrant +// 200: JwtBearerGrant // 404: genericError // 500: genericError func (h *Handler) Get(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { @@ -122,7 +122,7 @@ func (h *Handler) Get(w http.ResponseWriter, r *http.Request, ps httprouter.Para h.registry.Writer().Write(w, r, grant) } -// swagger:route DELETE /grants/jwt-bearer/{id} admin deleteJWTBearerGrant +// swagger:route DELETE /grants/jwt-bearer/{id} admin deleteJwtBearerGrant // // Delete jwt-bearer grant. // @@ -153,7 +153,7 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request, ps httprouter.P w.WriteHeader(http.StatusNoContent) } -// swagger:route GET /grants/jwt-bearer admin getJWTBearerGrantList +// swagger:route GET /grants/jwt-bearer admin getJwtBearerGrantList // // Fetch all jwt-bearer grants. // @@ -169,7 +169,7 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request, ps httprouter.P // Schemes: http, https // // Responses: -// 200: JWTBearerGrantList +// 200: JwtBearerGrantList // 500: genericError func (h *Handler) List(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { limit, offset := pagination.Parse(r, 100, 0, 500) @@ -196,7 +196,7 @@ func (h *Handler) List(w http.ResponseWriter, r *http.Request, ps httprouter.Par h.registry.Writer().Write(w, r, grants) } -// swagger:route POST /grants/jwt-bearer/flush admin flushInactiveJWTBearerGrants +// swagger:route POST /grants/jwt-bearer/flush admin flushInactiveJwtBearerGrants // // Flush Expired jwt-bearer grants. // From 71d84a820839d0edcff852fe66278b6395046d3e Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Tue, 25 May 2021 17:18:42 +0300 Subject: [PATCH 18/49] chore(jwtbearer): regenerate sdk --- .../guides/oauth2-grant-type-jwt-bearer.mdx | 133 ++++--- .../accept_consent_request_parameters.go | 49 ++- .../admin/accept_consent_request_responses.go | 12 +- .../admin/accept_login_request_parameters.go | 49 ++- .../admin/accept_login_request_responses.go | 18 +- .../admin/accept_logout_request_parameters.go | 45 ++- .../admin/accept_logout_request_responses.go | 12 +- .../httpclient/client/admin/admin_client.go | 197 ++++++++++ .../create_json_web_key_set_parameters.go | 50 ++- .../create_json_web_key_set_responses.go | 15 +- .../create_jwt_bearer_grant_parameters.go | 148 ++++++++ .../create_jwt_bearer_grant_responses.go | 181 ++++++++++ .../admin/create_o_auth2_client_parameters.go | 45 ++- .../admin/create_o_auth2_client_responses.go | 15 +- .../admin/delete_json_web_key_parameters.go | 51 ++- .../admin/delete_json_web_key_responses.go | 16 +- .../delete_json_web_key_set_parameters.go | 46 ++- .../delete_json_web_key_set_responses.go | 16 +- .../delete_jwt_bearer_grant_parameters.go | 149 ++++++++ .../delete_jwt_bearer_grant_responses.go | 133 +++++++ .../admin/delete_o_auth2_client_parameters.go | 46 ++- .../admin/delete_o_auth2_client_responses.go | 13 +- .../admin/delete_o_auth2_token_parameters.go | 45 ++- .../admin/delete_o_auth2_token_responses.go | 13 +- ...h_inactive_jwt_bearer_grants_parameters.go | 148 ++++++++ ...sh_inactive_jwt_bearer_grants_responses.go | 95 +++++ ...lush_inactive_o_auth2_tokens_parameters.go | 45 ++- ...flush_inactive_o_auth2_tokens_responses.go | 13 +- .../admin/get_consent_request_parameters.go | 45 ++- .../admin/get_consent_request_responses.go | 15 +- .../admin/get_json_web_key_parameters.go | 51 ++- .../admin/get_json_web_key_responses.go | 12 +- .../admin/get_json_web_key_set_parameters.go | 46 ++- .../admin/get_json_web_key_set_responses.go | 15 +- .../get_jwt_bearer_grant_list_parameters.go | 161 +++++++++ .../get_jwt_bearer_grant_list_responses.go | 103 ++++++ .../admin/get_jwt_bearer_grant_parameters.go | 149 ++++++++ .../admin/get_jwt_bearer_grant_responses.go | 143 ++++++++ .../admin/get_login_request_parameters.go | 45 ++- .../admin/get_login_request_responses.go | 18 +- .../admin/get_logout_request_parameters.go | 45 ++- .../admin/get_logout_request_responses.go | 15 +- .../admin/get_o_auth2_client_parameters.go | 46 ++- .../admin/get_o_auth2_client_responses.go | 12 +- .../client/admin/get_version_parameters.go | 42 ++- .../client/admin/get_version_responses.go | 6 +- .../introspect_o_auth2_token_parameters.go | 56 +-- .../introspect_o_auth2_token_responses.go | 12 +- .../admin/is_instance_alive_parameters.go | 42 ++- .../admin/is_instance_alive_responses.go | 9 +- .../admin/list_o_auth2_clients_parameters.go | 61 ++-- .../admin/list_o_auth2_clients_responses.go | 9 +- ...ist_subject_consent_sessions_parameters.go | 45 ++- ...list_subject_consent_sessions_responses.go | 12 +- .../admin/patch_o_auth2_client_parameters.go | 48 ++- .../admin/patch_o_auth2_client_responses.go | 9 +- .../client/admin/prometheus_parameters.go | 42 ++- .../client/admin/prometheus_responses.go | 7 +- .../reject_consent_request_parameters.go | 49 ++- .../admin/reject_consent_request_responses.go | 12 +- .../admin/reject_login_request_parameters.go | 49 ++- .../admin/reject_login_request_responses.go | 18 +- .../admin/reject_logout_request_parameters.go | 49 ++- .../admin/reject_logout_request_responses.go | 13 +- ...evoke_authentication_session_parameters.go | 45 ++- ...revoke_authentication_session_responses.go | 13 +- .../revoke_consent_sessions_parameters.go | 63 ++-- .../revoke_consent_sessions_responses.go | 13 +- .../admin/update_json_web_key_parameters.go | 55 +-- .../admin/update_json_web_key_responses.go | 15 +- .../update_json_web_key_set_parameters.go | 50 ++- .../update_json_web_key_set_responses.go | 15 +- .../admin/update_o_auth2_client_parameters.go | 48 ++- .../admin/update_o_auth2_client_responses.go | 9 +- .../public/disconnect_user_parameters.go | 42 ++- .../public/disconnect_user_responses.go | 7 +- ...scover_open_id_configuration_parameters.go | 42 ++- ...iscover_open_id_configuration_responses.go | 12 +- .../public/is_instance_ready_parameters.go | 42 ++- .../public/is_instance_ready_responses.go | 9 +- .../client/public/oauth2_token_parameters.go | 60 ++-- .../client/public/oauth2_token_responses.go | 15 +- .../client/public/oauth_auth_parameters.go | 42 ++- .../client/public/oauth_auth_responses.go | 13 +- .../public/revoke_o_auth2_token_parameters.go | 44 ++- .../public/revoke_o_auth2_token_responses.go | 13 +- .../client/public/userinfo_parameters.go | 42 ++- .../client/public/userinfo_responses.go | 12 +- .../client/public/well_known_parameters.go | 42 ++- .../client/public/well_known_responses.go | 9 +- .../models/accept_consent_request.go | 82 ++++- .../httpclient/models/accept_login_request.go | 7 + .../httpclient/models/completed_request.go | 7 + internal/httpclient/models/consent_request.go | 84 ++++- .../models/consent_request_session.go | 7 + .../models/container_wait_o_k_body_error.go | 7 + .../models/create_jwt_bearer_grant_params.go | 179 +++++++++ ...flush_inactive_jwt_bearer_grants_params.go | 75 ++++ .../flush_inactive_o_auth2_tokens_request.go | 8 +- internal/httpclient/models/generic_error.go | 11 + .../models/health_not_ready_status.go | 7 + internal/httpclient/models/health_status.go | 7 + internal/httpclient/models/json_web_key.go | 23 ++ .../httpclient/models/json_web_key_set.go | 34 +- .../json_web_key_set_generator_request.go | 7 + .../httpclient/models/jwt_bearer_grant.go | 157 ++++++++ .../models/jwt_bearer_grant_public_key.go | 55 +++ internal/httpclient/models/login_request.go | 81 ++++- internal/httpclient/models/logout_request.go | 31 +- internal/httpclient/models/null_time.go | 7 + internal/httpclient/models/o_auth2_client.go | 153 +++++++- .../models/o_auth2_token_introspection.go | 7 + .../models/oauth2_token_response.go | 7 + .../models/open_id_connect_context.go | 7 + internal/httpclient/models/patch_document.go | 9 + internal/httpclient/models/patch_request.go | 24 ++ internal/httpclient/models/plugin_config.go | 165 ++++++++- .../httpclient/models/plugin_config_args.go | 7 + .../models/plugin_config_interface.go | 33 ++ .../models/plugin_config_linux_swagger.go | 33 ++ .../models/plugin_config_network.go | 7 + .../httpclient/models/plugin_config_rootfs.go | 7 + .../httpclient/models/plugin_config_user.go | 7 + internal/httpclient/models/plugin_device.go | 7 + internal/httpclient/models/plugin_env.go | 7 + .../models/plugin_interface_type.go | 7 + internal/httpclient/models/plugin_mount.go | 7 + internal/httpclient/models/plugin_settings.go | 55 +++ .../models/previous_consent_session.go | 101 +++++- internal/httpclient/models/reject_request.go | 7 + .../models/request_was_handled_response.go | 7 + .../models/string_slice_pipe_delimiter.go | 7 + .../httpclient/models/userinfo_response.go | 7 + internal/httpclient/models/version.go | 7 + internal/httpclient/models/volume.go | 42 ++- .../httpclient/models/volume_usage_data.go | 7 + internal/httpclient/models/well_known.go | 12 + spec/api.json | 339 +++++++++++++++++- 138 files changed, 4990 insertions(+), 1052 deletions(-) create mode 100644 internal/httpclient/client/admin/create_jwt_bearer_grant_parameters.go create mode 100644 internal/httpclient/client/admin/create_jwt_bearer_grant_responses.go create mode 100644 internal/httpclient/client/admin/delete_jwt_bearer_grant_parameters.go create mode 100644 internal/httpclient/client/admin/delete_jwt_bearer_grant_responses.go create mode 100644 internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_parameters.go create mode 100644 internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_responses.go create mode 100644 internal/httpclient/client/admin/get_jwt_bearer_grant_list_parameters.go create mode 100644 internal/httpclient/client/admin/get_jwt_bearer_grant_list_responses.go create mode 100644 internal/httpclient/client/admin/get_jwt_bearer_grant_parameters.go create mode 100644 internal/httpclient/client/admin/get_jwt_bearer_grant_responses.go create mode 100644 internal/httpclient/models/create_jwt_bearer_grant_params.go create mode 100644 internal/httpclient/models/flush_inactive_jwt_bearer_grants_params.go create mode 100644 internal/httpclient/models/jwt_bearer_grant.go create mode 100644 internal/httpclient/models/jwt_bearer_grant_public_key.go diff --git a/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx b/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx index f1efd1634fe..bbd8fe67eb8 100644 --- a/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx +++ b/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx @@ -3,82 +3,97 @@ id: oauth2-grant-type-jwt-bearer title: JSON Web Token (JWT) Profile (RFC7523) --- -Ory Hydra is capable of performing the [JSON Web Token (JWT) Profile -for OAuth 2.0 Client Authentication and Authorization Grants](https://tools.ietf.org/html/rfc7523). This guide defines -how a JWT Bearer Token can be used to request an access token when a client wishes to utilize an existing trust -relationship, expressed through the semantics of the JWT, without a direct user-approval step at the authorization -server (Hydra). +Ory Hydra is capable of performing the +[JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants](https://tools.ietf.org/html/rfc7523). +This guide defines how a JWT Bearer Token can be used to request an access token +when a client wishes to utilize an existing trust relationship, expressed +through the semantics of the JWT, without a direct user-approval step at the +authorization server (Hydra). ## Requesting access token using JWT -To use a Bearer JWT as an authorization grant, the client uses an access token request as defined in [Section 4.1 of the -OAuth Assertion Framework RFC7521](https://datatracker.ietf.org/doc/html/rfc7521#section-4.1) with the following specific -parameter values and encodings. +To use a Bearer JWT as an authorization grant, the client uses an access token +request as defined in +[Section 4.1 of the OAuth Assertion Framework RFC7521](https://datatracker.ietf.org/doc/html/rfc7521#section-4.1) +with the following specific parameter values and encodings. The value of the "grant_type" is "urn:ietf:params:oauth:grant-type:jwt-bearer". The value of the "assertion" parameter MUST contain a single JWT. -The "scope" parameter may be used, as defined in the OAuth Assertion Framework [RFC7521](https://datatracker.ietf.org/doc/html/rfc7521), -to indicate the requested scope. +The "scope" parameter may be used, as defined in the OAuth Assertion Framework +[RFC7521](https://datatracker.ietf.org/doc/html/rfc7521), to indicate the +requested scope. -Authentication of the client can be optional and is controlled by `oauth2.grant.jwt.client_auth_optional` setting. +Authentication of the client can be optional and is controlled by +`oauth2.grant.jwt.client_auth_optional` setting. ## JWT Requirements - 1. The JWT MUST contain an "iss" (issuer) claim that contains a unique identifier for the entity that issued the JWT. - Either client id or assertion server identifier. - 2. The JWT MUST contain a "sub" (subject) claim identifying the principal that is the subject of the - JWT (e.g. user email). - 3. The JWT MUST contain an "aud" (audience) claim containing a value that identifies the authorization - server (Hydra) as an intended audience. So this value must be Hydra Token URL. - 4. The JWT MUST contain an "exp" (expiration time) claim that limits the time window during which the JWT - can be used. Can be controlled by `oauth2.grant.jwt.max_ttl` setting. - 5. The JWT MAY contain an "nbf" (not before) claim that identifies the time before which the token MUST NOT be - accepted for processing by Hydra. Controlled by `oauth2.grant.jwt.jti_optional` setting. - 6. The JWT MAY contain an "iat" (issued at) claim that identifies the time at which the JWT was issued. Controlled by - `oauth2.grant.jwt.iat_optional` If "iat" is not passed, then current time (when assertion is received by Hydra) - will be considered as issued date. - 7. The JWT MAY contain a "jti" (JWT ID) claim that provides a unique identifier for the token. Controlled by - `oauth2.grant.jwt.jti_optional` setting. **Note**: If "jti" is configured to be required, then Hydra will reject - all assertions with the same "jti", if "jti" was already used by some assertion, and this assertion is - not expired yet (see "exp" claim). - 9. The JWT MUST be digitally signed. +1. The JWT MUST contain an "iss" (issuer) claim that contains a unique + identifier for the entity that issued the JWT. Either client id or assertion + server identifier. +2. The JWT MUST contain a "sub" (subject) claim identifying the principal that + is the subject of the JWT (e.g. user email). +3. The JWT MUST contain an "aud" (audience) claim containing a value that + identifies the authorization server (Hydra) as an intended audience. So this + value must be Hydra Token URL. +4. The JWT MUST contain an "exp" (expiration time) claim that limits the time + window during which the JWT can be used. Can be controlled by + `oauth2.grant.jwt.max_ttl` setting. +5. The JWT MAY contain an "nbf" (not before) claim that identifies the time + before which the token MUST NOT be accepted for processing by Hydra. + Controlled by `oauth2.grant.jwt.jti_optional` setting. +6. The JWT MAY contain an "iat" (issued at) claim that identifies the time at + which the JWT was issued. Controlled by `oauth2.grant.jwt.iat_optional` If + "iat" is not passed, then current time (when assertion is received by Hydra) + will be considered as issued date. +7. The JWT MAY contain a "jti" (JWT ID) claim that provides a unique identifier + for the token. Controlled by `oauth2.grant.jwt.jti_optional` setting. + **Note**: If "jti" is configured to be required, then Hydra will reject all + assertions with the same "jti", if "jti" was already used by some assertion, + and this assertion is not expired yet (see "exp" claim). +8. The JWT MUST be digitally signed. ## How Hydra checks assertion -So now we know what requirements are for JWT. But how Hydra knows if passed assertion is valid and how Hydra checks it? - -Last requirement in JWT requirements list is "The JWT MUST be digitally signed", if Hydra **has** public key -for the JWT assertion and key signature check, using this public key, **passes**, then Hydra considers claims -in this assertion as **trusted** and will check them: - - 1. Hydra checks that "iss" (issuer) claim is presented and it is the same as issuer, registered for the public key - (more on this later). - 2. Hydra checks that "sub" (subject) claim is presented and it is the same as subject, registered for the public key - (more on this later). - 3. Hydra checks that "aud" (audience) claim is equal to Hydra Token URL. - 4. Hydra calculates TTL for assertion based on "iat" claim and checks if TTL exceeds an "exp" (expiration time) claim. - 5. If JWT contains an "nbf" (not before) claim, then Hydra checks the time, before which the token must no be - accepted, is passed. - 6. Hydra checks that "iat" (issued at) claim is presented if it is required. - 7. Hydra checks that "jti" (JWT ID) claim is presented if it is required and is not in used already by - another assertion. - 8. If scopes were passed in request, then Hydra will check them against scope white list for current assertion ( - see "Creating grant" below). - -If every check is **passed**, Hydra will **issue** access token. But how to register public key for assertion? +So now we know what requirements are for JWT. But how Hydra knows if passed +assertion is valid and how Hydra checks it? + +Last requirement in JWT requirements list is "The JWT MUST be digitally signed", +if Hydra **has** public key for the JWT assertion and key signature check, using +this public key, **passes**, then Hydra considers claims in this assertion as +**trusted** and will check them: + +1. Hydra checks that "iss" (issuer) claim is presented and it is the same as + issuer, registered for the public key (more on this later). +2. Hydra checks that "sub" (subject) claim is presented and it is the same as + subject, registered for the public key (more on this later). +3. Hydra checks that "aud" (audience) claim is equal to Hydra Token URL. +4. Hydra calculates TTL for assertion based on "iat" claim and checks if TTL + exceeds an "exp" (expiration time) claim. +5. If JWT contains an "nbf" (not before) claim, then Hydra checks the time, + before which the token must no be accepted, is passed. +6. Hydra checks that "iat" (issued at) claim is presented if it is required. +7. Hydra checks that "jti" (JWT ID) claim is presented if it is required and is + not in used already by another assertion. +8. If scopes were passed in request, then Hydra will check them against scope + white list for current assertion ( see "Creating grant" below). + +If every check is **passed**, Hydra will **issue** access token. But how to +register public key for assertion? ## Creating grant (registering public key) -In order to register public key for concrete issuer and subject we need to create **Grant** -using [Administrative Endpoints](../reference/api.mdx). Grant creation can be expressed like: "User explicitly grants -permission to represent itself using using assertion for concrete issuer and subject using a pair of keys, public one -will be stored in Hydra to check signature". - -During grant creation you can also set "scopes", this will serve as scope whitelist, so assertions for this issuer and -subject can only contain scopes from this list or no scopes at all. +In order to register public key for concrete issuer and subject we need to +create **Grant** using [Administrative Endpoints](../reference/api.mdx). Grant +creation can be expressed like: "User explicitly grants permission to represent +itself using using assertion for concrete issuer and subject using a pair of +keys, public one will be stored in Hydra to check signature". -`expires_at` field in grant creation request sets grants max lifetime. If grant expires, **no more** assertion for this -issuer and subject will pass check. +During grant creation you can also set "scopes", this will serve as scope +whitelist, so assertions for this issuer and subject can only contain scopes +from this list or no scopes at all. +`expires_at` field in grant creation request sets grants max lifetime. If grant +expires, **no more** assertion for this issuer and subject will pass check. diff --git a/internal/httpclient/client/admin/accept_consent_request_parameters.go b/internal/httpclient/client/admin/accept_consent_request_parameters.go index df23ce33395..c573076321b 100644 --- a/internal/httpclient/client/admin/accept_consent_request_parameters.go +++ b/internal/httpclient/client/admin/accept_consent_request_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewAcceptConsentRequestParams creates a new AcceptConsentRequestParams object -// with the default values initialized. +// NewAcceptConsentRequestParams creates a new AcceptConsentRequestParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewAcceptConsentRequestParams() *AcceptConsentRequestParams { - var () return &AcceptConsentRequestParams{ - timeout: cr.DefaultTimeout, } } // NewAcceptConsentRequestParamsWithTimeout creates a new AcceptConsentRequestParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewAcceptConsentRequestParamsWithTimeout(timeout time.Duration) *AcceptConsentRequestParams { - var () return &AcceptConsentRequestParams{ - timeout: timeout, } } // NewAcceptConsentRequestParamsWithContext creates a new AcceptConsentRequestParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewAcceptConsentRequestParamsWithContext(ctx context.Context) *AcceptConsentRequestParams { - var () return &AcceptConsentRequestParams{ - Context: ctx, } } // NewAcceptConsentRequestParamsWithHTTPClient creates a new AcceptConsentRequestParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewAcceptConsentRequestParamsWithHTTPClient(client *http.Client) *AcceptConsentRequestParams { - var () return &AcceptConsentRequestParams{ HTTPClient: client, } } -/*AcceptConsentRequestParams contains all the parameters to send to the API endpoint -for the accept consent request operation typically these are written to a http.Request +/* AcceptConsentRequestParams contains all the parameters to send to the API endpoint + for the accept consent request operation. + + Typically these are written to a http.Request. */ type AcceptConsentRequestParams struct { - /*Body*/ + // Body. Body *models.AcceptConsentRequest - /*ConsentChallenge*/ + + // ConsentChallenge. ConsentChallenge string timeout time.Duration @@ -72,6 +72,21 @@ type AcceptConsentRequestParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the accept consent request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *AcceptConsentRequestParams) WithDefaults() *AcceptConsentRequestParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the accept consent request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *AcceptConsentRequestParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the accept consent request params func (o *AcceptConsentRequestParams) WithTimeout(timeout time.Duration) *AcceptConsentRequestParams { o.SetTimeout(timeout) @@ -134,7 +149,6 @@ func (o *AcceptConsentRequestParams) WriteToRequest(r runtime.ClientRequest, reg return err } var res []error - if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err @@ -145,6 +159,7 @@ func (o *AcceptConsentRequestParams) WriteToRequest(r runtime.ClientRequest, reg qrConsentChallenge := o.ConsentChallenge qConsentChallenge := qrConsentChallenge if qConsentChallenge != "" { + if err := r.SetQueryParam("consent_challenge", qConsentChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/accept_consent_request_responses.go b/internal/httpclient/client/admin/accept_consent_request_responses.go index f07a6e7e8ed..43e0a84ec48 100644 --- a/internal/httpclient/client/admin/accept_consent_request_responses.go +++ b/internal/httpclient/client/admin/accept_consent_request_responses.go @@ -41,9 +41,8 @@ func (o *AcceptConsentRequestReader) ReadResponse(response runtime.ClientRespons return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,7 +51,7 @@ func NewAcceptConsentRequestOK() *AcceptConsentRequestOK { return &AcceptConsentRequestOK{} } -/*AcceptConsentRequestOK handles this case with default header values. +/* AcceptConsentRequestOK describes a response with status code 200, with default header values. completedRequest */ @@ -63,7 +62,6 @@ type AcceptConsentRequestOK struct { func (o *AcceptConsentRequestOK) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/consent/accept][%d] acceptConsentRequestOK %+v", 200, o.Payload) } - func (o *AcceptConsentRequestOK) GetPayload() *models.CompletedRequest { return o.Payload } @@ -85,7 +83,7 @@ func NewAcceptConsentRequestNotFound() *AcceptConsentRequestNotFound { return &AcceptConsentRequestNotFound{} } -/*AcceptConsentRequestNotFound handles this case with default header values. +/* AcceptConsentRequestNotFound describes a response with status code 404, with default header values. genericError */ @@ -96,7 +94,6 @@ type AcceptConsentRequestNotFound struct { func (o *AcceptConsentRequestNotFound) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/consent/accept][%d] acceptConsentRequestNotFound %+v", 404, o.Payload) } - func (o *AcceptConsentRequestNotFound) GetPayload() *models.GenericError { return o.Payload } @@ -118,7 +115,7 @@ func NewAcceptConsentRequestInternalServerError() *AcceptConsentRequestInternalS return &AcceptConsentRequestInternalServerError{} } -/*AcceptConsentRequestInternalServerError handles this case with default header values. +/* AcceptConsentRequestInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -129,7 +126,6 @@ type AcceptConsentRequestInternalServerError struct { func (o *AcceptConsentRequestInternalServerError) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/consent/accept][%d] acceptConsentRequestInternalServerError %+v", 500, o.Payload) } - func (o *AcceptConsentRequestInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/accept_login_request_parameters.go b/internal/httpclient/client/admin/accept_login_request_parameters.go index 20d130fc490..ad0c47b0d30 100644 --- a/internal/httpclient/client/admin/accept_login_request_parameters.go +++ b/internal/httpclient/client/admin/accept_login_request_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewAcceptLoginRequestParams creates a new AcceptLoginRequestParams object -// with the default values initialized. +// NewAcceptLoginRequestParams creates a new AcceptLoginRequestParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewAcceptLoginRequestParams() *AcceptLoginRequestParams { - var () return &AcceptLoginRequestParams{ - timeout: cr.DefaultTimeout, } } // NewAcceptLoginRequestParamsWithTimeout creates a new AcceptLoginRequestParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewAcceptLoginRequestParamsWithTimeout(timeout time.Duration) *AcceptLoginRequestParams { - var () return &AcceptLoginRequestParams{ - timeout: timeout, } } // NewAcceptLoginRequestParamsWithContext creates a new AcceptLoginRequestParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewAcceptLoginRequestParamsWithContext(ctx context.Context) *AcceptLoginRequestParams { - var () return &AcceptLoginRequestParams{ - Context: ctx, } } // NewAcceptLoginRequestParamsWithHTTPClient creates a new AcceptLoginRequestParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewAcceptLoginRequestParamsWithHTTPClient(client *http.Client) *AcceptLoginRequestParams { - var () return &AcceptLoginRequestParams{ HTTPClient: client, } } -/*AcceptLoginRequestParams contains all the parameters to send to the API endpoint -for the accept login request operation typically these are written to a http.Request +/* AcceptLoginRequestParams contains all the parameters to send to the API endpoint + for the accept login request operation. + + Typically these are written to a http.Request. */ type AcceptLoginRequestParams struct { - /*Body*/ + // Body. Body *models.AcceptLoginRequest - /*LoginChallenge*/ + + // LoginChallenge. LoginChallenge string timeout time.Duration @@ -72,6 +72,21 @@ type AcceptLoginRequestParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the accept login request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *AcceptLoginRequestParams) WithDefaults() *AcceptLoginRequestParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the accept login request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *AcceptLoginRequestParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the accept login request params func (o *AcceptLoginRequestParams) WithTimeout(timeout time.Duration) *AcceptLoginRequestParams { o.SetTimeout(timeout) @@ -134,7 +149,6 @@ func (o *AcceptLoginRequestParams) WriteToRequest(r runtime.ClientRequest, reg s return err } var res []error - if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err @@ -145,6 +159,7 @@ func (o *AcceptLoginRequestParams) WriteToRequest(r runtime.ClientRequest, reg s qrLoginChallenge := o.LoginChallenge qLoginChallenge := qrLoginChallenge if qLoginChallenge != "" { + if err := r.SetQueryParam("login_challenge", qLoginChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/accept_login_request_responses.go b/internal/httpclient/client/admin/accept_login_request_responses.go index 18b155b9799..446eb30e69d 100644 --- a/internal/httpclient/client/admin/accept_login_request_responses.go +++ b/internal/httpclient/client/admin/accept_login_request_responses.go @@ -53,9 +53,8 @@ func (o *AcceptLoginRequestReader) ReadResponse(response runtime.ClientResponse, return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -64,7 +63,7 @@ func NewAcceptLoginRequestOK() *AcceptLoginRequestOK { return &AcceptLoginRequestOK{} } -/*AcceptLoginRequestOK handles this case with default header values. +/* AcceptLoginRequestOK describes a response with status code 200, with default header values. completedRequest */ @@ -75,7 +74,6 @@ type AcceptLoginRequestOK struct { func (o *AcceptLoginRequestOK) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/login/accept][%d] acceptLoginRequestOK %+v", 200, o.Payload) } - func (o *AcceptLoginRequestOK) GetPayload() *models.CompletedRequest { return o.Payload } @@ -97,7 +95,7 @@ func NewAcceptLoginRequestBadRequest() *AcceptLoginRequestBadRequest { return &AcceptLoginRequestBadRequest{} } -/*AcceptLoginRequestBadRequest handles this case with default header values. +/* AcceptLoginRequestBadRequest describes a response with status code 400, with default header values. genericError */ @@ -108,7 +106,6 @@ type AcceptLoginRequestBadRequest struct { func (o *AcceptLoginRequestBadRequest) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/login/accept][%d] acceptLoginRequestBadRequest %+v", 400, o.Payload) } - func (o *AcceptLoginRequestBadRequest) GetPayload() *models.GenericError { return o.Payload } @@ -130,7 +127,7 @@ func NewAcceptLoginRequestUnauthorized() *AcceptLoginRequestUnauthorized { return &AcceptLoginRequestUnauthorized{} } -/*AcceptLoginRequestUnauthorized handles this case with default header values. +/* AcceptLoginRequestUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -141,7 +138,6 @@ type AcceptLoginRequestUnauthorized struct { func (o *AcceptLoginRequestUnauthorized) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/login/accept][%d] acceptLoginRequestUnauthorized %+v", 401, o.Payload) } - func (o *AcceptLoginRequestUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -163,7 +159,7 @@ func NewAcceptLoginRequestNotFound() *AcceptLoginRequestNotFound { return &AcceptLoginRequestNotFound{} } -/*AcceptLoginRequestNotFound handles this case with default header values. +/* AcceptLoginRequestNotFound describes a response with status code 404, with default header values. genericError */ @@ -174,7 +170,6 @@ type AcceptLoginRequestNotFound struct { func (o *AcceptLoginRequestNotFound) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/login/accept][%d] acceptLoginRequestNotFound %+v", 404, o.Payload) } - func (o *AcceptLoginRequestNotFound) GetPayload() *models.GenericError { return o.Payload } @@ -196,7 +191,7 @@ func NewAcceptLoginRequestInternalServerError() *AcceptLoginRequestInternalServe return &AcceptLoginRequestInternalServerError{} } -/*AcceptLoginRequestInternalServerError handles this case with default header values. +/* AcceptLoginRequestInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -207,7 +202,6 @@ type AcceptLoginRequestInternalServerError struct { func (o *AcceptLoginRequestInternalServerError) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/login/accept][%d] acceptLoginRequestInternalServerError %+v", 500, o.Payload) } - func (o *AcceptLoginRequestInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/accept_logout_request_parameters.go b/internal/httpclient/client/admin/accept_logout_request_parameters.go index f5f48782535..aa8727c2724 100644 --- a/internal/httpclient/client/admin/accept_logout_request_parameters.go +++ b/internal/httpclient/client/admin/accept_logout_request_parameters.go @@ -16,51 +16,50 @@ import ( "github.com/go-openapi/strfmt" ) -// NewAcceptLogoutRequestParams creates a new AcceptLogoutRequestParams object -// with the default values initialized. +// NewAcceptLogoutRequestParams creates a new AcceptLogoutRequestParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewAcceptLogoutRequestParams() *AcceptLogoutRequestParams { - var () return &AcceptLogoutRequestParams{ - timeout: cr.DefaultTimeout, } } // NewAcceptLogoutRequestParamsWithTimeout creates a new AcceptLogoutRequestParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewAcceptLogoutRequestParamsWithTimeout(timeout time.Duration) *AcceptLogoutRequestParams { - var () return &AcceptLogoutRequestParams{ - timeout: timeout, } } // NewAcceptLogoutRequestParamsWithContext creates a new AcceptLogoutRequestParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewAcceptLogoutRequestParamsWithContext(ctx context.Context) *AcceptLogoutRequestParams { - var () return &AcceptLogoutRequestParams{ - Context: ctx, } } // NewAcceptLogoutRequestParamsWithHTTPClient creates a new AcceptLogoutRequestParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewAcceptLogoutRequestParamsWithHTTPClient(client *http.Client) *AcceptLogoutRequestParams { - var () return &AcceptLogoutRequestParams{ HTTPClient: client, } } -/*AcceptLogoutRequestParams contains all the parameters to send to the API endpoint -for the accept logout request operation typically these are written to a http.Request +/* AcceptLogoutRequestParams contains all the parameters to send to the API endpoint + for the accept logout request operation. + + Typically these are written to a http.Request. */ type AcceptLogoutRequestParams struct { - /*LogoutChallenge*/ + // LogoutChallenge. LogoutChallenge string timeout time.Duration @@ -68,6 +67,21 @@ type AcceptLogoutRequestParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the accept logout request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *AcceptLogoutRequestParams) WithDefaults() *AcceptLogoutRequestParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the accept logout request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *AcceptLogoutRequestParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the accept logout request params func (o *AcceptLogoutRequestParams) WithTimeout(timeout time.Duration) *AcceptLogoutRequestParams { o.SetTimeout(timeout) @@ -124,6 +138,7 @@ func (o *AcceptLogoutRequestParams) WriteToRequest(r runtime.ClientRequest, reg qrLogoutChallenge := o.LogoutChallenge qLogoutChallenge := qrLogoutChallenge if qLogoutChallenge != "" { + if err := r.SetQueryParam("logout_challenge", qLogoutChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/accept_logout_request_responses.go b/internal/httpclient/client/admin/accept_logout_request_responses.go index 180fe50e6c6..6a591c98256 100644 --- a/internal/httpclient/client/admin/accept_logout_request_responses.go +++ b/internal/httpclient/client/admin/accept_logout_request_responses.go @@ -41,9 +41,8 @@ func (o *AcceptLogoutRequestReader) ReadResponse(response runtime.ClientResponse return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,7 +51,7 @@ func NewAcceptLogoutRequestOK() *AcceptLogoutRequestOK { return &AcceptLogoutRequestOK{} } -/*AcceptLogoutRequestOK handles this case with default header values. +/* AcceptLogoutRequestOK describes a response with status code 200, with default header values. completedRequest */ @@ -63,7 +62,6 @@ type AcceptLogoutRequestOK struct { func (o *AcceptLogoutRequestOK) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/logout/accept][%d] acceptLogoutRequestOK %+v", 200, o.Payload) } - func (o *AcceptLogoutRequestOK) GetPayload() *models.CompletedRequest { return o.Payload } @@ -85,7 +83,7 @@ func NewAcceptLogoutRequestNotFound() *AcceptLogoutRequestNotFound { return &AcceptLogoutRequestNotFound{} } -/*AcceptLogoutRequestNotFound handles this case with default header values. +/* AcceptLogoutRequestNotFound describes a response with status code 404, with default header values. genericError */ @@ -96,7 +94,6 @@ type AcceptLogoutRequestNotFound struct { func (o *AcceptLogoutRequestNotFound) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/logout/accept][%d] acceptLogoutRequestNotFound %+v", 404, o.Payload) } - func (o *AcceptLogoutRequestNotFound) GetPayload() *models.GenericError { return o.Payload } @@ -118,7 +115,7 @@ func NewAcceptLogoutRequestInternalServerError() *AcceptLogoutRequestInternalSer return &AcceptLogoutRequestInternalServerError{} } -/*AcceptLogoutRequestInternalServerError handles this case with default header values. +/* AcceptLogoutRequestInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -129,7 +126,6 @@ type AcceptLogoutRequestInternalServerError struct { func (o *AcceptLogoutRequestInternalServerError) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/logout/accept][%d] acceptLogoutRequestInternalServerError %+v", 500, o.Payload) } - func (o *AcceptLogoutRequestInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/admin_client.go b/internal/httpclient/client/admin/admin_client.go index 4f24f592597..1c83d580706 100644 --- a/internal/httpclient/client/admin/admin_client.go +++ b/internal/httpclient/client/admin/admin_client.go @@ -35,16 +35,22 @@ type ClientService interface { CreateJSONWebKeySet(params *CreateJSONWebKeySetParams) (*CreateJSONWebKeySetCreated, error) + CreateJwtBearerGrant(params *CreateJwtBearerGrantParams) (*CreateJwtBearerGrantCreated, error) + CreateOAuth2Client(params *CreateOAuth2ClientParams) (*CreateOAuth2ClientCreated, error) DeleteJSONWebKey(params *DeleteJSONWebKeyParams) (*DeleteJSONWebKeyNoContent, error) DeleteJSONWebKeySet(params *DeleteJSONWebKeySetParams) (*DeleteJSONWebKeySetNoContent, error) + DeleteJwtBearerGrant(params *DeleteJwtBearerGrantParams) (*DeleteJwtBearerGrantNoContent, error) + DeleteOAuth2Client(params *DeleteOAuth2ClientParams) (*DeleteOAuth2ClientNoContent, error) DeleteOAuth2Token(params *DeleteOAuth2TokenParams) (*DeleteOAuth2TokenNoContent, error) + FlushInactiveJwtBearerGrants(params *FlushInactiveJwtBearerGrantsParams) (*FlushInactiveJwtBearerGrantsNoContent, error) + FlushInactiveOAuth2Tokens(params *FlushInactiveOAuth2TokensParams) (*FlushInactiveOAuth2TokensNoContent, error) GetConsentRequest(params *GetConsentRequestParams) (*GetConsentRequestOK, error) @@ -53,6 +59,10 @@ type ClientService interface { GetJSONWebKeySet(params *GetJSONWebKeySetParams) (*GetJSONWebKeySetOK, error) + GetJwtBearerGrant(params *GetJwtBearerGrantParams) (*GetJwtBearerGrantOK, error) + + GetJwtBearerGrantList(params *GetJwtBearerGrantListParams) (*GetJwtBearerGrantListOK, error) + GetLoginRequest(params *GetLoginRequestParams) (*GetLoginRequestOK, error) GetLogoutRequest(params *GetLogoutRequestParams) (*GetLogoutRequestOK, error) @@ -268,6 +278,43 @@ func (a *Client) CreateJSONWebKeySet(params *CreateJSONWebKeySetParams) (*Create panic(msg) } +/* + CreateJwtBearerGrant creates a new jwt bearer grant + + This endpoint is capable of creating a new jwt-bearer Grant, by doing this, we are granting permission for client to +act on behalf of some resource owner. +*/ +func (a *Client) CreateJwtBearerGrant(params *CreateJwtBearerGrantParams) (*CreateJwtBearerGrantCreated, error) { + // TODO: Validate the params before sending + if params == nil { + params = NewCreateJwtBearerGrantParams() + } + + result, err := a.transport.Submit(&runtime.ClientOperation{ + ID: "createJwtBearerGrant", + Method: "POST", + PathPattern: "/grants/jwt-bearer", + ProducesMediaTypes: []string{"application/json"}, + ConsumesMediaTypes: []string{"application/json"}, + Schemes: []string{"http", "https"}, + Params: params, + Reader: &CreateJwtBearerGrantReader{formats: a.formats}, + Context: params.Context, + Client: params.HTTPClient, + }) + if err != nil { + return nil, err + } + success, ok := result.(*CreateJwtBearerGrantCreated) + if ok { + return success, nil + } + // unexpected success response + // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue + msg := fmt.Sprintf("unexpected success response for createJwtBearerGrant: API contract not enforced by server. Client expected to get an error, but got: %T", result) + panic(msg) +} + /* CreateOAuth2Client creates an o auth 2 0 client @@ -382,6 +429,44 @@ func (a *Client) DeleteJSONWebKeySet(params *DeleteJSONWebKeySetParams) (*Delete panic(msg) } +/* + DeleteJwtBearerGrant deletes jwt bearer grant + + This endpoint will delete jwt-bearer grant, identified by grant ID, so client won't be able to represent +resource owner (which granted permission), using this grant anymore. All associated public keys with grant +will also be deleted. +*/ +func (a *Client) DeleteJwtBearerGrant(params *DeleteJwtBearerGrantParams) (*DeleteJwtBearerGrantNoContent, error) { + // TODO: Validate the params before sending + if params == nil { + params = NewDeleteJwtBearerGrantParams() + } + + result, err := a.transport.Submit(&runtime.ClientOperation{ + ID: "deleteJwtBearerGrant", + Method: "DELETE", + PathPattern: "/grants/jwt-bearer/{id}", + ProducesMediaTypes: []string{"application/json"}, + ConsumesMediaTypes: []string{"application/json"}, + Schemes: []string{"http", "https"}, + Params: params, + Reader: &DeleteJwtBearerGrantReader{formats: a.formats}, + Context: params.Context, + Client: params.HTTPClient, + }) + if err != nil { + return nil, err + } + success, ok := result.(*DeleteJwtBearerGrantNoContent) + if ok { + return success, nil + } + // unexpected success response + // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue + msg := fmt.Sprintf("unexpected success response for deleteJwtBearerGrant: API contract not enforced by server. Client expected to get an error, but got: %T", result) + panic(msg) +} + /* DeleteOAuth2Client deletes an o auth 2 0 client @@ -456,6 +541,44 @@ func (a *Client) DeleteOAuth2Token(params *DeleteOAuth2TokenParams) (*DeleteOAut panic(msg) } +/* + FlushInactiveJwtBearerGrants flushes expired jwt bearer grants + + This endpoint flushes expired jwt-bearer grants from the database. You can set a time after which no tokens will be +not be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be flushed as they are deleted +automatically when performing the refresh flow. +*/ +func (a *Client) FlushInactiveJwtBearerGrants(params *FlushInactiveJwtBearerGrantsParams) (*FlushInactiveJwtBearerGrantsNoContent, error) { + // TODO: Validate the params before sending + if params == nil { + params = NewFlushInactiveJwtBearerGrantsParams() + } + + result, err := a.transport.Submit(&runtime.ClientOperation{ + ID: "flushInactiveJwtBearerGrants", + Method: "POST", + PathPattern: "/grants/jwt-bearer/flush", + ProducesMediaTypes: []string{"application/json"}, + ConsumesMediaTypes: []string{"application/json"}, + Schemes: []string{"http", "https"}, + Params: params, + Reader: &FlushInactiveJwtBearerGrantsReader{formats: a.formats}, + Context: params.Context, + Client: params.HTTPClient, + }) + if err != nil { + return nil, err + } + success, ok := result.(*FlushInactiveJwtBearerGrantsNoContent) + if ok { + return success, nil + } + // unexpected success response + // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue + msg := fmt.Sprintf("unexpected success response for flushInactiveJwtBearerGrants: API contract not enforced by server. Client expected to get an error, but got: %T", result) + panic(msg) +} + /* FlushInactiveOAuth2Tokens flushes expired o auth2 access tokens @@ -613,6 +736,80 @@ func (a *Client) GetJSONWebKeySet(params *GetJSONWebKeySetParams) (*GetJSONWebKe panic(msg) } +/* + GetJwtBearerGrant fetches jwt bearer grant information + + This endpoint returns jwt-bearer grant, identified by grant ID. Grant represents resource owner (RO) permission +for client to act on behalf of the RO. In this case client uses jwt to request access token to act as RO. +*/ +func (a *Client) GetJwtBearerGrant(params *GetJwtBearerGrantParams) (*GetJwtBearerGrantOK, error) { + // TODO: Validate the params before sending + if params == nil { + params = NewGetJwtBearerGrantParams() + } + + result, err := a.transport.Submit(&runtime.ClientOperation{ + ID: "getJwtBearerGrant", + Method: "GET", + PathPattern: "/grants/jwt-bearer/{id}", + ProducesMediaTypes: []string{"application/json"}, + ConsumesMediaTypes: []string{"application/json"}, + Schemes: []string{"http", "https"}, + Params: params, + Reader: &GetJwtBearerGrantReader{formats: a.formats}, + Context: params.Context, + Client: params.HTTPClient, + }) + if err != nil { + return nil, err + } + success, ok := result.(*GetJwtBearerGrantOK) + if ok { + return success, nil + } + // unexpected success response + // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue + msg := fmt.Sprintf("unexpected success response for getJwtBearerGrant: API contract not enforced by server. Client expected to get an error, but got: %T", result) + panic(msg) +} + +/* + GetJwtBearerGrantList fetches all jwt bearer grants + + This endpoint returns list of jwt-bearer grants. Grant represents resource owner (RO) permission +for client to act on behalf of the RO. In this case client uses jwt to request access token to act as RO. +*/ +func (a *Client) GetJwtBearerGrantList(params *GetJwtBearerGrantListParams) (*GetJwtBearerGrantListOK, error) { + // TODO: Validate the params before sending + if params == nil { + params = NewGetJwtBearerGrantListParams() + } + + result, err := a.transport.Submit(&runtime.ClientOperation{ + ID: "getJwtBearerGrantList", + Method: "GET", + PathPattern: "/grants/jwt-bearer", + ProducesMediaTypes: []string{"application/json"}, + ConsumesMediaTypes: []string{"application/json"}, + Schemes: []string{"http", "https"}, + Params: params, + Reader: &GetJwtBearerGrantListReader{formats: a.formats}, + Context: params.Context, + Client: params.HTTPClient, + }) + if err != nil { + return nil, err + } + success, ok := result.(*GetJwtBearerGrantListOK) + if ok { + return success, nil + } + // unexpected success response + // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue + msg := fmt.Sprintf("unexpected success response for getJwtBearerGrantList: API contract not enforced by server. Client expected to get an error, but got: %T", result) + panic(msg) +} + /* GetLoginRequest gets a login request diff --git a/internal/httpclient/client/admin/create_json_web_key_set_parameters.go b/internal/httpclient/client/admin/create_json_web_key_set_parameters.go index e4c1c054393..43acf4eba80 100644 --- a/internal/httpclient/client/admin/create_json_web_key_set_parameters.go +++ b/internal/httpclient/client/admin/create_json_web_key_set_parameters.go @@ -18,55 +18,55 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewCreateJSONWebKeySetParams creates a new CreateJSONWebKeySetParams object -// with the default values initialized. +// NewCreateJSONWebKeySetParams creates a new CreateJSONWebKeySetParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewCreateJSONWebKeySetParams() *CreateJSONWebKeySetParams { - var () return &CreateJSONWebKeySetParams{ - timeout: cr.DefaultTimeout, } } // NewCreateJSONWebKeySetParamsWithTimeout creates a new CreateJSONWebKeySetParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewCreateJSONWebKeySetParamsWithTimeout(timeout time.Duration) *CreateJSONWebKeySetParams { - var () return &CreateJSONWebKeySetParams{ - timeout: timeout, } } // NewCreateJSONWebKeySetParamsWithContext creates a new CreateJSONWebKeySetParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewCreateJSONWebKeySetParamsWithContext(ctx context.Context) *CreateJSONWebKeySetParams { - var () return &CreateJSONWebKeySetParams{ - Context: ctx, } } // NewCreateJSONWebKeySetParamsWithHTTPClient creates a new CreateJSONWebKeySetParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewCreateJSONWebKeySetParamsWithHTTPClient(client *http.Client) *CreateJSONWebKeySetParams { - var () return &CreateJSONWebKeySetParams{ HTTPClient: client, } } -/*CreateJSONWebKeySetParams contains all the parameters to send to the API endpoint -for the create Json web key set operation typically these are written to a http.Request +/* CreateJSONWebKeySetParams contains all the parameters to send to the API endpoint + for the create Json web key set operation. + + Typically these are written to a http.Request. */ type CreateJSONWebKeySetParams struct { - /*Body*/ + // Body. Body *models.JSONWebKeySetGeneratorRequest - /*Set - The set + /* Set. + + The set */ Set string @@ -75,6 +75,21 @@ type CreateJSONWebKeySetParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the create Json web key set params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *CreateJSONWebKeySetParams) WithDefaults() *CreateJSONWebKeySetParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the create Json web key set params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *CreateJSONWebKeySetParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the create Json web key set params func (o *CreateJSONWebKeySetParams) WithTimeout(timeout time.Duration) *CreateJSONWebKeySetParams { o.SetTimeout(timeout) @@ -137,7 +152,6 @@ func (o *CreateJSONWebKeySetParams) WriteToRequest(r runtime.ClientRequest, reg return err } var res []error - if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/create_json_web_key_set_responses.go b/internal/httpclient/client/admin/create_json_web_key_set_responses.go index 6cc8d427bf0..c414cd76a50 100644 --- a/internal/httpclient/client/admin/create_json_web_key_set_responses.go +++ b/internal/httpclient/client/admin/create_json_web_key_set_responses.go @@ -47,9 +47,8 @@ func (o *CreateJSONWebKeySetReader) ReadResponse(response runtime.ClientResponse return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -58,7 +57,7 @@ func NewCreateJSONWebKeySetCreated() *CreateJSONWebKeySetCreated { return &CreateJSONWebKeySetCreated{} } -/*CreateJSONWebKeySetCreated handles this case with default header values. +/* CreateJSONWebKeySetCreated describes a response with status code 201, with default header values. JSONWebKeySet */ @@ -69,7 +68,6 @@ type CreateJSONWebKeySetCreated struct { func (o *CreateJSONWebKeySetCreated) Error() string { return fmt.Sprintf("[POST /keys/{set}][%d] createJsonWebKeySetCreated %+v", 201, o.Payload) } - func (o *CreateJSONWebKeySetCreated) GetPayload() *models.JSONWebKeySet { return o.Payload } @@ -91,7 +89,7 @@ func NewCreateJSONWebKeySetUnauthorized() *CreateJSONWebKeySetUnauthorized { return &CreateJSONWebKeySetUnauthorized{} } -/*CreateJSONWebKeySetUnauthorized handles this case with default header values. +/* CreateJSONWebKeySetUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -102,7 +100,6 @@ type CreateJSONWebKeySetUnauthorized struct { func (o *CreateJSONWebKeySetUnauthorized) Error() string { return fmt.Sprintf("[POST /keys/{set}][%d] createJsonWebKeySetUnauthorized %+v", 401, o.Payload) } - func (o *CreateJSONWebKeySetUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -124,7 +121,7 @@ func NewCreateJSONWebKeySetForbidden() *CreateJSONWebKeySetForbidden { return &CreateJSONWebKeySetForbidden{} } -/*CreateJSONWebKeySetForbidden handles this case with default header values. +/* CreateJSONWebKeySetForbidden describes a response with status code 403, with default header values. genericError */ @@ -135,7 +132,6 @@ type CreateJSONWebKeySetForbidden struct { func (o *CreateJSONWebKeySetForbidden) Error() string { return fmt.Sprintf("[POST /keys/{set}][%d] createJsonWebKeySetForbidden %+v", 403, o.Payload) } - func (o *CreateJSONWebKeySetForbidden) GetPayload() *models.GenericError { return o.Payload } @@ -157,7 +153,7 @@ func NewCreateJSONWebKeySetInternalServerError() *CreateJSONWebKeySetInternalSer return &CreateJSONWebKeySetInternalServerError{} } -/*CreateJSONWebKeySetInternalServerError handles this case with default header values. +/* CreateJSONWebKeySetInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -168,7 +164,6 @@ type CreateJSONWebKeySetInternalServerError struct { func (o *CreateJSONWebKeySetInternalServerError) Error() string { return fmt.Sprintf("[POST /keys/{set}][%d] createJsonWebKeySetInternalServerError %+v", 500, o.Payload) } - func (o *CreateJSONWebKeySetInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/create_jwt_bearer_grant_parameters.go b/internal/httpclient/client/admin/create_jwt_bearer_grant_parameters.go new file mode 100644 index 00000000000..5c66df4a82b --- /dev/null +++ b/internal/httpclient/client/admin/create_jwt_bearer_grant_parameters.go @@ -0,0 +1,148 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + "net/http" + "time" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + cr "github.com/go-openapi/runtime/client" + "github.com/go-openapi/strfmt" + + "github.com/ory/hydra/internal/httpclient/models" +) + +// NewCreateJwtBearerGrantParams creates a new CreateJwtBearerGrantParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. +func NewCreateJwtBearerGrantParams() *CreateJwtBearerGrantParams { + return &CreateJwtBearerGrantParams{ + timeout: cr.DefaultTimeout, + } +} + +// NewCreateJwtBearerGrantParamsWithTimeout creates a new CreateJwtBearerGrantParams object +// with the ability to set a timeout on a request. +func NewCreateJwtBearerGrantParamsWithTimeout(timeout time.Duration) *CreateJwtBearerGrantParams { + return &CreateJwtBearerGrantParams{ + timeout: timeout, + } +} + +// NewCreateJwtBearerGrantParamsWithContext creates a new CreateJwtBearerGrantParams object +// with the ability to set a context for a request. +func NewCreateJwtBearerGrantParamsWithContext(ctx context.Context) *CreateJwtBearerGrantParams { + return &CreateJwtBearerGrantParams{ + Context: ctx, + } +} + +// NewCreateJwtBearerGrantParamsWithHTTPClient creates a new CreateJwtBearerGrantParams object +// with the ability to set a custom HTTPClient for a request. +func NewCreateJwtBearerGrantParamsWithHTTPClient(client *http.Client) *CreateJwtBearerGrantParams { + return &CreateJwtBearerGrantParams{ + HTTPClient: client, + } +} + +/* CreateJwtBearerGrantParams contains all the parameters to send to the API endpoint + for the create jwt bearer grant operation. + + Typically these are written to a http.Request. +*/ +type CreateJwtBearerGrantParams struct { + + // Body. + Body *models.CreateJwtBearerGrantParams + + timeout time.Duration + Context context.Context + HTTPClient *http.Client +} + +// WithDefaults hydrates default values in the create jwt bearer grant params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *CreateJwtBearerGrantParams) WithDefaults() *CreateJwtBearerGrantParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the create jwt bearer grant params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *CreateJwtBearerGrantParams) SetDefaults() { + // no default values defined for this parameter +} + +// WithTimeout adds the timeout to the create jwt bearer grant params +func (o *CreateJwtBearerGrantParams) WithTimeout(timeout time.Duration) *CreateJwtBearerGrantParams { + o.SetTimeout(timeout) + return o +} + +// SetTimeout adds the timeout to the create jwt bearer grant params +func (o *CreateJwtBearerGrantParams) SetTimeout(timeout time.Duration) { + o.timeout = timeout +} + +// WithContext adds the context to the create jwt bearer grant params +func (o *CreateJwtBearerGrantParams) WithContext(ctx context.Context) *CreateJwtBearerGrantParams { + o.SetContext(ctx) + return o +} + +// SetContext adds the context to the create jwt bearer grant params +func (o *CreateJwtBearerGrantParams) SetContext(ctx context.Context) { + o.Context = ctx +} + +// WithHTTPClient adds the HTTPClient to the create jwt bearer grant params +func (o *CreateJwtBearerGrantParams) WithHTTPClient(client *http.Client) *CreateJwtBearerGrantParams { + o.SetHTTPClient(client) + return o +} + +// SetHTTPClient adds the HTTPClient to the create jwt bearer grant params +func (o *CreateJwtBearerGrantParams) SetHTTPClient(client *http.Client) { + o.HTTPClient = client +} + +// WithBody adds the body to the create jwt bearer grant params +func (o *CreateJwtBearerGrantParams) WithBody(body *models.CreateJwtBearerGrantParams) *CreateJwtBearerGrantParams { + o.SetBody(body) + return o +} + +// SetBody adds the body to the create jwt bearer grant params +func (o *CreateJwtBearerGrantParams) SetBody(body *models.CreateJwtBearerGrantParams) { + o.Body = body +} + +// WriteToRequest writes these params to a swagger request +func (o *CreateJwtBearerGrantParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { + + if err := r.SetTimeout(o.timeout); err != nil { + return err + } + var res []error + if o.Body != nil { + if err := r.SetBodyParam(o.Body); err != nil { + return err + } + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/internal/httpclient/client/admin/create_jwt_bearer_grant_responses.go b/internal/httpclient/client/admin/create_jwt_bearer_grant_responses.go new file mode 100644 index 00000000000..d06024f7215 --- /dev/null +++ b/internal/httpclient/client/admin/create_jwt_bearer_grant_responses.go @@ -0,0 +1,181 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "fmt" + "io" + + "github.com/go-openapi/runtime" + "github.com/go-openapi/strfmt" + + "github.com/ory/hydra/internal/httpclient/models" +) + +// CreateJwtBearerGrantReader is a Reader for the CreateJwtBearerGrant structure. +type CreateJwtBearerGrantReader struct { + formats strfmt.Registry +} + +// ReadResponse reads a server response into the received o. +func (o *CreateJwtBearerGrantReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { + switch response.Code() { + case 201: + result := NewCreateJwtBearerGrantCreated() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return result, nil + case 400: + result := NewCreateJwtBearerGrantBadRequest() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + case 409: + result := NewCreateJwtBearerGrantConflict() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + case 500: + result := NewCreateJwtBearerGrantInternalServerError() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + default: + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) + } +} + +// NewCreateJwtBearerGrantCreated creates a CreateJwtBearerGrantCreated with default headers values +func NewCreateJwtBearerGrantCreated() *CreateJwtBearerGrantCreated { + return &CreateJwtBearerGrantCreated{} +} + +/* CreateJwtBearerGrantCreated describes a response with status code 201, with default header values. + +JwtBearerGrant +*/ +type CreateJwtBearerGrantCreated struct { + Payload *models.JwtBearerGrant +} + +func (o *CreateJwtBearerGrantCreated) Error() string { + return fmt.Sprintf("[POST /grants/jwt-bearer][%d] createJwtBearerGrantCreated %+v", 201, o.Payload) +} +func (o *CreateJwtBearerGrantCreated) GetPayload() *models.JwtBearerGrant { + return o.Payload +} + +func (o *CreateJwtBearerGrantCreated) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.JwtBearerGrant) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewCreateJwtBearerGrantBadRequest creates a CreateJwtBearerGrantBadRequest with default headers values +func NewCreateJwtBearerGrantBadRequest() *CreateJwtBearerGrantBadRequest { + return &CreateJwtBearerGrantBadRequest{} +} + +/* CreateJwtBearerGrantBadRequest describes a response with status code 400, with default header values. + +genericError +*/ +type CreateJwtBearerGrantBadRequest struct { + Payload *models.GenericError +} + +func (o *CreateJwtBearerGrantBadRequest) Error() string { + return fmt.Sprintf("[POST /grants/jwt-bearer][%d] createJwtBearerGrantBadRequest %+v", 400, o.Payload) +} +func (o *CreateJwtBearerGrantBadRequest) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *CreateJwtBearerGrantBadRequest) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewCreateJwtBearerGrantConflict creates a CreateJwtBearerGrantConflict with default headers values +func NewCreateJwtBearerGrantConflict() *CreateJwtBearerGrantConflict { + return &CreateJwtBearerGrantConflict{} +} + +/* CreateJwtBearerGrantConflict describes a response with status code 409, with default header values. + +genericError +*/ +type CreateJwtBearerGrantConflict struct { + Payload *models.GenericError +} + +func (o *CreateJwtBearerGrantConflict) Error() string { + return fmt.Sprintf("[POST /grants/jwt-bearer][%d] createJwtBearerGrantConflict %+v", 409, o.Payload) +} +func (o *CreateJwtBearerGrantConflict) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *CreateJwtBearerGrantConflict) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewCreateJwtBearerGrantInternalServerError creates a CreateJwtBearerGrantInternalServerError with default headers values +func NewCreateJwtBearerGrantInternalServerError() *CreateJwtBearerGrantInternalServerError { + return &CreateJwtBearerGrantInternalServerError{} +} + +/* CreateJwtBearerGrantInternalServerError describes a response with status code 500, with default header values. + +genericError +*/ +type CreateJwtBearerGrantInternalServerError struct { + Payload *models.GenericError +} + +func (o *CreateJwtBearerGrantInternalServerError) Error() string { + return fmt.Sprintf("[POST /grants/jwt-bearer][%d] createJwtBearerGrantInternalServerError %+v", 500, o.Payload) +} +func (o *CreateJwtBearerGrantInternalServerError) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *CreateJwtBearerGrantInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} diff --git a/internal/httpclient/client/admin/create_o_auth2_client_parameters.go b/internal/httpclient/client/admin/create_o_auth2_client_parameters.go index c3ce0633992..f719021b83a 100644 --- a/internal/httpclient/client/admin/create_o_auth2_client_parameters.go +++ b/internal/httpclient/client/admin/create_o_auth2_client_parameters.go @@ -18,51 +18,50 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewCreateOAuth2ClientParams creates a new CreateOAuth2ClientParams object -// with the default values initialized. +// NewCreateOAuth2ClientParams creates a new CreateOAuth2ClientParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewCreateOAuth2ClientParams() *CreateOAuth2ClientParams { - var () return &CreateOAuth2ClientParams{ - timeout: cr.DefaultTimeout, } } // NewCreateOAuth2ClientParamsWithTimeout creates a new CreateOAuth2ClientParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewCreateOAuth2ClientParamsWithTimeout(timeout time.Duration) *CreateOAuth2ClientParams { - var () return &CreateOAuth2ClientParams{ - timeout: timeout, } } // NewCreateOAuth2ClientParamsWithContext creates a new CreateOAuth2ClientParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewCreateOAuth2ClientParamsWithContext(ctx context.Context) *CreateOAuth2ClientParams { - var () return &CreateOAuth2ClientParams{ - Context: ctx, } } // NewCreateOAuth2ClientParamsWithHTTPClient creates a new CreateOAuth2ClientParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewCreateOAuth2ClientParamsWithHTTPClient(client *http.Client) *CreateOAuth2ClientParams { - var () return &CreateOAuth2ClientParams{ HTTPClient: client, } } -/*CreateOAuth2ClientParams contains all the parameters to send to the API endpoint -for the create o auth2 client operation typically these are written to a http.Request +/* CreateOAuth2ClientParams contains all the parameters to send to the API endpoint + for the create o auth2 client operation. + + Typically these are written to a http.Request. */ type CreateOAuth2ClientParams struct { - /*Body*/ + // Body. Body *models.OAuth2Client timeout time.Duration @@ -70,6 +69,21 @@ type CreateOAuth2ClientParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the create o auth2 client params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *CreateOAuth2ClientParams) WithDefaults() *CreateOAuth2ClientParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the create o auth2 client params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *CreateOAuth2ClientParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the create o auth2 client params func (o *CreateOAuth2ClientParams) WithTimeout(timeout time.Duration) *CreateOAuth2ClientParams { o.SetTimeout(timeout) @@ -121,7 +135,6 @@ func (o *CreateOAuth2ClientParams) WriteToRequest(r runtime.ClientRequest, reg s return err } var res []error - if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/create_o_auth2_client_responses.go b/internal/httpclient/client/admin/create_o_auth2_client_responses.go index 4209a70dce6..3e2b2481b3e 100644 --- a/internal/httpclient/client/admin/create_o_auth2_client_responses.go +++ b/internal/httpclient/client/admin/create_o_auth2_client_responses.go @@ -47,9 +47,8 @@ func (o *CreateOAuth2ClientReader) ReadResponse(response runtime.ClientResponse, return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -58,7 +57,7 @@ func NewCreateOAuth2ClientCreated() *CreateOAuth2ClientCreated { return &CreateOAuth2ClientCreated{} } -/*CreateOAuth2ClientCreated handles this case with default header values. +/* CreateOAuth2ClientCreated describes a response with status code 201, with default header values. oAuth2Client */ @@ -69,7 +68,6 @@ type CreateOAuth2ClientCreated struct { func (o *CreateOAuth2ClientCreated) Error() string { return fmt.Sprintf("[POST /clients][%d] createOAuth2ClientCreated %+v", 201, o.Payload) } - func (o *CreateOAuth2ClientCreated) GetPayload() *models.OAuth2Client { return o.Payload } @@ -91,7 +89,7 @@ func NewCreateOAuth2ClientBadRequest() *CreateOAuth2ClientBadRequest { return &CreateOAuth2ClientBadRequest{} } -/*CreateOAuth2ClientBadRequest handles this case with default header values. +/* CreateOAuth2ClientBadRequest describes a response with status code 400, with default header values. genericError */ @@ -102,7 +100,6 @@ type CreateOAuth2ClientBadRequest struct { func (o *CreateOAuth2ClientBadRequest) Error() string { return fmt.Sprintf("[POST /clients][%d] createOAuth2ClientBadRequest %+v", 400, o.Payload) } - func (o *CreateOAuth2ClientBadRequest) GetPayload() *models.GenericError { return o.Payload } @@ -124,7 +121,7 @@ func NewCreateOAuth2ClientConflict() *CreateOAuth2ClientConflict { return &CreateOAuth2ClientConflict{} } -/*CreateOAuth2ClientConflict handles this case with default header values. +/* CreateOAuth2ClientConflict describes a response with status code 409, with default header values. genericError */ @@ -135,7 +132,6 @@ type CreateOAuth2ClientConflict struct { func (o *CreateOAuth2ClientConflict) Error() string { return fmt.Sprintf("[POST /clients][%d] createOAuth2ClientConflict %+v", 409, o.Payload) } - func (o *CreateOAuth2ClientConflict) GetPayload() *models.GenericError { return o.Payload } @@ -157,7 +153,7 @@ func NewCreateOAuth2ClientInternalServerError() *CreateOAuth2ClientInternalServe return &CreateOAuth2ClientInternalServerError{} } -/*CreateOAuth2ClientInternalServerError handles this case with default header values. +/* CreateOAuth2ClientInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -168,7 +164,6 @@ type CreateOAuth2ClientInternalServerError struct { func (o *CreateOAuth2ClientInternalServerError) Error() string { return fmt.Sprintf("[POST /clients][%d] createOAuth2ClientInternalServerError %+v", 500, o.Payload) } - func (o *CreateOAuth2ClientInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/delete_json_web_key_parameters.go b/internal/httpclient/client/admin/delete_json_web_key_parameters.go index 4f4f4fa4401..c1e71f1d5d8 100644 --- a/internal/httpclient/client/admin/delete_json_web_key_parameters.go +++ b/internal/httpclient/client/admin/delete_json_web_key_parameters.go @@ -16,58 +16,58 @@ import ( "github.com/go-openapi/strfmt" ) -// NewDeleteJSONWebKeyParams creates a new DeleteJSONWebKeyParams object -// with the default values initialized. +// NewDeleteJSONWebKeyParams creates a new DeleteJSONWebKeyParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewDeleteJSONWebKeyParams() *DeleteJSONWebKeyParams { - var () return &DeleteJSONWebKeyParams{ - timeout: cr.DefaultTimeout, } } // NewDeleteJSONWebKeyParamsWithTimeout creates a new DeleteJSONWebKeyParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewDeleteJSONWebKeyParamsWithTimeout(timeout time.Duration) *DeleteJSONWebKeyParams { - var () return &DeleteJSONWebKeyParams{ - timeout: timeout, } } // NewDeleteJSONWebKeyParamsWithContext creates a new DeleteJSONWebKeyParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewDeleteJSONWebKeyParamsWithContext(ctx context.Context) *DeleteJSONWebKeyParams { - var () return &DeleteJSONWebKeyParams{ - Context: ctx, } } // NewDeleteJSONWebKeyParamsWithHTTPClient creates a new DeleteJSONWebKeyParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewDeleteJSONWebKeyParamsWithHTTPClient(client *http.Client) *DeleteJSONWebKeyParams { - var () return &DeleteJSONWebKeyParams{ HTTPClient: client, } } -/*DeleteJSONWebKeyParams contains all the parameters to send to the API endpoint -for the delete Json web key operation typically these are written to a http.Request +/* DeleteJSONWebKeyParams contains all the parameters to send to the API endpoint + for the delete Json web key operation. + + Typically these are written to a http.Request. */ type DeleteJSONWebKeyParams struct { - /*Kid - The kid of the desired key + /* Kid. + The kid of the desired key */ Kid string - /*Set - The set + /* Set. + + The set */ Set string @@ -76,6 +76,21 @@ type DeleteJSONWebKeyParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the delete Json web key params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DeleteJSONWebKeyParams) WithDefaults() *DeleteJSONWebKeyParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the delete Json web key params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DeleteJSONWebKeyParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the delete Json web key params func (o *DeleteJSONWebKeyParams) WithTimeout(timeout time.Duration) *DeleteJSONWebKeyParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/delete_json_web_key_responses.go b/internal/httpclient/client/admin/delete_json_web_key_responses.go index 165513c88f5..f4f1ef3dc42 100644 --- a/internal/httpclient/client/admin/delete_json_web_key_responses.go +++ b/internal/httpclient/client/admin/delete_json_web_key_responses.go @@ -47,9 +47,8 @@ func (o *DeleteJSONWebKeyReader) ReadResponse(response runtime.ClientResponse, c return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -58,9 +57,9 @@ func NewDeleteJSONWebKeyNoContent() *DeleteJSONWebKeyNoContent { return &DeleteJSONWebKeyNoContent{} } -/*DeleteJSONWebKeyNoContent handles this case with default header values. +/* DeleteJSONWebKeyNoContent describes a response with status code 204, with default header values. -Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type DeleteJSONWebKeyNoContent struct { @@ -80,7 +79,7 @@ func NewDeleteJSONWebKeyUnauthorized() *DeleteJSONWebKeyUnauthorized { return &DeleteJSONWebKeyUnauthorized{} } -/*DeleteJSONWebKeyUnauthorized handles this case with default header values. +/* DeleteJSONWebKeyUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -91,7 +90,6 @@ type DeleteJSONWebKeyUnauthorized struct { func (o *DeleteJSONWebKeyUnauthorized) Error() string { return fmt.Sprintf("[DELETE /keys/{set}/{kid}][%d] deleteJsonWebKeyUnauthorized %+v", 401, o.Payload) } - func (o *DeleteJSONWebKeyUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -113,7 +111,7 @@ func NewDeleteJSONWebKeyForbidden() *DeleteJSONWebKeyForbidden { return &DeleteJSONWebKeyForbidden{} } -/*DeleteJSONWebKeyForbidden handles this case with default header values. +/* DeleteJSONWebKeyForbidden describes a response with status code 403, with default header values. genericError */ @@ -124,7 +122,6 @@ type DeleteJSONWebKeyForbidden struct { func (o *DeleteJSONWebKeyForbidden) Error() string { return fmt.Sprintf("[DELETE /keys/{set}/{kid}][%d] deleteJsonWebKeyForbidden %+v", 403, o.Payload) } - func (o *DeleteJSONWebKeyForbidden) GetPayload() *models.GenericError { return o.Payload } @@ -146,7 +143,7 @@ func NewDeleteJSONWebKeyInternalServerError() *DeleteJSONWebKeyInternalServerErr return &DeleteJSONWebKeyInternalServerError{} } -/*DeleteJSONWebKeyInternalServerError handles this case with default header values. +/* DeleteJSONWebKeyInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -157,7 +154,6 @@ type DeleteJSONWebKeyInternalServerError struct { func (o *DeleteJSONWebKeyInternalServerError) Error() string { return fmt.Sprintf("[DELETE /keys/{set}/{kid}][%d] deleteJsonWebKeyInternalServerError %+v", 500, o.Payload) } - func (o *DeleteJSONWebKeyInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/delete_json_web_key_set_parameters.go b/internal/httpclient/client/admin/delete_json_web_key_set_parameters.go index a6e06c48d86..5bb84e5a07a 100644 --- a/internal/httpclient/client/admin/delete_json_web_key_set_parameters.go +++ b/internal/httpclient/client/admin/delete_json_web_key_set_parameters.go @@ -16,53 +16,52 @@ import ( "github.com/go-openapi/strfmt" ) -// NewDeleteJSONWebKeySetParams creates a new DeleteJSONWebKeySetParams object -// with the default values initialized. +// NewDeleteJSONWebKeySetParams creates a new DeleteJSONWebKeySetParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewDeleteJSONWebKeySetParams() *DeleteJSONWebKeySetParams { - var () return &DeleteJSONWebKeySetParams{ - timeout: cr.DefaultTimeout, } } // NewDeleteJSONWebKeySetParamsWithTimeout creates a new DeleteJSONWebKeySetParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewDeleteJSONWebKeySetParamsWithTimeout(timeout time.Duration) *DeleteJSONWebKeySetParams { - var () return &DeleteJSONWebKeySetParams{ - timeout: timeout, } } // NewDeleteJSONWebKeySetParamsWithContext creates a new DeleteJSONWebKeySetParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewDeleteJSONWebKeySetParamsWithContext(ctx context.Context) *DeleteJSONWebKeySetParams { - var () return &DeleteJSONWebKeySetParams{ - Context: ctx, } } // NewDeleteJSONWebKeySetParamsWithHTTPClient creates a new DeleteJSONWebKeySetParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewDeleteJSONWebKeySetParamsWithHTTPClient(client *http.Client) *DeleteJSONWebKeySetParams { - var () return &DeleteJSONWebKeySetParams{ HTTPClient: client, } } -/*DeleteJSONWebKeySetParams contains all the parameters to send to the API endpoint -for the delete Json web key set operation typically these are written to a http.Request +/* DeleteJSONWebKeySetParams contains all the parameters to send to the API endpoint + for the delete Json web key set operation. + + Typically these are written to a http.Request. */ type DeleteJSONWebKeySetParams struct { - /*Set - The set + /* Set. + The set */ Set string @@ -71,6 +70,21 @@ type DeleteJSONWebKeySetParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the delete Json web key set params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DeleteJSONWebKeySetParams) WithDefaults() *DeleteJSONWebKeySetParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the delete Json web key set params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DeleteJSONWebKeySetParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the delete Json web key set params func (o *DeleteJSONWebKeySetParams) WithTimeout(timeout time.Duration) *DeleteJSONWebKeySetParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/delete_json_web_key_set_responses.go b/internal/httpclient/client/admin/delete_json_web_key_set_responses.go index 5b209e353e3..07b27412c6e 100644 --- a/internal/httpclient/client/admin/delete_json_web_key_set_responses.go +++ b/internal/httpclient/client/admin/delete_json_web_key_set_responses.go @@ -47,9 +47,8 @@ func (o *DeleteJSONWebKeySetReader) ReadResponse(response runtime.ClientResponse return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -58,9 +57,9 @@ func NewDeleteJSONWebKeySetNoContent() *DeleteJSONWebKeySetNoContent { return &DeleteJSONWebKeySetNoContent{} } -/*DeleteJSONWebKeySetNoContent handles this case with default header values. +/* DeleteJSONWebKeySetNoContent describes a response with status code 204, with default header values. -Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type DeleteJSONWebKeySetNoContent struct { @@ -80,7 +79,7 @@ func NewDeleteJSONWebKeySetUnauthorized() *DeleteJSONWebKeySetUnauthorized { return &DeleteJSONWebKeySetUnauthorized{} } -/*DeleteJSONWebKeySetUnauthorized handles this case with default header values. +/* DeleteJSONWebKeySetUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -91,7 +90,6 @@ type DeleteJSONWebKeySetUnauthorized struct { func (o *DeleteJSONWebKeySetUnauthorized) Error() string { return fmt.Sprintf("[DELETE /keys/{set}][%d] deleteJsonWebKeySetUnauthorized %+v", 401, o.Payload) } - func (o *DeleteJSONWebKeySetUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -113,7 +111,7 @@ func NewDeleteJSONWebKeySetForbidden() *DeleteJSONWebKeySetForbidden { return &DeleteJSONWebKeySetForbidden{} } -/*DeleteJSONWebKeySetForbidden handles this case with default header values. +/* DeleteJSONWebKeySetForbidden describes a response with status code 403, with default header values. genericError */ @@ -124,7 +122,6 @@ type DeleteJSONWebKeySetForbidden struct { func (o *DeleteJSONWebKeySetForbidden) Error() string { return fmt.Sprintf("[DELETE /keys/{set}][%d] deleteJsonWebKeySetForbidden %+v", 403, o.Payload) } - func (o *DeleteJSONWebKeySetForbidden) GetPayload() *models.GenericError { return o.Payload } @@ -146,7 +143,7 @@ func NewDeleteJSONWebKeySetInternalServerError() *DeleteJSONWebKeySetInternalSer return &DeleteJSONWebKeySetInternalServerError{} } -/*DeleteJSONWebKeySetInternalServerError handles this case with default header values. +/* DeleteJSONWebKeySetInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -157,7 +154,6 @@ type DeleteJSONWebKeySetInternalServerError struct { func (o *DeleteJSONWebKeySetInternalServerError) Error() string { return fmt.Sprintf("[DELETE /keys/{set}][%d] deleteJsonWebKeySetInternalServerError %+v", 500, o.Payload) } - func (o *DeleteJSONWebKeySetInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/delete_jwt_bearer_grant_parameters.go b/internal/httpclient/client/admin/delete_jwt_bearer_grant_parameters.go new file mode 100644 index 00000000000..bbf01547d6b --- /dev/null +++ b/internal/httpclient/client/admin/delete_jwt_bearer_grant_parameters.go @@ -0,0 +1,149 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + "net/http" + "time" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + cr "github.com/go-openapi/runtime/client" + "github.com/go-openapi/strfmt" +) + +// NewDeleteJwtBearerGrantParams creates a new DeleteJwtBearerGrantParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. +func NewDeleteJwtBearerGrantParams() *DeleteJwtBearerGrantParams { + return &DeleteJwtBearerGrantParams{ + timeout: cr.DefaultTimeout, + } +} + +// NewDeleteJwtBearerGrantParamsWithTimeout creates a new DeleteJwtBearerGrantParams object +// with the ability to set a timeout on a request. +func NewDeleteJwtBearerGrantParamsWithTimeout(timeout time.Duration) *DeleteJwtBearerGrantParams { + return &DeleteJwtBearerGrantParams{ + timeout: timeout, + } +} + +// NewDeleteJwtBearerGrantParamsWithContext creates a new DeleteJwtBearerGrantParams object +// with the ability to set a context for a request. +func NewDeleteJwtBearerGrantParamsWithContext(ctx context.Context) *DeleteJwtBearerGrantParams { + return &DeleteJwtBearerGrantParams{ + Context: ctx, + } +} + +// NewDeleteJwtBearerGrantParamsWithHTTPClient creates a new DeleteJwtBearerGrantParams object +// with the ability to set a custom HTTPClient for a request. +func NewDeleteJwtBearerGrantParamsWithHTTPClient(client *http.Client) *DeleteJwtBearerGrantParams { + return &DeleteJwtBearerGrantParams{ + HTTPClient: client, + } +} + +/* DeleteJwtBearerGrantParams contains all the parameters to send to the API endpoint + for the delete jwt bearer grant operation. + + Typically these are written to a http.Request. +*/ +type DeleteJwtBearerGrantParams struct { + + /* ID. + + The id of the desired grant + */ + ID string + + timeout time.Duration + Context context.Context + HTTPClient *http.Client +} + +// WithDefaults hydrates default values in the delete jwt bearer grant params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DeleteJwtBearerGrantParams) WithDefaults() *DeleteJwtBearerGrantParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the delete jwt bearer grant params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DeleteJwtBearerGrantParams) SetDefaults() { + // no default values defined for this parameter +} + +// WithTimeout adds the timeout to the delete jwt bearer grant params +func (o *DeleteJwtBearerGrantParams) WithTimeout(timeout time.Duration) *DeleteJwtBearerGrantParams { + o.SetTimeout(timeout) + return o +} + +// SetTimeout adds the timeout to the delete jwt bearer grant params +func (o *DeleteJwtBearerGrantParams) SetTimeout(timeout time.Duration) { + o.timeout = timeout +} + +// WithContext adds the context to the delete jwt bearer grant params +func (o *DeleteJwtBearerGrantParams) WithContext(ctx context.Context) *DeleteJwtBearerGrantParams { + o.SetContext(ctx) + return o +} + +// SetContext adds the context to the delete jwt bearer grant params +func (o *DeleteJwtBearerGrantParams) SetContext(ctx context.Context) { + o.Context = ctx +} + +// WithHTTPClient adds the HTTPClient to the delete jwt bearer grant params +func (o *DeleteJwtBearerGrantParams) WithHTTPClient(client *http.Client) *DeleteJwtBearerGrantParams { + o.SetHTTPClient(client) + return o +} + +// SetHTTPClient adds the HTTPClient to the delete jwt bearer grant params +func (o *DeleteJwtBearerGrantParams) SetHTTPClient(client *http.Client) { + o.HTTPClient = client +} + +// WithID adds the id to the delete jwt bearer grant params +func (o *DeleteJwtBearerGrantParams) WithID(id string) *DeleteJwtBearerGrantParams { + o.SetID(id) + return o +} + +// SetID adds the id to the delete jwt bearer grant params +func (o *DeleteJwtBearerGrantParams) SetID(id string) { + o.ID = id +} + +// WriteToRequest writes these params to a swagger request +func (o *DeleteJwtBearerGrantParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { + + if err := r.SetTimeout(o.timeout); err != nil { + return err + } + var res []error + + // path param id + if err := r.SetPathParam("id", o.ID); err != nil { + return err + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/internal/httpclient/client/admin/delete_jwt_bearer_grant_responses.go b/internal/httpclient/client/admin/delete_jwt_bearer_grant_responses.go new file mode 100644 index 00000000000..7f18a3fc975 --- /dev/null +++ b/internal/httpclient/client/admin/delete_jwt_bearer_grant_responses.go @@ -0,0 +1,133 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "fmt" + "io" + + "github.com/go-openapi/runtime" + "github.com/go-openapi/strfmt" + + "github.com/ory/hydra/internal/httpclient/models" +) + +// DeleteJwtBearerGrantReader is a Reader for the DeleteJwtBearerGrant structure. +type DeleteJwtBearerGrantReader struct { + formats strfmt.Registry +} + +// ReadResponse reads a server response into the received o. +func (o *DeleteJwtBearerGrantReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { + switch response.Code() { + case 204: + result := NewDeleteJwtBearerGrantNoContent() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return result, nil + case 404: + result := NewDeleteJwtBearerGrantNotFound() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + case 500: + result := NewDeleteJwtBearerGrantInternalServerError() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + default: + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) + } +} + +// NewDeleteJwtBearerGrantNoContent creates a DeleteJwtBearerGrantNoContent with default headers values +func NewDeleteJwtBearerGrantNoContent() *DeleteJwtBearerGrantNoContent { + return &DeleteJwtBearerGrantNoContent{} +} + +/* DeleteJwtBearerGrantNoContent describes a response with status code 204, with default header values. + + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is +typically 201. +*/ +type DeleteJwtBearerGrantNoContent struct { +} + +func (o *DeleteJwtBearerGrantNoContent) Error() string { + return fmt.Sprintf("[DELETE /grants/jwt-bearer/{id}][%d] deleteJwtBearerGrantNoContent ", 204) +} + +func (o *DeleteJwtBearerGrantNoContent) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + return nil +} + +// NewDeleteJwtBearerGrantNotFound creates a DeleteJwtBearerGrantNotFound with default headers values +func NewDeleteJwtBearerGrantNotFound() *DeleteJwtBearerGrantNotFound { + return &DeleteJwtBearerGrantNotFound{} +} + +/* DeleteJwtBearerGrantNotFound describes a response with status code 404, with default header values. + +genericError +*/ +type DeleteJwtBearerGrantNotFound struct { + Payload *models.GenericError +} + +func (o *DeleteJwtBearerGrantNotFound) Error() string { + return fmt.Sprintf("[DELETE /grants/jwt-bearer/{id}][%d] deleteJwtBearerGrantNotFound %+v", 404, o.Payload) +} +func (o *DeleteJwtBearerGrantNotFound) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *DeleteJwtBearerGrantNotFound) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewDeleteJwtBearerGrantInternalServerError creates a DeleteJwtBearerGrantInternalServerError with default headers values +func NewDeleteJwtBearerGrantInternalServerError() *DeleteJwtBearerGrantInternalServerError { + return &DeleteJwtBearerGrantInternalServerError{} +} + +/* DeleteJwtBearerGrantInternalServerError describes a response with status code 500, with default header values. + +genericError +*/ +type DeleteJwtBearerGrantInternalServerError struct { + Payload *models.GenericError +} + +func (o *DeleteJwtBearerGrantInternalServerError) Error() string { + return fmt.Sprintf("[DELETE /grants/jwt-bearer/{id}][%d] deleteJwtBearerGrantInternalServerError %+v", 500, o.Payload) +} +func (o *DeleteJwtBearerGrantInternalServerError) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *DeleteJwtBearerGrantInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} diff --git a/internal/httpclient/client/admin/delete_o_auth2_client_parameters.go b/internal/httpclient/client/admin/delete_o_auth2_client_parameters.go index 6eb2b90b311..313a6b76fdf 100644 --- a/internal/httpclient/client/admin/delete_o_auth2_client_parameters.go +++ b/internal/httpclient/client/admin/delete_o_auth2_client_parameters.go @@ -16,53 +16,52 @@ import ( "github.com/go-openapi/strfmt" ) -// NewDeleteOAuth2ClientParams creates a new DeleteOAuth2ClientParams object -// with the default values initialized. +// NewDeleteOAuth2ClientParams creates a new DeleteOAuth2ClientParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewDeleteOAuth2ClientParams() *DeleteOAuth2ClientParams { - var () return &DeleteOAuth2ClientParams{ - timeout: cr.DefaultTimeout, } } // NewDeleteOAuth2ClientParamsWithTimeout creates a new DeleteOAuth2ClientParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewDeleteOAuth2ClientParamsWithTimeout(timeout time.Duration) *DeleteOAuth2ClientParams { - var () return &DeleteOAuth2ClientParams{ - timeout: timeout, } } // NewDeleteOAuth2ClientParamsWithContext creates a new DeleteOAuth2ClientParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewDeleteOAuth2ClientParamsWithContext(ctx context.Context) *DeleteOAuth2ClientParams { - var () return &DeleteOAuth2ClientParams{ - Context: ctx, } } // NewDeleteOAuth2ClientParamsWithHTTPClient creates a new DeleteOAuth2ClientParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewDeleteOAuth2ClientParamsWithHTTPClient(client *http.Client) *DeleteOAuth2ClientParams { - var () return &DeleteOAuth2ClientParams{ HTTPClient: client, } } -/*DeleteOAuth2ClientParams contains all the parameters to send to the API endpoint -for the delete o auth2 client operation typically these are written to a http.Request +/* DeleteOAuth2ClientParams contains all the parameters to send to the API endpoint + for the delete o auth2 client operation. + + Typically these are written to a http.Request. */ type DeleteOAuth2ClientParams struct { - /*ID - The id of the OAuth 2.0 Client. + /* ID. + The id of the OAuth 2.0 Client. */ ID string @@ -71,6 +70,21 @@ type DeleteOAuth2ClientParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the delete o auth2 client params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DeleteOAuth2ClientParams) WithDefaults() *DeleteOAuth2ClientParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the delete o auth2 client params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DeleteOAuth2ClientParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the delete o auth2 client params func (o *DeleteOAuth2ClientParams) WithTimeout(timeout time.Duration) *DeleteOAuth2ClientParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/delete_o_auth2_client_responses.go b/internal/httpclient/client/admin/delete_o_auth2_client_responses.go index 3f2b3caec30..d929d8ae322 100644 --- a/internal/httpclient/client/admin/delete_o_auth2_client_responses.go +++ b/internal/httpclient/client/admin/delete_o_auth2_client_responses.go @@ -41,9 +41,8 @@ func (o *DeleteOAuth2ClientReader) ReadResponse(response runtime.ClientResponse, return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,9 +51,9 @@ func NewDeleteOAuth2ClientNoContent() *DeleteOAuth2ClientNoContent { return &DeleteOAuth2ClientNoContent{} } -/*DeleteOAuth2ClientNoContent handles this case with default header values. +/* DeleteOAuth2ClientNoContent describes a response with status code 204, with default header values. -Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type DeleteOAuth2ClientNoContent struct { @@ -74,7 +73,7 @@ func NewDeleteOAuth2ClientNotFound() *DeleteOAuth2ClientNotFound { return &DeleteOAuth2ClientNotFound{} } -/*DeleteOAuth2ClientNotFound handles this case with default header values. +/* DeleteOAuth2ClientNotFound describes a response with status code 404, with default header values. genericError */ @@ -85,7 +84,6 @@ type DeleteOAuth2ClientNotFound struct { func (o *DeleteOAuth2ClientNotFound) Error() string { return fmt.Sprintf("[DELETE /clients/{id}][%d] deleteOAuth2ClientNotFound %+v", 404, o.Payload) } - func (o *DeleteOAuth2ClientNotFound) GetPayload() *models.GenericError { return o.Payload } @@ -107,7 +105,7 @@ func NewDeleteOAuth2ClientInternalServerError() *DeleteOAuth2ClientInternalServe return &DeleteOAuth2ClientInternalServerError{} } -/*DeleteOAuth2ClientInternalServerError handles this case with default header values. +/* DeleteOAuth2ClientInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -118,7 +116,6 @@ type DeleteOAuth2ClientInternalServerError struct { func (o *DeleteOAuth2ClientInternalServerError) Error() string { return fmt.Sprintf("[DELETE /clients/{id}][%d] deleteOAuth2ClientInternalServerError %+v", 500, o.Payload) } - func (o *DeleteOAuth2ClientInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/delete_o_auth2_token_parameters.go b/internal/httpclient/client/admin/delete_o_auth2_token_parameters.go index ae926e1d885..683579f246a 100644 --- a/internal/httpclient/client/admin/delete_o_auth2_token_parameters.go +++ b/internal/httpclient/client/admin/delete_o_auth2_token_parameters.go @@ -16,51 +16,50 @@ import ( "github.com/go-openapi/strfmt" ) -// NewDeleteOAuth2TokenParams creates a new DeleteOAuth2TokenParams object -// with the default values initialized. +// NewDeleteOAuth2TokenParams creates a new DeleteOAuth2TokenParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewDeleteOAuth2TokenParams() *DeleteOAuth2TokenParams { - var () return &DeleteOAuth2TokenParams{ - timeout: cr.DefaultTimeout, } } // NewDeleteOAuth2TokenParamsWithTimeout creates a new DeleteOAuth2TokenParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewDeleteOAuth2TokenParamsWithTimeout(timeout time.Duration) *DeleteOAuth2TokenParams { - var () return &DeleteOAuth2TokenParams{ - timeout: timeout, } } // NewDeleteOAuth2TokenParamsWithContext creates a new DeleteOAuth2TokenParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewDeleteOAuth2TokenParamsWithContext(ctx context.Context) *DeleteOAuth2TokenParams { - var () return &DeleteOAuth2TokenParams{ - Context: ctx, } } // NewDeleteOAuth2TokenParamsWithHTTPClient creates a new DeleteOAuth2TokenParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewDeleteOAuth2TokenParamsWithHTTPClient(client *http.Client) *DeleteOAuth2TokenParams { - var () return &DeleteOAuth2TokenParams{ HTTPClient: client, } } -/*DeleteOAuth2TokenParams contains all the parameters to send to the API endpoint -for the delete o auth2 token operation typically these are written to a http.Request +/* DeleteOAuth2TokenParams contains all the parameters to send to the API endpoint + for the delete o auth2 token operation. + + Typically these are written to a http.Request. */ type DeleteOAuth2TokenParams struct { - /*ClientID*/ + // ClientID. ClientID string timeout time.Duration @@ -68,6 +67,21 @@ type DeleteOAuth2TokenParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the delete o auth2 token params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DeleteOAuth2TokenParams) WithDefaults() *DeleteOAuth2TokenParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the delete o auth2 token params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DeleteOAuth2TokenParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the delete o auth2 token params func (o *DeleteOAuth2TokenParams) WithTimeout(timeout time.Duration) *DeleteOAuth2TokenParams { o.SetTimeout(timeout) @@ -124,6 +138,7 @@ func (o *DeleteOAuth2TokenParams) WriteToRequest(r runtime.ClientRequest, reg st qrClientID := o.ClientID qClientID := qrClientID if qClientID != "" { + if err := r.SetQueryParam("client_id", qClientID); err != nil { return err } diff --git a/internal/httpclient/client/admin/delete_o_auth2_token_responses.go b/internal/httpclient/client/admin/delete_o_auth2_token_responses.go index b337ce6bf37..45b58d83810 100644 --- a/internal/httpclient/client/admin/delete_o_auth2_token_responses.go +++ b/internal/httpclient/client/admin/delete_o_auth2_token_responses.go @@ -41,9 +41,8 @@ func (o *DeleteOAuth2TokenReader) ReadResponse(response runtime.ClientResponse, return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,9 +51,9 @@ func NewDeleteOAuth2TokenNoContent() *DeleteOAuth2TokenNoContent { return &DeleteOAuth2TokenNoContent{} } -/*DeleteOAuth2TokenNoContent handles this case with default header values. +/* DeleteOAuth2TokenNoContent describes a response with status code 204, with default header values. -Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type DeleteOAuth2TokenNoContent struct { @@ -74,7 +73,7 @@ func NewDeleteOAuth2TokenUnauthorized() *DeleteOAuth2TokenUnauthorized { return &DeleteOAuth2TokenUnauthorized{} } -/*DeleteOAuth2TokenUnauthorized handles this case with default header values. +/* DeleteOAuth2TokenUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -85,7 +84,6 @@ type DeleteOAuth2TokenUnauthorized struct { func (o *DeleteOAuth2TokenUnauthorized) Error() string { return fmt.Sprintf("[DELETE /oauth2/tokens][%d] deleteOAuth2TokenUnauthorized %+v", 401, o.Payload) } - func (o *DeleteOAuth2TokenUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -107,7 +105,7 @@ func NewDeleteOAuth2TokenInternalServerError() *DeleteOAuth2TokenInternalServerE return &DeleteOAuth2TokenInternalServerError{} } -/*DeleteOAuth2TokenInternalServerError handles this case with default header values. +/* DeleteOAuth2TokenInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -118,7 +116,6 @@ type DeleteOAuth2TokenInternalServerError struct { func (o *DeleteOAuth2TokenInternalServerError) Error() string { return fmt.Sprintf("[DELETE /oauth2/tokens][%d] deleteOAuth2TokenInternalServerError %+v", 500, o.Payload) } - func (o *DeleteOAuth2TokenInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_parameters.go b/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_parameters.go new file mode 100644 index 00000000000..2018da99ebc --- /dev/null +++ b/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_parameters.go @@ -0,0 +1,148 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + "net/http" + "time" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + cr "github.com/go-openapi/runtime/client" + "github.com/go-openapi/strfmt" + + "github.com/ory/hydra/internal/httpclient/models" +) + +// NewFlushInactiveJwtBearerGrantsParams creates a new FlushInactiveJwtBearerGrantsParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. +func NewFlushInactiveJwtBearerGrantsParams() *FlushInactiveJwtBearerGrantsParams { + return &FlushInactiveJwtBearerGrantsParams{ + timeout: cr.DefaultTimeout, + } +} + +// NewFlushInactiveJwtBearerGrantsParamsWithTimeout creates a new FlushInactiveJwtBearerGrantsParams object +// with the ability to set a timeout on a request. +func NewFlushInactiveJwtBearerGrantsParamsWithTimeout(timeout time.Duration) *FlushInactiveJwtBearerGrantsParams { + return &FlushInactiveJwtBearerGrantsParams{ + timeout: timeout, + } +} + +// NewFlushInactiveJwtBearerGrantsParamsWithContext creates a new FlushInactiveJwtBearerGrantsParams object +// with the ability to set a context for a request. +func NewFlushInactiveJwtBearerGrantsParamsWithContext(ctx context.Context) *FlushInactiveJwtBearerGrantsParams { + return &FlushInactiveJwtBearerGrantsParams{ + Context: ctx, + } +} + +// NewFlushInactiveJwtBearerGrantsParamsWithHTTPClient creates a new FlushInactiveJwtBearerGrantsParams object +// with the ability to set a custom HTTPClient for a request. +func NewFlushInactiveJwtBearerGrantsParamsWithHTTPClient(client *http.Client) *FlushInactiveJwtBearerGrantsParams { + return &FlushInactiveJwtBearerGrantsParams{ + HTTPClient: client, + } +} + +/* FlushInactiveJwtBearerGrantsParams contains all the parameters to send to the API endpoint + for the flush inactive jwt bearer grants operation. + + Typically these are written to a http.Request. +*/ +type FlushInactiveJwtBearerGrantsParams struct { + + // Body. + Body *models.FlushInactiveJwtBearerGrantsParams + + timeout time.Duration + Context context.Context + HTTPClient *http.Client +} + +// WithDefaults hydrates default values in the flush inactive jwt bearer grants params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *FlushInactiveJwtBearerGrantsParams) WithDefaults() *FlushInactiveJwtBearerGrantsParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the flush inactive jwt bearer grants params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *FlushInactiveJwtBearerGrantsParams) SetDefaults() { + // no default values defined for this parameter +} + +// WithTimeout adds the timeout to the flush inactive jwt bearer grants params +func (o *FlushInactiveJwtBearerGrantsParams) WithTimeout(timeout time.Duration) *FlushInactiveJwtBearerGrantsParams { + o.SetTimeout(timeout) + return o +} + +// SetTimeout adds the timeout to the flush inactive jwt bearer grants params +func (o *FlushInactiveJwtBearerGrantsParams) SetTimeout(timeout time.Duration) { + o.timeout = timeout +} + +// WithContext adds the context to the flush inactive jwt bearer grants params +func (o *FlushInactiveJwtBearerGrantsParams) WithContext(ctx context.Context) *FlushInactiveJwtBearerGrantsParams { + o.SetContext(ctx) + return o +} + +// SetContext adds the context to the flush inactive jwt bearer grants params +func (o *FlushInactiveJwtBearerGrantsParams) SetContext(ctx context.Context) { + o.Context = ctx +} + +// WithHTTPClient adds the HTTPClient to the flush inactive jwt bearer grants params +func (o *FlushInactiveJwtBearerGrantsParams) WithHTTPClient(client *http.Client) *FlushInactiveJwtBearerGrantsParams { + o.SetHTTPClient(client) + return o +} + +// SetHTTPClient adds the HTTPClient to the flush inactive jwt bearer grants params +func (o *FlushInactiveJwtBearerGrantsParams) SetHTTPClient(client *http.Client) { + o.HTTPClient = client +} + +// WithBody adds the body to the flush inactive jwt bearer grants params +func (o *FlushInactiveJwtBearerGrantsParams) WithBody(body *models.FlushInactiveJwtBearerGrantsParams) *FlushInactiveJwtBearerGrantsParams { + o.SetBody(body) + return o +} + +// SetBody adds the body to the flush inactive jwt bearer grants params +func (o *FlushInactiveJwtBearerGrantsParams) SetBody(body *models.FlushInactiveJwtBearerGrantsParams) { + o.Body = body +} + +// WriteToRequest writes these params to a swagger request +func (o *FlushInactiveJwtBearerGrantsParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { + + if err := r.SetTimeout(o.timeout); err != nil { + return err + } + var res []error + if o.Body != nil { + if err := r.SetBodyParam(o.Body); err != nil { + return err + } + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_responses.go b/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_responses.go new file mode 100644 index 00000000000..c69a6a9f6d7 --- /dev/null +++ b/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_responses.go @@ -0,0 +1,95 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "fmt" + "io" + + "github.com/go-openapi/runtime" + "github.com/go-openapi/strfmt" + + "github.com/ory/hydra/internal/httpclient/models" +) + +// FlushInactiveJwtBearerGrantsReader is a Reader for the FlushInactiveJwtBearerGrants structure. +type FlushInactiveJwtBearerGrantsReader struct { + formats strfmt.Registry +} + +// ReadResponse reads a server response into the received o. +func (o *FlushInactiveJwtBearerGrantsReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { + switch response.Code() { + case 204: + result := NewFlushInactiveJwtBearerGrantsNoContent() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return result, nil + case 500: + result := NewFlushInactiveJwtBearerGrantsInternalServerError() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + default: + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) + } +} + +// NewFlushInactiveJwtBearerGrantsNoContent creates a FlushInactiveJwtBearerGrantsNoContent with default headers values +func NewFlushInactiveJwtBearerGrantsNoContent() *FlushInactiveJwtBearerGrantsNoContent { + return &FlushInactiveJwtBearerGrantsNoContent{} +} + +/* FlushInactiveJwtBearerGrantsNoContent describes a response with status code 204, with default header values. + + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is +typically 201. +*/ +type FlushInactiveJwtBearerGrantsNoContent struct { +} + +func (o *FlushInactiveJwtBearerGrantsNoContent) Error() string { + return fmt.Sprintf("[POST /grants/jwt-bearer/flush][%d] flushInactiveJwtBearerGrantsNoContent ", 204) +} + +func (o *FlushInactiveJwtBearerGrantsNoContent) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + return nil +} + +// NewFlushInactiveJwtBearerGrantsInternalServerError creates a FlushInactiveJwtBearerGrantsInternalServerError with default headers values +func NewFlushInactiveJwtBearerGrantsInternalServerError() *FlushInactiveJwtBearerGrantsInternalServerError { + return &FlushInactiveJwtBearerGrantsInternalServerError{} +} + +/* FlushInactiveJwtBearerGrantsInternalServerError describes a response with status code 500, with default header values. + +genericError +*/ +type FlushInactiveJwtBearerGrantsInternalServerError struct { + Payload *models.GenericError +} + +func (o *FlushInactiveJwtBearerGrantsInternalServerError) Error() string { + return fmt.Sprintf("[POST /grants/jwt-bearer/flush][%d] flushInactiveJwtBearerGrantsInternalServerError %+v", 500, o.Payload) +} +func (o *FlushInactiveJwtBearerGrantsInternalServerError) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *FlushInactiveJwtBearerGrantsInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} diff --git a/internal/httpclient/client/admin/flush_inactive_o_auth2_tokens_parameters.go b/internal/httpclient/client/admin/flush_inactive_o_auth2_tokens_parameters.go index 619a282d2bd..ae82bc9c891 100644 --- a/internal/httpclient/client/admin/flush_inactive_o_auth2_tokens_parameters.go +++ b/internal/httpclient/client/admin/flush_inactive_o_auth2_tokens_parameters.go @@ -18,51 +18,50 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewFlushInactiveOAuth2TokensParams creates a new FlushInactiveOAuth2TokensParams object -// with the default values initialized. +// NewFlushInactiveOAuth2TokensParams creates a new FlushInactiveOAuth2TokensParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewFlushInactiveOAuth2TokensParams() *FlushInactiveOAuth2TokensParams { - var () return &FlushInactiveOAuth2TokensParams{ - timeout: cr.DefaultTimeout, } } // NewFlushInactiveOAuth2TokensParamsWithTimeout creates a new FlushInactiveOAuth2TokensParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewFlushInactiveOAuth2TokensParamsWithTimeout(timeout time.Duration) *FlushInactiveOAuth2TokensParams { - var () return &FlushInactiveOAuth2TokensParams{ - timeout: timeout, } } // NewFlushInactiveOAuth2TokensParamsWithContext creates a new FlushInactiveOAuth2TokensParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewFlushInactiveOAuth2TokensParamsWithContext(ctx context.Context) *FlushInactiveOAuth2TokensParams { - var () return &FlushInactiveOAuth2TokensParams{ - Context: ctx, } } // NewFlushInactiveOAuth2TokensParamsWithHTTPClient creates a new FlushInactiveOAuth2TokensParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewFlushInactiveOAuth2TokensParamsWithHTTPClient(client *http.Client) *FlushInactiveOAuth2TokensParams { - var () return &FlushInactiveOAuth2TokensParams{ HTTPClient: client, } } -/*FlushInactiveOAuth2TokensParams contains all the parameters to send to the API endpoint -for the flush inactive o auth2 tokens operation typically these are written to a http.Request +/* FlushInactiveOAuth2TokensParams contains all the parameters to send to the API endpoint + for the flush inactive o auth2 tokens operation. + + Typically these are written to a http.Request. */ type FlushInactiveOAuth2TokensParams struct { - /*Body*/ + // Body. Body *models.FlushInactiveOAuth2TokensRequest timeout time.Duration @@ -70,6 +69,21 @@ type FlushInactiveOAuth2TokensParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the flush inactive o auth2 tokens params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *FlushInactiveOAuth2TokensParams) WithDefaults() *FlushInactiveOAuth2TokensParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the flush inactive o auth2 tokens params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *FlushInactiveOAuth2TokensParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the flush inactive o auth2 tokens params func (o *FlushInactiveOAuth2TokensParams) WithTimeout(timeout time.Duration) *FlushInactiveOAuth2TokensParams { o.SetTimeout(timeout) @@ -121,7 +135,6 @@ func (o *FlushInactiveOAuth2TokensParams) WriteToRequest(r runtime.ClientRequest return err } var res []error - if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/flush_inactive_o_auth2_tokens_responses.go b/internal/httpclient/client/admin/flush_inactive_o_auth2_tokens_responses.go index db8285034a5..46031b5bcd9 100644 --- a/internal/httpclient/client/admin/flush_inactive_o_auth2_tokens_responses.go +++ b/internal/httpclient/client/admin/flush_inactive_o_auth2_tokens_responses.go @@ -41,9 +41,8 @@ func (o *FlushInactiveOAuth2TokensReader) ReadResponse(response runtime.ClientRe return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,9 +51,9 @@ func NewFlushInactiveOAuth2TokensNoContent() *FlushInactiveOAuth2TokensNoContent return &FlushInactiveOAuth2TokensNoContent{} } -/*FlushInactiveOAuth2TokensNoContent handles this case with default header values. +/* FlushInactiveOAuth2TokensNoContent describes a response with status code 204, with default header values. -Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type FlushInactiveOAuth2TokensNoContent struct { @@ -74,7 +73,7 @@ func NewFlushInactiveOAuth2TokensUnauthorized() *FlushInactiveOAuth2TokensUnauth return &FlushInactiveOAuth2TokensUnauthorized{} } -/*FlushInactiveOAuth2TokensUnauthorized handles this case with default header values. +/* FlushInactiveOAuth2TokensUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -85,7 +84,6 @@ type FlushInactiveOAuth2TokensUnauthorized struct { func (o *FlushInactiveOAuth2TokensUnauthorized) Error() string { return fmt.Sprintf("[POST /oauth2/flush][%d] flushInactiveOAuth2TokensUnauthorized %+v", 401, o.Payload) } - func (o *FlushInactiveOAuth2TokensUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -107,7 +105,7 @@ func NewFlushInactiveOAuth2TokensInternalServerError() *FlushInactiveOAuth2Token return &FlushInactiveOAuth2TokensInternalServerError{} } -/*FlushInactiveOAuth2TokensInternalServerError handles this case with default header values. +/* FlushInactiveOAuth2TokensInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -118,7 +116,6 @@ type FlushInactiveOAuth2TokensInternalServerError struct { func (o *FlushInactiveOAuth2TokensInternalServerError) Error() string { return fmt.Sprintf("[POST /oauth2/flush][%d] flushInactiveOAuth2TokensInternalServerError %+v", 500, o.Payload) } - func (o *FlushInactiveOAuth2TokensInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/get_consent_request_parameters.go b/internal/httpclient/client/admin/get_consent_request_parameters.go index 76033747908..3cdba97c4a1 100644 --- a/internal/httpclient/client/admin/get_consent_request_parameters.go +++ b/internal/httpclient/client/admin/get_consent_request_parameters.go @@ -16,51 +16,50 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetConsentRequestParams creates a new GetConsentRequestParams object -// with the default values initialized. +// NewGetConsentRequestParams creates a new GetConsentRequestParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewGetConsentRequestParams() *GetConsentRequestParams { - var () return &GetConsentRequestParams{ - timeout: cr.DefaultTimeout, } } // NewGetConsentRequestParamsWithTimeout creates a new GetConsentRequestParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewGetConsentRequestParamsWithTimeout(timeout time.Duration) *GetConsentRequestParams { - var () return &GetConsentRequestParams{ - timeout: timeout, } } // NewGetConsentRequestParamsWithContext creates a new GetConsentRequestParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewGetConsentRequestParamsWithContext(ctx context.Context) *GetConsentRequestParams { - var () return &GetConsentRequestParams{ - Context: ctx, } } // NewGetConsentRequestParamsWithHTTPClient creates a new GetConsentRequestParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewGetConsentRequestParamsWithHTTPClient(client *http.Client) *GetConsentRequestParams { - var () return &GetConsentRequestParams{ HTTPClient: client, } } -/*GetConsentRequestParams contains all the parameters to send to the API endpoint -for the get consent request operation typically these are written to a http.Request +/* GetConsentRequestParams contains all the parameters to send to the API endpoint + for the get consent request operation. + + Typically these are written to a http.Request. */ type GetConsentRequestParams struct { - /*ConsentChallenge*/ + // ConsentChallenge. ConsentChallenge string timeout time.Duration @@ -68,6 +67,21 @@ type GetConsentRequestParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the get consent request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetConsentRequestParams) WithDefaults() *GetConsentRequestParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the get consent request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetConsentRequestParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the get consent request params func (o *GetConsentRequestParams) WithTimeout(timeout time.Duration) *GetConsentRequestParams { o.SetTimeout(timeout) @@ -124,6 +138,7 @@ func (o *GetConsentRequestParams) WriteToRequest(r runtime.ClientRequest, reg st qrConsentChallenge := o.ConsentChallenge qConsentChallenge := qrConsentChallenge if qConsentChallenge != "" { + if err := r.SetQueryParam("consent_challenge", qConsentChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/get_consent_request_responses.go b/internal/httpclient/client/admin/get_consent_request_responses.go index 72c54eb81ee..4c3a77cce5b 100644 --- a/internal/httpclient/client/admin/get_consent_request_responses.go +++ b/internal/httpclient/client/admin/get_consent_request_responses.go @@ -47,9 +47,8 @@ func (o *GetConsentRequestReader) ReadResponse(response runtime.ClientResponse, return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -58,7 +57,7 @@ func NewGetConsentRequestOK() *GetConsentRequestOK { return &GetConsentRequestOK{} } -/*GetConsentRequestOK handles this case with default header values. +/* GetConsentRequestOK describes a response with status code 200, with default header values. consentRequest */ @@ -69,7 +68,6 @@ type GetConsentRequestOK struct { func (o *GetConsentRequestOK) Error() string { return fmt.Sprintf("[GET /oauth2/auth/requests/consent][%d] getConsentRequestOK %+v", 200, o.Payload) } - func (o *GetConsentRequestOK) GetPayload() *models.ConsentRequest { return o.Payload } @@ -91,7 +89,7 @@ func NewGetConsentRequestNotFound() *GetConsentRequestNotFound { return &GetConsentRequestNotFound{} } -/*GetConsentRequestNotFound handles this case with default header values. +/* GetConsentRequestNotFound describes a response with status code 404, with default header values. genericError */ @@ -102,7 +100,6 @@ type GetConsentRequestNotFound struct { func (o *GetConsentRequestNotFound) Error() string { return fmt.Sprintf("[GET /oauth2/auth/requests/consent][%d] getConsentRequestNotFound %+v", 404, o.Payload) } - func (o *GetConsentRequestNotFound) GetPayload() *models.GenericError { return o.Payload } @@ -124,7 +121,7 @@ func NewGetConsentRequestGone() *GetConsentRequestGone { return &GetConsentRequestGone{} } -/*GetConsentRequestGone handles this case with default header values. +/* GetConsentRequestGone describes a response with status code 410, with default header values. requestWasHandledResponse */ @@ -135,7 +132,6 @@ type GetConsentRequestGone struct { func (o *GetConsentRequestGone) Error() string { return fmt.Sprintf("[GET /oauth2/auth/requests/consent][%d] getConsentRequestGone %+v", 410, o.Payload) } - func (o *GetConsentRequestGone) GetPayload() *models.RequestWasHandledResponse { return o.Payload } @@ -157,7 +153,7 @@ func NewGetConsentRequestInternalServerError() *GetConsentRequestInternalServerE return &GetConsentRequestInternalServerError{} } -/*GetConsentRequestInternalServerError handles this case with default header values. +/* GetConsentRequestInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -168,7 +164,6 @@ type GetConsentRequestInternalServerError struct { func (o *GetConsentRequestInternalServerError) Error() string { return fmt.Sprintf("[GET /oauth2/auth/requests/consent][%d] getConsentRequestInternalServerError %+v", 500, o.Payload) } - func (o *GetConsentRequestInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/get_json_web_key_parameters.go b/internal/httpclient/client/admin/get_json_web_key_parameters.go index c8c609b8695..bf7429056e8 100644 --- a/internal/httpclient/client/admin/get_json_web_key_parameters.go +++ b/internal/httpclient/client/admin/get_json_web_key_parameters.go @@ -16,58 +16,58 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetJSONWebKeyParams creates a new GetJSONWebKeyParams object -// with the default values initialized. +// NewGetJSONWebKeyParams creates a new GetJSONWebKeyParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewGetJSONWebKeyParams() *GetJSONWebKeyParams { - var () return &GetJSONWebKeyParams{ - timeout: cr.DefaultTimeout, } } // NewGetJSONWebKeyParamsWithTimeout creates a new GetJSONWebKeyParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewGetJSONWebKeyParamsWithTimeout(timeout time.Duration) *GetJSONWebKeyParams { - var () return &GetJSONWebKeyParams{ - timeout: timeout, } } // NewGetJSONWebKeyParamsWithContext creates a new GetJSONWebKeyParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewGetJSONWebKeyParamsWithContext(ctx context.Context) *GetJSONWebKeyParams { - var () return &GetJSONWebKeyParams{ - Context: ctx, } } // NewGetJSONWebKeyParamsWithHTTPClient creates a new GetJSONWebKeyParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewGetJSONWebKeyParamsWithHTTPClient(client *http.Client) *GetJSONWebKeyParams { - var () return &GetJSONWebKeyParams{ HTTPClient: client, } } -/*GetJSONWebKeyParams contains all the parameters to send to the API endpoint -for the get Json web key operation typically these are written to a http.Request +/* GetJSONWebKeyParams contains all the parameters to send to the API endpoint + for the get Json web key operation. + + Typically these are written to a http.Request. */ type GetJSONWebKeyParams struct { - /*Kid - The kid of the desired key + /* Kid. + The kid of the desired key */ Kid string - /*Set - The set + /* Set. + + The set */ Set string @@ -76,6 +76,21 @@ type GetJSONWebKeyParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the get Json web key params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetJSONWebKeyParams) WithDefaults() *GetJSONWebKeyParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the get Json web key params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetJSONWebKeyParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the get Json web key params func (o *GetJSONWebKeyParams) WithTimeout(timeout time.Duration) *GetJSONWebKeyParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/get_json_web_key_responses.go b/internal/httpclient/client/admin/get_json_web_key_responses.go index 157afed7912..c8ced318a81 100644 --- a/internal/httpclient/client/admin/get_json_web_key_responses.go +++ b/internal/httpclient/client/admin/get_json_web_key_responses.go @@ -41,9 +41,8 @@ func (o *GetJSONWebKeyReader) ReadResponse(response runtime.ClientResponse, cons return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,7 +51,7 @@ func NewGetJSONWebKeyOK() *GetJSONWebKeyOK { return &GetJSONWebKeyOK{} } -/*GetJSONWebKeyOK handles this case with default header values. +/* GetJSONWebKeyOK describes a response with status code 200, with default header values. JSONWebKeySet */ @@ -63,7 +62,6 @@ type GetJSONWebKeyOK struct { func (o *GetJSONWebKeyOK) Error() string { return fmt.Sprintf("[GET /keys/{set}/{kid}][%d] getJsonWebKeyOK %+v", 200, o.Payload) } - func (o *GetJSONWebKeyOK) GetPayload() *models.JSONWebKeySet { return o.Payload } @@ -85,7 +83,7 @@ func NewGetJSONWebKeyNotFound() *GetJSONWebKeyNotFound { return &GetJSONWebKeyNotFound{} } -/*GetJSONWebKeyNotFound handles this case with default header values. +/* GetJSONWebKeyNotFound describes a response with status code 404, with default header values. genericError */ @@ -96,7 +94,6 @@ type GetJSONWebKeyNotFound struct { func (o *GetJSONWebKeyNotFound) Error() string { return fmt.Sprintf("[GET /keys/{set}/{kid}][%d] getJsonWebKeyNotFound %+v", 404, o.Payload) } - func (o *GetJSONWebKeyNotFound) GetPayload() *models.GenericError { return o.Payload } @@ -118,7 +115,7 @@ func NewGetJSONWebKeyInternalServerError() *GetJSONWebKeyInternalServerError { return &GetJSONWebKeyInternalServerError{} } -/*GetJSONWebKeyInternalServerError handles this case with default header values. +/* GetJSONWebKeyInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -129,7 +126,6 @@ type GetJSONWebKeyInternalServerError struct { func (o *GetJSONWebKeyInternalServerError) Error() string { return fmt.Sprintf("[GET /keys/{set}/{kid}][%d] getJsonWebKeyInternalServerError %+v", 500, o.Payload) } - func (o *GetJSONWebKeyInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/get_json_web_key_set_parameters.go b/internal/httpclient/client/admin/get_json_web_key_set_parameters.go index 34dee113c0d..1635ddb667d 100644 --- a/internal/httpclient/client/admin/get_json_web_key_set_parameters.go +++ b/internal/httpclient/client/admin/get_json_web_key_set_parameters.go @@ -16,53 +16,52 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetJSONWebKeySetParams creates a new GetJSONWebKeySetParams object -// with the default values initialized. +// NewGetJSONWebKeySetParams creates a new GetJSONWebKeySetParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewGetJSONWebKeySetParams() *GetJSONWebKeySetParams { - var () return &GetJSONWebKeySetParams{ - timeout: cr.DefaultTimeout, } } // NewGetJSONWebKeySetParamsWithTimeout creates a new GetJSONWebKeySetParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewGetJSONWebKeySetParamsWithTimeout(timeout time.Duration) *GetJSONWebKeySetParams { - var () return &GetJSONWebKeySetParams{ - timeout: timeout, } } // NewGetJSONWebKeySetParamsWithContext creates a new GetJSONWebKeySetParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewGetJSONWebKeySetParamsWithContext(ctx context.Context) *GetJSONWebKeySetParams { - var () return &GetJSONWebKeySetParams{ - Context: ctx, } } // NewGetJSONWebKeySetParamsWithHTTPClient creates a new GetJSONWebKeySetParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewGetJSONWebKeySetParamsWithHTTPClient(client *http.Client) *GetJSONWebKeySetParams { - var () return &GetJSONWebKeySetParams{ HTTPClient: client, } } -/*GetJSONWebKeySetParams contains all the parameters to send to the API endpoint -for the get Json web key set operation typically these are written to a http.Request +/* GetJSONWebKeySetParams contains all the parameters to send to the API endpoint + for the get Json web key set operation. + + Typically these are written to a http.Request. */ type GetJSONWebKeySetParams struct { - /*Set - The set + /* Set. + The set */ Set string @@ -71,6 +70,21 @@ type GetJSONWebKeySetParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the get Json web key set params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetJSONWebKeySetParams) WithDefaults() *GetJSONWebKeySetParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the get Json web key set params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetJSONWebKeySetParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the get Json web key set params func (o *GetJSONWebKeySetParams) WithTimeout(timeout time.Duration) *GetJSONWebKeySetParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/get_json_web_key_set_responses.go b/internal/httpclient/client/admin/get_json_web_key_set_responses.go index df2592e9d4c..0e68493e983 100644 --- a/internal/httpclient/client/admin/get_json_web_key_set_responses.go +++ b/internal/httpclient/client/admin/get_json_web_key_set_responses.go @@ -47,9 +47,8 @@ func (o *GetJSONWebKeySetReader) ReadResponse(response runtime.ClientResponse, c return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -58,7 +57,7 @@ func NewGetJSONWebKeySetOK() *GetJSONWebKeySetOK { return &GetJSONWebKeySetOK{} } -/*GetJSONWebKeySetOK handles this case with default header values. +/* GetJSONWebKeySetOK describes a response with status code 200, with default header values. JSONWebKeySet */ @@ -69,7 +68,6 @@ type GetJSONWebKeySetOK struct { func (o *GetJSONWebKeySetOK) Error() string { return fmt.Sprintf("[GET /keys/{set}][%d] getJsonWebKeySetOK %+v", 200, o.Payload) } - func (o *GetJSONWebKeySetOK) GetPayload() *models.JSONWebKeySet { return o.Payload } @@ -91,7 +89,7 @@ func NewGetJSONWebKeySetUnauthorized() *GetJSONWebKeySetUnauthorized { return &GetJSONWebKeySetUnauthorized{} } -/*GetJSONWebKeySetUnauthorized handles this case with default header values. +/* GetJSONWebKeySetUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -102,7 +100,6 @@ type GetJSONWebKeySetUnauthorized struct { func (o *GetJSONWebKeySetUnauthorized) Error() string { return fmt.Sprintf("[GET /keys/{set}][%d] getJsonWebKeySetUnauthorized %+v", 401, o.Payload) } - func (o *GetJSONWebKeySetUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -124,7 +121,7 @@ func NewGetJSONWebKeySetForbidden() *GetJSONWebKeySetForbidden { return &GetJSONWebKeySetForbidden{} } -/*GetJSONWebKeySetForbidden handles this case with default header values. +/* GetJSONWebKeySetForbidden describes a response with status code 403, with default header values. genericError */ @@ -135,7 +132,6 @@ type GetJSONWebKeySetForbidden struct { func (o *GetJSONWebKeySetForbidden) Error() string { return fmt.Sprintf("[GET /keys/{set}][%d] getJsonWebKeySetForbidden %+v", 403, o.Payload) } - func (o *GetJSONWebKeySetForbidden) GetPayload() *models.GenericError { return o.Payload } @@ -157,7 +153,7 @@ func NewGetJSONWebKeySetInternalServerError() *GetJSONWebKeySetInternalServerErr return &GetJSONWebKeySetInternalServerError{} } -/*GetJSONWebKeySetInternalServerError handles this case with default header values. +/* GetJSONWebKeySetInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -168,7 +164,6 @@ type GetJSONWebKeySetInternalServerError struct { func (o *GetJSONWebKeySetInternalServerError) Error() string { return fmt.Sprintf("[GET /keys/{set}][%d] getJsonWebKeySetInternalServerError %+v", 500, o.Payload) } - func (o *GetJSONWebKeySetInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/get_jwt_bearer_grant_list_parameters.go b/internal/httpclient/client/admin/get_jwt_bearer_grant_list_parameters.go new file mode 100644 index 00000000000..e571bb48486 --- /dev/null +++ b/internal/httpclient/client/admin/get_jwt_bearer_grant_list_parameters.go @@ -0,0 +1,161 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + "net/http" + "time" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + cr "github.com/go-openapi/runtime/client" + "github.com/go-openapi/strfmt" +) + +// NewGetJwtBearerGrantListParams creates a new GetJwtBearerGrantListParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. +func NewGetJwtBearerGrantListParams() *GetJwtBearerGrantListParams { + return &GetJwtBearerGrantListParams{ + timeout: cr.DefaultTimeout, + } +} + +// NewGetJwtBearerGrantListParamsWithTimeout creates a new GetJwtBearerGrantListParams object +// with the ability to set a timeout on a request. +func NewGetJwtBearerGrantListParamsWithTimeout(timeout time.Duration) *GetJwtBearerGrantListParams { + return &GetJwtBearerGrantListParams{ + timeout: timeout, + } +} + +// NewGetJwtBearerGrantListParamsWithContext creates a new GetJwtBearerGrantListParams object +// with the ability to set a context for a request. +func NewGetJwtBearerGrantListParamsWithContext(ctx context.Context) *GetJwtBearerGrantListParams { + return &GetJwtBearerGrantListParams{ + Context: ctx, + } +} + +// NewGetJwtBearerGrantListParamsWithHTTPClient creates a new GetJwtBearerGrantListParams object +// with the ability to set a custom HTTPClient for a request. +func NewGetJwtBearerGrantListParamsWithHTTPClient(client *http.Client) *GetJwtBearerGrantListParams { + return &GetJwtBearerGrantListParams{ + HTTPClient: client, + } +} + +/* GetJwtBearerGrantListParams contains all the parameters to send to the API endpoint + for the get jwt bearer grant list operation. + + Typically these are written to a http.Request. +*/ +type GetJwtBearerGrantListParams struct { + + /* Issuer. + + If Optional "issuer" is supplied, only jwt-bearer grants with this issuer will be returned. + */ + Issuer *string + + timeout time.Duration + Context context.Context + HTTPClient *http.Client +} + +// WithDefaults hydrates default values in the get jwt bearer grant list params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetJwtBearerGrantListParams) WithDefaults() *GetJwtBearerGrantListParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the get jwt bearer grant list params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetJwtBearerGrantListParams) SetDefaults() { + // no default values defined for this parameter +} + +// WithTimeout adds the timeout to the get jwt bearer grant list params +func (o *GetJwtBearerGrantListParams) WithTimeout(timeout time.Duration) *GetJwtBearerGrantListParams { + o.SetTimeout(timeout) + return o +} + +// SetTimeout adds the timeout to the get jwt bearer grant list params +func (o *GetJwtBearerGrantListParams) SetTimeout(timeout time.Duration) { + o.timeout = timeout +} + +// WithContext adds the context to the get jwt bearer grant list params +func (o *GetJwtBearerGrantListParams) WithContext(ctx context.Context) *GetJwtBearerGrantListParams { + o.SetContext(ctx) + return o +} + +// SetContext adds the context to the get jwt bearer grant list params +func (o *GetJwtBearerGrantListParams) SetContext(ctx context.Context) { + o.Context = ctx +} + +// WithHTTPClient adds the HTTPClient to the get jwt bearer grant list params +func (o *GetJwtBearerGrantListParams) WithHTTPClient(client *http.Client) *GetJwtBearerGrantListParams { + o.SetHTTPClient(client) + return o +} + +// SetHTTPClient adds the HTTPClient to the get jwt bearer grant list params +func (o *GetJwtBearerGrantListParams) SetHTTPClient(client *http.Client) { + o.HTTPClient = client +} + +// WithIssuer adds the issuer to the get jwt bearer grant list params +func (o *GetJwtBearerGrantListParams) WithIssuer(issuer *string) *GetJwtBearerGrantListParams { + o.SetIssuer(issuer) + return o +} + +// SetIssuer adds the issuer to the get jwt bearer grant list params +func (o *GetJwtBearerGrantListParams) SetIssuer(issuer *string) { + o.Issuer = issuer +} + +// WriteToRequest writes these params to a swagger request +func (o *GetJwtBearerGrantListParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { + + if err := r.SetTimeout(o.timeout); err != nil { + return err + } + var res []error + + if o.Issuer != nil { + + // query param issuer + var qrIssuer string + + if o.Issuer != nil { + qrIssuer = *o.Issuer + } + qIssuer := qrIssuer + if qIssuer != "" { + + if err := r.SetQueryParam("issuer", qIssuer); err != nil { + return err + } + } + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/internal/httpclient/client/admin/get_jwt_bearer_grant_list_responses.go b/internal/httpclient/client/admin/get_jwt_bearer_grant_list_responses.go new file mode 100644 index 00000000000..21b7028843f --- /dev/null +++ b/internal/httpclient/client/admin/get_jwt_bearer_grant_list_responses.go @@ -0,0 +1,103 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "fmt" + "io" + + "github.com/go-openapi/runtime" + "github.com/go-openapi/strfmt" + + "github.com/ory/hydra/internal/httpclient/models" +) + +// GetJwtBearerGrantListReader is a Reader for the GetJwtBearerGrantList structure. +type GetJwtBearerGrantListReader struct { + formats strfmt.Registry +} + +// ReadResponse reads a server response into the received o. +func (o *GetJwtBearerGrantListReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { + switch response.Code() { + case 200: + result := NewGetJwtBearerGrantListOK() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return result, nil + case 500: + result := NewGetJwtBearerGrantListInternalServerError() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + default: + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) + } +} + +// NewGetJwtBearerGrantListOK creates a GetJwtBearerGrantListOK with default headers values +func NewGetJwtBearerGrantListOK() *GetJwtBearerGrantListOK { + return &GetJwtBearerGrantListOK{} +} + +/* GetJwtBearerGrantListOK describes a response with status code 200, with default header values. + +GetJwtBearerGrantListOK get jwt bearer grant list o k +*/ +type GetJwtBearerGrantListOK struct { + Payload []*models.JwtBearerGrant +} + +func (o *GetJwtBearerGrantListOK) Error() string { + return fmt.Sprintf("[GET /grants/jwt-bearer][%d] getJwtBearerGrantListOK %+v", 200, o.Payload) +} +func (o *GetJwtBearerGrantListOK) GetPayload() []*models.JwtBearerGrant { + return o.Payload +} + +func (o *GetJwtBearerGrantListOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + // response payload + if err := consumer.Consume(response.Body(), &o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewGetJwtBearerGrantListInternalServerError creates a GetJwtBearerGrantListInternalServerError with default headers values +func NewGetJwtBearerGrantListInternalServerError() *GetJwtBearerGrantListInternalServerError { + return &GetJwtBearerGrantListInternalServerError{} +} + +/* GetJwtBearerGrantListInternalServerError describes a response with status code 500, with default header values. + +genericError +*/ +type GetJwtBearerGrantListInternalServerError struct { + Payload *models.GenericError +} + +func (o *GetJwtBearerGrantListInternalServerError) Error() string { + return fmt.Sprintf("[GET /grants/jwt-bearer][%d] getJwtBearerGrantListInternalServerError %+v", 500, o.Payload) +} +func (o *GetJwtBearerGrantListInternalServerError) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *GetJwtBearerGrantListInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} diff --git a/internal/httpclient/client/admin/get_jwt_bearer_grant_parameters.go b/internal/httpclient/client/admin/get_jwt_bearer_grant_parameters.go new file mode 100644 index 00000000000..2a9b8f5bd7a --- /dev/null +++ b/internal/httpclient/client/admin/get_jwt_bearer_grant_parameters.go @@ -0,0 +1,149 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + "net/http" + "time" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + cr "github.com/go-openapi/runtime/client" + "github.com/go-openapi/strfmt" +) + +// NewGetJwtBearerGrantParams creates a new GetJwtBearerGrantParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. +func NewGetJwtBearerGrantParams() *GetJwtBearerGrantParams { + return &GetJwtBearerGrantParams{ + timeout: cr.DefaultTimeout, + } +} + +// NewGetJwtBearerGrantParamsWithTimeout creates a new GetJwtBearerGrantParams object +// with the ability to set a timeout on a request. +func NewGetJwtBearerGrantParamsWithTimeout(timeout time.Duration) *GetJwtBearerGrantParams { + return &GetJwtBearerGrantParams{ + timeout: timeout, + } +} + +// NewGetJwtBearerGrantParamsWithContext creates a new GetJwtBearerGrantParams object +// with the ability to set a context for a request. +func NewGetJwtBearerGrantParamsWithContext(ctx context.Context) *GetJwtBearerGrantParams { + return &GetJwtBearerGrantParams{ + Context: ctx, + } +} + +// NewGetJwtBearerGrantParamsWithHTTPClient creates a new GetJwtBearerGrantParams object +// with the ability to set a custom HTTPClient for a request. +func NewGetJwtBearerGrantParamsWithHTTPClient(client *http.Client) *GetJwtBearerGrantParams { + return &GetJwtBearerGrantParams{ + HTTPClient: client, + } +} + +/* GetJwtBearerGrantParams contains all the parameters to send to the API endpoint + for the get jwt bearer grant operation. + + Typically these are written to a http.Request. +*/ +type GetJwtBearerGrantParams struct { + + /* ID. + + The id of the desired grant + */ + ID string + + timeout time.Duration + Context context.Context + HTTPClient *http.Client +} + +// WithDefaults hydrates default values in the get jwt bearer grant params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetJwtBearerGrantParams) WithDefaults() *GetJwtBearerGrantParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the get jwt bearer grant params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetJwtBearerGrantParams) SetDefaults() { + // no default values defined for this parameter +} + +// WithTimeout adds the timeout to the get jwt bearer grant params +func (o *GetJwtBearerGrantParams) WithTimeout(timeout time.Duration) *GetJwtBearerGrantParams { + o.SetTimeout(timeout) + return o +} + +// SetTimeout adds the timeout to the get jwt bearer grant params +func (o *GetJwtBearerGrantParams) SetTimeout(timeout time.Duration) { + o.timeout = timeout +} + +// WithContext adds the context to the get jwt bearer grant params +func (o *GetJwtBearerGrantParams) WithContext(ctx context.Context) *GetJwtBearerGrantParams { + o.SetContext(ctx) + return o +} + +// SetContext adds the context to the get jwt bearer grant params +func (o *GetJwtBearerGrantParams) SetContext(ctx context.Context) { + o.Context = ctx +} + +// WithHTTPClient adds the HTTPClient to the get jwt bearer grant params +func (o *GetJwtBearerGrantParams) WithHTTPClient(client *http.Client) *GetJwtBearerGrantParams { + o.SetHTTPClient(client) + return o +} + +// SetHTTPClient adds the HTTPClient to the get jwt bearer grant params +func (o *GetJwtBearerGrantParams) SetHTTPClient(client *http.Client) { + o.HTTPClient = client +} + +// WithID adds the id to the get jwt bearer grant params +func (o *GetJwtBearerGrantParams) WithID(id string) *GetJwtBearerGrantParams { + o.SetID(id) + return o +} + +// SetID adds the id to the get jwt bearer grant params +func (o *GetJwtBearerGrantParams) SetID(id string) { + o.ID = id +} + +// WriteToRequest writes these params to a swagger request +func (o *GetJwtBearerGrantParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { + + if err := r.SetTimeout(o.timeout); err != nil { + return err + } + var res []error + + // path param id + if err := r.SetPathParam("id", o.ID); err != nil { + return err + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/internal/httpclient/client/admin/get_jwt_bearer_grant_responses.go b/internal/httpclient/client/admin/get_jwt_bearer_grant_responses.go new file mode 100644 index 00000000000..7bee5a7c2c5 --- /dev/null +++ b/internal/httpclient/client/admin/get_jwt_bearer_grant_responses.go @@ -0,0 +1,143 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "fmt" + "io" + + "github.com/go-openapi/runtime" + "github.com/go-openapi/strfmt" + + "github.com/ory/hydra/internal/httpclient/models" +) + +// GetJwtBearerGrantReader is a Reader for the GetJwtBearerGrant structure. +type GetJwtBearerGrantReader struct { + formats strfmt.Registry +} + +// ReadResponse reads a server response into the received o. +func (o *GetJwtBearerGrantReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { + switch response.Code() { + case 200: + result := NewGetJwtBearerGrantOK() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return result, nil + case 404: + result := NewGetJwtBearerGrantNotFound() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + case 500: + result := NewGetJwtBearerGrantInternalServerError() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + default: + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) + } +} + +// NewGetJwtBearerGrantOK creates a GetJwtBearerGrantOK with default headers values +func NewGetJwtBearerGrantOK() *GetJwtBearerGrantOK { + return &GetJwtBearerGrantOK{} +} + +/* GetJwtBearerGrantOK describes a response with status code 200, with default header values. + +JwtBearerGrant +*/ +type GetJwtBearerGrantOK struct { + Payload *models.JwtBearerGrant +} + +func (o *GetJwtBearerGrantOK) Error() string { + return fmt.Sprintf("[GET /grants/jwt-bearer/{id}][%d] getJwtBearerGrantOK %+v", 200, o.Payload) +} +func (o *GetJwtBearerGrantOK) GetPayload() *models.JwtBearerGrant { + return o.Payload +} + +func (o *GetJwtBearerGrantOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.JwtBearerGrant) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewGetJwtBearerGrantNotFound creates a GetJwtBearerGrantNotFound with default headers values +func NewGetJwtBearerGrantNotFound() *GetJwtBearerGrantNotFound { + return &GetJwtBearerGrantNotFound{} +} + +/* GetJwtBearerGrantNotFound describes a response with status code 404, with default header values. + +genericError +*/ +type GetJwtBearerGrantNotFound struct { + Payload *models.GenericError +} + +func (o *GetJwtBearerGrantNotFound) Error() string { + return fmt.Sprintf("[GET /grants/jwt-bearer/{id}][%d] getJwtBearerGrantNotFound %+v", 404, o.Payload) +} +func (o *GetJwtBearerGrantNotFound) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *GetJwtBearerGrantNotFound) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewGetJwtBearerGrantInternalServerError creates a GetJwtBearerGrantInternalServerError with default headers values +func NewGetJwtBearerGrantInternalServerError() *GetJwtBearerGrantInternalServerError { + return &GetJwtBearerGrantInternalServerError{} +} + +/* GetJwtBearerGrantInternalServerError describes a response with status code 500, with default header values. + +genericError +*/ +type GetJwtBearerGrantInternalServerError struct { + Payload *models.GenericError +} + +func (o *GetJwtBearerGrantInternalServerError) Error() string { + return fmt.Sprintf("[GET /grants/jwt-bearer/{id}][%d] getJwtBearerGrantInternalServerError %+v", 500, o.Payload) +} +func (o *GetJwtBearerGrantInternalServerError) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *GetJwtBearerGrantInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} diff --git a/internal/httpclient/client/admin/get_login_request_parameters.go b/internal/httpclient/client/admin/get_login_request_parameters.go index 32ce4b750f3..55a3dae116f 100644 --- a/internal/httpclient/client/admin/get_login_request_parameters.go +++ b/internal/httpclient/client/admin/get_login_request_parameters.go @@ -16,51 +16,50 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetLoginRequestParams creates a new GetLoginRequestParams object -// with the default values initialized. +// NewGetLoginRequestParams creates a new GetLoginRequestParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewGetLoginRequestParams() *GetLoginRequestParams { - var () return &GetLoginRequestParams{ - timeout: cr.DefaultTimeout, } } // NewGetLoginRequestParamsWithTimeout creates a new GetLoginRequestParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewGetLoginRequestParamsWithTimeout(timeout time.Duration) *GetLoginRequestParams { - var () return &GetLoginRequestParams{ - timeout: timeout, } } // NewGetLoginRequestParamsWithContext creates a new GetLoginRequestParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewGetLoginRequestParamsWithContext(ctx context.Context) *GetLoginRequestParams { - var () return &GetLoginRequestParams{ - Context: ctx, } } // NewGetLoginRequestParamsWithHTTPClient creates a new GetLoginRequestParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewGetLoginRequestParamsWithHTTPClient(client *http.Client) *GetLoginRequestParams { - var () return &GetLoginRequestParams{ HTTPClient: client, } } -/*GetLoginRequestParams contains all the parameters to send to the API endpoint -for the get login request operation typically these are written to a http.Request +/* GetLoginRequestParams contains all the parameters to send to the API endpoint + for the get login request operation. + + Typically these are written to a http.Request. */ type GetLoginRequestParams struct { - /*LoginChallenge*/ + // LoginChallenge. LoginChallenge string timeout time.Duration @@ -68,6 +67,21 @@ type GetLoginRequestParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the get login request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetLoginRequestParams) WithDefaults() *GetLoginRequestParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the get login request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetLoginRequestParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the get login request params func (o *GetLoginRequestParams) WithTimeout(timeout time.Duration) *GetLoginRequestParams { o.SetTimeout(timeout) @@ -124,6 +138,7 @@ func (o *GetLoginRequestParams) WriteToRequest(r runtime.ClientRequest, reg strf qrLoginChallenge := o.LoginChallenge qLoginChallenge := qrLoginChallenge if qLoginChallenge != "" { + if err := r.SetQueryParam("login_challenge", qLoginChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/get_login_request_responses.go b/internal/httpclient/client/admin/get_login_request_responses.go index 5e8a000ff38..5f33c029b20 100644 --- a/internal/httpclient/client/admin/get_login_request_responses.go +++ b/internal/httpclient/client/admin/get_login_request_responses.go @@ -53,9 +53,8 @@ func (o *GetLoginRequestReader) ReadResponse(response runtime.ClientResponse, co return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -64,7 +63,7 @@ func NewGetLoginRequestOK() *GetLoginRequestOK { return &GetLoginRequestOK{} } -/*GetLoginRequestOK handles this case with default header values. +/* GetLoginRequestOK describes a response with status code 200, with default header values. loginRequest */ @@ -75,7 +74,6 @@ type GetLoginRequestOK struct { func (o *GetLoginRequestOK) Error() string { return fmt.Sprintf("[GET /oauth2/auth/requests/login][%d] getLoginRequestOK %+v", 200, o.Payload) } - func (o *GetLoginRequestOK) GetPayload() *models.LoginRequest { return o.Payload } @@ -97,7 +95,7 @@ func NewGetLoginRequestBadRequest() *GetLoginRequestBadRequest { return &GetLoginRequestBadRequest{} } -/*GetLoginRequestBadRequest handles this case with default header values. +/* GetLoginRequestBadRequest describes a response with status code 400, with default header values. genericError */ @@ -108,7 +106,6 @@ type GetLoginRequestBadRequest struct { func (o *GetLoginRequestBadRequest) Error() string { return fmt.Sprintf("[GET /oauth2/auth/requests/login][%d] getLoginRequestBadRequest %+v", 400, o.Payload) } - func (o *GetLoginRequestBadRequest) GetPayload() *models.GenericError { return o.Payload } @@ -130,7 +127,7 @@ func NewGetLoginRequestNotFound() *GetLoginRequestNotFound { return &GetLoginRequestNotFound{} } -/*GetLoginRequestNotFound handles this case with default header values. +/* GetLoginRequestNotFound describes a response with status code 404, with default header values. genericError */ @@ -141,7 +138,6 @@ type GetLoginRequestNotFound struct { func (o *GetLoginRequestNotFound) Error() string { return fmt.Sprintf("[GET /oauth2/auth/requests/login][%d] getLoginRequestNotFound %+v", 404, o.Payload) } - func (o *GetLoginRequestNotFound) GetPayload() *models.GenericError { return o.Payload } @@ -163,7 +159,7 @@ func NewGetLoginRequestGone() *GetLoginRequestGone { return &GetLoginRequestGone{} } -/*GetLoginRequestGone handles this case with default header values. +/* GetLoginRequestGone describes a response with status code 410, with default header values. requestWasHandledResponse */ @@ -174,7 +170,6 @@ type GetLoginRequestGone struct { func (o *GetLoginRequestGone) Error() string { return fmt.Sprintf("[GET /oauth2/auth/requests/login][%d] getLoginRequestGone %+v", 410, o.Payload) } - func (o *GetLoginRequestGone) GetPayload() *models.RequestWasHandledResponse { return o.Payload } @@ -196,7 +191,7 @@ func NewGetLoginRequestInternalServerError() *GetLoginRequestInternalServerError return &GetLoginRequestInternalServerError{} } -/*GetLoginRequestInternalServerError handles this case with default header values. +/* GetLoginRequestInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -207,7 +202,6 @@ type GetLoginRequestInternalServerError struct { func (o *GetLoginRequestInternalServerError) Error() string { return fmt.Sprintf("[GET /oauth2/auth/requests/login][%d] getLoginRequestInternalServerError %+v", 500, o.Payload) } - func (o *GetLoginRequestInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/get_logout_request_parameters.go b/internal/httpclient/client/admin/get_logout_request_parameters.go index 27ed8793be3..97cf9f7e4bc 100644 --- a/internal/httpclient/client/admin/get_logout_request_parameters.go +++ b/internal/httpclient/client/admin/get_logout_request_parameters.go @@ -16,51 +16,50 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetLogoutRequestParams creates a new GetLogoutRequestParams object -// with the default values initialized. +// NewGetLogoutRequestParams creates a new GetLogoutRequestParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewGetLogoutRequestParams() *GetLogoutRequestParams { - var () return &GetLogoutRequestParams{ - timeout: cr.DefaultTimeout, } } // NewGetLogoutRequestParamsWithTimeout creates a new GetLogoutRequestParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewGetLogoutRequestParamsWithTimeout(timeout time.Duration) *GetLogoutRequestParams { - var () return &GetLogoutRequestParams{ - timeout: timeout, } } // NewGetLogoutRequestParamsWithContext creates a new GetLogoutRequestParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewGetLogoutRequestParamsWithContext(ctx context.Context) *GetLogoutRequestParams { - var () return &GetLogoutRequestParams{ - Context: ctx, } } // NewGetLogoutRequestParamsWithHTTPClient creates a new GetLogoutRequestParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewGetLogoutRequestParamsWithHTTPClient(client *http.Client) *GetLogoutRequestParams { - var () return &GetLogoutRequestParams{ HTTPClient: client, } } -/*GetLogoutRequestParams contains all the parameters to send to the API endpoint -for the get logout request operation typically these are written to a http.Request +/* GetLogoutRequestParams contains all the parameters to send to the API endpoint + for the get logout request operation. + + Typically these are written to a http.Request. */ type GetLogoutRequestParams struct { - /*LogoutChallenge*/ + // LogoutChallenge. LogoutChallenge string timeout time.Duration @@ -68,6 +67,21 @@ type GetLogoutRequestParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the get logout request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetLogoutRequestParams) WithDefaults() *GetLogoutRequestParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the get logout request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetLogoutRequestParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the get logout request params func (o *GetLogoutRequestParams) WithTimeout(timeout time.Duration) *GetLogoutRequestParams { o.SetTimeout(timeout) @@ -124,6 +138,7 @@ func (o *GetLogoutRequestParams) WriteToRequest(r runtime.ClientRequest, reg str qrLogoutChallenge := o.LogoutChallenge qLogoutChallenge := qrLogoutChallenge if qLogoutChallenge != "" { + if err := r.SetQueryParam("logout_challenge", qLogoutChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/get_logout_request_responses.go b/internal/httpclient/client/admin/get_logout_request_responses.go index 0784c319294..da75a5cdd29 100644 --- a/internal/httpclient/client/admin/get_logout_request_responses.go +++ b/internal/httpclient/client/admin/get_logout_request_responses.go @@ -47,9 +47,8 @@ func (o *GetLogoutRequestReader) ReadResponse(response runtime.ClientResponse, c return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -58,7 +57,7 @@ func NewGetLogoutRequestOK() *GetLogoutRequestOK { return &GetLogoutRequestOK{} } -/*GetLogoutRequestOK handles this case with default header values. +/* GetLogoutRequestOK describes a response with status code 200, with default header values. logoutRequest */ @@ -69,7 +68,6 @@ type GetLogoutRequestOK struct { func (o *GetLogoutRequestOK) Error() string { return fmt.Sprintf("[GET /oauth2/auth/requests/logout][%d] getLogoutRequestOK %+v", 200, o.Payload) } - func (o *GetLogoutRequestOK) GetPayload() *models.LogoutRequest { return o.Payload } @@ -91,7 +89,7 @@ func NewGetLogoutRequestNotFound() *GetLogoutRequestNotFound { return &GetLogoutRequestNotFound{} } -/*GetLogoutRequestNotFound handles this case with default header values. +/* GetLogoutRequestNotFound describes a response with status code 404, with default header values. genericError */ @@ -102,7 +100,6 @@ type GetLogoutRequestNotFound struct { func (o *GetLogoutRequestNotFound) Error() string { return fmt.Sprintf("[GET /oauth2/auth/requests/logout][%d] getLogoutRequestNotFound %+v", 404, o.Payload) } - func (o *GetLogoutRequestNotFound) GetPayload() *models.GenericError { return o.Payload } @@ -124,7 +121,7 @@ func NewGetLogoutRequestGone() *GetLogoutRequestGone { return &GetLogoutRequestGone{} } -/*GetLogoutRequestGone handles this case with default header values. +/* GetLogoutRequestGone describes a response with status code 410, with default header values. requestWasHandledResponse */ @@ -135,7 +132,6 @@ type GetLogoutRequestGone struct { func (o *GetLogoutRequestGone) Error() string { return fmt.Sprintf("[GET /oauth2/auth/requests/logout][%d] getLogoutRequestGone %+v", 410, o.Payload) } - func (o *GetLogoutRequestGone) GetPayload() *models.RequestWasHandledResponse { return o.Payload } @@ -157,7 +153,7 @@ func NewGetLogoutRequestInternalServerError() *GetLogoutRequestInternalServerErr return &GetLogoutRequestInternalServerError{} } -/*GetLogoutRequestInternalServerError handles this case with default header values. +/* GetLogoutRequestInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -168,7 +164,6 @@ type GetLogoutRequestInternalServerError struct { func (o *GetLogoutRequestInternalServerError) Error() string { return fmt.Sprintf("[GET /oauth2/auth/requests/logout][%d] getLogoutRequestInternalServerError %+v", 500, o.Payload) } - func (o *GetLogoutRequestInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/get_o_auth2_client_parameters.go b/internal/httpclient/client/admin/get_o_auth2_client_parameters.go index ea7cb067357..f9af2c1f16f 100644 --- a/internal/httpclient/client/admin/get_o_auth2_client_parameters.go +++ b/internal/httpclient/client/admin/get_o_auth2_client_parameters.go @@ -16,53 +16,52 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetOAuth2ClientParams creates a new GetOAuth2ClientParams object -// with the default values initialized. +// NewGetOAuth2ClientParams creates a new GetOAuth2ClientParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewGetOAuth2ClientParams() *GetOAuth2ClientParams { - var () return &GetOAuth2ClientParams{ - timeout: cr.DefaultTimeout, } } // NewGetOAuth2ClientParamsWithTimeout creates a new GetOAuth2ClientParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewGetOAuth2ClientParamsWithTimeout(timeout time.Duration) *GetOAuth2ClientParams { - var () return &GetOAuth2ClientParams{ - timeout: timeout, } } // NewGetOAuth2ClientParamsWithContext creates a new GetOAuth2ClientParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewGetOAuth2ClientParamsWithContext(ctx context.Context) *GetOAuth2ClientParams { - var () return &GetOAuth2ClientParams{ - Context: ctx, } } // NewGetOAuth2ClientParamsWithHTTPClient creates a new GetOAuth2ClientParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewGetOAuth2ClientParamsWithHTTPClient(client *http.Client) *GetOAuth2ClientParams { - var () return &GetOAuth2ClientParams{ HTTPClient: client, } } -/*GetOAuth2ClientParams contains all the parameters to send to the API endpoint -for the get o auth2 client operation typically these are written to a http.Request +/* GetOAuth2ClientParams contains all the parameters to send to the API endpoint + for the get o auth2 client operation. + + Typically these are written to a http.Request. */ type GetOAuth2ClientParams struct { - /*ID - The id of the OAuth 2.0 Client. + /* ID. + The id of the OAuth 2.0 Client. */ ID string @@ -71,6 +70,21 @@ type GetOAuth2ClientParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the get o auth2 client params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetOAuth2ClientParams) WithDefaults() *GetOAuth2ClientParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the get o auth2 client params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetOAuth2ClientParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the get o auth2 client params func (o *GetOAuth2ClientParams) WithTimeout(timeout time.Duration) *GetOAuth2ClientParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/get_o_auth2_client_responses.go b/internal/httpclient/client/admin/get_o_auth2_client_responses.go index 1fcaec3b3dc..62a22c26a92 100644 --- a/internal/httpclient/client/admin/get_o_auth2_client_responses.go +++ b/internal/httpclient/client/admin/get_o_auth2_client_responses.go @@ -41,9 +41,8 @@ func (o *GetOAuth2ClientReader) ReadResponse(response runtime.ClientResponse, co return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,7 +51,7 @@ func NewGetOAuth2ClientOK() *GetOAuth2ClientOK { return &GetOAuth2ClientOK{} } -/*GetOAuth2ClientOK handles this case with default header values. +/* GetOAuth2ClientOK describes a response with status code 200, with default header values. oAuth2Client */ @@ -63,7 +62,6 @@ type GetOAuth2ClientOK struct { func (o *GetOAuth2ClientOK) Error() string { return fmt.Sprintf("[GET /clients/{id}][%d] getOAuth2ClientOK %+v", 200, o.Payload) } - func (o *GetOAuth2ClientOK) GetPayload() *models.OAuth2Client { return o.Payload } @@ -85,7 +83,7 @@ func NewGetOAuth2ClientUnauthorized() *GetOAuth2ClientUnauthorized { return &GetOAuth2ClientUnauthorized{} } -/*GetOAuth2ClientUnauthorized handles this case with default header values. +/* GetOAuth2ClientUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -96,7 +94,6 @@ type GetOAuth2ClientUnauthorized struct { func (o *GetOAuth2ClientUnauthorized) Error() string { return fmt.Sprintf("[GET /clients/{id}][%d] getOAuth2ClientUnauthorized %+v", 401, o.Payload) } - func (o *GetOAuth2ClientUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -118,7 +115,7 @@ func NewGetOAuth2ClientInternalServerError() *GetOAuth2ClientInternalServerError return &GetOAuth2ClientInternalServerError{} } -/*GetOAuth2ClientInternalServerError handles this case with default header values. +/* GetOAuth2ClientInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -129,7 +126,6 @@ type GetOAuth2ClientInternalServerError struct { func (o *GetOAuth2ClientInternalServerError) Error() string { return fmt.Sprintf("[GET /clients/{id}][%d] getOAuth2ClientInternalServerError %+v", 500, o.Payload) } - func (o *GetOAuth2ClientInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/get_version_parameters.go b/internal/httpclient/client/admin/get_version_parameters.go index 24417d3a303..56746becb66 100644 --- a/internal/httpclient/client/admin/get_version_parameters.go +++ b/internal/httpclient/client/admin/get_version_parameters.go @@ -16,47 +16,46 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetVersionParams creates a new GetVersionParams object -// with the default values initialized. +// NewGetVersionParams creates a new GetVersionParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewGetVersionParams() *GetVersionParams { - return &GetVersionParams{ - timeout: cr.DefaultTimeout, } } // NewGetVersionParamsWithTimeout creates a new GetVersionParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewGetVersionParamsWithTimeout(timeout time.Duration) *GetVersionParams { - return &GetVersionParams{ - timeout: timeout, } } // NewGetVersionParamsWithContext creates a new GetVersionParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewGetVersionParamsWithContext(ctx context.Context) *GetVersionParams { - return &GetVersionParams{ - Context: ctx, } } // NewGetVersionParamsWithHTTPClient creates a new GetVersionParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewGetVersionParamsWithHTTPClient(client *http.Client) *GetVersionParams { - return &GetVersionParams{ HTTPClient: client, } } -/*GetVersionParams contains all the parameters to send to the API endpoint -for the get version operation typically these are written to a http.Request +/* GetVersionParams contains all the parameters to send to the API endpoint + for the get version operation. + + Typically these are written to a http.Request. */ type GetVersionParams struct { timeout time.Duration @@ -64,6 +63,21 @@ type GetVersionParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the get version params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetVersionParams) WithDefaults() *GetVersionParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the get version params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *GetVersionParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the get version params func (o *GetVersionParams) WithTimeout(timeout time.Duration) *GetVersionParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/get_version_responses.go b/internal/httpclient/client/admin/get_version_responses.go index 1755c1707da..55510cd6c00 100644 --- a/internal/httpclient/client/admin/get_version_responses.go +++ b/internal/httpclient/client/admin/get_version_responses.go @@ -29,9 +29,8 @@ func (o *GetVersionReader) ReadResponse(response runtime.ClientResponse, consume return nil, err } return result, nil - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -40,7 +39,7 @@ func NewGetVersionOK() *GetVersionOK { return &GetVersionOK{} } -/*GetVersionOK handles this case with default header values. +/* GetVersionOK describes a response with status code 200, with default header values. version */ @@ -51,7 +50,6 @@ type GetVersionOK struct { func (o *GetVersionOK) Error() string { return fmt.Sprintf("[GET /version][%d] getVersionOK %+v", 200, o.Payload) } - func (o *GetVersionOK) GetPayload() *models.Version { return o.Payload } diff --git a/internal/httpclient/client/admin/introspect_o_auth2_token_parameters.go b/internal/httpclient/client/admin/introspect_o_auth2_token_parameters.go index 3913438d85d..c1addcfac03 100644 --- a/internal/httpclient/client/admin/introspect_o_auth2_token_parameters.go +++ b/internal/httpclient/client/admin/introspect_o_auth2_token_parameters.go @@ -16,62 +16,62 @@ import ( "github.com/go-openapi/strfmt" ) -// NewIntrospectOAuth2TokenParams creates a new IntrospectOAuth2TokenParams object -// with the default values initialized. +// NewIntrospectOAuth2TokenParams creates a new IntrospectOAuth2TokenParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewIntrospectOAuth2TokenParams() *IntrospectOAuth2TokenParams { - var () return &IntrospectOAuth2TokenParams{ - timeout: cr.DefaultTimeout, } } // NewIntrospectOAuth2TokenParamsWithTimeout creates a new IntrospectOAuth2TokenParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewIntrospectOAuth2TokenParamsWithTimeout(timeout time.Duration) *IntrospectOAuth2TokenParams { - var () return &IntrospectOAuth2TokenParams{ - timeout: timeout, } } // NewIntrospectOAuth2TokenParamsWithContext creates a new IntrospectOAuth2TokenParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewIntrospectOAuth2TokenParamsWithContext(ctx context.Context) *IntrospectOAuth2TokenParams { - var () return &IntrospectOAuth2TokenParams{ - Context: ctx, } } // NewIntrospectOAuth2TokenParamsWithHTTPClient creates a new IntrospectOAuth2TokenParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewIntrospectOAuth2TokenParamsWithHTTPClient(client *http.Client) *IntrospectOAuth2TokenParams { - var () return &IntrospectOAuth2TokenParams{ HTTPClient: client, } } -/*IntrospectOAuth2TokenParams contains all the parameters to send to the API endpoint -for the introspect o auth2 token operation typically these are written to a http.Request +/* IntrospectOAuth2TokenParams contains all the parameters to send to the API endpoint + for the introspect o auth2 token operation. + + Typically these are written to a http.Request. */ type IntrospectOAuth2TokenParams struct { - /*Scope - An optional, space separated list of required scopes. If the access token was not granted one of the - scopes, the result of active will be false. + /* Scope. + An optional, space separated list of required scopes. If the access token was not granted one of the + scopes, the result of active will be false. */ Scope *string - /*Token - The string value of the token. For access tokens, this + + /* Token. + + The string value of the token. For access tokens, this is the "access_token" value returned from the token endpoint defined in OAuth 2.0. For refresh tokens, this is the "refresh_token" value returned. - */ Token string @@ -80,6 +80,21 @@ type IntrospectOAuth2TokenParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the introspect o auth2 token params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *IntrospectOAuth2TokenParams) WithDefaults() *IntrospectOAuth2TokenParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the introspect o auth2 token params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *IntrospectOAuth2TokenParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the introspect o auth2 token params func (o *IntrospectOAuth2TokenParams) WithTimeout(timeout time.Duration) *IntrospectOAuth2TokenParams { o.SetTimeout(timeout) @@ -156,7 +171,6 @@ func (o *IntrospectOAuth2TokenParams) WriteToRequest(r runtime.ClientRequest, re return err } } - } // form param token diff --git a/internal/httpclient/client/admin/introspect_o_auth2_token_responses.go b/internal/httpclient/client/admin/introspect_o_auth2_token_responses.go index ad752b0b2d4..8f4036b4304 100644 --- a/internal/httpclient/client/admin/introspect_o_auth2_token_responses.go +++ b/internal/httpclient/client/admin/introspect_o_auth2_token_responses.go @@ -41,9 +41,8 @@ func (o *IntrospectOAuth2TokenReader) ReadResponse(response runtime.ClientRespon return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,7 +51,7 @@ func NewIntrospectOAuth2TokenOK() *IntrospectOAuth2TokenOK { return &IntrospectOAuth2TokenOK{} } -/*IntrospectOAuth2TokenOK handles this case with default header values. +/* IntrospectOAuth2TokenOK describes a response with status code 200, with default header values. oAuth2TokenIntrospection */ @@ -63,7 +62,6 @@ type IntrospectOAuth2TokenOK struct { func (o *IntrospectOAuth2TokenOK) Error() string { return fmt.Sprintf("[POST /oauth2/introspect][%d] introspectOAuth2TokenOK %+v", 200, o.Payload) } - func (o *IntrospectOAuth2TokenOK) GetPayload() *models.OAuth2TokenIntrospection { return o.Payload } @@ -85,7 +83,7 @@ func NewIntrospectOAuth2TokenUnauthorized() *IntrospectOAuth2TokenUnauthorized { return &IntrospectOAuth2TokenUnauthorized{} } -/*IntrospectOAuth2TokenUnauthorized handles this case with default header values. +/* IntrospectOAuth2TokenUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -96,7 +94,6 @@ type IntrospectOAuth2TokenUnauthorized struct { func (o *IntrospectOAuth2TokenUnauthorized) Error() string { return fmt.Sprintf("[POST /oauth2/introspect][%d] introspectOAuth2TokenUnauthorized %+v", 401, o.Payload) } - func (o *IntrospectOAuth2TokenUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -118,7 +115,7 @@ func NewIntrospectOAuth2TokenInternalServerError() *IntrospectOAuth2TokenInterna return &IntrospectOAuth2TokenInternalServerError{} } -/*IntrospectOAuth2TokenInternalServerError handles this case with default header values. +/* IntrospectOAuth2TokenInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -129,7 +126,6 @@ type IntrospectOAuth2TokenInternalServerError struct { func (o *IntrospectOAuth2TokenInternalServerError) Error() string { return fmt.Sprintf("[POST /oauth2/introspect][%d] introspectOAuth2TokenInternalServerError %+v", 500, o.Payload) } - func (o *IntrospectOAuth2TokenInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/is_instance_alive_parameters.go b/internal/httpclient/client/admin/is_instance_alive_parameters.go index 44c9c204fe3..50766f53d7e 100644 --- a/internal/httpclient/client/admin/is_instance_alive_parameters.go +++ b/internal/httpclient/client/admin/is_instance_alive_parameters.go @@ -16,47 +16,46 @@ import ( "github.com/go-openapi/strfmt" ) -// NewIsInstanceAliveParams creates a new IsInstanceAliveParams object -// with the default values initialized. +// NewIsInstanceAliveParams creates a new IsInstanceAliveParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewIsInstanceAliveParams() *IsInstanceAliveParams { - return &IsInstanceAliveParams{ - timeout: cr.DefaultTimeout, } } // NewIsInstanceAliveParamsWithTimeout creates a new IsInstanceAliveParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewIsInstanceAliveParamsWithTimeout(timeout time.Duration) *IsInstanceAliveParams { - return &IsInstanceAliveParams{ - timeout: timeout, } } // NewIsInstanceAliveParamsWithContext creates a new IsInstanceAliveParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewIsInstanceAliveParamsWithContext(ctx context.Context) *IsInstanceAliveParams { - return &IsInstanceAliveParams{ - Context: ctx, } } // NewIsInstanceAliveParamsWithHTTPClient creates a new IsInstanceAliveParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewIsInstanceAliveParamsWithHTTPClient(client *http.Client) *IsInstanceAliveParams { - return &IsInstanceAliveParams{ HTTPClient: client, } } -/*IsInstanceAliveParams contains all the parameters to send to the API endpoint -for the is instance alive operation typically these are written to a http.Request +/* IsInstanceAliveParams contains all the parameters to send to the API endpoint + for the is instance alive operation. + + Typically these are written to a http.Request. */ type IsInstanceAliveParams struct { timeout time.Duration @@ -64,6 +63,21 @@ type IsInstanceAliveParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the is instance alive params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *IsInstanceAliveParams) WithDefaults() *IsInstanceAliveParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the is instance alive params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *IsInstanceAliveParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the is instance alive params func (o *IsInstanceAliveParams) WithTimeout(timeout time.Duration) *IsInstanceAliveParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/is_instance_alive_responses.go b/internal/httpclient/client/admin/is_instance_alive_responses.go index bbd233a8f8a..6b9732e68b9 100644 --- a/internal/httpclient/client/admin/is_instance_alive_responses.go +++ b/internal/httpclient/client/admin/is_instance_alive_responses.go @@ -35,9 +35,8 @@ func (o *IsInstanceAliveReader) ReadResponse(response runtime.ClientResponse, co return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -46,7 +45,7 @@ func NewIsInstanceAliveOK() *IsInstanceAliveOK { return &IsInstanceAliveOK{} } -/*IsInstanceAliveOK handles this case with default header values. +/* IsInstanceAliveOK describes a response with status code 200, with default header values. healthStatus */ @@ -57,7 +56,6 @@ type IsInstanceAliveOK struct { func (o *IsInstanceAliveOK) Error() string { return fmt.Sprintf("[GET /health/alive][%d] isInstanceAliveOK %+v", 200, o.Payload) } - func (o *IsInstanceAliveOK) GetPayload() *models.HealthStatus { return o.Payload } @@ -79,7 +77,7 @@ func NewIsInstanceAliveInternalServerError() *IsInstanceAliveInternalServerError return &IsInstanceAliveInternalServerError{} } -/*IsInstanceAliveInternalServerError handles this case with default header values. +/* IsInstanceAliveInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -90,7 +88,6 @@ type IsInstanceAliveInternalServerError struct { func (o *IsInstanceAliveInternalServerError) Error() string { return fmt.Sprintf("[GET /health/alive][%d] isInstanceAliveInternalServerError %+v", 500, o.Payload) } - func (o *IsInstanceAliveInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/list_o_auth2_clients_parameters.go b/internal/httpclient/client/admin/list_o_auth2_clients_parameters.go index 6d3e6684d63..c9b73dab8a0 100644 --- a/internal/httpclient/client/admin/list_o_auth2_clients_parameters.go +++ b/internal/httpclient/client/admin/list_o_auth2_clients_parameters.go @@ -17,58 +17,62 @@ import ( "github.com/go-openapi/swag" ) -// NewListOAuth2ClientsParams creates a new ListOAuth2ClientsParams object -// with the default values initialized. +// NewListOAuth2ClientsParams creates a new ListOAuth2ClientsParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewListOAuth2ClientsParams() *ListOAuth2ClientsParams { - var () return &ListOAuth2ClientsParams{ - timeout: cr.DefaultTimeout, } } // NewListOAuth2ClientsParamsWithTimeout creates a new ListOAuth2ClientsParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewListOAuth2ClientsParamsWithTimeout(timeout time.Duration) *ListOAuth2ClientsParams { - var () return &ListOAuth2ClientsParams{ - timeout: timeout, } } // NewListOAuth2ClientsParamsWithContext creates a new ListOAuth2ClientsParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewListOAuth2ClientsParamsWithContext(ctx context.Context) *ListOAuth2ClientsParams { - var () return &ListOAuth2ClientsParams{ - Context: ctx, } } // NewListOAuth2ClientsParamsWithHTTPClient creates a new ListOAuth2ClientsParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewListOAuth2ClientsParamsWithHTTPClient(client *http.Client) *ListOAuth2ClientsParams { - var () return &ListOAuth2ClientsParams{ HTTPClient: client, } } -/*ListOAuth2ClientsParams contains all the parameters to send to the API endpoint -for the list o auth2 clients operation typically these are written to a http.Request +/* ListOAuth2ClientsParams contains all the parameters to send to the API endpoint + for the list o auth2 clients operation. + + Typically these are written to a http.Request. */ type ListOAuth2ClientsParams struct { - /*Limit - The maximum amount of policies returned, upper bound is 500 policies + /* Limit. + + The maximum amount of policies returned, upper bound is 500 policies + Format: int64 */ Limit *int64 - /*Offset - The offset from where to start looking. + /* Offset. + + The offset from where to start looking. + + Format: int64 */ Offset *int64 @@ -77,6 +81,21 @@ type ListOAuth2ClientsParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the list o auth2 clients params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *ListOAuth2ClientsParams) WithDefaults() *ListOAuth2ClientsParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the list o auth2 clients params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *ListOAuth2ClientsParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the list o auth2 clients params func (o *ListOAuth2ClientsParams) WithTimeout(timeout time.Duration) *ListOAuth2ClientsParams { o.SetTimeout(timeout) @@ -144,32 +163,34 @@ func (o *ListOAuth2ClientsParams) WriteToRequest(r runtime.ClientRequest, reg st // query param limit var qrLimit int64 + if o.Limit != nil { qrLimit = *o.Limit } qLimit := swag.FormatInt64(qrLimit) if qLimit != "" { + if err := r.SetQueryParam("limit", qLimit); err != nil { return err } } - } if o.Offset != nil { // query param offset var qrOffset int64 + if o.Offset != nil { qrOffset = *o.Offset } qOffset := swag.FormatInt64(qrOffset) if qOffset != "" { + if err := r.SetQueryParam("offset", qOffset); err != nil { return err } } - } if len(res) > 0 { diff --git a/internal/httpclient/client/admin/list_o_auth2_clients_responses.go b/internal/httpclient/client/admin/list_o_auth2_clients_responses.go index 28b54b10d41..998e03c65ae 100644 --- a/internal/httpclient/client/admin/list_o_auth2_clients_responses.go +++ b/internal/httpclient/client/admin/list_o_auth2_clients_responses.go @@ -35,9 +35,8 @@ func (o *ListOAuth2ClientsReader) ReadResponse(response runtime.ClientResponse, return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -46,7 +45,7 @@ func NewListOAuth2ClientsOK() *ListOAuth2ClientsOK { return &ListOAuth2ClientsOK{} } -/*ListOAuth2ClientsOK handles this case with default header values. +/* ListOAuth2ClientsOK describes a response with status code 200, with default header values. A list of clients. */ @@ -57,7 +56,6 @@ type ListOAuth2ClientsOK struct { func (o *ListOAuth2ClientsOK) Error() string { return fmt.Sprintf("[GET /clients][%d] listOAuth2ClientsOK %+v", 200, o.Payload) } - func (o *ListOAuth2ClientsOK) GetPayload() []*models.OAuth2Client { return o.Payload } @@ -77,7 +75,7 @@ func NewListOAuth2ClientsInternalServerError() *ListOAuth2ClientsInternalServerE return &ListOAuth2ClientsInternalServerError{} } -/*ListOAuth2ClientsInternalServerError handles this case with default header values. +/* ListOAuth2ClientsInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -88,7 +86,6 @@ type ListOAuth2ClientsInternalServerError struct { func (o *ListOAuth2ClientsInternalServerError) Error() string { return fmt.Sprintf("[GET /clients][%d] listOAuth2ClientsInternalServerError %+v", 500, o.Payload) } - func (o *ListOAuth2ClientsInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/list_subject_consent_sessions_parameters.go b/internal/httpclient/client/admin/list_subject_consent_sessions_parameters.go index bca88f73d5f..6788e8f5dab 100644 --- a/internal/httpclient/client/admin/list_subject_consent_sessions_parameters.go +++ b/internal/httpclient/client/admin/list_subject_consent_sessions_parameters.go @@ -16,51 +16,50 @@ import ( "github.com/go-openapi/strfmt" ) -// NewListSubjectConsentSessionsParams creates a new ListSubjectConsentSessionsParams object -// with the default values initialized. +// NewListSubjectConsentSessionsParams creates a new ListSubjectConsentSessionsParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewListSubjectConsentSessionsParams() *ListSubjectConsentSessionsParams { - var () return &ListSubjectConsentSessionsParams{ - timeout: cr.DefaultTimeout, } } // NewListSubjectConsentSessionsParamsWithTimeout creates a new ListSubjectConsentSessionsParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewListSubjectConsentSessionsParamsWithTimeout(timeout time.Duration) *ListSubjectConsentSessionsParams { - var () return &ListSubjectConsentSessionsParams{ - timeout: timeout, } } // NewListSubjectConsentSessionsParamsWithContext creates a new ListSubjectConsentSessionsParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewListSubjectConsentSessionsParamsWithContext(ctx context.Context) *ListSubjectConsentSessionsParams { - var () return &ListSubjectConsentSessionsParams{ - Context: ctx, } } // NewListSubjectConsentSessionsParamsWithHTTPClient creates a new ListSubjectConsentSessionsParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewListSubjectConsentSessionsParamsWithHTTPClient(client *http.Client) *ListSubjectConsentSessionsParams { - var () return &ListSubjectConsentSessionsParams{ HTTPClient: client, } } -/*ListSubjectConsentSessionsParams contains all the parameters to send to the API endpoint -for the list subject consent sessions operation typically these are written to a http.Request +/* ListSubjectConsentSessionsParams contains all the parameters to send to the API endpoint + for the list subject consent sessions operation. + + Typically these are written to a http.Request. */ type ListSubjectConsentSessionsParams struct { - /*Subject*/ + // Subject. Subject string timeout time.Duration @@ -68,6 +67,21 @@ type ListSubjectConsentSessionsParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the list subject consent sessions params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *ListSubjectConsentSessionsParams) WithDefaults() *ListSubjectConsentSessionsParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the list subject consent sessions params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *ListSubjectConsentSessionsParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the list subject consent sessions params func (o *ListSubjectConsentSessionsParams) WithTimeout(timeout time.Duration) *ListSubjectConsentSessionsParams { o.SetTimeout(timeout) @@ -124,6 +138,7 @@ func (o *ListSubjectConsentSessionsParams) WriteToRequest(r runtime.ClientReques qrSubject := o.Subject qSubject := qrSubject if qSubject != "" { + if err := r.SetQueryParam("subject", qSubject); err != nil { return err } diff --git a/internal/httpclient/client/admin/list_subject_consent_sessions_responses.go b/internal/httpclient/client/admin/list_subject_consent_sessions_responses.go index d73241f68ac..8f9e041854a 100644 --- a/internal/httpclient/client/admin/list_subject_consent_sessions_responses.go +++ b/internal/httpclient/client/admin/list_subject_consent_sessions_responses.go @@ -41,9 +41,8 @@ func (o *ListSubjectConsentSessionsReader) ReadResponse(response runtime.ClientR return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,7 +51,7 @@ func NewListSubjectConsentSessionsOK() *ListSubjectConsentSessionsOK { return &ListSubjectConsentSessionsOK{} } -/*ListSubjectConsentSessionsOK handles this case with default header values. +/* ListSubjectConsentSessionsOK describes a response with status code 200, with default header values. A list of used consent requests. */ @@ -63,7 +62,6 @@ type ListSubjectConsentSessionsOK struct { func (o *ListSubjectConsentSessionsOK) Error() string { return fmt.Sprintf("[GET /oauth2/auth/sessions/consent][%d] listSubjectConsentSessionsOK %+v", 200, o.Payload) } - func (o *ListSubjectConsentSessionsOK) GetPayload() []*models.PreviousConsentSession { return o.Payload } @@ -83,7 +81,7 @@ func NewListSubjectConsentSessionsBadRequest() *ListSubjectConsentSessionsBadReq return &ListSubjectConsentSessionsBadRequest{} } -/*ListSubjectConsentSessionsBadRequest handles this case with default header values. +/* ListSubjectConsentSessionsBadRequest describes a response with status code 400, with default header values. genericError */ @@ -94,7 +92,6 @@ type ListSubjectConsentSessionsBadRequest struct { func (o *ListSubjectConsentSessionsBadRequest) Error() string { return fmt.Sprintf("[GET /oauth2/auth/sessions/consent][%d] listSubjectConsentSessionsBadRequest %+v", 400, o.Payload) } - func (o *ListSubjectConsentSessionsBadRequest) GetPayload() *models.GenericError { return o.Payload } @@ -116,7 +113,7 @@ func NewListSubjectConsentSessionsInternalServerError() *ListSubjectConsentSessi return &ListSubjectConsentSessionsInternalServerError{} } -/*ListSubjectConsentSessionsInternalServerError handles this case with default header values. +/* ListSubjectConsentSessionsInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -127,7 +124,6 @@ type ListSubjectConsentSessionsInternalServerError struct { func (o *ListSubjectConsentSessionsInternalServerError) Error() string { return fmt.Sprintf("[GET /oauth2/auth/sessions/consent][%d] listSubjectConsentSessionsInternalServerError %+v", 500, o.Payload) } - func (o *ListSubjectConsentSessionsInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/patch_o_auth2_client_parameters.go b/internal/httpclient/client/admin/patch_o_auth2_client_parameters.go index 1e35ba6e391..bb40dbefc65 100644 --- a/internal/httpclient/client/admin/patch_o_auth2_client_parameters.go +++ b/internal/httpclient/client/admin/patch_o_auth2_client_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewPatchOAuth2ClientParams creates a new PatchOAuth2ClientParams object -// with the default values initialized. +// NewPatchOAuth2ClientParams creates a new PatchOAuth2ClientParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewPatchOAuth2ClientParams() *PatchOAuth2ClientParams { - var () return &PatchOAuth2ClientParams{ - timeout: cr.DefaultTimeout, } } // NewPatchOAuth2ClientParamsWithTimeout creates a new PatchOAuth2ClientParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewPatchOAuth2ClientParamsWithTimeout(timeout time.Duration) *PatchOAuth2ClientParams { - var () return &PatchOAuth2ClientParams{ - timeout: timeout, } } // NewPatchOAuth2ClientParamsWithContext creates a new PatchOAuth2ClientParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewPatchOAuth2ClientParamsWithContext(ctx context.Context) *PatchOAuth2ClientParams { - var () return &PatchOAuth2ClientParams{ - Context: ctx, } } // NewPatchOAuth2ClientParamsWithHTTPClient creates a new PatchOAuth2ClientParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewPatchOAuth2ClientParamsWithHTTPClient(client *http.Client) *PatchOAuth2ClientParams { - var () return &PatchOAuth2ClientParams{ HTTPClient: client, } } -/*PatchOAuth2ClientParams contains all the parameters to send to the API endpoint -for the patch o auth2 client operation typically these are written to a http.Request +/* PatchOAuth2ClientParams contains all the parameters to send to the API endpoint + for the patch o auth2 client operation. + + Typically these are written to a http.Request. */ type PatchOAuth2ClientParams struct { - /*Body*/ + // Body. Body models.PatchRequest - /*ID*/ + + // ID. ID string timeout time.Duration @@ -72,6 +72,21 @@ type PatchOAuth2ClientParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the patch o auth2 client params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *PatchOAuth2ClientParams) WithDefaults() *PatchOAuth2ClientParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the patch o auth2 client params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *PatchOAuth2ClientParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the patch o auth2 client params func (o *PatchOAuth2ClientParams) WithTimeout(timeout time.Duration) *PatchOAuth2ClientParams { o.SetTimeout(timeout) @@ -134,7 +149,6 @@ func (o *PatchOAuth2ClientParams) WriteToRequest(r runtime.ClientRequest, reg st return err } var res []error - if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/patch_o_auth2_client_responses.go b/internal/httpclient/client/admin/patch_o_auth2_client_responses.go index 108780b41d6..3d5e1c866ee 100644 --- a/internal/httpclient/client/admin/patch_o_auth2_client_responses.go +++ b/internal/httpclient/client/admin/patch_o_auth2_client_responses.go @@ -35,9 +35,8 @@ func (o *PatchOAuth2ClientReader) ReadResponse(response runtime.ClientResponse, return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -46,7 +45,7 @@ func NewPatchOAuth2ClientOK() *PatchOAuth2ClientOK { return &PatchOAuth2ClientOK{} } -/*PatchOAuth2ClientOK handles this case with default header values. +/* PatchOAuth2ClientOK describes a response with status code 200, with default header values. oAuth2Client */ @@ -57,7 +56,6 @@ type PatchOAuth2ClientOK struct { func (o *PatchOAuth2ClientOK) Error() string { return fmt.Sprintf("[PATCH /clients/{id}][%d] patchOAuth2ClientOK %+v", 200, o.Payload) } - func (o *PatchOAuth2ClientOK) GetPayload() *models.OAuth2Client { return o.Payload } @@ -79,7 +77,7 @@ func NewPatchOAuth2ClientInternalServerError() *PatchOAuth2ClientInternalServerE return &PatchOAuth2ClientInternalServerError{} } -/*PatchOAuth2ClientInternalServerError handles this case with default header values. +/* PatchOAuth2ClientInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -90,7 +88,6 @@ type PatchOAuth2ClientInternalServerError struct { func (o *PatchOAuth2ClientInternalServerError) Error() string { return fmt.Sprintf("[PATCH /clients/{id}][%d] patchOAuth2ClientInternalServerError %+v", 500, o.Payload) } - func (o *PatchOAuth2ClientInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/prometheus_parameters.go b/internal/httpclient/client/admin/prometheus_parameters.go index 03b76358d86..2173b8bd96b 100644 --- a/internal/httpclient/client/admin/prometheus_parameters.go +++ b/internal/httpclient/client/admin/prometheus_parameters.go @@ -16,47 +16,46 @@ import ( "github.com/go-openapi/strfmt" ) -// NewPrometheusParams creates a new PrometheusParams object -// with the default values initialized. +// NewPrometheusParams creates a new PrometheusParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewPrometheusParams() *PrometheusParams { - return &PrometheusParams{ - timeout: cr.DefaultTimeout, } } // NewPrometheusParamsWithTimeout creates a new PrometheusParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewPrometheusParamsWithTimeout(timeout time.Duration) *PrometheusParams { - return &PrometheusParams{ - timeout: timeout, } } // NewPrometheusParamsWithContext creates a new PrometheusParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewPrometheusParamsWithContext(ctx context.Context) *PrometheusParams { - return &PrometheusParams{ - Context: ctx, } } // NewPrometheusParamsWithHTTPClient creates a new PrometheusParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewPrometheusParamsWithHTTPClient(client *http.Client) *PrometheusParams { - return &PrometheusParams{ HTTPClient: client, } } -/*PrometheusParams contains all the parameters to send to the API endpoint -for the prometheus operation typically these are written to a http.Request +/* PrometheusParams contains all the parameters to send to the API endpoint + for the prometheus operation. + + Typically these are written to a http.Request. */ type PrometheusParams struct { timeout time.Duration @@ -64,6 +63,21 @@ type PrometheusParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the prometheus params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *PrometheusParams) WithDefaults() *PrometheusParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the prometheus params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *PrometheusParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the prometheus params func (o *PrometheusParams) WithTimeout(timeout time.Duration) *PrometheusParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/prometheus_responses.go b/internal/httpclient/client/admin/prometheus_responses.go index 5fbd6ed7030..8c64703a610 100644 --- a/internal/httpclient/client/admin/prometheus_responses.go +++ b/internal/httpclient/client/admin/prometheus_responses.go @@ -26,9 +26,8 @@ func (o *PrometheusReader) ReadResponse(response runtime.ClientResponse, consume return nil, err } return result, nil - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -37,9 +36,9 @@ func NewPrometheusOK() *PrometheusOK { return &PrometheusOK{} } -/*PrometheusOK handles this case with default header values. +/* PrometheusOK describes a response with status code 200, with default header values. -Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type PrometheusOK struct { diff --git a/internal/httpclient/client/admin/reject_consent_request_parameters.go b/internal/httpclient/client/admin/reject_consent_request_parameters.go index eba20d4bd3e..a71725bd0ed 100644 --- a/internal/httpclient/client/admin/reject_consent_request_parameters.go +++ b/internal/httpclient/client/admin/reject_consent_request_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewRejectConsentRequestParams creates a new RejectConsentRequestParams object -// with the default values initialized. +// NewRejectConsentRequestParams creates a new RejectConsentRequestParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewRejectConsentRequestParams() *RejectConsentRequestParams { - var () return &RejectConsentRequestParams{ - timeout: cr.DefaultTimeout, } } // NewRejectConsentRequestParamsWithTimeout creates a new RejectConsentRequestParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewRejectConsentRequestParamsWithTimeout(timeout time.Duration) *RejectConsentRequestParams { - var () return &RejectConsentRequestParams{ - timeout: timeout, } } // NewRejectConsentRequestParamsWithContext creates a new RejectConsentRequestParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewRejectConsentRequestParamsWithContext(ctx context.Context) *RejectConsentRequestParams { - var () return &RejectConsentRequestParams{ - Context: ctx, } } // NewRejectConsentRequestParamsWithHTTPClient creates a new RejectConsentRequestParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewRejectConsentRequestParamsWithHTTPClient(client *http.Client) *RejectConsentRequestParams { - var () return &RejectConsentRequestParams{ HTTPClient: client, } } -/*RejectConsentRequestParams contains all the parameters to send to the API endpoint -for the reject consent request operation typically these are written to a http.Request +/* RejectConsentRequestParams contains all the parameters to send to the API endpoint + for the reject consent request operation. + + Typically these are written to a http.Request. */ type RejectConsentRequestParams struct { - /*Body*/ + // Body. Body *models.RejectRequest - /*ConsentChallenge*/ + + // ConsentChallenge. ConsentChallenge string timeout time.Duration @@ -72,6 +72,21 @@ type RejectConsentRequestParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the reject consent request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *RejectConsentRequestParams) WithDefaults() *RejectConsentRequestParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the reject consent request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *RejectConsentRequestParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the reject consent request params func (o *RejectConsentRequestParams) WithTimeout(timeout time.Duration) *RejectConsentRequestParams { o.SetTimeout(timeout) @@ -134,7 +149,6 @@ func (o *RejectConsentRequestParams) WriteToRequest(r runtime.ClientRequest, reg return err } var res []error - if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err @@ -145,6 +159,7 @@ func (o *RejectConsentRequestParams) WriteToRequest(r runtime.ClientRequest, reg qrConsentChallenge := o.ConsentChallenge qConsentChallenge := qrConsentChallenge if qConsentChallenge != "" { + if err := r.SetQueryParam("consent_challenge", qConsentChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/reject_consent_request_responses.go b/internal/httpclient/client/admin/reject_consent_request_responses.go index 51749600af9..fe1ffad3a78 100644 --- a/internal/httpclient/client/admin/reject_consent_request_responses.go +++ b/internal/httpclient/client/admin/reject_consent_request_responses.go @@ -41,9 +41,8 @@ func (o *RejectConsentRequestReader) ReadResponse(response runtime.ClientRespons return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,7 +51,7 @@ func NewRejectConsentRequestOK() *RejectConsentRequestOK { return &RejectConsentRequestOK{} } -/*RejectConsentRequestOK handles this case with default header values. +/* RejectConsentRequestOK describes a response with status code 200, with default header values. completedRequest */ @@ -63,7 +62,6 @@ type RejectConsentRequestOK struct { func (o *RejectConsentRequestOK) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/consent/reject][%d] rejectConsentRequestOK %+v", 200, o.Payload) } - func (o *RejectConsentRequestOK) GetPayload() *models.CompletedRequest { return o.Payload } @@ -85,7 +83,7 @@ func NewRejectConsentRequestNotFound() *RejectConsentRequestNotFound { return &RejectConsentRequestNotFound{} } -/*RejectConsentRequestNotFound handles this case with default header values. +/* RejectConsentRequestNotFound describes a response with status code 404, with default header values. genericError */ @@ -96,7 +94,6 @@ type RejectConsentRequestNotFound struct { func (o *RejectConsentRequestNotFound) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/consent/reject][%d] rejectConsentRequestNotFound %+v", 404, o.Payload) } - func (o *RejectConsentRequestNotFound) GetPayload() *models.GenericError { return o.Payload } @@ -118,7 +115,7 @@ func NewRejectConsentRequestInternalServerError() *RejectConsentRequestInternalS return &RejectConsentRequestInternalServerError{} } -/*RejectConsentRequestInternalServerError handles this case with default header values. +/* RejectConsentRequestInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -129,7 +126,6 @@ type RejectConsentRequestInternalServerError struct { func (o *RejectConsentRequestInternalServerError) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/consent/reject][%d] rejectConsentRequestInternalServerError %+v", 500, o.Payload) } - func (o *RejectConsentRequestInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/reject_login_request_parameters.go b/internal/httpclient/client/admin/reject_login_request_parameters.go index 03556b805fc..300a4e9b1c3 100644 --- a/internal/httpclient/client/admin/reject_login_request_parameters.go +++ b/internal/httpclient/client/admin/reject_login_request_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewRejectLoginRequestParams creates a new RejectLoginRequestParams object -// with the default values initialized. +// NewRejectLoginRequestParams creates a new RejectLoginRequestParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewRejectLoginRequestParams() *RejectLoginRequestParams { - var () return &RejectLoginRequestParams{ - timeout: cr.DefaultTimeout, } } // NewRejectLoginRequestParamsWithTimeout creates a new RejectLoginRequestParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewRejectLoginRequestParamsWithTimeout(timeout time.Duration) *RejectLoginRequestParams { - var () return &RejectLoginRequestParams{ - timeout: timeout, } } // NewRejectLoginRequestParamsWithContext creates a new RejectLoginRequestParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewRejectLoginRequestParamsWithContext(ctx context.Context) *RejectLoginRequestParams { - var () return &RejectLoginRequestParams{ - Context: ctx, } } // NewRejectLoginRequestParamsWithHTTPClient creates a new RejectLoginRequestParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewRejectLoginRequestParamsWithHTTPClient(client *http.Client) *RejectLoginRequestParams { - var () return &RejectLoginRequestParams{ HTTPClient: client, } } -/*RejectLoginRequestParams contains all the parameters to send to the API endpoint -for the reject login request operation typically these are written to a http.Request +/* RejectLoginRequestParams contains all the parameters to send to the API endpoint + for the reject login request operation. + + Typically these are written to a http.Request. */ type RejectLoginRequestParams struct { - /*Body*/ + // Body. Body *models.RejectRequest - /*LoginChallenge*/ + + // LoginChallenge. LoginChallenge string timeout time.Duration @@ -72,6 +72,21 @@ type RejectLoginRequestParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the reject login request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *RejectLoginRequestParams) WithDefaults() *RejectLoginRequestParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the reject login request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *RejectLoginRequestParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the reject login request params func (o *RejectLoginRequestParams) WithTimeout(timeout time.Duration) *RejectLoginRequestParams { o.SetTimeout(timeout) @@ -134,7 +149,6 @@ func (o *RejectLoginRequestParams) WriteToRequest(r runtime.ClientRequest, reg s return err } var res []error - if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err @@ -145,6 +159,7 @@ func (o *RejectLoginRequestParams) WriteToRequest(r runtime.ClientRequest, reg s qrLoginChallenge := o.LoginChallenge qLoginChallenge := qrLoginChallenge if qLoginChallenge != "" { + if err := r.SetQueryParam("login_challenge", qLoginChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/reject_login_request_responses.go b/internal/httpclient/client/admin/reject_login_request_responses.go index ef2965a0eb4..b984fad98c8 100644 --- a/internal/httpclient/client/admin/reject_login_request_responses.go +++ b/internal/httpclient/client/admin/reject_login_request_responses.go @@ -53,9 +53,8 @@ func (o *RejectLoginRequestReader) ReadResponse(response runtime.ClientResponse, return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -64,7 +63,7 @@ func NewRejectLoginRequestOK() *RejectLoginRequestOK { return &RejectLoginRequestOK{} } -/*RejectLoginRequestOK handles this case with default header values. +/* RejectLoginRequestOK describes a response with status code 200, with default header values. completedRequest */ @@ -75,7 +74,6 @@ type RejectLoginRequestOK struct { func (o *RejectLoginRequestOK) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/login/reject][%d] rejectLoginRequestOK %+v", 200, o.Payload) } - func (o *RejectLoginRequestOK) GetPayload() *models.CompletedRequest { return o.Payload } @@ -97,7 +95,7 @@ func NewRejectLoginRequestBadRequest() *RejectLoginRequestBadRequest { return &RejectLoginRequestBadRequest{} } -/*RejectLoginRequestBadRequest handles this case with default header values. +/* RejectLoginRequestBadRequest describes a response with status code 400, with default header values. genericError */ @@ -108,7 +106,6 @@ type RejectLoginRequestBadRequest struct { func (o *RejectLoginRequestBadRequest) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/login/reject][%d] rejectLoginRequestBadRequest %+v", 400, o.Payload) } - func (o *RejectLoginRequestBadRequest) GetPayload() *models.GenericError { return o.Payload } @@ -130,7 +127,7 @@ func NewRejectLoginRequestUnauthorized() *RejectLoginRequestUnauthorized { return &RejectLoginRequestUnauthorized{} } -/*RejectLoginRequestUnauthorized handles this case with default header values. +/* RejectLoginRequestUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -141,7 +138,6 @@ type RejectLoginRequestUnauthorized struct { func (o *RejectLoginRequestUnauthorized) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/login/reject][%d] rejectLoginRequestUnauthorized %+v", 401, o.Payload) } - func (o *RejectLoginRequestUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -163,7 +159,7 @@ func NewRejectLoginRequestNotFound() *RejectLoginRequestNotFound { return &RejectLoginRequestNotFound{} } -/*RejectLoginRequestNotFound handles this case with default header values. +/* RejectLoginRequestNotFound describes a response with status code 404, with default header values. genericError */ @@ -174,7 +170,6 @@ type RejectLoginRequestNotFound struct { func (o *RejectLoginRequestNotFound) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/login/reject][%d] rejectLoginRequestNotFound %+v", 404, o.Payload) } - func (o *RejectLoginRequestNotFound) GetPayload() *models.GenericError { return o.Payload } @@ -196,7 +191,7 @@ func NewRejectLoginRequestInternalServerError() *RejectLoginRequestInternalServe return &RejectLoginRequestInternalServerError{} } -/*RejectLoginRequestInternalServerError handles this case with default header values. +/* RejectLoginRequestInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -207,7 +202,6 @@ type RejectLoginRequestInternalServerError struct { func (o *RejectLoginRequestInternalServerError) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/login/reject][%d] rejectLoginRequestInternalServerError %+v", 500, o.Payload) } - func (o *RejectLoginRequestInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/reject_logout_request_parameters.go b/internal/httpclient/client/admin/reject_logout_request_parameters.go index be87d346429..f39e96898b2 100644 --- a/internal/httpclient/client/admin/reject_logout_request_parameters.go +++ b/internal/httpclient/client/admin/reject_logout_request_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewRejectLogoutRequestParams creates a new RejectLogoutRequestParams object -// with the default values initialized. +// NewRejectLogoutRequestParams creates a new RejectLogoutRequestParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewRejectLogoutRequestParams() *RejectLogoutRequestParams { - var () return &RejectLogoutRequestParams{ - timeout: cr.DefaultTimeout, } } // NewRejectLogoutRequestParamsWithTimeout creates a new RejectLogoutRequestParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewRejectLogoutRequestParamsWithTimeout(timeout time.Duration) *RejectLogoutRequestParams { - var () return &RejectLogoutRequestParams{ - timeout: timeout, } } // NewRejectLogoutRequestParamsWithContext creates a new RejectLogoutRequestParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewRejectLogoutRequestParamsWithContext(ctx context.Context) *RejectLogoutRequestParams { - var () return &RejectLogoutRequestParams{ - Context: ctx, } } // NewRejectLogoutRequestParamsWithHTTPClient creates a new RejectLogoutRequestParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewRejectLogoutRequestParamsWithHTTPClient(client *http.Client) *RejectLogoutRequestParams { - var () return &RejectLogoutRequestParams{ HTTPClient: client, } } -/*RejectLogoutRequestParams contains all the parameters to send to the API endpoint -for the reject logout request operation typically these are written to a http.Request +/* RejectLogoutRequestParams contains all the parameters to send to the API endpoint + for the reject logout request operation. + + Typically these are written to a http.Request. */ type RejectLogoutRequestParams struct { - /*Body*/ + // Body. Body *models.RejectRequest - /*LogoutChallenge*/ + + // LogoutChallenge. LogoutChallenge string timeout time.Duration @@ -72,6 +72,21 @@ type RejectLogoutRequestParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the reject logout request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *RejectLogoutRequestParams) WithDefaults() *RejectLogoutRequestParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the reject logout request params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *RejectLogoutRequestParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the reject logout request params func (o *RejectLogoutRequestParams) WithTimeout(timeout time.Duration) *RejectLogoutRequestParams { o.SetTimeout(timeout) @@ -134,7 +149,6 @@ func (o *RejectLogoutRequestParams) WriteToRequest(r runtime.ClientRequest, reg return err } var res []error - if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err @@ -145,6 +159,7 @@ func (o *RejectLogoutRequestParams) WriteToRequest(r runtime.ClientRequest, reg qrLogoutChallenge := o.LogoutChallenge qLogoutChallenge := qrLogoutChallenge if qLogoutChallenge != "" { + if err := r.SetQueryParam("logout_challenge", qLogoutChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/reject_logout_request_responses.go b/internal/httpclient/client/admin/reject_logout_request_responses.go index ef293fabfa6..6e7ab37ef28 100644 --- a/internal/httpclient/client/admin/reject_logout_request_responses.go +++ b/internal/httpclient/client/admin/reject_logout_request_responses.go @@ -41,9 +41,8 @@ func (o *RejectLogoutRequestReader) ReadResponse(response runtime.ClientResponse return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,9 +51,9 @@ func NewRejectLogoutRequestNoContent() *RejectLogoutRequestNoContent { return &RejectLogoutRequestNoContent{} } -/*RejectLogoutRequestNoContent handles this case with default header values. +/* RejectLogoutRequestNoContent describes a response with status code 204, with default header values. -Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type RejectLogoutRequestNoContent struct { @@ -74,7 +73,7 @@ func NewRejectLogoutRequestNotFound() *RejectLogoutRequestNotFound { return &RejectLogoutRequestNotFound{} } -/*RejectLogoutRequestNotFound handles this case with default header values. +/* RejectLogoutRequestNotFound describes a response with status code 404, with default header values. genericError */ @@ -85,7 +84,6 @@ type RejectLogoutRequestNotFound struct { func (o *RejectLogoutRequestNotFound) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/logout/reject][%d] rejectLogoutRequestNotFound %+v", 404, o.Payload) } - func (o *RejectLogoutRequestNotFound) GetPayload() *models.GenericError { return o.Payload } @@ -107,7 +105,7 @@ func NewRejectLogoutRequestInternalServerError() *RejectLogoutRequestInternalSer return &RejectLogoutRequestInternalServerError{} } -/*RejectLogoutRequestInternalServerError handles this case with default header values. +/* RejectLogoutRequestInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -118,7 +116,6 @@ type RejectLogoutRequestInternalServerError struct { func (o *RejectLogoutRequestInternalServerError) Error() string { return fmt.Sprintf("[PUT /oauth2/auth/requests/logout/reject][%d] rejectLogoutRequestInternalServerError %+v", 500, o.Payload) } - func (o *RejectLogoutRequestInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/revoke_authentication_session_parameters.go b/internal/httpclient/client/admin/revoke_authentication_session_parameters.go index dab7c8b54dd..780e8fd0266 100644 --- a/internal/httpclient/client/admin/revoke_authentication_session_parameters.go +++ b/internal/httpclient/client/admin/revoke_authentication_session_parameters.go @@ -16,51 +16,50 @@ import ( "github.com/go-openapi/strfmt" ) -// NewRevokeAuthenticationSessionParams creates a new RevokeAuthenticationSessionParams object -// with the default values initialized. +// NewRevokeAuthenticationSessionParams creates a new RevokeAuthenticationSessionParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewRevokeAuthenticationSessionParams() *RevokeAuthenticationSessionParams { - var () return &RevokeAuthenticationSessionParams{ - timeout: cr.DefaultTimeout, } } // NewRevokeAuthenticationSessionParamsWithTimeout creates a new RevokeAuthenticationSessionParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewRevokeAuthenticationSessionParamsWithTimeout(timeout time.Duration) *RevokeAuthenticationSessionParams { - var () return &RevokeAuthenticationSessionParams{ - timeout: timeout, } } // NewRevokeAuthenticationSessionParamsWithContext creates a new RevokeAuthenticationSessionParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewRevokeAuthenticationSessionParamsWithContext(ctx context.Context) *RevokeAuthenticationSessionParams { - var () return &RevokeAuthenticationSessionParams{ - Context: ctx, } } // NewRevokeAuthenticationSessionParamsWithHTTPClient creates a new RevokeAuthenticationSessionParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewRevokeAuthenticationSessionParamsWithHTTPClient(client *http.Client) *RevokeAuthenticationSessionParams { - var () return &RevokeAuthenticationSessionParams{ HTTPClient: client, } } -/*RevokeAuthenticationSessionParams contains all the parameters to send to the API endpoint -for the revoke authentication session operation typically these are written to a http.Request +/* RevokeAuthenticationSessionParams contains all the parameters to send to the API endpoint + for the revoke authentication session operation. + + Typically these are written to a http.Request. */ type RevokeAuthenticationSessionParams struct { - /*Subject*/ + // Subject. Subject string timeout time.Duration @@ -68,6 +67,21 @@ type RevokeAuthenticationSessionParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the revoke authentication session params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *RevokeAuthenticationSessionParams) WithDefaults() *RevokeAuthenticationSessionParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the revoke authentication session params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *RevokeAuthenticationSessionParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the revoke authentication session params func (o *RevokeAuthenticationSessionParams) WithTimeout(timeout time.Duration) *RevokeAuthenticationSessionParams { o.SetTimeout(timeout) @@ -124,6 +138,7 @@ func (o *RevokeAuthenticationSessionParams) WriteToRequest(r runtime.ClientReque qrSubject := o.Subject qSubject := qrSubject if qSubject != "" { + if err := r.SetQueryParam("subject", qSubject); err != nil { return err } diff --git a/internal/httpclient/client/admin/revoke_authentication_session_responses.go b/internal/httpclient/client/admin/revoke_authentication_session_responses.go index bdaf824a21e..0e13bcfdcae 100644 --- a/internal/httpclient/client/admin/revoke_authentication_session_responses.go +++ b/internal/httpclient/client/admin/revoke_authentication_session_responses.go @@ -41,9 +41,8 @@ func (o *RevokeAuthenticationSessionReader) ReadResponse(response runtime.Client return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,9 +51,9 @@ func NewRevokeAuthenticationSessionNoContent() *RevokeAuthenticationSessionNoCon return &RevokeAuthenticationSessionNoContent{} } -/*RevokeAuthenticationSessionNoContent handles this case with default header values. +/* RevokeAuthenticationSessionNoContent describes a response with status code 204, with default header values. -Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type RevokeAuthenticationSessionNoContent struct { @@ -74,7 +73,7 @@ func NewRevokeAuthenticationSessionBadRequest() *RevokeAuthenticationSessionBadR return &RevokeAuthenticationSessionBadRequest{} } -/*RevokeAuthenticationSessionBadRequest handles this case with default header values. +/* RevokeAuthenticationSessionBadRequest describes a response with status code 400, with default header values. genericError */ @@ -85,7 +84,6 @@ type RevokeAuthenticationSessionBadRequest struct { func (o *RevokeAuthenticationSessionBadRequest) Error() string { return fmt.Sprintf("[DELETE /oauth2/auth/sessions/login][%d] revokeAuthenticationSessionBadRequest %+v", 400, o.Payload) } - func (o *RevokeAuthenticationSessionBadRequest) GetPayload() *models.GenericError { return o.Payload } @@ -107,7 +105,7 @@ func NewRevokeAuthenticationSessionInternalServerError() *RevokeAuthenticationSe return &RevokeAuthenticationSessionInternalServerError{} } -/*RevokeAuthenticationSessionInternalServerError handles this case with default header values. +/* RevokeAuthenticationSessionInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -118,7 +116,6 @@ type RevokeAuthenticationSessionInternalServerError struct { func (o *RevokeAuthenticationSessionInternalServerError) Error() string { return fmt.Sprintf("[DELETE /oauth2/auth/sessions/login][%d] revokeAuthenticationSessionInternalServerError %+v", 500, o.Payload) } - func (o *RevokeAuthenticationSessionInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/revoke_consent_sessions_parameters.go b/internal/httpclient/client/admin/revoke_consent_sessions_parameters.go index 6dadc668afd..357224b576f 100644 --- a/internal/httpclient/client/admin/revoke_consent_sessions_parameters.go +++ b/internal/httpclient/client/admin/revoke_consent_sessions_parameters.go @@ -17,63 +17,64 @@ import ( "github.com/go-openapi/swag" ) -// NewRevokeConsentSessionsParams creates a new RevokeConsentSessionsParams object -// with the default values initialized. +// NewRevokeConsentSessionsParams creates a new RevokeConsentSessionsParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewRevokeConsentSessionsParams() *RevokeConsentSessionsParams { - var () return &RevokeConsentSessionsParams{ - timeout: cr.DefaultTimeout, } } // NewRevokeConsentSessionsParamsWithTimeout creates a new RevokeConsentSessionsParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewRevokeConsentSessionsParamsWithTimeout(timeout time.Duration) *RevokeConsentSessionsParams { - var () return &RevokeConsentSessionsParams{ - timeout: timeout, } } // NewRevokeConsentSessionsParamsWithContext creates a new RevokeConsentSessionsParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewRevokeConsentSessionsParamsWithContext(ctx context.Context) *RevokeConsentSessionsParams { - var () return &RevokeConsentSessionsParams{ - Context: ctx, } } // NewRevokeConsentSessionsParamsWithHTTPClient creates a new RevokeConsentSessionsParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewRevokeConsentSessionsParamsWithHTTPClient(client *http.Client) *RevokeConsentSessionsParams { - var () return &RevokeConsentSessionsParams{ HTTPClient: client, } } -/*RevokeConsentSessionsParams contains all the parameters to send to the API endpoint -for the revoke consent sessions operation typically these are written to a http.Request +/* RevokeConsentSessionsParams contains all the parameters to send to the API endpoint + for the revoke consent sessions operation. + + Typically these are written to a http.Request. */ type RevokeConsentSessionsParams struct { - /*All - If set to `?all=true`, deletes all consent sessions by the Subject that have been granted. + /* All. + If set to `?all=true`, deletes all consent sessions by the Subject that have been granted. */ All *bool - /*Client - If set, deletes only those consent sessions by the Subject that have been granted to the specified OAuth 2.0 Client ID + /* Client. + + If set, deletes only those consent sessions by the Subject that have been granted to the specified OAuth 2.0 Client ID */ Client *string - /*Subject - The subject (Subject) who's consent sessions should be deleted. + /* Subject. + + The subject (Subject) who's consent sessions should be deleted. */ Subject string @@ -82,6 +83,21 @@ type RevokeConsentSessionsParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the revoke consent sessions params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *RevokeConsentSessionsParams) WithDefaults() *RevokeConsentSessionsParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the revoke consent sessions params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *RevokeConsentSessionsParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the revoke consent sessions params func (o *RevokeConsentSessionsParams) WithTimeout(timeout time.Duration) *RevokeConsentSessionsParams { o.SetTimeout(timeout) @@ -160,38 +176,41 @@ func (o *RevokeConsentSessionsParams) WriteToRequest(r runtime.ClientRequest, re // query param all var qrAll bool + if o.All != nil { qrAll = *o.All } qAll := swag.FormatBool(qrAll) if qAll != "" { + if err := r.SetQueryParam("all", qAll); err != nil { return err } } - } if o.Client != nil { // query param client var qrClient string + if o.Client != nil { qrClient = *o.Client } qClient := qrClient if qClient != "" { + if err := r.SetQueryParam("client", qClient); err != nil { return err } } - } // query param subject qrSubject := o.Subject qSubject := qrSubject if qSubject != "" { + if err := r.SetQueryParam("subject", qSubject); err != nil { return err } diff --git a/internal/httpclient/client/admin/revoke_consent_sessions_responses.go b/internal/httpclient/client/admin/revoke_consent_sessions_responses.go index cade36bdbfd..86ce7bc00cb 100644 --- a/internal/httpclient/client/admin/revoke_consent_sessions_responses.go +++ b/internal/httpclient/client/admin/revoke_consent_sessions_responses.go @@ -41,9 +41,8 @@ func (o *RevokeConsentSessionsReader) ReadResponse(response runtime.ClientRespon return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,9 +51,9 @@ func NewRevokeConsentSessionsNoContent() *RevokeConsentSessionsNoContent { return &RevokeConsentSessionsNoContent{} } -/*RevokeConsentSessionsNoContent handles this case with default header values. +/* RevokeConsentSessionsNoContent describes a response with status code 204, with default header values. -Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type RevokeConsentSessionsNoContent struct { @@ -74,7 +73,7 @@ func NewRevokeConsentSessionsBadRequest() *RevokeConsentSessionsBadRequest { return &RevokeConsentSessionsBadRequest{} } -/*RevokeConsentSessionsBadRequest handles this case with default header values. +/* RevokeConsentSessionsBadRequest describes a response with status code 400, with default header values. genericError */ @@ -85,7 +84,6 @@ type RevokeConsentSessionsBadRequest struct { func (o *RevokeConsentSessionsBadRequest) Error() string { return fmt.Sprintf("[DELETE /oauth2/auth/sessions/consent][%d] revokeConsentSessionsBadRequest %+v", 400, o.Payload) } - func (o *RevokeConsentSessionsBadRequest) GetPayload() *models.GenericError { return o.Payload } @@ -107,7 +105,7 @@ func NewRevokeConsentSessionsInternalServerError() *RevokeConsentSessionsInterna return &RevokeConsentSessionsInternalServerError{} } -/*RevokeConsentSessionsInternalServerError handles this case with default header values. +/* RevokeConsentSessionsInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -118,7 +116,6 @@ type RevokeConsentSessionsInternalServerError struct { func (o *RevokeConsentSessionsInternalServerError) Error() string { return fmt.Sprintf("[DELETE /oauth2/auth/sessions/consent][%d] revokeConsentSessionsInternalServerError %+v", 500, o.Payload) } - func (o *RevokeConsentSessionsInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/update_json_web_key_parameters.go b/internal/httpclient/client/admin/update_json_web_key_parameters.go index 23d00be45c1..1d58a24513f 100644 --- a/internal/httpclient/client/admin/update_json_web_key_parameters.go +++ b/internal/httpclient/client/admin/update_json_web_key_parameters.go @@ -18,60 +18,61 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewUpdateJSONWebKeyParams creates a new UpdateJSONWebKeyParams object -// with the default values initialized. +// NewUpdateJSONWebKeyParams creates a new UpdateJSONWebKeyParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewUpdateJSONWebKeyParams() *UpdateJSONWebKeyParams { - var () return &UpdateJSONWebKeyParams{ - timeout: cr.DefaultTimeout, } } // NewUpdateJSONWebKeyParamsWithTimeout creates a new UpdateJSONWebKeyParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewUpdateJSONWebKeyParamsWithTimeout(timeout time.Duration) *UpdateJSONWebKeyParams { - var () return &UpdateJSONWebKeyParams{ - timeout: timeout, } } // NewUpdateJSONWebKeyParamsWithContext creates a new UpdateJSONWebKeyParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewUpdateJSONWebKeyParamsWithContext(ctx context.Context) *UpdateJSONWebKeyParams { - var () return &UpdateJSONWebKeyParams{ - Context: ctx, } } // NewUpdateJSONWebKeyParamsWithHTTPClient creates a new UpdateJSONWebKeyParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewUpdateJSONWebKeyParamsWithHTTPClient(client *http.Client) *UpdateJSONWebKeyParams { - var () return &UpdateJSONWebKeyParams{ HTTPClient: client, } } -/*UpdateJSONWebKeyParams contains all the parameters to send to the API endpoint -for the update Json web key operation typically these are written to a http.Request +/* UpdateJSONWebKeyParams contains all the parameters to send to the API endpoint + for the update Json web key operation. + + Typically these are written to a http.Request. */ type UpdateJSONWebKeyParams struct { - /*Body*/ + // Body. Body *models.JSONWebKey - /*Kid - The kid of the desired key + /* Kid. + + The kid of the desired key */ Kid string - /*Set - The set + /* Set. + + The set */ Set string @@ -80,6 +81,21 @@ type UpdateJSONWebKeyParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the update Json web key params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *UpdateJSONWebKeyParams) WithDefaults() *UpdateJSONWebKeyParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the update Json web key params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *UpdateJSONWebKeyParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the update Json web key params func (o *UpdateJSONWebKeyParams) WithTimeout(timeout time.Duration) *UpdateJSONWebKeyParams { o.SetTimeout(timeout) @@ -153,7 +169,6 @@ func (o *UpdateJSONWebKeyParams) WriteToRequest(r runtime.ClientRequest, reg str return err } var res []error - if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/update_json_web_key_responses.go b/internal/httpclient/client/admin/update_json_web_key_responses.go index bb56ecd817e..656e7044dc4 100644 --- a/internal/httpclient/client/admin/update_json_web_key_responses.go +++ b/internal/httpclient/client/admin/update_json_web_key_responses.go @@ -47,9 +47,8 @@ func (o *UpdateJSONWebKeyReader) ReadResponse(response runtime.ClientResponse, c return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -58,7 +57,7 @@ func NewUpdateJSONWebKeyOK() *UpdateJSONWebKeyOK { return &UpdateJSONWebKeyOK{} } -/*UpdateJSONWebKeyOK handles this case with default header values. +/* UpdateJSONWebKeyOK describes a response with status code 200, with default header values. JSONWebKey */ @@ -69,7 +68,6 @@ type UpdateJSONWebKeyOK struct { func (o *UpdateJSONWebKeyOK) Error() string { return fmt.Sprintf("[PUT /keys/{set}/{kid}][%d] updateJsonWebKeyOK %+v", 200, o.Payload) } - func (o *UpdateJSONWebKeyOK) GetPayload() *models.JSONWebKey { return o.Payload } @@ -91,7 +89,7 @@ func NewUpdateJSONWebKeyUnauthorized() *UpdateJSONWebKeyUnauthorized { return &UpdateJSONWebKeyUnauthorized{} } -/*UpdateJSONWebKeyUnauthorized handles this case with default header values. +/* UpdateJSONWebKeyUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -102,7 +100,6 @@ type UpdateJSONWebKeyUnauthorized struct { func (o *UpdateJSONWebKeyUnauthorized) Error() string { return fmt.Sprintf("[PUT /keys/{set}/{kid}][%d] updateJsonWebKeyUnauthorized %+v", 401, o.Payload) } - func (o *UpdateJSONWebKeyUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -124,7 +121,7 @@ func NewUpdateJSONWebKeyForbidden() *UpdateJSONWebKeyForbidden { return &UpdateJSONWebKeyForbidden{} } -/*UpdateJSONWebKeyForbidden handles this case with default header values. +/* UpdateJSONWebKeyForbidden describes a response with status code 403, with default header values. genericError */ @@ -135,7 +132,6 @@ type UpdateJSONWebKeyForbidden struct { func (o *UpdateJSONWebKeyForbidden) Error() string { return fmt.Sprintf("[PUT /keys/{set}/{kid}][%d] updateJsonWebKeyForbidden %+v", 403, o.Payload) } - func (o *UpdateJSONWebKeyForbidden) GetPayload() *models.GenericError { return o.Payload } @@ -157,7 +153,7 @@ func NewUpdateJSONWebKeyInternalServerError() *UpdateJSONWebKeyInternalServerErr return &UpdateJSONWebKeyInternalServerError{} } -/*UpdateJSONWebKeyInternalServerError handles this case with default header values. +/* UpdateJSONWebKeyInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -168,7 +164,6 @@ type UpdateJSONWebKeyInternalServerError struct { func (o *UpdateJSONWebKeyInternalServerError) Error() string { return fmt.Sprintf("[PUT /keys/{set}/{kid}][%d] updateJsonWebKeyInternalServerError %+v", 500, o.Payload) } - func (o *UpdateJSONWebKeyInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/update_json_web_key_set_parameters.go b/internal/httpclient/client/admin/update_json_web_key_set_parameters.go index 5d5de04e2f1..20cc85a3770 100644 --- a/internal/httpclient/client/admin/update_json_web_key_set_parameters.go +++ b/internal/httpclient/client/admin/update_json_web_key_set_parameters.go @@ -18,55 +18,55 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewUpdateJSONWebKeySetParams creates a new UpdateJSONWebKeySetParams object -// with the default values initialized. +// NewUpdateJSONWebKeySetParams creates a new UpdateJSONWebKeySetParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewUpdateJSONWebKeySetParams() *UpdateJSONWebKeySetParams { - var () return &UpdateJSONWebKeySetParams{ - timeout: cr.DefaultTimeout, } } // NewUpdateJSONWebKeySetParamsWithTimeout creates a new UpdateJSONWebKeySetParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewUpdateJSONWebKeySetParamsWithTimeout(timeout time.Duration) *UpdateJSONWebKeySetParams { - var () return &UpdateJSONWebKeySetParams{ - timeout: timeout, } } // NewUpdateJSONWebKeySetParamsWithContext creates a new UpdateJSONWebKeySetParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewUpdateJSONWebKeySetParamsWithContext(ctx context.Context) *UpdateJSONWebKeySetParams { - var () return &UpdateJSONWebKeySetParams{ - Context: ctx, } } // NewUpdateJSONWebKeySetParamsWithHTTPClient creates a new UpdateJSONWebKeySetParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewUpdateJSONWebKeySetParamsWithHTTPClient(client *http.Client) *UpdateJSONWebKeySetParams { - var () return &UpdateJSONWebKeySetParams{ HTTPClient: client, } } -/*UpdateJSONWebKeySetParams contains all the parameters to send to the API endpoint -for the update Json web key set operation typically these are written to a http.Request +/* UpdateJSONWebKeySetParams contains all the parameters to send to the API endpoint + for the update Json web key set operation. + + Typically these are written to a http.Request. */ type UpdateJSONWebKeySetParams struct { - /*Body*/ + // Body. Body *models.JSONWebKeySet - /*Set - The set + /* Set. + + The set */ Set string @@ -75,6 +75,21 @@ type UpdateJSONWebKeySetParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the update Json web key set params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *UpdateJSONWebKeySetParams) WithDefaults() *UpdateJSONWebKeySetParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the update Json web key set params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *UpdateJSONWebKeySetParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the update Json web key set params func (o *UpdateJSONWebKeySetParams) WithTimeout(timeout time.Duration) *UpdateJSONWebKeySetParams { o.SetTimeout(timeout) @@ -137,7 +152,6 @@ func (o *UpdateJSONWebKeySetParams) WriteToRequest(r runtime.ClientRequest, reg return err } var res []error - if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/update_json_web_key_set_responses.go b/internal/httpclient/client/admin/update_json_web_key_set_responses.go index 51111d47dbb..4c5d2f0a70d 100644 --- a/internal/httpclient/client/admin/update_json_web_key_set_responses.go +++ b/internal/httpclient/client/admin/update_json_web_key_set_responses.go @@ -47,9 +47,8 @@ func (o *UpdateJSONWebKeySetReader) ReadResponse(response runtime.ClientResponse return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -58,7 +57,7 @@ func NewUpdateJSONWebKeySetOK() *UpdateJSONWebKeySetOK { return &UpdateJSONWebKeySetOK{} } -/*UpdateJSONWebKeySetOK handles this case with default header values. +/* UpdateJSONWebKeySetOK describes a response with status code 200, with default header values. JSONWebKeySet */ @@ -69,7 +68,6 @@ type UpdateJSONWebKeySetOK struct { func (o *UpdateJSONWebKeySetOK) Error() string { return fmt.Sprintf("[PUT /keys/{set}][%d] updateJsonWebKeySetOK %+v", 200, o.Payload) } - func (o *UpdateJSONWebKeySetOK) GetPayload() *models.JSONWebKeySet { return o.Payload } @@ -91,7 +89,7 @@ func NewUpdateJSONWebKeySetUnauthorized() *UpdateJSONWebKeySetUnauthorized { return &UpdateJSONWebKeySetUnauthorized{} } -/*UpdateJSONWebKeySetUnauthorized handles this case with default header values. +/* UpdateJSONWebKeySetUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -102,7 +100,6 @@ type UpdateJSONWebKeySetUnauthorized struct { func (o *UpdateJSONWebKeySetUnauthorized) Error() string { return fmt.Sprintf("[PUT /keys/{set}][%d] updateJsonWebKeySetUnauthorized %+v", 401, o.Payload) } - func (o *UpdateJSONWebKeySetUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -124,7 +121,7 @@ func NewUpdateJSONWebKeySetForbidden() *UpdateJSONWebKeySetForbidden { return &UpdateJSONWebKeySetForbidden{} } -/*UpdateJSONWebKeySetForbidden handles this case with default header values. +/* UpdateJSONWebKeySetForbidden describes a response with status code 403, with default header values. genericError */ @@ -135,7 +132,6 @@ type UpdateJSONWebKeySetForbidden struct { func (o *UpdateJSONWebKeySetForbidden) Error() string { return fmt.Sprintf("[PUT /keys/{set}][%d] updateJsonWebKeySetForbidden %+v", 403, o.Payload) } - func (o *UpdateJSONWebKeySetForbidden) GetPayload() *models.GenericError { return o.Payload } @@ -157,7 +153,7 @@ func NewUpdateJSONWebKeySetInternalServerError() *UpdateJSONWebKeySetInternalSer return &UpdateJSONWebKeySetInternalServerError{} } -/*UpdateJSONWebKeySetInternalServerError handles this case with default header values. +/* UpdateJSONWebKeySetInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -168,7 +164,6 @@ type UpdateJSONWebKeySetInternalServerError struct { func (o *UpdateJSONWebKeySetInternalServerError) Error() string { return fmt.Sprintf("[PUT /keys/{set}][%d] updateJsonWebKeySetInternalServerError %+v", 500, o.Payload) } - func (o *UpdateJSONWebKeySetInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/update_o_auth2_client_parameters.go b/internal/httpclient/client/admin/update_o_auth2_client_parameters.go index 85400c84f9f..d767532c9a0 100644 --- a/internal/httpclient/client/admin/update_o_auth2_client_parameters.go +++ b/internal/httpclient/client/admin/update_o_auth2_client_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewUpdateOAuth2ClientParams creates a new UpdateOAuth2ClientParams object -// with the default values initialized. +// NewUpdateOAuth2ClientParams creates a new UpdateOAuth2ClientParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewUpdateOAuth2ClientParams() *UpdateOAuth2ClientParams { - var () return &UpdateOAuth2ClientParams{ - timeout: cr.DefaultTimeout, } } // NewUpdateOAuth2ClientParamsWithTimeout creates a new UpdateOAuth2ClientParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewUpdateOAuth2ClientParamsWithTimeout(timeout time.Duration) *UpdateOAuth2ClientParams { - var () return &UpdateOAuth2ClientParams{ - timeout: timeout, } } // NewUpdateOAuth2ClientParamsWithContext creates a new UpdateOAuth2ClientParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewUpdateOAuth2ClientParamsWithContext(ctx context.Context) *UpdateOAuth2ClientParams { - var () return &UpdateOAuth2ClientParams{ - Context: ctx, } } // NewUpdateOAuth2ClientParamsWithHTTPClient creates a new UpdateOAuth2ClientParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewUpdateOAuth2ClientParamsWithHTTPClient(client *http.Client) *UpdateOAuth2ClientParams { - var () return &UpdateOAuth2ClientParams{ HTTPClient: client, } } -/*UpdateOAuth2ClientParams contains all the parameters to send to the API endpoint -for the update o auth2 client operation typically these are written to a http.Request +/* UpdateOAuth2ClientParams contains all the parameters to send to the API endpoint + for the update o auth2 client operation. + + Typically these are written to a http.Request. */ type UpdateOAuth2ClientParams struct { - /*Body*/ + // Body. Body *models.OAuth2Client - /*ID*/ + + // ID. ID string timeout time.Duration @@ -72,6 +72,21 @@ type UpdateOAuth2ClientParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the update o auth2 client params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *UpdateOAuth2ClientParams) WithDefaults() *UpdateOAuth2ClientParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the update o auth2 client params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *UpdateOAuth2ClientParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the update o auth2 client params func (o *UpdateOAuth2ClientParams) WithTimeout(timeout time.Duration) *UpdateOAuth2ClientParams { o.SetTimeout(timeout) @@ -134,7 +149,6 @@ func (o *UpdateOAuth2ClientParams) WriteToRequest(r runtime.ClientRequest, reg s return err } var res []error - if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/update_o_auth2_client_responses.go b/internal/httpclient/client/admin/update_o_auth2_client_responses.go index f64911b55f4..d127266a4ff 100644 --- a/internal/httpclient/client/admin/update_o_auth2_client_responses.go +++ b/internal/httpclient/client/admin/update_o_auth2_client_responses.go @@ -35,9 +35,8 @@ func (o *UpdateOAuth2ClientReader) ReadResponse(response runtime.ClientResponse, return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -46,7 +45,7 @@ func NewUpdateOAuth2ClientOK() *UpdateOAuth2ClientOK { return &UpdateOAuth2ClientOK{} } -/*UpdateOAuth2ClientOK handles this case with default header values. +/* UpdateOAuth2ClientOK describes a response with status code 200, with default header values. oAuth2Client */ @@ -57,7 +56,6 @@ type UpdateOAuth2ClientOK struct { func (o *UpdateOAuth2ClientOK) Error() string { return fmt.Sprintf("[PUT /clients/{id}][%d] updateOAuth2ClientOK %+v", 200, o.Payload) } - func (o *UpdateOAuth2ClientOK) GetPayload() *models.OAuth2Client { return o.Payload } @@ -79,7 +77,7 @@ func NewUpdateOAuth2ClientInternalServerError() *UpdateOAuth2ClientInternalServe return &UpdateOAuth2ClientInternalServerError{} } -/*UpdateOAuth2ClientInternalServerError handles this case with default header values. +/* UpdateOAuth2ClientInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -90,7 +88,6 @@ type UpdateOAuth2ClientInternalServerError struct { func (o *UpdateOAuth2ClientInternalServerError) Error() string { return fmt.Sprintf("[PUT /clients/{id}][%d] updateOAuth2ClientInternalServerError %+v", 500, o.Payload) } - func (o *UpdateOAuth2ClientInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/public/disconnect_user_parameters.go b/internal/httpclient/client/public/disconnect_user_parameters.go index e87c91fff85..e0c9b3938d5 100644 --- a/internal/httpclient/client/public/disconnect_user_parameters.go +++ b/internal/httpclient/client/public/disconnect_user_parameters.go @@ -16,47 +16,46 @@ import ( "github.com/go-openapi/strfmt" ) -// NewDisconnectUserParams creates a new DisconnectUserParams object -// with the default values initialized. +// NewDisconnectUserParams creates a new DisconnectUserParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewDisconnectUserParams() *DisconnectUserParams { - return &DisconnectUserParams{ - timeout: cr.DefaultTimeout, } } // NewDisconnectUserParamsWithTimeout creates a new DisconnectUserParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewDisconnectUserParamsWithTimeout(timeout time.Duration) *DisconnectUserParams { - return &DisconnectUserParams{ - timeout: timeout, } } // NewDisconnectUserParamsWithContext creates a new DisconnectUserParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewDisconnectUserParamsWithContext(ctx context.Context) *DisconnectUserParams { - return &DisconnectUserParams{ - Context: ctx, } } // NewDisconnectUserParamsWithHTTPClient creates a new DisconnectUserParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewDisconnectUserParamsWithHTTPClient(client *http.Client) *DisconnectUserParams { - return &DisconnectUserParams{ HTTPClient: client, } } -/*DisconnectUserParams contains all the parameters to send to the API endpoint -for the disconnect user operation typically these are written to a http.Request +/* DisconnectUserParams contains all the parameters to send to the API endpoint + for the disconnect user operation. + + Typically these are written to a http.Request. */ type DisconnectUserParams struct { timeout time.Duration @@ -64,6 +63,21 @@ type DisconnectUserParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the disconnect user params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DisconnectUserParams) WithDefaults() *DisconnectUserParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the disconnect user params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DisconnectUserParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the disconnect user params func (o *DisconnectUserParams) WithTimeout(timeout time.Duration) *DisconnectUserParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/public/disconnect_user_responses.go b/internal/httpclient/client/public/disconnect_user_responses.go index cba4856c5ef..e5a423481dd 100644 --- a/internal/httpclient/client/public/disconnect_user_responses.go +++ b/internal/httpclient/client/public/disconnect_user_responses.go @@ -26,9 +26,8 @@ func (o *DisconnectUserReader) ReadResponse(response runtime.ClientResponse, con return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -37,9 +36,9 @@ func NewDisconnectUserFound() *DisconnectUserFound { return &DisconnectUserFound{} } -/*DisconnectUserFound handles this case with default header values. +/* DisconnectUserFound describes a response with status code 302, with default header values. -Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type DisconnectUserFound struct { diff --git a/internal/httpclient/client/public/discover_open_id_configuration_parameters.go b/internal/httpclient/client/public/discover_open_id_configuration_parameters.go index db24ed1492a..93ff41bb9a5 100644 --- a/internal/httpclient/client/public/discover_open_id_configuration_parameters.go +++ b/internal/httpclient/client/public/discover_open_id_configuration_parameters.go @@ -16,47 +16,46 @@ import ( "github.com/go-openapi/strfmt" ) -// NewDiscoverOpenIDConfigurationParams creates a new DiscoverOpenIDConfigurationParams object -// with the default values initialized. +// NewDiscoverOpenIDConfigurationParams creates a new DiscoverOpenIDConfigurationParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewDiscoverOpenIDConfigurationParams() *DiscoverOpenIDConfigurationParams { - return &DiscoverOpenIDConfigurationParams{ - timeout: cr.DefaultTimeout, } } // NewDiscoverOpenIDConfigurationParamsWithTimeout creates a new DiscoverOpenIDConfigurationParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewDiscoverOpenIDConfigurationParamsWithTimeout(timeout time.Duration) *DiscoverOpenIDConfigurationParams { - return &DiscoverOpenIDConfigurationParams{ - timeout: timeout, } } // NewDiscoverOpenIDConfigurationParamsWithContext creates a new DiscoverOpenIDConfigurationParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewDiscoverOpenIDConfigurationParamsWithContext(ctx context.Context) *DiscoverOpenIDConfigurationParams { - return &DiscoverOpenIDConfigurationParams{ - Context: ctx, } } // NewDiscoverOpenIDConfigurationParamsWithHTTPClient creates a new DiscoverOpenIDConfigurationParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewDiscoverOpenIDConfigurationParamsWithHTTPClient(client *http.Client) *DiscoverOpenIDConfigurationParams { - return &DiscoverOpenIDConfigurationParams{ HTTPClient: client, } } -/*DiscoverOpenIDConfigurationParams contains all the parameters to send to the API endpoint -for the discover open ID configuration operation typically these are written to a http.Request +/* DiscoverOpenIDConfigurationParams contains all the parameters to send to the API endpoint + for the discover open ID configuration operation. + + Typically these are written to a http.Request. */ type DiscoverOpenIDConfigurationParams struct { timeout time.Duration @@ -64,6 +63,21 @@ type DiscoverOpenIDConfigurationParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the discover open ID configuration params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DiscoverOpenIDConfigurationParams) WithDefaults() *DiscoverOpenIDConfigurationParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the discover open ID configuration params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *DiscoverOpenIDConfigurationParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the discover open ID configuration params func (o *DiscoverOpenIDConfigurationParams) WithTimeout(timeout time.Duration) *DiscoverOpenIDConfigurationParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/public/discover_open_id_configuration_responses.go b/internal/httpclient/client/public/discover_open_id_configuration_responses.go index f85b77a95e1..a5b37e98df9 100644 --- a/internal/httpclient/client/public/discover_open_id_configuration_responses.go +++ b/internal/httpclient/client/public/discover_open_id_configuration_responses.go @@ -41,9 +41,8 @@ func (o *DiscoverOpenIDConfigurationReader) ReadResponse(response runtime.Client return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,7 +51,7 @@ func NewDiscoverOpenIDConfigurationOK() *DiscoverOpenIDConfigurationOK { return &DiscoverOpenIDConfigurationOK{} } -/*DiscoverOpenIDConfigurationOK handles this case with default header values. +/* DiscoverOpenIDConfigurationOK describes a response with status code 200, with default header values. wellKnown */ @@ -63,7 +62,6 @@ type DiscoverOpenIDConfigurationOK struct { func (o *DiscoverOpenIDConfigurationOK) Error() string { return fmt.Sprintf("[GET /.well-known/openid-configuration][%d] discoverOpenIdConfigurationOK %+v", 200, o.Payload) } - func (o *DiscoverOpenIDConfigurationOK) GetPayload() *models.WellKnown { return o.Payload } @@ -85,7 +83,7 @@ func NewDiscoverOpenIDConfigurationUnauthorized() *DiscoverOpenIDConfigurationUn return &DiscoverOpenIDConfigurationUnauthorized{} } -/*DiscoverOpenIDConfigurationUnauthorized handles this case with default header values. +/* DiscoverOpenIDConfigurationUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -96,7 +94,6 @@ type DiscoverOpenIDConfigurationUnauthorized struct { func (o *DiscoverOpenIDConfigurationUnauthorized) Error() string { return fmt.Sprintf("[GET /.well-known/openid-configuration][%d] discoverOpenIdConfigurationUnauthorized %+v", 401, o.Payload) } - func (o *DiscoverOpenIDConfigurationUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -118,7 +115,7 @@ func NewDiscoverOpenIDConfigurationInternalServerError() *DiscoverOpenIDConfigur return &DiscoverOpenIDConfigurationInternalServerError{} } -/*DiscoverOpenIDConfigurationInternalServerError handles this case with default header values. +/* DiscoverOpenIDConfigurationInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -129,7 +126,6 @@ type DiscoverOpenIDConfigurationInternalServerError struct { func (o *DiscoverOpenIDConfigurationInternalServerError) Error() string { return fmt.Sprintf("[GET /.well-known/openid-configuration][%d] discoverOpenIdConfigurationInternalServerError %+v", 500, o.Payload) } - func (o *DiscoverOpenIDConfigurationInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/public/is_instance_ready_parameters.go b/internal/httpclient/client/public/is_instance_ready_parameters.go index b6ae09dcfd3..1d00d0188ae 100644 --- a/internal/httpclient/client/public/is_instance_ready_parameters.go +++ b/internal/httpclient/client/public/is_instance_ready_parameters.go @@ -16,47 +16,46 @@ import ( "github.com/go-openapi/strfmt" ) -// NewIsInstanceReadyParams creates a new IsInstanceReadyParams object -// with the default values initialized. +// NewIsInstanceReadyParams creates a new IsInstanceReadyParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewIsInstanceReadyParams() *IsInstanceReadyParams { - return &IsInstanceReadyParams{ - timeout: cr.DefaultTimeout, } } // NewIsInstanceReadyParamsWithTimeout creates a new IsInstanceReadyParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewIsInstanceReadyParamsWithTimeout(timeout time.Duration) *IsInstanceReadyParams { - return &IsInstanceReadyParams{ - timeout: timeout, } } // NewIsInstanceReadyParamsWithContext creates a new IsInstanceReadyParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewIsInstanceReadyParamsWithContext(ctx context.Context) *IsInstanceReadyParams { - return &IsInstanceReadyParams{ - Context: ctx, } } // NewIsInstanceReadyParamsWithHTTPClient creates a new IsInstanceReadyParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewIsInstanceReadyParamsWithHTTPClient(client *http.Client) *IsInstanceReadyParams { - return &IsInstanceReadyParams{ HTTPClient: client, } } -/*IsInstanceReadyParams contains all the parameters to send to the API endpoint -for the is instance ready operation typically these are written to a http.Request +/* IsInstanceReadyParams contains all the parameters to send to the API endpoint + for the is instance ready operation. + + Typically these are written to a http.Request. */ type IsInstanceReadyParams struct { timeout time.Duration @@ -64,6 +63,21 @@ type IsInstanceReadyParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the is instance ready params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *IsInstanceReadyParams) WithDefaults() *IsInstanceReadyParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the is instance ready params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *IsInstanceReadyParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the is instance ready params func (o *IsInstanceReadyParams) WithTimeout(timeout time.Duration) *IsInstanceReadyParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/public/is_instance_ready_responses.go b/internal/httpclient/client/public/is_instance_ready_responses.go index 2739bb4c847..e09081bd45b 100644 --- a/internal/httpclient/client/public/is_instance_ready_responses.go +++ b/internal/httpclient/client/public/is_instance_ready_responses.go @@ -35,9 +35,8 @@ func (o *IsInstanceReadyReader) ReadResponse(response runtime.ClientResponse, co return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -46,7 +45,7 @@ func NewIsInstanceReadyOK() *IsInstanceReadyOK { return &IsInstanceReadyOK{} } -/*IsInstanceReadyOK handles this case with default header values. +/* IsInstanceReadyOK describes a response with status code 200, with default header values. healthStatus */ @@ -57,7 +56,6 @@ type IsInstanceReadyOK struct { func (o *IsInstanceReadyOK) Error() string { return fmt.Sprintf("[GET /health/ready][%d] isInstanceReadyOK %+v", 200, o.Payload) } - func (o *IsInstanceReadyOK) GetPayload() *models.HealthStatus { return o.Payload } @@ -79,7 +77,7 @@ func NewIsInstanceReadyServiceUnavailable() *IsInstanceReadyServiceUnavailable { return &IsInstanceReadyServiceUnavailable{} } -/*IsInstanceReadyServiceUnavailable handles this case with default header values. +/* IsInstanceReadyServiceUnavailable describes a response with status code 503, with default header values. healthNotReadyStatus */ @@ -90,7 +88,6 @@ type IsInstanceReadyServiceUnavailable struct { func (o *IsInstanceReadyServiceUnavailable) Error() string { return fmt.Sprintf("[GET /health/ready][%d] isInstanceReadyServiceUnavailable %+v", 503, o.Payload) } - func (o *IsInstanceReadyServiceUnavailable) GetPayload() *models.HealthNotReadyStatus { return o.Payload } diff --git a/internal/httpclient/client/public/oauth2_token_parameters.go b/internal/httpclient/client/public/oauth2_token_parameters.go index 6acc0424a20..c67d2e921e3 100644 --- a/internal/httpclient/client/public/oauth2_token_parameters.go +++ b/internal/httpclient/client/public/oauth2_token_parameters.go @@ -16,59 +16,62 @@ import ( "github.com/go-openapi/strfmt" ) -// NewOauth2TokenParams creates a new Oauth2TokenParams object -// with the default values initialized. +// NewOauth2TokenParams creates a new Oauth2TokenParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewOauth2TokenParams() *Oauth2TokenParams { - var () return &Oauth2TokenParams{ - timeout: cr.DefaultTimeout, } } // NewOauth2TokenParamsWithTimeout creates a new Oauth2TokenParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewOauth2TokenParamsWithTimeout(timeout time.Duration) *Oauth2TokenParams { - var () return &Oauth2TokenParams{ - timeout: timeout, } } // NewOauth2TokenParamsWithContext creates a new Oauth2TokenParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewOauth2TokenParamsWithContext(ctx context.Context) *Oauth2TokenParams { - var () return &Oauth2TokenParams{ - Context: ctx, } } // NewOauth2TokenParamsWithHTTPClient creates a new Oauth2TokenParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewOauth2TokenParamsWithHTTPClient(client *http.Client) *Oauth2TokenParams { - var () return &Oauth2TokenParams{ HTTPClient: client, } } -/*Oauth2TokenParams contains all the parameters to send to the API endpoint -for the oauth2 token operation typically these are written to a http.Request +/* Oauth2TokenParams contains all the parameters to send to the API endpoint + for the oauth2 token operation. + + Typically these are written to a http.Request. */ type Oauth2TokenParams struct { - /*ClientID*/ + // ClientID. ClientID *string - /*Code*/ + + // Code. Code *string - /*GrantType*/ + + // GrantType. GrantType string - /*RedirectURI*/ + + // RedirectURI. RedirectURI *string - /*RefreshToken*/ + + // RefreshToken. RefreshToken *string timeout time.Duration @@ -76,6 +79,21 @@ type Oauth2TokenParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the oauth2 token params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *Oauth2TokenParams) WithDefaults() *Oauth2TokenParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the oauth2 token params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *Oauth2TokenParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the oauth2 token params func (o *Oauth2TokenParams) WithTimeout(timeout time.Duration) *Oauth2TokenParams { o.SetTimeout(timeout) @@ -185,7 +203,6 @@ func (o *Oauth2TokenParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.R return err } } - } if o.Code != nil { @@ -201,7 +218,6 @@ func (o *Oauth2TokenParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.R return err } } - } // form param grant_type @@ -226,7 +242,6 @@ func (o *Oauth2TokenParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.R return err } } - } if o.RefreshToken != nil { @@ -242,7 +257,6 @@ func (o *Oauth2TokenParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.R return err } } - } if len(res) > 0 { diff --git a/internal/httpclient/client/public/oauth2_token_responses.go b/internal/httpclient/client/public/oauth2_token_responses.go index b15b27a4cf3..31f77dab57b 100644 --- a/internal/httpclient/client/public/oauth2_token_responses.go +++ b/internal/httpclient/client/public/oauth2_token_responses.go @@ -47,9 +47,8 @@ func (o *Oauth2TokenReader) ReadResponse(response runtime.ClientResponse, consum return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -58,7 +57,7 @@ func NewOauth2TokenOK() *Oauth2TokenOK { return &Oauth2TokenOK{} } -/*Oauth2TokenOK handles this case with default header values. +/* Oauth2TokenOK describes a response with status code 200, with default header values. oauth2TokenResponse */ @@ -69,7 +68,6 @@ type Oauth2TokenOK struct { func (o *Oauth2TokenOK) Error() string { return fmt.Sprintf("[POST /oauth2/token][%d] oauth2TokenOK %+v", 200, o.Payload) } - func (o *Oauth2TokenOK) GetPayload() *models.Oauth2TokenResponse { return o.Payload } @@ -91,7 +89,7 @@ func NewOauth2TokenBadRequest() *Oauth2TokenBadRequest { return &Oauth2TokenBadRequest{} } -/*Oauth2TokenBadRequest handles this case with default header values. +/* Oauth2TokenBadRequest describes a response with status code 400, with default header values. genericError */ @@ -102,7 +100,6 @@ type Oauth2TokenBadRequest struct { func (o *Oauth2TokenBadRequest) Error() string { return fmt.Sprintf("[POST /oauth2/token][%d] oauth2TokenBadRequest %+v", 400, o.Payload) } - func (o *Oauth2TokenBadRequest) GetPayload() *models.GenericError { return o.Payload } @@ -124,7 +121,7 @@ func NewOauth2TokenUnauthorized() *Oauth2TokenUnauthorized { return &Oauth2TokenUnauthorized{} } -/*Oauth2TokenUnauthorized handles this case with default header values. +/* Oauth2TokenUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -135,7 +132,6 @@ type Oauth2TokenUnauthorized struct { func (o *Oauth2TokenUnauthorized) Error() string { return fmt.Sprintf("[POST /oauth2/token][%d] oauth2TokenUnauthorized %+v", 401, o.Payload) } - func (o *Oauth2TokenUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -157,7 +153,7 @@ func NewOauth2TokenInternalServerError() *Oauth2TokenInternalServerError { return &Oauth2TokenInternalServerError{} } -/*Oauth2TokenInternalServerError handles this case with default header values. +/* Oauth2TokenInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -168,7 +164,6 @@ type Oauth2TokenInternalServerError struct { func (o *Oauth2TokenInternalServerError) Error() string { return fmt.Sprintf("[POST /oauth2/token][%d] oauth2TokenInternalServerError %+v", 500, o.Payload) } - func (o *Oauth2TokenInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/public/oauth_auth_parameters.go b/internal/httpclient/client/public/oauth_auth_parameters.go index 4476b6a7414..46f21005985 100644 --- a/internal/httpclient/client/public/oauth_auth_parameters.go +++ b/internal/httpclient/client/public/oauth_auth_parameters.go @@ -16,47 +16,46 @@ import ( "github.com/go-openapi/strfmt" ) -// NewOauthAuthParams creates a new OauthAuthParams object -// with the default values initialized. +// NewOauthAuthParams creates a new OauthAuthParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewOauthAuthParams() *OauthAuthParams { - return &OauthAuthParams{ - timeout: cr.DefaultTimeout, } } // NewOauthAuthParamsWithTimeout creates a new OauthAuthParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewOauthAuthParamsWithTimeout(timeout time.Duration) *OauthAuthParams { - return &OauthAuthParams{ - timeout: timeout, } } // NewOauthAuthParamsWithContext creates a new OauthAuthParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewOauthAuthParamsWithContext(ctx context.Context) *OauthAuthParams { - return &OauthAuthParams{ - Context: ctx, } } // NewOauthAuthParamsWithHTTPClient creates a new OauthAuthParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewOauthAuthParamsWithHTTPClient(client *http.Client) *OauthAuthParams { - return &OauthAuthParams{ HTTPClient: client, } } -/*OauthAuthParams contains all the parameters to send to the API endpoint -for the oauth auth operation typically these are written to a http.Request +/* OauthAuthParams contains all the parameters to send to the API endpoint + for the oauth auth operation. + + Typically these are written to a http.Request. */ type OauthAuthParams struct { timeout time.Duration @@ -64,6 +63,21 @@ type OauthAuthParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the oauth auth params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *OauthAuthParams) WithDefaults() *OauthAuthParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the oauth auth params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *OauthAuthParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the oauth auth params func (o *OauthAuthParams) WithTimeout(timeout time.Duration) *OauthAuthParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/public/oauth_auth_responses.go b/internal/httpclient/client/public/oauth_auth_responses.go index 9504101a321..6082b978625 100644 --- a/internal/httpclient/client/public/oauth_auth_responses.go +++ b/internal/httpclient/client/public/oauth_auth_responses.go @@ -41,9 +41,8 @@ func (o *OauthAuthReader) ReadResponse(response runtime.ClientResponse, consumer return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,9 +51,9 @@ func NewOauthAuthFound() *OauthAuthFound { return &OauthAuthFound{} } -/*OauthAuthFound handles this case with default header values. +/* OauthAuthFound describes a response with status code 302, with default header values. -Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type OauthAuthFound struct { @@ -74,7 +73,7 @@ func NewOauthAuthUnauthorized() *OauthAuthUnauthorized { return &OauthAuthUnauthorized{} } -/*OauthAuthUnauthorized handles this case with default header values. +/* OauthAuthUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -85,7 +84,6 @@ type OauthAuthUnauthorized struct { func (o *OauthAuthUnauthorized) Error() string { return fmt.Sprintf("[GET /oauth2/auth][%d] oauthAuthUnauthorized %+v", 401, o.Payload) } - func (o *OauthAuthUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -107,7 +105,7 @@ func NewOauthAuthInternalServerError() *OauthAuthInternalServerError { return &OauthAuthInternalServerError{} } -/*OauthAuthInternalServerError handles this case with default header values. +/* OauthAuthInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -118,7 +116,6 @@ type OauthAuthInternalServerError struct { func (o *OauthAuthInternalServerError) Error() string { return fmt.Sprintf("[GET /oauth2/auth][%d] oauthAuthInternalServerError %+v", 500, o.Payload) } - func (o *OauthAuthInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/public/revoke_o_auth2_token_parameters.go b/internal/httpclient/client/public/revoke_o_auth2_token_parameters.go index 782c6be73b8..8a67b4b2903 100644 --- a/internal/httpclient/client/public/revoke_o_auth2_token_parameters.go +++ b/internal/httpclient/client/public/revoke_o_auth2_token_parameters.go @@ -16,51 +16,50 @@ import ( "github.com/go-openapi/strfmt" ) -// NewRevokeOAuth2TokenParams creates a new RevokeOAuth2TokenParams object -// with the default values initialized. +// NewRevokeOAuth2TokenParams creates a new RevokeOAuth2TokenParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewRevokeOAuth2TokenParams() *RevokeOAuth2TokenParams { - var () return &RevokeOAuth2TokenParams{ - timeout: cr.DefaultTimeout, } } // NewRevokeOAuth2TokenParamsWithTimeout creates a new RevokeOAuth2TokenParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewRevokeOAuth2TokenParamsWithTimeout(timeout time.Duration) *RevokeOAuth2TokenParams { - var () return &RevokeOAuth2TokenParams{ - timeout: timeout, } } // NewRevokeOAuth2TokenParamsWithContext creates a new RevokeOAuth2TokenParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewRevokeOAuth2TokenParamsWithContext(ctx context.Context) *RevokeOAuth2TokenParams { - var () return &RevokeOAuth2TokenParams{ - Context: ctx, } } // NewRevokeOAuth2TokenParamsWithHTTPClient creates a new RevokeOAuth2TokenParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewRevokeOAuth2TokenParamsWithHTTPClient(client *http.Client) *RevokeOAuth2TokenParams { - var () return &RevokeOAuth2TokenParams{ HTTPClient: client, } } -/*RevokeOAuth2TokenParams contains all the parameters to send to the API endpoint -for the revoke o auth2 token operation typically these are written to a http.Request +/* RevokeOAuth2TokenParams contains all the parameters to send to the API endpoint + for the revoke o auth2 token operation. + + Typically these are written to a http.Request. */ type RevokeOAuth2TokenParams struct { - /*Token*/ + // Token. Token string timeout time.Duration @@ -68,6 +67,21 @@ type RevokeOAuth2TokenParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the revoke o auth2 token params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *RevokeOAuth2TokenParams) WithDefaults() *RevokeOAuth2TokenParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the revoke o auth2 token params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *RevokeOAuth2TokenParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the revoke o auth2 token params func (o *RevokeOAuth2TokenParams) WithTimeout(timeout time.Duration) *RevokeOAuth2TokenParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/public/revoke_o_auth2_token_responses.go b/internal/httpclient/client/public/revoke_o_auth2_token_responses.go index 3e2ae2e4c90..7ab05a32dad 100644 --- a/internal/httpclient/client/public/revoke_o_auth2_token_responses.go +++ b/internal/httpclient/client/public/revoke_o_auth2_token_responses.go @@ -41,9 +41,8 @@ func (o *RevokeOAuth2TokenReader) ReadResponse(response runtime.ClientResponse, return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,9 +51,9 @@ func NewRevokeOAuth2TokenOK() *RevokeOAuth2TokenOK { return &RevokeOAuth2TokenOK{} } -/*RevokeOAuth2TokenOK handles this case with default header values. +/* RevokeOAuth2TokenOK describes a response with status code 200, with default header values. -Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is + Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type RevokeOAuth2TokenOK struct { @@ -74,7 +73,7 @@ func NewRevokeOAuth2TokenUnauthorized() *RevokeOAuth2TokenUnauthorized { return &RevokeOAuth2TokenUnauthorized{} } -/*RevokeOAuth2TokenUnauthorized handles this case with default header values. +/* RevokeOAuth2TokenUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -85,7 +84,6 @@ type RevokeOAuth2TokenUnauthorized struct { func (o *RevokeOAuth2TokenUnauthorized) Error() string { return fmt.Sprintf("[POST /oauth2/revoke][%d] revokeOAuth2TokenUnauthorized %+v", 401, o.Payload) } - func (o *RevokeOAuth2TokenUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -107,7 +105,7 @@ func NewRevokeOAuth2TokenInternalServerError() *RevokeOAuth2TokenInternalServerE return &RevokeOAuth2TokenInternalServerError{} } -/*RevokeOAuth2TokenInternalServerError handles this case with default header values. +/* RevokeOAuth2TokenInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -118,7 +116,6 @@ type RevokeOAuth2TokenInternalServerError struct { func (o *RevokeOAuth2TokenInternalServerError) Error() string { return fmt.Sprintf("[POST /oauth2/revoke][%d] revokeOAuth2TokenInternalServerError %+v", 500, o.Payload) } - func (o *RevokeOAuth2TokenInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/public/userinfo_parameters.go b/internal/httpclient/client/public/userinfo_parameters.go index f9028b8ec43..03b3ad50f4b 100644 --- a/internal/httpclient/client/public/userinfo_parameters.go +++ b/internal/httpclient/client/public/userinfo_parameters.go @@ -16,47 +16,46 @@ import ( "github.com/go-openapi/strfmt" ) -// NewUserinfoParams creates a new UserinfoParams object -// with the default values initialized. +// NewUserinfoParams creates a new UserinfoParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewUserinfoParams() *UserinfoParams { - return &UserinfoParams{ - timeout: cr.DefaultTimeout, } } // NewUserinfoParamsWithTimeout creates a new UserinfoParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewUserinfoParamsWithTimeout(timeout time.Duration) *UserinfoParams { - return &UserinfoParams{ - timeout: timeout, } } // NewUserinfoParamsWithContext creates a new UserinfoParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewUserinfoParamsWithContext(ctx context.Context) *UserinfoParams { - return &UserinfoParams{ - Context: ctx, } } // NewUserinfoParamsWithHTTPClient creates a new UserinfoParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewUserinfoParamsWithHTTPClient(client *http.Client) *UserinfoParams { - return &UserinfoParams{ HTTPClient: client, } } -/*UserinfoParams contains all the parameters to send to the API endpoint -for the userinfo operation typically these are written to a http.Request +/* UserinfoParams contains all the parameters to send to the API endpoint + for the userinfo operation. + + Typically these are written to a http.Request. */ type UserinfoParams struct { timeout time.Duration @@ -64,6 +63,21 @@ type UserinfoParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the userinfo params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *UserinfoParams) WithDefaults() *UserinfoParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the userinfo params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *UserinfoParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the userinfo params func (o *UserinfoParams) WithTimeout(timeout time.Duration) *UserinfoParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/public/userinfo_responses.go b/internal/httpclient/client/public/userinfo_responses.go index 07b7577fce2..66fb314e869 100644 --- a/internal/httpclient/client/public/userinfo_responses.go +++ b/internal/httpclient/client/public/userinfo_responses.go @@ -41,9 +41,8 @@ func (o *UserinfoReader) ReadResponse(response runtime.ClientResponse, consumer return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -52,7 +51,7 @@ func NewUserinfoOK() *UserinfoOK { return &UserinfoOK{} } -/*UserinfoOK handles this case with default header values. +/* UserinfoOK describes a response with status code 200, with default header values. userinfoResponse */ @@ -63,7 +62,6 @@ type UserinfoOK struct { func (o *UserinfoOK) Error() string { return fmt.Sprintf("[GET /userinfo][%d] userinfoOK %+v", 200, o.Payload) } - func (o *UserinfoOK) GetPayload() *models.UserinfoResponse { return o.Payload } @@ -85,7 +83,7 @@ func NewUserinfoUnauthorized() *UserinfoUnauthorized { return &UserinfoUnauthorized{} } -/*UserinfoUnauthorized handles this case with default header values. +/* UserinfoUnauthorized describes a response with status code 401, with default header values. genericError */ @@ -96,7 +94,6 @@ type UserinfoUnauthorized struct { func (o *UserinfoUnauthorized) Error() string { return fmt.Sprintf("[GET /userinfo][%d] userinfoUnauthorized %+v", 401, o.Payload) } - func (o *UserinfoUnauthorized) GetPayload() *models.GenericError { return o.Payload } @@ -118,7 +115,7 @@ func NewUserinfoInternalServerError() *UserinfoInternalServerError { return &UserinfoInternalServerError{} } -/*UserinfoInternalServerError handles this case with default header values. +/* UserinfoInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -129,7 +126,6 @@ type UserinfoInternalServerError struct { func (o *UserinfoInternalServerError) Error() string { return fmt.Sprintf("[GET /userinfo][%d] userinfoInternalServerError %+v", 500, o.Payload) } - func (o *UserinfoInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/public/well_known_parameters.go b/internal/httpclient/client/public/well_known_parameters.go index 206f42be2d7..b9b34518e5b 100644 --- a/internal/httpclient/client/public/well_known_parameters.go +++ b/internal/httpclient/client/public/well_known_parameters.go @@ -16,47 +16,46 @@ import ( "github.com/go-openapi/strfmt" ) -// NewWellKnownParams creates a new WellKnownParams object -// with the default values initialized. +// NewWellKnownParams creates a new WellKnownParams object, +// with the default timeout for this client. +// +// Default values are not hydrated, since defaults are normally applied by the API server side. +// +// To enforce default values in parameter, use SetDefaults or WithDefaults. func NewWellKnownParams() *WellKnownParams { - return &WellKnownParams{ - timeout: cr.DefaultTimeout, } } // NewWellKnownParamsWithTimeout creates a new WellKnownParams object -// with the default values initialized, and the ability to set a timeout on a request +// with the ability to set a timeout on a request. func NewWellKnownParamsWithTimeout(timeout time.Duration) *WellKnownParams { - return &WellKnownParams{ - timeout: timeout, } } // NewWellKnownParamsWithContext creates a new WellKnownParams object -// with the default values initialized, and the ability to set a context for a request +// with the ability to set a context for a request. func NewWellKnownParamsWithContext(ctx context.Context) *WellKnownParams { - return &WellKnownParams{ - Context: ctx, } } // NewWellKnownParamsWithHTTPClient creates a new WellKnownParams object -// with the default values initialized, and the ability to set a custom HTTPClient for a request +// with the ability to set a custom HTTPClient for a request. func NewWellKnownParamsWithHTTPClient(client *http.Client) *WellKnownParams { - return &WellKnownParams{ HTTPClient: client, } } -/*WellKnownParams contains all the parameters to send to the API endpoint -for the well known operation typically these are written to a http.Request +/* WellKnownParams contains all the parameters to send to the API endpoint + for the well known operation. + + Typically these are written to a http.Request. */ type WellKnownParams struct { timeout time.Duration @@ -64,6 +63,21 @@ type WellKnownParams struct { HTTPClient *http.Client } +// WithDefaults hydrates default values in the well known params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *WellKnownParams) WithDefaults() *WellKnownParams { + o.SetDefaults() + return o +} + +// SetDefaults hydrates default values in the well known params (not the query body). +// +// All values with no default are reset to their zero value. +func (o *WellKnownParams) SetDefaults() { + // no default values defined for this parameter +} + // WithTimeout adds the timeout to the well known params func (o *WellKnownParams) WithTimeout(timeout time.Duration) *WellKnownParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/public/well_known_responses.go b/internal/httpclient/client/public/well_known_responses.go index 423640a4614..4a5e6d5f174 100644 --- a/internal/httpclient/client/public/well_known_responses.go +++ b/internal/httpclient/client/public/well_known_responses.go @@ -35,9 +35,8 @@ func (o *WellKnownReader) ReadResponse(response runtime.ClientResponse, consumer return nil, err } return nil, result - default: - return nil, runtime.NewAPIError("unknown error", response, response.Code()) + return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) } } @@ -46,7 +45,7 @@ func NewWellKnownOK() *WellKnownOK { return &WellKnownOK{} } -/*WellKnownOK handles this case with default header values. +/* WellKnownOK describes a response with status code 200, with default header values. JSONWebKeySet */ @@ -57,7 +56,6 @@ type WellKnownOK struct { func (o *WellKnownOK) Error() string { return fmt.Sprintf("[GET /.well-known/jwks.json][%d] wellKnownOK %+v", 200, o.Payload) } - func (o *WellKnownOK) GetPayload() *models.JSONWebKeySet { return o.Payload } @@ -79,7 +77,7 @@ func NewWellKnownInternalServerError() *WellKnownInternalServerError { return &WellKnownInternalServerError{} } -/*WellKnownInternalServerError handles this case with default header values. +/* WellKnownInternalServerError describes a response with status code 500, with default header values. genericError */ @@ -90,7 +88,6 @@ type WellKnownInternalServerError struct { func (o *WellKnownInternalServerError) Error() string { return fmt.Sprintf("[GET /.well-known/jwks.json][%d] wellKnownInternalServerError %+v", 500, o.Payload) } - func (o *WellKnownInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/models/accept_consent_request.go b/internal/httpclient/models/accept_consent_request.go index 89d31c9c64a..2d2123225fa 100644 --- a/internal/httpclient/models/accept_consent_request.go +++ b/internal/httpclient/models/accept_consent_request.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -65,7 +67,6 @@ func (m *AcceptConsentRequest) Validate(formats strfmt.Registry) error { } func (m *AcceptConsentRequest) validateGrantAccessTokenAudience(formats strfmt.Registry) error { - if swag.IsZero(m.GrantAccessTokenAudience) { // not required return nil } @@ -81,7 +82,6 @@ func (m *AcceptConsentRequest) validateGrantAccessTokenAudience(formats strfmt.R } func (m *AcceptConsentRequest) validateGrantScope(formats strfmt.Registry) error { - if swag.IsZero(m.GrantScope) { // not required return nil } @@ -97,7 +97,6 @@ func (m *AcceptConsentRequest) validateGrantScope(formats strfmt.Registry) error } func (m *AcceptConsentRequest) validateHandledAt(formats strfmt.Registry) error { - if swag.IsZero(m.HandledAt) { // not required return nil } @@ -113,7 +112,6 @@ func (m *AcceptConsentRequest) validateHandledAt(formats strfmt.Registry) error } func (m *AcceptConsentRequest) validateSession(formats strfmt.Registry) error { - if swag.IsZero(m.Session) { // not required return nil } @@ -130,6 +128,82 @@ func (m *AcceptConsentRequest) validateSession(formats strfmt.Registry) error { return nil } +// ContextValidate validate this accept consent request based on the context it is used +func (m *AcceptConsentRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateGrantAccessTokenAudience(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateGrantScope(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateHandledAt(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateSession(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *AcceptConsentRequest) contextValidateGrantAccessTokenAudience(ctx context.Context, formats strfmt.Registry) error { + + if err := m.GrantAccessTokenAudience.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("grant_access_token_audience") + } + return err + } + + return nil +} + +func (m *AcceptConsentRequest) contextValidateGrantScope(ctx context.Context, formats strfmt.Registry) error { + + if err := m.GrantScope.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("grant_scope") + } + return err + } + + return nil +} + +func (m *AcceptConsentRequest) contextValidateHandledAt(ctx context.Context, formats strfmt.Registry) error { + + if err := m.HandledAt.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("handled_at") + } + return err + } + + return nil +} + +func (m *AcceptConsentRequest) contextValidateSession(ctx context.Context, formats strfmt.Registry) error { + + if m.Session != nil { + if err := m.Session.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("session") + } + return err + } + } + + return nil +} + // MarshalBinary interface implementation func (m *AcceptConsentRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/accept_login_request.go b/internal/httpclient/models/accept_login_request.go index 4eae3c7ccc3..55d0afbea5f 100644 --- a/internal/httpclient/models/accept_login_request.go +++ b/internal/httpclient/models/accept_login_request.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -80,6 +82,11 @@ func (m *AcceptLoginRequest) validateSubject(formats strfmt.Registry) error { return nil } +// ContextValidate validates this accept login request based on context it is used +func (m *AcceptLoginRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *AcceptLoginRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/completed_request.go b/internal/httpclient/models/completed_request.go index ea54e898220..2878fd455ba 100644 --- a/internal/httpclient/models/completed_request.go +++ b/internal/httpclient/models/completed_request.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -45,6 +47,11 @@ func (m *CompletedRequest) validateRedirectTo(formats strfmt.Registry) error { return nil } +// ContextValidate validates this completed request based on context it is used +func (m *CompletedRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *CompletedRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/consent_request.go b/internal/httpclient/models/consent_request.go index 64498026133..c048fbbdcfe 100644 --- a/internal/httpclient/models/consent_request.go +++ b/internal/httpclient/models/consent_request.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -106,7 +108,6 @@ func (m *ConsentRequest) validateChallenge(formats strfmt.Registry) error { } func (m *ConsentRequest) validateClient(formats strfmt.Registry) error { - if swag.IsZero(m.Client) { // not required return nil } @@ -124,7 +125,6 @@ func (m *ConsentRequest) validateClient(formats strfmt.Registry) error { } func (m *ConsentRequest) validateOidcContext(formats strfmt.Registry) error { - if swag.IsZero(m.OidcContext) { // not required return nil } @@ -142,7 +142,6 @@ func (m *ConsentRequest) validateOidcContext(formats strfmt.Registry) error { } func (m *ConsentRequest) validateRequestedAccessTokenAudience(formats strfmt.Registry) error { - if swag.IsZero(m.RequestedAccessTokenAudience) { // not required return nil } @@ -158,7 +157,6 @@ func (m *ConsentRequest) validateRequestedAccessTokenAudience(formats strfmt.Reg } func (m *ConsentRequest) validateRequestedScope(formats strfmt.Registry) error { - if swag.IsZero(m.RequestedScope) { // not required return nil } @@ -173,6 +171,84 @@ func (m *ConsentRequest) validateRequestedScope(formats strfmt.Registry) error { return nil } +// ContextValidate validate this consent request based on the context it is used +func (m *ConsentRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateClient(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateOidcContext(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateRequestedAccessTokenAudience(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateRequestedScope(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *ConsentRequest) contextValidateClient(ctx context.Context, formats strfmt.Registry) error { + + if m.Client != nil { + if err := m.Client.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("client") + } + return err + } + } + + return nil +} + +func (m *ConsentRequest) contextValidateOidcContext(ctx context.Context, formats strfmt.Registry) error { + + if m.OidcContext != nil { + if err := m.OidcContext.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("oidc_context") + } + return err + } + } + + return nil +} + +func (m *ConsentRequest) contextValidateRequestedAccessTokenAudience(ctx context.Context, formats strfmt.Registry) error { + + if err := m.RequestedAccessTokenAudience.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("requested_access_token_audience") + } + return err + } + + return nil +} + +func (m *ConsentRequest) contextValidateRequestedScope(ctx context.Context, formats strfmt.Registry) error { + + if err := m.RequestedScope.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("requested_scope") + } + return err + } + + return nil +} + // MarshalBinary interface implementation func (m *ConsentRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/consent_request_session.go b/internal/httpclient/models/consent_request_session.go index 0cd2ae45dac..eaab7a24543 100644 --- a/internal/httpclient/models/consent_request_session.go +++ b/internal/httpclient/models/consent_request_session.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -31,6 +33,11 @@ func (m *ConsentRequestSession) Validate(formats strfmt.Registry) error { return nil } +// ContextValidate validates this consent request session based on context it is used +func (m *ConsentRequestSession) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *ConsentRequestSession) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/container_wait_o_k_body_error.go b/internal/httpclient/models/container_wait_o_k_body_error.go index cc8113bb2a5..70637b4ce65 100644 --- a/internal/httpclient/models/container_wait_o_k_body_error.go +++ b/internal/httpclient/models/container_wait_o_k_body_error.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -24,6 +26,11 @@ func (m *ContainerWaitOKBodyError) Validate(formats strfmt.Registry) error { return nil } +// ContextValidate validates this container wait o k body error based on context it is used +func (m *ContainerWaitOKBodyError) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *ContainerWaitOKBodyError) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/create_jwt_bearer_grant_params.go b/internal/httpclient/models/create_jwt_bearer_grant_params.go new file mode 100644 index 00000000000..e13dc07f2fe --- /dev/null +++ b/internal/httpclient/models/create_jwt_bearer_grant_params.go @@ -0,0 +1,179 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + + "github.com/go-openapi/errors" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" + "github.com/go-openapi/validate" +) + +// CreateJwtBearerGrantParams create jwt bearer grant params +// +// swagger:model createJwtBearerGrantParams +type CreateJwtBearerGrantParams struct { + + // The "expires_at" indicates, when grant will expire, so we will reject assertion from "issuer" targeting "subject". + // Required: true + // Format: date-time + ExpiresAt *strfmt.DateTime `json:"expires_at"` + + // The "issuer" identifies the principal that issued the JWT assertion (same as "iss" claim in JWT). + // Example: https://jwt-idp.example.com + // Required: true + Issuer *string `json:"issuer"` + + // jwk + // Required: true + Jwk *JSONWebKey `json:"jwk"` + + // The "scope" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) + // Example: ["openid","offline"] + // Required: true + Scope []string `json:"scope"` + + // The "subject" identifies the principal that is the subject of the JWT. + // Example: mike@example.com + // Required: true + Subject *string `json:"subject"` +} + +// Validate validates this create jwt bearer grant params +func (m *CreateJwtBearerGrantParams) Validate(formats strfmt.Registry) error { + var res []error + + if err := m.validateExpiresAt(formats); err != nil { + res = append(res, err) + } + + if err := m.validateIssuer(formats); err != nil { + res = append(res, err) + } + + if err := m.validateJwk(formats); err != nil { + res = append(res, err) + } + + if err := m.validateScope(formats); err != nil { + res = append(res, err) + } + + if err := m.validateSubject(formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *CreateJwtBearerGrantParams) validateExpiresAt(formats strfmt.Registry) error { + + if err := validate.Required("expires_at", "body", m.ExpiresAt); err != nil { + return err + } + + if err := validate.FormatOf("expires_at", "body", "date-time", m.ExpiresAt.String(), formats); err != nil { + return err + } + + return nil +} + +func (m *CreateJwtBearerGrantParams) validateIssuer(formats strfmt.Registry) error { + + if err := validate.Required("issuer", "body", m.Issuer); err != nil { + return err + } + + return nil +} + +func (m *CreateJwtBearerGrantParams) validateJwk(formats strfmt.Registry) error { + + if err := validate.Required("jwk", "body", m.Jwk); err != nil { + return err + } + + if m.Jwk != nil { + if err := m.Jwk.Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("jwk") + } + return err + } + } + + return nil +} + +func (m *CreateJwtBearerGrantParams) validateScope(formats strfmt.Registry) error { + + if err := validate.Required("scope", "body", m.Scope); err != nil { + return err + } + + return nil +} + +func (m *CreateJwtBearerGrantParams) validateSubject(formats strfmt.Registry) error { + + if err := validate.Required("subject", "body", m.Subject); err != nil { + return err + } + + return nil +} + +// ContextValidate validate this create jwt bearer grant params based on the context it is used +func (m *CreateJwtBearerGrantParams) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateJwk(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *CreateJwtBearerGrantParams) contextValidateJwk(ctx context.Context, formats strfmt.Registry) error { + + if m.Jwk != nil { + if err := m.Jwk.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("jwk") + } + return err + } + } + + return nil +} + +// MarshalBinary interface implementation +func (m *CreateJwtBearerGrantParams) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *CreateJwtBearerGrantParams) UnmarshalBinary(b []byte) error { + var res CreateJwtBearerGrantParams + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/internal/httpclient/models/flush_inactive_jwt_bearer_grants_params.go b/internal/httpclient/models/flush_inactive_jwt_bearer_grants_params.go new file mode 100644 index 00000000000..1a9b09da7ad --- /dev/null +++ b/internal/httpclient/models/flush_inactive_jwt_bearer_grants_params.go @@ -0,0 +1,75 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + + "github.com/go-openapi/errors" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" + "github.com/go-openapi/validate" +) + +// FlushInactiveJwtBearerGrantsParams flush inactive jwt bearer grants params +// +// swagger:model flushInactiveJwtBearerGrantsParams +type FlushInactiveJwtBearerGrantsParams struct { + + // The "notAfter" sets after which point grants should not be flushed. This is useful when you want to keep a history + // of recently added grants. + // Format: date-time + NotAfter strfmt.DateTime `json:"notAfter,omitempty"` +} + +// Validate validates this flush inactive jwt bearer grants params +func (m *FlushInactiveJwtBearerGrantsParams) Validate(formats strfmt.Registry) error { + var res []error + + if err := m.validateNotAfter(formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *FlushInactiveJwtBearerGrantsParams) validateNotAfter(formats strfmt.Registry) error { + if swag.IsZero(m.NotAfter) { // not required + return nil + } + + if err := validate.FormatOf("notAfter", "body", "date-time", m.NotAfter.String(), formats); err != nil { + return err + } + + return nil +} + +// ContextValidate validates this flush inactive jwt bearer grants params based on context it is used +func (m *FlushInactiveJwtBearerGrantsParams) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + +// MarshalBinary interface implementation +func (m *FlushInactiveJwtBearerGrantsParams) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *FlushInactiveJwtBearerGrantsParams) UnmarshalBinary(b []byte) error { + var res FlushInactiveJwtBearerGrantsParams + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/internal/httpclient/models/flush_inactive_o_auth2_tokens_request.go b/internal/httpclient/models/flush_inactive_o_auth2_tokens_request.go index 6bd161403a9..42c82eff485 100644 --- a/internal/httpclient/models/flush_inactive_o_auth2_tokens_request.go +++ b/internal/httpclient/models/flush_inactive_o_auth2_tokens_request.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -38,7 +40,6 @@ func (m *FlushInactiveOAuth2TokensRequest) Validate(formats strfmt.Registry) err } func (m *FlushInactiveOAuth2TokensRequest) validateNotAfter(formats strfmt.Registry) error { - if swag.IsZero(m.NotAfter) { // not required return nil } @@ -50,6 +51,11 @@ func (m *FlushInactiveOAuth2TokensRequest) validateNotAfter(formats strfmt.Regis return nil } +// ContextValidate validates this flush inactive o auth2 tokens request based on context it is used +func (m *FlushInactiveOAuth2TokensRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *FlushInactiveOAuth2TokensRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/generic_error.go b/internal/httpclient/models/generic_error.go index 59282884ae2..7780f99d104 100644 --- a/internal/httpclient/models/generic_error.go +++ b/internal/httpclient/models/generic_error.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -20,16 +22,20 @@ import ( type GenericError struct { // Debug contains debug information. This is usually not available and has to be enabled. + // Example: The database adapter was unable to find the element Debug string `json:"debug,omitempty"` // Name is the error name. + // Example: The requested resource could not be found // Required: true Error *string `json:"error"` // Description contains further information on the nature of the error. + // Example: Object with ID 12345 does not exist ErrorDescription string `json:"error_description,omitempty"` // Code represents the error status code (404, 403, 401, ...). + // Example: 404 StatusCode int64 `json:"status_code,omitempty"` } @@ -56,6 +62,11 @@ func (m *GenericError) validateError(formats strfmt.Registry) error { return nil } +// ContextValidate validates this generic error based on context it is used +func (m *GenericError) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *GenericError) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/health_not_ready_status.go b/internal/httpclient/models/health_not_ready_status.go index 64626783ed4..bab6d3873e8 100644 --- a/internal/httpclient/models/health_not_ready_status.go +++ b/internal/httpclient/models/health_not_ready_status.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -24,6 +26,11 @@ func (m *HealthNotReadyStatus) Validate(formats strfmt.Registry) error { return nil } +// ContextValidate validates this health not ready status based on context it is used +func (m *HealthNotReadyStatus) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *HealthNotReadyStatus) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/health_status.go b/internal/httpclient/models/health_status.go index 60ba32416b0..5525dbc20ea 100644 --- a/internal/httpclient/models/health_status.go +++ b/internal/httpclient/models/health_status.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -24,6 +26,11 @@ func (m *HealthStatus) Validate(formats strfmt.Registry) error { return nil } +// ContextValidate validates this health status based on context it is used +func (m *HealthStatus) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *HealthStatus) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/json_web_key.go b/internal/httpclient/models/json_web_key.go index 737cde8d02d..53f9bca2f92 100644 --- a/internal/httpclient/models/json_web_key.go +++ b/internal/httpclient/models/json_web_key.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -24,25 +26,32 @@ type JSONWebKey struct { // IANA "JSON Web Signature and Encryption Algorithms" registry // established by [JWA] or be a value that contains a Collision- // Resistant Name. + // Example: RS256 // Required: true Alg *string `json:"alg"` // crv + // Example: P-256 Crv string `json:"crv,omitempty"` // d + // Example: T_N8I-6He3M8a7X1vWt6TGIx4xB_GP3Mb4SsZSA4v-orvJzzRiQhLlRR81naWYxfQAYt5isDI6_C2L9bdWo4FFPjGQFvNoRX-_sBJyBI_rl-TBgsZYoUlAj3J92WmY2inbA-PwyJfsaIIDceYBC-eX-xiCu6qMqkZi3MwQAFL6bMdPEM0z4JBcwFT3VdiWAIRUuACWQwrXMq672x7fMuaIaHi7XDGgt1ith23CLfaREmJku9PQcchbt_uEY-hqrFY6ntTtS4paWWQj86xLL94S-Tf6v6xkL918PfLSOTq6XCzxvlFwzBJqApnAhbwqLjpPhgUG04EDRrqrSBc5Y1BLevn6Ip5h1AhessBp3wLkQgz_roeckt-ybvzKTjESMuagnpqLvOT7Y9veIug2MwPJZI2VjczRc1vzMs25XrFQ8DpUy-bNdp89TmvAXwctUMiJdgHloJw23Cv03gIUAkDnsTqZmkpbIf-crpgNKFmQP_EDKoe8p_PXZZgfbRri3NoEVGP7Mk6yEu8LjJhClhZaBNjuWw2-KlBfOA3g79mhfBnkInee5KO9mGR50qPk1V-MorUYNTFMZIm0kFE6eYVWFBwJHLKYhHU34DoiK1VP-svZpC2uAMFNA_UJEwM9CQ2b8qe4-5e9aywMvwcuArRkAB5mBIfOaOJao3mfukKAE D string `json:"d,omitempty"` // dp + // Example: G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oimYwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_NmtuYZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0 Dp string `json:"dp,omitempty"` // dq + // Example: s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUUvMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk Dq string `json:"dq,omitempty"` // e + // Example: AQAB E string `json:"e,omitempty"` // k + // Example: GawgguFyGrWKav7AX4VKUg K string `json:"k,omitempty"` // The "kid" (key ID) parameter is used to match a specific key. This @@ -54,6 +63,7 @@ type JSONWebKey struct { // they have different "kty" (key type) values but are considered to be // equivalent alternatives by the application using them.) The "kid" // value is a case-sensitive string. + // Example: 1603dfe0af8f4596 // Required: true Kid *string `json:"kid"` @@ -62,29 +72,36 @@ type JSONWebKey struct { // either be registered in the IANA "JSON Web Key Types" registry // established by [JWA] or be a value that contains a Collision- // Resistant Name. The "kty" value is a case-sensitive string. + // Example: RSA // Required: true Kty *string `json:"kty"` // n + // Example: vTqrxUyQPl_20aqf5kXHwDZrel-KovIp8s7ewJod2EXHl8tWlRB3_Rem34KwBfqlKQGp1nqah-51H4Jzruqe0cFP58hPEIt6WqrvnmJCXxnNuIB53iX_uUUXXHDHBeaPCSRoNJzNysjoJ30TIUsKBiirhBa7f235PXbKiHducLevV6PcKxJ5cY8zO286qJLBWSPm-OIevwqsIsSIH44Qtm9sioFikhkbLwoqwWORGAY0nl6XvVOlhADdLjBSqSAeT1FPuCDCnXwzCDR8N9IFB_IjdStFkC-rVt2K5BYfPd0c3yFp_vHR15eRd0zJ8XQ7woBC8Vnsac6Et1pKS59pX6256DPWu8UDdEOolKAPgcd_g2NpA76cAaF_jcT80j9KrEzw8Tv0nJBGesuCjPNjGs_KzdkWTUXt23Hn9QJsdc1MZuaW0iqXBepHYfYoqNelzVte117t4BwVp0kUM6we0IqyXClaZgOI8S-WDBw2_Ovdm8e5NmhYAblEVoygcX8Y46oH6bKiaCQfKCFDMcRgChme7AoE1yZZYsPbaG_3IjPrC4LBMHQw8rM9dWjJ8ImjicvZ1pAm0dx-KHCP3y5PVKrxBDf1zSOsBRkOSjB8TPODnJMz6-jd5hTtZxpZPwPoIdCanTZ3ZD6uRBpTmDwtpRGm63UQs1m5FWPwb0T2IF0 N string `json:"n,omitempty"` // p + // Example: 6NbkXwDWUhi-eR55Cgbf27FkQDDWIamOaDr0rj1q0f1fFEz1W5A_09YvG09Fiv1AO2-D8Rl8gS1Vkz2i0zCSqnyy8A025XOcRviOMK7nIxE4OH_PEsko8dtIrb3TmE2hUXvCkmzw9EsTF1LQBOGC6iusLTXepIC1x9ukCKFZQvdgtEObQ5kzd9Nhq-cdqmSeMVLoxPLd1blviVT9Vm8-y12CtYpeJHOaIDtVPLlBhJiBoPKWg3vxSm4XxIliNOefqegIlsmTIa3MpS6WWlCK3yHhat0Q-rRxDxdyiVdG_wzJvp0Iw_2wms7pe-PgNPYvUWH9JphWP5K38YqEBiJFXQ P string `json:"p,omitempty"` // q + // Example: 0A1FmpOWR91_RAWpqreWSavNaZb9nXeKiBo0DQGBz32DbqKqQ8S4aBJmbRhJcctjCLjain-ivut477tAUMmzJwVJDDq2MZFwC9Q-4VYZmFU4HJityQuSzHYe64RjN-E_NQ02TWhG3QGW6roq6c57c99rrUsETwJJiwS8M5p15Miuz53DaOjv-uqqFAFfywN5WkxHbraBcjHtMiQuyQbQqkCFh-oanHkwYNeytsNhTu2mQmwR5DR2roZ2nPiFjC6nsdk-A7E3S3wMzYYFw7jvbWWoYWo9vB40_MY2Y0FYQSqcDzcBIcq_0tnnasf3VW4Fdx6m80RzOb2Fsnln7vKXAQ Q string `json:"q,omitempty"` // qi + // Example: GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzgUIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rxyR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU Qi string `json:"qi,omitempty"` // Use ("public key use") identifies the intended use of // the public key. The "use" parameter is employed to indicate whether // a public key is used for encrypting data or verifying the signature // on data. Values are commonly "sig" (signature) or "enc" (encryption). + // Example: sig // Required: true Use *string `json:"use"` // x + // Example: f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU X string `json:"x,omitempty"` // The "x5c" (X.509 certificate chain) parameter contains a chain of one @@ -97,6 +114,7 @@ type JSONWebKey struct { X5c []string `json:"x5c"` // y + // Example: x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0 Y string `json:"y,omitempty"` } @@ -162,6 +180,11 @@ func (m *JSONWebKey) validateUse(formats strfmt.Registry) error { return nil } +// ContextValidate validates this JSON web key based on context it is used +func (m *JSONWebKey) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *JSONWebKey) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/json_web_key_set.go b/internal/httpclient/models/json_web_key_set.go index 87649fa82c9..cd57ff03687 100644 --- a/internal/httpclient/models/json_web_key_set.go +++ b/internal/httpclient/models/json_web_key_set.go @@ -6,6 +6,7 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" "strconv" "github.com/go-openapi/errors" @@ -45,7 +46,6 @@ func (m *JSONWebKeySet) Validate(formats strfmt.Registry) error { } func (m *JSONWebKeySet) validateKeys(formats strfmt.Registry) error { - if swag.IsZero(m.Keys) { // not required return nil } @@ -69,6 +69,38 @@ func (m *JSONWebKeySet) validateKeys(formats strfmt.Registry) error { return nil } +// ContextValidate validate this JSON web key set based on the context it is used +func (m *JSONWebKeySet) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateKeys(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *JSONWebKeySet) contextValidateKeys(ctx context.Context, formats strfmt.Registry) error { + + for i := 0; i < len(m.Keys); i++ { + + if m.Keys[i] != nil { + if err := m.Keys[i].ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("keys" + "." + strconv.Itoa(i)) + } + return err + } + } + + } + + return nil +} + // MarshalBinary interface implementation func (m *JSONWebKeySet) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/json_web_key_set_generator_request.go b/internal/httpclient/models/json_web_key_set_generator_request.go index 37144b9e72b..3cad47f11d8 100644 --- a/internal/httpclient/models/json_web_key_set_generator_request.go +++ b/internal/httpclient/models/json_web_key_set_generator_request.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -82,6 +84,11 @@ func (m *JSONWebKeySetGeneratorRequest) validateUse(formats strfmt.Registry) err return nil } +// ContextValidate validates this json web key set generator request based on context it is used +func (m *JSONWebKeySetGeneratorRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *JSONWebKeySetGeneratorRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/jwt_bearer_grant.go b/internal/httpclient/models/jwt_bearer_grant.go new file mode 100644 index 00000000000..6455f8521b8 --- /dev/null +++ b/internal/httpclient/models/jwt_bearer_grant.go @@ -0,0 +1,157 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + + "github.com/go-openapi/errors" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" + "github.com/go-openapi/validate" +) + +// JwtBearerGrant jwt bearer grant +// +// swagger:model JwtBearerGrant +type JwtBearerGrant struct { + + // The "created_at" indicates, when grant was created. + // Format: date-time + CreatedAt strfmt.DateTime `json:"created_at,omitempty"` + + // The "expires_at" indicates, when grant will expire, so we will reject assertion from "issuer" targeting "subject". + // Format: date-time + ExpiresAt strfmt.DateTime `json:"expires_at,omitempty"` + + // id + // Example: 9edc811f-4e28-453c-9b46-4de65f00217f + ID string `json:"id,omitempty"` + + // The "issuer" identifies the principal that issued the JWT assertion (same as "iss" claim in JWT). + // Example: https://jwt-idp.example.com + Issuer string `json:"issuer,omitempty"` + + // public key + PublicKey *JwtBearerGrantPublicKey `json:"public_key,omitempty"` + + // The "scope" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) + // Example: ["openid","offline"] + Scope []string `json:"scope"` + + // The "subject" identifies the principal that is the subject of the JWT. + // Example: mike@example.com + Subject string `json:"subject,omitempty"` +} + +// Validate validates this jwt bearer grant +func (m *JwtBearerGrant) Validate(formats strfmt.Registry) error { + var res []error + + if err := m.validateCreatedAt(formats); err != nil { + res = append(res, err) + } + + if err := m.validateExpiresAt(formats); err != nil { + res = append(res, err) + } + + if err := m.validatePublicKey(formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *JwtBearerGrant) validateCreatedAt(formats strfmt.Registry) error { + if swag.IsZero(m.CreatedAt) { // not required + return nil + } + + if err := validate.FormatOf("created_at", "body", "date-time", m.CreatedAt.String(), formats); err != nil { + return err + } + + return nil +} + +func (m *JwtBearerGrant) validateExpiresAt(formats strfmt.Registry) error { + if swag.IsZero(m.ExpiresAt) { // not required + return nil + } + + if err := validate.FormatOf("expires_at", "body", "date-time", m.ExpiresAt.String(), formats); err != nil { + return err + } + + return nil +} + +func (m *JwtBearerGrant) validatePublicKey(formats strfmt.Registry) error { + if swag.IsZero(m.PublicKey) { // not required + return nil + } + + if m.PublicKey != nil { + if err := m.PublicKey.Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("public_key") + } + return err + } + } + + return nil +} + +// ContextValidate validate this jwt bearer grant based on the context it is used +func (m *JwtBearerGrant) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidatePublicKey(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *JwtBearerGrant) contextValidatePublicKey(ctx context.Context, formats strfmt.Registry) error { + + if m.PublicKey != nil { + if err := m.PublicKey.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("public_key") + } + return err + } + } + + return nil +} + +// MarshalBinary interface implementation +func (m *JwtBearerGrant) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *JwtBearerGrant) UnmarshalBinary(b []byte) error { + var res JwtBearerGrant + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/internal/httpclient/models/jwt_bearer_grant_public_key.go b/internal/httpclient/models/jwt_bearer_grant_public_key.go new file mode 100644 index 00000000000..e1a65e08178 --- /dev/null +++ b/internal/httpclient/models/jwt_bearer_grant_public_key.go @@ -0,0 +1,55 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" +) + +// JwtBearerGrantPublicKey jwt bearer grant public key +// +// swagger:model JwtBearerGrantPublicKey +type JwtBearerGrantPublicKey struct { + + // The "key_id" is key unique identifier (same as kid header in jws/jwt). + // Example: 123e4567-e89b-12d3-a456-426655440000 + Kid string `json:"kid,omitempty"` + + // The "set" is basically a name for a group(set) of keys. Will be the same as "issuer" in grant. + // Example: https://jwt-idp.example.com + Set string `json:"set,omitempty"` +} + +// Validate validates this jwt bearer grant public key +func (m *JwtBearerGrantPublicKey) Validate(formats strfmt.Registry) error { + return nil +} + +// ContextValidate validates this jwt bearer grant public key based on context it is used +func (m *JwtBearerGrantPublicKey) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + +// MarshalBinary interface implementation +func (m *JwtBearerGrantPublicKey) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *JwtBearerGrantPublicKey) UnmarshalBinary(b []byte) error { + var res JwtBearerGrantPublicKey + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/internal/httpclient/models/login_request.go b/internal/httpclient/models/login_request.go index 4cf1b2d991b..7148d4cfddc 100644 --- a/internal/httpclient/models/login_request.go +++ b/internal/httpclient/models/login_request.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -133,7 +135,6 @@ func (m *LoginRequest) validateClient(formats strfmt.Registry) error { } func (m *LoginRequest) validateOidcContext(formats strfmt.Registry) error { - if swag.IsZero(m.OidcContext) { // not required return nil } @@ -209,6 +210,84 @@ func (m *LoginRequest) validateSubject(formats strfmt.Registry) error { return nil } +// ContextValidate validate this login request based on the context it is used +func (m *LoginRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateClient(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateOidcContext(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateRequestedAccessTokenAudience(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateRequestedScope(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *LoginRequest) contextValidateClient(ctx context.Context, formats strfmt.Registry) error { + + if m.Client != nil { + if err := m.Client.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("client") + } + return err + } + } + + return nil +} + +func (m *LoginRequest) contextValidateOidcContext(ctx context.Context, formats strfmt.Registry) error { + + if m.OidcContext != nil { + if err := m.OidcContext.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("oidc_context") + } + return err + } + } + + return nil +} + +func (m *LoginRequest) contextValidateRequestedAccessTokenAudience(ctx context.Context, formats strfmt.Registry) error { + + if err := m.RequestedAccessTokenAudience.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("requested_access_token_audience") + } + return err + } + + return nil +} + +func (m *LoginRequest) contextValidateRequestedScope(ctx context.Context, formats strfmt.Registry) error { + + if err := m.RequestedScope.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("requested_scope") + } + return err + } + + return nil +} + // MarshalBinary interface implementation func (m *LoginRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/logout_request.go b/internal/httpclient/models/logout_request.go index df025037502..7450df11727 100644 --- a/internal/httpclient/models/logout_request.go +++ b/internal/httpclient/models/logout_request.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -51,7 +53,6 @@ func (m *LogoutRequest) Validate(formats strfmt.Registry) error { } func (m *LogoutRequest) validateClient(formats strfmt.Registry) error { - if swag.IsZero(m.Client) { // not required return nil } @@ -68,6 +69,34 @@ func (m *LogoutRequest) validateClient(formats strfmt.Registry) error { return nil } +// ContextValidate validate this logout request based on the context it is used +func (m *LogoutRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateClient(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *LogoutRequest) contextValidateClient(ctx context.Context, formats strfmt.Registry) error { + + if m.Client != nil { + if err := m.Client.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("client") + } + return err + } + } + + return nil +} + // MarshalBinary interface implementation func (m *LogoutRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/null_time.go b/internal/httpclient/models/null_time.go index 8997a9ec6b8..1e146a0e9ac 100644 --- a/internal/httpclient/models/null_time.go +++ b/internal/httpclient/models/null_time.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -41,6 +43,11 @@ func (m NullTime) Validate(formats strfmt.Registry) error { return nil } +// ContextValidate validates this null time based on context it is used +func (m NullTime) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *NullTime) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/o_auth2_client.go b/internal/httpclient/models/o_auth2_client.go index 0324fb28bef..f625d8421ec 100644 --- a/internal/httpclient/models/o_auth2_client.go +++ b/internal/httpclient/models/o_auth2_client.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -213,7 +215,6 @@ func (m *OAuth2Client) Validate(formats strfmt.Registry) error { } func (m *OAuth2Client) validateAllowedCorsOrigins(formats strfmt.Registry) error { - if swag.IsZero(m.AllowedCorsOrigins) { // not required return nil } @@ -229,7 +230,6 @@ func (m *OAuth2Client) validateAllowedCorsOrigins(formats strfmt.Registry) error } func (m *OAuth2Client) validateAudience(formats strfmt.Registry) error { - if swag.IsZero(m.Audience) { // not required return nil } @@ -245,7 +245,6 @@ func (m *OAuth2Client) validateAudience(formats strfmt.Registry) error { } func (m *OAuth2Client) validateContacts(formats strfmt.Registry) error { - if swag.IsZero(m.Contacts) { // not required return nil } @@ -261,7 +260,6 @@ func (m *OAuth2Client) validateContacts(formats strfmt.Registry) error { } func (m *OAuth2Client) validateCreatedAt(formats strfmt.Registry) error { - if swag.IsZero(m.CreatedAt) { // not required return nil } @@ -274,7 +272,6 @@ func (m *OAuth2Client) validateCreatedAt(formats strfmt.Registry) error { } func (m *OAuth2Client) validateGrantTypes(formats strfmt.Registry) error { - if swag.IsZero(m.GrantTypes) { // not required return nil } @@ -290,7 +287,6 @@ func (m *OAuth2Client) validateGrantTypes(formats strfmt.Registry) error { } func (m *OAuth2Client) validatePostLogoutRedirectUris(formats strfmt.Registry) error { - if swag.IsZero(m.PostLogoutRedirectUris) { // not required return nil } @@ -306,7 +302,6 @@ func (m *OAuth2Client) validatePostLogoutRedirectUris(formats strfmt.Registry) e } func (m *OAuth2Client) validateRedirectUris(formats strfmt.Registry) error { - if swag.IsZero(m.RedirectUris) { // not required return nil } @@ -322,7 +317,6 @@ func (m *OAuth2Client) validateRedirectUris(formats strfmt.Registry) error { } func (m *OAuth2Client) validateRequestUris(formats strfmt.Registry) error { - if swag.IsZero(m.RequestUris) { // not required return nil } @@ -338,7 +332,6 @@ func (m *OAuth2Client) validateRequestUris(formats strfmt.Registry) error { } func (m *OAuth2Client) validateResponseTypes(formats strfmt.Registry) error { - if swag.IsZero(m.ResponseTypes) { // not required return nil } @@ -354,12 +347,11 @@ func (m *OAuth2Client) validateResponseTypes(formats strfmt.Registry) error { } func (m *OAuth2Client) validateScope(formats strfmt.Registry) error { - if swag.IsZero(m.Scope) { // not required return nil } - if err := validate.Pattern("scope", "body", string(m.Scope), `([a-zA-Z0-9\.\*]+\s?)+`); err != nil { + if err := validate.Pattern("scope", "body", m.Scope, `([a-zA-Z0-9\.\*]+\s?)+`); err != nil { return err } @@ -367,7 +359,6 @@ func (m *OAuth2Client) validateScope(formats strfmt.Registry) error { } func (m *OAuth2Client) validateUpdatedAt(formats strfmt.Registry) error { - if swag.IsZero(m.UpdatedAt) { // not required return nil } @@ -379,6 +370,144 @@ func (m *OAuth2Client) validateUpdatedAt(formats strfmt.Registry) error { return nil } +// ContextValidate validate this o auth2 client based on the context it is used +func (m *OAuth2Client) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateAllowedCorsOrigins(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateAudience(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateContacts(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateGrantTypes(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidatePostLogoutRedirectUris(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateRedirectUris(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateRequestUris(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateResponseTypes(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *OAuth2Client) contextValidateAllowedCorsOrigins(ctx context.Context, formats strfmt.Registry) error { + + if err := m.AllowedCorsOrigins.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("allowed_cors_origins") + } + return err + } + + return nil +} + +func (m *OAuth2Client) contextValidateAudience(ctx context.Context, formats strfmt.Registry) error { + + if err := m.Audience.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("audience") + } + return err + } + + return nil +} + +func (m *OAuth2Client) contextValidateContacts(ctx context.Context, formats strfmt.Registry) error { + + if err := m.Contacts.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("contacts") + } + return err + } + + return nil +} + +func (m *OAuth2Client) contextValidateGrantTypes(ctx context.Context, formats strfmt.Registry) error { + + if err := m.GrantTypes.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("grant_types") + } + return err + } + + return nil +} + +func (m *OAuth2Client) contextValidatePostLogoutRedirectUris(ctx context.Context, formats strfmt.Registry) error { + + if err := m.PostLogoutRedirectUris.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("post_logout_redirect_uris") + } + return err + } + + return nil +} + +func (m *OAuth2Client) contextValidateRedirectUris(ctx context.Context, formats strfmt.Registry) error { + + if err := m.RedirectUris.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("redirect_uris") + } + return err + } + + return nil +} + +func (m *OAuth2Client) contextValidateRequestUris(ctx context.Context, formats strfmt.Registry) error { + + if err := m.RequestUris.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("request_uris") + } + return err + } + + return nil +} + +func (m *OAuth2Client) contextValidateResponseTypes(ctx context.Context, formats strfmt.Registry) error { + + if err := m.ResponseTypes.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("response_types") + } + return err + } + + return nil +} + // MarshalBinary interface implementation func (m *OAuth2Client) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/o_auth2_token_introspection.go b/internal/httpclient/models/o_auth2_token_introspection.go index fb97d72d935..a881a0d3ed2 100644 --- a/internal/httpclient/models/o_auth2_token_introspection.go +++ b/internal/httpclient/models/o_auth2_token_introspection.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -105,6 +107,11 @@ func (m *OAuth2TokenIntrospection) validateActive(formats strfmt.Registry) error return nil } +// ContextValidate validates this o auth2 token introspection based on context it is used +func (m *OAuth2TokenIntrospection) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *OAuth2TokenIntrospection) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/oauth2_token_response.go b/internal/httpclient/models/oauth2_token_response.go index 4aec720a00f..542885008fe 100644 --- a/internal/httpclient/models/oauth2_token_response.go +++ b/internal/httpclient/models/oauth2_token_response.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -39,6 +41,11 @@ func (m *Oauth2TokenResponse) Validate(formats strfmt.Registry) error { return nil } +// ContextValidate validates this oauth2 token response based on context it is used +func (m *Oauth2TokenResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *Oauth2TokenResponse) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/open_id_connect_context.go b/internal/httpclient/models/open_id_connect_context.go index cbfdd337e40..398840441e0 100644 --- a/internal/httpclient/models/open_id_connect_context.go +++ b/internal/httpclient/models/open_id_connect_context.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -59,6 +61,11 @@ func (m *OpenIDConnectContext) Validate(formats strfmt.Registry) error { return nil } +// ContextValidate validates this open ID connect context based on context it is used +func (m *OpenIDConnectContext) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *OpenIDConnectContext) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/patch_document.go b/internal/httpclient/models/patch_document.go index fb3ea3652ef..0f8b9cac0db 100644 --- a/internal/httpclient/models/patch_document.go +++ b/internal/httpclient/models/patch_document.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -21,10 +23,12 @@ type PatchDocument struct { From string `json:"from,omitempty"` // The operation to be performed + // Example: \"replace\ // Required: true Op *string `json:"op"` // A JSON-pointer + // Example: \"/name\ // Required: true Path *string `json:"path"` @@ -68,6 +72,11 @@ func (m *PatchDocument) validatePath(formats strfmt.Registry) error { return nil } +// ContextValidate validates this patch document based on context it is used +func (m *PatchDocument) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *PatchDocument) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/patch_request.go b/internal/httpclient/models/patch_request.go index df227f4b73e..e974c6748e9 100644 --- a/internal/httpclient/models/patch_request.go +++ b/internal/httpclient/models/patch_request.go @@ -6,6 +6,7 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" "strconv" "github.com/go-openapi/errors" @@ -43,3 +44,26 @@ func (m PatchRequest) Validate(formats strfmt.Registry) error { } return nil } + +// ContextValidate validate this patch request based on the context it is used +func (m PatchRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + for i := 0; i < len(m); i++ { + + if m[i] != nil { + if err := m[i].ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName(strconv.Itoa(i)) + } + return err + } + } + + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/internal/httpclient/models/plugin_config.go b/internal/httpclient/models/plugin_config.go index caaeea8e7d6..d062713f842 100644 --- a/internal/httpclient/models/plugin_config.go +++ b/internal/httpclient/models/plugin_config.go @@ -6,6 +6,7 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" "strconv" "github.com/go-openapi/errors" @@ -328,7 +329,6 @@ func (m *PluginConfig) validatePropagatedMount(formats strfmt.Registry) error { } func (m *PluginConfig) validateUser(formats strfmt.Registry) error { - if swag.IsZero(m.User) { // not required return nil } @@ -355,7 +355,6 @@ func (m *PluginConfig) validateWorkDir(formats strfmt.Registry) error { } func (m *PluginConfig) validateRootfs(formats strfmt.Registry) error { - if swag.IsZero(m.Rootfs) { // not required return nil } @@ -372,6 +371,168 @@ func (m *PluginConfig) validateRootfs(formats strfmt.Registry) error { return nil } +// ContextValidate validate this plugin config based on the context it is used +func (m *PluginConfig) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateArgs(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateEnv(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateInterface(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateLinux(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateMounts(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateNetwork(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateUser(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateRootfs(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *PluginConfig) contextValidateArgs(ctx context.Context, formats strfmt.Registry) error { + + if m.Args != nil { + if err := m.Args.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("Args") + } + return err + } + } + + return nil +} + +func (m *PluginConfig) contextValidateEnv(ctx context.Context, formats strfmt.Registry) error { + + for i := 0; i < len(m.Env); i++ { + + if m.Env[i] != nil { + if err := m.Env[i].ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("Env" + "." + strconv.Itoa(i)) + } + return err + } + } + + } + + return nil +} + +func (m *PluginConfig) contextValidateInterface(ctx context.Context, formats strfmt.Registry) error { + + if m.Interface != nil { + if err := m.Interface.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("Interface") + } + return err + } + } + + return nil +} + +func (m *PluginConfig) contextValidateLinux(ctx context.Context, formats strfmt.Registry) error { + + if m.Linux != nil { + if err := m.Linux.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("Linux") + } + return err + } + } + + return nil +} + +func (m *PluginConfig) contextValidateMounts(ctx context.Context, formats strfmt.Registry) error { + + for i := 0; i < len(m.Mounts); i++ { + + if m.Mounts[i] != nil { + if err := m.Mounts[i].ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("Mounts" + "." + strconv.Itoa(i)) + } + return err + } + } + + } + + return nil +} + +func (m *PluginConfig) contextValidateNetwork(ctx context.Context, formats strfmt.Registry) error { + + if m.Network != nil { + if err := m.Network.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("Network") + } + return err + } + } + + return nil +} + +func (m *PluginConfig) contextValidateUser(ctx context.Context, formats strfmt.Registry) error { + + if m.User != nil { + if err := m.User.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("User") + } + return err + } + } + + return nil +} + +func (m *PluginConfig) contextValidateRootfs(ctx context.Context, formats strfmt.Registry) error { + + if m.Rootfs != nil { + if err := m.Rootfs.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("rootfs") + } + return err + } + } + + return nil +} + // MarshalBinary interface implementation func (m *PluginConfig) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_config_args.go b/internal/httpclient/models/plugin_config_args.go index 053450e0ae9..15a65d6994a 100644 --- a/internal/httpclient/models/plugin_config_args.go +++ b/internal/httpclient/models/plugin_config_args.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -96,6 +98,11 @@ func (m *PluginConfigArgs) validateValue(formats strfmt.Registry) error { return nil } +// ContextValidate validates this plugin config args based on context it is used +func (m *PluginConfigArgs) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *PluginConfigArgs) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_config_interface.go b/internal/httpclient/models/plugin_config_interface.go index ccf8fc422dc..73a75d00a44 100644 --- a/internal/httpclient/models/plugin_config_interface.go +++ b/internal/httpclient/models/plugin_config_interface.go @@ -6,6 +6,7 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" "strconv" "github.com/go-openapi/errors" @@ -80,6 +81,38 @@ func (m *PluginConfigInterface) validateTypes(formats strfmt.Registry) error { return nil } +// ContextValidate validate this plugin config interface based on the context it is used +func (m *PluginConfigInterface) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateTypes(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *PluginConfigInterface) contextValidateTypes(ctx context.Context, formats strfmt.Registry) error { + + for i := 0; i < len(m.Types); i++ { + + if m.Types[i] != nil { + if err := m.Types[i].ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("Types" + "." + strconv.Itoa(i)) + } + return err + } + } + + } + + return nil +} + // MarshalBinary interface implementation func (m *PluginConfigInterface) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_config_linux_swagger.go b/internal/httpclient/models/plugin_config_linux_swagger.go index 5671eb4d28a..046ba2ab691 100644 --- a/internal/httpclient/models/plugin_config_linux_swagger.go +++ b/internal/httpclient/models/plugin_config_linux_swagger.go @@ -6,6 +6,7 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" "strconv" "github.com/go-openapi/errors" @@ -97,6 +98,38 @@ func (m *PluginConfigLinux) validateDevices(formats strfmt.Registry) error { return nil } +// ContextValidate validate this plugin config linux based on the context it is used +func (m *PluginConfigLinux) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateDevices(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *PluginConfigLinux) contextValidateDevices(ctx context.Context, formats strfmt.Registry) error { + + for i := 0; i < len(m.Devices); i++ { + + if m.Devices[i] != nil { + if err := m.Devices[i].ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("Devices" + "." + strconv.Itoa(i)) + } + return err + } + } + + } + + return nil +} + // MarshalBinary interface implementation func (m *PluginConfigLinux) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_config_network.go b/internal/httpclient/models/plugin_config_network.go index 5649fd30a9b..89fb2c56807 100644 --- a/internal/httpclient/models/plugin_config_network.go +++ b/internal/httpclient/models/plugin_config_network.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -45,6 +47,11 @@ func (m *PluginConfigNetwork) validateType(formats strfmt.Registry) error { return nil } +// ContextValidate validates this plugin config network based on context it is used +func (m *PluginConfigNetwork) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *PluginConfigNetwork) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_config_rootfs.go b/internal/httpclient/models/plugin_config_rootfs.go index 4497e49a3fe..64d545ac12b 100644 --- a/internal/httpclient/models/plugin_config_rootfs.go +++ b/internal/httpclient/models/plugin_config_rootfs.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -27,6 +29,11 @@ func (m *PluginConfigRootfs) Validate(formats strfmt.Registry) error { return nil } +// ContextValidate validates this plugin config rootfs based on context it is used +func (m *PluginConfigRootfs) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *PluginConfigRootfs) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_config_user.go b/internal/httpclient/models/plugin_config_user.go index 73574d68ff6..610727721e9 100644 --- a/internal/httpclient/models/plugin_config_user.go +++ b/internal/httpclient/models/plugin_config_user.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -27,6 +29,11 @@ func (m *PluginConfigUser) Validate(formats strfmt.Registry) error { return nil } +// ContextValidate validates this plugin config user based on context it is used +func (m *PluginConfigUser) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *PluginConfigUser) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_device.go b/internal/httpclient/models/plugin_device.go index 7a3de422abc..8818e2dd71a 100644 --- a/internal/httpclient/models/plugin_device.go +++ b/internal/httpclient/models/plugin_device.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -96,6 +98,11 @@ func (m *PluginDevice) validateSettable(formats strfmt.Registry) error { return nil } +// ContextValidate validates this plugin device based on context it is used +func (m *PluginDevice) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *PluginDevice) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_env.go b/internal/httpclient/models/plugin_env.go index 6ed6644db68..00c2bcc6d69 100644 --- a/internal/httpclient/models/plugin_env.go +++ b/internal/httpclient/models/plugin_env.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -96,6 +98,11 @@ func (m *PluginEnv) validateValue(formats strfmt.Registry) error { return nil } +// ContextValidate validates this plugin env based on context it is used +func (m *PluginEnv) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *PluginEnv) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_interface_type.go b/internal/httpclient/models/plugin_interface_type.go index d66549040eb..cb3185daba1 100644 --- a/internal/httpclient/models/plugin_interface_type.go +++ b/internal/httpclient/models/plugin_interface_type.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -79,6 +81,11 @@ func (m *PluginInterfaceType) validateVersion(formats strfmt.Registry) error { return nil } +// ContextValidate validates this plugin interface type based on context it is used +func (m *PluginInterfaceType) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *PluginInterfaceType) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_mount.go b/internal/httpclient/models/plugin_mount.go index 41eadd58191..be79d1e16bd 100644 --- a/internal/httpclient/models/plugin_mount.go +++ b/internal/httpclient/models/plugin_mount.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -147,6 +149,11 @@ func (m *PluginMount) validateType(formats strfmt.Registry) error { return nil } +// ContextValidate validates this plugin mount based on context it is used +func (m *PluginMount) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *PluginMount) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_settings.go b/internal/httpclient/models/plugin_settings.go index 4e7d4ba9748..5da66acb905 100644 --- a/internal/httpclient/models/plugin_settings.go +++ b/internal/httpclient/models/plugin_settings.go @@ -6,6 +6,7 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" "strconv" "github.com/go-openapi/errors" @@ -130,6 +131,60 @@ func (m *PluginSettings) validateMounts(formats strfmt.Registry) error { return nil } +// ContextValidate validate this plugin settings based on the context it is used +func (m *PluginSettings) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateDevices(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateMounts(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *PluginSettings) contextValidateDevices(ctx context.Context, formats strfmt.Registry) error { + + for i := 0; i < len(m.Devices); i++ { + + if m.Devices[i] != nil { + if err := m.Devices[i].ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("Devices" + "." + strconv.Itoa(i)) + } + return err + } + } + + } + + return nil +} + +func (m *PluginSettings) contextValidateMounts(ctx context.Context, formats strfmt.Registry) error { + + for i := 0; i < len(m.Mounts); i++ { + + if m.Mounts[i] != nil { + if err := m.Mounts[i].ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("Mounts" + "." + strconv.Itoa(i)) + } + return err + } + } + + } + + return nil +} + // MarshalBinary interface implementation func (m *PluginSettings) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/previous_consent_session.go b/internal/httpclient/models/previous_consent_session.go index b0b0616f356..28e68bad493 100644 --- a/internal/httpclient/models/previous_consent_session.go +++ b/internal/httpclient/models/previous_consent_session.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -73,7 +75,6 @@ func (m *PreviousConsentSession) Validate(formats strfmt.Registry) error { } func (m *PreviousConsentSession) validateConsentRequest(formats strfmt.Registry) error { - if swag.IsZero(m.ConsentRequest) { // not required return nil } @@ -91,7 +92,6 @@ func (m *PreviousConsentSession) validateConsentRequest(formats strfmt.Registry) } func (m *PreviousConsentSession) validateGrantAccessTokenAudience(formats strfmt.Registry) error { - if swag.IsZero(m.GrantAccessTokenAudience) { // not required return nil } @@ -107,7 +107,6 @@ func (m *PreviousConsentSession) validateGrantAccessTokenAudience(formats strfmt } func (m *PreviousConsentSession) validateGrantScope(formats strfmt.Registry) error { - if swag.IsZero(m.GrantScope) { // not required return nil } @@ -123,7 +122,6 @@ func (m *PreviousConsentSession) validateGrantScope(formats strfmt.Registry) err } func (m *PreviousConsentSession) validateHandledAt(formats strfmt.Registry) error { - if swag.IsZero(m.HandledAt) { // not required return nil } @@ -139,7 +137,6 @@ func (m *PreviousConsentSession) validateHandledAt(formats strfmt.Registry) erro } func (m *PreviousConsentSession) validateSession(formats strfmt.Registry) error { - if swag.IsZero(m.Session) { // not required return nil } @@ -156,6 +153,100 @@ func (m *PreviousConsentSession) validateSession(formats strfmt.Registry) error return nil } +// ContextValidate validate this previous consent session based on the context it is used +func (m *PreviousConsentSession) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateConsentRequest(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateGrantAccessTokenAudience(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateGrantScope(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateHandledAt(ctx, formats); err != nil { + res = append(res, err) + } + + if err := m.contextValidateSession(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *PreviousConsentSession) contextValidateConsentRequest(ctx context.Context, formats strfmt.Registry) error { + + if m.ConsentRequest != nil { + if err := m.ConsentRequest.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("consent_request") + } + return err + } + } + + return nil +} + +func (m *PreviousConsentSession) contextValidateGrantAccessTokenAudience(ctx context.Context, formats strfmt.Registry) error { + + if err := m.GrantAccessTokenAudience.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("grant_access_token_audience") + } + return err + } + + return nil +} + +func (m *PreviousConsentSession) contextValidateGrantScope(ctx context.Context, formats strfmt.Registry) error { + + if err := m.GrantScope.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("grant_scope") + } + return err + } + + return nil +} + +func (m *PreviousConsentSession) contextValidateHandledAt(ctx context.Context, formats strfmt.Registry) error { + + if err := m.HandledAt.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("handled_at") + } + return err + } + + return nil +} + +func (m *PreviousConsentSession) contextValidateSession(ctx context.Context, formats strfmt.Registry) error { + + if m.Session != nil { + if err := m.Session.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("session") + } + return err + } + } + + return nil +} + // MarshalBinary interface implementation func (m *PreviousConsentSession) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/reject_request.go b/internal/httpclient/models/reject_request.go index 37c02f35926..42cf41b5228 100644 --- a/internal/httpclient/models/reject_request.go +++ b/internal/httpclient/models/reject_request.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -41,6 +43,11 @@ func (m *RejectRequest) Validate(formats strfmt.Registry) error { return nil } +// ContextValidate validates this reject request based on context it is used +func (m *RejectRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *RejectRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/request_was_handled_response.go b/internal/httpclient/models/request_was_handled_response.go index 1a224f2b3e8..5430cd2ef03 100644 --- a/internal/httpclient/models/request_was_handled_response.go +++ b/internal/httpclient/models/request_was_handled_response.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -45,6 +47,11 @@ func (m *RequestWasHandledResponse) validateRedirectTo(formats strfmt.Registry) return nil } +// ContextValidate validates this request was handled response based on context it is used +func (m *RequestWasHandledResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *RequestWasHandledResponse) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/string_slice_pipe_delimiter.go b/internal/httpclient/models/string_slice_pipe_delimiter.go index c7bc80e83c0..76d7a757791 100644 --- a/internal/httpclient/models/string_slice_pipe_delimiter.go +++ b/internal/httpclient/models/string_slice_pipe_delimiter.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/strfmt" ) @@ -18,3 +20,8 @@ type StringSlicePipeDelimiter []string func (m StringSlicePipeDelimiter) Validate(formats strfmt.Registry) error { return nil } + +// ContextValidate validates this string slice pipe delimiter based on context it is used +func (m StringSlicePipeDelimiter) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} diff --git a/internal/httpclient/models/userinfo_response.go b/internal/httpclient/models/userinfo_response.go index 9b5fb8685fb..a78e76c3204 100644 --- a/internal/httpclient/models/userinfo_response.go +++ b/internal/httpclient/models/userinfo_response.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -78,6 +80,11 @@ func (m *UserinfoResponse) Validate(formats strfmt.Registry) error { return nil } +// ContextValidate validates this userinfo response based on context it is used +func (m *UserinfoResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *UserinfoResponse) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/version.go b/internal/httpclient/models/version.go index 8e687bcb20d..2a92642e537 100644 --- a/internal/httpclient/models/version.go +++ b/internal/httpclient/models/version.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -24,6 +26,11 @@ func (m *Version) Validate(formats strfmt.Registry) error { return nil } +// ContextValidate validates this version based on context it is used +func (m *Version) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *Version) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/volume.go b/internal/httpclient/models/volume.go index f278b8ac30b..a27d9734b32 100644 --- a/internal/httpclient/models/volume.go +++ b/internal/httpclient/models/volume.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -40,7 +42,8 @@ type Volume struct { // Required: true Options map[string]string `json:"Options"` - // The level at which the volume exists. Either `global` for cluster-wide, or `local` for machine level. + // The level at which the volume exists. Either `global` for cluster-wide, + // or `local` for machine level. // Required: true Scope *string `json:"Scope"` @@ -105,6 +108,10 @@ func (m *Volume) validateDriver(formats strfmt.Registry) error { func (m *Volume) validateLabels(formats strfmt.Registry) error { + if err := validate.Required("Labels", "body", m.Labels); err != nil { + return err + } + return nil } @@ -128,6 +135,10 @@ func (m *Volume) validateName(formats strfmt.Registry) error { func (m *Volume) validateOptions(formats strfmt.Registry) error { + if err := validate.Required("Options", "body", m.Options); err != nil { + return err + } + return nil } @@ -141,7 +152,6 @@ func (m *Volume) validateScope(formats strfmt.Registry) error { } func (m *Volume) validateUsageData(formats strfmt.Registry) error { - if swag.IsZero(m.UsageData) { // not required return nil } @@ -158,6 +168,34 @@ func (m *Volume) validateUsageData(formats strfmt.Registry) error { return nil } +// ContextValidate validate this volume based on the context it is used +func (m *Volume) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + var res []error + + if err := m.contextValidateUsageData(ctx, formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *Volume) contextValidateUsageData(ctx context.Context, formats strfmt.Registry) error { + + if m.UsageData != nil { + if err := m.UsageData.ContextValidate(ctx, formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName("UsageData") + } + return err + } + } + + return nil +} + // MarshalBinary interface implementation func (m *Volume) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/volume_usage_data.go b/internal/httpclient/models/volume_usage_data.go index 886190c490b..bfae17367cf 100644 --- a/internal/httpclient/models/volume_usage_data.go +++ b/internal/httpclient/models/volume_usage_data.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -67,6 +69,11 @@ func (m *VolumeUsageData) validateSize(formats strfmt.Registry) error { return nil } +// ContextValidate validates this volume usage data based on context it is used +func (m *VolumeUsageData) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *VolumeUsageData) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/well_known.go b/internal/httpclient/models/well_known.go index ee69ed423c7..a303639ca28 100644 --- a/internal/httpclient/models/well_known.go +++ b/internal/httpclient/models/well_known.go @@ -6,6 +6,8 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( + "context" + "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -21,6 +23,7 @@ import ( type WellKnown struct { // URL of the OP's OAuth 2.0 Authorization Endpoint. + // Example: https://playground.ory.sh/ory-hydra/public/oauth2/auth // Required: true AuthorizationEndpoint *string `json:"authorization_endpoint"` @@ -60,6 +63,7 @@ type WellKnown struct { // URL using the https scheme with no query or fragment component that the OP asserts as its IssuerURL Identifier. // If IssuerURL discovery is supported , this value MUST be identical to the issuer value returned // by WebFinger. This also MUST be identical to the iss Claim value in ID Tokens issued from this IssuerURL. + // Example: https://playground.ory.sh/ory-hydra/public/ // Required: true Issuer *string `json:"issuer"` @@ -70,10 +74,12 @@ type WellKnown struct { // Although some algorithms allow the same key to be used for both signatures and encryption, doing so is // NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used to provide X.509 representations of // keys provided. When used, the bare key values MUST still be present and MUST match those in the certificate. + // Example: https://playground.ory.sh/ory-hydra/public/.well-known/jwks.json // Required: true JwksURI *string `json:"jwks_uri"` // URL of the OP's Dynamic Client Registration Endpoint. + // Example: https://playground.ory.sh/ory-hydra/admin/client RegistrationEndpoint string `json:"registration_endpoint,omitempty"` // JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for Request Objects, @@ -113,6 +119,7 @@ type WellKnown struct { SubjectTypesSupported []string `json:"subject_types_supported"` // URL of the OP's OAuth 2.0 Token Endpoint + // Example: https://playground.ory.sh/ory-hydra/public/oauth2/token // Required: true TokenEndpoint *string `json:"token_endpoint"` @@ -228,6 +235,11 @@ func (m *WellKnown) validateTokenEndpoint(formats strfmt.Registry) error { return nil } +// ContextValidate validates this well known based on context it is used +func (m *WellKnown) ContextValidate(ctx context.Context, formats strfmt.Registry) error { + return nil +} + // MarshalBinary interface implementation func (m *WellKnown) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/spec/api.json b/spec/api.json index 7c55ebf53a2..412ae369dd3 100755 --- a/spec/api.json +++ b/spec/api.json @@ -385,6 +385,234 @@ } } }, + "/grants/jwt-bearer": { + "get": { + "description": "This endpoint returns list of jwt-bearer grants. Grant represents resource owner (RO) permission\nfor client to act on behalf of the RO. In this case client uses jwt to request access token to act as RO.", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "schemes": [ + "http", + "https" + ], + "tags": [ + "admin" + ], + "summary": "Fetch all jwt-bearer grants.", + "operationId": "getJwtBearerGrantList", + "parameters": [ + { + "type": "string", + "description": "If Optional \"issuer\" is supplied, only jwt-bearer grants with this issuer will be returned.", + "name": "issuer", + "in": "query" + } + ], + "responses": { + "200": { + "description": "", + "schema": { + "type": "array", + "items": { + "$ref": "#/definitions/JwtBearerGrant" + } + } + }, + "500": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + } + } + }, + "post": { + "description": "This endpoint is capable of creating a new jwt-bearer Grant, by doing this, we are granting permission for client to\nact on behalf of some resource owner.", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "schemes": [ + "http", + "https" + ], + "tags": [ + "admin" + ], + "summary": "Create a new jwt-bearer Grant.", + "operationId": "createJwtBearerGrant", + "parameters": [ + { + "name": "Body", + "in": "body", + "schema": { + "$ref": "#/definitions/createJwtBearerGrantParams" + } + } + ], + "responses": { + "201": { + "description": "JwtBearerGrant", + "schema": { + "$ref": "#/definitions/JwtBearerGrant" + } + }, + "400": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + }, + "409": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + }, + "500": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + } + } + } + }, + "/grants/jwt-bearer/flush": { + "post": { + "description": "This endpoint flushes expired jwt-bearer grants from the database. You can set a time after which no tokens will be\nnot be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be flushed as they are deleted\nautomatically when performing the refresh flow.", + "consumes": [ + "application/json" + ], + "schemes": [ + "http", + "https" + ], + "tags": [ + "admin" + ], + "summary": "Flush Expired jwt-bearer grants.", + "operationId": "flushInactiveJwtBearerGrants", + "parameters": [ + { + "name": "Body", + "in": "body", + "schema": { + "$ref": "#/definitions/flushInactiveJwtBearerGrantsParams" + } + } + ], + "responses": { + "204": { + "description": "Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is\ntypically 201." + }, + "500": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + } + } + } + }, + "/grants/jwt-bearer/{id}": { + "get": { + "description": "This endpoint returns jwt-bearer grant, identified by grant ID. Grant represents resource owner (RO) permission\nfor client to act on behalf of the RO. In this case client uses jwt to request access token to act as RO.", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "schemes": [ + "http", + "https" + ], + "tags": [ + "admin" + ], + "summary": "Fetch jwt-bearer grant information.", + "operationId": "getJwtBearerGrant", + "parameters": [ + { + "type": "string", + "description": "The id of the desired grant", + "name": "id", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "JwtBearerGrant", + "schema": { + "$ref": "#/definitions/JwtBearerGrant" + } + }, + "404": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + }, + "500": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + } + } + }, + "delete": { + "description": "This endpoint will delete jwt-bearer grant, identified by grant ID, so client won't be able to represent\nresource owner (which granted permission), using this grant anymore. All associated public keys with grant\nwill also be deleted.", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "schemes": [ + "http", + "https" + ], + "tags": [ + "admin" + ], + "summary": "Delete jwt-bearer grant.", + "operationId": "deleteJwtBearerGrant", + "parameters": [ + { + "type": "string", + "description": "The id of the desired grant", + "name": "id", + "in": "path", + "required": true + } + ], + "responses": { + "204": { + "description": "Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is\ntypically 201." + }, + "404": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + }, + "500": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + } + } + } + }, "/health/alive": { "get": { "description": "This endpoint returns a 200 status code when the HTTP server is up running.\nThis status does currently not include checks whether the database connection is working.\n\nIf the service supports TLS Edge Termination, this endpoint does not require the\n`X-Forwarded-Proto` header to be set.\n\nBe aware that if you are running multiple nodes of this service, the health status will never\nrefer to the cluster state, only to a single instance.", @@ -2024,6 +2252,64 @@ "JoseJSONWebKeySet": { "type": "object" }, + "JwtBearerGrant": { + "type": "object", + "properties": { + "created_at": { + "description": "The \"created_at\" indicates, when grant was created.", + "type": "string", + "format": "date-time" + }, + "expires_at": { + "description": "The \"expires_at\" indicates, when grant will expire, so we will reject assertion from \"issuer\" targeting \"subject\".", + "type": "string", + "format": "date-time" + }, + "id": { + "type": "string", + "example": "9edc811f-4e28-453c-9b46-4de65f00217f" + }, + "issuer": { + "description": "The \"issuer\" identifies the principal that issued the JWT assertion (same as \"iss\" claim in JWT).", + "type": "string", + "example": "https://jwt-idp.example.com" + }, + "public_key": { + "$ref": "#/definitions/JwtBearerGrantPublicKey" + }, + "scope": { + "description": "The \"scope\" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749])", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "openid", + "offline" + ] + }, + "subject": { + "description": "The \"subject\" identifies the principal that is the subject of the JWT.", + "type": "string", + "example": "mike@example.com" + } + } + }, + "JwtBearerGrantPublicKey": { + "type": "object", + "properties": { + "kid": { + "description": "The \"key_id\" is key unique identifier (same as kid header in jws/jwt).", + "type": "string", + "example": "123e4567-e89b-12d3-a456-426655440000" + }, + "set": { + "description": "The \"set\" is basically a name for a group(set) of keys. Will be the same as \"issuer\" in grant.", + "type": "string", + "example": "https://jwt-idp.example.com" + } + } + }, "NullTime": { "type": "string", "format": "date-time", @@ -2501,7 +2787,7 @@ } }, "Scope": { - "description": "The level at which the volume exists. Either `global` for cluster-wide, or `local` for machine level.", + "description": "The level at which the volume exists. Either `global` for cluster-wide,\nor `local` for machine level.", "type": "string" }, "Status": { @@ -2675,6 +2961,57 @@ } } }, + "createJwtBearerGrantParams": { + "type": "object", + "required": [ + "issuer", + "subject", + "scope", + "jwk", + "expires_at" + ], + "properties": { + "expires_at": { + "description": "The \"expires_at\" indicates, when grant will expire, so we will reject assertion from \"issuer\" targeting \"subject\".", + "type": "string", + "format": "date-time" + }, + "issuer": { + "description": "The \"issuer\" identifies the principal that issued the JWT assertion (same as \"iss\" claim in JWT).", + "type": "string", + "example": "https://jwt-idp.example.com" + }, + "jwk": { + "$ref": "#/definitions/JSONWebKey" + }, + "scope": { + "description": "The \"scope\" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749])", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "openid", + "offline" + ] + }, + "subject": { + "description": "The \"subject\" identifies the principal that is the subject of the JWT.", + "type": "string", + "example": "mike@example.com" + } + } + }, + "flushInactiveJwtBearerGrantsParams": { + "type": "object", + "properties": { + "notAfter": { + "description": "The \"notAfter\" sets after which point grants should not be flushed. This is useful when you want to keep a history\nof recently added grants.", + "type": "string", + "format": "date-time" + } + } + }, "flushInactiveOAuth2TokensRequest": { "type": "object", "properties": { From 9ee32ca92e0c7e61cb28cccd51cf1febe3e80a0e Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Fri, 28 May 2021 15:59:08 +0300 Subject: [PATCH 19/49] test(jwtbearer): add handler tests --- grant/jwtbearer/handler_test.go | 279 ++++++++++++++++++++++++++++++++ 1 file changed, 279 insertions(+) create mode 100644 grant/jwtbearer/handler_test.go diff --git a/grant/jwtbearer/handler_test.go b/grant/jwtbearer/handler_test.go new file mode 100644 index 00000000000..01044dbb38f --- /dev/null +++ b/grant/jwtbearer/handler_test.go @@ -0,0 +1,279 @@ +package jwtbearer_test + +import ( + "crypto/rand" + "crypto/rsa" + "net/http" + "net/http/httptest" + "testing" + "time" + + "github.com/go-openapi/strfmt" + "github.com/google/uuid" + "github.com/ory/hydra/driver" + "github.com/ory/hydra/jwk" + "github.com/stretchr/testify/suite" + "gopkg.in/square/go-jose.v2" + + "github.com/ory/hydra/driver/config" + "github.com/ory/hydra/grant/jwtbearer" + "github.com/ory/hydra/internal" + hydra "github.com/ory/hydra/internal/httpclient/client" + "github.com/ory/hydra/internal/httpclient/client/admin" + "github.com/ory/hydra/internal/httpclient/models" + "github.com/ory/hydra/x" + "github.com/ory/x/urlx" +) + +// Define the suite, and absorb the built-in basic suite +// functionality from testify - including a T() method which +// returns the current testing context. +type HandlerTestSuite struct { + suite.Suite + registry driver.Registry + server *httptest.Server + hydraClient *hydra.OryHydra + publicKey *rsa.PublicKey +} + +// Setup will run before the tests in the suite are run. +func (s *HandlerTestSuite) SetupSuite() { + conf := internal.NewConfigurationWithDefaults() + conf.MustSet(config.KeySubjectTypesSupported, []string{"public"}) + conf.MustSet(config.KeyDefaultClientScope, []string{"foo", "bar"}) + s.registry = internal.NewRegistryMemory(s.T(), conf) + + router := x.NewRouterAdmin() + handler := jwtbearer.NewHandler(s.registry) + handler.SetRoutes(router) + jwkHandler := jwk.NewHandler(s.registry, conf) + jwkHandler.SetRoutes(router, x.NewRouterPublic(), func(h http.Handler) http.Handler { + return h + }) + s.server = httptest.NewServer(router) + + s.hydraClient = hydra.NewHTTPClientWithConfig(nil, &hydra.TransportConfig{Schemes: []string{"http"}, Host: urlx.ParseOrPanic(s.server.URL).Host}) + s.publicKey = s.generatePublicKey() +} + +// Setup before each test. +func (s *HandlerTestSuite) SetupTest() { +} + +// Will run after all the tests in the suite have been run. +func (s *HandlerTestSuite) TearDownSuite() { +} + +// Will run after each test in the suite. +func (s *HandlerTestSuite) TearDownTest() { + internal.CleanAndMigrate(s.registry)(s.T()) +} + +// In order for 'go test' to run this suite, we need to create +// a normal test function and pass our suite to suite.Run. +func TestHandlerTestSuite(t *testing.T) { + suite.Run(t, new(HandlerTestSuite)) +} + +func (s *HandlerTestSuite) TestGrantCanBeCreatedAndFetched() { + createRequestParams := s.newCreateJwtBearerGrantParams( + "ory", + "hackerman@example.com", + []string{"openid", "offline", "profile"}, + time.Now().Add(time.Hour), + ) + model := createRequestParams.Body + + createResult, err := s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + + s.Require().NoError(err, "no errors expected on grant creation") + s.NotEmpty(createResult.Payload.ID, " grant id expected to be non-empty") + s.Equal(*model.Issuer, createResult.Payload.Issuer, "issuer must match") + s.Equal(*model.Subject, createResult.Payload.Subject, "subject must match") + s.Equal(model.Scope, createResult.Payload.Scope, "scopes must match") + s.Equal(*model.Issuer, createResult.Payload.PublicKey.Set, "public key set must match grant issuer") + s.Equal(*model.Jwk.Kid, createResult.Payload.PublicKey.Kid, "public key id must match") + s.Equal(model.ExpiresAt.String(), createResult.Payload.ExpiresAt.String(), "expiration date must match") + + getRequestParams := admin.NewGetJwtBearerGrantParams() + getRequestParams.ID = createResult.Payload.ID + getResult, err := s.hydraClient.Admin.GetJwtBearerGrant(getRequestParams) + + s.Require().NoError(err, "no errors expected on grant fetching") + s.Equal(getRequestParams.ID, getResult.Payload.ID, " grant id must match") + s.Equal(*model.Issuer, getResult.Payload.Issuer, "issuer must match") + s.Equal(*model.Subject, getResult.Payload.Subject, "subject must match") + s.Equal(model.Scope, getResult.Payload.Scope, "scopes must match") + s.Equal(*model.Issuer, getResult.Payload.PublicKey.Set, "public key set must match grant issuer") + s.Equal(*model.Jwk.Kid, getResult.Payload.PublicKey.Kid, "public key id must match") + s.Equal(model.ExpiresAt.String(), getResult.Payload.ExpiresAt.String(), "expiration date must match") +} + +func (s *HandlerTestSuite) TestGrantCanNotBeCreatedWithSameIssuerSubjectKey() { + createRequestParams := s.newCreateJwtBearerGrantParams( + "ory", + "hackerman@example.com", + []string{"openid", "offline", "profile"}, + time.Now().Add(time.Hour), + ) + + _, err := s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + s.Require().NoError(err, "no errors expected on grant creation") + + _, err = s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + s.Require().Error(err, "expected error, because grant with same issuer+subject+kid exists") + + kid := uuid.New().String() + createRequestParams.Body.Jwk.Kid = &kid + _, err = s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + s.NoError(err, "no errors expected on grant creation, because kid is now different") +} + +func (s *HandlerTestSuite) TestGrantCanNotBeCreatedWithMissingFields() { + createRequestParams := s.newCreateJwtBearerGrantParams( + "", + "hackerman@example.com", + []string{"openid", "offline", "profile"}, + time.Now().Add(time.Hour), + ) + + _, err := s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + s.Require().Error(err, "expected error, because grant missing issuer") + + createRequestParams = s.newCreateJwtBearerGrantParams( + "ory", + "", + []string{"openid", "offline", "profile"}, + time.Now().Add(time.Hour), + ) + + _, err = s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + s.Require().Error(err, "expected error, because grant missing subject") + + createRequestParams = s.newCreateJwtBearerGrantParams( + "ory", + "hackerman@example.com", + []string{"openid", "offline", "profile"}, + time.Time{}, + ) + + _, err = s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + s.Error(err, "expected error, because grant missing expiration date") +} + +func (s *HandlerTestSuite) TestGrantPublicCanBeFetched() { + createRequestParams := s.newCreateJwtBearerGrantParams( + "ory", + "hackerman@example.com", + []string{"openid", "offline", "profile"}, + time.Now().Add(time.Hour), + ) + model := createRequestParams.Body + + _, err := s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + s.Require().NoError(err, "no error expected on grant creation") + + getJWKRequestParams := admin.NewGetJSONWebKeyParams() + getJWKRequestParams.Kid = *model.Jwk.Kid + getJWKRequestParams.Set = *model.Issuer + + getResult, err := s.hydraClient.Admin.GetJSONWebKey(getJWKRequestParams) + + s.Require().NoError(err, "no error expected on fetching public key") + s.Equal(*model.Jwk.Kid, *getResult.Payload.Keys[0].Kid) +} + +func (s *HandlerTestSuite) TestGrantListCanBeFetched() { + createRequestParams := s.newCreateJwtBearerGrantParams( + "ory", + "hackerman@example.com", + []string{"openid", "offline", "profile"}, + time.Now().Add(time.Hour), + ) + createRequestParams2 := s.newCreateJwtBearerGrantParams( + "ory2", + "safetyman@example.com", + []string{"profile"}, + time.Now().Add(time.Hour), + ) + + _, err := s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + s.Require().NoError(err, "no errors expected on grant creation") + + _, err = s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams2) + s.Require().NoError(err, "no errors expected on grant creation") + + getRequestParams := admin.NewGetJwtBearerGrantListParams() + getResult, err := s.hydraClient.Admin.GetJwtBearerGrantList(getRequestParams) + + s.Require().NoError(err, "no errors expected on grant list fetching") + s.Len(getResult.Payload, 2, "expected to get list of 2 grants") + + getRequestParams.Issuer = createRequestParams2.Body.Issuer + getResult, err = s.hydraClient.Admin.GetJwtBearerGrantList(getRequestParams) + + s.Require().NoError(err, "no errors expected on grant list fetching") + s.Len(getResult.Payload, 1, "expected to get list of 1 grant, when filtering by issuer") + s.Equal(*createRequestParams2.Body.Issuer, getResult.Payload[0].Issuer, "issuer must match") +} + +func (s *HandlerTestSuite) TestGrantCanBeDeleted() { + createRequestParams := s.newCreateJwtBearerGrantParams( + "ory", + "hackerman@example.com", + []string{"openid", "offline", "profile"}, + time.Now().Add(time.Hour), + ) + + createResult, err := s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + s.Require().NoError(err, "no errors expected on grant creation") + + deleteRequestParams := admin.NewDeleteJwtBearerGrantParams() + deleteRequestParams.ID = createResult.Payload.ID + _, err = s.hydraClient.Admin.DeleteJwtBearerGrant(deleteRequestParams) + + s.Require().NoError(err, "no errors expected on grant deletion") + + _, err = s.hydraClient.Admin.DeleteJwtBearerGrant(deleteRequestParams) + s.Error(err, "expected error, because grant has been already deleted") +} + +func (s *HandlerTestSuite) generateJWK(publicKey *rsa.PublicKey) *models.JSONWebKey { + jwk := jose.JSONWebKey{ + Key: publicKey, + KeyID: uuid.New().String(), + Algorithm: string(jose.RS256), + Use: "sig", + } + b, err := jwk.MarshalJSON() + s.Require().NoError(err) + + mJWK := &models.JSONWebKey{} + err = mJWK.UnmarshalBinary(b) + s.Require().NoError(err) + + return mJWK +} + +func (s *HandlerTestSuite) newCreateJwtBearerGrantParams( + issuer, subject string, scope []string, expiresAt time.Time, +) *admin.CreateJwtBearerGrantParams { + createRequestParams := admin.NewCreateJwtBearerGrantParams() + exp := strfmt.DateTime(expiresAt.UTC().Round(time.Second)) + model := &models.CreateJwtBearerGrantParams{ + ExpiresAt: &exp, + Issuer: &issuer, + Jwk: s.generateJWK(s.publicKey), + Scope: scope, + Subject: &subject, + } + createRequestParams.SetBody(model) + + return createRequestParams +} + +func (s *HandlerTestSuite) generatePublicKey() *rsa.PublicKey { + privateKey, err := rsa.GenerateKey(rand.Reader, 2048) + s.Require().NoError(err) + return &privateKey.PublicKey +} From 84cba23aae2ca2a0f8ea674d0071bf510645205d Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Tue, 13 Jul 2021 15:42:56 +0200 Subject: [PATCH 20/49] feat: code review --- README.md | 25 +- cypress/integration/admin/grant_jwtbearer.js | 16 +- docs/docs/advanced.md | 122 +----- .../guides/oauth2-grant-type-jwt-bearer.mdx | 333 ++++++++++++--- docs/sidebar.json | 1 + grant/jwtbearer/doc.go | 48 ++- grant/jwtbearer/handler.go | 52 ++- grant/jwtbearer/handler_test.go | 49 +-- .../accept_consent_request_parameters.go | 49 +-- .../admin/accept_login_request_parameters.go | 49 +-- .../admin/accept_logout_request_parameters.go | 45 +- .../httpclient/client/admin/admin_client.go | 302 ++++++------- .../create_json_web_key_set_parameters.go | 50 +-- .../create_jwt_bearer_grant_parameters.go | 148 ------- .../create_jwt_bearer_grant_responses.go | 181 -------- .../admin/create_o_auth2_client_parameters.go | 45 +- .../admin/delete_json_web_key_parameters.go | 51 +-- .../delete_json_web_key_set_parameters.go | 46 +- .../delete_jwt_bearer_grant_parameters.go | 149 ------- .../delete_jwt_bearer_grant_responses.go | 133 ------ .../admin/delete_o_auth2_client_parameters.go | 46 +- .../admin/delete_o_auth2_token_parameters.go | 45 +- ...ete_trusted_jwt_grant_issuer_parameters.go | 135 ++++++ ...lete_trusted_jwt_grant_issuer_responses.go | 136 ++++++ ...h_inactive_jwt_bearer_grants_parameters.go | 45 +- ...sh_inactive_jwt_bearer_grants_responses.go | 10 +- ...lush_inactive_o_auth2_tokens_parameters.go | 45 +- .../admin/get_consent_request_parameters.go | 45 +- .../admin/get_json_web_key_parameters.go | 51 +-- .../admin/get_json_web_key_set_parameters.go | 46 +- .../get_jwt_bearer_grant_list_parameters.go | 161 ------- .../get_jwt_bearer_grant_list_responses.go | 103 ----- .../admin/get_jwt_bearer_grant_parameters.go | 149 ------- .../admin/get_jwt_bearer_grant_responses.go | 143 ------- .../admin/get_login_request_parameters.go | 45 +- .../admin/get_logout_request_parameters.go | 45 +- .../admin/get_o_auth2_client_parameters.go | 46 +- ...get_trusted_jwt_grant_issuer_parameters.go | 135 ++++++ .../get_trusted_jwt_grant_issuer_responses.go | 147 +++++++ .../client/admin/get_version_parameters.go | 42 +- .../client/admin/get_version_responses.go | 6 +- .../introspect_o_auth2_token_parameters.go | 56 +-- .../admin/is_instance_alive_parameters.go | 42 +- .../admin/list_o_auth2_clients_parameters.go | 61 +-- ...ist_subject_consent_sessions_parameters.go | 45 +- ...st_trusted_jwt_grant_issuers_parameters.go | 211 +++++++++ ...ist_trusted_jwt_grant_issuers_responses.go | 106 +++++ .../admin/patch_o_auth2_client_parameters.go | 48 +-- .../client/admin/prometheus_parameters.go | 42 +- .../client/admin/prometheus_responses.go | 7 +- .../reject_consent_request_parameters.go | 49 +-- .../admin/reject_login_request_parameters.go | 49 +-- .../admin/reject_logout_request_parameters.go | 49 +-- ...evoke_authentication_session_parameters.go | 45 +- .../revoke_consent_sessions_parameters.go | 63 +-- .../trust_jwt_grant_issuer_parameters.go | 135 ++++++ .../admin/trust_jwt_grant_issuer_responses.go | 186 ++++++++ .../admin/update_json_web_key_parameters.go | 55 +-- .../update_json_web_key_set_parameters.go | 50 +-- .../admin/update_o_auth2_client_parameters.go | 48 +-- .../public/disconnect_user_parameters.go | 42 +- .../public/disconnect_user_responses.go | 7 +- ...scover_open_id_configuration_parameters.go | 42 +- .../public/is_instance_ready_parameters.go | 42 +- .../public/is_instance_ready_responses.go | 9 +- .../client/public/oauth2_token_parameters.go | 60 +-- .../client/public/oauth_auth_parameters.go | 42 +- .../public/revoke_o_auth2_token_parameters.go | 44 +- .../client/public/userinfo_parameters.go | 42 +- .../client/public/well_known_parameters.go | 42 +- .../models/accept_consent_request.go | 82 +--- .../httpclient/models/accept_login_request.go | 7 - .../httpclient/models/completed_request.go | 7 - internal/httpclient/models/consent_request.go | 84 +--- .../models/consent_request_session.go | 7 - .../models/container_wait_o_k_body_error.go | 7 - ...flush_inactive_jwt_bearer_grants_params.go | 8 +- .../flush_inactive_o_auth2_tokens_request.go | 8 +- internal/httpclient/models/generic_error.go | 90 ++++ .../models/health_not_ready_status.go | 7 - internal/httpclient/models/health_status.go | 7 - internal/httpclient/models/json_web_key.go | 23 - .../httpclient/models/json_web_key_set.go | 34 +- .../json_web_key_set_generator_request.go | 7 - internal/httpclient/models/login_request.go | 81 +--- internal/httpclient/models/logout_request.go | 31 +- internal/httpclient/models/null_time.go | 7 - internal/httpclient/models/o_auth2_client.go | 153 +------ .../models/o_auth2_token_introspection.go | 7 - .../models/oauth2_token_response.go | 7 - .../models/open_id_connect_context.go | 7 - internal/httpclient/models/patch_document.go | 9 - internal/httpclient/models/patch_request.go | 24 -- internal/httpclient/models/plugin_config.go | 165 +------- .../httpclient/models/plugin_config_args.go | 7 - .../models/plugin_config_interface.go | 33 -- .../models/plugin_config_linux_swagger.go | 33 -- .../models/plugin_config_network.go | 7 - .../httpclient/models/plugin_config_rootfs.go | 7 - .../httpclient/models/plugin_config_user.go | 7 - internal/httpclient/models/plugin_device.go | 7 - internal/httpclient/models/plugin_env.go | 7 - .../models/plugin_interface_type.go | 7 - internal/httpclient/models/plugin_mount.go | 7 - internal/httpclient/models/plugin_settings.go | 55 --- .../models/previous_consent_session.go | 101 +---- internal/httpclient/models/reject_request.go | 7 - .../models/request_was_handled_response.go | 7 - .../models/string_slice_pipe_delimiter.go | 7 - ...rams.go => trust_jwt_grant_issuer_body.go} | 59 +-- ..._public_key.go => trusted_json_web_key.go} | 25 +- ...r_grant.go => trusted_jwt_grant_issuer.go} | 61 +-- .../models/trusted_jwt_grant_issuers.go | 45 ++ .../httpclient/models/userinfo_response.go | 7 - internal/httpclient/models/version.go | 7 - internal/httpclient/models/volume.go | 42 +- .../httpclient/models/volume_usage_data.go | 7 - internal/httpclient/models/well_known.go | 12 - spec/api.json | 400 +++++++++++++++++- 119 files changed, 2987 insertions(+), 4085 deletions(-) delete mode 100644 internal/httpclient/client/admin/create_jwt_bearer_grant_parameters.go delete mode 100644 internal/httpclient/client/admin/create_jwt_bearer_grant_responses.go delete mode 100644 internal/httpclient/client/admin/delete_jwt_bearer_grant_parameters.go delete mode 100644 internal/httpclient/client/admin/delete_jwt_bearer_grant_responses.go create mode 100644 internal/httpclient/client/admin/delete_trusted_jwt_grant_issuer_parameters.go create mode 100644 internal/httpclient/client/admin/delete_trusted_jwt_grant_issuer_responses.go delete mode 100644 internal/httpclient/client/admin/get_jwt_bearer_grant_list_parameters.go delete mode 100644 internal/httpclient/client/admin/get_jwt_bearer_grant_list_responses.go delete mode 100644 internal/httpclient/client/admin/get_jwt_bearer_grant_parameters.go delete mode 100644 internal/httpclient/client/admin/get_jwt_bearer_grant_responses.go create mode 100644 internal/httpclient/client/admin/get_trusted_jwt_grant_issuer_parameters.go create mode 100644 internal/httpclient/client/admin/get_trusted_jwt_grant_issuer_responses.go create mode 100644 internal/httpclient/client/admin/list_trusted_jwt_grant_issuers_parameters.go create mode 100644 internal/httpclient/client/admin/list_trusted_jwt_grant_issuers_responses.go create mode 100644 internal/httpclient/client/admin/trust_jwt_grant_issuer_parameters.go create mode 100644 internal/httpclient/client/admin/trust_jwt_grant_issuer_responses.go create mode 100644 internal/httpclient/models/generic_error.go rename internal/httpclient/models/{create_jwt_bearer_grant_params.go => trust_jwt_grant_issuer_body.go} (61%) rename internal/httpclient/models/{jwt_bearer_grant_public_key.go => trusted_json_web_key.go} (51%) rename internal/httpclient/models/{jwt_bearer_grant.go => trusted_jwt_grant_issuer.go} (61%) create mode 100644 internal/httpclient/models/trusted_jwt_grant_issuers.go diff --git a/README.md b/README.md index d8ecef313c1..fe16e07865b 100644 --- a/README.md +++ b/README.md @@ -183,7 +183,7 @@ that your company deserves a spot here, reach out to DataDetect Datadetect unifiedglobalarchiving.com/data-detect/ - + Adopter * Sainsbury's @@ -201,7 +201,7 @@ that your company deserves a spot here, reach out to Reyah Reyah reyah.eu - + Adopter * Zero @@ -239,26 +239,6 @@ TheCrealm. \* Uses one of Ory's major projects in production. - - - - - - - - - - - - - - - - - - - - ### OAuth2 and OpenID Connect: Open Standards! @@ -270,6 +250,7 @@ ORY Hydra implements Open Standards set by the IETF: * [OAuth 2.0 Token Introspection](https://tools.ietf.org/html/rfc7662) * [OAuth 2.0 for Native Apps](https://tools.ietf.org/html/draft-ietf-oauth-native-apps-10) * [Proof Key for Code Exchange by OAuth Public Clients](https://tools.ietf.org/html/rfc7636) +* [JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants](https://tools.ietf.org/html/rfc7523) and the OpenID Foundation: diff --git a/cypress/integration/admin/grant_jwtbearer.js b/cypress/integration/admin/grant_jwtbearer.js index 0979b29d5d3..ae0636d93b2 100644 --- a/cypress/integration/admin/grant_jwtbearer.js +++ b/cypress/integration/admin/grant_jwtbearer.js @@ -1,8 +1,8 @@ describe('The JWT-Bearer Grants Admin Interface', () => { let d = Cypress.moment().add(1, 'year').milliseconds(0).utc() - const newGrant = () => ({ - issuer: 'token-service', - subject: 'bob@example.com', + const newGrant = (issuer = 'token-service', subject = 'bob@example.com') => ({ + issuer, + subject, expires_at: d.toISOString(), scope: ['openid', 'offline'], jwk: { @@ -16,6 +16,15 @@ describe('The JWT-Bearer Grants Admin Interface', () => { } }) + beforeEach(() => { + // Delete all grants + cy.request('DELETE', Cypress.env('admin_url') + '/grants/jwt-bearer').then( + (response) => { + expect(response.body).to.length(1) + } + ) + }) + it('should return newly created jwt-bearer grant and grant can be retrieved later', () => { const grant = newGrant() const start = Cypress.moment().subtract(1, 'minutes').utc() @@ -51,6 +60,7 @@ describe('The JWT-Bearer Grants Admin Interface', () => { }) it('should return newly created jwt-bearer grant in grants list', () => { + // We have exactly one grant cy.request('GET', Cypress.env('admin_url') + '/grants/jwt-bearer').then( (response) => { expect(response.body).to.length(1) diff --git a/docs/docs/advanced.md b/docs/docs/advanced.md index 5cc7c04fe2e..b9d60b7fc52 100644 --- a/docs/docs/advanced.md +++ b/docs/docs/advanced.md @@ -186,126 +186,8 @@ compatibility): ### OAuth 2.0 Client Authentication with private/public keypairs -ORY Hydra supports OAuth 2.0 Client Authentication with RSA and ECDSA -private/public keypairs with currently supported signing algorithms: - -- RS256 (default), RS384, RS512 -- PS256, PS384, PS512 -- ES256, ES384, ES512 - -This authentication method replaces the classic HTTP Basic Authorization and -HTTP POST Authorization schemes. Instead of sending the `client_id` and -`client_secret`, you authenticate the client with a signed JSON Web Token. - -To enable this feature for a specific OAuth 2.0 Client, you must set -`token_endpoint_auth_method` to `private_key_jwt` and register the public key of -the RSA/ECDSA signing key either using the `jwks_uri` or `jwks` fields of the -client. - -When authenticating the client at the token endpoint, you generate and sign -(with the RSA/ECDSA private key) a JSON Web Token with the following claims: - -- `iss`: REQUIRED. Issuer. This MUST contain the client_id of the OAuth Client. -- `sub`: REQUIRED. Subject. This MUST contain the client_id of the OAuth Client. -- `aud`: REQUIRED. Audience. The aud (audience) Claim. Value that identifies the - Authorization Server (ORY Hydra) as an intended audience. The Authorization - Server MUST verify that it is an intended audience for the token. The Audience - SHOULD be the URL of the Authorization Server's Token Endpoint. -- `jti`: REQUIRED. JWT ID. A unique identifier for the token, which can be used - to prevent reuse of the token. These tokens MUST only be used once, unless - conditions for reuse were negotiated between the parties; any such negotiation - is beyond the scope of this specification. -- `exp`: REQUIRED. Expiration time on or after which the ID Token MUST NOT be - accepted for processing. -- `iat`: OPTIONAL. Time at which the JWT was issued. - -When making a request to the `/oauth2/token` endpoint, you include -`client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer` -and `client_assertion=` in the request body: - -``` -POST /oauth2/token HTTP/1.1 -Host: my-hydra.com -Content-Type: application/x-www-form-urlencoded - -grant_type=authorization_code& -code=i1WsRn1uB1& -client_id=s6BhdRkqt3& -client_assertion_type= -urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer& -client_assertion=PHNhbWxwOl ... ZT -``` - -Here's what a client with a `jwks` containing one RSA public key looks like: - -```json -{ - "client_id": "rsa-client-jwks", - "jwks": { - "keys": [ - { - "kty": "RSA", - "n": "jL7h5wc-yeMUsHGJHc0xe9SbTdaLKXMHvcIHQck20Ji7SvrHPdTDQTvZtTDS_wJYbeShcCrliHvbJRSZhtEe0mPJpyWg3O_HkKy6_SyHepLK-_BR7HfcXYB6pVJCG3BW-lVMY7gl5sULFA74kNZH50h8hdmyWC9JgOHn0n3YLdaxSWlhctuwNPSwqwzY4qtN7_CZub81SXWpKiwj4UpyB10b8rM8qn35FS1hfsaFCVi0gQpd4vFDgFyqqpmiwq8oMr8RZ2mf0NMKCP3RXnMhy9Yq8O7lgG2t6g1g9noWbzZDUZNc54tv4WGFJ_rJZRz0jE_GR6v5sdqsDTdjFquPlQ", - "e": "AQAB", - "use": "sig", - "kid": "rsa-jwk" - } - ] - }, - "token_endpoint_auth_method": "private_key_jwt", - "token_endpoint_auth_signing_alg": "RS256" -} -``` - -And here is how it looks like for a `jwks` including an ECDSA public key: - -```json -{ - "client_id": "ecdsa-client-jwks", - "jwks": { - "keys": [ - { - "kty": "EC", - "use": "sig", - "crv": "P-256", - "kid": "ecdsa-jwk", - "x": "nQjdhpecjZRlworpYk_TJAQBe4QbS8IwHY1DWkfR0w0", - "y": "UQfLzHxhc4i3EETUeaAS1vDVFJ-Y01hIESiXqqS86Vc" - } - ] - }, - "token_endpoint_auth_method": "private_key_jwt", - "token_endpoint_auth_signing_alg": "ES256" -} -``` - -And with `jwks_uri`: - -```json -{ - "client_id": "client-jwks-uri", - "jwks_uri": "http://path-to-my-public/keys.json", - "token_endpoint_auth_method": "private_key_jwt", - "token_endpoint_auth_signing_alg": "RS256" -} -``` - -The `jwks_uri` must return a JSON object containing the public keys associated -with the OAuth 2.0 Client: - -```json -{ - "keys": [ - { - "kty": "RSA", - "n": "jL7h5wc-yeMUsHGJHc0xe9SbTdaLKXMHvcIHQck20Ji7SvrHPdTDQTvZtTDS_wJYbeShcCrliHvbJRSZhtEe0mPJpyWg3O_HkKy6_SyHepLK-_BR7HfcXYB6pVJCG3BW-lVMY7gl5sULFA74kNZH50h8hdmyWC9JgOHn0n3YLdaxSWlhctuwNPSwqwzY4qtN7_CZub81SXWpKiwj4UpyB10b8rM8qn35FS1hfsaFCVi0gQpd4vFDgFyqqpmiwq8oMr8RZ2mf0NMKCP3RXnMhy9Yq8O7lgG2t6g1g9noWbzZDUZNc54tv4WGFJ_rJZRz0jE_GR6v5sdqsDTdjFquPlQ", - "e": "AQAB", - "use": "sig", - "kid": "rsa-jwk" - } - ] -} -``` +Please head over to the +[RFC7523 Documentation](guides/oauth2-grant-type-jwt-bearer.mdx). ## OpenID Connect diff --git a/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx b/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx index bbd8fe67eb8..ff25ead510c 100644 --- a/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx +++ b/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx @@ -10,90 +10,283 @@ when a client wishes to utilize an existing trust relationship, expressed through the semantics of the JWT, without a direct user-approval step at the authorization server (Hydra). -## Requesting access token using JWT +Ory Hydra supports both methods expressed in RFC 7523: -To use a Bearer JWT as an authorization grant, the client uses an access token -request as defined in -[Section 4.1 of the OAuth Assertion Framework RFC7521](https://datatracker.ietf.org/doc/html/rfc7521#section-4.1) -with the following specific parameter values and encodings. +- _Using JWTs as Authorization Grants_: Allows exchanging a JSON Web Token for + an Access Token. +- _Using JWTs for Client Authentication_: Allows OAuth 2.0 Client Authentication + using public/private keys via JSON Web Tokens. + +## Exchanging JWTs for Access Tokens -The value of the "grant_type" is "urn:ietf:params:oauth:grant-type:jwt-bearer". +To use the Authorization Grant `urn:ietf:params:oauth:grant-type:jwt-bearer`, +the client performs an OAuth 2.0 Access Token Request as defined in +[Section 4.1 of the OAuth Assertion Framework RFC7521](https://datatracker.ietf.org/doc/html/rfc7521#section-4.1) +with the following specific parameter values and encodings: -The value of the "assertion" parameter MUST contain a single JWT. +- The value of the `grant_type` is + `urn:ietf:params:oauth:grant-type:jwt-bearer`. +- The value of the `assertion` parameter MUST contain a single JWT. -The "scope" parameter may be used, as defined in the OAuth Assertion Framework +The `scope` parameter may be used, as defined in the OAuth Assertion Framework [RFC7521](https://datatracker.ietf.org/doc/html/rfc7521), to indicate the -requested scope. +requested scope: + +``` +POST /oauth2/token HTTP/1.1 +Host: public.hydra.com +Content-Type: application/x-www-form-urlencoded + +grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer +&assertion=eyJhbGciOiJFUzI1NiIsImtpZCI6IjE2In0. +eyJpc3Mi[...omitted for brevity...]. +J9l-ZhwP[...omitted for brevity...] +``` Authentication of the client can be optional and is controlled by `oauth2.grant.jwt.client_auth_optional` setting. -## JWT Requirements +### Establishing a Trust Relationship + +Before using this grant type, you must establish a trust relationship in Ory +Hydra. This involves registering the issuer, subject, and the public key at Ory +Hydra: + +``` +POST /trust/grants/jwt-bearer/issuers +Content-Type: application/json + +{ + // The issuer you want to trust. + "issuer": "https://my-issuer.com", + + // The "sub" field of the access token to be created. + "subject": "alice@example.org", + + // The allowed scope of the generated access token. + "scope": ["read"], + + // The public key with which the JWT Bearer's signature can be verified. + "jwk": { + "kty":"RSA", + "e":"AQAB", + "kid":"d8e91f55-67e0-4e56-a066-6a5f0c2efdf7", + "n":"nzyis1ZjfNB0bBgKFMSvvkTtwlvBsaJq7S5wA-kzeVOVpVWwkWdVha4s38XM_pa_yr47av7-z3VTmvDRyAHcaT92whREFpLv9cj5lTeJSibyr_Mrm_YtjCZVWgaOYIhwrXwKLqPr_11inWsAkfIytvHWTxZYEcXLgAXFuUuaS3uF9gEiNQwzGTU1v0FqkqTBr4B8nW3HCN47XUu0t8Y0e-lf4s4OxQawWD79J9_5d3Ry0vbV3Am1FtGJiJvOwRsIfVChDpYStTcHTCMqtvWbV6L11BWkpzGXSW4Hv43qa-GSYOD2QU68Mb59oSk2OB-BtOLpJofmbGEGgvmwyCI9Mw" + } + + // When this trust relationship expires. + "expires_at": "2021-04-23T18:25:43.511Z", +} +``` + +The above example would allow the following JWT Bearer + +``` +eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL215LWlzc3Vlci5jb20iLCJzdWIiOiJhbGljZUBleGFtcGxlLm9yZyIsImF1ZCI6Imh0dHBzOi8vcHVibGljLmh5ZHJhLmNvbS9vYXV0aDIvdG9rZW4iLCJuYmYiOjEzMDA4MTU3ODAsImV4cCI6MTMwMDgxOTM4MH0.baBiLrVRRU1AKYvAn0X4eIeLvFfpe2wsoD3VTMtaYdbEW2-w-SFeGeEzl5B6sh612bfKkoeihhFVx2md7DP-Rl5asicJzeIhcPETzZbVSPxR1lFdOBwcIPG5N70aSJs2zSn3jnRIhpZf85YZOI8RbQ93Kxla741_4xruHbsNRFqIuWVhxk95BCCnoXzEd8vBTxd_GMn9VijUY_piLPMo-OifRF9pSjYo38aJmRW1tJzeFCMruc9X1W-2c-L_t3rV7zYBH3LlpDZfwyy3T5Pmqf6QKeq1N-MjLnIJcZGT89jqxLmqVFRvAiEyA6iMQXVxmENOnwylGPwuR8DewhWMqg +``` + +which has the claims + +```json5 +{ + iss: 'https://my-issuer.com', + sub: 'alice@example.org', + aud: 'https://public.hydra.com/oauth2/token', + nbf: 1300815780, + exp: 1300819380 +} +``` + +to be exchanged for an OAuth2 Access Token (the `scoe` parameter is optional!) + +``` +POST /oauth2/token HTTP/1.1 +Host: public.hydra.com +Content-Type: application/x-www-form-urlencoded + +grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer +&scope=read +&assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL215LWlzc3Vlci5jb20iLCJzdWIiOiJhbGljZUBleGFtcGxlLm9yZyIsImF1ZCI6Imh0dHBzOi8vcHVibGljLmh5ZHJhLmNvbS9vYXV0aDIvdG9rZW4iLCJuYmYiOjEzMDA4MTU3ODAsImV4cCI6MTMwMDgxOTM4MH0.baBiLrVRRU1AKYvAn0X4eIeLvFfpe2wsoD3VTMtaYdbEW2-w-SFeGeEzl5B6sh612bfKkoeihhFVx2md7DP-Rl5asicJzeIhcPETzZbVSPxR1lFdOBwcIPG5N70aSJs2zSn3jnRIhpZf85YZOI8RbQ93Kxla741_4xruHbsNRFqIuWVhxk95BCCnoXzEd8vBTxd_GMn9VijUY_piLPMo-OifRF9pSjYo38aJmRW1tJzeFCMruc9X1W-2c-L_t3rV7zYBH3LlpDZfwyy3T5Pmqf6QKeq1N-MjLnIJcZGT89jqxLmqVFRvAiEyA6iMQXVxmENOnwylGPwuR8DewhWMqg +``` + +with resulting access token claims: + +``` +{ + "iss": "https://public.hydra.com/", + "sub": "alice@example.org", + "scp": ["read"], + // ... +} +``` + +You can also delete, get, and list trust relationships. Please check the +[HTTP REST API documentation](../reference/api.mdx) for more details. + +### OAuth2 JWT Bearer Grant Type Validation -1. The JWT MUST contain an "iss" (issuer) claim that contains a unique - identifier for the entity that issued the JWT. Either client id or assertion - server identifier. -2. The JWT MUST contain a "sub" (subject) claim identifying the principal that - is the subject of the JWT (e.g. user email). -3. The JWT MUST contain an "aud" (audience) claim containing a value that +When performing the `urn:ietf:params:oauth:grant-type:jwt-bearer` Authorization +Grant, the JWT Bearer in the `assertion` parameter is validated as follows: + +1. The JWT MUST contain an `iss` (issuer) claim that contains a unique + identifier for the entity that issued the JWT. The value must match the + `issuer` value of the trust relationship. +2. The JWT MUST contain a `sub` (subject) claim identifying the principal that + is the subject of the JWT (e.g. user ID). The value must match the `subject` + value of the trust relationship. +3. The JWT MUST contain an `aud` (audience) claim containing a value that identifies the authorization server (Hydra) as an intended audience. So this value must be Hydra Token URL. -4. The JWT MUST contain an "exp" (expiration time) claim that limits the time +4. The JWT MUST contain an `exp` (expiration time) claim that limits the time window during which the JWT can be used. Can be controlled by `oauth2.grant.jwt.max_ttl` setting. -5. The JWT MAY contain an "nbf" (not before) claim that identifies the time +5. The JWT MAY contain an `nbf` (not before) claim that identifies the time before which the token MUST NOT be accepted for processing by Hydra. - Controlled by `oauth2.grant.jwt.jti_optional` setting. -6. The JWT MAY contain an "iat" (issued at) claim that identifies the time at - which the JWT was issued. Controlled by `oauth2.grant.jwt.iat_optional` If - "iat" is not passed, then current time (when assertion is received by Hydra) - will be considered as issued date. -7. The JWT MAY contain a "jti" (JWT ID) claim that provides a unique identifier - for the token. Controlled by `oauth2.grant.jwt.jti_optional` setting. - **Note**: If "jti" is configured to be required, then Hydra will reject all - assertions with the same "jti", if "jti" was already used by some assertion, - and this assertion is not expired yet (see "exp" claim). +6. The JWT MAY contain an `iat` (issued at) claim that identifies the time at + which the JWT was issued. Controlled by `oauth2.grant.jwt.iat_optional` + (default `false`) If `iat` is not passed, then current time (when assertion + is received by Hydra) will be considered as issued date. +7. The JWT MAY contain a `jti` (JWT ID) claim that provides a unique identifier + for the token. Controlled by `oauth2.grant.jwt.jti_optional` (default + `false`) setting. **Note**: If `jti` is configured to be required, then Hydra + will reject all assertions with the same `jti`, if `jti` was already used by + some assertion, and this assertion is not expired yet (see `exp` claim). 8. The JWT MUST be digitally signed. -## How Hydra checks assertion - -So now we know what requirements are for JWT. But how Hydra knows if passed -assertion is valid and how Hydra checks it? - -Last requirement in JWT requirements list is "The JWT MUST be digitally signed", -if Hydra **has** public key for the JWT assertion and key signature check, using -this public key, **passes**, then Hydra considers claims in this assertion as -**trusted** and will check them: - -1. Hydra checks that "iss" (issuer) claim is presented and it is the same as - issuer, registered for the public key (more on this later). -2. Hydra checks that "sub" (subject) claim is presented and it is the same as - subject, registered for the public key (more on this later). -3. Hydra checks that "aud" (audience) claim is equal to Hydra Token URL. -4. Hydra calculates TTL for assertion based on "iat" claim and checks if TTL - exceeds an "exp" (expiration time) claim. -5. If JWT contains an "nbf" (not before) claim, then Hydra checks the time, - before which the token must no be accepted, is passed. -6. Hydra checks that "iat" (issued at) claim is presented if it is required. -7. Hydra checks that "jti" (JWT ID) claim is presented if it is required and is - not in used already by another assertion. -8. If scopes were passed in request, then Hydra will check them against scope - white list for current assertion ( see "Creating grant" below). - -If every check is **passed**, Hydra will **issue** access token. But how to -register public key for assertion? - -## Creating grant (registering public key) - -In order to register public key for concrete issuer and subject we need to -create **Grant** using [Administrative Endpoints](../reference/api.mdx). Grant -creation can be expressed like: "User explicitly grants permission to represent -itself using using assertion for concrete issuer and subject using a pair of -keys, public one will be stored in Hydra to check signature". - -During grant creation you can also set "scopes", this will serve as scope -whitelist, so assertions for this issuer and subject can only contain scopes -from this list or no scopes at all. - -`expires_at` field in grant creation request sets grants max lifetime. If grant -expires, **no more** assertion for this issuer and subject will pass check. +If a scope was included in the OAuth2 Access Token Request + +``` +POST /oauth2/token HTTP/1.1 +Host: public.hydra.com +Content-Type: application/x-www-form-urlencoded + +grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer +&scope=read +&assertion=... +``` + +Hydra will check them against scopes defined in the corresponding trust +relationship. + +## Using JWTs for Client Authentication + +ORY Hydra supports OAuth 2.0 Client Authentication with RSA and ECDSA +private/public keypairs with currently supported signing algorithms: + +- RS256 (default), RS384, RS512 +- PS256, PS384, PS512 +- ES256, ES384, ES512 + +This authentication method replaces the classic HTTP Basic Authorization and +HTTP POST Authorization schemes. Instead of sending the `client_id` and +`client_secret`, you authenticate the client with a signed JSON Web Token. + +To enable this feature for a specific OAuth 2.0 Client, you must set +`token_endpoint_auth_method` to `private_key_jwt` and register the public key of +the RSA/ECDSA signing key either using the `jwks_uri` or `jwks` fields of the +client. + +When authenticating the client at the token endpoint, you generate and sign +(with the RSA/ECDSA private key) a JSON Web Token with the following claims: + +- `iss`: REQUIRED. Issuer. This MUST contain the client_id of the OAuth Client. +- `sub`: REQUIRED. Subject. This MUST contain the client_id of the OAuth Client. +- `aud`: REQUIRED. Audience. The aud (audience) Claim. Value that identifies the + Authorization Server (ORY Hydra) as an intended audience. The Authorization + Server MUST verify that it is an intended audience for the token. The Audience + SHOULD be the URL of the Authorization Server's Token Endpoint. +- `jti`: REQUIRED. JWT ID. A unique identifier for the token, which can be used + to prevent reuse of the token. These tokens MUST only be used once, unless + conditions for reuse were negotiated between the parties; any such negotiation + is beyond the scope of this specification. +- `exp`: REQUIRED. Expiration time on or after which the ID Token MUST NOT be + accepted for processing. +- `iat`: OPTIONAL. Time at which the JWT was issued. + +When making a request to the `/oauth2/token` endpoint, you include +`client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer` +and `client_assertion=` in the request body: + +``` +POST /oauth2/token HTTP/1.1 +Host: public.hydra.com +Content-Type: application/x-www-form-urlencoded + +grant_type=authorization_code& +code=i1WsRn1uB1& +client_id=s6BhdRkqt3& +client_assertion_type= +urn%3Aietf%3Aparams%3Aoauth%3Aclient-assertion-type%3Ajwt-bearer& +client_assertion=PHNhbWxwOl ... ZT +``` + +Here's what a client with a `jwks` containing one RSA public key looks like: + +```json +{ + "client_id": "rsa-client-jwks", + "jwks": { + "keys": [ + { + "kty": "RSA", + "n": "jL7h5wc-yeMUsHGJHc0xe9SbTdaLKXMHvcIHQck20Ji7SvrHPdTDQTvZtTDS_wJYbeShcCrliHvbJRSZhtEe0mPJpyWg3O_HkKy6_SyHepLK-_BR7HfcXYB6pVJCG3BW-lVMY7gl5sULFA74kNZH50h8hdmyWC9JgOHn0n3YLdaxSWlhctuwNPSwqwzY4qtN7_CZub81SXWpKiwj4UpyB10b8rM8qn35FS1hfsaFCVi0gQpd4vFDgFyqqpmiwq8oMr8RZ2mf0NMKCP3RXnMhy9Yq8O7lgG2t6g1g9noWbzZDUZNc54tv4WGFJ_rJZRz0jE_GR6v5sdqsDTdjFquPlQ", + "e": "AQAB", + "use": "sig", + "kid": "rsa-jwk" + } + ] + }, + "token_endpoint_auth_method": "private_key_jwt", + "token_endpoint_auth_signing_alg": "RS256" +} +``` + +And here is how it looks like for a `jwks` including an ECDSA public key: + +```json +{ + "client_id": "ecdsa-client-jwks", + "jwks": { + "keys": [ + { + "kty": "EC", + "use": "sig", + "crv": "P-256", + "kid": "ecdsa-jwk", + "x": "nQjdhpecjZRlworpYk_TJAQBe4QbS8IwHY1DWkfR0w0", + "y": "UQfLzHxhc4i3EETUeaAS1vDVFJ-Y01hIESiXqqS86Vc" + } + ] + }, + "token_endpoint_auth_method": "private_key_jwt", + "token_endpoint_auth_signing_alg": "ES256" +} +``` + +And with `jwks_uri`: + +```json +{ + "client_id": "client-jwks-uri", + "jwks_uri": "http://path-to-my-public/keys.json", + "token_endpoint_auth_method": "private_key_jwt", + "token_endpoint_auth_signing_alg": "RS256" +} +``` + +The `jwks_uri` must return a JSON object containing the public keys associated +with the OAuth 2.0 Client: + +```json +{ + "keys": [ + { + "kty": "RSA", + "n": "jL7h5wc-yeMUsHGJHc0xe9SbTdaLKXMHvcIHQck20Ji7SvrHPdTDQTvZtTDS_wJYbeShcCrliHvbJRSZhtEe0mPJpyWg3O_HkKy6_SyHepLK-_BR7HfcXYB6pVJCG3BW-lVMY7gl5sULFA74kNZH50h8hdmyWC9JgOHn0n3YLdaxSWlhctuwNPSwqwzY4qtN7_CZub81SXWpKiwj4UpyB10b8rM8qn35FS1hfsaFCVi0gQpd4vFDgFyqqpmiwq8oMr8RZ2mf0NMKCP3RXnMhy9Yq8O7lgG2t6g1g9noWbzZDUZNc54tv4WGFJ_rJZRz0jE_GR6v5sdqsDTdjFquPlQ", + "e": "AQAB", + "use": "sig", + "kid": "rsa-jwk" + } + ] +} +``` diff --git a/docs/sidebar.json b/docs/sidebar.json index bd6698180f4..f767a2c7579 100644 --- a/docs/sidebar.json +++ b/docs/sidebar.json @@ -47,6 +47,7 @@ "items": [ "advanced", "guides/oauth2-clients", + "guides/oauth2-grant-type-jwt-bearer", "guides/common-oauth2-openid-connect-flows", "guides/using-oauth2", "guides/token-expiration", diff --git a/grant/jwtbearer/doc.go b/grant/jwtbearer/doc.go index 6088b018383..68e2955cff3 100644 --- a/grant/jwtbearer/doc.go +++ b/grant/jwtbearer/doc.go @@ -30,62 +30,72 @@ import ( "github.com/ory/hydra/x" ) -// swagger:model createJwtBearerGrantParams -type swaggerCreateJWTBearerGrantParams struct { +// swagger:model trustJwtGrantIssuerBody +type trustJwtGrantIssuerBody struct { // The "issuer" identifies the principal that issued the JWT assertion (same as "iss" claim in JWT). - // required:true + // + // required: true // example: https://jwt-idp.example.com Issuer string `json:"issuer"` // The "subject" identifies the principal that is the subject of the JWT. + // // required:true // example: mike@example.com Subject string `json:"subject"` // The "scope" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) + // // required:true // example: ["openid", "offline"] Scope []string `json:"scope"` // The "jwk" contains public key in JWK format issued by "issuer", that will be used to check JWT assertion signature. + // // required:true JWK x.JSONWebKey `json:"jwk"` // The "expires_at" indicates, when grant will expire, so we will reject assertion from "issuer" targeting "subject". + // // required:true ExpiresAt time.Time `json:"expires_at"` } -// swagger:parameters createJwtBearerGrant -type swaggerCreateJWTBearerGrantRequestParams struct { +// swagger:parameters trustJwtGrantIssuer +type trustJwtGrantIssuer struct { // in: body - Body swaggerCreateJWTBearerGrantParams + Body trustJwtGrantIssuerBody } -// swagger:parameters getJwtBearerGrantList -type swaggerGetJWTBearerGrantListParams struct { - // If Optional "issuer" is supplied, only jwt-bearer grants with this issuer will be returned. +// swagger:parameters listTrustedJwtGrantIssuers +type listTrustedJwtGrantIssuers struct { + // If optional "issuer" is supplied, only jwt-bearer grants with this issuer will be returned. + // // in: query // required: false Issuer string `json:"issuer"` + + // The maximum amount of policies returned, upper bound is 500 policies + // in: query + Limit int `json:"limit"` + + // The offset from where to start looking. + // in: query + Offset int `json:"offset"` } -// swagger:parameters getJwtBearerGrant deleteJwtBearerGrant updateJwtBearerGrant -type swaggerJWTBearerGrantQuery struct { +// swagger:parameters getTrustedJwtGrantIssuer deleteTrustedJwtGrantIssuer +type getTrustedJwtGrantIssuer struct { // The id of the desired grant // in: path // required: true ID string `json:"id"` } -// swagger:response JwtBearerGrantList -type swaggerJWTBearerGrantList struct { - // in: body - // type: array - Body []swaggerJWTBearerGrant -} +// swagger:model trustedJwtGrantIssuers +type trustedJwtGrantIssuers []swaggerJWTBearerGrant -// swagger:model JwtBearerGrant +// swagger:model trustedJwtGrantIssuer type swaggerJWTBearerGrant struct { // example: 9edc811f-4e28-453c-9b46-4de65f00217f ID string `json:"id"` @@ -112,7 +122,7 @@ type swaggerJWTBearerGrant struct { ExpiresAt time.Time `json:"expires_at"` } -// swagger:model JwtBearerGrantPublicKey +// swagger:model trustedJsonWebKey type swaggerJWTBearerGrantPublicKey struct { // The "set" is basically a name for a group(set) of keys. Will be the same as "issuer" in grant. // example: https://jwt-idp.example.com diff --git a/grant/jwtbearer/handler.go b/grant/jwtbearer/handler.go index e3d80a2f2c2..aee28f92ef8 100644 --- a/grant/jwtbearer/handler.go +++ b/grant/jwtbearer/handler.go @@ -16,7 +16,7 @@ import ( ) const ( - grantJWTBearerPath = "/grants/jwt-bearer" + grantJWTBearerPath = "/trust/grants/jwt-bearer/issuers" ) type Handler struct { @@ -30,19 +30,17 @@ func NewHandler(r InternalRegistry) *Handler { func (h *Handler) SetRoutes(admin *x.RouterAdmin) { admin.GET(grantJWTBearerPath+"/:id", h.Get) admin.GET(grantJWTBearerPath, h.List) - admin.POST(grantJWTBearerPath, h.Create) - admin.DELETE(grantJWTBearerPath+"/:id", h.Delete) - admin.POST(grantJWTBearerPath+"/flush", h.FlushHandler) } -// swagger:route POST /grants/jwt-bearer admin createJwtBearerGrant +// swagger:route POST /trust/grants/jwt-bearer/issuers admin trustJwtGrantIssuer // -// Create a new jwt-bearer Grant. +// Trust an OAuth2 JWT Bearer Grant Type Issuer // -// This endpoint is capable of creating a new jwt-bearer Grant, by doing this, we are granting permission for client to -// act on behalf of some resource owner. +// Use this endpoint to establish a trust relationship for a JWT issuer +// to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication +// and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523). // // Consumes: // - application/json @@ -53,7 +51,7 @@ func (h *Handler) SetRoutes(admin *x.RouterAdmin) { // Schemes: http, https // // Responses: -// 201: JwtBearerGrant +// 201: trustedJwtGrantIssuer // 400: genericError // 409: genericError // 500: genericError @@ -91,13 +89,13 @@ func (h *Handler) Create(w http.ResponseWriter, r *http.Request, _ httprouter.Pa h.registry.Writer().WriteCreated(w, r, grantJWTBearerPath+"/"+grant.ID, &grant) } -// swagger:route GET /grants/jwt-bearer/{id} admin getJwtBearerGrant -// -// Fetch jwt-bearer grant information. +// swagger:route GET /trust/grants/jwt-bearer/issuers/{id} admin getTrustedJwtGrantIssuer // -// This endpoint returns jwt-bearer grant, identified by grant ID. Grant represents resource owner (RO) permission -// for client to act on behalf of the RO. In this case client uses jwt to request access token to act as RO. +// Get a Trusted OAuth2 JWT Bearer Grant Type Issuer // +// Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you +// created the trust relationship. +/// // Consumes: // - application/json // @@ -107,7 +105,7 @@ func (h *Handler) Create(w http.ResponseWriter, r *http.Request, _ httprouter.Pa // Schemes: http, https // // Responses: -// 200: JwtBearerGrant +// 200: trustedJwtGrantIssuer // 404: genericError // 500: genericError func (h *Handler) Get(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { @@ -122,13 +120,15 @@ func (h *Handler) Get(w http.ResponseWriter, r *http.Request, ps httprouter.Para h.registry.Writer().Write(w, r, grant) } -// swagger:route DELETE /grants/jwt-bearer/{id} admin deleteJwtBearerGrant +// swagger:route DELETE /trust/grants/jwt-bearer/issuers/{id} admin deleteTrustedJwtGrantIssuer // -// Delete jwt-bearer grant. +// Delete a Trusted OAuth2 JWT Bearer Grant Type Issuer // -// This endpoint will delete jwt-bearer grant, identified by grant ID, so client won't be able to represent -// resource owner (which granted permission), using this grant anymore. All associated public keys with grant -// will also be deleted. +// Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you +// created the trust relationship. +// +// Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) Profile +// for OAuth 2.0 Client Authentication and Authorization Grant. // // Consumes: // - application/json @@ -153,12 +153,11 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request, ps httprouter.P w.WriteHeader(http.StatusNoContent) } -// swagger:route GET /grants/jwt-bearer admin getJwtBearerGrantList +// swagger:route GET /trust/grants/jwt-bearer/issuers admin listTrustedJwtGrantIssuers // -// Fetch all jwt-bearer grants. +// List Trusted OAuth2 JWT Bearer Grant Type Issuers // -// This endpoint returns list of jwt-bearer grants. Grant represents resource owner (RO) permission -// for client to act on behalf of the RO. In this case client uses jwt to request access token to act as RO. +// Use this endpoint to list all trusted JWT Bearer Grant Type Issuers. // // Consumes: // - application/json @@ -169,11 +168,11 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request, ps httprouter.P // Schemes: http, https // // Responses: -// 200: JwtBearerGrantList +// 200: trustedJwtGrantIssuers // 500: genericError func (h *Handler) List(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { limit, offset := pagination.Parse(r, 100, 0, 500) - var optionalIssuer = r.URL.Query().Get("issuer") + optionalIssuer := r.URL.Query().Get("issuer") grants, err := h.registry.GrantManager().GetGrants(r.Context(), limit, offset, optionalIssuer) if err != nil { @@ -188,7 +187,6 @@ func (h *Handler) List(w http.ResponseWriter, r *http.Request, ps httprouter.Par } pagination.Header(w, r.URL, n, limit, offset) - if grants == nil { grants = []Grant{} } diff --git a/grant/jwtbearer/handler_test.go b/grant/jwtbearer/handler_test.go index 01044dbb38f..4d3b9aa68dc 100644 --- a/grant/jwtbearer/handler_test.go +++ b/grant/jwtbearer/handler_test.go @@ -10,11 +10,12 @@ import ( "github.com/go-openapi/strfmt" "github.com/google/uuid" - "github.com/ory/hydra/driver" - "github.com/ory/hydra/jwk" "github.com/stretchr/testify/suite" "gopkg.in/square/go-jose.v2" + "github.com/ory/hydra/driver" + "github.com/ory/hydra/jwk" + "github.com/ory/hydra/driver/config" "github.com/ory/hydra/grant/jwtbearer" "github.com/ory/hydra/internal" @@ -84,7 +85,7 @@ func (s *HandlerTestSuite) TestGrantCanBeCreatedAndFetched() { ) model := createRequestParams.Body - createResult, err := s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + createResult, err := s.hydraClient.Admin.TrustJwtGrantIssuer(createRequestParams) s.Require().NoError(err, "no errors expected on grant creation") s.NotEmpty(createResult.Payload.ID, " grant id expected to be non-empty") @@ -95,9 +96,9 @@ func (s *HandlerTestSuite) TestGrantCanBeCreatedAndFetched() { s.Equal(*model.Jwk.Kid, createResult.Payload.PublicKey.Kid, "public key id must match") s.Equal(model.ExpiresAt.String(), createResult.Payload.ExpiresAt.String(), "expiration date must match") - getRequestParams := admin.NewGetJwtBearerGrantParams() + getRequestParams := admin.NewGetTrustedJwtGrantIssuerParams() getRequestParams.ID = createResult.Payload.ID - getResult, err := s.hydraClient.Admin.GetJwtBearerGrant(getRequestParams) + getResult, err := s.hydraClient.Admin.GetTrustedJwtGrantIssuer(getRequestParams) s.Require().NoError(err, "no errors expected on grant fetching") s.Equal(getRequestParams.ID, getResult.Payload.ID, " grant id must match") @@ -117,15 +118,15 @@ func (s *HandlerTestSuite) TestGrantCanNotBeCreatedWithSameIssuerSubjectKey() { time.Now().Add(time.Hour), ) - _, err := s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + _, err := s.hydraClient.Admin.TrustJwtGrantIssuer(createRequestParams) s.Require().NoError(err, "no errors expected on grant creation") - _, err = s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + _, err = s.hydraClient.Admin.TrustJwtGrantIssuer(createRequestParams) s.Require().Error(err, "expected error, because grant with same issuer+subject+kid exists") kid := uuid.New().String() createRequestParams.Body.Jwk.Kid = &kid - _, err = s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + _, err = s.hydraClient.Admin.TrustJwtGrantIssuer(createRequestParams) s.NoError(err, "no errors expected on grant creation, because kid is now different") } @@ -137,7 +138,7 @@ func (s *HandlerTestSuite) TestGrantCanNotBeCreatedWithMissingFields() { time.Now().Add(time.Hour), ) - _, err := s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + _, err := s.hydraClient.Admin.TrustJwtGrantIssuer(createRequestParams) s.Require().Error(err, "expected error, because grant missing issuer") createRequestParams = s.newCreateJwtBearerGrantParams( @@ -147,7 +148,7 @@ func (s *HandlerTestSuite) TestGrantCanNotBeCreatedWithMissingFields() { time.Now().Add(time.Hour), ) - _, err = s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + _, err = s.hydraClient.Admin.TrustJwtGrantIssuer(createRequestParams) s.Require().Error(err, "expected error, because grant missing subject") createRequestParams = s.newCreateJwtBearerGrantParams( @@ -157,7 +158,7 @@ func (s *HandlerTestSuite) TestGrantCanNotBeCreatedWithMissingFields() { time.Time{}, ) - _, err = s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + _, err = s.hydraClient.Admin.TrustJwtGrantIssuer(createRequestParams) s.Error(err, "expected error, because grant missing expiration date") } @@ -170,7 +171,7 @@ func (s *HandlerTestSuite) TestGrantPublicCanBeFetched() { ) model := createRequestParams.Body - _, err := s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + _, err := s.hydraClient.Admin.TrustJwtGrantIssuer(createRequestParams) s.Require().NoError(err, "no error expected on grant creation") getJWKRequestParams := admin.NewGetJSONWebKeyParams() @@ -197,20 +198,20 @@ func (s *HandlerTestSuite) TestGrantListCanBeFetched() { time.Now().Add(time.Hour), ) - _, err := s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + _, err := s.hydraClient.Admin.TrustJwtGrantIssuer(createRequestParams) s.Require().NoError(err, "no errors expected on grant creation") - _, err = s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams2) + _, err = s.hydraClient.Admin.TrustJwtGrantIssuer(createRequestParams2) s.Require().NoError(err, "no errors expected on grant creation") - getRequestParams := admin.NewGetJwtBearerGrantListParams() - getResult, err := s.hydraClient.Admin.GetJwtBearerGrantList(getRequestParams) + getRequestParams := admin.NewListTrustedJwtGrantIssuersParams() + getResult, err := s.hydraClient.Admin.ListTrustedJwtGrantIssuers(getRequestParams) s.Require().NoError(err, "no errors expected on grant list fetching") s.Len(getResult.Payload, 2, "expected to get list of 2 grants") getRequestParams.Issuer = createRequestParams2.Body.Issuer - getResult, err = s.hydraClient.Admin.GetJwtBearerGrantList(getRequestParams) + getResult, err = s.hydraClient.Admin.ListTrustedJwtGrantIssuers(getRequestParams) s.Require().NoError(err, "no errors expected on grant list fetching") s.Len(getResult.Payload, 1, "expected to get list of 1 grant, when filtering by issuer") @@ -225,16 +226,16 @@ func (s *HandlerTestSuite) TestGrantCanBeDeleted() { time.Now().Add(time.Hour), ) - createResult, err := s.hydraClient.Admin.CreateJwtBearerGrant(createRequestParams) + createResult, err := s.hydraClient.Admin.TrustJwtGrantIssuer(createRequestParams) s.Require().NoError(err, "no errors expected on grant creation") - deleteRequestParams := admin.NewDeleteJwtBearerGrantParams() + deleteRequestParams := admin.NewDeleteTrustedJwtGrantIssuerParams() deleteRequestParams.ID = createResult.Payload.ID - _, err = s.hydraClient.Admin.DeleteJwtBearerGrant(deleteRequestParams) + _, err = s.hydraClient.Admin.DeleteTrustedJwtGrantIssuer(deleteRequestParams) s.Require().NoError(err, "no errors expected on grant deletion") - _, err = s.hydraClient.Admin.DeleteJwtBearerGrant(deleteRequestParams) + _, err = s.hydraClient.Admin.DeleteTrustedJwtGrantIssuer(deleteRequestParams) s.Error(err, "expected error, because grant has been already deleted") } @@ -257,10 +258,10 @@ func (s *HandlerTestSuite) generateJWK(publicKey *rsa.PublicKey) *models.JSONWeb func (s *HandlerTestSuite) newCreateJwtBearerGrantParams( issuer, subject string, scope []string, expiresAt time.Time, -) *admin.CreateJwtBearerGrantParams { - createRequestParams := admin.NewCreateJwtBearerGrantParams() +) *admin.TrustJwtGrantIssuerParams { + createRequestParams := admin.NewTrustJwtGrantIssuerParams() exp := strfmt.DateTime(expiresAt.UTC().Round(time.Second)) - model := &models.CreateJwtBearerGrantParams{ + model := &models.TrustJwtGrantIssuerBody{ ExpiresAt: &exp, Issuer: &issuer, Jwk: s.generateJWK(s.publicKey), diff --git a/internal/httpclient/client/admin/accept_consent_request_parameters.go b/internal/httpclient/client/admin/accept_consent_request_parameters.go index c573076321b..df23ce33395 100644 --- a/internal/httpclient/client/admin/accept_consent_request_parameters.go +++ b/internal/httpclient/client/admin/accept_consent_request_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewAcceptConsentRequestParams creates a new AcceptConsentRequestParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewAcceptConsentRequestParams creates a new AcceptConsentRequestParams object +// with the default values initialized. func NewAcceptConsentRequestParams() *AcceptConsentRequestParams { + var () return &AcceptConsentRequestParams{ + timeout: cr.DefaultTimeout, } } // NewAcceptConsentRequestParamsWithTimeout creates a new AcceptConsentRequestParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewAcceptConsentRequestParamsWithTimeout(timeout time.Duration) *AcceptConsentRequestParams { + var () return &AcceptConsentRequestParams{ + timeout: timeout, } } // NewAcceptConsentRequestParamsWithContext creates a new AcceptConsentRequestParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewAcceptConsentRequestParamsWithContext(ctx context.Context) *AcceptConsentRequestParams { + var () return &AcceptConsentRequestParams{ + Context: ctx, } } // NewAcceptConsentRequestParamsWithHTTPClient creates a new AcceptConsentRequestParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewAcceptConsentRequestParamsWithHTTPClient(client *http.Client) *AcceptConsentRequestParams { + var () return &AcceptConsentRequestParams{ HTTPClient: client, } } -/* AcceptConsentRequestParams contains all the parameters to send to the API endpoint - for the accept consent request operation. - - Typically these are written to a http.Request. +/*AcceptConsentRequestParams contains all the parameters to send to the API endpoint +for the accept consent request operation typically these are written to a http.Request */ type AcceptConsentRequestParams struct { - // Body. + /*Body*/ Body *models.AcceptConsentRequest - - // ConsentChallenge. + /*ConsentChallenge*/ ConsentChallenge string timeout time.Duration @@ -72,21 +72,6 @@ type AcceptConsentRequestParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the accept consent request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *AcceptConsentRequestParams) WithDefaults() *AcceptConsentRequestParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the accept consent request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *AcceptConsentRequestParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the accept consent request params func (o *AcceptConsentRequestParams) WithTimeout(timeout time.Duration) *AcceptConsentRequestParams { o.SetTimeout(timeout) @@ -149,6 +134,7 @@ func (o *AcceptConsentRequestParams) WriteToRequest(r runtime.ClientRequest, reg return err } var res []error + if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err @@ -159,7 +145,6 @@ func (o *AcceptConsentRequestParams) WriteToRequest(r runtime.ClientRequest, reg qrConsentChallenge := o.ConsentChallenge qConsentChallenge := qrConsentChallenge if qConsentChallenge != "" { - if err := r.SetQueryParam("consent_challenge", qConsentChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/accept_login_request_parameters.go b/internal/httpclient/client/admin/accept_login_request_parameters.go index ad0c47b0d30..20d130fc490 100644 --- a/internal/httpclient/client/admin/accept_login_request_parameters.go +++ b/internal/httpclient/client/admin/accept_login_request_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewAcceptLoginRequestParams creates a new AcceptLoginRequestParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewAcceptLoginRequestParams creates a new AcceptLoginRequestParams object +// with the default values initialized. func NewAcceptLoginRequestParams() *AcceptLoginRequestParams { + var () return &AcceptLoginRequestParams{ + timeout: cr.DefaultTimeout, } } // NewAcceptLoginRequestParamsWithTimeout creates a new AcceptLoginRequestParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewAcceptLoginRequestParamsWithTimeout(timeout time.Duration) *AcceptLoginRequestParams { + var () return &AcceptLoginRequestParams{ + timeout: timeout, } } // NewAcceptLoginRequestParamsWithContext creates a new AcceptLoginRequestParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewAcceptLoginRequestParamsWithContext(ctx context.Context) *AcceptLoginRequestParams { + var () return &AcceptLoginRequestParams{ + Context: ctx, } } // NewAcceptLoginRequestParamsWithHTTPClient creates a new AcceptLoginRequestParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewAcceptLoginRequestParamsWithHTTPClient(client *http.Client) *AcceptLoginRequestParams { + var () return &AcceptLoginRequestParams{ HTTPClient: client, } } -/* AcceptLoginRequestParams contains all the parameters to send to the API endpoint - for the accept login request operation. - - Typically these are written to a http.Request. +/*AcceptLoginRequestParams contains all the parameters to send to the API endpoint +for the accept login request operation typically these are written to a http.Request */ type AcceptLoginRequestParams struct { - // Body. + /*Body*/ Body *models.AcceptLoginRequest - - // LoginChallenge. + /*LoginChallenge*/ LoginChallenge string timeout time.Duration @@ -72,21 +72,6 @@ type AcceptLoginRequestParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the accept login request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *AcceptLoginRequestParams) WithDefaults() *AcceptLoginRequestParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the accept login request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *AcceptLoginRequestParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the accept login request params func (o *AcceptLoginRequestParams) WithTimeout(timeout time.Duration) *AcceptLoginRequestParams { o.SetTimeout(timeout) @@ -149,6 +134,7 @@ func (o *AcceptLoginRequestParams) WriteToRequest(r runtime.ClientRequest, reg s return err } var res []error + if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err @@ -159,7 +145,6 @@ func (o *AcceptLoginRequestParams) WriteToRequest(r runtime.ClientRequest, reg s qrLoginChallenge := o.LoginChallenge qLoginChallenge := qrLoginChallenge if qLoginChallenge != "" { - if err := r.SetQueryParam("login_challenge", qLoginChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/accept_logout_request_parameters.go b/internal/httpclient/client/admin/accept_logout_request_parameters.go index aa8727c2724..f5f48782535 100644 --- a/internal/httpclient/client/admin/accept_logout_request_parameters.go +++ b/internal/httpclient/client/admin/accept_logout_request_parameters.go @@ -16,50 +16,51 @@ import ( "github.com/go-openapi/strfmt" ) -// NewAcceptLogoutRequestParams creates a new AcceptLogoutRequestParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewAcceptLogoutRequestParams creates a new AcceptLogoutRequestParams object +// with the default values initialized. func NewAcceptLogoutRequestParams() *AcceptLogoutRequestParams { + var () return &AcceptLogoutRequestParams{ + timeout: cr.DefaultTimeout, } } // NewAcceptLogoutRequestParamsWithTimeout creates a new AcceptLogoutRequestParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewAcceptLogoutRequestParamsWithTimeout(timeout time.Duration) *AcceptLogoutRequestParams { + var () return &AcceptLogoutRequestParams{ + timeout: timeout, } } // NewAcceptLogoutRequestParamsWithContext creates a new AcceptLogoutRequestParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewAcceptLogoutRequestParamsWithContext(ctx context.Context) *AcceptLogoutRequestParams { + var () return &AcceptLogoutRequestParams{ + Context: ctx, } } // NewAcceptLogoutRequestParamsWithHTTPClient creates a new AcceptLogoutRequestParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewAcceptLogoutRequestParamsWithHTTPClient(client *http.Client) *AcceptLogoutRequestParams { + var () return &AcceptLogoutRequestParams{ HTTPClient: client, } } -/* AcceptLogoutRequestParams contains all the parameters to send to the API endpoint - for the accept logout request operation. - - Typically these are written to a http.Request. +/*AcceptLogoutRequestParams contains all the parameters to send to the API endpoint +for the accept logout request operation typically these are written to a http.Request */ type AcceptLogoutRequestParams struct { - // LogoutChallenge. + /*LogoutChallenge*/ LogoutChallenge string timeout time.Duration @@ -67,21 +68,6 @@ type AcceptLogoutRequestParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the accept logout request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *AcceptLogoutRequestParams) WithDefaults() *AcceptLogoutRequestParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the accept logout request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *AcceptLogoutRequestParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the accept logout request params func (o *AcceptLogoutRequestParams) WithTimeout(timeout time.Duration) *AcceptLogoutRequestParams { o.SetTimeout(timeout) @@ -138,7 +124,6 @@ func (o *AcceptLogoutRequestParams) WriteToRequest(r runtime.ClientRequest, reg qrLogoutChallenge := o.LogoutChallenge qLogoutChallenge := qrLogoutChallenge if qLogoutChallenge != "" { - if err := r.SetQueryParam("logout_challenge", qLogoutChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/admin_client.go b/internal/httpclient/client/admin/admin_client.go index 08e4673a369..ae35e428720 100644 --- a/internal/httpclient/client/admin/admin_client.go +++ b/internal/httpclient/client/admin/admin_client.go @@ -35,20 +35,18 @@ type ClientService interface { CreateJSONWebKeySet(params *CreateJSONWebKeySetParams) (*CreateJSONWebKeySetCreated, error) - CreateJwtBearerGrant(params *CreateJwtBearerGrantParams) (*CreateJwtBearerGrantCreated, error) - CreateOAuth2Client(params *CreateOAuth2ClientParams) (*CreateOAuth2ClientCreated, error) DeleteJSONWebKey(params *DeleteJSONWebKeyParams) (*DeleteJSONWebKeyNoContent, error) DeleteJSONWebKeySet(params *DeleteJSONWebKeySetParams) (*DeleteJSONWebKeySetNoContent, error) - DeleteJwtBearerGrant(params *DeleteJwtBearerGrantParams) (*DeleteJwtBearerGrantNoContent, error) - DeleteOAuth2Client(params *DeleteOAuth2ClientParams) (*DeleteOAuth2ClientNoContent, error) DeleteOAuth2Token(params *DeleteOAuth2TokenParams) (*DeleteOAuth2TokenNoContent, error) + DeleteTrustedJwtGrantIssuer(params *DeleteTrustedJwtGrantIssuerParams) (*DeleteTrustedJwtGrantIssuerNoContent, error) + FlushInactiveJwtBearerGrants(params *FlushInactiveJwtBearerGrantsParams) (*FlushInactiveJwtBearerGrantsNoContent, error) FlushInactiveOAuth2Tokens(params *FlushInactiveOAuth2TokensParams) (*FlushInactiveOAuth2TokensNoContent, error) @@ -59,16 +57,14 @@ type ClientService interface { GetJSONWebKeySet(params *GetJSONWebKeySetParams) (*GetJSONWebKeySetOK, error) - GetJwtBearerGrant(params *GetJwtBearerGrantParams) (*GetJwtBearerGrantOK, error) - - GetJwtBearerGrantList(params *GetJwtBearerGrantListParams) (*GetJwtBearerGrantListOK, error) - GetLoginRequest(params *GetLoginRequestParams) (*GetLoginRequestOK, error) GetLogoutRequest(params *GetLogoutRequestParams) (*GetLogoutRequestOK, error) GetOAuth2Client(params *GetOAuth2ClientParams) (*GetOAuth2ClientOK, error) + GetTrustedJwtGrantIssuer(params *GetTrustedJwtGrantIssuerParams) (*GetTrustedJwtGrantIssuerOK, error) + GetVersion(params *GetVersionParams) (*GetVersionOK, error) IntrospectOAuth2Token(params *IntrospectOAuth2TokenParams) (*IntrospectOAuth2TokenOK, error) @@ -79,6 +75,8 @@ type ClientService interface { ListSubjectConsentSessions(params *ListSubjectConsentSessionsParams) (*ListSubjectConsentSessionsOK, error) + ListTrustedJwtGrantIssuers(params *ListTrustedJwtGrantIssuersParams) (*ListTrustedJwtGrantIssuersOK, error) + PatchOAuth2Client(params *PatchOAuth2ClientParams) (*PatchOAuth2ClientOK, error) Prometheus(params *PrometheusParams) (*PrometheusOK, error) @@ -93,6 +91,8 @@ type ClientService interface { RevokeConsentSessions(params *RevokeConsentSessionsParams) (*RevokeConsentSessionsNoContent, error) + TrustJwtGrantIssuer(params *TrustJwtGrantIssuerParams) (*TrustJwtGrantIssuerCreated, error) + UpdateJSONWebKey(params *UpdateJSONWebKeyParams) (*UpdateJSONWebKeyOK, error) UpdateJSONWebKeySet(params *UpdateJSONWebKeySetParams) (*UpdateJSONWebKeySetOK, error) @@ -278,43 +278,6 @@ func (a *Client) CreateJSONWebKeySet(params *CreateJSONWebKeySetParams) (*Create panic(msg) } -/* - CreateJwtBearerGrant creates a new jwt bearer grant - - This endpoint is capable of creating a new jwt-bearer Grant, by doing this, we are granting permission for client to -act on behalf of some resource owner. -*/ -func (a *Client) CreateJwtBearerGrant(params *CreateJwtBearerGrantParams) (*CreateJwtBearerGrantCreated, error) { - // TODO: Validate the params before sending - if params == nil { - params = NewCreateJwtBearerGrantParams() - } - - result, err := a.transport.Submit(&runtime.ClientOperation{ - ID: "createJwtBearerGrant", - Method: "POST", - PathPattern: "/grants/jwt-bearer", - ProducesMediaTypes: []string{"application/json"}, - ConsumesMediaTypes: []string{"application/json"}, - Schemes: []string{"http", "https"}, - Params: params, - Reader: &CreateJwtBearerGrantReader{formats: a.formats}, - Context: params.Context, - Client: params.HTTPClient, - }) - if err != nil { - return nil, err - } - success, ok := result.(*CreateJwtBearerGrantCreated) - if ok { - return success, nil - } - // unexpected success response - // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue - msg := fmt.Sprintf("unexpected success response for createJwtBearerGrant: API contract not enforced by server. Client expected to get an error, but got: %T", result) - panic(msg) -} - /* CreateOAuth2Client creates an o auth 2 0 client @@ -430,114 +393,116 @@ func (a *Client) DeleteJSONWebKeySet(params *DeleteJSONWebKeySetParams) (*Delete } /* - DeleteJwtBearerGrant deletes jwt bearer grant + DeleteOAuth2Client deletes an o auth 2 0 client + + Delete an existing OAuth 2.0 Client by its ID. - This endpoint will delete jwt-bearer grant, identified by grant ID, so client won't be able to represent -resource owner (which granted permission), using this grant anymore. All associated public keys with grant -will also be deleted. +OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well protected and only callable by first-party components. */ -func (a *Client) DeleteJwtBearerGrant(params *DeleteJwtBearerGrantParams) (*DeleteJwtBearerGrantNoContent, error) { +func (a *Client) DeleteOAuth2Client(params *DeleteOAuth2ClientParams) (*DeleteOAuth2ClientNoContent, error) { // TODO: Validate the params before sending if params == nil { - params = NewDeleteJwtBearerGrantParams() + params = NewDeleteOAuth2ClientParams() } result, err := a.transport.Submit(&runtime.ClientOperation{ - ID: "deleteJwtBearerGrant", + ID: "deleteOAuth2Client", Method: "DELETE", - PathPattern: "/grants/jwt-bearer/{id}", + PathPattern: "/clients/{id}", ProducesMediaTypes: []string{"application/json"}, ConsumesMediaTypes: []string{"application/json"}, Schemes: []string{"http", "https"}, Params: params, - Reader: &DeleteJwtBearerGrantReader{formats: a.formats}, + Reader: &DeleteOAuth2ClientReader{formats: a.formats}, Context: params.Context, Client: params.HTTPClient, }) if err != nil { return nil, err } - success, ok := result.(*DeleteJwtBearerGrantNoContent) + success, ok := result.(*DeleteOAuth2ClientNoContent) if ok { return success, nil } // unexpected success response // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue - msg := fmt.Sprintf("unexpected success response for deleteJwtBearerGrant: API contract not enforced by server. Client expected to get an error, but got: %T", result) + msg := fmt.Sprintf("unexpected success response for deleteOAuth2Client: API contract not enforced by server. Client expected to get an error, but got: %T", result) panic(msg) } /* - DeleteOAuth2Client deletes an o auth 2 0 client - - Delete an existing OAuth 2.0 Client by its ID. + DeleteOAuth2Token deletes o auth2 access tokens from a client -OAuth 2.0 clients are used to perform OAuth 2.0 and OpenID Connect flows. Usually, OAuth 2.0 clients are generated for applications which want to consume your OAuth 2.0 or OpenID Connect capabilities. To manage ORY Hydra, you will need an OAuth 2.0 Client as well. Make sure that this endpoint is well protected and only callable by first-party components. + This endpoint deletes OAuth2 access tokens issued for a client from the database */ -func (a *Client) DeleteOAuth2Client(params *DeleteOAuth2ClientParams) (*DeleteOAuth2ClientNoContent, error) { +func (a *Client) DeleteOAuth2Token(params *DeleteOAuth2TokenParams) (*DeleteOAuth2TokenNoContent, error) { // TODO: Validate the params before sending if params == nil { - params = NewDeleteOAuth2ClientParams() + params = NewDeleteOAuth2TokenParams() } result, err := a.transport.Submit(&runtime.ClientOperation{ - ID: "deleteOAuth2Client", + ID: "deleteOAuth2Token", Method: "DELETE", - PathPattern: "/clients/{id}", + PathPattern: "/oauth2/tokens", ProducesMediaTypes: []string{"application/json"}, ConsumesMediaTypes: []string{"application/json"}, Schemes: []string{"http", "https"}, Params: params, - Reader: &DeleteOAuth2ClientReader{formats: a.formats}, + Reader: &DeleteOAuth2TokenReader{formats: a.formats}, Context: params.Context, Client: params.HTTPClient, }) if err != nil { return nil, err } - success, ok := result.(*DeleteOAuth2ClientNoContent) + success, ok := result.(*DeleteOAuth2TokenNoContent) if ok { return success, nil } // unexpected success response // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue - msg := fmt.Sprintf("unexpected success response for deleteOAuth2Client: API contract not enforced by server. Client expected to get an error, but got: %T", result) + msg := fmt.Sprintf("unexpected success response for deleteOAuth2Token: API contract not enforced by server. Client expected to get an error, but got: %T", result) panic(msg) } /* - DeleteOAuth2Token deletes o auth2 access tokens from a client + DeleteTrustedJwtGrantIssuer deletes a trusted o auth2 j w t bearer grant type issuer - This endpoint deletes OAuth2 access tokens issued for a client from the database + Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you +created the trust relationship. + +Once deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) Profile +for OAuth 2.0 Client Authentication and Authorization Grant. */ -func (a *Client) DeleteOAuth2Token(params *DeleteOAuth2TokenParams) (*DeleteOAuth2TokenNoContent, error) { +func (a *Client) DeleteTrustedJwtGrantIssuer(params *DeleteTrustedJwtGrantIssuerParams) (*DeleteTrustedJwtGrantIssuerNoContent, error) { // TODO: Validate the params before sending if params == nil { - params = NewDeleteOAuth2TokenParams() + params = NewDeleteTrustedJwtGrantIssuerParams() } result, err := a.transport.Submit(&runtime.ClientOperation{ - ID: "deleteOAuth2Token", + ID: "deleteTrustedJwtGrantIssuer", Method: "DELETE", - PathPattern: "/oauth2/tokens", + PathPattern: "/trust/grants/jwt-bearer/issuers/{id}", ProducesMediaTypes: []string{"application/json"}, ConsumesMediaTypes: []string{"application/json"}, Schemes: []string{"http", "https"}, Params: params, - Reader: &DeleteOAuth2TokenReader{formats: a.formats}, + Reader: &DeleteTrustedJwtGrantIssuerReader{formats: a.formats}, Context: params.Context, Client: params.HTTPClient, }) if err != nil { return nil, err } - success, ok := result.(*DeleteOAuth2TokenNoContent) + success, ok := result.(*DeleteTrustedJwtGrantIssuerNoContent) if ok { return success, nil } // unexpected success response // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue - msg := fmt.Sprintf("unexpected success response for deleteOAuth2Token: API contract not enforced by server. Client expected to get an error, but got: %T", result) + msg := fmt.Sprintf("unexpected success response for deleteTrustedJwtGrantIssuer: API contract not enforced by server. Client expected to get an error, but got: %T", result) panic(msg) } @@ -736,80 +701,6 @@ func (a *Client) GetJSONWebKeySet(params *GetJSONWebKeySetParams) (*GetJSONWebKe panic(msg) } -/* - GetJwtBearerGrant fetches jwt bearer grant information - - This endpoint returns jwt-bearer grant, identified by grant ID. Grant represents resource owner (RO) permission -for client to act on behalf of the RO. In this case client uses jwt to request access token to act as RO. -*/ -func (a *Client) GetJwtBearerGrant(params *GetJwtBearerGrantParams) (*GetJwtBearerGrantOK, error) { - // TODO: Validate the params before sending - if params == nil { - params = NewGetJwtBearerGrantParams() - } - - result, err := a.transport.Submit(&runtime.ClientOperation{ - ID: "getJwtBearerGrant", - Method: "GET", - PathPattern: "/grants/jwt-bearer/{id}", - ProducesMediaTypes: []string{"application/json"}, - ConsumesMediaTypes: []string{"application/json"}, - Schemes: []string{"http", "https"}, - Params: params, - Reader: &GetJwtBearerGrantReader{formats: a.formats}, - Context: params.Context, - Client: params.HTTPClient, - }) - if err != nil { - return nil, err - } - success, ok := result.(*GetJwtBearerGrantOK) - if ok { - return success, nil - } - // unexpected success response - // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue - msg := fmt.Sprintf("unexpected success response for getJwtBearerGrant: API contract not enforced by server. Client expected to get an error, but got: %T", result) - panic(msg) -} - -/* - GetJwtBearerGrantList fetches all jwt bearer grants - - This endpoint returns list of jwt-bearer grants. Grant represents resource owner (RO) permission -for client to act on behalf of the RO. In this case client uses jwt to request access token to act as RO. -*/ -func (a *Client) GetJwtBearerGrantList(params *GetJwtBearerGrantListParams) (*GetJwtBearerGrantListOK, error) { - // TODO: Validate the params before sending - if params == nil { - params = NewGetJwtBearerGrantListParams() - } - - result, err := a.transport.Submit(&runtime.ClientOperation{ - ID: "getJwtBearerGrantList", - Method: "GET", - PathPattern: "/grants/jwt-bearer", - ProducesMediaTypes: []string{"application/json"}, - ConsumesMediaTypes: []string{"application/json"}, - Schemes: []string{"http", "https"}, - Params: params, - Reader: &GetJwtBearerGrantListReader{formats: a.formats}, - Context: params.Context, - Client: params.HTTPClient, - }) - if err != nil { - return nil, err - } - success, ok := result.(*GetJwtBearerGrantListOK) - if ok { - return success, nil - } - // unexpected success response - // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue - msg := fmt.Sprintf("unexpected success response for getJwtBearerGrantList: API contract not enforced by server. Client expected to get an error, but got: %T", result) - panic(msg) -} - /* GetLoginRequest gets a login request @@ -926,6 +817,43 @@ func (a *Client) GetOAuth2Client(params *GetOAuth2ClientParams) (*GetOAuth2Clien panic(msg) } +/* + GetTrustedJwtGrantIssuer gets a trusted o auth2 j w t bearer grant type issuer + + Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you +created the trust relationship. +*/ +func (a *Client) GetTrustedJwtGrantIssuer(params *GetTrustedJwtGrantIssuerParams) (*GetTrustedJwtGrantIssuerOK, error) { + // TODO: Validate the params before sending + if params == nil { + params = NewGetTrustedJwtGrantIssuerParams() + } + + result, err := a.transport.Submit(&runtime.ClientOperation{ + ID: "getTrustedJwtGrantIssuer", + Method: "GET", + PathPattern: "/trust/grants/jwt-bearer/issuers/{id}", + ProducesMediaTypes: []string{"application/json"}, + ConsumesMediaTypes: []string{"application/json"}, + Schemes: []string{"http", "https"}, + Params: params, + Reader: &GetTrustedJwtGrantIssuerReader{formats: a.formats}, + Context: params.Context, + Client: params.HTTPClient, + }) + if err != nil { + return nil, err + } + success, ok := result.(*GetTrustedJwtGrantIssuerOK) + if ok { + return success, nil + } + // unexpected success response + // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue + msg := fmt.Sprintf("unexpected success response for getTrustedJwtGrantIssuer: API contract not enforced by server. Client expected to get an error, but got: %T", result) + panic(msg) +} + /* GetVersion gets service version @@ -1130,6 +1058,42 @@ func (a *Client) ListSubjectConsentSessions(params *ListSubjectConsentSessionsPa panic(msg) } +/* + ListTrustedJwtGrantIssuers lists trusted o auth2 j w t bearer grant type issuers + + Use this endpoint to list all trusted JWT Bearer Grant Type Issuers. +*/ +func (a *Client) ListTrustedJwtGrantIssuers(params *ListTrustedJwtGrantIssuersParams) (*ListTrustedJwtGrantIssuersOK, error) { + // TODO: Validate the params before sending + if params == nil { + params = NewListTrustedJwtGrantIssuersParams() + } + + result, err := a.transport.Submit(&runtime.ClientOperation{ + ID: "listTrustedJwtGrantIssuers", + Method: "GET", + PathPattern: "/trust/grants/jwt-bearer/issuers", + ProducesMediaTypes: []string{"application/json"}, + ConsumesMediaTypes: []string{"application/json"}, + Schemes: []string{"http", "https"}, + Params: params, + Reader: &ListTrustedJwtGrantIssuersReader{formats: a.formats}, + Context: params.Context, + Client: params.HTTPClient, + }) + if err != nil { + return nil, err + } + success, ok := result.(*ListTrustedJwtGrantIssuersOK) + if ok { + return success, nil + } + // unexpected success response + // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue + msg := fmt.Sprintf("unexpected success response for listTrustedJwtGrantIssuers: API contract not enforced by server. Client expected to get an error, but got: %T", result) + panic(msg) +} + /* PatchOAuth2Client patches an o auth 2 0 client @@ -1420,6 +1384,44 @@ func (a *Client) RevokeConsentSessions(params *RevokeConsentSessionsParams) (*Re panic(msg) } +/* + TrustJwtGrantIssuer trusts an o auth2 j w t bearer grant type issuer + + Use this endpoint to establish a trust relationship for a JWT issuer +to perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication +and Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523). +*/ +func (a *Client) TrustJwtGrantIssuer(params *TrustJwtGrantIssuerParams) (*TrustJwtGrantIssuerCreated, error) { + // TODO: Validate the params before sending + if params == nil { + params = NewTrustJwtGrantIssuerParams() + } + + result, err := a.transport.Submit(&runtime.ClientOperation{ + ID: "trustJwtGrantIssuer", + Method: "POST", + PathPattern: "/trust/grants/jwt-bearer/issuers", + ProducesMediaTypes: []string{"application/json"}, + ConsumesMediaTypes: []string{"application/json"}, + Schemes: []string{"http", "https"}, + Params: params, + Reader: &TrustJwtGrantIssuerReader{formats: a.formats}, + Context: params.Context, + Client: params.HTTPClient, + }) + if err != nil { + return nil, err + } + success, ok := result.(*TrustJwtGrantIssuerCreated) + if ok { + return success, nil + } + // unexpected success response + // safeguard: normally, absent a default response, unknown success responses return an error above: so this is a codegen issue + msg := fmt.Sprintf("unexpected success response for trustJwtGrantIssuer: API contract not enforced by server. Client expected to get an error, but got: %T", result) + panic(msg) +} + /* UpdateJSONWebKey updates a JSON web key diff --git a/internal/httpclient/client/admin/create_json_web_key_set_parameters.go b/internal/httpclient/client/admin/create_json_web_key_set_parameters.go index 43acf4eba80..e4c1c054393 100644 --- a/internal/httpclient/client/admin/create_json_web_key_set_parameters.go +++ b/internal/httpclient/client/admin/create_json_web_key_set_parameters.go @@ -18,55 +18,55 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewCreateJSONWebKeySetParams creates a new CreateJSONWebKeySetParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewCreateJSONWebKeySetParams creates a new CreateJSONWebKeySetParams object +// with the default values initialized. func NewCreateJSONWebKeySetParams() *CreateJSONWebKeySetParams { + var () return &CreateJSONWebKeySetParams{ + timeout: cr.DefaultTimeout, } } // NewCreateJSONWebKeySetParamsWithTimeout creates a new CreateJSONWebKeySetParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewCreateJSONWebKeySetParamsWithTimeout(timeout time.Duration) *CreateJSONWebKeySetParams { + var () return &CreateJSONWebKeySetParams{ + timeout: timeout, } } // NewCreateJSONWebKeySetParamsWithContext creates a new CreateJSONWebKeySetParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewCreateJSONWebKeySetParamsWithContext(ctx context.Context) *CreateJSONWebKeySetParams { + var () return &CreateJSONWebKeySetParams{ + Context: ctx, } } // NewCreateJSONWebKeySetParamsWithHTTPClient creates a new CreateJSONWebKeySetParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewCreateJSONWebKeySetParamsWithHTTPClient(client *http.Client) *CreateJSONWebKeySetParams { + var () return &CreateJSONWebKeySetParams{ HTTPClient: client, } } -/* CreateJSONWebKeySetParams contains all the parameters to send to the API endpoint - for the create Json web key set operation. - - Typically these are written to a http.Request. +/*CreateJSONWebKeySetParams contains all the parameters to send to the API endpoint +for the create Json web key set operation typically these are written to a http.Request */ type CreateJSONWebKeySetParams struct { - // Body. + /*Body*/ Body *models.JSONWebKeySetGeneratorRequest + /*Set + The set - /* Set. - - The set */ Set string @@ -75,21 +75,6 @@ type CreateJSONWebKeySetParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the create Json web key set params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *CreateJSONWebKeySetParams) WithDefaults() *CreateJSONWebKeySetParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the create Json web key set params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *CreateJSONWebKeySetParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the create Json web key set params func (o *CreateJSONWebKeySetParams) WithTimeout(timeout time.Duration) *CreateJSONWebKeySetParams { o.SetTimeout(timeout) @@ -152,6 +137,7 @@ func (o *CreateJSONWebKeySetParams) WriteToRequest(r runtime.ClientRequest, reg return err } var res []error + if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/create_jwt_bearer_grant_parameters.go b/internal/httpclient/client/admin/create_jwt_bearer_grant_parameters.go deleted file mode 100644 index 5c66df4a82b..00000000000 --- a/internal/httpclient/client/admin/create_jwt_bearer_grant_parameters.go +++ /dev/null @@ -1,148 +0,0 @@ -// Code generated by go-swagger; DO NOT EDIT. - -package admin - -// This file was generated by the swagger tool. -// Editing this file might prove futile when you re-run the swagger generate command - -import ( - "context" - "net/http" - "time" - - "github.com/go-openapi/errors" - "github.com/go-openapi/runtime" - cr "github.com/go-openapi/runtime/client" - "github.com/go-openapi/strfmt" - - "github.com/ory/hydra/internal/httpclient/models" -) - -// NewCreateJwtBearerGrantParams creates a new CreateJwtBearerGrantParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. -func NewCreateJwtBearerGrantParams() *CreateJwtBearerGrantParams { - return &CreateJwtBearerGrantParams{ - timeout: cr.DefaultTimeout, - } -} - -// NewCreateJwtBearerGrantParamsWithTimeout creates a new CreateJwtBearerGrantParams object -// with the ability to set a timeout on a request. -func NewCreateJwtBearerGrantParamsWithTimeout(timeout time.Duration) *CreateJwtBearerGrantParams { - return &CreateJwtBearerGrantParams{ - timeout: timeout, - } -} - -// NewCreateJwtBearerGrantParamsWithContext creates a new CreateJwtBearerGrantParams object -// with the ability to set a context for a request. -func NewCreateJwtBearerGrantParamsWithContext(ctx context.Context) *CreateJwtBearerGrantParams { - return &CreateJwtBearerGrantParams{ - Context: ctx, - } -} - -// NewCreateJwtBearerGrantParamsWithHTTPClient creates a new CreateJwtBearerGrantParams object -// with the ability to set a custom HTTPClient for a request. -func NewCreateJwtBearerGrantParamsWithHTTPClient(client *http.Client) *CreateJwtBearerGrantParams { - return &CreateJwtBearerGrantParams{ - HTTPClient: client, - } -} - -/* CreateJwtBearerGrantParams contains all the parameters to send to the API endpoint - for the create jwt bearer grant operation. - - Typically these are written to a http.Request. -*/ -type CreateJwtBearerGrantParams struct { - - // Body. - Body *models.CreateJwtBearerGrantParams - - timeout time.Duration - Context context.Context - HTTPClient *http.Client -} - -// WithDefaults hydrates default values in the create jwt bearer grant params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *CreateJwtBearerGrantParams) WithDefaults() *CreateJwtBearerGrantParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the create jwt bearer grant params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *CreateJwtBearerGrantParams) SetDefaults() { - // no default values defined for this parameter -} - -// WithTimeout adds the timeout to the create jwt bearer grant params -func (o *CreateJwtBearerGrantParams) WithTimeout(timeout time.Duration) *CreateJwtBearerGrantParams { - o.SetTimeout(timeout) - return o -} - -// SetTimeout adds the timeout to the create jwt bearer grant params -func (o *CreateJwtBearerGrantParams) SetTimeout(timeout time.Duration) { - o.timeout = timeout -} - -// WithContext adds the context to the create jwt bearer grant params -func (o *CreateJwtBearerGrantParams) WithContext(ctx context.Context) *CreateJwtBearerGrantParams { - o.SetContext(ctx) - return o -} - -// SetContext adds the context to the create jwt bearer grant params -func (o *CreateJwtBearerGrantParams) SetContext(ctx context.Context) { - o.Context = ctx -} - -// WithHTTPClient adds the HTTPClient to the create jwt bearer grant params -func (o *CreateJwtBearerGrantParams) WithHTTPClient(client *http.Client) *CreateJwtBearerGrantParams { - o.SetHTTPClient(client) - return o -} - -// SetHTTPClient adds the HTTPClient to the create jwt bearer grant params -func (o *CreateJwtBearerGrantParams) SetHTTPClient(client *http.Client) { - o.HTTPClient = client -} - -// WithBody adds the body to the create jwt bearer grant params -func (o *CreateJwtBearerGrantParams) WithBody(body *models.CreateJwtBearerGrantParams) *CreateJwtBearerGrantParams { - o.SetBody(body) - return o -} - -// SetBody adds the body to the create jwt bearer grant params -func (o *CreateJwtBearerGrantParams) SetBody(body *models.CreateJwtBearerGrantParams) { - o.Body = body -} - -// WriteToRequest writes these params to a swagger request -func (o *CreateJwtBearerGrantParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { - - if err := r.SetTimeout(o.timeout); err != nil { - return err - } - var res []error - if o.Body != nil { - if err := r.SetBodyParam(o.Body); err != nil { - return err - } - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} diff --git a/internal/httpclient/client/admin/create_jwt_bearer_grant_responses.go b/internal/httpclient/client/admin/create_jwt_bearer_grant_responses.go deleted file mode 100644 index d06024f7215..00000000000 --- a/internal/httpclient/client/admin/create_jwt_bearer_grant_responses.go +++ /dev/null @@ -1,181 +0,0 @@ -// Code generated by go-swagger; DO NOT EDIT. - -package admin - -// This file was generated by the swagger tool. -// Editing this file might prove futile when you re-run the swagger generate command - -import ( - "fmt" - "io" - - "github.com/go-openapi/runtime" - "github.com/go-openapi/strfmt" - - "github.com/ory/hydra/internal/httpclient/models" -) - -// CreateJwtBearerGrantReader is a Reader for the CreateJwtBearerGrant structure. -type CreateJwtBearerGrantReader struct { - formats strfmt.Registry -} - -// ReadResponse reads a server response into the received o. -func (o *CreateJwtBearerGrantReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { - switch response.Code() { - case 201: - result := NewCreateJwtBearerGrantCreated() - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - return result, nil - case 400: - result := NewCreateJwtBearerGrantBadRequest() - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - return nil, result - case 409: - result := NewCreateJwtBearerGrantConflict() - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - return nil, result - case 500: - result := NewCreateJwtBearerGrantInternalServerError() - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - return nil, result - default: - return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) - } -} - -// NewCreateJwtBearerGrantCreated creates a CreateJwtBearerGrantCreated with default headers values -func NewCreateJwtBearerGrantCreated() *CreateJwtBearerGrantCreated { - return &CreateJwtBearerGrantCreated{} -} - -/* CreateJwtBearerGrantCreated describes a response with status code 201, with default header values. - -JwtBearerGrant -*/ -type CreateJwtBearerGrantCreated struct { - Payload *models.JwtBearerGrant -} - -func (o *CreateJwtBearerGrantCreated) Error() string { - return fmt.Sprintf("[POST /grants/jwt-bearer][%d] createJwtBearerGrantCreated %+v", 201, o.Payload) -} -func (o *CreateJwtBearerGrantCreated) GetPayload() *models.JwtBearerGrant { - return o.Payload -} - -func (o *CreateJwtBearerGrantCreated) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - - o.Payload = new(models.JwtBearerGrant) - - // response payload - if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { - return err - } - - return nil -} - -// NewCreateJwtBearerGrantBadRequest creates a CreateJwtBearerGrantBadRequest with default headers values -func NewCreateJwtBearerGrantBadRequest() *CreateJwtBearerGrantBadRequest { - return &CreateJwtBearerGrantBadRequest{} -} - -/* CreateJwtBearerGrantBadRequest describes a response with status code 400, with default header values. - -genericError -*/ -type CreateJwtBearerGrantBadRequest struct { - Payload *models.GenericError -} - -func (o *CreateJwtBearerGrantBadRequest) Error() string { - return fmt.Sprintf("[POST /grants/jwt-bearer][%d] createJwtBearerGrantBadRequest %+v", 400, o.Payload) -} -func (o *CreateJwtBearerGrantBadRequest) GetPayload() *models.GenericError { - return o.Payload -} - -func (o *CreateJwtBearerGrantBadRequest) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - - o.Payload = new(models.GenericError) - - // response payload - if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { - return err - } - - return nil -} - -// NewCreateJwtBearerGrantConflict creates a CreateJwtBearerGrantConflict with default headers values -func NewCreateJwtBearerGrantConflict() *CreateJwtBearerGrantConflict { - return &CreateJwtBearerGrantConflict{} -} - -/* CreateJwtBearerGrantConflict describes a response with status code 409, with default header values. - -genericError -*/ -type CreateJwtBearerGrantConflict struct { - Payload *models.GenericError -} - -func (o *CreateJwtBearerGrantConflict) Error() string { - return fmt.Sprintf("[POST /grants/jwt-bearer][%d] createJwtBearerGrantConflict %+v", 409, o.Payload) -} -func (o *CreateJwtBearerGrantConflict) GetPayload() *models.GenericError { - return o.Payload -} - -func (o *CreateJwtBearerGrantConflict) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - - o.Payload = new(models.GenericError) - - // response payload - if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { - return err - } - - return nil -} - -// NewCreateJwtBearerGrantInternalServerError creates a CreateJwtBearerGrantInternalServerError with default headers values -func NewCreateJwtBearerGrantInternalServerError() *CreateJwtBearerGrantInternalServerError { - return &CreateJwtBearerGrantInternalServerError{} -} - -/* CreateJwtBearerGrantInternalServerError describes a response with status code 500, with default header values. - -genericError -*/ -type CreateJwtBearerGrantInternalServerError struct { - Payload *models.GenericError -} - -func (o *CreateJwtBearerGrantInternalServerError) Error() string { - return fmt.Sprintf("[POST /grants/jwt-bearer][%d] createJwtBearerGrantInternalServerError %+v", 500, o.Payload) -} -func (o *CreateJwtBearerGrantInternalServerError) GetPayload() *models.GenericError { - return o.Payload -} - -func (o *CreateJwtBearerGrantInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - - o.Payload = new(models.GenericError) - - // response payload - if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { - return err - } - - return nil -} diff --git a/internal/httpclient/client/admin/create_o_auth2_client_parameters.go b/internal/httpclient/client/admin/create_o_auth2_client_parameters.go index f719021b83a..c3ce0633992 100644 --- a/internal/httpclient/client/admin/create_o_auth2_client_parameters.go +++ b/internal/httpclient/client/admin/create_o_auth2_client_parameters.go @@ -18,50 +18,51 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewCreateOAuth2ClientParams creates a new CreateOAuth2ClientParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewCreateOAuth2ClientParams creates a new CreateOAuth2ClientParams object +// with the default values initialized. func NewCreateOAuth2ClientParams() *CreateOAuth2ClientParams { + var () return &CreateOAuth2ClientParams{ + timeout: cr.DefaultTimeout, } } // NewCreateOAuth2ClientParamsWithTimeout creates a new CreateOAuth2ClientParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewCreateOAuth2ClientParamsWithTimeout(timeout time.Duration) *CreateOAuth2ClientParams { + var () return &CreateOAuth2ClientParams{ + timeout: timeout, } } // NewCreateOAuth2ClientParamsWithContext creates a new CreateOAuth2ClientParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewCreateOAuth2ClientParamsWithContext(ctx context.Context) *CreateOAuth2ClientParams { + var () return &CreateOAuth2ClientParams{ + Context: ctx, } } // NewCreateOAuth2ClientParamsWithHTTPClient creates a new CreateOAuth2ClientParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewCreateOAuth2ClientParamsWithHTTPClient(client *http.Client) *CreateOAuth2ClientParams { + var () return &CreateOAuth2ClientParams{ HTTPClient: client, } } -/* CreateOAuth2ClientParams contains all the parameters to send to the API endpoint - for the create o auth2 client operation. - - Typically these are written to a http.Request. +/*CreateOAuth2ClientParams contains all the parameters to send to the API endpoint +for the create o auth2 client operation typically these are written to a http.Request */ type CreateOAuth2ClientParams struct { - // Body. + /*Body*/ Body *models.OAuth2Client timeout time.Duration @@ -69,21 +70,6 @@ type CreateOAuth2ClientParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the create o auth2 client params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *CreateOAuth2ClientParams) WithDefaults() *CreateOAuth2ClientParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the create o auth2 client params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *CreateOAuth2ClientParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the create o auth2 client params func (o *CreateOAuth2ClientParams) WithTimeout(timeout time.Duration) *CreateOAuth2ClientParams { o.SetTimeout(timeout) @@ -135,6 +121,7 @@ func (o *CreateOAuth2ClientParams) WriteToRequest(r runtime.ClientRequest, reg s return err } var res []error + if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/delete_json_web_key_parameters.go b/internal/httpclient/client/admin/delete_json_web_key_parameters.go index c1e71f1d5d8..4f4f4fa4401 100644 --- a/internal/httpclient/client/admin/delete_json_web_key_parameters.go +++ b/internal/httpclient/client/admin/delete_json_web_key_parameters.go @@ -16,58 +16,58 @@ import ( "github.com/go-openapi/strfmt" ) -// NewDeleteJSONWebKeyParams creates a new DeleteJSONWebKeyParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewDeleteJSONWebKeyParams creates a new DeleteJSONWebKeyParams object +// with the default values initialized. func NewDeleteJSONWebKeyParams() *DeleteJSONWebKeyParams { + var () return &DeleteJSONWebKeyParams{ + timeout: cr.DefaultTimeout, } } // NewDeleteJSONWebKeyParamsWithTimeout creates a new DeleteJSONWebKeyParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewDeleteJSONWebKeyParamsWithTimeout(timeout time.Duration) *DeleteJSONWebKeyParams { + var () return &DeleteJSONWebKeyParams{ + timeout: timeout, } } // NewDeleteJSONWebKeyParamsWithContext creates a new DeleteJSONWebKeyParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewDeleteJSONWebKeyParamsWithContext(ctx context.Context) *DeleteJSONWebKeyParams { + var () return &DeleteJSONWebKeyParams{ + Context: ctx, } } // NewDeleteJSONWebKeyParamsWithHTTPClient creates a new DeleteJSONWebKeyParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewDeleteJSONWebKeyParamsWithHTTPClient(client *http.Client) *DeleteJSONWebKeyParams { + var () return &DeleteJSONWebKeyParams{ HTTPClient: client, } } -/* DeleteJSONWebKeyParams contains all the parameters to send to the API endpoint - for the delete Json web key operation. - - Typically these are written to a http.Request. +/*DeleteJSONWebKeyParams contains all the parameters to send to the API endpoint +for the delete Json web key operation typically these are written to a http.Request */ type DeleteJSONWebKeyParams struct { - /* Kid. + /*Kid + The kid of the desired key - The kid of the desired key */ Kid string + /*Set + The set - /* Set. - - The set */ Set string @@ -76,21 +76,6 @@ type DeleteJSONWebKeyParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the delete Json web key params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DeleteJSONWebKeyParams) WithDefaults() *DeleteJSONWebKeyParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the delete Json web key params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DeleteJSONWebKeyParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the delete Json web key params func (o *DeleteJSONWebKeyParams) WithTimeout(timeout time.Duration) *DeleteJSONWebKeyParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/delete_json_web_key_set_parameters.go b/internal/httpclient/client/admin/delete_json_web_key_set_parameters.go index 5bb84e5a07a..a6e06c48d86 100644 --- a/internal/httpclient/client/admin/delete_json_web_key_set_parameters.go +++ b/internal/httpclient/client/admin/delete_json_web_key_set_parameters.go @@ -16,52 +16,53 @@ import ( "github.com/go-openapi/strfmt" ) -// NewDeleteJSONWebKeySetParams creates a new DeleteJSONWebKeySetParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewDeleteJSONWebKeySetParams creates a new DeleteJSONWebKeySetParams object +// with the default values initialized. func NewDeleteJSONWebKeySetParams() *DeleteJSONWebKeySetParams { + var () return &DeleteJSONWebKeySetParams{ + timeout: cr.DefaultTimeout, } } // NewDeleteJSONWebKeySetParamsWithTimeout creates a new DeleteJSONWebKeySetParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewDeleteJSONWebKeySetParamsWithTimeout(timeout time.Duration) *DeleteJSONWebKeySetParams { + var () return &DeleteJSONWebKeySetParams{ + timeout: timeout, } } // NewDeleteJSONWebKeySetParamsWithContext creates a new DeleteJSONWebKeySetParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewDeleteJSONWebKeySetParamsWithContext(ctx context.Context) *DeleteJSONWebKeySetParams { + var () return &DeleteJSONWebKeySetParams{ + Context: ctx, } } // NewDeleteJSONWebKeySetParamsWithHTTPClient creates a new DeleteJSONWebKeySetParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewDeleteJSONWebKeySetParamsWithHTTPClient(client *http.Client) *DeleteJSONWebKeySetParams { + var () return &DeleteJSONWebKeySetParams{ HTTPClient: client, } } -/* DeleteJSONWebKeySetParams contains all the parameters to send to the API endpoint - for the delete Json web key set operation. - - Typically these are written to a http.Request. +/*DeleteJSONWebKeySetParams contains all the parameters to send to the API endpoint +for the delete Json web key set operation typically these are written to a http.Request */ type DeleteJSONWebKeySetParams struct { - /* Set. + /*Set + The set - The set */ Set string @@ -70,21 +71,6 @@ type DeleteJSONWebKeySetParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the delete Json web key set params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DeleteJSONWebKeySetParams) WithDefaults() *DeleteJSONWebKeySetParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the delete Json web key set params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DeleteJSONWebKeySetParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the delete Json web key set params func (o *DeleteJSONWebKeySetParams) WithTimeout(timeout time.Duration) *DeleteJSONWebKeySetParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/delete_jwt_bearer_grant_parameters.go b/internal/httpclient/client/admin/delete_jwt_bearer_grant_parameters.go deleted file mode 100644 index bbf01547d6b..00000000000 --- a/internal/httpclient/client/admin/delete_jwt_bearer_grant_parameters.go +++ /dev/null @@ -1,149 +0,0 @@ -// Code generated by go-swagger; DO NOT EDIT. - -package admin - -// This file was generated by the swagger tool. -// Editing this file might prove futile when you re-run the swagger generate command - -import ( - "context" - "net/http" - "time" - - "github.com/go-openapi/errors" - "github.com/go-openapi/runtime" - cr "github.com/go-openapi/runtime/client" - "github.com/go-openapi/strfmt" -) - -// NewDeleteJwtBearerGrantParams creates a new DeleteJwtBearerGrantParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. -func NewDeleteJwtBearerGrantParams() *DeleteJwtBearerGrantParams { - return &DeleteJwtBearerGrantParams{ - timeout: cr.DefaultTimeout, - } -} - -// NewDeleteJwtBearerGrantParamsWithTimeout creates a new DeleteJwtBearerGrantParams object -// with the ability to set a timeout on a request. -func NewDeleteJwtBearerGrantParamsWithTimeout(timeout time.Duration) *DeleteJwtBearerGrantParams { - return &DeleteJwtBearerGrantParams{ - timeout: timeout, - } -} - -// NewDeleteJwtBearerGrantParamsWithContext creates a new DeleteJwtBearerGrantParams object -// with the ability to set a context for a request. -func NewDeleteJwtBearerGrantParamsWithContext(ctx context.Context) *DeleteJwtBearerGrantParams { - return &DeleteJwtBearerGrantParams{ - Context: ctx, - } -} - -// NewDeleteJwtBearerGrantParamsWithHTTPClient creates a new DeleteJwtBearerGrantParams object -// with the ability to set a custom HTTPClient for a request. -func NewDeleteJwtBearerGrantParamsWithHTTPClient(client *http.Client) *DeleteJwtBearerGrantParams { - return &DeleteJwtBearerGrantParams{ - HTTPClient: client, - } -} - -/* DeleteJwtBearerGrantParams contains all the parameters to send to the API endpoint - for the delete jwt bearer grant operation. - - Typically these are written to a http.Request. -*/ -type DeleteJwtBearerGrantParams struct { - - /* ID. - - The id of the desired grant - */ - ID string - - timeout time.Duration - Context context.Context - HTTPClient *http.Client -} - -// WithDefaults hydrates default values in the delete jwt bearer grant params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DeleteJwtBearerGrantParams) WithDefaults() *DeleteJwtBearerGrantParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the delete jwt bearer grant params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DeleteJwtBearerGrantParams) SetDefaults() { - // no default values defined for this parameter -} - -// WithTimeout adds the timeout to the delete jwt bearer grant params -func (o *DeleteJwtBearerGrantParams) WithTimeout(timeout time.Duration) *DeleteJwtBearerGrantParams { - o.SetTimeout(timeout) - return o -} - -// SetTimeout adds the timeout to the delete jwt bearer grant params -func (o *DeleteJwtBearerGrantParams) SetTimeout(timeout time.Duration) { - o.timeout = timeout -} - -// WithContext adds the context to the delete jwt bearer grant params -func (o *DeleteJwtBearerGrantParams) WithContext(ctx context.Context) *DeleteJwtBearerGrantParams { - o.SetContext(ctx) - return o -} - -// SetContext adds the context to the delete jwt bearer grant params -func (o *DeleteJwtBearerGrantParams) SetContext(ctx context.Context) { - o.Context = ctx -} - -// WithHTTPClient adds the HTTPClient to the delete jwt bearer grant params -func (o *DeleteJwtBearerGrantParams) WithHTTPClient(client *http.Client) *DeleteJwtBearerGrantParams { - o.SetHTTPClient(client) - return o -} - -// SetHTTPClient adds the HTTPClient to the delete jwt bearer grant params -func (o *DeleteJwtBearerGrantParams) SetHTTPClient(client *http.Client) { - o.HTTPClient = client -} - -// WithID adds the id to the delete jwt bearer grant params -func (o *DeleteJwtBearerGrantParams) WithID(id string) *DeleteJwtBearerGrantParams { - o.SetID(id) - return o -} - -// SetID adds the id to the delete jwt bearer grant params -func (o *DeleteJwtBearerGrantParams) SetID(id string) { - o.ID = id -} - -// WriteToRequest writes these params to a swagger request -func (o *DeleteJwtBearerGrantParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { - - if err := r.SetTimeout(o.timeout); err != nil { - return err - } - var res []error - - // path param id - if err := r.SetPathParam("id", o.ID); err != nil { - return err - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} diff --git a/internal/httpclient/client/admin/delete_jwt_bearer_grant_responses.go b/internal/httpclient/client/admin/delete_jwt_bearer_grant_responses.go deleted file mode 100644 index 7f18a3fc975..00000000000 --- a/internal/httpclient/client/admin/delete_jwt_bearer_grant_responses.go +++ /dev/null @@ -1,133 +0,0 @@ -// Code generated by go-swagger; DO NOT EDIT. - -package admin - -// This file was generated by the swagger tool. -// Editing this file might prove futile when you re-run the swagger generate command - -import ( - "fmt" - "io" - - "github.com/go-openapi/runtime" - "github.com/go-openapi/strfmt" - - "github.com/ory/hydra/internal/httpclient/models" -) - -// DeleteJwtBearerGrantReader is a Reader for the DeleteJwtBearerGrant structure. -type DeleteJwtBearerGrantReader struct { - formats strfmt.Registry -} - -// ReadResponse reads a server response into the received o. -func (o *DeleteJwtBearerGrantReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { - switch response.Code() { - case 204: - result := NewDeleteJwtBearerGrantNoContent() - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - return result, nil - case 404: - result := NewDeleteJwtBearerGrantNotFound() - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - return nil, result - case 500: - result := NewDeleteJwtBearerGrantInternalServerError() - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - return nil, result - default: - return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) - } -} - -// NewDeleteJwtBearerGrantNoContent creates a DeleteJwtBearerGrantNoContent with default headers values -func NewDeleteJwtBearerGrantNoContent() *DeleteJwtBearerGrantNoContent { - return &DeleteJwtBearerGrantNoContent{} -} - -/* DeleteJwtBearerGrantNoContent describes a response with status code 204, with default header values. - - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is -typically 201. -*/ -type DeleteJwtBearerGrantNoContent struct { -} - -func (o *DeleteJwtBearerGrantNoContent) Error() string { - return fmt.Sprintf("[DELETE /grants/jwt-bearer/{id}][%d] deleteJwtBearerGrantNoContent ", 204) -} - -func (o *DeleteJwtBearerGrantNoContent) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - - return nil -} - -// NewDeleteJwtBearerGrantNotFound creates a DeleteJwtBearerGrantNotFound with default headers values -func NewDeleteJwtBearerGrantNotFound() *DeleteJwtBearerGrantNotFound { - return &DeleteJwtBearerGrantNotFound{} -} - -/* DeleteJwtBearerGrantNotFound describes a response with status code 404, with default header values. - -genericError -*/ -type DeleteJwtBearerGrantNotFound struct { - Payload *models.GenericError -} - -func (o *DeleteJwtBearerGrantNotFound) Error() string { - return fmt.Sprintf("[DELETE /grants/jwt-bearer/{id}][%d] deleteJwtBearerGrantNotFound %+v", 404, o.Payload) -} -func (o *DeleteJwtBearerGrantNotFound) GetPayload() *models.GenericError { - return o.Payload -} - -func (o *DeleteJwtBearerGrantNotFound) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - - o.Payload = new(models.GenericError) - - // response payload - if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { - return err - } - - return nil -} - -// NewDeleteJwtBearerGrantInternalServerError creates a DeleteJwtBearerGrantInternalServerError with default headers values -func NewDeleteJwtBearerGrantInternalServerError() *DeleteJwtBearerGrantInternalServerError { - return &DeleteJwtBearerGrantInternalServerError{} -} - -/* DeleteJwtBearerGrantInternalServerError describes a response with status code 500, with default header values. - -genericError -*/ -type DeleteJwtBearerGrantInternalServerError struct { - Payload *models.GenericError -} - -func (o *DeleteJwtBearerGrantInternalServerError) Error() string { - return fmt.Sprintf("[DELETE /grants/jwt-bearer/{id}][%d] deleteJwtBearerGrantInternalServerError %+v", 500, o.Payload) -} -func (o *DeleteJwtBearerGrantInternalServerError) GetPayload() *models.GenericError { - return o.Payload -} - -func (o *DeleteJwtBearerGrantInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - - o.Payload = new(models.GenericError) - - // response payload - if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { - return err - } - - return nil -} diff --git a/internal/httpclient/client/admin/delete_o_auth2_client_parameters.go b/internal/httpclient/client/admin/delete_o_auth2_client_parameters.go index 313a6b76fdf..6eb2b90b311 100644 --- a/internal/httpclient/client/admin/delete_o_auth2_client_parameters.go +++ b/internal/httpclient/client/admin/delete_o_auth2_client_parameters.go @@ -16,52 +16,53 @@ import ( "github.com/go-openapi/strfmt" ) -// NewDeleteOAuth2ClientParams creates a new DeleteOAuth2ClientParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewDeleteOAuth2ClientParams creates a new DeleteOAuth2ClientParams object +// with the default values initialized. func NewDeleteOAuth2ClientParams() *DeleteOAuth2ClientParams { + var () return &DeleteOAuth2ClientParams{ + timeout: cr.DefaultTimeout, } } // NewDeleteOAuth2ClientParamsWithTimeout creates a new DeleteOAuth2ClientParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewDeleteOAuth2ClientParamsWithTimeout(timeout time.Duration) *DeleteOAuth2ClientParams { + var () return &DeleteOAuth2ClientParams{ + timeout: timeout, } } // NewDeleteOAuth2ClientParamsWithContext creates a new DeleteOAuth2ClientParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewDeleteOAuth2ClientParamsWithContext(ctx context.Context) *DeleteOAuth2ClientParams { + var () return &DeleteOAuth2ClientParams{ + Context: ctx, } } // NewDeleteOAuth2ClientParamsWithHTTPClient creates a new DeleteOAuth2ClientParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewDeleteOAuth2ClientParamsWithHTTPClient(client *http.Client) *DeleteOAuth2ClientParams { + var () return &DeleteOAuth2ClientParams{ HTTPClient: client, } } -/* DeleteOAuth2ClientParams contains all the parameters to send to the API endpoint - for the delete o auth2 client operation. - - Typically these are written to a http.Request. +/*DeleteOAuth2ClientParams contains all the parameters to send to the API endpoint +for the delete o auth2 client operation typically these are written to a http.Request */ type DeleteOAuth2ClientParams struct { - /* ID. + /*ID + The id of the OAuth 2.0 Client. - The id of the OAuth 2.0 Client. */ ID string @@ -70,21 +71,6 @@ type DeleteOAuth2ClientParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the delete o auth2 client params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DeleteOAuth2ClientParams) WithDefaults() *DeleteOAuth2ClientParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the delete o auth2 client params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DeleteOAuth2ClientParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the delete o auth2 client params func (o *DeleteOAuth2ClientParams) WithTimeout(timeout time.Duration) *DeleteOAuth2ClientParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/delete_o_auth2_token_parameters.go b/internal/httpclient/client/admin/delete_o_auth2_token_parameters.go index 683579f246a..ae926e1d885 100644 --- a/internal/httpclient/client/admin/delete_o_auth2_token_parameters.go +++ b/internal/httpclient/client/admin/delete_o_auth2_token_parameters.go @@ -16,50 +16,51 @@ import ( "github.com/go-openapi/strfmt" ) -// NewDeleteOAuth2TokenParams creates a new DeleteOAuth2TokenParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewDeleteOAuth2TokenParams creates a new DeleteOAuth2TokenParams object +// with the default values initialized. func NewDeleteOAuth2TokenParams() *DeleteOAuth2TokenParams { + var () return &DeleteOAuth2TokenParams{ + timeout: cr.DefaultTimeout, } } // NewDeleteOAuth2TokenParamsWithTimeout creates a new DeleteOAuth2TokenParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewDeleteOAuth2TokenParamsWithTimeout(timeout time.Duration) *DeleteOAuth2TokenParams { + var () return &DeleteOAuth2TokenParams{ + timeout: timeout, } } // NewDeleteOAuth2TokenParamsWithContext creates a new DeleteOAuth2TokenParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewDeleteOAuth2TokenParamsWithContext(ctx context.Context) *DeleteOAuth2TokenParams { + var () return &DeleteOAuth2TokenParams{ + Context: ctx, } } // NewDeleteOAuth2TokenParamsWithHTTPClient creates a new DeleteOAuth2TokenParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewDeleteOAuth2TokenParamsWithHTTPClient(client *http.Client) *DeleteOAuth2TokenParams { + var () return &DeleteOAuth2TokenParams{ HTTPClient: client, } } -/* DeleteOAuth2TokenParams contains all the parameters to send to the API endpoint - for the delete o auth2 token operation. - - Typically these are written to a http.Request. +/*DeleteOAuth2TokenParams contains all the parameters to send to the API endpoint +for the delete o auth2 token operation typically these are written to a http.Request */ type DeleteOAuth2TokenParams struct { - // ClientID. + /*ClientID*/ ClientID string timeout time.Duration @@ -67,21 +68,6 @@ type DeleteOAuth2TokenParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the delete o auth2 token params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DeleteOAuth2TokenParams) WithDefaults() *DeleteOAuth2TokenParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the delete o auth2 token params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DeleteOAuth2TokenParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the delete o auth2 token params func (o *DeleteOAuth2TokenParams) WithTimeout(timeout time.Duration) *DeleteOAuth2TokenParams { o.SetTimeout(timeout) @@ -138,7 +124,6 @@ func (o *DeleteOAuth2TokenParams) WriteToRequest(r runtime.ClientRequest, reg st qrClientID := o.ClientID qClientID := qrClientID if qClientID != "" { - if err := r.SetQueryParam("client_id", qClientID); err != nil { return err } diff --git a/internal/httpclient/client/admin/delete_trusted_jwt_grant_issuer_parameters.go b/internal/httpclient/client/admin/delete_trusted_jwt_grant_issuer_parameters.go new file mode 100644 index 00000000000..7e9757530cf --- /dev/null +++ b/internal/httpclient/client/admin/delete_trusted_jwt_grant_issuer_parameters.go @@ -0,0 +1,135 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + "net/http" + "time" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + cr "github.com/go-openapi/runtime/client" + "github.com/go-openapi/strfmt" +) + +// NewDeleteTrustedJwtGrantIssuerParams creates a new DeleteTrustedJwtGrantIssuerParams object +// with the default values initialized. +func NewDeleteTrustedJwtGrantIssuerParams() *DeleteTrustedJwtGrantIssuerParams { + var () + return &DeleteTrustedJwtGrantIssuerParams{ + + timeout: cr.DefaultTimeout, + } +} + +// NewDeleteTrustedJwtGrantIssuerParamsWithTimeout creates a new DeleteTrustedJwtGrantIssuerParams object +// with the default values initialized, and the ability to set a timeout on a request +func NewDeleteTrustedJwtGrantIssuerParamsWithTimeout(timeout time.Duration) *DeleteTrustedJwtGrantIssuerParams { + var () + return &DeleteTrustedJwtGrantIssuerParams{ + + timeout: timeout, + } +} + +// NewDeleteTrustedJwtGrantIssuerParamsWithContext creates a new DeleteTrustedJwtGrantIssuerParams object +// with the default values initialized, and the ability to set a context for a request +func NewDeleteTrustedJwtGrantIssuerParamsWithContext(ctx context.Context) *DeleteTrustedJwtGrantIssuerParams { + var () + return &DeleteTrustedJwtGrantIssuerParams{ + + Context: ctx, + } +} + +// NewDeleteTrustedJwtGrantIssuerParamsWithHTTPClient creates a new DeleteTrustedJwtGrantIssuerParams object +// with the default values initialized, and the ability to set a custom HTTPClient for a request +func NewDeleteTrustedJwtGrantIssuerParamsWithHTTPClient(client *http.Client) *DeleteTrustedJwtGrantIssuerParams { + var () + return &DeleteTrustedJwtGrantIssuerParams{ + HTTPClient: client, + } +} + +/*DeleteTrustedJwtGrantIssuerParams contains all the parameters to send to the API endpoint +for the delete trusted jwt grant issuer operation typically these are written to a http.Request +*/ +type DeleteTrustedJwtGrantIssuerParams struct { + + /*ID + The id of the desired grant + + */ + ID string + + timeout time.Duration + Context context.Context + HTTPClient *http.Client +} + +// WithTimeout adds the timeout to the delete trusted jwt grant issuer params +func (o *DeleteTrustedJwtGrantIssuerParams) WithTimeout(timeout time.Duration) *DeleteTrustedJwtGrantIssuerParams { + o.SetTimeout(timeout) + return o +} + +// SetTimeout adds the timeout to the delete trusted jwt grant issuer params +func (o *DeleteTrustedJwtGrantIssuerParams) SetTimeout(timeout time.Duration) { + o.timeout = timeout +} + +// WithContext adds the context to the delete trusted jwt grant issuer params +func (o *DeleteTrustedJwtGrantIssuerParams) WithContext(ctx context.Context) *DeleteTrustedJwtGrantIssuerParams { + o.SetContext(ctx) + return o +} + +// SetContext adds the context to the delete trusted jwt grant issuer params +func (o *DeleteTrustedJwtGrantIssuerParams) SetContext(ctx context.Context) { + o.Context = ctx +} + +// WithHTTPClient adds the HTTPClient to the delete trusted jwt grant issuer params +func (o *DeleteTrustedJwtGrantIssuerParams) WithHTTPClient(client *http.Client) *DeleteTrustedJwtGrantIssuerParams { + o.SetHTTPClient(client) + return o +} + +// SetHTTPClient adds the HTTPClient to the delete trusted jwt grant issuer params +func (o *DeleteTrustedJwtGrantIssuerParams) SetHTTPClient(client *http.Client) { + o.HTTPClient = client +} + +// WithID adds the id to the delete trusted jwt grant issuer params +func (o *DeleteTrustedJwtGrantIssuerParams) WithID(id string) *DeleteTrustedJwtGrantIssuerParams { + o.SetID(id) + return o +} + +// SetID adds the id to the delete trusted jwt grant issuer params +func (o *DeleteTrustedJwtGrantIssuerParams) SetID(id string) { + o.ID = id +} + +// WriteToRequest writes these params to a swagger request +func (o *DeleteTrustedJwtGrantIssuerParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { + + if err := r.SetTimeout(o.timeout); err != nil { + return err + } + var res []error + + // path param id + if err := r.SetPathParam("id", o.ID); err != nil { + return err + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/internal/httpclient/client/admin/delete_trusted_jwt_grant_issuer_responses.go b/internal/httpclient/client/admin/delete_trusted_jwt_grant_issuer_responses.go new file mode 100644 index 00000000000..4dbc61b2ea2 --- /dev/null +++ b/internal/httpclient/client/admin/delete_trusted_jwt_grant_issuer_responses.go @@ -0,0 +1,136 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "fmt" + "io" + + "github.com/go-openapi/runtime" + "github.com/go-openapi/strfmt" + + "github.com/ory/hydra/internal/httpclient/models" +) + +// DeleteTrustedJwtGrantIssuerReader is a Reader for the DeleteTrustedJwtGrantIssuer structure. +type DeleteTrustedJwtGrantIssuerReader struct { + formats strfmt.Registry +} + +// ReadResponse reads a server response into the received o. +func (o *DeleteTrustedJwtGrantIssuerReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { + switch response.Code() { + case 204: + result := NewDeleteTrustedJwtGrantIssuerNoContent() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return result, nil + case 404: + result := NewDeleteTrustedJwtGrantIssuerNotFound() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + case 500: + result := NewDeleteTrustedJwtGrantIssuerInternalServerError() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + + default: + return nil, runtime.NewAPIError("unknown error", response, response.Code()) + } +} + +// NewDeleteTrustedJwtGrantIssuerNoContent creates a DeleteTrustedJwtGrantIssuerNoContent with default headers values +func NewDeleteTrustedJwtGrantIssuerNoContent() *DeleteTrustedJwtGrantIssuerNoContent { + return &DeleteTrustedJwtGrantIssuerNoContent{} +} + +/*DeleteTrustedJwtGrantIssuerNoContent handles this case with default header values. + +Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is +typically 201. +*/ +type DeleteTrustedJwtGrantIssuerNoContent struct { +} + +func (o *DeleteTrustedJwtGrantIssuerNoContent) Error() string { + return fmt.Sprintf("[DELETE /trust/grants/jwt-bearer/issuers/{id}][%d] deleteTrustedJwtGrantIssuerNoContent ", 204) +} + +func (o *DeleteTrustedJwtGrantIssuerNoContent) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + return nil +} + +// NewDeleteTrustedJwtGrantIssuerNotFound creates a DeleteTrustedJwtGrantIssuerNotFound with default headers values +func NewDeleteTrustedJwtGrantIssuerNotFound() *DeleteTrustedJwtGrantIssuerNotFound { + return &DeleteTrustedJwtGrantIssuerNotFound{} +} + +/*DeleteTrustedJwtGrantIssuerNotFound handles this case with default header values. + +genericError +*/ +type DeleteTrustedJwtGrantIssuerNotFound struct { + Payload *models.GenericError +} + +func (o *DeleteTrustedJwtGrantIssuerNotFound) Error() string { + return fmt.Sprintf("[DELETE /trust/grants/jwt-bearer/issuers/{id}][%d] deleteTrustedJwtGrantIssuerNotFound %+v", 404, o.Payload) +} + +func (o *DeleteTrustedJwtGrantIssuerNotFound) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *DeleteTrustedJwtGrantIssuerNotFound) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewDeleteTrustedJwtGrantIssuerInternalServerError creates a DeleteTrustedJwtGrantIssuerInternalServerError with default headers values +func NewDeleteTrustedJwtGrantIssuerInternalServerError() *DeleteTrustedJwtGrantIssuerInternalServerError { + return &DeleteTrustedJwtGrantIssuerInternalServerError{} +} + +/*DeleteTrustedJwtGrantIssuerInternalServerError handles this case with default header values. + +genericError +*/ +type DeleteTrustedJwtGrantIssuerInternalServerError struct { + Payload *models.GenericError +} + +func (o *DeleteTrustedJwtGrantIssuerInternalServerError) Error() string { + return fmt.Sprintf("[DELETE /trust/grants/jwt-bearer/issuers/{id}][%d] deleteTrustedJwtGrantIssuerInternalServerError %+v", 500, o.Payload) +} + +func (o *DeleteTrustedJwtGrantIssuerInternalServerError) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *DeleteTrustedJwtGrantIssuerInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} diff --git a/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_parameters.go b/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_parameters.go index 2018da99ebc..f2e1a202f50 100644 --- a/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_parameters.go +++ b/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_parameters.go @@ -18,50 +18,51 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewFlushInactiveJwtBearerGrantsParams creates a new FlushInactiveJwtBearerGrantsParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewFlushInactiveJwtBearerGrantsParams creates a new FlushInactiveJwtBearerGrantsParams object +// with the default values initialized. func NewFlushInactiveJwtBearerGrantsParams() *FlushInactiveJwtBearerGrantsParams { + var () return &FlushInactiveJwtBearerGrantsParams{ + timeout: cr.DefaultTimeout, } } // NewFlushInactiveJwtBearerGrantsParamsWithTimeout creates a new FlushInactiveJwtBearerGrantsParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewFlushInactiveJwtBearerGrantsParamsWithTimeout(timeout time.Duration) *FlushInactiveJwtBearerGrantsParams { + var () return &FlushInactiveJwtBearerGrantsParams{ + timeout: timeout, } } // NewFlushInactiveJwtBearerGrantsParamsWithContext creates a new FlushInactiveJwtBearerGrantsParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewFlushInactiveJwtBearerGrantsParamsWithContext(ctx context.Context) *FlushInactiveJwtBearerGrantsParams { + var () return &FlushInactiveJwtBearerGrantsParams{ + Context: ctx, } } // NewFlushInactiveJwtBearerGrantsParamsWithHTTPClient creates a new FlushInactiveJwtBearerGrantsParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewFlushInactiveJwtBearerGrantsParamsWithHTTPClient(client *http.Client) *FlushInactiveJwtBearerGrantsParams { + var () return &FlushInactiveJwtBearerGrantsParams{ HTTPClient: client, } } -/* FlushInactiveJwtBearerGrantsParams contains all the parameters to send to the API endpoint - for the flush inactive jwt bearer grants operation. - - Typically these are written to a http.Request. +/*FlushInactiveJwtBearerGrantsParams contains all the parameters to send to the API endpoint +for the flush inactive jwt bearer grants operation typically these are written to a http.Request */ type FlushInactiveJwtBearerGrantsParams struct { - // Body. + /*Body*/ Body *models.FlushInactiveJwtBearerGrantsParams timeout time.Duration @@ -69,21 +70,6 @@ type FlushInactiveJwtBearerGrantsParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the flush inactive jwt bearer grants params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *FlushInactiveJwtBearerGrantsParams) WithDefaults() *FlushInactiveJwtBearerGrantsParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the flush inactive jwt bearer grants params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *FlushInactiveJwtBearerGrantsParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the flush inactive jwt bearer grants params func (o *FlushInactiveJwtBearerGrantsParams) WithTimeout(timeout time.Duration) *FlushInactiveJwtBearerGrantsParams { o.SetTimeout(timeout) @@ -135,6 +121,7 @@ func (o *FlushInactiveJwtBearerGrantsParams) WriteToRequest(r runtime.ClientRequ return err } var res []error + if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_responses.go b/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_responses.go index c69a6a9f6d7..2fce8d47424 100644 --- a/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_responses.go +++ b/internal/httpclient/client/admin/flush_inactive_jwt_bearer_grants_responses.go @@ -35,8 +35,9 @@ func (o *FlushInactiveJwtBearerGrantsReader) ReadResponse(response runtime.Clien return nil, err } return nil, result + default: - return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) + return nil, runtime.NewAPIError("unknown error", response, response.Code()) } } @@ -45,9 +46,9 @@ func NewFlushInactiveJwtBearerGrantsNoContent() *FlushInactiveJwtBearerGrantsNoC return &FlushInactiveJwtBearerGrantsNoContent{} } -/* FlushInactiveJwtBearerGrantsNoContent describes a response with status code 204, with default header values. +/*FlushInactiveJwtBearerGrantsNoContent handles this case with default header values. - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is +Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type FlushInactiveJwtBearerGrantsNoContent struct { @@ -67,7 +68,7 @@ func NewFlushInactiveJwtBearerGrantsInternalServerError() *FlushInactiveJwtBeare return &FlushInactiveJwtBearerGrantsInternalServerError{} } -/* FlushInactiveJwtBearerGrantsInternalServerError describes a response with status code 500, with default header values. +/*FlushInactiveJwtBearerGrantsInternalServerError handles this case with default header values. genericError */ @@ -78,6 +79,7 @@ type FlushInactiveJwtBearerGrantsInternalServerError struct { func (o *FlushInactiveJwtBearerGrantsInternalServerError) Error() string { return fmt.Sprintf("[POST /grants/jwt-bearer/flush][%d] flushInactiveJwtBearerGrantsInternalServerError %+v", 500, o.Payload) } + func (o *FlushInactiveJwtBearerGrantsInternalServerError) GetPayload() *models.GenericError { return o.Payload } diff --git a/internal/httpclient/client/admin/flush_inactive_o_auth2_tokens_parameters.go b/internal/httpclient/client/admin/flush_inactive_o_auth2_tokens_parameters.go index ae82bc9c891..619a282d2bd 100644 --- a/internal/httpclient/client/admin/flush_inactive_o_auth2_tokens_parameters.go +++ b/internal/httpclient/client/admin/flush_inactive_o_auth2_tokens_parameters.go @@ -18,50 +18,51 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewFlushInactiveOAuth2TokensParams creates a new FlushInactiveOAuth2TokensParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewFlushInactiveOAuth2TokensParams creates a new FlushInactiveOAuth2TokensParams object +// with the default values initialized. func NewFlushInactiveOAuth2TokensParams() *FlushInactiveOAuth2TokensParams { + var () return &FlushInactiveOAuth2TokensParams{ + timeout: cr.DefaultTimeout, } } // NewFlushInactiveOAuth2TokensParamsWithTimeout creates a new FlushInactiveOAuth2TokensParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewFlushInactiveOAuth2TokensParamsWithTimeout(timeout time.Duration) *FlushInactiveOAuth2TokensParams { + var () return &FlushInactiveOAuth2TokensParams{ + timeout: timeout, } } // NewFlushInactiveOAuth2TokensParamsWithContext creates a new FlushInactiveOAuth2TokensParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewFlushInactiveOAuth2TokensParamsWithContext(ctx context.Context) *FlushInactiveOAuth2TokensParams { + var () return &FlushInactiveOAuth2TokensParams{ + Context: ctx, } } // NewFlushInactiveOAuth2TokensParamsWithHTTPClient creates a new FlushInactiveOAuth2TokensParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewFlushInactiveOAuth2TokensParamsWithHTTPClient(client *http.Client) *FlushInactiveOAuth2TokensParams { + var () return &FlushInactiveOAuth2TokensParams{ HTTPClient: client, } } -/* FlushInactiveOAuth2TokensParams contains all the parameters to send to the API endpoint - for the flush inactive o auth2 tokens operation. - - Typically these are written to a http.Request. +/*FlushInactiveOAuth2TokensParams contains all the parameters to send to the API endpoint +for the flush inactive o auth2 tokens operation typically these are written to a http.Request */ type FlushInactiveOAuth2TokensParams struct { - // Body. + /*Body*/ Body *models.FlushInactiveOAuth2TokensRequest timeout time.Duration @@ -69,21 +70,6 @@ type FlushInactiveOAuth2TokensParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the flush inactive o auth2 tokens params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *FlushInactiveOAuth2TokensParams) WithDefaults() *FlushInactiveOAuth2TokensParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the flush inactive o auth2 tokens params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *FlushInactiveOAuth2TokensParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the flush inactive o auth2 tokens params func (o *FlushInactiveOAuth2TokensParams) WithTimeout(timeout time.Duration) *FlushInactiveOAuth2TokensParams { o.SetTimeout(timeout) @@ -135,6 +121,7 @@ func (o *FlushInactiveOAuth2TokensParams) WriteToRequest(r runtime.ClientRequest return err } var res []error + if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/get_consent_request_parameters.go b/internal/httpclient/client/admin/get_consent_request_parameters.go index 3cdba97c4a1..76033747908 100644 --- a/internal/httpclient/client/admin/get_consent_request_parameters.go +++ b/internal/httpclient/client/admin/get_consent_request_parameters.go @@ -16,50 +16,51 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetConsentRequestParams creates a new GetConsentRequestParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewGetConsentRequestParams creates a new GetConsentRequestParams object +// with the default values initialized. func NewGetConsentRequestParams() *GetConsentRequestParams { + var () return &GetConsentRequestParams{ + timeout: cr.DefaultTimeout, } } // NewGetConsentRequestParamsWithTimeout creates a new GetConsentRequestParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewGetConsentRequestParamsWithTimeout(timeout time.Duration) *GetConsentRequestParams { + var () return &GetConsentRequestParams{ + timeout: timeout, } } // NewGetConsentRequestParamsWithContext creates a new GetConsentRequestParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewGetConsentRequestParamsWithContext(ctx context.Context) *GetConsentRequestParams { + var () return &GetConsentRequestParams{ + Context: ctx, } } // NewGetConsentRequestParamsWithHTTPClient creates a new GetConsentRequestParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewGetConsentRequestParamsWithHTTPClient(client *http.Client) *GetConsentRequestParams { + var () return &GetConsentRequestParams{ HTTPClient: client, } } -/* GetConsentRequestParams contains all the parameters to send to the API endpoint - for the get consent request operation. - - Typically these are written to a http.Request. +/*GetConsentRequestParams contains all the parameters to send to the API endpoint +for the get consent request operation typically these are written to a http.Request */ type GetConsentRequestParams struct { - // ConsentChallenge. + /*ConsentChallenge*/ ConsentChallenge string timeout time.Duration @@ -67,21 +68,6 @@ type GetConsentRequestParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the get consent request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetConsentRequestParams) WithDefaults() *GetConsentRequestParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the get consent request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetConsentRequestParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the get consent request params func (o *GetConsentRequestParams) WithTimeout(timeout time.Duration) *GetConsentRequestParams { o.SetTimeout(timeout) @@ -138,7 +124,6 @@ func (o *GetConsentRequestParams) WriteToRequest(r runtime.ClientRequest, reg st qrConsentChallenge := o.ConsentChallenge qConsentChallenge := qrConsentChallenge if qConsentChallenge != "" { - if err := r.SetQueryParam("consent_challenge", qConsentChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/get_json_web_key_parameters.go b/internal/httpclient/client/admin/get_json_web_key_parameters.go index bf7429056e8..c8c609b8695 100644 --- a/internal/httpclient/client/admin/get_json_web_key_parameters.go +++ b/internal/httpclient/client/admin/get_json_web_key_parameters.go @@ -16,58 +16,58 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetJSONWebKeyParams creates a new GetJSONWebKeyParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewGetJSONWebKeyParams creates a new GetJSONWebKeyParams object +// with the default values initialized. func NewGetJSONWebKeyParams() *GetJSONWebKeyParams { + var () return &GetJSONWebKeyParams{ + timeout: cr.DefaultTimeout, } } // NewGetJSONWebKeyParamsWithTimeout creates a new GetJSONWebKeyParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewGetJSONWebKeyParamsWithTimeout(timeout time.Duration) *GetJSONWebKeyParams { + var () return &GetJSONWebKeyParams{ + timeout: timeout, } } // NewGetJSONWebKeyParamsWithContext creates a new GetJSONWebKeyParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewGetJSONWebKeyParamsWithContext(ctx context.Context) *GetJSONWebKeyParams { + var () return &GetJSONWebKeyParams{ + Context: ctx, } } // NewGetJSONWebKeyParamsWithHTTPClient creates a new GetJSONWebKeyParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewGetJSONWebKeyParamsWithHTTPClient(client *http.Client) *GetJSONWebKeyParams { + var () return &GetJSONWebKeyParams{ HTTPClient: client, } } -/* GetJSONWebKeyParams contains all the parameters to send to the API endpoint - for the get Json web key operation. - - Typically these are written to a http.Request. +/*GetJSONWebKeyParams contains all the parameters to send to the API endpoint +for the get Json web key operation typically these are written to a http.Request */ type GetJSONWebKeyParams struct { - /* Kid. + /*Kid + The kid of the desired key - The kid of the desired key */ Kid string + /*Set + The set - /* Set. - - The set */ Set string @@ -76,21 +76,6 @@ type GetJSONWebKeyParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the get Json web key params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetJSONWebKeyParams) WithDefaults() *GetJSONWebKeyParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the get Json web key params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetJSONWebKeyParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the get Json web key params func (o *GetJSONWebKeyParams) WithTimeout(timeout time.Duration) *GetJSONWebKeyParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/get_json_web_key_set_parameters.go b/internal/httpclient/client/admin/get_json_web_key_set_parameters.go index 1635ddb667d..34dee113c0d 100644 --- a/internal/httpclient/client/admin/get_json_web_key_set_parameters.go +++ b/internal/httpclient/client/admin/get_json_web_key_set_parameters.go @@ -16,52 +16,53 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetJSONWebKeySetParams creates a new GetJSONWebKeySetParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewGetJSONWebKeySetParams creates a new GetJSONWebKeySetParams object +// with the default values initialized. func NewGetJSONWebKeySetParams() *GetJSONWebKeySetParams { + var () return &GetJSONWebKeySetParams{ + timeout: cr.DefaultTimeout, } } // NewGetJSONWebKeySetParamsWithTimeout creates a new GetJSONWebKeySetParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewGetJSONWebKeySetParamsWithTimeout(timeout time.Duration) *GetJSONWebKeySetParams { + var () return &GetJSONWebKeySetParams{ + timeout: timeout, } } // NewGetJSONWebKeySetParamsWithContext creates a new GetJSONWebKeySetParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewGetJSONWebKeySetParamsWithContext(ctx context.Context) *GetJSONWebKeySetParams { + var () return &GetJSONWebKeySetParams{ + Context: ctx, } } // NewGetJSONWebKeySetParamsWithHTTPClient creates a new GetJSONWebKeySetParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewGetJSONWebKeySetParamsWithHTTPClient(client *http.Client) *GetJSONWebKeySetParams { + var () return &GetJSONWebKeySetParams{ HTTPClient: client, } } -/* GetJSONWebKeySetParams contains all the parameters to send to the API endpoint - for the get Json web key set operation. - - Typically these are written to a http.Request. +/*GetJSONWebKeySetParams contains all the parameters to send to the API endpoint +for the get Json web key set operation typically these are written to a http.Request */ type GetJSONWebKeySetParams struct { - /* Set. + /*Set + The set - The set */ Set string @@ -70,21 +71,6 @@ type GetJSONWebKeySetParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the get Json web key set params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetJSONWebKeySetParams) WithDefaults() *GetJSONWebKeySetParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the get Json web key set params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetJSONWebKeySetParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the get Json web key set params func (o *GetJSONWebKeySetParams) WithTimeout(timeout time.Duration) *GetJSONWebKeySetParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/get_jwt_bearer_grant_list_parameters.go b/internal/httpclient/client/admin/get_jwt_bearer_grant_list_parameters.go deleted file mode 100644 index e571bb48486..00000000000 --- a/internal/httpclient/client/admin/get_jwt_bearer_grant_list_parameters.go +++ /dev/null @@ -1,161 +0,0 @@ -// Code generated by go-swagger; DO NOT EDIT. - -package admin - -// This file was generated by the swagger tool. -// Editing this file might prove futile when you re-run the swagger generate command - -import ( - "context" - "net/http" - "time" - - "github.com/go-openapi/errors" - "github.com/go-openapi/runtime" - cr "github.com/go-openapi/runtime/client" - "github.com/go-openapi/strfmt" -) - -// NewGetJwtBearerGrantListParams creates a new GetJwtBearerGrantListParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. -func NewGetJwtBearerGrantListParams() *GetJwtBearerGrantListParams { - return &GetJwtBearerGrantListParams{ - timeout: cr.DefaultTimeout, - } -} - -// NewGetJwtBearerGrantListParamsWithTimeout creates a new GetJwtBearerGrantListParams object -// with the ability to set a timeout on a request. -func NewGetJwtBearerGrantListParamsWithTimeout(timeout time.Duration) *GetJwtBearerGrantListParams { - return &GetJwtBearerGrantListParams{ - timeout: timeout, - } -} - -// NewGetJwtBearerGrantListParamsWithContext creates a new GetJwtBearerGrantListParams object -// with the ability to set a context for a request. -func NewGetJwtBearerGrantListParamsWithContext(ctx context.Context) *GetJwtBearerGrantListParams { - return &GetJwtBearerGrantListParams{ - Context: ctx, - } -} - -// NewGetJwtBearerGrantListParamsWithHTTPClient creates a new GetJwtBearerGrantListParams object -// with the ability to set a custom HTTPClient for a request. -func NewGetJwtBearerGrantListParamsWithHTTPClient(client *http.Client) *GetJwtBearerGrantListParams { - return &GetJwtBearerGrantListParams{ - HTTPClient: client, - } -} - -/* GetJwtBearerGrantListParams contains all the parameters to send to the API endpoint - for the get jwt bearer grant list operation. - - Typically these are written to a http.Request. -*/ -type GetJwtBearerGrantListParams struct { - - /* Issuer. - - If Optional "issuer" is supplied, only jwt-bearer grants with this issuer will be returned. - */ - Issuer *string - - timeout time.Duration - Context context.Context - HTTPClient *http.Client -} - -// WithDefaults hydrates default values in the get jwt bearer grant list params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetJwtBearerGrantListParams) WithDefaults() *GetJwtBearerGrantListParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the get jwt bearer grant list params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetJwtBearerGrantListParams) SetDefaults() { - // no default values defined for this parameter -} - -// WithTimeout adds the timeout to the get jwt bearer grant list params -func (o *GetJwtBearerGrantListParams) WithTimeout(timeout time.Duration) *GetJwtBearerGrantListParams { - o.SetTimeout(timeout) - return o -} - -// SetTimeout adds the timeout to the get jwt bearer grant list params -func (o *GetJwtBearerGrantListParams) SetTimeout(timeout time.Duration) { - o.timeout = timeout -} - -// WithContext adds the context to the get jwt bearer grant list params -func (o *GetJwtBearerGrantListParams) WithContext(ctx context.Context) *GetJwtBearerGrantListParams { - o.SetContext(ctx) - return o -} - -// SetContext adds the context to the get jwt bearer grant list params -func (o *GetJwtBearerGrantListParams) SetContext(ctx context.Context) { - o.Context = ctx -} - -// WithHTTPClient adds the HTTPClient to the get jwt bearer grant list params -func (o *GetJwtBearerGrantListParams) WithHTTPClient(client *http.Client) *GetJwtBearerGrantListParams { - o.SetHTTPClient(client) - return o -} - -// SetHTTPClient adds the HTTPClient to the get jwt bearer grant list params -func (o *GetJwtBearerGrantListParams) SetHTTPClient(client *http.Client) { - o.HTTPClient = client -} - -// WithIssuer adds the issuer to the get jwt bearer grant list params -func (o *GetJwtBearerGrantListParams) WithIssuer(issuer *string) *GetJwtBearerGrantListParams { - o.SetIssuer(issuer) - return o -} - -// SetIssuer adds the issuer to the get jwt bearer grant list params -func (o *GetJwtBearerGrantListParams) SetIssuer(issuer *string) { - o.Issuer = issuer -} - -// WriteToRequest writes these params to a swagger request -func (o *GetJwtBearerGrantListParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { - - if err := r.SetTimeout(o.timeout); err != nil { - return err - } - var res []error - - if o.Issuer != nil { - - // query param issuer - var qrIssuer string - - if o.Issuer != nil { - qrIssuer = *o.Issuer - } - qIssuer := qrIssuer - if qIssuer != "" { - - if err := r.SetQueryParam("issuer", qIssuer); err != nil { - return err - } - } - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} diff --git a/internal/httpclient/client/admin/get_jwt_bearer_grant_list_responses.go b/internal/httpclient/client/admin/get_jwt_bearer_grant_list_responses.go deleted file mode 100644 index 21b7028843f..00000000000 --- a/internal/httpclient/client/admin/get_jwt_bearer_grant_list_responses.go +++ /dev/null @@ -1,103 +0,0 @@ -// Code generated by go-swagger; DO NOT EDIT. - -package admin - -// This file was generated by the swagger tool. -// Editing this file might prove futile when you re-run the swagger generate command - -import ( - "fmt" - "io" - - "github.com/go-openapi/runtime" - "github.com/go-openapi/strfmt" - - "github.com/ory/hydra/internal/httpclient/models" -) - -// GetJwtBearerGrantListReader is a Reader for the GetJwtBearerGrantList structure. -type GetJwtBearerGrantListReader struct { - formats strfmt.Registry -} - -// ReadResponse reads a server response into the received o. -func (o *GetJwtBearerGrantListReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { - switch response.Code() { - case 200: - result := NewGetJwtBearerGrantListOK() - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - return result, nil - case 500: - result := NewGetJwtBearerGrantListInternalServerError() - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - return nil, result - default: - return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) - } -} - -// NewGetJwtBearerGrantListOK creates a GetJwtBearerGrantListOK with default headers values -func NewGetJwtBearerGrantListOK() *GetJwtBearerGrantListOK { - return &GetJwtBearerGrantListOK{} -} - -/* GetJwtBearerGrantListOK describes a response with status code 200, with default header values. - -GetJwtBearerGrantListOK get jwt bearer grant list o k -*/ -type GetJwtBearerGrantListOK struct { - Payload []*models.JwtBearerGrant -} - -func (o *GetJwtBearerGrantListOK) Error() string { - return fmt.Sprintf("[GET /grants/jwt-bearer][%d] getJwtBearerGrantListOK %+v", 200, o.Payload) -} -func (o *GetJwtBearerGrantListOK) GetPayload() []*models.JwtBearerGrant { - return o.Payload -} - -func (o *GetJwtBearerGrantListOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - - // response payload - if err := consumer.Consume(response.Body(), &o.Payload); err != nil && err != io.EOF { - return err - } - - return nil -} - -// NewGetJwtBearerGrantListInternalServerError creates a GetJwtBearerGrantListInternalServerError with default headers values -func NewGetJwtBearerGrantListInternalServerError() *GetJwtBearerGrantListInternalServerError { - return &GetJwtBearerGrantListInternalServerError{} -} - -/* GetJwtBearerGrantListInternalServerError describes a response with status code 500, with default header values. - -genericError -*/ -type GetJwtBearerGrantListInternalServerError struct { - Payload *models.GenericError -} - -func (o *GetJwtBearerGrantListInternalServerError) Error() string { - return fmt.Sprintf("[GET /grants/jwt-bearer][%d] getJwtBearerGrantListInternalServerError %+v", 500, o.Payload) -} -func (o *GetJwtBearerGrantListInternalServerError) GetPayload() *models.GenericError { - return o.Payload -} - -func (o *GetJwtBearerGrantListInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - - o.Payload = new(models.GenericError) - - // response payload - if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { - return err - } - - return nil -} diff --git a/internal/httpclient/client/admin/get_jwt_bearer_grant_parameters.go b/internal/httpclient/client/admin/get_jwt_bearer_grant_parameters.go deleted file mode 100644 index 2a9b8f5bd7a..00000000000 --- a/internal/httpclient/client/admin/get_jwt_bearer_grant_parameters.go +++ /dev/null @@ -1,149 +0,0 @@ -// Code generated by go-swagger; DO NOT EDIT. - -package admin - -// This file was generated by the swagger tool. -// Editing this file might prove futile when you re-run the swagger generate command - -import ( - "context" - "net/http" - "time" - - "github.com/go-openapi/errors" - "github.com/go-openapi/runtime" - cr "github.com/go-openapi/runtime/client" - "github.com/go-openapi/strfmt" -) - -// NewGetJwtBearerGrantParams creates a new GetJwtBearerGrantParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. -func NewGetJwtBearerGrantParams() *GetJwtBearerGrantParams { - return &GetJwtBearerGrantParams{ - timeout: cr.DefaultTimeout, - } -} - -// NewGetJwtBearerGrantParamsWithTimeout creates a new GetJwtBearerGrantParams object -// with the ability to set a timeout on a request. -func NewGetJwtBearerGrantParamsWithTimeout(timeout time.Duration) *GetJwtBearerGrantParams { - return &GetJwtBearerGrantParams{ - timeout: timeout, - } -} - -// NewGetJwtBearerGrantParamsWithContext creates a new GetJwtBearerGrantParams object -// with the ability to set a context for a request. -func NewGetJwtBearerGrantParamsWithContext(ctx context.Context) *GetJwtBearerGrantParams { - return &GetJwtBearerGrantParams{ - Context: ctx, - } -} - -// NewGetJwtBearerGrantParamsWithHTTPClient creates a new GetJwtBearerGrantParams object -// with the ability to set a custom HTTPClient for a request. -func NewGetJwtBearerGrantParamsWithHTTPClient(client *http.Client) *GetJwtBearerGrantParams { - return &GetJwtBearerGrantParams{ - HTTPClient: client, - } -} - -/* GetJwtBearerGrantParams contains all the parameters to send to the API endpoint - for the get jwt bearer grant operation. - - Typically these are written to a http.Request. -*/ -type GetJwtBearerGrantParams struct { - - /* ID. - - The id of the desired grant - */ - ID string - - timeout time.Duration - Context context.Context - HTTPClient *http.Client -} - -// WithDefaults hydrates default values in the get jwt bearer grant params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetJwtBearerGrantParams) WithDefaults() *GetJwtBearerGrantParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the get jwt bearer grant params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetJwtBearerGrantParams) SetDefaults() { - // no default values defined for this parameter -} - -// WithTimeout adds the timeout to the get jwt bearer grant params -func (o *GetJwtBearerGrantParams) WithTimeout(timeout time.Duration) *GetJwtBearerGrantParams { - o.SetTimeout(timeout) - return o -} - -// SetTimeout adds the timeout to the get jwt bearer grant params -func (o *GetJwtBearerGrantParams) SetTimeout(timeout time.Duration) { - o.timeout = timeout -} - -// WithContext adds the context to the get jwt bearer grant params -func (o *GetJwtBearerGrantParams) WithContext(ctx context.Context) *GetJwtBearerGrantParams { - o.SetContext(ctx) - return o -} - -// SetContext adds the context to the get jwt bearer grant params -func (o *GetJwtBearerGrantParams) SetContext(ctx context.Context) { - o.Context = ctx -} - -// WithHTTPClient adds the HTTPClient to the get jwt bearer grant params -func (o *GetJwtBearerGrantParams) WithHTTPClient(client *http.Client) *GetJwtBearerGrantParams { - o.SetHTTPClient(client) - return o -} - -// SetHTTPClient adds the HTTPClient to the get jwt bearer grant params -func (o *GetJwtBearerGrantParams) SetHTTPClient(client *http.Client) { - o.HTTPClient = client -} - -// WithID adds the id to the get jwt bearer grant params -func (o *GetJwtBearerGrantParams) WithID(id string) *GetJwtBearerGrantParams { - o.SetID(id) - return o -} - -// SetID adds the id to the get jwt bearer grant params -func (o *GetJwtBearerGrantParams) SetID(id string) { - o.ID = id -} - -// WriteToRequest writes these params to a swagger request -func (o *GetJwtBearerGrantParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { - - if err := r.SetTimeout(o.timeout); err != nil { - return err - } - var res []error - - // path param id - if err := r.SetPathParam("id", o.ID); err != nil { - return err - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} diff --git a/internal/httpclient/client/admin/get_jwt_bearer_grant_responses.go b/internal/httpclient/client/admin/get_jwt_bearer_grant_responses.go deleted file mode 100644 index 7bee5a7c2c5..00000000000 --- a/internal/httpclient/client/admin/get_jwt_bearer_grant_responses.go +++ /dev/null @@ -1,143 +0,0 @@ -// Code generated by go-swagger; DO NOT EDIT. - -package admin - -// This file was generated by the swagger tool. -// Editing this file might prove futile when you re-run the swagger generate command - -import ( - "fmt" - "io" - - "github.com/go-openapi/runtime" - "github.com/go-openapi/strfmt" - - "github.com/ory/hydra/internal/httpclient/models" -) - -// GetJwtBearerGrantReader is a Reader for the GetJwtBearerGrant structure. -type GetJwtBearerGrantReader struct { - formats strfmt.Registry -} - -// ReadResponse reads a server response into the received o. -func (o *GetJwtBearerGrantReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { - switch response.Code() { - case 200: - result := NewGetJwtBearerGrantOK() - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - return result, nil - case 404: - result := NewGetJwtBearerGrantNotFound() - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - return nil, result - case 500: - result := NewGetJwtBearerGrantInternalServerError() - if err := result.readResponse(response, consumer, o.formats); err != nil { - return nil, err - } - return nil, result - default: - return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) - } -} - -// NewGetJwtBearerGrantOK creates a GetJwtBearerGrantOK with default headers values -func NewGetJwtBearerGrantOK() *GetJwtBearerGrantOK { - return &GetJwtBearerGrantOK{} -} - -/* GetJwtBearerGrantOK describes a response with status code 200, with default header values. - -JwtBearerGrant -*/ -type GetJwtBearerGrantOK struct { - Payload *models.JwtBearerGrant -} - -func (o *GetJwtBearerGrantOK) Error() string { - return fmt.Sprintf("[GET /grants/jwt-bearer/{id}][%d] getJwtBearerGrantOK %+v", 200, o.Payload) -} -func (o *GetJwtBearerGrantOK) GetPayload() *models.JwtBearerGrant { - return o.Payload -} - -func (o *GetJwtBearerGrantOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - - o.Payload = new(models.JwtBearerGrant) - - // response payload - if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { - return err - } - - return nil -} - -// NewGetJwtBearerGrantNotFound creates a GetJwtBearerGrantNotFound with default headers values -func NewGetJwtBearerGrantNotFound() *GetJwtBearerGrantNotFound { - return &GetJwtBearerGrantNotFound{} -} - -/* GetJwtBearerGrantNotFound describes a response with status code 404, with default header values. - -genericError -*/ -type GetJwtBearerGrantNotFound struct { - Payload *models.GenericError -} - -func (o *GetJwtBearerGrantNotFound) Error() string { - return fmt.Sprintf("[GET /grants/jwt-bearer/{id}][%d] getJwtBearerGrantNotFound %+v", 404, o.Payload) -} -func (o *GetJwtBearerGrantNotFound) GetPayload() *models.GenericError { - return o.Payload -} - -func (o *GetJwtBearerGrantNotFound) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - - o.Payload = new(models.GenericError) - - // response payload - if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { - return err - } - - return nil -} - -// NewGetJwtBearerGrantInternalServerError creates a GetJwtBearerGrantInternalServerError with default headers values -func NewGetJwtBearerGrantInternalServerError() *GetJwtBearerGrantInternalServerError { - return &GetJwtBearerGrantInternalServerError{} -} - -/* GetJwtBearerGrantInternalServerError describes a response with status code 500, with default header values. - -genericError -*/ -type GetJwtBearerGrantInternalServerError struct { - Payload *models.GenericError -} - -func (o *GetJwtBearerGrantInternalServerError) Error() string { - return fmt.Sprintf("[GET /grants/jwt-bearer/{id}][%d] getJwtBearerGrantInternalServerError %+v", 500, o.Payload) -} -func (o *GetJwtBearerGrantInternalServerError) GetPayload() *models.GenericError { - return o.Payload -} - -func (o *GetJwtBearerGrantInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { - - o.Payload = new(models.GenericError) - - // response payload - if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { - return err - } - - return nil -} diff --git a/internal/httpclient/client/admin/get_login_request_parameters.go b/internal/httpclient/client/admin/get_login_request_parameters.go index 55a3dae116f..32ce4b750f3 100644 --- a/internal/httpclient/client/admin/get_login_request_parameters.go +++ b/internal/httpclient/client/admin/get_login_request_parameters.go @@ -16,50 +16,51 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetLoginRequestParams creates a new GetLoginRequestParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewGetLoginRequestParams creates a new GetLoginRequestParams object +// with the default values initialized. func NewGetLoginRequestParams() *GetLoginRequestParams { + var () return &GetLoginRequestParams{ + timeout: cr.DefaultTimeout, } } // NewGetLoginRequestParamsWithTimeout creates a new GetLoginRequestParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewGetLoginRequestParamsWithTimeout(timeout time.Duration) *GetLoginRequestParams { + var () return &GetLoginRequestParams{ + timeout: timeout, } } // NewGetLoginRequestParamsWithContext creates a new GetLoginRequestParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewGetLoginRequestParamsWithContext(ctx context.Context) *GetLoginRequestParams { + var () return &GetLoginRequestParams{ + Context: ctx, } } // NewGetLoginRequestParamsWithHTTPClient creates a new GetLoginRequestParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewGetLoginRequestParamsWithHTTPClient(client *http.Client) *GetLoginRequestParams { + var () return &GetLoginRequestParams{ HTTPClient: client, } } -/* GetLoginRequestParams contains all the parameters to send to the API endpoint - for the get login request operation. - - Typically these are written to a http.Request. +/*GetLoginRequestParams contains all the parameters to send to the API endpoint +for the get login request operation typically these are written to a http.Request */ type GetLoginRequestParams struct { - // LoginChallenge. + /*LoginChallenge*/ LoginChallenge string timeout time.Duration @@ -67,21 +68,6 @@ type GetLoginRequestParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the get login request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetLoginRequestParams) WithDefaults() *GetLoginRequestParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the get login request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetLoginRequestParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the get login request params func (o *GetLoginRequestParams) WithTimeout(timeout time.Duration) *GetLoginRequestParams { o.SetTimeout(timeout) @@ -138,7 +124,6 @@ func (o *GetLoginRequestParams) WriteToRequest(r runtime.ClientRequest, reg strf qrLoginChallenge := o.LoginChallenge qLoginChallenge := qrLoginChallenge if qLoginChallenge != "" { - if err := r.SetQueryParam("login_challenge", qLoginChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/get_logout_request_parameters.go b/internal/httpclient/client/admin/get_logout_request_parameters.go index 97cf9f7e4bc..27ed8793be3 100644 --- a/internal/httpclient/client/admin/get_logout_request_parameters.go +++ b/internal/httpclient/client/admin/get_logout_request_parameters.go @@ -16,50 +16,51 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetLogoutRequestParams creates a new GetLogoutRequestParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewGetLogoutRequestParams creates a new GetLogoutRequestParams object +// with the default values initialized. func NewGetLogoutRequestParams() *GetLogoutRequestParams { + var () return &GetLogoutRequestParams{ + timeout: cr.DefaultTimeout, } } // NewGetLogoutRequestParamsWithTimeout creates a new GetLogoutRequestParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewGetLogoutRequestParamsWithTimeout(timeout time.Duration) *GetLogoutRequestParams { + var () return &GetLogoutRequestParams{ + timeout: timeout, } } // NewGetLogoutRequestParamsWithContext creates a new GetLogoutRequestParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewGetLogoutRequestParamsWithContext(ctx context.Context) *GetLogoutRequestParams { + var () return &GetLogoutRequestParams{ + Context: ctx, } } // NewGetLogoutRequestParamsWithHTTPClient creates a new GetLogoutRequestParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewGetLogoutRequestParamsWithHTTPClient(client *http.Client) *GetLogoutRequestParams { + var () return &GetLogoutRequestParams{ HTTPClient: client, } } -/* GetLogoutRequestParams contains all the parameters to send to the API endpoint - for the get logout request operation. - - Typically these are written to a http.Request. +/*GetLogoutRequestParams contains all the parameters to send to the API endpoint +for the get logout request operation typically these are written to a http.Request */ type GetLogoutRequestParams struct { - // LogoutChallenge. + /*LogoutChallenge*/ LogoutChallenge string timeout time.Duration @@ -67,21 +68,6 @@ type GetLogoutRequestParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the get logout request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetLogoutRequestParams) WithDefaults() *GetLogoutRequestParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the get logout request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetLogoutRequestParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the get logout request params func (o *GetLogoutRequestParams) WithTimeout(timeout time.Duration) *GetLogoutRequestParams { o.SetTimeout(timeout) @@ -138,7 +124,6 @@ func (o *GetLogoutRequestParams) WriteToRequest(r runtime.ClientRequest, reg str qrLogoutChallenge := o.LogoutChallenge qLogoutChallenge := qrLogoutChallenge if qLogoutChallenge != "" { - if err := r.SetQueryParam("logout_challenge", qLogoutChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/get_o_auth2_client_parameters.go b/internal/httpclient/client/admin/get_o_auth2_client_parameters.go index f9af2c1f16f..ea7cb067357 100644 --- a/internal/httpclient/client/admin/get_o_auth2_client_parameters.go +++ b/internal/httpclient/client/admin/get_o_auth2_client_parameters.go @@ -16,52 +16,53 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetOAuth2ClientParams creates a new GetOAuth2ClientParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewGetOAuth2ClientParams creates a new GetOAuth2ClientParams object +// with the default values initialized. func NewGetOAuth2ClientParams() *GetOAuth2ClientParams { + var () return &GetOAuth2ClientParams{ + timeout: cr.DefaultTimeout, } } // NewGetOAuth2ClientParamsWithTimeout creates a new GetOAuth2ClientParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewGetOAuth2ClientParamsWithTimeout(timeout time.Duration) *GetOAuth2ClientParams { + var () return &GetOAuth2ClientParams{ + timeout: timeout, } } // NewGetOAuth2ClientParamsWithContext creates a new GetOAuth2ClientParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewGetOAuth2ClientParamsWithContext(ctx context.Context) *GetOAuth2ClientParams { + var () return &GetOAuth2ClientParams{ + Context: ctx, } } // NewGetOAuth2ClientParamsWithHTTPClient creates a new GetOAuth2ClientParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewGetOAuth2ClientParamsWithHTTPClient(client *http.Client) *GetOAuth2ClientParams { + var () return &GetOAuth2ClientParams{ HTTPClient: client, } } -/* GetOAuth2ClientParams contains all the parameters to send to the API endpoint - for the get o auth2 client operation. - - Typically these are written to a http.Request. +/*GetOAuth2ClientParams contains all the parameters to send to the API endpoint +for the get o auth2 client operation typically these are written to a http.Request */ type GetOAuth2ClientParams struct { - /* ID. + /*ID + The id of the OAuth 2.0 Client. - The id of the OAuth 2.0 Client. */ ID string @@ -70,21 +71,6 @@ type GetOAuth2ClientParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the get o auth2 client params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetOAuth2ClientParams) WithDefaults() *GetOAuth2ClientParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the get o auth2 client params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetOAuth2ClientParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the get o auth2 client params func (o *GetOAuth2ClientParams) WithTimeout(timeout time.Duration) *GetOAuth2ClientParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/get_trusted_jwt_grant_issuer_parameters.go b/internal/httpclient/client/admin/get_trusted_jwt_grant_issuer_parameters.go new file mode 100644 index 00000000000..e317e2fbacf --- /dev/null +++ b/internal/httpclient/client/admin/get_trusted_jwt_grant_issuer_parameters.go @@ -0,0 +1,135 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + "net/http" + "time" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + cr "github.com/go-openapi/runtime/client" + "github.com/go-openapi/strfmt" +) + +// NewGetTrustedJwtGrantIssuerParams creates a new GetTrustedJwtGrantIssuerParams object +// with the default values initialized. +func NewGetTrustedJwtGrantIssuerParams() *GetTrustedJwtGrantIssuerParams { + var () + return &GetTrustedJwtGrantIssuerParams{ + + timeout: cr.DefaultTimeout, + } +} + +// NewGetTrustedJwtGrantIssuerParamsWithTimeout creates a new GetTrustedJwtGrantIssuerParams object +// with the default values initialized, and the ability to set a timeout on a request +func NewGetTrustedJwtGrantIssuerParamsWithTimeout(timeout time.Duration) *GetTrustedJwtGrantIssuerParams { + var () + return &GetTrustedJwtGrantIssuerParams{ + + timeout: timeout, + } +} + +// NewGetTrustedJwtGrantIssuerParamsWithContext creates a new GetTrustedJwtGrantIssuerParams object +// with the default values initialized, and the ability to set a context for a request +func NewGetTrustedJwtGrantIssuerParamsWithContext(ctx context.Context) *GetTrustedJwtGrantIssuerParams { + var () + return &GetTrustedJwtGrantIssuerParams{ + + Context: ctx, + } +} + +// NewGetTrustedJwtGrantIssuerParamsWithHTTPClient creates a new GetTrustedJwtGrantIssuerParams object +// with the default values initialized, and the ability to set a custom HTTPClient for a request +func NewGetTrustedJwtGrantIssuerParamsWithHTTPClient(client *http.Client) *GetTrustedJwtGrantIssuerParams { + var () + return &GetTrustedJwtGrantIssuerParams{ + HTTPClient: client, + } +} + +/*GetTrustedJwtGrantIssuerParams contains all the parameters to send to the API endpoint +for the get trusted jwt grant issuer operation typically these are written to a http.Request +*/ +type GetTrustedJwtGrantIssuerParams struct { + + /*ID + The id of the desired grant + + */ + ID string + + timeout time.Duration + Context context.Context + HTTPClient *http.Client +} + +// WithTimeout adds the timeout to the get trusted jwt grant issuer params +func (o *GetTrustedJwtGrantIssuerParams) WithTimeout(timeout time.Duration) *GetTrustedJwtGrantIssuerParams { + o.SetTimeout(timeout) + return o +} + +// SetTimeout adds the timeout to the get trusted jwt grant issuer params +func (o *GetTrustedJwtGrantIssuerParams) SetTimeout(timeout time.Duration) { + o.timeout = timeout +} + +// WithContext adds the context to the get trusted jwt grant issuer params +func (o *GetTrustedJwtGrantIssuerParams) WithContext(ctx context.Context) *GetTrustedJwtGrantIssuerParams { + o.SetContext(ctx) + return o +} + +// SetContext adds the context to the get trusted jwt grant issuer params +func (o *GetTrustedJwtGrantIssuerParams) SetContext(ctx context.Context) { + o.Context = ctx +} + +// WithHTTPClient adds the HTTPClient to the get trusted jwt grant issuer params +func (o *GetTrustedJwtGrantIssuerParams) WithHTTPClient(client *http.Client) *GetTrustedJwtGrantIssuerParams { + o.SetHTTPClient(client) + return o +} + +// SetHTTPClient adds the HTTPClient to the get trusted jwt grant issuer params +func (o *GetTrustedJwtGrantIssuerParams) SetHTTPClient(client *http.Client) { + o.HTTPClient = client +} + +// WithID adds the id to the get trusted jwt grant issuer params +func (o *GetTrustedJwtGrantIssuerParams) WithID(id string) *GetTrustedJwtGrantIssuerParams { + o.SetID(id) + return o +} + +// SetID adds the id to the get trusted jwt grant issuer params +func (o *GetTrustedJwtGrantIssuerParams) SetID(id string) { + o.ID = id +} + +// WriteToRequest writes these params to a swagger request +func (o *GetTrustedJwtGrantIssuerParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { + + if err := r.SetTimeout(o.timeout); err != nil { + return err + } + var res []error + + // path param id + if err := r.SetPathParam("id", o.ID); err != nil { + return err + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/internal/httpclient/client/admin/get_trusted_jwt_grant_issuer_responses.go b/internal/httpclient/client/admin/get_trusted_jwt_grant_issuer_responses.go new file mode 100644 index 00000000000..b9c60e66b5d --- /dev/null +++ b/internal/httpclient/client/admin/get_trusted_jwt_grant_issuer_responses.go @@ -0,0 +1,147 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "fmt" + "io" + + "github.com/go-openapi/runtime" + "github.com/go-openapi/strfmt" + + "github.com/ory/hydra/internal/httpclient/models" +) + +// GetTrustedJwtGrantIssuerReader is a Reader for the GetTrustedJwtGrantIssuer structure. +type GetTrustedJwtGrantIssuerReader struct { + formats strfmt.Registry +} + +// ReadResponse reads a server response into the received o. +func (o *GetTrustedJwtGrantIssuerReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { + switch response.Code() { + case 200: + result := NewGetTrustedJwtGrantIssuerOK() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return result, nil + case 404: + result := NewGetTrustedJwtGrantIssuerNotFound() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + case 500: + result := NewGetTrustedJwtGrantIssuerInternalServerError() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + + default: + return nil, runtime.NewAPIError("unknown error", response, response.Code()) + } +} + +// NewGetTrustedJwtGrantIssuerOK creates a GetTrustedJwtGrantIssuerOK with default headers values +func NewGetTrustedJwtGrantIssuerOK() *GetTrustedJwtGrantIssuerOK { + return &GetTrustedJwtGrantIssuerOK{} +} + +/*GetTrustedJwtGrantIssuerOK handles this case with default header values. + +trustedJwtGrantIssuer +*/ +type GetTrustedJwtGrantIssuerOK struct { + Payload *models.TrustedJwtGrantIssuer +} + +func (o *GetTrustedJwtGrantIssuerOK) Error() string { + return fmt.Sprintf("[GET /trust/grants/jwt-bearer/issuers/{id}][%d] getTrustedJwtGrantIssuerOK %+v", 200, o.Payload) +} + +func (o *GetTrustedJwtGrantIssuerOK) GetPayload() *models.TrustedJwtGrantIssuer { + return o.Payload +} + +func (o *GetTrustedJwtGrantIssuerOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.TrustedJwtGrantIssuer) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewGetTrustedJwtGrantIssuerNotFound creates a GetTrustedJwtGrantIssuerNotFound with default headers values +func NewGetTrustedJwtGrantIssuerNotFound() *GetTrustedJwtGrantIssuerNotFound { + return &GetTrustedJwtGrantIssuerNotFound{} +} + +/*GetTrustedJwtGrantIssuerNotFound handles this case with default header values. + +genericError +*/ +type GetTrustedJwtGrantIssuerNotFound struct { + Payload *models.GenericError +} + +func (o *GetTrustedJwtGrantIssuerNotFound) Error() string { + return fmt.Sprintf("[GET /trust/grants/jwt-bearer/issuers/{id}][%d] getTrustedJwtGrantIssuerNotFound %+v", 404, o.Payload) +} + +func (o *GetTrustedJwtGrantIssuerNotFound) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *GetTrustedJwtGrantIssuerNotFound) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewGetTrustedJwtGrantIssuerInternalServerError creates a GetTrustedJwtGrantIssuerInternalServerError with default headers values +func NewGetTrustedJwtGrantIssuerInternalServerError() *GetTrustedJwtGrantIssuerInternalServerError { + return &GetTrustedJwtGrantIssuerInternalServerError{} +} + +/*GetTrustedJwtGrantIssuerInternalServerError handles this case with default header values. + +genericError +*/ +type GetTrustedJwtGrantIssuerInternalServerError struct { + Payload *models.GenericError +} + +func (o *GetTrustedJwtGrantIssuerInternalServerError) Error() string { + return fmt.Sprintf("[GET /trust/grants/jwt-bearer/issuers/{id}][%d] getTrustedJwtGrantIssuerInternalServerError %+v", 500, o.Payload) +} + +func (o *GetTrustedJwtGrantIssuerInternalServerError) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *GetTrustedJwtGrantIssuerInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} diff --git a/internal/httpclient/client/admin/get_version_parameters.go b/internal/httpclient/client/admin/get_version_parameters.go index 56746becb66..24417d3a303 100644 --- a/internal/httpclient/client/admin/get_version_parameters.go +++ b/internal/httpclient/client/admin/get_version_parameters.go @@ -16,46 +16,47 @@ import ( "github.com/go-openapi/strfmt" ) -// NewGetVersionParams creates a new GetVersionParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewGetVersionParams creates a new GetVersionParams object +// with the default values initialized. func NewGetVersionParams() *GetVersionParams { + return &GetVersionParams{ + timeout: cr.DefaultTimeout, } } // NewGetVersionParamsWithTimeout creates a new GetVersionParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewGetVersionParamsWithTimeout(timeout time.Duration) *GetVersionParams { + return &GetVersionParams{ + timeout: timeout, } } // NewGetVersionParamsWithContext creates a new GetVersionParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewGetVersionParamsWithContext(ctx context.Context) *GetVersionParams { + return &GetVersionParams{ + Context: ctx, } } // NewGetVersionParamsWithHTTPClient creates a new GetVersionParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewGetVersionParamsWithHTTPClient(client *http.Client) *GetVersionParams { + return &GetVersionParams{ HTTPClient: client, } } -/* GetVersionParams contains all the parameters to send to the API endpoint - for the get version operation. - - Typically these are written to a http.Request. +/*GetVersionParams contains all the parameters to send to the API endpoint +for the get version operation typically these are written to a http.Request */ type GetVersionParams struct { timeout time.Duration @@ -63,21 +64,6 @@ type GetVersionParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the get version params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetVersionParams) WithDefaults() *GetVersionParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the get version params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *GetVersionParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the get version params func (o *GetVersionParams) WithTimeout(timeout time.Duration) *GetVersionParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/get_version_responses.go b/internal/httpclient/client/admin/get_version_responses.go index 55510cd6c00..1755c1707da 100644 --- a/internal/httpclient/client/admin/get_version_responses.go +++ b/internal/httpclient/client/admin/get_version_responses.go @@ -29,8 +29,9 @@ func (o *GetVersionReader) ReadResponse(response runtime.ClientResponse, consume return nil, err } return result, nil + default: - return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) + return nil, runtime.NewAPIError("unknown error", response, response.Code()) } } @@ -39,7 +40,7 @@ func NewGetVersionOK() *GetVersionOK { return &GetVersionOK{} } -/* GetVersionOK describes a response with status code 200, with default header values. +/*GetVersionOK handles this case with default header values. version */ @@ -50,6 +51,7 @@ type GetVersionOK struct { func (o *GetVersionOK) Error() string { return fmt.Sprintf("[GET /version][%d] getVersionOK %+v", 200, o.Payload) } + func (o *GetVersionOK) GetPayload() *models.Version { return o.Payload } diff --git a/internal/httpclient/client/admin/introspect_o_auth2_token_parameters.go b/internal/httpclient/client/admin/introspect_o_auth2_token_parameters.go index c1addcfac03..3913438d85d 100644 --- a/internal/httpclient/client/admin/introspect_o_auth2_token_parameters.go +++ b/internal/httpclient/client/admin/introspect_o_auth2_token_parameters.go @@ -16,62 +16,62 @@ import ( "github.com/go-openapi/strfmt" ) -// NewIntrospectOAuth2TokenParams creates a new IntrospectOAuth2TokenParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewIntrospectOAuth2TokenParams creates a new IntrospectOAuth2TokenParams object +// with the default values initialized. func NewIntrospectOAuth2TokenParams() *IntrospectOAuth2TokenParams { + var () return &IntrospectOAuth2TokenParams{ + timeout: cr.DefaultTimeout, } } // NewIntrospectOAuth2TokenParamsWithTimeout creates a new IntrospectOAuth2TokenParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewIntrospectOAuth2TokenParamsWithTimeout(timeout time.Duration) *IntrospectOAuth2TokenParams { + var () return &IntrospectOAuth2TokenParams{ + timeout: timeout, } } // NewIntrospectOAuth2TokenParamsWithContext creates a new IntrospectOAuth2TokenParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewIntrospectOAuth2TokenParamsWithContext(ctx context.Context) *IntrospectOAuth2TokenParams { + var () return &IntrospectOAuth2TokenParams{ + Context: ctx, } } // NewIntrospectOAuth2TokenParamsWithHTTPClient creates a new IntrospectOAuth2TokenParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewIntrospectOAuth2TokenParamsWithHTTPClient(client *http.Client) *IntrospectOAuth2TokenParams { + var () return &IntrospectOAuth2TokenParams{ HTTPClient: client, } } -/* IntrospectOAuth2TokenParams contains all the parameters to send to the API endpoint - for the introspect o auth2 token operation. - - Typically these are written to a http.Request. +/*IntrospectOAuth2TokenParams contains all the parameters to send to the API endpoint +for the introspect o auth2 token operation typically these are written to a http.Request */ type IntrospectOAuth2TokenParams struct { - /* Scope. - - An optional, space separated list of required scopes. If the access token was not granted one of the + /*Scope + An optional, space separated list of required scopes. If the access token was not granted one of the scopes, the result of active will be false. + */ Scope *string - - /* Token. - - The string value of the token. For access tokens, this + /*Token + The string value of the token. For access tokens, this is the "access_token" value returned from the token endpoint defined in OAuth 2.0. For refresh tokens, this is the "refresh_token" value returned. + */ Token string @@ -80,21 +80,6 @@ type IntrospectOAuth2TokenParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the introspect o auth2 token params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *IntrospectOAuth2TokenParams) WithDefaults() *IntrospectOAuth2TokenParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the introspect o auth2 token params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *IntrospectOAuth2TokenParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the introspect o auth2 token params func (o *IntrospectOAuth2TokenParams) WithTimeout(timeout time.Duration) *IntrospectOAuth2TokenParams { o.SetTimeout(timeout) @@ -171,6 +156,7 @@ func (o *IntrospectOAuth2TokenParams) WriteToRequest(r runtime.ClientRequest, re return err } } + } // form param token diff --git a/internal/httpclient/client/admin/is_instance_alive_parameters.go b/internal/httpclient/client/admin/is_instance_alive_parameters.go index 50766f53d7e..44c9c204fe3 100644 --- a/internal/httpclient/client/admin/is_instance_alive_parameters.go +++ b/internal/httpclient/client/admin/is_instance_alive_parameters.go @@ -16,46 +16,47 @@ import ( "github.com/go-openapi/strfmt" ) -// NewIsInstanceAliveParams creates a new IsInstanceAliveParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewIsInstanceAliveParams creates a new IsInstanceAliveParams object +// with the default values initialized. func NewIsInstanceAliveParams() *IsInstanceAliveParams { + return &IsInstanceAliveParams{ + timeout: cr.DefaultTimeout, } } // NewIsInstanceAliveParamsWithTimeout creates a new IsInstanceAliveParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewIsInstanceAliveParamsWithTimeout(timeout time.Duration) *IsInstanceAliveParams { + return &IsInstanceAliveParams{ + timeout: timeout, } } // NewIsInstanceAliveParamsWithContext creates a new IsInstanceAliveParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewIsInstanceAliveParamsWithContext(ctx context.Context) *IsInstanceAliveParams { + return &IsInstanceAliveParams{ + Context: ctx, } } // NewIsInstanceAliveParamsWithHTTPClient creates a new IsInstanceAliveParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewIsInstanceAliveParamsWithHTTPClient(client *http.Client) *IsInstanceAliveParams { + return &IsInstanceAliveParams{ HTTPClient: client, } } -/* IsInstanceAliveParams contains all the parameters to send to the API endpoint - for the is instance alive operation. - - Typically these are written to a http.Request. +/*IsInstanceAliveParams contains all the parameters to send to the API endpoint +for the is instance alive operation typically these are written to a http.Request */ type IsInstanceAliveParams struct { timeout time.Duration @@ -63,21 +64,6 @@ type IsInstanceAliveParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the is instance alive params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *IsInstanceAliveParams) WithDefaults() *IsInstanceAliveParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the is instance alive params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *IsInstanceAliveParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the is instance alive params func (o *IsInstanceAliveParams) WithTimeout(timeout time.Duration) *IsInstanceAliveParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/list_o_auth2_clients_parameters.go b/internal/httpclient/client/admin/list_o_auth2_clients_parameters.go index c9b73dab8a0..6d3e6684d63 100644 --- a/internal/httpclient/client/admin/list_o_auth2_clients_parameters.go +++ b/internal/httpclient/client/admin/list_o_auth2_clients_parameters.go @@ -17,62 +17,58 @@ import ( "github.com/go-openapi/swag" ) -// NewListOAuth2ClientsParams creates a new ListOAuth2ClientsParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewListOAuth2ClientsParams creates a new ListOAuth2ClientsParams object +// with the default values initialized. func NewListOAuth2ClientsParams() *ListOAuth2ClientsParams { + var () return &ListOAuth2ClientsParams{ + timeout: cr.DefaultTimeout, } } // NewListOAuth2ClientsParamsWithTimeout creates a new ListOAuth2ClientsParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewListOAuth2ClientsParamsWithTimeout(timeout time.Duration) *ListOAuth2ClientsParams { + var () return &ListOAuth2ClientsParams{ + timeout: timeout, } } // NewListOAuth2ClientsParamsWithContext creates a new ListOAuth2ClientsParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewListOAuth2ClientsParamsWithContext(ctx context.Context) *ListOAuth2ClientsParams { + var () return &ListOAuth2ClientsParams{ + Context: ctx, } } // NewListOAuth2ClientsParamsWithHTTPClient creates a new ListOAuth2ClientsParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewListOAuth2ClientsParamsWithHTTPClient(client *http.Client) *ListOAuth2ClientsParams { + var () return &ListOAuth2ClientsParams{ HTTPClient: client, } } -/* ListOAuth2ClientsParams contains all the parameters to send to the API endpoint - for the list o auth2 clients operation. - - Typically these are written to a http.Request. +/*ListOAuth2ClientsParams contains all the parameters to send to the API endpoint +for the list o auth2 clients operation typically these are written to a http.Request */ type ListOAuth2ClientsParams struct { - /* Limit. - - The maximum amount of policies returned, upper bound is 500 policies + /*Limit + The maximum amount of policies returned, upper bound is 500 policies - Format: int64 */ Limit *int64 + /*Offset + The offset from where to start looking. - /* Offset. - - The offset from where to start looking. - - Format: int64 */ Offset *int64 @@ -81,21 +77,6 @@ type ListOAuth2ClientsParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the list o auth2 clients params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *ListOAuth2ClientsParams) WithDefaults() *ListOAuth2ClientsParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the list o auth2 clients params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *ListOAuth2ClientsParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the list o auth2 clients params func (o *ListOAuth2ClientsParams) WithTimeout(timeout time.Duration) *ListOAuth2ClientsParams { o.SetTimeout(timeout) @@ -163,34 +144,32 @@ func (o *ListOAuth2ClientsParams) WriteToRequest(r runtime.ClientRequest, reg st // query param limit var qrLimit int64 - if o.Limit != nil { qrLimit = *o.Limit } qLimit := swag.FormatInt64(qrLimit) if qLimit != "" { - if err := r.SetQueryParam("limit", qLimit); err != nil { return err } } + } if o.Offset != nil { // query param offset var qrOffset int64 - if o.Offset != nil { qrOffset = *o.Offset } qOffset := swag.FormatInt64(qrOffset) if qOffset != "" { - if err := r.SetQueryParam("offset", qOffset); err != nil { return err } } + } if len(res) > 0 { diff --git a/internal/httpclient/client/admin/list_subject_consent_sessions_parameters.go b/internal/httpclient/client/admin/list_subject_consent_sessions_parameters.go index 6788e8f5dab..bca88f73d5f 100644 --- a/internal/httpclient/client/admin/list_subject_consent_sessions_parameters.go +++ b/internal/httpclient/client/admin/list_subject_consent_sessions_parameters.go @@ -16,50 +16,51 @@ import ( "github.com/go-openapi/strfmt" ) -// NewListSubjectConsentSessionsParams creates a new ListSubjectConsentSessionsParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewListSubjectConsentSessionsParams creates a new ListSubjectConsentSessionsParams object +// with the default values initialized. func NewListSubjectConsentSessionsParams() *ListSubjectConsentSessionsParams { + var () return &ListSubjectConsentSessionsParams{ + timeout: cr.DefaultTimeout, } } // NewListSubjectConsentSessionsParamsWithTimeout creates a new ListSubjectConsentSessionsParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewListSubjectConsentSessionsParamsWithTimeout(timeout time.Duration) *ListSubjectConsentSessionsParams { + var () return &ListSubjectConsentSessionsParams{ + timeout: timeout, } } // NewListSubjectConsentSessionsParamsWithContext creates a new ListSubjectConsentSessionsParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewListSubjectConsentSessionsParamsWithContext(ctx context.Context) *ListSubjectConsentSessionsParams { + var () return &ListSubjectConsentSessionsParams{ + Context: ctx, } } // NewListSubjectConsentSessionsParamsWithHTTPClient creates a new ListSubjectConsentSessionsParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewListSubjectConsentSessionsParamsWithHTTPClient(client *http.Client) *ListSubjectConsentSessionsParams { + var () return &ListSubjectConsentSessionsParams{ HTTPClient: client, } } -/* ListSubjectConsentSessionsParams contains all the parameters to send to the API endpoint - for the list subject consent sessions operation. - - Typically these are written to a http.Request. +/*ListSubjectConsentSessionsParams contains all the parameters to send to the API endpoint +for the list subject consent sessions operation typically these are written to a http.Request */ type ListSubjectConsentSessionsParams struct { - // Subject. + /*Subject*/ Subject string timeout time.Duration @@ -67,21 +68,6 @@ type ListSubjectConsentSessionsParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the list subject consent sessions params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *ListSubjectConsentSessionsParams) WithDefaults() *ListSubjectConsentSessionsParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the list subject consent sessions params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *ListSubjectConsentSessionsParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the list subject consent sessions params func (o *ListSubjectConsentSessionsParams) WithTimeout(timeout time.Duration) *ListSubjectConsentSessionsParams { o.SetTimeout(timeout) @@ -138,7 +124,6 @@ func (o *ListSubjectConsentSessionsParams) WriteToRequest(r runtime.ClientReques qrSubject := o.Subject qSubject := qrSubject if qSubject != "" { - if err := r.SetQueryParam("subject", qSubject); err != nil { return err } diff --git a/internal/httpclient/client/admin/list_trusted_jwt_grant_issuers_parameters.go b/internal/httpclient/client/admin/list_trusted_jwt_grant_issuers_parameters.go new file mode 100644 index 00000000000..2d924cded2d --- /dev/null +++ b/internal/httpclient/client/admin/list_trusted_jwt_grant_issuers_parameters.go @@ -0,0 +1,211 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + "net/http" + "time" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + cr "github.com/go-openapi/runtime/client" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" +) + +// NewListTrustedJwtGrantIssuersParams creates a new ListTrustedJwtGrantIssuersParams object +// with the default values initialized. +func NewListTrustedJwtGrantIssuersParams() *ListTrustedJwtGrantIssuersParams { + var () + return &ListTrustedJwtGrantIssuersParams{ + + timeout: cr.DefaultTimeout, + } +} + +// NewListTrustedJwtGrantIssuersParamsWithTimeout creates a new ListTrustedJwtGrantIssuersParams object +// with the default values initialized, and the ability to set a timeout on a request +func NewListTrustedJwtGrantIssuersParamsWithTimeout(timeout time.Duration) *ListTrustedJwtGrantIssuersParams { + var () + return &ListTrustedJwtGrantIssuersParams{ + + timeout: timeout, + } +} + +// NewListTrustedJwtGrantIssuersParamsWithContext creates a new ListTrustedJwtGrantIssuersParams object +// with the default values initialized, and the ability to set a context for a request +func NewListTrustedJwtGrantIssuersParamsWithContext(ctx context.Context) *ListTrustedJwtGrantIssuersParams { + var () + return &ListTrustedJwtGrantIssuersParams{ + + Context: ctx, + } +} + +// NewListTrustedJwtGrantIssuersParamsWithHTTPClient creates a new ListTrustedJwtGrantIssuersParams object +// with the default values initialized, and the ability to set a custom HTTPClient for a request +func NewListTrustedJwtGrantIssuersParamsWithHTTPClient(client *http.Client) *ListTrustedJwtGrantIssuersParams { + var () + return &ListTrustedJwtGrantIssuersParams{ + HTTPClient: client, + } +} + +/*ListTrustedJwtGrantIssuersParams contains all the parameters to send to the API endpoint +for the list trusted jwt grant issuers operation typically these are written to a http.Request +*/ +type ListTrustedJwtGrantIssuersParams struct { + + /*Issuer + If optional "issuer" is supplied, only jwt-bearer grants with this issuer will be returned. + + */ + Issuer *string + /*Limit + The maximum amount of policies returned, upper bound is 500 policies + + */ + Limit *int64 + /*Offset + The offset from where to start looking. + + */ + Offset *int64 + + timeout time.Duration + Context context.Context + HTTPClient *http.Client +} + +// WithTimeout adds the timeout to the list trusted jwt grant issuers params +func (o *ListTrustedJwtGrantIssuersParams) WithTimeout(timeout time.Duration) *ListTrustedJwtGrantIssuersParams { + o.SetTimeout(timeout) + return o +} + +// SetTimeout adds the timeout to the list trusted jwt grant issuers params +func (o *ListTrustedJwtGrantIssuersParams) SetTimeout(timeout time.Duration) { + o.timeout = timeout +} + +// WithContext adds the context to the list trusted jwt grant issuers params +func (o *ListTrustedJwtGrantIssuersParams) WithContext(ctx context.Context) *ListTrustedJwtGrantIssuersParams { + o.SetContext(ctx) + return o +} + +// SetContext adds the context to the list trusted jwt grant issuers params +func (o *ListTrustedJwtGrantIssuersParams) SetContext(ctx context.Context) { + o.Context = ctx +} + +// WithHTTPClient adds the HTTPClient to the list trusted jwt grant issuers params +func (o *ListTrustedJwtGrantIssuersParams) WithHTTPClient(client *http.Client) *ListTrustedJwtGrantIssuersParams { + o.SetHTTPClient(client) + return o +} + +// SetHTTPClient adds the HTTPClient to the list trusted jwt grant issuers params +func (o *ListTrustedJwtGrantIssuersParams) SetHTTPClient(client *http.Client) { + o.HTTPClient = client +} + +// WithIssuer adds the issuer to the list trusted jwt grant issuers params +func (o *ListTrustedJwtGrantIssuersParams) WithIssuer(issuer *string) *ListTrustedJwtGrantIssuersParams { + o.SetIssuer(issuer) + return o +} + +// SetIssuer adds the issuer to the list trusted jwt grant issuers params +func (o *ListTrustedJwtGrantIssuersParams) SetIssuer(issuer *string) { + o.Issuer = issuer +} + +// WithLimit adds the limit to the list trusted jwt grant issuers params +func (o *ListTrustedJwtGrantIssuersParams) WithLimit(limit *int64) *ListTrustedJwtGrantIssuersParams { + o.SetLimit(limit) + return o +} + +// SetLimit adds the limit to the list trusted jwt grant issuers params +func (o *ListTrustedJwtGrantIssuersParams) SetLimit(limit *int64) { + o.Limit = limit +} + +// WithOffset adds the offset to the list trusted jwt grant issuers params +func (o *ListTrustedJwtGrantIssuersParams) WithOffset(offset *int64) *ListTrustedJwtGrantIssuersParams { + o.SetOffset(offset) + return o +} + +// SetOffset adds the offset to the list trusted jwt grant issuers params +func (o *ListTrustedJwtGrantIssuersParams) SetOffset(offset *int64) { + o.Offset = offset +} + +// WriteToRequest writes these params to a swagger request +func (o *ListTrustedJwtGrantIssuersParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { + + if err := r.SetTimeout(o.timeout); err != nil { + return err + } + var res []error + + if o.Issuer != nil { + + // query param issuer + var qrIssuer string + if o.Issuer != nil { + qrIssuer = *o.Issuer + } + qIssuer := qrIssuer + if qIssuer != "" { + if err := r.SetQueryParam("issuer", qIssuer); err != nil { + return err + } + } + + } + + if o.Limit != nil { + + // query param limit + var qrLimit int64 + if o.Limit != nil { + qrLimit = *o.Limit + } + qLimit := swag.FormatInt64(qrLimit) + if qLimit != "" { + if err := r.SetQueryParam("limit", qLimit); err != nil { + return err + } + } + + } + + if o.Offset != nil { + + // query param offset + var qrOffset int64 + if o.Offset != nil { + qrOffset = *o.Offset + } + qOffset := swag.FormatInt64(qrOffset) + if qOffset != "" { + if err := r.SetQueryParam("offset", qOffset); err != nil { + return err + } + } + + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/internal/httpclient/client/admin/list_trusted_jwt_grant_issuers_responses.go b/internal/httpclient/client/admin/list_trusted_jwt_grant_issuers_responses.go new file mode 100644 index 00000000000..8cb7d4e3e82 --- /dev/null +++ b/internal/httpclient/client/admin/list_trusted_jwt_grant_issuers_responses.go @@ -0,0 +1,106 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "fmt" + "io" + + "github.com/go-openapi/runtime" + "github.com/go-openapi/strfmt" + + "github.com/ory/hydra/internal/httpclient/models" +) + +// ListTrustedJwtGrantIssuersReader is a Reader for the ListTrustedJwtGrantIssuers structure. +type ListTrustedJwtGrantIssuersReader struct { + formats strfmt.Registry +} + +// ReadResponse reads a server response into the received o. +func (o *ListTrustedJwtGrantIssuersReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { + switch response.Code() { + case 200: + result := NewListTrustedJwtGrantIssuersOK() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return result, nil + case 500: + result := NewListTrustedJwtGrantIssuersInternalServerError() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + + default: + return nil, runtime.NewAPIError("unknown error", response, response.Code()) + } +} + +// NewListTrustedJwtGrantIssuersOK creates a ListTrustedJwtGrantIssuersOK with default headers values +func NewListTrustedJwtGrantIssuersOK() *ListTrustedJwtGrantIssuersOK { + return &ListTrustedJwtGrantIssuersOK{} +} + +/*ListTrustedJwtGrantIssuersOK handles this case with default header values. + +trustedJwtGrantIssuers +*/ +type ListTrustedJwtGrantIssuersOK struct { + Payload models.TrustedJwtGrantIssuers +} + +func (o *ListTrustedJwtGrantIssuersOK) Error() string { + return fmt.Sprintf("[GET /trust/grants/jwt-bearer/issuers][%d] listTrustedJwtGrantIssuersOK %+v", 200, o.Payload) +} + +func (o *ListTrustedJwtGrantIssuersOK) GetPayload() models.TrustedJwtGrantIssuers { + return o.Payload +} + +func (o *ListTrustedJwtGrantIssuersOK) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + // response payload + if err := consumer.Consume(response.Body(), &o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewListTrustedJwtGrantIssuersInternalServerError creates a ListTrustedJwtGrantIssuersInternalServerError with default headers values +func NewListTrustedJwtGrantIssuersInternalServerError() *ListTrustedJwtGrantIssuersInternalServerError { + return &ListTrustedJwtGrantIssuersInternalServerError{} +} + +/*ListTrustedJwtGrantIssuersInternalServerError handles this case with default header values. + +genericError +*/ +type ListTrustedJwtGrantIssuersInternalServerError struct { + Payload *models.GenericError +} + +func (o *ListTrustedJwtGrantIssuersInternalServerError) Error() string { + return fmt.Sprintf("[GET /trust/grants/jwt-bearer/issuers][%d] listTrustedJwtGrantIssuersInternalServerError %+v", 500, o.Payload) +} + +func (o *ListTrustedJwtGrantIssuersInternalServerError) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *ListTrustedJwtGrantIssuersInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} diff --git a/internal/httpclient/client/admin/patch_o_auth2_client_parameters.go b/internal/httpclient/client/admin/patch_o_auth2_client_parameters.go index bb40dbefc65..1e35ba6e391 100644 --- a/internal/httpclient/client/admin/patch_o_auth2_client_parameters.go +++ b/internal/httpclient/client/admin/patch_o_auth2_client_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewPatchOAuth2ClientParams creates a new PatchOAuth2ClientParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewPatchOAuth2ClientParams creates a new PatchOAuth2ClientParams object +// with the default values initialized. func NewPatchOAuth2ClientParams() *PatchOAuth2ClientParams { + var () return &PatchOAuth2ClientParams{ + timeout: cr.DefaultTimeout, } } // NewPatchOAuth2ClientParamsWithTimeout creates a new PatchOAuth2ClientParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewPatchOAuth2ClientParamsWithTimeout(timeout time.Duration) *PatchOAuth2ClientParams { + var () return &PatchOAuth2ClientParams{ + timeout: timeout, } } // NewPatchOAuth2ClientParamsWithContext creates a new PatchOAuth2ClientParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewPatchOAuth2ClientParamsWithContext(ctx context.Context) *PatchOAuth2ClientParams { + var () return &PatchOAuth2ClientParams{ + Context: ctx, } } // NewPatchOAuth2ClientParamsWithHTTPClient creates a new PatchOAuth2ClientParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewPatchOAuth2ClientParamsWithHTTPClient(client *http.Client) *PatchOAuth2ClientParams { + var () return &PatchOAuth2ClientParams{ HTTPClient: client, } } -/* PatchOAuth2ClientParams contains all the parameters to send to the API endpoint - for the patch o auth2 client operation. - - Typically these are written to a http.Request. +/*PatchOAuth2ClientParams contains all the parameters to send to the API endpoint +for the patch o auth2 client operation typically these are written to a http.Request */ type PatchOAuth2ClientParams struct { - // Body. + /*Body*/ Body models.PatchRequest - - // ID. + /*ID*/ ID string timeout time.Duration @@ -72,21 +72,6 @@ type PatchOAuth2ClientParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the patch o auth2 client params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *PatchOAuth2ClientParams) WithDefaults() *PatchOAuth2ClientParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the patch o auth2 client params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *PatchOAuth2ClientParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the patch o auth2 client params func (o *PatchOAuth2ClientParams) WithTimeout(timeout time.Duration) *PatchOAuth2ClientParams { o.SetTimeout(timeout) @@ -149,6 +134,7 @@ func (o *PatchOAuth2ClientParams) WriteToRequest(r runtime.ClientRequest, reg st return err } var res []error + if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/prometheus_parameters.go b/internal/httpclient/client/admin/prometheus_parameters.go index 2173b8bd96b..03b76358d86 100644 --- a/internal/httpclient/client/admin/prometheus_parameters.go +++ b/internal/httpclient/client/admin/prometheus_parameters.go @@ -16,46 +16,47 @@ import ( "github.com/go-openapi/strfmt" ) -// NewPrometheusParams creates a new PrometheusParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewPrometheusParams creates a new PrometheusParams object +// with the default values initialized. func NewPrometheusParams() *PrometheusParams { + return &PrometheusParams{ + timeout: cr.DefaultTimeout, } } // NewPrometheusParamsWithTimeout creates a new PrometheusParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewPrometheusParamsWithTimeout(timeout time.Duration) *PrometheusParams { + return &PrometheusParams{ + timeout: timeout, } } // NewPrometheusParamsWithContext creates a new PrometheusParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewPrometheusParamsWithContext(ctx context.Context) *PrometheusParams { + return &PrometheusParams{ + Context: ctx, } } // NewPrometheusParamsWithHTTPClient creates a new PrometheusParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewPrometheusParamsWithHTTPClient(client *http.Client) *PrometheusParams { + return &PrometheusParams{ HTTPClient: client, } } -/* PrometheusParams contains all the parameters to send to the API endpoint - for the prometheus operation. - - Typically these are written to a http.Request. +/*PrometheusParams contains all the parameters to send to the API endpoint +for the prometheus operation typically these are written to a http.Request */ type PrometheusParams struct { timeout time.Duration @@ -63,21 +64,6 @@ type PrometheusParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the prometheus params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *PrometheusParams) WithDefaults() *PrometheusParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the prometheus params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *PrometheusParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the prometheus params func (o *PrometheusParams) WithTimeout(timeout time.Duration) *PrometheusParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/admin/prometheus_responses.go b/internal/httpclient/client/admin/prometheus_responses.go index 8c64703a610..5fbd6ed7030 100644 --- a/internal/httpclient/client/admin/prometheus_responses.go +++ b/internal/httpclient/client/admin/prometheus_responses.go @@ -26,8 +26,9 @@ func (o *PrometheusReader) ReadResponse(response runtime.ClientResponse, consume return nil, err } return result, nil + default: - return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) + return nil, runtime.NewAPIError("unknown error", response, response.Code()) } } @@ -36,9 +37,9 @@ func NewPrometheusOK() *PrometheusOK { return &PrometheusOK{} } -/* PrometheusOK describes a response with status code 200, with default header values. +/*PrometheusOK handles this case with default header values. - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is +Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type PrometheusOK struct { diff --git a/internal/httpclient/client/admin/reject_consent_request_parameters.go b/internal/httpclient/client/admin/reject_consent_request_parameters.go index a71725bd0ed..eba20d4bd3e 100644 --- a/internal/httpclient/client/admin/reject_consent_request_parameters.go +++ b/internal/httpclient/client/admin/reject_consent_request_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewRejectConsentRequestParams creates a new RejectConsentRequestParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewRejectConsentRequestParams creates a new RejectConsentRequestParams object +// with the default values initialized. func NewRejectConsentRequestParams() *RejectConsentRequestParams { + var () return &RejectConsentRequestParams{ + timeout: cr.DefaultTimeout, } } // NewRejectConsentRequestParamsWithTimeout creates a new RejectConsentRequestParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewRejectConsentRequestParamsWithTimeout(timeout time.Duration) *RejectConsentRequestParams { + var () return &RejectConsentRequestParams{ + timeout: timeout, } } // NewRejectConsentRequestParamsWithContext creates a new RejectConsentRequestParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewRejectConsentRequestParamsWithContext(ctx context.Context) *RejectConsentRequestParams { + var () return &RejectConsentRequestParams{ + Context: ctx, } } // NewRejectConsentRequestParamsWithHTTPClient creates a new RejectConsentRequestParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewRejectConsentRequestParamsWithHTTPClient(client *http.Client) *RejectConsentRequestParams { + var () return &RejectConsentRequestParams{ HTTPClient: client, } } -/* RejectConsentRequestParams contains all the parameters to send to the API endpoint - for the reject consent request operation. - - Typically these are written to a http.Request. +/*RejectConsentRequestParams contains all the parameters to send to the API endpoint +for the reject consent request operation typically these are written to a http.Request */ type RejectConsentRequestParams struct { - // Body. + /*Body*/ Body *models.RejectRequest - - // ConsentChallenge. + /*ConsentChallenge*/ ConsentChallenge string timeout time.Duration @@ -72,21 +72,6 @@ type RejectConsentRequestParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the reject consent request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *RejectConsentRequestParams) WithDefaults() *RejectConsentRequestParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the reject consent request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *RejectConsentRequestParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the reject consent request params func (o *RejectConsentRequestParams) WithTimeout(timeout time.Duration) *RejectConsentRequestParams { o.SetTimeout(timeout) @@ -149,6 +134,7 @@ func (o *RejectConsentRequestParams) WriteToRequest(r runtime.ClientRequest, reg return err } var res []error + if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err @@ -159,7 +145,6 @@ func (o *RejectConsentRequestParams) WriteToRequest(r runtime.ClientRequest, reg qrConsentChallenge := o.ConsentChallenge qConsentChallenge := qrConsentChallenge if qConsentChallenge != "" { - if err := r.SetQueryParam("consent_challenge", qConsentChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/reject_login_request_parameters.go b/internal/httpclient/client/admin/reject_login_request_parameters.go index 300a4e9b1c3..03556b805fc 100644 --- a/internal/httpclient/client/admin/reject_login_request_parameters.go +++ b/internal/httpclient/client/admin/reject_login_request_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewRejectLoginRequestParams creates a new RejectLoginRequestParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewRejectLoginRequestParams creates a new RejectLoginRequestParams object +// with the default values initialized. func NewRejectLoginRequestParams() *RejectLoginRequestParams { + var () return &RejectLoginRequestParams{ + timeout: cr.DefaultTimeout, } } // NewRejectLoginRequestParamsWithTimeout creates a new RejectLoginRequestParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewRejectLoginRequestParamsWithTimeout(timeout time.Duration) *RejectLoginRequestParams { + var () return &RejectLoginRequestParams{ + timeout: timeout, } } // NewRejectLoginRequestParamsWithContext creates a new RejectLoginRequestParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewRejectLoginRequestParamsWithContext(ctx context.Context) *RejectLoginRequestParams { + var () return &RejectLoginRequestParams{ + Context: ctx, } } // NewRejectLoginRequestParamsWithHTTPClient creates a new RejectLoginRequestParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewRejectLoginRequestParamsWithHTTPClient(client *http.Client) *RejectLoginRequestParams { + var () return &RejectLoginRequestParams{ HTTPClient: client, } } -/* RejectLoginRequestParams contains all the parameters to send to the API endpoint - for the reject login request operation. - - Typically these are written to a http.Request. +/*RejectLoginRequestParams contains all the parameters to send to the API endpoint +for the reject login request operation typically these are written to a http.Request */ type RejectLoginRequestParams struct { - // Body. + /*Body*/ Body *models.RejectRequest - - // LoginChallenge. + /*LoginChallenge*/ LoginChallenge string timeout time.Duration @@ -72,21 +72,6 @@ type RejectLoginRequestParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the reject login request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *RejectLoginRequestParams) WithDefaults() *RejectLoginRequestParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the reject login request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *RejectLoginRequestParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the reject login request params func (o *RejectLoginRequestParams) WithTimeout(timeout time.Duration) *RejectLoginRequestParams { o.SetTimeout(timeout) @@ -149,6 +134,7 @@ func (o *RejectLoginRequestParams) WriteToRequest(r runtime.ClientRequest, reg s return err } var res []error + if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err @@ -159,7 +145,6 @@ func (o *RejectLoginRequestParams) WriteToRequest(r runtime.ClientRequest, reg s qrLoginChallenge := o.LoginChallenge qLoginChallenge := qrLoginChallenge if qLoginChallenge != "" { - if err := r.SetQueryParam("login_challenge", qLoginChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/reject_logout_request_parameters.go b/internal/httpclient/client/admin/reject_logout_request_parameters.go index f39e96898b2..be87d346429 100644 --- a/internal/httpclient/client/admin/reject_logout_request_parameters.go +++ b/internal/httpclient/client/admin/reject_logout_request_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewRejectLogoutRequestParams creates a new RejectLogoutRequestParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewRejectLogoutRequestParams creates a new RejectLogoutRequestParams object +// with the default values initialized. func NewRejectLogoutRequestParams() *RejectLogoutRequestParams { + var () return &RejectLogoutRequestParams{ + timeout: cr.DefaultTimeout, } } // NewRejectLogoutRequestParamsWithTimeout creates a new RejectLogoutRequestParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewRejectLogoutRequestParamsWithTimeout(timeout time.Duration) *RejectLogoutRequestParams { + var () return &RejectLogoutRequestParams{ + timeout: timeout, } } // NewRejectLogoutRequestParamsWithContext creates a new RejectLogoutRequestParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewRejectLogoutRequestParamsWithContext(ctx context.Context) *RejectLogoutRequestParams { + var () return &RejectLogoutRequestParams{ + Context: ctx, } } // NewRejectLogoutRequestParamsWithHTTPClient creates a new RejectLogoutRequestParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewRejectLogoutRequestParamsWithHTTPClient(client *http.Client) *RejectLogoutRequestParams { + var () return &RejectLogoutRequestParams{ HTTPClient: client, } } -/* RejectLogoutRequestParams contains all the parameters to send to the API endpoint - for the reject logout request operation. - - Typically these are written to a http.Request. +/*RejectLogoutRequestParams contains all the parameters to send to the API endpoint +for the reject logout request operation typically these are written to a http.Request */ type RejectLogoutRequestParams struct { - // Body. + /*Body*/ Body *models.RejectRequest - - // LogoutChallenge. + /*LogoutChallenge*/ LogoutChallenge string timeout time.Duration @@ -72,21 +72,6 @@ type RejectLogoutRequestParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the reject logout request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *RejectLogoutRequestParams) WithDefaults() *RejectLogoutRequestParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the reject logout request params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *RejectLogoutRequestParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the reject logout request params func (o *RejectLogoutRequestParams) WithTimeout(timeout time.Duration) *RejectLogoutRequestParams { o.SetTimeout(timeout) @@ -149,6 +134,7 @@ func (o *RejectLogoutRequestParams) WriteToRequest(r runtime.ClientRequest, reg return err } var res []error + if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err @@ -159,7 +145,6 @@ func (o *RejectLogoutRequestParams) WriteToRequest(r runtime.ClientRequest, reg qrLogoutChallenge := o.LogoutChallenge qLogoutChallenge := qrLogoutChallenge if qLogoutChallenge != "" { - if err := r.SetQueryParam("logout_challenge", qLogoutChallenge); err != nil { return err } diff --git a/internal/httpclient/client/admin/revoke_authentication_session_parameters.go b/internal/httpclient/client/admin/revoke_authentication_session_parameters.go index 780e8fd0266..dab7c8b54dd 100644 --- a/internal/httpclient/client/admin/revoke_authentication_session_parameters.go +++ b/internal/httpclient/client/admin/revoke_authentication_session_parameters.go @@ -16,50 +16,51 @@ import ( "github.com/go-openapi/strfmt" ) -// NewRevokeAuthenticationSessionParams creates a new RevokeAuthenticationSessionParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewRevokeAuthenticationSessionParams creates a new RevokeAuthenticationSessionParams object +// with the default values initialized. func NewRevokeAuthenticationSessionParams() *RevokeAuthenticationSessionParams { + var () return &RevokeAuthenticationSessionParams{ + timeout: cr.DefaultTimeout, } } // NewRevokeAuthenticationSessionParamsWithTimeout creates a new RevokeAuthenticationSessionParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewRevokeAuthenticationSessionParamsWithTimeout(timeout time.Duration) *RevokeAuthenticationSessionParams { + var () return &RevokeAuthenticationSessionParams{ + timeout: timeout, } } // NewRevokeAuthenticationSessionParamsWithContext creates a new RevokeAuthenticationSessionParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewRevokeAuthenticationSessionParamsWithContext(ctx context.Context) *RevokeAuthenticationSessionParams { + var () return &RevokeAuthenticationSessionParams{ + Context: ctx, } } // NewRevokeAuthenticationSessionParamsWithHTTPClient creates a new RevokeAuthenticationSessionParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewRevokeAuthenticationSessionParamsWithHTTPClient(client *http.Client) *RevokeAuthenticationSessionParams { + var () return &RevokeAuthenticationSessionParams{ HTTPClient: client, } } -/* RevokeAuthenticationSessionParams contains all the parameters to send to the API endpoint - for the revoke authentication session operation. - - Typically these are written to a http.Request. +/*RevokeAuthenticationSessionParams contains all the parameters to send to the API endpoint +for the revoke authentication session operation typically these are written to a http.Request */ type RevokeAuthenticationSessionParams struct { - // Subject. + /*Subject*/ Subject string timeout time.Duration @@ -67,21 +68,6 @@ type RevokeAuthenticationSessionParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the revoke authentication session params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *RevokeAuthenticationSessionParams) WithDefaults() *RevokeAuthenticationSessionParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the revoke authentication session params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *RevokeAuthenticationSessionParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the revoke authentication session params func (o *RevokeAuthenticationSessionParams) WithTimeout(timeout time.Duration) *RevokeAuthenticationSessionParams { o.SetTimeout(timeout) @@ -138,7 +124,6 @@ func (o *RevokeAuthenticationSessionParams) WriteToRequest(r runtime.ClientReque qrSubject := o.Subject qSubject := qrSubject if qSubject != "" { - if err := r.SetQueryParam("subject", qSubject); err != nil { return err } diff --git a/internal/httpclient/client/admin/revoke_consent_sessions_parameters.go b/internal/httpclient/client/admin/revoke_consent_sessions_parameters.go index 357224b576f..6dadc668afd 100644 --- a/internal/httpclient/client/admin/revoke_consent_sessions_parameters.go +++ b/internal/httpclient/client/admin/revoke_consent_sessions_parameters.go @@ -17,64 +17,63 @@ import ( "github.com/go-openapi/swag" ) -// NewRevokeConsentSessionsParams creates a new RevokeConsentSessionsParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewRevokeConsentSessionsParams creates a new RevokeConsentSessionsParams object +// with the default values initialized. func NewRevokeConsentSessionsParams() *RevokeConsentSessionsParams { + var () return &RevokeConsentSessionsParams{ + timeout: cr.DefaultTimeout, } } // NewRevokeConsentSessionsParamsWithTimeout creates a new RevokeConsentSessionsParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewRevokeConsentSessionsParamsWithTimeout(timeout time.Duration) *RevokeConsentSessionsParams { + var () return &RevokeConsentSessionsParams{ + timeout: timeout, } } // NewRevokeConsentSessionsParamsWithContext creates a new RevokeConsentSessionsParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewRevokeConsentSessionsParamsWithContext(ctx context.Context) *RevokeConsentSessionsParams { + var () return &RevokeConsentSessionsParams{ + Context: ctx, } } // NewRevokeConsentSessionsParamsWithHTTPClient creates a new RevokeConsentSessionsParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewRevokeConsentSessionsParamsWithHTTPClient(client *http.Client) *RevokeConsentSessionsParams { + var () return &RevokeConsentSessionsParams{ HTTPClient: client, } } -/* RevokeConsentSessionsParams contains all the parameters to send to the API endpoint - for the revoke consent sessions operation. - - Typically these are written to a http.Request. +/*RevokeConsentSessionsParams contains all the parameters to send to the API endpoint +for the revoke consent sessions operation typically these are written to a http.Request */ type RevokeConsentSessionsParams struct { - /* All. + /*All + If set to `?all=true`, deletes all consent sessions by the Subject that have been granted. - If set to `?all=true`, deletes all consent sessions by the Subject that have been granted. */ All *bool + /*Client + If set, deletes only those consent sessions by the Subject that have been granted to the specified OAuth 2.0 Client ID - /* Client. - - If set, deletes only those consent sessions by the Subject that have been granted to the specified OAuth 2.0 Client ID */ Client *string + /*Subject + The subject (Subject) who's consent sessions should be deleted. - /* Subject. - - The subject (Subject) who's consent sessions should be deleted. */ Subject string @@ -83,21 +82,6 @@ type RevokeConsentSessionsParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the revoke consent sessions params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *RevokeConsentSessionsParams) WithDefaults() *RevokeConsentSessionsParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the revoke consent sessions params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *RevokeConsentSessionsParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the revoke consent sessions params func (o *RevokeConsentSessionsParams) WithTimeout(timeout time.Duration) *RevokeConsentSessionsParams { o.SetTimeout(timeout) @@ -176,41 +160,38 @@ func (o *RevokeConsentSessionsParams) WriteToRequest(r runtime.ClientRequest, re // query param all var qrAll bool - if o.All != nil { qrAll = *o.All } qAll := swag.FormatBool(qrAll) if qAll != "" { - if err := r.SetQueryParam("all", qAll); err != nil { return err } } + } if o.Client != nil { // query param client var qrClient string - if o.Client != nil { qrClient = *o.Client } qClient := qrClient if qClient != "" { - if err := r.SetQueryParam("client", qClient); err != nil { return err } } + } // query param subject qrSubject := o.Subject qSubject := qrSubject if qSubject != "" { - if err := r.SetQueryParam("subject", qSubject); err != nil { return err } diff --git a/internal/httpclient/client/admin/trust_jwt_grant_issuer_parameters.go b/internal/httpclient/client/admin/trust_jwt_grant_issuer_parameters.go new file mode 100644 index 00000000000..d89b9766684 --- /dev/null +++ b/internal/httpclient/client/admin/trust_jwt_grant_issuer_parameters.go @@ -0,0 +1,135 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "context" + "net/http" + "time" + + "github.com/go-openapi/errors" + "github.com/go-openapi/runtime" + cr "github.com/go-openapi/runtime/client" + "github.com/go-openapi/strfmt" + + "github.com/ory/hydra/internal/httpclient/models" +) + +// NewTrustJwtGrantIssuerParams creates a new TrustJwtGrantIssuerParams object +// with the default values initialized. +func NewTrustJwtGrantIssuerParams() *TrustJwtGrantIssuerParams { + var () + return &TrustJwtGrantIssuerParams{ + + timeout: cr.DefaultTimeout, + } +} + +// NewTrustJwtGrantIssuerParamsWithTimeout creates a new TrustJwtGrantIssuerParams object +// with the default values initialized, and the ability to set a timeout on a request +func NewTrustJwtGrantIssuerParamsWithTimeout(timeout time.Duration) *TrustJwtGrantIssuerParams { + var () + return &TrustJwtGrantIssuerParams{ + + timeout: timeout, + } +} + +// NewTrustJwtGrantIssuerParamsWithContext creates a new TrustJwtGrantIssuerParams object +// with the default values initialized, and the ability to set a context for a request +func NewTrustJwtGrantIssuerParamsWithContext(ctx context.Context) *TrustJwtGrantIssuerParams { + var () + return &TrustJwtGrantIssuerParams{ + + Context: ctx, + } +} + +// NewTrustJwtGrantIssuerParamsWithHTTPClient creates a new TrustJwtGrantIssuerParams object +// with the default values initialized, and the ability to set a custom HTTPClient for a request +func NewTrustJwtGrantIssuerParamsWithHTTPClient(client *http.Client) *TrustJwtGrantIssuerParams { + var () + return &TrustJwtGrantIssuerParams{ + HTTPClient: client, + } +} + +/*TrustJwtGrantIssuerParams contains all the parameters to send to the API endpoint +for the trust jwt grant issuer operation typically these are written to a http.Request +*/ +type TrustJwtGrantIssuerParams struct { + + /*Body*/ + Body *models.TrustJwtGrantIssuerBody + + timeout time.Duration + Context context.Context + HTTPClient *http.Client +} + +// WithTimeout adds the timeout to the trust jwt grant issuer params +func (o *TrustJwtGrantIssuerParams) WithTimeout(timeout time.Duration) *TrustJwtGrantIssuerParams { + o.SetTimeout(timeout) + return o +} + +// SetTimeout adds the timeout to the trust jwt grant issuer params +func (o *TrustJwtGrantIssuerParams) SetTimeout(timeout time.Duration) { + o.timeout = timeout +} + +// WithContext adds the context to the trust jwt grant issuer params +func (o *TrustJwtGrantIssuerParams) WithContext(ctx context.Context) *TrustJwtGrantIssuerParams { + o.SetContext(ctx) + return o +} + +// SetContext adds the context to the trust jwt grant issuer params +func (o *TrustJwtGrantIssuerParams) SetContext(ctx context.Context) { + o.Context = ctx +} + +// WithHTTPClient adds the HTTPClient to the trust jwt grant issuer params +func (o *TrustJwtGrantIssuerParams) WithHTTPClient(client *http.Client) *TrustJwtGrantIssuerParams { + o.SetHTTPClient(client) + return o +} + +// SetHTTPClient adds the HTTPClient to the trust jwt grant issuer params +func (o *TrustJwtGrantIssuerParams) SetHTTPClient(client *http.Client) { + o.HTTPClient = client +} + +// WithBody adds the body to the trust jwt grant issuer params +func (o *TrustJwtGrantIssuerParams) WithBody(body *models.TrustJwtGrantIssuerBody) *TrustJwtGrantIssuerParams { + o.SetBody(body) + return o +} + +// SetBody adds the body to the trust jwt grant issuer params +func (o *TrustJwtGrantIssuerParams) SetBody(body *models.TrustJwtGrantIssuerBody) { + o.Body = body +} + +// WriteToRequest writes these params to a swagger request +func (o *TrustJwtGrantIssuerParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.Registry) error { + + if err := r.SetTimeout(o.timeout); err != nil { + return err + } + var res []error + + if o.Body != nil { + if err := r.SetBodyParam(o.Body); err != nil { + return err + } + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/internal/httpclient/client/admin/trust_jwt_grant_issuer_responses.go b/internal/httpclient/client/admin/trust_jwt_grant_issuer_responses.go new file mode 100644 index 00000000000..e18993e4626 --- /dev/null +++ b/internal/httpclient/client/admin/trust_jwt_grant_issuer_responses.go @@ -0,0 +1,186 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package admin + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "fmt" + "io" + + "github.com/go-openapi/runtime" + "github.com/go-openapi/strfmt" + + "github.com/ory/hydra/internal/httpclient/models" +) + +// TrustJwtGrantIssuerReader is a Reader for the TrustJwtGrantIssuer structure. +type TrustJwtGrantIssuerReader struct { + formats strfmt.Registry +} + +// ReadResponse reads a server response into the received o. +func (o *TrustJwtGrantIssuerReader) ReadResponse(response runtime.ClientResponse, consumer runtime.Consumer) (interface{}, error) { + switch response.Code() { + case 201: + result := NewTrustJwtGrantIssuerCreated() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return result, nil + case 400: + result := NewTrustJwtGrantIssuerBadRequest() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + case 409: + result := NewTrustJwtGrantIssuerConflict() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + case 500: + result := NewTrustJwtGrantIssuerInternalServerError() + if err := result.readResponse(response, consumer, o.formats); err != nil { + return nil, err + } + return nil, result + + default: + return nil, runtime.NewAPIError("unknown error", response, response.Code()) + } +} + +// NewTrustJwtGrantIssuerCreated creates a TrustJwtGrantIssuerCreated with default headers values +func NewTrustJwtGrantIssuerCreated() *TrustJwtGrantIssuerCreated { + return &TrustJwtGrantIssuerCreated{} +} + +/*TrustJwtGrantIssuerCreated handles this case with default header values. + +trustedJwtGrantIssuer +*/ +type TrustJwtGrantIssuerCreated struct { + Payload *models.TrustedJwtGrantIssuer +} + +func (o *TrustJwtGrantIssuerCreated) Error() string { + return fmt.Sprintf("[POST /trust/grants/jwt-bearer/issuers][%d] trustJwtGrantIssuerCreated %+v", 201, o.Payload) +} + +func (o *TrustJwtGrantIssuerCreated) GetPayload() *models.TrustedJwtGrantIssuer { + return o.Payload +} + +func (o *TrustJwtGrantIssuerCreated) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.TrustedJwtGrantIssuer) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewTrustJwtGrantIssuerBadRequest creates a TrustJwtGrantIssuerBadRequest with default headers values +func NewTrustJwtGrantIssuerBadRequest() *TrustJwtGrantIssuerBadRequest { + return &TrustJwtGrantIssuerBadRequest{} +} + +/*TrustJwtGrantIssuerBadRequest handles this case with default header values. + +genericError +*/ +type TrustJwtGrantIssuerBadRequest struct { + Payload *models.GenericError +} + +func (o *TrustJwtGrantIssuerBadRequest) Error() string { + return fmt.Sprintf("[POST /trust/grants/jwt-bearer/issuers][%d] trustJwtGrantIssuerBadRequest %+v", 400, o.Payload) +} + +func (o *TrustJwtGrantIssuerBadRequest) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *TrustJwtGrantIssuerBadRequest) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewTrustJwtGrantIssuerConflict creates a TrustJwtGrantIssuerConflict with default headers values +func NewTrustJwtGrantIssuerConflict() *TrustJwtGrantIssuerConflict { + return &TrustJwtGrantIssuerConflict{} +} + +/*TrustJwtGrantIssuerConflict handles this case with default header values. + +genericError +*/ +type TrustJwtGrantIssuerConflict struct { + Payload *models.GenericError +} + +func (o *TrustJwtGrantIssuerConflict) Error() string { + return fmt.Sprintf("[POST /trust/grants/jwt-bearer/issuers][%d] trustJwtGrantIssuerConflict %+v", 409, o.Payload) +} + +func (o *TrustJwtGrantIssuerConflict) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *TrustJwtGrantIssuerConflict) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} + +// NewTrustJwtGrantIssuerInternalServerError creates a TrustJwtGrantIssuerInternalServerError with default headers values +func NewTrustJwtGrantIssuerInternalServerError() *TrustJwtGrantIssuerInternalServerError { + return &TrustJwtGrantIssuerInternalServerError{} +} + +/*TrustJwtGrantIssuerInternalServerError handles this case with default header values. + +genericError +*/ +type TrustJwtGrantIssuerInternalServerError struct { + Payload *models.GenericError +} + +func (o *TrustJwtGrantIssuerInternalServerError) Error() string { + return fmt.Sprintf("[POST /trust/grants/jwt-bearer/issuers][%d] trustJwtGrantIssuerInternalServerError %+v", 500, o.Payload) +} + +func (o *TrustJwtGrantIssuerInternalServerError) GetPayload() *models.GenericError { + return o.Payload +} + +func (o *TrustJwtGrantIssuerInternalServerError) readResponse(response runtime.ClientResponse, consumer runtime.Consumer, formats strfmt.Registry) error { + + o.Payload = new(models.GenericError) + + // response payload + if err := consumer.Consume(response.Body(), o.Payload); err != nil && err != io.EOF { + return err + } + + return nil +} diff --git a/internal/httpclient/client/admin/update_json_web_key_parameters.go b/internal/httpclient/client/admin/update_json_web_key_parameters.go index 1d58a24513f..23d00be45c1 100644 --- a/internal/httpclient/client/admin/update_json_web_key_parameters.go +++ b/internal/httpclient/client/admin/update_json_web_key_parameters.go @@ -18,61 +18,60 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewUpdateJSONWebKeyParams creates a new UpdateJSONWebKeyParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewUpdateJSONWebKeyParams creates a new UpdateJSONWebKeyParams object +// with the default values initialized. func NewUpdateJSONWebKeyParams() *UpdateJSONWebKeyParams { + var () return &UpdateJSONWebKeyParams{ + timeout: cr.DefaultTimeout, } } // NewUpdateJSONWebKeyParamsWithTimeout creates a new UpdateJSONWebKeyParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewUpdateJSONWebKeyParamsWithTimeout(timeout time.Duration) *UpdateJSONWebKeyParams { + var () return &UpdateJSONWebKeyParams{ + timeout: timeout, } } // NewUpdateJSONWebKeyParamsWithContext creates a new UpdateJSONWebKeyParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewUpdateJSONWebKeyParamsWithContext(ctx context.Context) *UpdateJSONWebKeyParams { + var () return &UpdateJSONWebKeyParams{ + Context: ctx, } } // NewUpdateJSONWebKeyParamsWithHTTPClient creates a new UpdateJSONWebKeyParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewUpdateJSONWebKeyParamsWithHTTPClient(client *http.Client) *UpdateJSONWebKeyParams { + var () return &UpdateJSONWebKeyParams{ HTTPClient: client, } } -/* UpdateJSONWebKeyParams contains all the parameters to send to the API endpoint - for the update Json web key operation. - - Typically these are written to a http.Request. +/*UpdateJSONWebKeyParams contains all the parameters to send to the API endpoint +for the update Json web key operation typically these are written to a http.Request */ type UpdateJSONWebKeyParams struct { - // Body. + /*Body*/ Body *models.JSONWebKey + /*Kid + The kid of the desired key - /* Kid. - - The kid of the desired key */ Kid string + /*Set + The set - /* Set. - - The set */ Set string @@ -81,21 +80,6 @@ type UpdateJSONWebKeyParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the update Json web key params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *UpdateJSONWebKeyParams) WithDefaults() *UpdateJSONWebKeyParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the update Json web key params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *UpdateJSONWebKeyParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the update Json web key params func (o *UpdateJSONWebKeyParams) WithTimeout(timeout time.Duration) *UpdateJSONWebKeyParams { o.SetTimeout(timeout) @@ -169,6 +153,7 @@ func (o *UpdateJSONWebKeyParams) WriteToRequest(r runtime.ClientRequest, reg str return err } var res []error + if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/update_json_web_key_set_parameters.go b/internal/httpclient/client/admin/update_json_web_key_set_parameters.go index 20cc85a3770..5d5de04e2f1 100644 --- a/internal/httpclient/client/admin/update_json_web_key_set_parameters.go +++ b/internal/httpclient/client/admin/update_json_web_key_set_parameters.go @@ -18,55 +18,55 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewUpdateJSONWebKeySetParams creates a new UpdateJSONWebKeySetParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewUpdateJSONWebKeySetParams creates a new UpdateJSONWebKeySetParams object +// with the default values initialized. func NewUpdateJSONWebKeySetParams() *UpdateJSONWebKeySetParams { + var () return &UpdateJSONWebKeySetParams{ + timeout: cr.DefaultTimeout, } } // NewUpdateJSONWebKeySetParamsWithTimeout creates a new UpdateJSONWebKeySetParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewUpdateJSONWebKeySetParamsWithTimeout(timeout time.Duration) *UpdateJSONWebKeySetParams { + var () return &UpdateJSONWebKeySetParams{ + timeout: timeout, } } // NewUpdateJSONWebKeySetParamsWithContext creates a new UpdateJSONWebKeySetParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewUpdateJSONWebKeySetParamsWithContext(ctx context.Context) *UpdateJSONWebKeySetParams { + var () return &UpdateJSONWebKeySetParams{ + Context: ctx, } } // NewUpdateJSONWebKeySetParamsWithHTTPClient creates a new UpdateJSONWebKeySetParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewUpdateJSONWebKeySetParamsWithHTTPClient(client *http.Client) *UpdateJSONWebKeySetParams { + var () return &UpdateJSONWebKeySetParams{ HTTPClient: client, } } -/* UpdateJSONWebKeySetParams contains all the parameters to send to the API endpoint - for the update Json web key set operation. - - Typically these are written to a http.Request. +/*UpdateJSONWebKeySetParams contains all the parameters to send to the API endpoint +for the update Json web key set operation typically these are written to a http.Request */ type UpdateJSONWebKeySetParams struct { - // Body. + /*Body*/ Body *models.JSONWebKeySet + /*Set + The set - /* Set. - - The set */ Set string @@ -75,21 +75,6 @@ type UpdateJSONWebKeySetParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the update Json web key set params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *UpdateJSONWebKeySetParams) WithDefaults() *UpdateJSONWebKeySetParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the update Json web key set params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *UpdateJSONWebKeySetParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the update Json web key set params func (o *UpdateJSONWebKeySetParams) WithTimeout(timeout time.Duration) *UpdateJSONWebKeySetParams { o.SetTimeout(timeout) @@ -152,6 +137,7 @@ func (o *UpdateJSONWebKeySetParams) WriteToRequest(r runtime.ClientRequest, reg return err } var res []error + if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/admin/update_o_auth2_client_parameters.go b/internal/httpclient/client/admin/update_o_auth2_client_parameters.go index d767532c9a0..85400c84f9f 100644 --- a/internal/httpclient/client/admin/update_o_auth2_client_parameters.go +++ b/internal/httpclient/client/admin/update_o_auth2_client_parameters.go @@ -18,53 +18,53 @@ import ( "github.com/ory/hydra/internal/httpclient/models" ) -// NewUpdateOAuth2ClientParams creates a new UpdateOAuth2ClientParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewUpdateOAuth2ClientParams creates a new UpdateOAuth2ClientParams object +// with the default values initialized. func NewUpdateOAuth2ClientParams() *UpdateOAuth2ClientParams { + var () return &UpdateOAuth2ClientParams{ + timeout: cr.DefaultTimeout, } } // NewUpdateOAuth2ClientParamsWithTimeout creates a new UpdateOAuth2ClientParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewUpdateOAuth2ClientParamsWithTimeout(timeout time.Duration) *UpdateOAuth2ClientParams { + var () return &UpdateOAuth2ClientParams{ + timeout: timeout, } } // NewUpdateOAuth2ClientParamsWithContext creates a new UpdateOAuth2ClientParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewUpdateOAuth2ClientParamsWithContext(ctx context.Context) *UpdateOAuth2ClientParams { + var () return &UpdateOAuth2ClientParams{ + Context: ctx, } } // NewUpdateOAuth2ClientParamsWithHTTPClient creates a new UpdateOAuth2ClientParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewUpdateOAuth2ClientParamsWithHTTPClient(client *http.Client) *UpdateOAuth2ClientParams { + var () return &UpdateOAuth2ClientParams{ HTTPClient: client, } } -/* UpdateOAuth2ClientParams contains all the parameters to send to the API endpoint - for the update o auth2 client operation. - - Typically these are written to a http.Request. +/*UpdateOAuth2ClientParams contains all the parameters to send to the API endpoint +for the update o auth2 client operation typically these are written to a http.Request */ type UpdateOAuth2ClientParams struct { - // Body. + /*Body*/ Body *models.OAuth2Client - - // ID. + /*ID*/ ID string timeout time.Duration @@ -72,21 +72,6 @@ type UpdateOAuth2ClientParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the update o auth2 client params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *UpdateOAuth2ClientParams) WithDefaults() *UpdateOAuth2ClientParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the update o auth2 client params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *UpdateOAuth2ClientParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the update o auth2 client params func (o *UpdateOAuth2ClientParams) WithTimeout(timeout time.Duration) *UpdateOAuth2ClientParams { o.SetTimeout(timeout) @@ -149,6 +134,7 @@ func (o *UpdateOAuth2ClientParams) WriteToRequest(r runtime.ClientRequest, reg s return err } var res []error + if o.Body != nil { if err := r.SetBodyParam(o.Body); err != nil { return err diff --git a/internal/httpclient/client/public/disconnect_user_parameters.go b/internal/httpclient/client/public/disconnect_user_parameters.go index e0c9b3938d5..e87c91fff85 100644 --- a/internal/httpclient/client/public/disconnect_user_parameters.go +++ b/internal/httpclient/client/public/disconnect_user_parameters.go @@ -16,46 +16,47 @@ import ( "github.com/go-openapi/strfmt" ) -// NewDisconnectUserParams creates a new DisconnectUserParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewDisconnectUserParams creates a new DisconnectUserParams object +// with the default values initialized. func NewDisconnectUserParams() *DisconnectUserParams { + return &DisconnectUserParams{ + timeout: cr.DefaultTimeout, } } // NewDisconnectUserParamsWithTimeout creates a new DisconnectUserParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewDisconnectUserParamsWithTimeout(timeout time.Duration) *DisconnectUserParams { + return &DisconnectUserParams{ + timeout: timeout, } } // NewDisconnectUserParamsWithContext creates a new DisconnectUserParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewDisconnectUserParamsWithContext(ctx context.Context) *DisconnectUserParams { + return &DisconnectUserParams{ + Context: ctx, } } // NewDisconnectUserParamsWithHTTPClient creates a new DisconnectUserParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewDisconnectUserParamsWithHTTPClient(client *http.Client) *DisconnectUserParams { + return &DisconnectUserParams{ HTTPClient: client, } } -/* DisconnectUserParams contains all the parameters to send to the API endpoint - for the disconnect user operation. - - Typically these are written to a http.Request. +/*DisconnectUserParams contains all the parameters to send to the API endpoint +for the disconnect user operation typically these are written to a http.Request */ type DisconnectUserParams struct { timeout time.Duration @@ -63,21 +64,6 @@ type DisconnectUserParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the disconnect user params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DisconnectUserParams) WithDefaults() *DisconnectUserParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the disconnect user params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DisconnectUserParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the disconnect user params func (o *DisconnectUserParams) WithTimeout(timeout time.Duration) *DisconnectUserParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/public/disconnect_user_responses.go b/internal/httpclient/client/public/disconnect_user_responses.go index e5a423481dd..cba4856c5ef 100644 --- a/internal/httpclient/client/public/disconnect_user_responses.go +++ b/internal/httpclient/client/public/disconnect_user_responses.go @@ -26,8 +26,9 @@ func (o *DisconnectUserReader) ReadResponse(response runtime.ClientResponse, con return nil, err } return nil, result + default: - return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) + return nil, runtime.NewAPIError("unknown error", response, response.Code()) } } @@ -36,9 +37,9 @@ func NewDisconnectUserFound() *DisconnectUserFound { return &DisconnectUserFound{} } -/* DisconnectUserFound describes a response with status code 302, with default header values. +/*DisconnectUserFound handles this case with default header values. - Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is +Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is typically 201. */ type DisconnectUserFound struct { diff --git a/internal/httpclient/client/public/discover_open_id_configuration_parameters.go b/internal/httpclient/client/public/discover_open_id_configuration_parameters.go index 93ff41bb9a5..db24ed1492a 100644 --- a/internal/httpclient/client/public/discover_open_id_configuration_parameters.go +++ b/internal/httpclient/client/public/discover_open_id_configuration_parameters.go @@ -16,46 +16,47 @@ import ( "github.com/go-openapi/strfmt" ) -// NewDiscoverOpenIDConfigurationParams creates a new DiscoverOpenIDConfigurationParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewDiscoverOpenIDConfigurationParams creates a new DiscoverOpenIDConfigurationParams object +// with the default values initialized. func NewDiscoverOpenIDConfigurationParams() *DiscoverOpenIDConfigurationParams { + return &DiscoverOpenIDConfigurationParams{ + timeout: cr.DefaultTimeout, } } // NewDiscoverOpenIDConfigurationParamsWithTimeout creates a new DiscoverOpenIDConfigurationParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewDiscoverOpenIDConfigurationParamsWithTimeout(timeout time.Duration) *DiscoverOpenIDConfigurationParams { + return &DiscoverOpenIDConfigurationParams{ + timeout: timeout, } } // NewDiscoverOpenIDConfigurationParamsWithContext creates a new DiscoverOpenIDConfigurationParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewDiscoverOpenIDConfigurationParamsWithContext(ctx context.Context) *DiscoverOpenIDConfigurationParams { + return &DiscoverOpenIDConfigurationParams{ + Context: ctx, } } // NewDiscoverOpenIDConfigurationParamsWithHTTPClient creates a new DiscoverOpenIDConfigurationParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewDiscoverOpenIDConfigurationParamsWithHTTPClient(client *http.Client) *DiscoverOpenIDConfigurationParams { + return &DiscoverOpenIDConfigurationParams{ HTTPClient: client, } } -/* DiscoverOpenIDConfigurationParams contains all the parameters to send to the API endpoint - for the discover open ID configuration operation. - - Typically these are written to a http.Request. +/*DiscoverOpenIDConfigurationParams contains all the parameters to send to the API endpoint +for the discover open ID configuration operation typically these are written to a http.Request */ type DiscoverOpenIDConfigurationParams struct { timeout time.Duration @@ -63,21 +64,6 @@ type DiscoverOpenIDConfigurationParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the discover open ID configuration params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DiscoverOpenIDConfigurationParams) WithDefaults() *DiscoverOpenIDConfigurationParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the discover open ID configuration params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *DiscoverOpenIDConfigurationParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the discover open ID configuration params func (o *DiscoverOpenIDConfigurationParams) WithTimeout(timeout time.Duration) *DiscoverOpenIDConfigurationParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/public/is_instance_ready_parameters.go b/internal/httpclient/client/public/is_instance_ready_parameters.go index 1d00d0188ae..b6ae09dcfd3 100644 --- a/internal/httpclient/client/public/is_instance_ready_parameters.go +++ b/internal/httpclient/client/public/is_instance_ready_parameters.go @@ -16,46 +16,47 @@ import ( "github.com/go-openapi/strfmt" ) -// NewIsInstanceReadyParams creates a new IsInstanceReadyParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewIsInstanceReadyParams creates a new IsInstanceReadyParams object +// with the default values initialized. func NewIsInstanceReadyParams() *IsInstanceReadyParams { + return &IsInstanceReadyParams{ + timeout: cr.DefaultTimeout, } } // NewIsInstanceReadyParamsWithTimeout creates a new IsInstanceReadyParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewIsInstanceReadyParamsWithTimeout(timeout time.Duration) *IsInstanceReadyParams { + return &IsInstanceReadyParams{ + timeout: timeout, } } // NewIsInstanceReadyParamsWithContext creates a new IsInstanceReadyParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewIsInstanceReadyParamsWithContext(ctx context.Context) *IsInstanceReadyParams { + return &IsInstanceReadyParams{ + Context: ctx, } } // NewIsInstanceReadyParamsWithHTTPClient creates a new IsInstanceReadyParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewIsInstanceReadyParamsWithHTTPClient(client *http.Client) *IsInstanceReadyParams { + return &IsInstanceReadyParams{ HTTPClient: client, } } -/* IsInstanceReadyParams contains all the parameters to send to the API endpoint - for the is instance ready operation. - - Typically these are written to a http.Request. +/*IsInstanceReadyParams contains all the parameters to send to the API endpoint +for the is instance ready operation typically these are written to a http.Request */ type IsInstanceReadyParams struct { timeout time.Duration @@ -63,21 +64,6 @@ type IsInstanceReadyParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the is instance ready params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *IsInstanceReadyParams) WithDefaults() *IsInstanceReadyParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the is instance ready params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *IsInstanceReadyParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the is instance ready params func (o *IsInstanceReadyParams) WithTimeout(timeout time.Duration) *IsInstanceReadyParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/public/is_instance_ready_responses.go b/internal/httpclient/client/public/is_instance_ready_responses.go index e09081bd45b..2739bb4c847 100644 --- a/internal/httpclient/client/public/is_instance_ready_responses.go +++ b/internal/httpclient/client/public/is_instance_ready_responses.go @@ -35,8 +35,9 @@ func (o *IsInstanceReadyReader) ReadResponse(response runtime.ClientResponse, co return nil, err } return nil, result + default: - return nil, runtime.NewAPIError("response status code does not match any response statuses defined for this endpoint in the swagger spec", response, response.Code()) + return nil, runtime.NewAPIError("unknown error", response, response.Code()) } } @@ -45,7 +46,7 @@ func NewIsInstanceReadyOK() *IsInstanceReadyOK { return &IsInstanceReadyOK{} } -/* IsInstanceReadyOK describes a response with status code 200, with default header values. +/*IsInstanceReadyOK handles this case with default header values. healthStatus */ @@ -56,6 +57,7 @@ type IsInstanceReadyOK struct { func (o *IsInstanceReadyOK) Error() string { return fmt.Sprintf("[GET /health/ready][%d] isInstanceReadyOK %+v", 200, o.Payload) } + func (o *IsInstanceReadyOK) GetPayload() *models.HealthStatus { return o.Payload } @@ -77,7 +79,7 @@ func NewIsInstanceReadyServiceUnavailable() *IsInstanceReadyServiceUnavailable { return &IsInstanceReadyServiceUnavailable{} } -/* IsInstanceReadyServiceUnavailable describes a response with status code 503, with default header values. +/*IsInstanceReadyServiceUnavailable handles this case with default header values. healthNotReadyStatus */ @@ -88,6 +90,7 @@ type IsInstanceReadyServiceUnavailable struct { func (o *IsInstanceReadyServiceUnavailable) Error() string { return fmt.Sprintf("[GET /health/ready][%d] isInstanceReadyServiceUnavailable %+v", 503, o.Payload) } + func (o *IsInstanceReadyServiceUnavailable) GetPayload() *models.HealthNotReadyStatus { return o.Payload } diff --git a/internal/httpclient/client/public/oauth2_token_parameters.go b/internal/httpclient/client/public/oauth2_token_parameters.go index c67d2e921e3..6acc0424a20 100644 --- a/internal/httpclient/client/public/oauth2_token_parameters.go +++ b/internal/httpclient/client/public/oauth2_token_parameters.go @@ -16,62 +16,59 @@ import ( "github.com/go-openapi/strfmt" ) -// NewOauth2TokenParams creates a new Oauth2TokenParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewOauth2TokenParams creates a new Oauth2TokenParams object +// with the default values initialized. func NewOauth2TokenParams() *Oauth2TokenParams { + var () return &Oauth2TokenParams{ + timeout: cr.DefaultTimeout, } } // NewOauth2TokenParamsWithTimeout creates a new Oauth2TokenParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewOauth2TokenParamsWithTimeout(timeout time.Duration) *Oauth2TokenParams { + var () return &Oauth2TokenParams{ + timeout: timeout, } } // NewOauth2TokenParamsWithContext creates a new Oauth2TokenParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewOauth2TokenParamsWithContext(ctx context.Context) *Oauth2TokenParams { + var () return &Oauth2TokenParams{ + Context: ctx, } } // NewOauth2TokenParamsWithHTTPClient creates a new Oauth2TokenParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewOauth2TokenParamsWithHTTPClient(client *http.Client) *Oauth2TokenParams { + var () return &Oauth2TokenParams{ HTTPClient: client, } } -/* Oauth2TokenParams contains all the parameters to send to the API endpoint - for the oauth2 token operation. - - Typically these are written to a http.Request. +/*Oauth2TokenParams contains all the parameters to send to the API endpoint +for the oauth2 token operation typically these are written to a http.Request */ type Oauth2TokenParams struct { - // ClientID. + /*ClientID*/ ClientID *string - - // Code. + /*Code*/ Code *string - - // GrantType. + /*GrantType*/ GrantType string - - // RedirectURI. + /*RedirectURI*/ RedirectURI *string - - // RefreshToken. + /*RefreshToken*/ RefreshToken *string timeout time.Duration @@ -79,21 +76,6 @@ type Oauth2TokenParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the oauth2 token params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *Oauth2TokenParams) WithDefaults() *Oauth2TokenParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the oauth2 token params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *Oauth2TokenParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the oauth2 token params func (o *Oauth2TokenParams) WithTimeout(timeout time.Duration) *Oauth2TokenParams { o.SetTimeout(timeout) @@ -203,6 +185,7 @@ func (o *Oauth2TokenParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.R return err } } + } if o.Code != nil { @@ -218,6 +201,7 @@ func (o *Oauth2TokenParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.R return err } } + } // form param grant_type @@ -242,6 +226,7 @@ func (o *Oauth2TokenParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.R return err } } + } if o.RefreshToken != nil { @@ -257,6 +242,7 @@ func (o *Oauth2TokenParams) WriteToRequest(r runtime.ClientRequest, reg strfmt.R return err } } + } if len(res) > 0 { diff --git a/internal/httpclient/client/public/oauth_auth_parameters.go b/internal/httpclient/client/public/oauth_auth_parameters.go index 46f21005985..4476b6a7414 100644 --- a/internal/httpclient/client/public/oauth_auth_parameters.go +++ b/internal/httpclient/client/public/oauth_auth_parameters.go @@ -16,46 +16,47 @@ import ( "github.com/go-openapi/strfmt" ) -// NewOauthAuthParams creates a new OauthAuthParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewOauthAuthParams creates a new OauthAuthParams object +// with the default values initialized. func NewOauthAuthParams() *OauthAuthParams { + return &OauthAuthParams{ + timeout: cr.DefaultTimeout, } } // NewOauthAuthParamsWithTimeout creates a new OauthAuthParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewOauthAuthParamsWithTimeout(timeout time.Duration) *OauthAuthParams { + return &OauthAuthParams{ + timeout: timeout, } } // NewOauthAuthParamsWithContext creates a new OauthAuthParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewOauthAuthParamsWithContext(ctx context.Context) *OauthAuthParams { + return &OauthAuthParams{ + Context: ctx, } } // NewOauthAuthParamsWithHTTPClient creates a new OauthAuthParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewOauthAuthParamsWithHTTPClient(client *http.Client) *OauthAuthParams { + return &OauthAuthParams{ HTTPClient: client, } } -/* OauthAuthParams contains all the parameters to send to the API endpoint - for the oauth auth operation. - - Typically these are written to a http.Request. +/*OauthAuthParams contains all the parameters to send to the API endpoint +for the oauth auth operation typically these are written to a http.Request */ type OauthAuthParams struct { timeout time.Duration @@ -63,21 +64,6 @@ type OauthAuthParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the oauth auth params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *OauthAuthParams) WithDefaults() *OauthAuthParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the oauth auth params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *OauthAuthParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the oauth auth params func (o *OauthAuthParams) WithTimeout(timeout time.Duration) *OauthAuthParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/public/revoke_o_auth2_token_parameters.go b/internal/httpclient/client/public/revoke_o_auth2_token_parameters.go index 8a67b4b2903..782c6be73b8 100644 --- a/internal/httpclient/client/public/revoke_o_auth2_token_parameters.go +++ b/internal/httpclient/client/public/revoke_o_auth2_token_parameters.go @@ -16,50 +16,51 @@ import ( "github.com/go-openapi/strfmt" ) -// NewRevokeOAuth2TokenParams creates a new RevokeOAuth2TokenParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewRevokeOAuth2TokenParams creates a new RevokeOAuth2TokenParams object +// with the default values initialized. func NewRevokeOAuth2TokenParams() *RevokeOAuth2TokenParams { + var () return &RevokeOAuth2TokenParams{ + timeout: cr.DefaultTimeout, } } // NewRevokeOAuth2TokenParamsWithTimeout creates a new RevokeOAuth2TokenParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewRevokeOAuth2TokenParamsWithTimeout(timeout time.Duration) *RevokeOAuth2TokenParams { + var () return &RevokeOAuth2TokenParams{ + timeout: timeout, } } // NewRevokeOAuth2TokenParamsWithContext creates a new RevokeOAuth2TokenParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewRevokeOAuth2TokenParamsWithContext(ctx context.Context) *RevokeOAuth2TokenParams { + var () return &RevokeOAuth2TokenParams{ + Context: ctx, } } // NewRevokeOAuth2TokenParamsWithHTTPClient creates a new RevokeOAuth2TokenParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewRevokeOAuth2TokenParamsWithHTTPClient(client *http.Client) *RevokeOAuth2TokenParams { + var () return &RevokeOAuth2TokenParams{ HTTPClient: client, } } -/* RevokeOAuth2TokenParams contains all the parameters to send to the API endpoint - for the revoke o auth2 token operation. - - Typically these are written to a http.Request. +/*RevokeOAuth2TokenParams contains all the parameters to send to the API endpoint +for the revoke o auth2 token operation typically these are written to a http.Request */ type RevokeOAuth2TokenParams struct { - // Token. + /*Token*/ Token string timeout time.Duration @@ -67,21 +68,6 @@ type RevokeOAuth2TokenParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the revoke o auth2 token params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *RevokeOAuth2TokenParams) WithDefaults() *RevokeOAuth2TokenParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the revoke o auth2 token params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *RevokeOAuth2TokenParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the revoke o auth2 token params func (o *RevokeOAuth2TokenParams) WithTimeout(timeout time.Duration) *RevokeOAuth2TokenParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/public/userinfo_parameters.go b/internal/httpclient/client/public/userinfo_parameters.go index 03b3ad50f4b..f9028b8ec43 100644 --- a/internal/httpclient/client/public/userinfo_parameters.go +++ b/internal/httpclient/client/public/userinfo_parameters.go @@ -16,46 +16,47 @@ import ( "github.com/go-openapi/strfmt" ) -// NewUserinfoParams creates a new UserinfoParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewUserinfoParams creates a new UserinfoParams object +// with the default values initialized. func NewUserinfoParams() *UserinfoParams { + return &UserinfoParams{ + timeout: cr.DefaultTimeout, } } // NewUserinfoParamsWithTimeout creates a new UserinfoParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewUserinfoParamsWithTimeout(timeout time.Duration) *UserinfoParams { + return &UserinfoParams{ + timeout: timeout, } } // NewUserinfoParamsWithContext creates a new UserinfoParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewUserinfoParamsWithContext(ctx context.Context) *UserinfoParams { + return &UserinfoParams{ + Context: ctx, } } // NewUserinfoParamsWithHTTPClient creates a new UserinfoParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewUserinfoParamsWithHTTPClient(client *http.Client) *UserinfoParams { + return &UserinfoParams{ HTTPClient: client, } } -/* UserinfoParams contains all the parameters to send to the API endpoint - for the userinfo operation. - - Typically these are written to a http.Request. +/*UserinfoParams contains all the parameters to send to the API endpoint +for the userinfo operation typically these are written to a http.Request */ type UserinfoParams struct { timeout time.Duration @@ -63,21 +64,6 @@ type UserinfoParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the userinfo params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *UserinfoParams) WithDefaults() *UserinfoParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the userinfo params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *UserinfoParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the userinfo params func (o *UserinfoParams) WithTimeout(timeout time.Duration) *UserinfoParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/client/public/well_known_parameters.go b/internal/httpclient/client/public/well_known_parameters.go index b9b34518e5b..206f42be2d7 100644 --- a/internal/httpclient/client/public/well_known_parameters.go +++ b/internal/httpclient/client/public/well_known_parameters.go @@ -16,46 +16,47 @@ import ( "github.com/go-openapi/strfmt" ) -// NewWellKnownParams creates a new WellKnownParams object, -// with the default timeout for this client. -// -// Default values are not hydrated, since defaults are normally applied by the API server side. -// -// To enforce default values in parameter, use SetDefaults or WithDefaults. +// NewWellKnownParams creates a new WellKnownParams object +// with the default values initialized. func NewWellKnownParams() *WellKnownParams { + return &WellKnownParams{ + timeout: cr.DefaultTimeout, } } // NewWellKnownParamsWithTimeout creates a new WellKnownParams object -// with the ability to set a timeout on a request. +// with the default values initialized, and the ability to set a timeout on a request func NewWellKnownParamsWithTimeout(timeout time.Duration) *WellKnownParams { + return &WellKnownParams{ + timeout: timeout, } } // NewWellKnownParamsWithContext creates a new WellKnownParams object -// with the ability to set a context for a request. +// with the default values initialized, and the ability to set a context for a request func NewWellKnownParamsWithContext(ctx context.Context) *WellKnownParams { + return &WellKnownParams{ + Context: ctx, } } // NewWellKnownParamsWithHTTPClient creates a new WellKnownParams object -// with the ability to set a custom HTTPClient for a request. +// with the default values initialized, and the ability to set a custom HTTPClient for a request func NewWellKnownParamsWithHTTPClient(client *http.Client) *WellKnownParams { + return &WellKnownParams{ HTTPClient: client, } } -/* WellKnownParams contains all the parameters to send to the API endpoint - for the well known operation. - - Typically these are written to a http.Request. +/*WellKnownParams contains all the parameters to send to the API endpoint +for the well known operation typically these are written to a http.Request */ type WellKnownParams struct { timeout time.Duration @@ -63,21 +64,6 @@ type WellKnownParams struct { HTTPClient *http.Client } -// WithDefaults hydrates default values in the well known params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *WellKnownParams) WithDefaults() *WellKnownParams { - o.SetDefaults() - return o -} - -// SetDefaults hydrates default values in the well known params (not the query body). -// -// All values with no default are reset to their zero value. -func (o *WellKnownParams) SetDefaults() { - // no default values defined for this parameter -} - // WithTimeout adds the timeout to the well known params func (o *WellKnownParams) WithTimeout(timeout time.Duration) *WellKnownParams { o.SetTimeout(timeout) diff --git a/internal/httpclient/models/accept_consent_request.go b/internal/httpclient/models/accept_consent_request.go index 2d2123225fa..89d31c9c64a 100644 --- a/internal/httpclient/models/accept_consent_request.go +++ b/internal/httpclient/models/accept_consent_request.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -67,6 +65,7 @@ func (m *AcceptConsentRequest) Validate(formats strfmt.Registry) error { } func (m *AcceptConsentRequest) validateGrantAccessTokenAudience(formats strfmt.Registry) error { + if swag.IsZero(m.GrantAccessTokenAudience) { // not required return nil } @@ -82,6 +81,7 @@ func (m *AcceptConsentRequest) validateGrantAccessTokenAudience(formats strfmt.R } func (m *AcceptConsentRequest) validateGrantScope(formats strfmt.Registry) error { + if swag.IsZero(m.GrantScope) { // not required return nil } @@ -97,6 +97,7 @@ func (m *AcceptConsentRequest) validateGrantScope(formats strfmt.Registry) error } func (m *AcceptConsentRequest) validateHandledAt(formats strfmt.Registry) error { + if swag.IsZero(m.HandledAt) { // not required return nil } @@ -112,6 +113,7 @@ func (m *AcceptConsentRequest) validateHandledAt(formats strfmt.Registry) error } func (m *AcceptConsentRequest) validateSession(formats strfmt.Registry) error { + if swag.IsZero(m.Session) { // not required return nil } @@ -128,82 +130,6 @@ func (m *AcceptConsentRequest) validateSession(formats strfmt.Registry) error { return nil } -// ContextValidate validate this accept consent request based on the context it is used -func (m *AcceptConsentRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidateGrantAccessTokenAudience(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateGrantScope(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateHandledAt(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateSession(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *AcceptConsentRequest) contextValidateGrantAccessTokenAudience(ctx context.Context, formats strfmt.Registry) error { - - if err := m.GrantAccessTokenAudience.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("grant_access_token_audience") - } - return err - } - - return nil -} - -func (m *AcceptConsentRequest) contextValidateGrantScope(ctx context.Context, formats strfmt.Registry) error { - - if err := m.GrantScope.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("grant_scope") - } - return err - } - - return nil -} - -func (m *AcceptConsentRequest) contextValidateHandledAt(ctx context.Context, formats strfmt.Registry) error { - - if err := m.HandledAt.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("handled_at") - } - return err - } - - return nil -} - -func (m *AcceptConsentRequest) contextValidateSession(ctx context.Context, formats strfmt.Registry) error { - - if m.Session != nil { - if err := m.Session.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("session") - } - return err - } - } - - return nil -} - // MarshalBinary interface implementation func (m *AcceptConsentRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/accept_login_request.go b/internal/httpclient/models/accept_login_request.go index 55d0afbea5f..4eae3c7ccc3 100644 --- a/internal/httpclient/models/accept_login_request.go +++ b/internal/httpclient/models/accept_login_request.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -82,11 +80,6 @@ func (m *AcceptLoginRequest) validateSubject(formats strfmt.Registry) error { return nil } -// ContextValidate validates this accept login request based on context it is used -func (m *AcceptLoginRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *AcceptLoginRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/completed_request.go b/internal/httpclient/models/completed_request.go index 2878fd455ba..ea54e898220 100644 --- a/internal/httpclient/models/completed_request.go +++ b/internal/httpclient/models/completed_request.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -47,11 +45,6 @@ func (m *CompletedRequest) validateRedirectTo(formats strfmt.Registry) error { return nil } -// ContextValidate validates this completed request based on context it is used -func (m *CompletedRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *CompletedRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/consent_request.go b/internal/httpclient/models/consent_request.go index c048fbbdcfe..64498026133 100644 --- a/internal/httpclient/models/consent_request.go +++ b/internal/httpclient/models/consent_request.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -108,6 +106,7 @@ func (m *ConsentRequest) validateChallenge(formats strfmt.Registry) error { } func (m *ConsentRequest) validateClient(formats strfmt.Registry) error { + if swag.IsZero(m.Client) { // not required return nil } @@ -125,6 +124,7 @@ func (m *ConsentRequest) validateClient(formats strfmt.Registry) error { } func (m *ConsentRequest) validateOidcContext(formats strfmt.Registry) error { + if swag.IsZero(m.OidcContext) { // not required return nil } @@ -142,6 +142,7 @@ func (m *ConsentRequest) validateOidcContext(formats strfmt.Registry) error { } func (m *ConsentRequest) validateRequestedAccessTokenAudience(formats strfmt.Registry) error { + if swag.IsZero(m.RequestedAccessTokenAudience) { // not required return nil } @@ -157,6 +158,7 @@ func (m *ConsentRequest) validateRequestedAccessTokenAudience(formats strfmt.Reg } func (m *ConsentRequest) validateRequestedScope(formats strfmt.Registry) error { + if swag.IsZero(m.RequestedScope) { // not required return nil } @@ -171,84 +173,6 @@ func (m *ConsentRequest) validateRequestedScope(formats strfmt.Registry) error { return nil } -// ContextValidate validate this consent request based on the context it is used -func (m *ConsentRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidateClient(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateOidcContext(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateRequestedAccessTokenAudience(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateRequestedScope(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *ConsentRequest) contextValidateClient(ctx context.Context, formats strfmt.Registry) error { - - if m.Client != nil { - if err := m.Client.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("client") - } - return err - } - } - - return nil -} - -func (m *ConsentRequest) contextValidateOidcContext(ctx context.Context, formats strfmt.Registry) error { - - if m.OidcContext != nil { - if err := m.OidcContext.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("oidc_context") - } - return err - } - } - - return nil -} - -func (m *ConsentRequest) contextValidateRequestedAccessTokenAudience(ctx context.Context, formats strfmt.Registry) error { - - if err := m.RequestedAccessTokenAudience.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("requested_access_token_audience") - } - return err - } - - return nil -} - -func (m *ConsentRequest) contextValidateRequestedScope(ctx context.Context, formats strfmt.Registry) error { - - if err := m.RequestedScope.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("requested_scope") - } - return err - } - - return nil -} - // MarshalBinary interface implementation func (m *ConsentRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/consent_request_session.go b/internal/httpclient/models/consent_request_session.go index eaab7a24543..0cd2ae45dac 100644 --- a/internal/httpclient/models/consent_request_session.go +++ b/internal/httpclient/models/consent_request_session.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -33,11 +31,6 @@ func (m *ConsentRequestSession) Validate(formats strfmt.Registry) error { return nil } -// ContextValidate validates this consent request session based on context it is used -func (m *ConsentRequestSession) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *ConsentRequestSession) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/container_wait_o_k_body_error.go b/internal/httpclient/models/container_wait_o_k_body_error.go index 70637b4ce65..cc8113bb2a5 100644 --- a/internal/httpclient/models/container_wait_o_k_body_error.go +++ b/internal/httpclient/models/container_wait_o_k_body_error.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -26,11 +24,6 @@ func (m *ContainerWaitOKBodyError) Validate(formats strfmt.Registry) error { return nil } -// ContextValidate validates this container wait o k body error based on context it is used -func (m *ContainerWaitOKBodyError) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *ContainerWaitOKBodyError) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/flush_inactive_jwt_bearer_grants_params.go b/internal/httpclient/models/flush_inactive_jwt_bearer_grants_params.go index 1a9b09da7ad..9c5e6908766 100644 --- a/internal/httpclient/models/flush_inactive_jwt_bearer_grants_params.go +++ b/internal/httpclient/models/flush_inactive_jwt_bearer_grants_params.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -40,6 +38,7 @@ func (m *FlushInactiveJwtBearerGrantsParams) Validate(formats strfmt.Registry) e } func (m *FlushInactiveJwtBearerGrantsParams) validateNotAfter(formats strfmt.Registry) error { + if swag.IsZero(m.NotAfter) { // not required return nil } @@ -51,11 +50,6 @@ func (m *FlushInactiveJwtBearerGrantsParams) validateNotAfter(formats strfmt.Reg return nil } -// ContextValidate validates this flush inactive jwt bearer grants params based on context it is used -func (m *FlushInactiveJwtBearerGrantsParams) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *FlushInactiveJwtBearerGrantsParams) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/flush_inactive_o_auth2_tokens_request.go b/internal/httpclient/models/flush_inactive_o_auth2_tokens_request.go index 42c82eff485..6bd161403a9 100644 --- a/internal/httpclient/models/flush_inactive_o_auth2_tokens_request.go +++ b/internal/httpclient/models/flush_inactive_o_auth2_tokens_request.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -40,6 +38,7 @@ func (m *FlushInactiveOAuth2TokensRequest) Validate(formats strfmt.Registry) err } func (m *FlushInactiveOAuth2TokensRequest) validateNotAfter(formats strfmt.Registry) error { + if swag.IsZero(m.NotAfter) { // not required return nil } @@ -51,11 +50,6 @@ func (m *FlushInactiveOAuth2TokensRequest) validateNotAfter(formats strfmt.Regis return nil } -// ContextValidate validates this flush inactive o auth2 tokens request based on context it is used -func (m *FlushInactiveOAuth2TokensRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *FlushInactiveOAuth2TokensRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/generic_error.go b/internal/httpclient/models/generic_error.go new file mode 100644 index 00000000000..8033e159a2e --- /dev/null +++ b/internal/httpclient/models/generic_error.go @@ -0,0 +1,90 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "github.com/go-openapi/errors" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" + "github.com/go-openapi/validate" +) + +// GenericError generic error +// +// swagger:model genericError +type GenericError struct { + + // The status code + Code int64 `json:"code,omitempty"` + + // Debug information + // + // This field is often not exposed to protect against leaking + // sensitive information. + Debug string `json:"debug,omitempty"` + + // Further error details + Details interface{} `json:"details,omitempty"` + + // Error message + // + // The error's message. + // Required: true + Message *string `json:"message"` + + // A human-readable reason for the error + Reason string `json:"reason,omitempty"` + + // The request ID + // + // The request ID is often exposed internally in order to trace + // errors across service architectures. This is often a UUID. + Request string `json:"request,omitempty"` + + // The status description + Status string `json:"status,omitempty"` +} + +// Validate validates this generic error +func (m *GenericError) Validate(formats strfmt.Registry) error { + var res []error + + if err := m.validateMessage(formats); err != nil { + res = append(res, err) + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} + +func (m *GenericError) validateMessage(formats strfmt.Registry) error { + + if err := validate.Required("message", "body", m.Message); err != nil { + return err + } + + return nil +} + +// MarshalBinary interface implementation +func (m *GenericError) MarshalBinary() ([]byte, error) { + if m == nil { + return nil, nil + } + return swag.WriteJSON(m) +} + +// UnmarshalBinary interface implementation +func (m *GenericError) UnmarshalBinary(b []byte) error { + var res GenericError + if err := swag.ReadJSON(b, &res); err != nil { + return err + } + *m = res + return nil +} diff --git a/internal/httpclient/models/health_not_ready_status.go b/internal/httpclient/models/health_not_ready_status.go index bab6d3873e8..64626783ed4 100644 --- a/internal/httpclient/models/health_not_ready_status.go +++ b/internal/httpclient/models/health_not_ready_status.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -26,11 +24,6 @@ func (m *HealthNotReadyStatus) Validate(formats strfmt.Registry) error { return nil } -// ContextValidate validates this health not ready status based on context it is used -func (m *HealthNotReadyStatus) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *HealthNotReadyStatus) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/health_status.go b/internal/httpclient/models/health_status.go index 5525dbc20ea..60ba32416b0 100644 --- a/internal/httpclient/models/health_status.go +++ b/internal/httpclient/models/health_status.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -26,11 +24,6 @@ func (m *HealthStatus) Validate(formats strfmt.Registry) error { return nil } -// ContextValidate validates this health status based on context it is used -func (m *HealthStatus) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *HealthStatus) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/json_web_key.go b/internal/httpclient/models/json_web_key.go index 53f9bca2f92..737cde8d02d 100644 --- a/internal/httpclient/models/json_web_key.go +++ b/internal/httpclient/models/json_web_key.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -26,32 +24,25 @@ type JSONWebKey struct { // IANA "JSON Web Signature and Encryption Algorithms" registry // established by [JWA] or be a value that contains a Collision- // Resistant Name. - // Example: RS256 // Required: true Alg *string `json:"alg"` // crv - // Example: P-256 Crv string `json:"crv,omitempty"` // d - // Example: T_N8I-6He3M8a7X1vWt6TGIx4xB_GP3Mb4SsZSA4v-orvJzzRiQhLlRR81naWYxfQAYt5isDI6_C2L9bdWo4FFPjGQFvNoRX-_sBJyBI_rl-TBgsZYoUlAj3J92WmY2inbA-PwyJfsaIIDceYBC-eX-xiCu6qMqkZi3MwQAFL6bMdPEM0z4JBcwFT3VdiWAIRUuACWQwrXMq672x7fMuaIaHi7XDGgt1ith23CLfaREmJku9PQcchbt_uEY-hqrFY6ntTtS4paWWQj86xLL94S-Tf6v6xkL918PfLSOTq6XCzxvlFwzBJqApnAhbwqLjpPhgUG04EDRrqrSBc5Y1BLevn6Ip5h1AhessBp3wLkQgz_roeckt-ybvzKTjESMuagnpqLvOT7Y9veIug2MwPJZI2VjczRc1vzMs25XrFQ8DpUy-bNdp89TmvAXwctUMiJdgHloJw23Cv03gIUAkDnsTqZmkpbIf-crpgNKFmQP_EDKoe8p_PXZZgfbRri3NoEVGP7Mk6yEu8LjJhClhZaBNjuWw2-KlBfOA3g79mhfBnkInee5KO9mGR50qPk1V-MorUYNTFMZIm0kFE6eYVWFBwJHLKYhHU34DoiK1VP-svZpC2uAMFNA_UJEwM9CQ2b8qe4-5e9aywMvwcuArRkAB5mBIfOaOJao3mfukKAE D string `json:"d,omitempty"` // dp - // Example: G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oimYwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_NmtuYZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0 Dp string `json:"dp,omitempty"` // dq - // Example: s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUUvMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk Dq string `json:"dq,omitempty"` // e - // Example: AQAB E string `json:"e,omitempty"` // k - // Example: GawgguFyGrWKav7AX4VKUg K string `json:"k,omitempty"` // The "kid" (key ID) parameter is used to match a specific key. This @@ -63,7 +54,6 @@ type JSONWebKey struct { // they have different "kty" (key type) values but are considered to be // equivalent alternatives by the application using them.) The "kid" // value is a case-sensitive string. - // Example: 1603dfe0af8f4596 // Required: true Kid *string `json:"kid"` @@ -72,36 +62,29 @@ type JSONWebKey struct { // either be registered in the IANA "JSON Web Key Types" registry // established by [JWA] or be a value that contains a Collision- // Resistant Name. The "kty" value is a case-sensitive string. - // Example: RSA // Required: true Kty *string `json:"kty"` // n - // Example: vTqrxUyQPl_20aqf5kXHwDZrel-KovIp8s7ewJod2EXHl8tWlRB3_Rem34KwBfqlKQGp1nqah-51H4Jzruqe0cFP58hPEIt6WqrvnmJCXxnNuIB53iX_uUUXXHDHBeaPCSRoNJzNysjoJ30TIUsKBiirhBa7f235PXbKiHducLevV6PcKxJ5cY8zO286qJLBWSPm-OIevwqsIsSIH44Qtm9sioFikhkbLwoqwWORGAY0nl6XvVOlhADdLjBSqSAeT1FPuCDCnXwzCDR8N9IFB_IjdStFkC-rVt2K5BYfPd0c3yFp_vHR15eRd0zJ8XQ7woBC8Vnsac6Et1pKS59pX6256DPWu8UDdEOolKAPgcd_g2NpA76cAaF_jcT80j9KrEzw8Tv0nJBGesuCjPNjGs_KzdkWTUXt23Hn9QJsdc1MZuaW0iqXBepHYfYoqNelzVte117t4BwVp0kUM6we0IqyXClaZgOI8S-WDBw2_Ovdm8e5NmhYAblEVoygcX8Y46oH6bKiaCQfKCFDMcRgChme7AoE1yZZYsPbaG_3IjPrC4LBMHQw8rM9dWjJ8ImjicvZ1pAm0dx-KHCP3y5PVKrxBDf1zSOsBRkOSjB8TPODnJMz6-jd5hTtZxpZPwPoIdCanTZ3ZD6uRBpTmDwtpRGm63UQs1m5FWPwb0T2IF0 N string `json:"n,omitempty"` // p - // Example: 6NbkXwDWUhi-eR55Cgbf27FkQDDWIamOaDr0rj1q0f1fFEz1W5A_09YvG09Fiv1AO2-D8Rl8gS1Vkz2i0zCSqnyy8A025XOcRviOMK7nIxE4OH_PEsko8dtIrb3TmE2hUXvCkmzw9EsTF1LQBOGC6iusLTXepIC1x9ukCKFZQvdgtEObQ5kzd9Nhq-cdqmSeMVLoxPLd1blviVT9Vm8-y12CtYpeJHOaIDtVPLlBhJiBoPKWg3vxSm4XxIliNOefqegIlsmTIa3MpS6WWlCK3yHhat0Q-rRxDxdyiVdG_wzJvp0Iw_2wms7pe-PgNPYvUWH9JphWP5K38YqEBiJFXQ P string `json:"p,omitempty"` // q - // Example: 0A1FmpOWR91_RAWpqreWSavNaZb9nXeKiBo0DQGBz32DbqKqQ8S4aBJmbRhJcctjCLjain-ivut477tAUMmzJwVJDDq2MZFwC9Q-4VYZmFU4HJityQuSzHYe64RjN-E_NQ02TWhG3QGW6roq6c57c99rrUsETwJJiwS8M5p15Miuz53DaOjv-uqqFAFfywN5WkxHbraBcjHtMiQuyQbQqkCFh-oanHkwYNeytsNhTu2mQmwR5DR2roZ2nPiFjC6nsdk-A7E3S3wMzYYFw7jvbWWoYWo9vB40_MY2Y0FYQSqcDzcBIcq_0tnnasf3VW4Fdx6m80RzOb2Fsnln7vKXAQ Q string `json:"q,omitempty"` // qi - // Example: GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzgUIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rxyR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU Qi string `json:"qi,omitempty"` // Use ("public key use") identifies the intended use of // the public key. The "use" parameter is employed to indicate whether // a public key is used for encrypting data or verifying the signature // on data. Values are commonly "sig" (signature) or "enc" (encryption). - // Example: sig // Required: true Use *string `json:"use"` // x - // Example: f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU X string `json:"x,omitempty"` // The "x5c" (X.509 certificate chain) parameter contains a chain of one @@ -114,7 +97,6 @@ type JSONWebKey struct { X5c []string `json:"x5c"` // y - // Example: x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0 Y string `json:"y,omitempty"` } @@ -180,11 +162,6 @@ func (m *JSONWebKey) validateUse(formats strfmt.Registry) error { return nil } -// ContextValidate validates this JSON web key based on context it is used -func (m *JSONWebKey) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *JSONWebKey) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/json_web_key_set.go b/internal/httpclient/models/json_web_key_set.go index cd57ff03687..87649fa82c9 100644 --- a/internal/httpclient/models/json_web_key_set.go +++ b/internal/httpclient/models/json_web_key_set.go @@ -6,7 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" "strconv" "github.com/go-openapi/errors" @@ -46,6 +45,7 @@ func (m *JSONWebKeySet) Validate(formats strfmt.Registry) error { } func (m *JSONWebKeySet) validateKeys(formats strfmt.Registry) error { + if swag.IsZero(m.Keys) { // not required return nil } @@ -69,38 +69,6 @@ func (m *JSONWebKeySet) validateKeys(formats strfmt.Registry) error { return nil } -// ContextValidate validate this JSON web key set based on the context it is used -func (m *JSONWebKeySet) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidateKeys(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *JSONWebKeySet) contextValidateKeys(ctx context.Context, formats strfmt.Registry) error { - - for i := 0; i < len(m.Keys); i++ { - - if m.Keys[i] != nil { - if err := m.Keys[i].ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("keys" + "." + strconv.Itoa(i)) - } - return err - } - } - - } - - return nil -} - // MarshalBinary interface implementation func (m *JSONWebKeySet) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/json_web_key_set_generator_request.go b/internal/httpclient/models/json_web_key_set_generator_request.go index 3cad47f11d8..37144b9e72b 100644 --- a/internal/httpclient/models/json_web_key_set_generator_request.go +++ b/internal/httpclient/models/json_web_key_set_generator_request.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -84,11 +82,6 @@ func (m *JSONWebKeySetGeneratorRequest) validateUse(formats strfmt.Registry) err return nil } -// ContextValidate validates this json web key set generator request based on context it is used -func (m *JSONWebKeySetGeneratorRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *JSONWebKeySetGeneratorRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/login_request.go b/internal/httpclient/models/login_request.go index 7148d4cfddc..4cf1b2d991b 100644 --- a/internal/httpclient/models/login_request.go +++ b/internal/httpclient/models/login_request.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -135,6 +133,7 @@ func (m *LoginRequest) validateClient(formats strfmt.Registry) error { } func (m *LoginRequest) validateOidcContext(formats strfmt.Registry) error { + if swag.IsZero(m.OidcContext) { // not required return nil } @@ -210,84 +209,6 @@ func (m *LoginRequest) validateSubject(formats strfmt.Registry) error { return nil } -// ContextValidate validate this login request based on the context it is used -func (m *LoginRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidateClient(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateOidcContext(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateRequestedAccessTokenAudience(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateRequestedScope(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *LoginRequest) contextValidateClient(ctx context.Context, formats strfmt.Registry) error { - - if m.Client != nil { - if err := m.Client.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("client") - } - return err - } - } - - return nil -} - -func (m *LoginRequest) contextValidateOidcContext(ctx context.Context, formats strfmt.Registry) error { - - if m.OidcContext != nil { - if err := m.OidcContext.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("oidc_context") - } - return err - } - } - - return nil -} - -func (m *LoginRequest) contextValidateRequestedAccessTokenAudience(ctx context.Context, formats strfmt.Registry) error { - - if err := m.RequestedAccessTokenAudience.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("requested_access_token_audience") - } - return err - } - - return nil -} - -func (m *LoginRequest) contextValidateRequestedScope(ctx context.Context, formats strfmt.Registry) error { - - if err := m.RequestedScope.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("requested_scope") - } - return err - } - - return nil -} - // MarshalBinary interface implementation func (m *LoginRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/logout_request.go b/internal/httpclient/models/logout_request.go index 7450df11727..df025037502 100644 --- a/internal/httpclient/models/logout_request.go +++ b/internal/httpclient/models/logout_request.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -53,6 +51,7 @@ func (m *LogoutRequest) Validate(formats strfmt.Registry) error { } func (m *LogoutRequest) validateClient(formats strfmt.Registry) error { + if swag.IsZero(m.Client) { // not required return nil } @@ -69,34 +68,6 @@ func (m *LogoutRequest) validateClient(formats strfmt.Registry) error { return nil } -// ContextValidate validate this logout request based on the context it is used -func (m *LogoutRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidateClient(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *LogoutRequest) contextValidateClient(ctx context.Context, formats strfmt.Registry) error { - - if m.Client != nil { - if err := m.Client.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("client") - } - return err - } - } - - return nil -} - // MarshalBinary interface implementation func (m *LogoutRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/null_time.go b/internal/httpclient/models/null_time.go index 46130d04b0b..8e2e60607ff 100644 --- a/internal/httpclient/models/null_time.go +++ b/internal/httpclient/models/null_time.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -43,11 +41,6 @@ func (m NullTime) Validate(formats strfmt.Registry) error { return nil } -// ContextValidate validates this null time based on context it is used -func (m NullTime) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *NullTime) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/o_auth2_client.go b/internal/httpclient/models/o_auth2_client.go index f625d8421ec..0324fb28bef 100644 --- a/internal/httpclient/models/o_auth2_client.go +++ b/internal/httpclient/models/o_auth2_client.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -215,6 +213,7 @@ func (m *OAuth2Client) Validate(formats strfmt.Registry) error { } func (m *OAuth2Client) validateAllowedCorsOrigins(formats strfmt.Registry) error { + if swag.IsZero(m.AllowedCorsOrigins) { // not required return nil } @@ -230,6 +229,7 @@ func (m *OAuth2Client) validateAllowedCorsOrigins(formats strfmt.Registry) error } func (m *OAuth2Client) validateAudience(formats strfmt.Registry) error { + if swag.IsZero(m.Audience) { // not required return nil } @@ -245,6 +245,7 @@ func (m *OAuth2Client) validateAudience(formats strfmt.Registry) error { } func (m *OAuth2Client) validateContacts(formats strfmt.Registry) error { + if swag.IsZero(m.Contacts) { // not required return nil } @@ -260,6 +261,7 @@ func (m *OAuth2Client) validateContacts(formats strfmt.Registry) error { } func (m *OAuth2Client) validateCreatedAt(formats strfmt.Registry) error { + if swag.IsZero(m.CreatedAt) { // not required return nil } @@ -272,6 +274,7 @@ func (m *OAuth2Client) validateCreatedAt(formats strfmt.Registry) error { } func (m *OAuth2Client) validateGrantTypes(formats strfmt.Registry) error { + if swag.IsZero(m.GrantTypes) { // not required return nil } @@ -287,6 +290,7 @@ func (m *OAuth2Client) validateGrantTypes(formats strfmt.Registry) error { } func (m *OAuth2Client) validatePostLogoutRedirectUris(formats strfmt.Registry) error { + if swag.IsZero(m.PostLogoutRedirectUris) { // not required return nil } @@ -302,6 +306,7 @@ func (m *OAuth2Client) validatePostLogoutRedirectUris(formats strfmt.Registry) e } func (m *OAuth2Client) validateRedirectUris(formats strfmt.Registry) error { + if swag.IsZero(m.RedirectUris) { // not required return nil } @@ -317,6 +322,7 @@ func (m *OAuth2Client) validateRedirectUris(formats strfmt.Registry) error { } func (m *OAuth2Client) validateRequestUris(formats strfmt.Registry) error { + if swag.IsZero(m.RequestUris) { // not required return nil } @@ -332,6 +338,7 @@ func (m *OAuth2Client) validateRequestUris(formats strfmt.Registry) error { } func (m *OAuth2Client) validateResponseTypes(formats strfmt.Registry) error { + if swag.IsZero(m.ResponseTypes) { // not required return nil } @@ -347,11 +354,12 @@ func (m *OAuth2Client) validateResponseTypes(formats strfmt.Registry) error { } func (m *OAuth2Client) validateScope(formats strfmt.Registry) error { + if swag.IsZero(m.Scope) { // not required return nil } - if err := validate.Pattern("scope", "body", m.Scope, `([a-zA-Z0-9\.\*]+\s?)+`); err != nil { + if err := validate.Pattern("scope", "body", string(m.Scope), `([a-zA-Z0-9\.\*]+\s?)+`); err != nil { return err } @@ -359,6 +367,7 @@ func (m *OAuth2Client) validateScope(formats strfmt.Registry) error { } func (m *OAuth2Client) validateUpdatedAt(formats strfmt.Registry) error { + if swag.IsZero(m.UpdatedAt) { // not required return nil } @@ -370,144 +379,6 @@ func (m *OAuth2Client) validateUpdatedAt(formats strfmt.Registry) error { return nil } -// ContextValidate validate this o auth2 client based on the context it is used -func (m *OAuth2Client) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidateAllowedCorsOrigins(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateAudience(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateContacts(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateGrantTypes(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidatePostLogoutRedirectUris(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateRedirectUris(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateRequestUris(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateResponseTypes(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *OAuth2Client) contextValidateAllowedCorsOrigins(ctx context.Context, formats strfmt.Registry) error { - - if err := m.AllowedCorsOrigins.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("allowed_cors_origins") - } - return err - } - - return nil -} - -func (m *OAuth2Client) contextValidateAudience(ctx context.Context, formats strfmt.Registry) error { - - if err := m.Audience.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("audience") - } - return err - } - - return nil -} - -func (m *OAuth2Client) contextValidateContacts(ctx context.Context, formats strfmt.Registry) error { - - if err := m.Contacts.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("contacts") - } - return err - } - - return nil -} - -func (m *OAuth2Client) contextValidateGrantTypes(ctx context.Context, formats strfmt.Registry) error { - - if err := m.GrantTypes.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("grant_types") - } - return err - } - - return nil -} - -func (m *OAuth2Client) contextValidatePostLogoutRedirectUris(ctx context.Context, formats strfmt.Registry) error { - - if err := m.PostLogoutRedirectUris.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("post_logout_redirect_uris") - } - return err - } - - return nil -} - -func (m *OAuth2Client) contextValidateRedirectUris(ctx context.Context, formats strfmt.Registry) error { - - if err := m.RedirectUris.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("redirect_uris") - } - return err - } - - return nil -} - -func (m *OAuth2Client) contextValidateRequestUris(ctx context.Context, formats strfmt.Registry) error { - - if err := m.RequestUris.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("request_uris") - } - return err - } - - return nil -} - -func (m *OAuth2Client) contextValidateResponseTypes(ctx context.Context, formats strfmt.Registry) error { - - if err := m.ResponseTypes.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("response_types") - } - return err - } - - return nil -} - // MarshalBinary interface implementation func (m *OAuth2Client) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/o_auth2_token_introspection.go b/internal/httpclient/models/o_auth2_token_introspection.go index a881a0d3ed2..fb97d72d935 100644 --- a/internal/httpclient/models/o_auth2_token_introspection.go +++ b/internal/httpclient/models/o_auth2_token_introspection.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -107,11 +105,6 @@ func (m *OAuth2TokenIntrospection) validateActive(formats strfmt.Registry) error return nil } -// ContextValidate validates this o auth2 token introspection based on context it is used -func (m *OAuth2TokenIntrospection) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *OAuth2TokenIntrospection) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/oauth2_token_response.go b/internal/httpclient/models/oauth2_token_response.go index 542885008fe..4aec720a00f 100644 --- a/internal/httpclient/models/oauth2_token_response.go +++ b/internal/httpclient/models/oauth2_token_response.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -41,11 +39,6 @@ func (m *Oauth2TokenResponse) Validate(formats strfmt.Registry) error { return nil } -// ContextValidate validates this oauth2 token response based on context it is used -func (m *Oauth2TokenResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *Oauth2TokenResponse) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/open_id_connect_context.go b/internal/httpclient/models/open_id_connect_context.go index 398840441e0..cbfdd337e40 100644 --- a/internal/httpclient/models/open_id_connect_context.go +++ b/internal/httpclient/models/open_id_connect_context.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -61,11 +59,6 @@ func (m *OpenIDConnectContext) Validate(formats strfmt.Registry) error { return nil } -// ContextValidate validates this open ID connect context based on context it is used -func (m *OpenIDConnectContext) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *OpenIDConnectContext) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/patch_document.go b/internal/httpclient/models/patch_document.go index 0f8b9cac0db..fb3ea3652ef 100644 --- a/internal/httpclient/models/patch_document.go +++ b/internal/httpclient/models/patch_document.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -23,12 +21,10 @@ type PatchDocument struct { From string `json:"from,omitempty"` // The operation to be performed - // Example: \"replace\ // Required: true Op *string `json:"op"` // A JSON-pointer - // Example: \"/name\ // Required: true Path *string `json:"path"` @@ -72,11 +68,6 @@ func (m *PatchDocument) validatePath(formats strfmt.Registry) error { return nil } -// ContextValidate validates this patch document based on context it is used -func (m *PatchDocument) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *PatchDocument) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/patch_request.go b/internal/httpclient/models/patch_request.go index e974c6748e9..df227f4b73e 100644 --- a/internal/httpclient/models/patch_request.go +++ b/internal/httpclient/models/patch_request.go @@ -6,7 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" "strconv" "github.com/go-openapi/errors" @@ -44,26 +43,3 @@ func (m PatchRequest) Validate(formats strfmt.Registry) error { } return nil } - -// ContextValidate validate this patch request based on the context it is used -func (m PatchRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - for i := 0; i < len(m); i++ { - - if m[i] != nil { - if err := m[i].ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName(strconv.Itoa(i)) - } - return err - } - } - - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} diff --git a/internal/httpclient/models/plugin_config.go b/internal/httpclient/models/plugin_config.go index d062713f842..caaeea8e7d6 100644 --- a/internal/httpclient/models/plugin_config.go +++ b/internal/httpclient/models/plugin_config.go @@ -6,7 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" "strconv" "github.com/go-openapi/errors" @@ -329,6 +328,7 @@ func (m *PluginConfig) validatePropagatedMount(formats strfmt.Registry) error { } func (m *PluginConfig) validateUser(formats strfmt.Registry) error { + if swag.IsZero(m.User) { // not required return nil } @@ -355,6 +355,7 @@ func (m *PluginConfig) validateWorkDir(formats strfmt.Registry) error { } func (m *PluginConfig) validateRootfs(formats strfmt.Registry) error { + if swag.IsZero(m.Rootfs) { // not required return nil } @@ -371,168 +372,6 @@ func (m *PluginConfig) validateRootfs(formats strfmt.Registry) error { return nil } -// ContextValidate validate this plugin config based on the context it is used -func (m *PluginConfig) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidateArgs(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateEnv(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateInterface(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateLinux(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateMounts(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateNetwork(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateUser(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateRootfs(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *PluginConfig) contextValidateArgs(ctx context.Context, formats strfmt.Registry) error { - - if m.Args != nil { - if err := m.Args.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("Args") - } - return err - } - } - - return nil -} - -func (m *PluginConfig) contextValidateEnv(ctx context.Context, formats strfmt.Registry) error { - - for i := 0; i < len(m.Env); i++ { - - if m.Env[i] != nil { - if err := m.Env[i].ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("Env" + "." + strconv.Itoa(i)) - } - return err - } - } - - } - - return nil -} - -func (m *PluginConfig) contextValidateInterface(ctx context.Context, formats strfmt.Registry) error { - - if m.Interface != nil { - if err := m.Interface.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("Interface") - } - return err - } - } - - return nil -} - -func (m *PluginConfig) contextValidateLinux(ctx context.Context, formats strfmt.Registry) error { - - if m.Linux != nil { - if err := m.Linux.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("Linux") - } - return err - } - } - - return nil -} - -func (m *PluginConfig) contextValidateMounts(ctx context.Context, formats strfmt.Registry) error { - - for i := 0; i < len(m.Mounts); i++ { - - if m.Mounts[i] != nil { - if err := m.Mounts[i].ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("Mounts" + "." + strconv.Itoa(i)) - } - return err - } - } - - } - - return nil -} - -func (m *PluginConfig) contextValidateNetwork(ctx context.Context, formats strfmt.Registry) error { - - if m.Network != nil { - if err := m.Network.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("Network") - } - return err - } - } - - return nil -} - -func (m *PluginConfig) contextValidateUser(ctx context.Context, formats strfmt.Registry) error { - - if m.User != nil { - if err := m.User.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("User") - } - return err - } - } - - return nil -} - -func (m *PluginConfig) contextValidateRootfs(ctx context.Context, formats strfmt.Registry) error { - - if m.Rootfs != nil { - if err := m.Rootfs.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("rootfs") - } - return err - } - } - - return nil -} - // MarshalBinary interface implementation func (m *PluginConfig) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_config_args.go b/internal/httpclient/models/plugin_config_args.go index 15a65d6994a..053450e0ae9 100644 --- a/internal/httpclient/models/plugin_config_args.go +++ b/internal/httpclient/models/plugin_config_args.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -98,11 +96,6 @@ func (m *PluginConfigArgs) validateValue(formats strfmt.Registry) error { return nil } -// ContextValidate validates this plugin config args based on context it is used -func (m *PluginConfigArgs) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *PluginConfigArgs) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_config_interface.go b/internal/httpclient/models/plugin_config_interface.go index 3e77cc86694..43b13c30c2e 100644 --- a/internal/httpclient/models/plugin_config_interface.go +++ b/internal/httpclient/models/plugin_config_interface.go @@ -6,7 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" "strconv" "github.com/go-openapi/errors" @@ -84,38 +83,6 @@ func (m *PluginConfigInterface) validateTypes(formats strfmt.Registry) error { return nil } -// ContextValidate validate this plugin config interface based on the context it is used -func (m *PluginConfigInterface) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidateTypes(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *PluginConfigInterface) contextValidateTypes(ctx context.Context, formats strfmt.Registry) error { - - for i := 0; i < len(m.Types); i++ { - - if m.Types[i] != nil { - if err := m.Types[i].ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("Types" + "." + strconv.Itoa(i)) - } - return err - } - } - - } - - return nil -} - // MarshalBinary interface implementation func (m *PluginConfigInterface) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_config_linux_swagger.go b/internal/httpclient/models/plugin_config_linux_swagger.go index 046ba2ab691..5671eb4d28a 100644 --- a/internal/httpclient/models/plugin_config_linux_swagger.go +++ b/internal/httpclient/models/plugin_config_linux_swagger.go @@ -6,7 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" "strconv" "github.com/go-openapi/errors" @@ -98,38 +97,6 @@ func (m *PluginConfigLinux) validateDevices(formats strfmt.Registry) error { return nil } -// ContextValidate validate this plugin config linux based on the context it is used -func (m *PluginConfigLinux) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidateDevices(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *PluginConfigLinux) contextValidateDevices(ctx context.Context, formats strfmt.Registry) error { - - for i := 0; i < len(m.Devices); i++ { - - if m.Devices[i] != nil { - if err := m.Devices[i].ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("Devices" + "." + strconv.Itoa(i)) - } - return err - } - } - - } - - return nil -} - // MarshalBinary interface implementation func (m *PluginConfigLinux) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_config_network.go b/internal/httpclient/models/plugin_config_network.go index 89fb2c56807..5649fd30a9b 100644 --- a/internal/httpclient/models/plugin_config_network.go +++ b/internal/httpclient/models/plugin_config_network.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -47,11 +45,6 @@ func (m *PluginConfigNetwork) validateType(formats strfmt.Registry) error { return nil } -// ContextValidate validates this plugin config network based on context it is used -func (m *PluginConfigNetwork) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *PluginConfigNetwork) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_config_rootfs.go b/internal/httpclient/models/plugin_config_rootfs.go index 64d545ac12b..4497e49a3fe 100644 --- a/internal/httpclient/models/plugin_config_rootfs.go +++ b/internal/httpclient/models/plugin_config_rootfs.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -29,11 +27,6 @@ func (m *PluginConfigRootfs) Validate(formats strfmt.Registry) error { return nil } -// ContextValidate validates this plugin config rootfs based on context it is used -func (m *PluginConfigRootfs) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *PluginConfigRootfs) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_config_user.go b/internal/httpclient/models/plugin_config_user.go index 610727721e9..73574d68ff6 100644 --- a/internal/httpclient/models/plugin_config_user.go +++ b/internal/httpclient/models/plugin_config_user.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -29,11 +27,6 @@ func (m *PluginConfigUser) Validate(formats strfmt.Registry) error { return nil } -// ContextValidate validates this plugin config user based on context it is used -func (m *PluginConfigUser) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *PluginConfigUser) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_device.go b/internal/httpclient/models/plugin_device.go index 8818e2dd71a..7a3de422abc 100644 --- a/internal/httpclient/models/plugin_device.go +++ b/internal/httpclient/models/plugin_device.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -98,11 +96,6 @@ func (m *PluginDevice) validateSettable(formats strfmt.Registry) error { return nil } -// ContextValidate validates this plugin device based on context it is used -func (m *PluginDevice) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *PluginDevice) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_env.go b/internal/httpclient/models/plugin_env.go index 00c2bcc6d69..6ed6644db68 100644 --- a/internal/httpclient/models/plugin_env.go +++ b/internal/httpclient/models/plugin_env.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -98,11 +96,6 @@ func (m *PluginEnv) validateValue(formats strfmt.Registry) error { return nil } -// ContextValidate validates this plugin env based on context it is used -func (m *PluginEnv) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *PluginEnv) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_interface_type.go b/internal/httpclient/models/plugin_interface_type.go index cb3185daba1..d66549040eb 100644 --- a/internal/httpclient/models/plugin_interface_type.go +++ b/internal/httpclient/models/plugin_interface_type.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -81,11 +79,6 @@ func (m *PluginInterfaceType) validateVersion(formats strfmt.Registry) error { return nil } -// ContextValidate validates this plugin interface type based on context it is used -func (m *PluginInterfaceType) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *PluginInterfaceType) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_mount.go b/internal/httpclient/models/plugin_mount.go index be79d1e16bd..41eadd58191 100644 --- a/internal/httpclient/models/plugin_mount.go +++ b/internal/httpclient/models/plugin_mount.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -149,11 +147,6 @@ func (m *PluginMount) validateType(formats strfmt.Registry) error { return nil } -// ContextValidate validates this plugin mount based on context it is used -func (m *PluginMount) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *PluginMount) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/plugin_settings.go b/internal/httpclient/models/plugin_settings.go index 5da66acb905..4e7d4ba9748 100644 --- a/internal/httpclient/models/plugin_settings.go +++ b/internal/httpclient/models/plugin_settings.go @@ -6,7 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" "strconv" "github.com/go-openapi/errors" @@ -131,60 +130,6 @@ func (m *PluginSettings) validateMounts(formats strfmt.Registry) error { return nil } -// ContextValidate validate this plugin settings based on the context it is used -func (m *PluginSettings) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidateDevices(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateMounts(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *PluginSettings) contextValidateDevices(ctx context.Context, formats strfmt.Registry) error { - - for i := 0; i < len(m.Devices); i++ { - - if m.Devices[i] != nil { - if err := m.Devices[i].ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("Devices" + "." + strconv.Itoa(i)) - } - return err - } - } - - } - - return nil -} - -func (m *PluginSettings) contextValidateMounts(ctx context.Context, formats strfmt.Registry) error { - - for i := 0; i < len(m.Mounts); i++ { - - if m.Mounts[i] != nil { - if err := m.Mounts[i].ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("Mounts" + "." + strconv.Itoa(i)) - } - return err - } - } - - } - - return nil -} - // MarshalBinary interface implementation func (m *PluginSettings) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/previous_consent_session.go b/internal/httpclient/models/previous_consent_session.go index 28e68bad493..b0b0616f356 100644 --- a/internal/httpclient/models/previous_consent_session.go +++ b/internal/httpclient/models/previous_consent_session.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -75,6 +73,7 @@ func (m *PreviousConsentSession) Validate(formats strfmt.Registry) error { } func (m *PreviousConsentSession) validateConsentRequest(formats strfmt.Registry) error { + if swag.IsZero(m.ConsentRequest) { // not required return nil } @@ -92,6 +91,7 @@ func (m *PreviousConsentSession) validateConsentRequest(formats strfmt.Registry) } func (m *PreviousConsentSession) validateGrantAccessTokenAudience(formats strfmt.Registry) error { + if swag.IsZero(m.GrantAccessTokenAudience) { // not required return nil } @@ -107,6 +107,7 @@ func (m *PreviousConsentSession) validateGrantAccessTokenAudience(formats strfmt } func (m *PreviousConsentSession) validateGrantScope(formats strfmt.Registry) error { + if swag.IsZero(m.GrantScope) { // not required return nil } @@ -122,6 +123,7 @@ func (m *PreviousConsentSession) validateGrantScope(formats strfmt.Registry) err } func (m *PreviousConsentSession) validateHandledAt(formats strfmt.Registry) error { + if swag.IsZero(m.HandledAt) { // not required return nil } @@ -137,6 +139,7 @@ func (m *PreviousConsentSession) validateHandledAt(formats strfmt.Registry) erro } func (m *PreviousConsentSession) validateSession(formats strfmt.Registry) error { + if swag.IsZero(m.Session) { // not required return nil } @@ -153,100 +156,6 @@ func (m *PreviousConsentSession) validateSession(formats strfmt.Registry) error return nil } -// ContextValidate validate this previous consent session based on the context it is used -func (m *PreviousConsentSession) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidateConsentRequest(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateGrantAccessTokenAudience(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateGrantScope(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateHandledAt(ctx, formats); err != nil { - res = append(res, err) - } - - if err := m.contextValidateSession(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *PreviousConsentSession) contextValidateConsentRequest(ctx context.Context, formats strfmt.Registry) error { - - if m.ConsentRequest != nil { - if err := m.ConsentRequest.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("consent_request") - } - return err - } - } - - return nil -} - -func (m *PreviousConsentSession) contextValidateGrantAccessTokenAudience(ctx context.Context, formats strfmt.Registry) error { - - if err := m.GrantAccessTokenAudience.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("grant_access_token_audience") - } - return err - } - - return nil -} - -func (m *PreviousConsentSession) contextValidateGrantScope(ctx context.Context, formats strfmt.Registry) error { - - if err := m.GrantScope.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("grant_scope") - } - return err - } - - return nil -} - -func (m *PreviousConsentSession) contextValidateHandledAt(ctx context.Context, formats strfmt.Registry) error { - - if err := m.HandledAt.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("handled_at") - } - return err - } - - return nil -} - -func (m *PreviousConsentSession) contextValidateSession(ctx context.Context, formats strfmt.Registry) error { - - if m.Session != nil { - if err := m.Session.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("session") - } - return err - } - } - - return nil -} - // MarshalBinary interface implementation func (m *PreviousConsentSession) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/reject_request.go b/internal/httpclient/models/reject_request.go index 42cf41b5228..37c02f35926 100644 --- a/internal/httpclient/models/reject_request.go +++ b/internal/httpclient/models/reject_request.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -43,11 +41,6 @@ func (m *RejectRequest) Validate(formats strfmt.Registry) error { return nil } -// ContextValidate validates this reject request based on context it is used -func (m *RejectRequest) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *RejectRequest) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/request_was_handled_response.go b/internal/httpclient/models/request_was_handled_response.go index 5430cd2ef03..1a224f2b3e8 100644 --- a/internal/httpclient/models/request_was_handled_response.go +++ b/internal/httpclient/models/request_was_handled_response.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -47,11 +45,6 @@ func (m *RequestWasHandledResponse) validateRedirectTo(formats strfmt.Registry) return nil } -// ContextValidate validates this request was handled response based on context it is used -func (m *RequestWasHandledResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *RequestWasHandledResponse) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/string_slice_pipe_delimiter.go b/internal/httpclient/models/string_slice_pipe_delimiter.go index 76d7a757791..c7bc80e83c0 100644 --- a/internal/httpclient/models/string_slice_pipe_delimiter.go +++ b/internal/httpclient/models/string_slice_pipe_delimiter.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/strfmt" ) @@ -20,8 +18,3 @@ type StringSlicePipeDelimiter []string func (m StringSlicePipeDelimiter) Validate(formats strfmt.Registry) error { return nil } - -// ContextValidate validates this string slice pipe delimiter based on context it is used -func (m StringSlicePipeDelimiter) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} diff --git a/internal/httpclient/models/create_jwt_bearer_grant_params.go b/internal/httpclient/models/trust_jwt_grant_issuer_body.go similarity index 61% rename from internal/httpclient/models/create_jwt_bearer_grant_params.go rename to internal/httpclient/models/trust_jwt_grant_issuer_body.go index e13dc07f2fe..09573619d17 100644 --- a/internal/httpclient/models/create_jwt_bearer_grant_params.go +++ b/internal/httpclient/models/trust_jwt_grant_issuer_body.go @@ -6,18 +6,16 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" "github.com/go-openapi/validate" ) -// CreateJwtBearerGrantParams create jwt bearer grant params +// TrustJwtGrantIssuerBody trust jwt grant issuer body // -// swagger:model createJwtBearerGrantParams -type CreateJwtBearerGrantParams struct { +// swagger:model trustJwtGrantIssuerBody +type TrustJwtGrantIssuerBody struct { // The "expires_at" indicates, when grant will expire, so we will reject assertion from "issuer" targeting "subject". // Required: true @@ -25,7 +23,6 @@ type CreateJwtBearerGrantParams struct { ExpiresAt *strfmt.DateTime `json:"expires_at"` // The "issuer" identifies the principal that issued the JWT assertion (same as "iss" claim in JWT). - // Example: https://jwt-idp.example.com // Required: true Issuer *string `json:"issuer"` @@ -34,18 +31,16 @@ type CreateJwtBearerGrantParams struct { Jwk *JSONWebKey `json:"jwk"` // The "scope" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) - // Example: ["openid","offline"] // Required: true Scope []string `json:"scope"` // The "subject" identifies the principal that is the subject of the JWT. - // Example: mike@example.com // Required: true Subject *string `json:"subject"` } -// Validate validates this create jwt bearer grant params -func (m *CreateJwtBearerGrantParams) Validate(formats strfmt.Registry) error { +// Validate validates this trust jwt grant issuer body +func (m *TrustJwtGrantIssuerBody) Validate(formats strfmt.Registry) error { var res []error if err := m.validateExpiresAt(formats); err != nil { @@ -74,7 +69,7 @@ func (m *CreateJwtBearerGrantParams) Validate(formats strfmt.Registry) error { return nil } -func (m *CreateJwtBearerGrantParams) validateExpiresAt(formats strfmt.Registry) error { +func (m *TrustJwtGrantIssuerBody) validateExpiresAt(formats strfmt.Registry) error { if err := validate.Required("expires_at", "body", m.ExpiresAt); err != nil { return err @@ -87,7 +82,7 @@ func (m *CreateJwtBearerGrantParams) validateExpiresAt(formats strfmt.Registry) return nil } -func (m *CreateJwtBearerGrantParams) validateIssuer(formats strfmt.Registry) error { +func (m *TrustJwtGrantIssuerBody) validateIssuer(formats strfmt.Registry) error { if err := validate.Required("issuer", "body", m.Issuer); err != nil { return err @@ -96,7 +91,7 @@ func (m *CreateJwtBearerGrantParams) validateIssuer(formats strfmt.Registry) err return nil } -func (m *CreateJwtBearerGrantParams) validateJwk(formats strfmt.Registry) error { +func (m *TrustJwtGrantIssuerBody) validateJwk(formats strfmt.Registry) error { if err := validate.Required("jwk", "body", m.Jwk); err != nil { return err @@ -114,7 +109,7 @@ func (m *CreateJwtBearerGrantParams) validateJwk(formats strfmt.Registry) error return nil } -func (m *CreateJwtBearerGrantParams) validateScope(formats strfmt.Registry) error { +func (m *TrustJwtGrantIssuerBody) validateScope(formats strfmt.Registry) error { if err := validate.Required("scope", "body", m.Scope); err != nil { return err @@ -123,7 +118,7 @@ func (m *CreateJwtBearerGrantParams) validateScope(formats strfmt.Registry) erro return nil } -func (m *CreateJwtBearerGrantParams) validateSubject(formats strfmt.Registry) error { +func (m *TrustJwtGrantIssuerBody) validateSubject(formats strfmt.Registry) error { if err := validate.Required("subject", "body", m.Subject); err != nil { return err @@ -132,36 +127,8 @@ func (m *CreateJwtBearerGrantParams) validateSubject(formats strfmt.Registry) er return nil } -// ContextValidate validate this create jwt bearer grant params based on the context it is used -func (m *CreateJwtBearerGrantParams) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidateJwk(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *CreateJwtBearerGrantParams) contextValidateJwk(ctx context.Context, formats strfmt.Registry) error { - - if m.Jwk != nil { - if err := m.Jwk.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("jwk") - } - return err - } - } - - return nil -} - // MarshalBinary interface implementation -func (m *CreateJwtBearerGrantParams) MarshalBinary() ([]byte, error) { +func (m *TrustJwtGrantIssuerBody) MarshalBinary() ([]byte, error) { if m == nil { return nil, nil } @@ -169,8 +136,8 @@ func (m *CreateJwtBearerGrantParams) MarshalBinary() ([]byte, error) { } // UnmarshalBinary interface implementation -func (m *CreateJwtBearerGrantParams) UnmarshalBinary(b []byte) error { - var res CreateJwtBearerGrantParams +func (m *TrustJwtGrantIssuerBody) UnmarshalBinary(b []byte) error { + var res TrustJwtGrantIssuerBody if err := swag.ReadJSON(b, &res); err != nil { return err } diff --git a/internal/httpclient/models/jwt_bearer_grant_public_key.go b/internal/httpclient/models/trusted_json_web_key.go similarity index 51% rename from internal/httpclient/models/jwt_bearer_grant_public_key.go rename to internal/httpclient/models/trusted_json_web_key.go index e1a65e08178..e12666cfa96 100644 --- a/internal/httpclient/models/jwt_bearer_grant_public_key.go +++ b/internal/httpclient/models/trusted_json_web_key.go @@ -6,38 +6,29 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) -// JwtBearerGrantPublicKey jwt bearer grant public key +// TrustedJSONWebKey trusted Json web key // -// swagger:model JwtBearerGrantPublicKey -type JwtBearerGrantPublicKey struct { +// swagger:model trustedJsonWebKey +type TrustedJSONWebKey struct { // The "key_id" is key unique identifier (same as kid header in jws/jwt). - // Example: 123e4567-e89b-12d3-a456-426655440000 Kid string `json:"kid,omitempty"` // The "set" is basically a name for a group(set) of keys. Will be the same as "issuer" in grant. - // Example: https://jwt-idp.example.com Set string `json:"set,omitempty"` } -// Validate validates this jwt bearer grant public key -func (m *JwtBearerGrantPublicKey) Validate(formats strfmt.Registry) error { - return nil -} - -// ContextValidate validates this jwt bearer grant public key based on context it is used -func (m *JwtBearerGrantPublicKey) ContextValidate(ctx context.Context, formats strfmt.Registry) error { +// Validate validates this trusted Json web key +func (m *TrustedJSONWebKey) Validate(formats strfmt.Registry) error { return nil } // MarshalBinary interface implementation -func (m *JwtBearerGrantPublicKey) MarshalBinary() ([]byte, error) { +func (m *TrustedJSONWebKey) MarshalBinary() ([]byte, error) { if m == nil { return nil, nil } @@ -45,8 +36,8 @@ func (m *JwtBearerGrantPublicKey) MarshalBinary() ([]byte, error) { } // UnmarshalBinary interface implementation -func (m *JwtBearerGrantPublicKey) UnmarshalBinary(b []byte) error { - var res JwtBearerGrantPublicKey +func (m *TrustedJSONWebKey) UnmarshalBinary(b []byte) error { + var res TrustedJSONWebKey if err := swag.ReadJSON(b, &res); err != nil { return err } diff --git a/internal/httpclient/models/jwt_bearer_grant.go b/internal/httpclient/models/trusted_jwt_grant_issuer.go similarity index 61% rename from internal/httpclient/models/jwt_bearer_grant.go rename to internal/httpclient/models/trusted_jwt_grant_issuer.go index 6455f8521b8..577f867d553 100644 --- a/internal/httpclient/models/jwt_bearer_grant.go +++ b/internal/httpclient/models/trusted_jwt_grant_issuer.go @@ -6,18 +6,16 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" "github.com/go-openapi/validate" ) -// JwtBearerGrant jwt bearer grant +// TrustedJwtGrantIssuer trusted jwt grant issuer // -// swagger:model JwtBearerGrant -type JwtBearerGrant struct { +// swagger:model trustedJwtGrantIssuer +type TrustedJwtGrantIssuer struct { // The "created_at" indicates, when grant was created. // Format: date-time @@ -28,27 +26,23 @@ type JwtBearerGrant struct { ExpiresAt strfmt.DateTime `json:"expires_at,omitempty"` // id - // Example: 9edc811f-4e28-453c-9b46-4de65f00217f ID string `json:"id,omitempty"` // The "issuer" identifies the principal that issued the JWT assertion (same as "iss" claim in JWT). - // Example: https://jwt-idp.example.com Issuer string `json:"issuer,omitempty"` // public key - PublicKey *JwtBearerGrantPublicKey `json:"public_key,omitempty"` + PublicKey *TrustedJSONWebKey `json:"public_key,omitempty"` // The "scope" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749]) - // Example: ["openid","offline"] Scope []string `json:"scope"` // The "subject" identifies the principal that is the subject of the JWT. - // Example: mike@example.com Subject string `json:"subject,omitempty"` } -// Validate validates this jwt bearer grant -func (m *JwtBearerGrant) Validate(formats strfmt.Registry) error { +// Validate validates this trusted jwt grant issuer +func (m *TrustedJwtGrantIssuer) Validate(formats strfmt.Registry) error { var res []error if err := m.validateCreatedAt(formats); err != nil { @@ -69,7 +63,8 @@ func (m *JwtBearerGrant) Validate(formats strfmt.Registry) error { return nil } -func (m *JwtBearerGrant) validateCreatedAt(formats strfmt.Registry) error { +func (m *TrustedJwtGrantIssuer) validateCreatedAt(formats strfmt.Registry) error { + if swag.IsZero(m.CreatedAt) { // not required return nil } @@ -81,7 +76,8 @@ func (m *JwtBearerGrant) validateCreatedAt(formats strfmt.Registry) error { return nil } -func (m *JwtBearerGrant) validateExpiresAt(formats strfmt.Registry) error { +func (m *TrustedJwtGrantIssuer) validateExpiresAt(formats strfmt.Registry) error { + if swag.IsZero(m.ExpiresAt) { // not required return nil } @@ -93,7 +89,8 @@ func (m *JwtBearerGrant) validateExpiresAt(formats strfmt.Registry) error { return nil } -func (m *JwtBearerGrant) validatePublicKey(formats strfmt.Registry) error { +func (m *TrustedJwtGrantIssuer) validatePublicKey(formats strfmt.Registry) error { + if swag.IsZero(m.PublicKey) { // not required return nil } @@ -110,36 +107,8 @@ func (m *JwtBearerGrant) validatePublicKey(formats strfmt.Registry) error { return nil } -// ContextValidate validate this jwt bearer grant based on the context it is used -func (m *JwtBearerGrant) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidatePublicKey(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *JwtBearerGrant) contextValidatePublicKey(ctx context.Context, formats strfmt.Registry) error { - - if m.PublicKey != nil { - if err := m.PublicKey.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("public_key") - } - return err - } - } - - return nil -} - // MarshalBinary interface implementation -func (m *JwtBearerGrant) MarshalBinary() ([]byte, error) { +func (m *TrustedJwtGrantIssuer) MarshalBinary() ([]byte, error) { if m == nil { return nil, nil } @@ -147,8 +116,8 @@ func (m *JwtBearerGrant) MarshalBinary() ([]byte, error) { } // UnmarshalBinary interface implementation -func (m *JwtBearerGrant) UnmarshalBinary(b []byte) error { - var res JwtBearerGrant +func (m *TrustedJwtGrantIssuer) UnmarshalBinary(b []byte) error { + var res TrustedJwtGrantIssuer if err := swag.ReadJSON(b, &res); err != nil { return err } diff --git a/internal/httpclient/models/trusted_jwt_grant_issuers.go b/internal/httpclient/models/trusted_jwt_grant_issuers.go new file mode 100644 index 00000000000..a8d4d3859f1 --- /dev/null +++ b/internal/httpclient/models/trusted_jwt_grant_issuers.go @@ -0,0 +1,45 @@ +// Code generated by go-swagger; DO NOT EDIT. + +package models + +// This file was generated by the swagger tool. +// Editing this file might prove futile when you re-run the swagger generate command + +import ( + "strconv" + + "github.com/go-openapi/errors" + "github.com/go-openapi/strfmt" + "github.com/go-openapi/swag" +) + +// TrustedJwtGrantIssuers trusted jwt grant issuers +// +// swagger:model trustedJwtGrantIssuers +type TrustedJwtGrantIssuers []*TrustedJwtGrantIssuer + +// Validate validates this trusted jwt grant issuers +func (m TrustedJwtGrantIssuers) Validate(formats strfmt.Registry) error { + var res []error + + for i := 0; i < len(m); i++ { + if swag.IsZero(m[i]) { // not required + continue + } + + if m[i] != nil { + if err := m[i].Validate(formats); err != nil { + if ve, ok := err.(*errors.Validation); ok { + return ve.ValidateName(strconv.Itoa(i)) + } + return err + } + } + + } + + if len(res) > 0 { + return errors.CompositeValidationError(res...) + } + return nil +} diff --git a/internal/httpclient/models/userinfo_response.go b/internal/httpclient/models/userinfo_response.go index a78e76c3204..9b5fb8685fb 100644 --- a/internal/httpclient/models/userinfo_response.go +++ b/internal/httpclient/models/userinfo_response.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -80,11 +78,6 @@ func (m *UserinfoResponse) Validate(formats strfmt.Registry) error { return nil } -// ContextValidate validates this userinfo response based on context it is used -func (m *UserinfoResponse) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *UserinfoResponse) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/version.go b/internal/httpclient/models/version.go index 2a92642e537..8e687bcb20d 100644 --- a/internal/httpclient/models/version.go +++ b/internal/httpclient/models/version.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" ) @@ -26,11 +24,6 @@ func (m *Version) Validate(formats strfmt.Registry) error { return nil } -// ContextValidate validates this version based on context it is used -func (m *Version) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *Version) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/volume.go b/internal/httpclient/models/volume.go index a27d9734b32..f278b8ac30b 100644 --- a/internal/httpclient/models/volume.go +++ b/internal/httpclient/models/volume.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -42,8 +40,7 @@ type Volume struct { // Required: true Options map[string]string `json:"Options"` - // The level at which the volume exists. Either `global` for cluster-wide, - // or `local` for machine level. + // The level at which the volume exists. Either `global` for cluster-wide, or `local` for machine level. // Required: true Scope *string `json:"Scope"` @@ -108,10 +105,6 @@ func (m *Volume) validateDriver(formats strfmt.Registry) error { func (m *Volume) validateLabels(formats strfmt.Registry) error { - if err := validate.Required("Labels", "body", m.Labels); err != nil { - return err - } - return nil } @@ -135,10 +128,6 @@ func (m *Volume) validateName(formats strfmt.Registry) error { func (m *Volume) validateOptions(formats strfmt.Registry) error { - if err := validate.Required("Options", "body", m.Options); err != nil { - return err - } - return nil } @@ -152,6 +141,7 @@ func (m *Volume) validateScope(formats strfmt.Registry) error { } func (m *Volume) validateUsageData(formats strfmt.Registry) error { + if swag.IsZero(m.UsageData) { // not required return nil } @@ -168,34 +158,6 @@ func (m *Volume) validateUsageData(formats strfmt.Registry) error { return nil } -// ContextValidate validate this volume based on the context it is used -func (m *Volume) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - var res []error - - if err := m.contextValidateUsageData(ctx, formats); err != nil { - res = append(res, err) - } - - if len(res) > 0 { - return errors.CompositeValidationError(res...) - } - return nil -} - -func (m *Volume) contextValidateUsageData(ctx context.Context, formats strfmt.Registry) error { - - if m.UsageData != nil { - if err := m.UsageData.ContextValidate(ctx, formats); err != nil { - if ve, ok := err.(*errors.Validation); ok { - return ve.ValidateName("UsageData") - } - return err - } - } - - return nil -} - // MarshalBinary interface implementation func (m *Volume) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/volume_usage_data.go b/internal/httpclient/models/volume_usage_data.go index bfae17367cf..886190c490b 100644 --- a/internal/httpclient/models/volume_usage_data.go +++ b/internal/httpclient/models/volume_usage_data.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -69,11 +67,6 @@ func (m *VolumeUsageData) validateSize(formats strfmt.Registry) error { return nil } -// ContextValidate validates this volume usage data based on context it is used -func (m *VolumeUsageData) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *VolumeUsageData) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/internal/httpclient/models/well_known.go b/internal/httpclient/models/well_known.go index d06e5d74034..7641cc66a44 100644 --- a/internal/httpclient/models/well_known.go +++ b/internal/httpclient/models/well_known.go @@ -6,8 +6,6 @@ package models // Editing this file might prove futile when you re-run the swagger generate command import ( - "context" - "github.com/go-openapi/errors" "github.com/go-openapi/strfmt" "github.com/go-openapi/swag" @@ -23,7 +21,6 @@ import ( type WellKnown struct { // URL of the OP's OAuth 2.0 Authorization Endpoint. - // Example: https://playground.ory.sh/ory-hydra/public/oauth2/auth // Required: true AuthorizationEndpoint *string `json:"authorization_endpoint"` @@ -67,7 +64,6 @@ type WellKnown struct { // URL using the https scheme with no query or fragment component that the OP asserts as its IssuerURL Identifier. // If IssuerURL discovery is supported , this value MUST be identical to the issuer value returned // by WebFinger. This also MUST be identical to the iss Claim value in ID Tokens issued from this IssuerURL. - // Example: https://playground.ory.sh/ory-hydra/public/ // Required: true Issuer *string `json:"issuer"` @@ -78,12 +74,10 @@ type WellKnown struct { // Although some algorithms allow the same key to be used for both signatures and encryption, doing so is // NOT RECOMMENDED, as it is less secure. The JWK x5c parameter MAY be used to provide X.509 representations of // keys provided. When used, the bare key values MUST still be present and MUST match those in the certificate. - // Example: https://playground.ory.sh/ory-hydra/public/.well-known/jwks.json // Required: true JwksURI *string `json:"jwks_uri"` // URL of the OP's Dynamic Client Registration Endpoint. - // Example: https://playground.ory.sh/ory-hydra/admin/client RegistrationEndpoint string `json:"registration_endpoint,omitempty"` // JSON array containing a list of the JWS signing algorithms (alg values) supported by the OP for Request Objects, @@ -123,7 +117,6 @@ type WellKnown struct { SubjectTypesSupported []string `json:"subject_types_supported"` // URL of the OP's OAuth 2.0 Token Endpoint - // Example: https://playground.ory.sh/ory-hydra/public/oauth2/token // Required: true TokenEndpoint *string `json:"token_endpoint"` @@ -239,11 +232,6 @@ func (m *WellKnown) validateTokenEndpoint(formats strfmt.Registry) error { return nil } -// ContextValidate validates this well known based on context it is used -func (m *WellKnown) ContextValidate(ctx context.Context, formats strfmt.Registry) error { - return nil -} - // MarshalBinary interface implementation func (m *WellKnown) MarshalBinary() ([]byte, error) { if m == nil { diff --git a/spec/api.json b/spec/api.json index 2b42fa6b982..4f822b25aa2 100755 --- a/spec/api.json +++ b/spec/api.json @@ -385,6 +385,43 @@ } } }, + "/grants/jwt-bearer/flush": { + "post": { + "description": "This endpoint flushes expired jwt-bearer grants from the database. You can set a time after which no tokens will be\nnot be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be flushed as they are deleted\nautomatically when performing the refresh flow.", + "consumes": [ + "application/json" + ], + "schemes": [ + "http", + "https" + ], + "tags": [ + "admin" + ], + "summary": "Flush Expired jwt-bearer grants.", + "operationId": "flushInactiveJwtBearerGrants", + "parameters": [ + { + "name": "Body", + "in": "body", + "schema": { + "$ref": "#/definitions/flushInactiveJwtBearerGrantsParams" + } + } + ], + "responses": { + "204": { + "description": "Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is\ntypically 201." + }, + "500": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + } + } + } + }, "/health/alive": { "get": { "description": "This endpoint returns a 200 status code when the HTTP server is up running.\nThis status does currently not include checks whether the database connection is working.\n\nIf the service supports TLS Edge Termination, this endpoint does not require the\n`X-Forwarded-Proto` header to be set.\n\nBe aware that if you are running multiple nodes of this service, the health status will never\nrefer to the cluster state, only to a single instance.", @@ -1842,6 +1879,208 @@ } } }, + "/trust/grants/jwt-bearer/issuers": { + "get": { + "description": "Use this endpoint to list all trusted JWT Bearer Grant Type Issuers.", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "schemes": [ + "http", + "https" + ], + "tags": [ + "admin" + ], + "summary": "List Trusted OAuth2 JWT Bearer Grant Type Issuers", + "operationId": "listTrustedJwtGrantIssuers", + "parameters": [ + { + "type": "string", + "description": "If optional \"issuer\" is supplied, only jwt-bearer grants with this issuer will be returned.", + "name": "issuer", + "in": "query" + }, + { + "type": "integer", + "format": "int64", + "description": "The maximum amount of policies returned, upper bound is 500 policies", + "name": "limit", + "in": "query" + }, + { + "type": "integer", + "format": "int64", + "description": "The offset from where to start looking.", + "name": "offset", + "in": "query" + } + ], + "responses": { + "200": { + "description": "trustedJwtGrantIssuers", + "schema": { + "$ref": "#/definitions/trustedJwtGrantIssuers" + } + }, + "500": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + } + } + }, + "post": { + "description": "Use this endpoint to establish a trust relationship for a JWT issuer\nto perform JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication\nand Authorization Grants [RFC7523](https://datatracker.ietf.org/doc/html/rfc7523).", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "schemes": [ + "http", + "https" + ], + "tags": [ + "admin" + ], + "summary": "Trust an OAuth2 JWT Bearer Grant Type Issuer", + "operationId": "trustJwtGrantIssuer", + "parameters": [ + { + "name": "Body", + "in": "body", + "schema": { + "$ref": "#/definitions/trustJwtGrantIssuerBody" + } + } + ], + "responses": { + "201": { + "description": "trustedJwtGrantIssuer", + "schema": { + "$ref": "#/definitions/trustedJwtGrantIssuer" + } + }, + "400": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + }, + "409": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + }, + "500": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + } + } + } + }, + "/trust/grants/jwt-bearer/issuers/{id}": { + "get": { + "description": "Use this endpoint to get a trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you\ncreated the trust relationship.", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "schemes": [ + "http", + "https" + ], + "tags": [ + "admin" + ], + "summary": "Get a Trusted OAuth2 JWT Bearer Grant Type Issuer", + "operationId": "getTrustedJwtGrantIssuer", + "parameters": [ + { + "type": "string", + "description": "The id of the desired grant", + "name": "id", + "in": "path", + "required": true + } + ], + "responses": { + "200": { + "description": "trustedJwtGrantIssuer", + "schema": { + "$ref": "#/definitions/trustedJwtGrantIssuer" + } + }, + "404": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + }, + "500": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + } + } + }, + "delete": { + "description": "Use this endpoint to delete trusted JWT Bearer Grant Type Issuer. The ID is the one returned when you\ncreated the trust relationship.\n\nOnce deleted, the associated issuer will no longer be able to perform the JSON Web Token (JWT) Profile\nfor OAuth 2.0 Client Authentication and Authorization Grant.", + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "schemes": [ + "http", + "https" + ], + "tags": [ + "admin" + ], + "summary": "Delete a Trusted OAuth2 JWT Bearer Grant Type Issuer", + "operationId": "deleteTrustedJwtGrantIssuer", + "parameters": [ + { + "type": "string", + "description": "The id of the desired grant", + "name": "id", + "in": "path", + "required": true + } + ], + "responses": { + "204": { + "description": "Empty responses are sent when, for example, resources are deleted. The HTTP status code for empty responses is\ntypically 201." + }, + "404": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + }, + "500": { + "description": "genericError", + "schema": { + "$ref": "#/definitions/genericError" + } + } + } + } + }, "/userinfo": { "get": { "security": [ @@ -2500,7 +2739,7 @@ } }, "Scope": { - "description": "The level at which the volume exists. Either `global` for cluster-wide,\nor `local` for machine level.", + "description": "The level at which the volume exists. Either `global` for cluster-wide, or `local` for machine level.", "type": "string" }, "Status": { @@ -2674,6 +2913,16 @@ } } }, + "flushInactiveJwtBearerGrantsParams": { + "type": "object", + "properties": { + "notAfter": { + "description": "The \"notAfter\" sets after which point grants should not be flushed. This is useful when you want to keep a history\nof recently added grants.", + "type": "string", + "format": "date-time" + } + } + }, "flushInactiveOAuth2TokensRequest": { "type": "object", "properties": { @@ -2684,6 +2933,50 @@ } } }, + "genericError": { + "type": "object", + "required": [ + "message" + ], + "properties": { + "code": { + "description": "The status code", + "type": "integer", + "format": "int64", + "example": 404 + }, + "debug": { + "description": "Debug information\n\nThis field is often not exposed to protect against leaking\nsensitive information.", + "type": "string", + "example": "SQL field \"foo\" is not a bool." + }, + "details": { + "description": "Further error details", + "type": "object", + "additionalProperties": true + }, + "message": { + "description": "Error message\n\nThe error's message.", + "type": "string", + "example": "The resource could not be found" + }, + "reason": { + "description": "A human-readable reason for the error", + "type": "string", + "example": "User with ID 1234 does not exist." + }, + "request": { + "description": "The request ID\n\nThe request ID is often exposed internally in order to trace\nerrors across service architectures. This is often a UUID.", + "type": "string", + "example": "d7ef54b1-ec15-46e6-bccb-524b82c035e6" + }, + "status": { + "description": "The status description", + "type": "string", + "example": "Not Found" + } + } + }, "healthNotReadyStatus": { "type": "object", "properties": { @@ -3174,6 +3467,111 @@ } } }, + "trustJwtGrantIssuerBody": { + "type": "object", + "required": [ + "issuer", + "subject", + "scope", + "jwk", + "expires_at" + ], + "properties": { + "expires_at": { + "description": "The \"expires_at\" indicates, when grant will expire, so we will reject assertion from \"issuer\" targeting \"subject\".", + "type": "string", + "format": "date-time" + }, + "issuer": { + "description": "The \"issuer\" identifies the principal that issued the JWT assertion (same as \"iss\" claim in JWT).", + "type": "string", + "example": "https://jwt-idp.example.com" + }, + "jwk": { + "$ref": "#/definitions/JSONWebKey" + }, + "scope": { + "description": "The \"scope\" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749])", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "openid", + "offline" + ] + }, + "subject": { + "description": "The \"subject\" identifies the principal that is the subject of the JWT.", + "type": "string", + "example": "mike@example.com" + } + } + }, + "trustedJsonWebKey": { + "type": "object", + "properties": { + "kid": { + "description": "The \"key_id\" is key unique identifier (same as kid header in jws/jwt).", + "type": "string", + "example": "123e4567-e89b-12d3-a456-426655440000" + }, + "set": { + "description": "The \"set\" is basically a name for a group(set) of keys. Will be the same as \"issuer\" in grant.", + "type": "string", + "example": "https://jwt-idp.example.com" + } + } + }, + "trustedJwtGrantIssuer": { + "type": "object", + "properties": { + "created_at": { + "description": "The \"created_at\" indicates, when grant was created.", + "type": "string", + "format": "date-time" + }, + "expires_at": { + "description": "The \"expires_at\" indicates, when grant will expire, so we will reject assertion from \"issuer\" targeting \"subject\".", + "type": "string", + "format": "date-time" + }, + "id": { + "type": "string", + "example": "9edc811f-4e28-453c-9b46-4de65f00217f" + }, + "issuer": { + "description": "The \"issuer\" identifies the principal that issued the JWT assertion (same as \"iss\" claim in JWT).", + "type": "string", + "example": "https://jwt-idp.example.com" + }, + "public_key": { + "$ref": "#/definitions/trustedJsonWebKey" + }, + "scope": { + "description": "The \"scope\" contains list of scope values (as described in Section 3.3 of OAuth 2.0 [RFC6749])", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "openid", + "offline" + ] + }, + "subject": { + "description": "The \"subject\" identifies the principal that is the subject of the JWT.", + "type": "string", + "example": "mike@example.com" + } + } + }, + "trustedJwtGrantIssuers": { + "type": "array", + "items": { + "$ref": "#/definitions/trustedJwtGrantIssuer" + } + }, "userinfoResponse": { "description": "The userinfo response", "type": "object", From bb5b3fd0da61db3dd24c0ff376394df9e0356e75 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Tue, 13 Jul 2021 15:48:42 +0200 Subject: [PATCH 21/49] feat: code review --- grant/jwtbearer/manager.go | 2 +- package-lock.json | 1882 +++++++---------- package.json | 2 +- ...145331_grant_jwk_bearer.cockroach.down.sql | 2 +- ...11145331_grant_jwk_bearer.cockroach.up.sql | 2 +- ...1211145331_grant_jwk_bearer.mysql.down.sql | 2 +- ...201211145331_grant_jwk_bearer.mysql.up.sql | 2 +- ...1145331_grant_jwk_bearer.postgres.down.sql | 2 +- ...211145331_grant_jwk_bearer.postgres.up.sql | 2 +- ...211145331_grant_jwk_bearer.sqlite.down.sql | 2 +- ...01211145331_grant_jwk_bearer.sqlite.up.sql | 2 +- x/clean_sql.go | 4 +- 12 files changed, 801 insertions(+), 1105 deletions(-) diff --git a/grant/jwtbearer/manager.go b/grant/jwtbearer/manager.go index f8304c967d0..b809fd5d125 100644 --- a/grant/jwtbearer/manager.go +++ b/grant/jwtbearer/manager.go @@ -28,5 +28,5 @@ type SQLData struct { } func (SQLData) TableName() string { - return "hydra_oauth2_grant_jwk" + return "hydra_oauth2_trusted_jwt_bearer_issuer" } diff --git a/package-lock.json b/package-lock.json index 32dac4d5b98..be7cc46df06 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8,53 +8,13 @@ "name": "@oryd/hydra", "version": "0.0.0", "devDependencies": { - "cypress": "^6.6.0", + "cypress": "^7.7.0", "ory-prettier-styles": "1.1.1", "prettier": "2.1.2", "standard": "^12.0.1", "wait-on": "^3.2.0" } }, - "node_modules/@cypress/listr-verbose-renderer": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/@cypress/listr-verbose-renderer/-/listr-verbose-renderer-0.4.1.tgz", - "integrity": "sha1-p3SS9LEdzHxEajSz4ochr9M8ZCo=", - "dev": true, - "dependencies": { - "chalk": "^1.1.3", - "cli-cursor": "^1.0.2", - "date-fns": "^1.27.2", - "figures": "^1.7.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/@cypress/listr-verbose-renderer/node_modules/chalk": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", - "integrity": "sha1-qBFcVeSnAv5NFQq9OHKCKn4J/Jg=", - "dev": true, - "dependencies": { - "ansi-styles": "^2.2.1", - "escape-string-regexp": "^1.0.2", - "has-ansi": "^2.0.0", - "strip-ansi": "^3.0.0", - "supports-color": "^2.0.0" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/@cypress/listr-verbose-renderer/node_modules/supports-color": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz", - "integrity": "sha1-U10EXOa2Nj+kARcIRimZXp3zJMc=", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, "node_modules/@cypress/request": { "version": "2.88.5", "resolved": "https://registry.npmjs.org/@cypress/request/-/request-2.88.5.tgz", @@ -109,30 +69,10 @@ "lodash.once": "^4.1.1" } }, - "node_modules/@samverschueren/stream-to-observable": { - "version": "0.3.1", - "resolved": "https://registry.npmjs.org/@samverschueren/stream-to-observable/-/stream-to-observable-0.3.1.tgz", - "integrity": "sha512-c/qwwcHyafOQuVQJj0IlBjf5yYgBI7YPJ77k4fOJYesb41jio65eaJODRUmfYKhTOFBrIZ66kgvGPlNbjuoRdQ==", - "dev": true, - "dependencies": { - "any-observable": "^0.3.0" - }, - "engines": { - "node": ">=6" - }, - "peerDependenciesMeta": { - "rxjs": { - "optional": true - }, - "zen-observable": { - "optional": true - } - } - }, "node_modules/@types/node": { - "version": "12.12.50", - "resolved": "https://registry.npmjs.org/@types/node/-/node-12.12.50.tgz", - "integrity": "sha512-5ImO01Fb8YsEOYpV+aeyGYztcYcjGsBvN4D7G5r1ef2cuQOpymjWNQi5V0rKHE6PC2ru3HkoUr/Br2/8GUA84w==", + "version": "14.17.5", + "resolved": "https://registry.npmjs.org/@types/node/-/node-14.17.5.tgz", + "integrity": "sha512-bjqH2cX/O33jXT/UmReo2pM7DIJREPMnarixbQ57DOOzzFaI6D2+IcwaJQaJpv0M1E9TIhPCYVxrkcityLjlqA==", "dev": true }, "node_modules/@types/sinonjs__fake-timers": { @@ -147,6 +87,16 @@ "integrity": "sha512-7EJYyKTL7tFR8+gDbB6Wwz/arpGa0Mywk1TJbNzKzHtzbwVmY4HR9WqS5VV7dsBUKQmPNr192jHr/VpBluj/hg==", "dev": true }, + "node_modules/@types/yauzl": { + "version": "2.9.2", + "resolved": "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.9.2.tgz", + "integrity": "sha512-8uALY5LTvSuHgloDVUvWP3pIauILm+8/0pDMokuDYIoNsOkSwd5AiHBTSEJjKTDcZr5z8UpgOWZkxBF4iJftoA==", + "dev": true, + "optional": true, + "dependencies": { + "@types/node": "*" + } + }, "node_modules/acorn": { "version": "6.4.1", "resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.1.tgz", @@ -165,6 +115,19 @@ "integrity": "sha512-HJ7CfNHrfJLlNTzIEUTj43LNWGkqpRLxm3YjAlcD0ACydk9XynzYsCBHxut+iqt+1aBXkx9UP/w/ZqMr13XIzg==", "dev": true }, + "node_modules/aggregate-error": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz", + "integrity": "sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==", + "dev": true, + "dependencies": { + "clean-stack": "^2.0.0", + "indent-string": "^4.0.0" + }, + "engines": { + "node": ">=8" + } + }, "node_modules/ajv": { "version": "6.10.0", "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.10.0.tgz", @@ -183,6 +146,15 @@ "integrity": "sha512-aUjdRFISbuFOl0EIZc+9e4FfZp0bDZgAdOOf30bJmw8VM9v84SHyVyxDfbWxpGYbdZD/9XoKxfHVNmxPkhwyGw==", "dev": true }, + "node_modules/ansi-colors": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", + "integrity": "sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA==", + "dev": true, + "engines": { + "node": ">=6" + } + }, "node_modules/ansi-escapes": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-3.2.0.tgz", @@ -210,15 +182,6 @@ "node": ">=0.10.0" } }, - "node_modules/any-observable": { - "version": "0.3.0", - "resolved": "https://registry.npmjs.org/any-observable/-/any-observable-0.3.0.tgz", - "integrity": "sha512-/FQM1EDkTsf63Ub2C6O7GuYFDsSXUwsaZDurV0np41ocwq0jthUAYCmhBX9f+KwlaCgIuWyr/4WlUQUBfKfZog==", - "dev": true, - "engines": { - "node": ">=6" - } - }, "node_modules/arch": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/arch/-/arch-2.2.0.tgz", @@ -279,6 +242,15 @@ "node": ">=0.8" } }, + "node_modules/astral-regex": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-2.0.0.tgz", + "integrity": "sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ==", + "dev": true, + "engines": { + "node": ">=8" + } + }, "node_modules/async": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/async/-/async-3.2.0.tgz", @@ -397,12 +369,6 @@ "node": "*" } }, - "node_modules/buffer-from": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz", - "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A==", - "dev": true - }, "node_modules/cachedir": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/cachedir/-/cachedir-2.3.0.tgz", @@ -481,9 +447,9 @@ } }, "node_modules/ci-info": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-2.0.0.tgz", - "integrity": "sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ==", + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.2.0.tgz", + "integrity": "sha512-dVqRX7fLUm8J6FgHJ418XuIgDLZDkYcDFTeL6TA2gt5WlIZUQrrH6EZrNClwT/H0FateUsZkGIOPRrLbP+PR9A==", "dev": true }, "node_modules/circular-json": { @@ -492,16 +458,25 @@ "integrity": "sha512-UZK3NBx2Mca+b5LsG7bY183pHWt5Y1xts4P3Pz7ENTwGVnJOUWbRb3ocjvX7hx9tq/yTAdclXm9sZ38gNuem4A==", "dev": true }, + "node_modules/clean-stack": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz", + "integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==", + "dev": true, + "engines": { + "node": ">=6" + } + }, "node_modules/cli-cursor": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-1.0.2.tgz", - "integrity": "sha1-ZNo/fValRBLll5S9Ytw1KV6PKYc=", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-3.1.0.tgz", + "integrity": "sha512-I/zHAwsKf9FqGoXM4WWRACob9+SNukZTd94DWF57E4toouRulbCxcUh6RKUEOQlYTHJnzkPMySvPNaaSLNfLZw==", "dev": true, "dependencies": { - "restore-cursor": "^1.0.1" + "restore-cursor": "^3.1.0" }, "engines": { - "node": ">=0.10.0" + "node": ">=8" } }, "node_modules/cli-table3": { @@ -521,42 +496,19 @@ } }, "node_modules/cli-truncate": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/cli-truncate/-/cli-truncate-0.2.1.tgz", - "integrity": "sha1-nxXPuwcFAFNpIWxiasfQWrkN1XQ=", - "dev": true, - "dependencies": { - "slice-ansi": "0.0.4", - "string-width": "^1.0.1" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/cli-truncate/node_modules/is-fullwidth-code-point": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz", - "integrity": "sha1-754xOG8DGn8NZDr4L95QxFfvAMs=", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/cli-truncate/-/cli-truncate-2.1.0.tgz", + "integrity": "sha512-n8fOixwDD6b/ObinzTrp1ZKFzbgvKZvuz/TvejnLn1aQfC6r52XEx85FmuC+3HI+JM7coBRXUvNqEU2PHVrHpg==", "dev": true, "dependencies": { - "number-is-nan": "^1.0.0" + "slice-ansi": "^3.0.0", + "string-width": "^4.2.0" }, "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/cli-truncate/node_modules/string-width": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz", - "integrity": "sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M=", - "dev": true, - "dependencies": { - "code-point-at": "^1.0.0", - "is-fullwidth-code-point": "^1.0.0", - "strip-ansi": "^3.0.0" + "node": ">=8" }, - "engines": { - "node": ">=0.10.0" + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, "node_modules/cli-width": { @@ -565,15 +517,6 @@ "integrity": "sha1-/xnt6Kml5XkyQUewwR8PvLq+1jk=", "dev": true }, - "node_modules/code-point-at": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.1.0.tgz", - "integrity": "sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/color-convert": { "version": "1.9.3", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", @@ -589,6 +532,12 @@ "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", "dev": true }, + "node_modules/colorette": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/colorette/-/colorette-1.2.2.tgz", + "integrity": "sha512-MKGMzyfeuutC/ZJ1cba9NqcNpfeqMUcYmyF1ZFY6/Cn7CNSAKx6a+s48sqLqyAiZuaP2TcqMhoo+dlwFnVxT9w==", + "dev": true + }, "node_modules/colors": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/colors/-/colors-1.4.0.tgz", @@ -635,21 +584,6 @@ "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", "dev": true }, - "node_modules/concat-stream": { - "version": "1.6.2", - "resolved": "https://registry.npmjs.org/concat-stream/-/concat-stream-1.6.2.tgz", - "integrity": "sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw==", - "dev": true, - "engines": [ - "node >= 0.8" - ], - "dependencies": { - "buffer-from": "^1.0.0", - "inherits": "^2.0.3", - "readable-stream": "^2.2.2", - "typedarray": "^0.0.6" - } - }, "node_modules/contains-path": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/contains-path/-/contains-path-0.1.0.tgz", @@ -688,48 +622,49 @@ } }, "node_modules/cypress": { - "version": "6.6.0", - "resolved": "https://registry.npmjs.org/cypress/-/cypress-6.6.0.tgz", - "integrity": "sha512-+Xx3Zn653LJHUsCb9h1Keql2jlazbr1ROmbY6DFJMmXKLgXP4ez9cE403W93JNGRbZK0Tng3R/oP8mvd9XAPVg==", + "version": "7.7.0", + "resolved": "https://registry.npmjs.org/cypress/-/cypress-7.7.0.tgz", + "integrity": "sha512-uYBYXNoI5ym0UxROwhQXWTi8JbUEjpC6l/bzoGZNxoKGsLrC1SDPgIDJMgLX/MeEdPL0UInXLDUWN/rSyZUCjQ==", "dev": true, "hasInstallScript": true, "dependencies": { - "@cypress/listr-verbose-renderer": "^0.4.1", "@cypress/request": "^2.88.5", "@cypress/xvfb": "^1.2.4", - "@types/node": "12.12.50", - "@types/sinonjs__fake-timers": "^6.0.1", + "@types/node": "^14.14.31", + "@types/sinonjs__fake-timers": "^6.0.2", "@types/sizzle": "^2.3.2", - "arch": "^2.1.2", - "blob-util": "2.0.2", + "arch": "^2.2.0", + "blob-util": "^2.0.2", "bluebird": "^3.7.2", "cachedir": "^2.3.0", "chalk": "^4.1.0", "check-more-types": "^2.24.0", + "cli-cursor": "^3.1.0", "cli-table3": "~0.6.0", "commander": "^5.1.0", "common-tags": "^1.8.0", - "dayjs": "^1.9.3", - "debug": "4.3.2", - "eventemitter2": "^6.4.2", - "execa": "^4.0.2", + "dayjs": "^1.10.4", + "debug": "^4.3.2", + "enquirer": "^2.3.6", + "eventemitter2": "^6.4.3", + "execa": "4.1.0", "executable": "^4.1.1", - "extract-zip": "^1.7.0", - "fs-extra": "^9.0.1", + "extract-zip": "2.0.1", + "figures": "^3.2.0", + "fs-extra": "^9.1.0", "getos": "^3.2.1", - "is-ci": "^2.0.0", - "is-installed-globally": "^0.3.2", + "is-ci": "^3.0.0", + "is-installed-globally": "~0.4.0", "lazy-ass": "^1.6.0", - "listr": "^0.14.3", - "lodash": "^4.17.19", + "listr2": "^3.8.3", + "lodash": "^4.17.21", "log-symbols": "^4.0.0", "minimist": "^1.2.5", - "moment": "^2.29.1", "ospath": "^1.2.2", - "pretty-bytes": "^5.4.1", + "pretty-bytes": "^5.6.0", "ramda": "~0.27.1", "request-progress": "^3.0.0", - "supports-color": "^7.2.0", + "supports-color": "^8.1.1", "tmp": "~0.2.1", "untildify": "^4.0.0", "url": "^0.11.0", @@ -739,7 +674,7 @@ "cypress": "bin/cypress" }, "engines": { - "node": ">=10.0.0" + "node": ">=12.0.0" } }, "node_modules/cypress/node_modules/ansi-styles": { @@ -773,6 +708,18 @@ "url": "https://github.com/chalk/chalk?sponsor=1" } }, + "node_modules/cypress/node_modules/chalk/node_modules/supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "dev": true, + "dependencies": { + "has-flag": "^4.0.0" + }, + "engines": { + "node": ">=8" + } + }, "node_modules/cypress/node_modules/color-convert": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", @@ -817,12 +764,6 @@ "node": ">=8" } }, - "node_modules/cypress/node_modules/ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, "node_modules/cypress/node_modules/rimraf": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", @@ -839,15 +780,18 @@ } }, "node_modules/cypress/node_modules/supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "version": "8.1.1", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", + "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", "dev": true, "dependencies": { "has-flag": "^4.0.0" }, "engines": { - "node": ">=8" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/supports-color?sponsor=1" } }, "node_modules/cypress/node_modules/tmp": { @@ -874,12 +818,6 @@ "node": ">=0.10" } }, - "node_modules/date-fns": { - "version": "1.30.1", - "resolved": "https://registry.npmjs.org/date-fns/-/date-fns-1.30.1.tgz", - "integrity": "sha512-hBSVCvSmWC+QypYObzwGOd9wqdDpOt+0wl0KbU+R+uuZBS1jN8VsD1ss3irQDknRj5NvxiTF6oj/nDRnN/UQNw==", - "dev": true - }, "node_modules/dayjs": { "version": "1.10.4", "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.10.4.tgz", @@ -973,15 +911,6 @@ "safer-buffer": "^2.1.0" } }, - "node_modules/elegant-spinner": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/elegant-spinner/-/elegant-spinner-1.0.1.tgz", - "integrity": "sha1-2wQ1IcldfjA/2PNFvtwzSc+wcp4=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/emoji-regex": { "version": "8.0.0", "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", @@ -997,6 +926,18 @@ "once": "^1.4.0" } }, + "node_modules/enquirer": { + "version": "2.3.6", + "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.3.6.tgz", + "integrity": "sha512-yjNnPr315/FjS4zIsUxYguYUPP2e1NK4d7E7ZOLiyYCcbFBiTMyID+2wvm2w6+pZ/odMA7cRkjhsPbltwBOrLg==", + "dev": true, + "dependencies": { + "ansi-colors": "^4.1.1" + }, + "engines": { + "node": ">=8.6" + } + }, "node_modules/error-ex": { "version": "1.3.2", "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", @@ -1449,30 +1390,6 @@ "node": ">= 8" } }, - "node_modules/execa/node_modules/mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true, - "engines": { - "node": ">=6" - } - }, - "node_modules/execa/node_modules/onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "dependencies": { - "mimic-fn": "^2.1.0" - }, - "engines": { - "node": ">=6" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/execa/node_modules/path-key": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", @@ -1530,15 +1447,6 @@ "node": ">=4" } }, - "node_modules/exit-hook": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/exit-hook/-/exit-hook-1.1.1.tgz", - "integrity": "sha1-8FyiM7SMBdVP/wd2XfhQfpXAL/g=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/extend": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", @@ -1560,35 +1468,42 @@ } }, "node_modules/extract-zip": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/extract-zip/-/extract-zip-1.7.0.tgz", - "integrity": "sha512-xoh5G1W/PB0/27lXgMQyIhP5DSY/LhoCsOyZgb+6iMmRtCwVBo55uKaMoEYrDCKQhWvqEip5ZPKAc6eFNyf/MA==", + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extract-zip/-/extract-zip-2.0.1.tgz", + "integrity": "sha512-GDhU9ntwuKyGXdZBUgTIe+vXnWj0fppUEtMDL0+idd5Sta8TGpHssn/eusA9mrPr9qNDym6SxAYZjNvCn/9RBg==", "dev": true, "dependencies": { - "concat-stream": "^1.6.2", - "debug": "^2.6.9", - "mkdirp": "^0.5.4", + "debug": "^4.1.1", + "get-stream": "^5.1.0", "yauzl": "^2.10.0" }, "bin": { "extract-zip": "cli.js" + }, + "engines": { + "node": ">= 10.17.0" + }, + "optionalDependencies": { + "@types/yauzl": "^2.9.1" } }, "node_modules/extract-zip/node_modules/debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "version": "4.3.2", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", + "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", "dev": true, "dependencies": { - "ms": "2.0.0" + "ms": "2.1.2" + }, + "engines": { + "node": ">=6.0" + }, + "peerDependenciesMeta": { + "supports-color": { + "optional": true + } } }, - "node_modules/extract-zip/node_modules/ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", - "dev": true - }, "node_modules/extsprintf": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", @@ -1616,17 +1531,28 @@ "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", "dev": true }, + "node_modules/fd-slicer": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/fd-slicer/-/fd-slicer-1.1.0.tgz", + "integrity": "sha1-JcfInLH5B3+IkbvmHY85Dq4lbx4=", + "dev": true, + "dependencies": { + "pend": "~1.2.0" + } + }, "node_modules/figures": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/figures/-/figures-1.7.0.tgz", - "integrity": "sha1-y+Hjr/zxzUS4DK3+0o3Hk6lwHS4=", + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/figures/-/figures-3.2.0.tgz", + "integrity": "sha512-yaduQFRKLXYOGgEn6AZau90j3ggSOyiqXU0F9JZfeXYhNa+Jk4X+s45A2zg5jns87GAFa34BBm2kXw4XpNcbdg==", "dev": true, "dependencies": { - "escape-string-regexp": "^1.0.5", - "object-assign": "^4.1.0" + "escape-string-regexp": "^1.0.5" }, "engines": { - "node": ">=0.10.0" + "node": ">=8" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, "node_modules/file-entry-cache": { @@ -1791,15 +1717,15 @@ } }, "node_modules/global-dirs": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/global-dirs/-/global-dirs-2.1.0.tgz", - "integrity": "sha512-MG6kdOUh/xBnyo9cJFeIKkLEc1AyFq42QTU4XiX51i2NEdxLxLWXIjEjmqKeSuKR7pAZjTqUVoT2b2huxVLgYQ==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/global-dirs/-/global-dirs-3.0.0.tgz", + "integrity": "sha512-v8ho2DS5RiCjftj1nD9NmnfaOzTdud7RRnVd9kFNOjqZbISlx5DQ+OrTkywgd0dIt7oFCvKetZSHoHcP3sDdiA==", "dev": true, "dependencies": { - "ini": "1.3.7" + "ini": "2.0.0" }, "engines": { - "node": ">=8" + "node": ">=10" }, "funding": { "url": "https://github.com/sponsors/sindresorhus" @@ -1954,12 +1880,12 @@ } }, "node_modules/indent-string": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-3.2.0.tgz", - "integrity": "sha1-Sl/W0nzDMvN+VBmlBNu4NxBckok=", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", + "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==", "dev": true, "engines": { - "node": ">=4" + "node": ">=8" } }, "node_modules/inflight": { @@ -1979,10 +1905,13 @@ "dev": true }, "node_modules/ini": { - "version": "1.3.7", - "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.7.tgz", - "integrity": "sha512-iKpRpXP+CrP2jyrxvg1kMUpXDyRUFDWurxbnVT1vQPx+Wz9uCYsMIqYuSBLV+PAaZG/d7kRLKRFc9oDMsH+mFQ==", - "dev": true + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ini/-/ini-2.0.0.tgz", + "integrity": "sha512-7PnF4oN3CvZF23ADhA5wRaYEQpJ8qygSkbtTXWBeXWXmEVRXK+1ITciHWwHhsjv1TmW0MgacIv6hEi5pX5NQdA==", + "dev": true, + "engines": { + "node": ">=10" + } }, "node_modules/inquirer": { "version": "5.2.0", @@ -2116,12 +2045,12 @@ } }, "node_modules/is-ci": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-2.0.0.tgz", - "integrity": "sha512-YfJT7rkpQB0updsdHLGWrvhBJfcfzNNawYDNIyQXJz0IViGf75O8EBPKSdvw2rF+LGCsX4FZ8tcr3b19LcZq4w==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-3.0.0.tgz", + "integrity": "sha512-kDXyttuLeslKAHYL/K28F2YkM3x5jvFPEw3yXbRptXydjD9rpLEz+C5K5iutY9ZiUu6AP41JdvRQwF4Iqs4ZCQ==", "dev": true, "dependencies": { - "ci-info": "^2.0.0" + "ci-info": "^3.1.1" }, "bin": { "is-ci": "bin.js" @@ -2146,42 +2075,21 @@ } }, "node_modules/is-installed-globally": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/is-installed-globally/-/is-installed-globally-0.3.2.tgz", - "integrity": "sha512-wZ8x1js7Ia0kecP/CHM/3ABkAmujX7WPvQk6uu3Fly/Mk44pySulQpnHG46OMjHGXApINnV4QhY3SWnECO2z5g==", + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/is-installed-globally/-/is-installed-globally-0.4.0.tgz", + "integrity": "sha512-iwGqO3J21aaSkC7jWnHP/difazwS7SFeIqxv6wEtLU8Y5KlzFTjyqcSIT0d8s4+dDhKytsk9PJZ2BkS5eZwQRQ==", "dev": true, "dependencies": { - "global-dirs": "^2.0.1", - "is-path-inside": "^3.0.1" + "global-dirs": "^3.0.0", + "is-path-inside": "^3.0.2" }, "engines": { - "node": ">=8" + "node": ">=10" }, "funding": { "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/is-observable": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-observable/-/is-observable-1.1.0.tgz", - "integrity": "sha512-NqCa4Sa2d+u7BWc6CukaObG3Fh+CU9bvixbpcXYhy2VvYS7vVGIdAgnIS5Ks3A/cqk4rebLJ9s8zBstT2aKnIA==", - "dev": true, - "dependencies": { - "symbol-observable": "^1.1.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/is-observable/node_modules/symbol-observable": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-1.2.0.tgz", - "integrity": "sha512-e900nM8RRtGhlV36KGEU9k65K3mPb1WV70OdjfxlG2EAuM1noi/E/BaW/uMhL7bPEssK8QV57vN3esixjUvcXQ==", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/is-path-inside": { "version": "3.0.3", "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz", @@ -2402,171 +2310,31 @@ "node": ">= 0.8.0" } }, - "node_modules/listr": { - "version": "0.14.3", - "resolved": "https://registry.npmjs.org/listr/-/listr-0.14.3.tgz", - "integrity": "sha512-RmAl7su35BFd/xoMamRjpIE4j3v+L28o8CT5YhAXQJm1fD+1l9ngXY8JAQRJ+tFK2i5njvi0iRUKV09vPwA0iA==", - "dev": true, - "dependencies": { - "@samverschueren/stream-to-observable": "^0.3.0", - "is-observable": "^1.1.0", - "is-promise": "^2.1.0", - "is-stream": "^1.1.0", - "listr-silent-renderer": "^1.1.1", - "listr-update-renderer": "^0.5.0", - "listr-verbose-renderer": "^0.5.0", - "p-map": "^2.0.0", - "rxjs": "^6.3.3" - }, - "engines": { - "node": ">=6" - } - }, - "node_modules/listr-silent-renderer": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/listr-silent-renderer/-/listr-silent-renderer-1.1.1.tgz", - "integrity": "sha1-kktaN1cVN3C/Go4/v3S4u/P5JC4=", - "dev": true, - "engines": { - "node": ">=4" - } - }, - "node_modules/listr-update-renderer": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/listr-update-renderer/-/listr-update-renderer-0.5.0.tgz", - "integrity": "sha512-tKRsZpKz8GSGqoI/+caPmfrypiaq+OQCbd+CovEC24uk1h952lVj5sC7SqyFUm+OaJ5HN/a1YLt5cit2FMNsFA==", + "node_modules/listr2": { + "version": "3.10.0", + "resolved": "https://registry.npmjs.org/listr2/-/listr2-3.10.0.tgz", + "integrity": "sha512-eP40ZHihu70sSmqFNbNy2NL1YwImmlMmPh9WO5sLmPDleurMHt3n+SwEWNu2kzKScexZnkyFtc1VI0z/TGlmpw==", "dev": true, "dependencies": { - "chalk": "^1.1.3", - "cli-truncate": "^0.2.1", - "elegant-spinner": "^1.0.1", - "figures": "^1.7.0", - "indent-string": "^3.0.0", - "log-symbols": "^1.0.2", - "log-update": "^2.3.0", - "strip-ansi": "^3.0.1" + "cli-truncate": "^2.1.0", + "colorette": "^1.2.2", + "log-update": "^4.0.0", + "p-map": "^4.0.0", + "rxjs": "^6.6.7", + "through": "^2.3.8", + "wrap-ansi": "^7.0.0" }, "engines": { - "node": ">=6" + "node": ">=10.0.0" }, "peerDependencies": { - "listr": "^0.14.2" - } - }, - "node_modules/listr-update-renderer/node_modules/chalk": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", - "integrity": "sha1-qBFcVeSnAv5NFQq9OHKCKn4J/Jg=", - "dev": true, - "dependencies": { - "ansi-styles": "^2.2.1", - "escape-string-regexp": "^1.0.2", - "has-ansi": "^2.0.0", - "strip-ansi": "^3.0.0", - "supports-color": "^2.0.0" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/listr-update-renderer/node_modules/log-symbols": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-1.0.2.tgz", - "integrity": "sha1-N2/3tY6jCGoPCfrMdGF+ylAeGhg=", - "dev": true, - "dependencies": { - "chalk": "^1.0.0" - }, - "engines": { - "node": ">=0.10.0" - } - }, - "node_modules/listr-update-renderer/node_modules/supports-color": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz", - "integrity": "sha1-U10EXOa2Nj+kARcIRimZXp3zJMc=", - "dev": true, - "engines": { - "node": ">=0.8.0" - } - }, - "node_modules/listr-verbose-renderer": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/listr-verbose-renderer/-/listr-verbose-renderer-0.5.0.tgz", - "integrity": "sha512-04PDPqSlsqIOaaaGZ+41vq5FejI9auqTInicFRndCBgE3bXG8D6W1I+mWhk+1nqbHmyhla/6BUrd5OSiHwKRXw==", - "dev": true, - "dependencies": { - "chalk": "^2.4.1", - "cli-cursor": "^2.1.0", - "date-fns": "^1.27.2", - "figures": "^2.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/listr-verbose-renderer/node_modules/cli-cursor": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-2.1.0.tgz", - "integrity": "sha1-s12sN2R5+sw+lHR9QdDQ9SOP/LU=", - "dev": true, - "dependencies": { - "restore-cursor": "^2.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/listr-verbose-renderer/node_modules/figures": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/figures/-/figures-2.0.0.tgz", - "integrity": "sha1-OrGi0qYsi/tDGgyUy3l6L84nyWI=", - "dev": true, - "dependencies": { - "escape-string-regexp": "^1.0.5" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/listr-verbose-renderer/node_modules/onetime": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-2.0.1.tgz", - "integrity": "sha1-BnQoIw/WdEOyeUsiu6UotoZ5YtQ=", - "dev": true, - "dependencies": { - "mimic-fn": "^1.0.0" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/listr-verbose-renderer/node_modules/restore-cursor": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-2.0.0.tgz", - "integrity": "sha1-n37ih/gv0ybU/RYpI9YhKe7g368=", - "dev": true, - "dependencies": { - "onetime": "^2.0.0", - "signal-exit": "^3.0.2" - }, - "engines": { - "node": ">=4" - } - }, - "node_modules/listr/node_modules/is-stream": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", - "integrity": "sha1-EtSj3U5o4Lec6428hBc66A2RykQ=", - "dev": true, - "engines": { - "node": ">=0.10.0" + "enquirer": ">= 2.3.0 < 3" } }, - "node_modules/listr/node_modules/rxjs": { - "version": "6.6.6", - "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.6.6.tgz", - "integrity": "sha512-/oTwee4N4iWzAMAL9xdGKjkEHmIwupR3oXbQjCKywF1BeFohswF3vZdogbmEF6pZkOsXTzWkrZszrWpQTByYVg==", + "node_modules/listr2/node_modules/rxjs": { + "version": "6.6.7", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.6.7.tgz", + "integrity": "sha512-hTdwr+7yYNIT5n4AMYp85KA6yw2Va0FLa3Rguvbpa4W3I5xynaBZo41cM3XM+4Q6fRMj3sBYIR1VAmZMXYJvRQ==", "dev": true, "dependencies": { "tslib": "^1.9.0" @@ -2707,54 +2475,121 @@ } }, "node_modules/log-update": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/log-update/-/log-update-2.3.0.tgz", - "integrity": "sha1-iDKP19HOeTiykoN0bwsbwSayRwg=", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/log-update/-/log-update-4.0.0.tgz", + "integrity": "sha512-9fkkDevMefjg0mmzWFBW8YkFP91OrizzkW3diF7CpG+S2EYdy4+TVfGwz1zeF8x7hCx1ovSPTOE9Ngib74qqUg==", "dev": true, "dependencies": { - "ansi-escapes": "^3.0.0", - "cli-cursor": "^2.0.0", - "wrap-ansi": "^3.0.1" + "ansi-escapes": "^4.3.0", + "cli-cursor": "^3.1.0", + "slice-ansi": "^4.0.0", + "wrap-ansi": "^6.2.0" }, "engines": { - "node": ">=4" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/log-update/node_modules/cli-cursor": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-2.1.0.tgz", - "integrity": "sha1-s12sN2R5+sw+lHR9QdDQ9SOP/LU=", + "node_modules/log-update/node_modules/ansi-escapes": { + "version": "4.3.2", + "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", + "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", "dev": true, "dependencies": { - "restore-cursor": "^2.0.0" + "type-fest": "^0.21.3" }, "engines": { - "node": ">=4" + "node": ">=8" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/log-update/node_modules/ansi-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", + "dev": true, + "engines": { + "node": ">=8" + } + }, + "node_modules/log-update/node_modules/ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dev": true, + "dependencies": { + "color-convert": "^2.0.1" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/log-update/node_modules/onetime": { + "node_modules/log-update/node_modules/color-convert": { "version": "2.0.1", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-2.0.1.tgz", - "integrity": "sha1-BnQoIw/WdEOyeUsiu6UotoZ5YtQ=", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", "dev": true, "dependencies": { - "mimic-fn": "^1.0.0" + "color-name": "~1.1.4" }, "engines": { - "node": ">=4" + "node": ">=7.0.0" } }, - "node_modules/log-update/node_modules/restore-cursor": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-2.0.0.tgz", - "integrity": "sha1-n37ih/gv0ybU/RYpI9YhKe7g368=", + "node_modules/log-update/node_modules/color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, + "node_modules/log-update/node_modules/slice-ansi": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-4.0.0.tgz", + "integrity": "sha512-qMCMfhY040cVHT43K9BFygqYbUPFZKHOg7K73mtTWJRb8pyP3fzf4Ixd5SzdEJQ6MRUg/WBnOLxghZtKKurENQ==", "dev": true, "dependencies": { - "onetime": "^2.0.0", - "signal-exit": "^3.0.2" + "ansi-styles": "^4.0.0", + "astral-regex": "^2.0.0", + "is-fullwidth-code-point": "^3.0.0" }, "engines": { - "node": ">=4" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/slice-ansi?sponsor=1" + } + }, + "node_modules/log-update/node_modules/strip-ansi": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", + "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==", + "dev": true, + "dependencies": { + "ansi-regex": "^5.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/log-update/node_modules/wrap-ansi": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz", + "integrity": "sha512-r6lPcBGxZXlIcymEu7InxDMhdW0KDxpLgoFLcguasxCaJ/SOIZwINatK9KY/tf+ZrlywOKU0UDj3ATXUBfxJXA==", + "dev": true, + "dependencies": { + "ansi-styles": "^4.0.0", + "string-width": "^4.1.0", + "strip-ansi": "^6.0.0" + }, + "engines": { + "node": ">=8" } }, "node_modules/loose-envify": { @@ -2835,19 +2670,10 @@ "mkdirp": "bin/cmd.js" } }, - "node_modules/moment": { - "version": "2.29.1", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.29.1.tgz", - "integrity": "sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ==", - "dev": true, - "engines": { - "node": "*" - } - }, "node_modules/ms": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz", - "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg==", + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", "dev": true }, "node_modules/mute-stream": { @@ -2901,15 +2727,6 @@ "node": ">=8" } }, - "node_modules/number-is-nan": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.1.tgz", - "integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0=", - "dev": true, - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/oauth-sign": { "version": "0.9.0", "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", @@ -2947,12 +2764,27 @@ } }, "node_modules/onetime": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-1.1.0.tgz", - "integrity": "sha1-ofeDj4MUxRbwXs78vEzP4EtO14k=", + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", + "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", "dev": true, + "dependencies": { + "mimic-fn": "^2.1.0" + }, "engines": { - "node": ">=0.10.0" + "node": ">=6" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } + }, + "node_modules/onetime/node_modules/mimic-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", + "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "dev": true, + "engines": { + "node": ">=6" } }, "node_modules/optionator": { @@ -3018,12 +2850,18 @@ } }, "node_modules/p-map": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/p-map/-/p-map-2.1.0.tgz", - "integrity": "sha512-y3b8Kpd8OAN444hxfBbFfj1FY/RjtTd8tzYwhUqNYXx0fXx2iX4maP4Qr6qhIKbQXI02wTLAda4fYUbDagTUFw==", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/p-map/-/p-map-4.0.0.tgz", + "integrity": "sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==", "dev": true, + "dependencies": { + "aggregate-error": "^3.0.0" + }, "engines": { - "node": ">=6" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" } }, "node_modules/p-try": { @@ -3189,12 +3027,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/process-nextick-args": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", - "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==", - "dev": true - }, "node_modules/progress": { "version": "2.0.3", "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", @@ -3336,21 +3168,6 @@ "node": ">=4" } }, - "node_modules/readable-stream": { - "version": "2.3.7", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.7.tgz", - "integrity": "sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==", - "dev": true, - "dependencies": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.3", - "isarray": "~1.0.0", - "process-nextick-args": "~2.0.0", - "safe-buffer": "~5.1.1", - "string_decoder": "~1.1.1", - "util-deprecate": "~1.0.1" - } - }, "node_modules/regexpp": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/regexpp/-/regexpp-2.0.1.tgz", @@ -3432,16 +3249,16 @@ } }, "node_modules/restore-cursor": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-1.0.1.tgz", - "integrity": "sha1-NGYfRohjJ/7SmRR5FSJS35LapUE=", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz", + "integrity": "sha512-l+sSefzHpj5qimhFSE5a8nufZYAM3sBSVMAPtYkmC+4EH2anSGaEMXSD0izRQbu9nfyQ9y5JrVmp7E8oZrUjvA==", "dev": true, "dependencies": { - "exit-hook": "^1.0.0", - "onetime": "^1.0.0" + "onetime": "^5.1.0", + "signal-exit": "^3.0.2" }, "engines": { - "node": ">=0.10.0" + "node": ">=8" } }, "node_modules/rimraf": { @@ -3541,14 +3358,52 @@ "dev": true }, "node_modules/slice-ansi": { - "version": "0.0.4", - "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-0.0.4.tgz", - "integrity": "sha1-7b+JA/ZvfOL46v1s7tZeJkyDGzU=", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-3.0.0.tgz", + "integrity": "sha512-pSyv7bSTC7ig9Dcgbw9AuRNUb5k5V6oDudjZoMBSr13qpLBG7tB+zgCkARjq7xIUgdz5P1Qe8u+rSGdouOOIyQ==", + "dev": true, + "dependencies": { + "ansi-styles": "^4.0.0", + "astral-regex": "^2.0.0", + "is-fullwidth-code-point": "^3.0.0" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/slice-ansi/node_modules/ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", "dev": true, + "dependencies": { + "color-convert": "^2.0.1" + }, "engines": { - "node": ">=0.10.0" + "node": ">=8" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" + } + }, + "node_modules/slice-ansi/node_modules/color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, + "dependencies": { + "color-name": "~1.1.4" + }, + "engines": { + "node": ">=7.0.0" } }, + "node_modules/slice-ansi/node_modules/color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, "node_modules/spdx-correct": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.1.0.tgz", @@ -3642,15 +3497,6 @@ "pkg-conf": "^2.0.0" } }, - "node_modules/string_decoder": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", - "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", - "dev": true, - "dependencies": { - "safe-buffer": "~5.1.0" - } - }, "node_modules/string-width": { "version": "4.2.2", "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.2.tgz", @@ -3918,11 +3764,17 @@ "node": ">= 0.8.0" } }, - "node_modules/typedarray": { - "version": "0.0.6", - "resolved": "https://registry.npmjs.org/typedarray/-/typedarray-0.0.6.tgz", - "integrity": "sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c=", - "dev": true + "node_modules/type-fest": { + "version": "0.21.3", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", + "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", + "dev": true, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/sponsors/sindresorhus" + } }, "node_modules/uniq": { "version": "1.0.1", @@ -3973,12 +3825,6 @@ "integrity": "sha1-llOgNvt8HuQjQvIyXM7v6jkmxI0=", "dev": true }, - "node_modules/util-deprecate": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", - "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=", - "dev": true - }, "node_modules/uuid": { "version": "3.3.2", "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.2.tgz", @@ -4050,59 +3896,74 @@ "dev": true }, "node_modules/wrap-ansi": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-3.0.1.tgz", - "integrity": "sha1-KIoE2H7aXChuBg3+jxNc6NAH+Lo=", + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", "dev": true, "dependencies": { - "string-width": "^2.1.1", - "strip-ansi": "^4.0.0" + "ansi-styles": "^4.0.0", + "string-width": "^4.1.0", + "strip-ansi": "^6.0.0" }, "engines": { - "node": ">=4" + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/wrap-ansi?sponsor=1" } }, "node_modules/wrap-ansi/node_modules/ansi-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz", - "integrity": "sha1-7QMXwyIGT3lGbAKWa922Bas32Zg=", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", "dev": true, "engines": { - "node": ">=4" + "node": ">=8" } }, - "node_modules/wrap-ansi/node_modules/is-fullwidth-code-point": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz", - "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=", + "node_modules/wrap-ansi/node_modules/ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", "dev": true, + "dependencies": { + "color-convert": "^2.0.1" + }, "engines": { - "node": ">=4" + "node": ">=8" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" } }, - "node_modules/wrap-ansi/node_modules/string-width": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz", - "integrity": "sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw==", + "node_modules/wrap-ansi/node_modules/color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", "dev": true, "dependencies": { - "is-fullwidth-code-point": "^2.0.0", - "strip-ansi": "^4.0.0" + "color-name": "~1.1.4" }, "engines": { - "node": ">=4" + "node": ">=7.0.0" } }, + "node_modules/wrap-ansi/node_modules/color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, "node_modules/wrap-ansi/node_modules/strip-ansi": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz", - "integrity": "sha1-qEeQIusaw2iocTibY1JixQXuNo8=", + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", + "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==", "dev": true, "dependencies": { - "ansi-regex": "^3.0.0" + "ansi-regex": "^5.0.0" }, "engines": { - "node": ">=4" + "node": ">=8" } }, "node_modules/wrappy": { @@ -4141,51 +4002,9 @@ "buffer-crc32": "~0.2.3", "fd-slicer": "~1.1.0" } - }, - "node_modules/yauzl/node_modules/fd-slicer": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/fd-slicer/-/fd-slicer-1.1.0.tgz", - "integrity": "sha1-JcfInLH5B3+IkbvmHY85Dq4lbx4=", - "dev": true, - "dependencies": { - "pend": "~1.2.0" - } } }, "dependencies": { - "@cypress/listr-verbose-renderer": { - "version": "0.4.1", - "resolved": "https://registry.npmjs.org/@cypress/listr-verbose-renderer/-/listr-verbose-renderer-0.4.1.tgz", - "integrity": "sha1-p3SS9LEdzHxEajSz4ochr9M8ZCo=", - "dev": true, - "requires": { - "chalk": "^1.1.3", - "cli-cursor": "^1.0.2", - "date-fns": "^1.27.2", - "figures": "^1.7.0" - }, - "dependencies": { - "chalk": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", - "integrity": "sha1-qBFcVeSnAv5NFQq9OHKCKn4J/Jg=", - "dev": true, - "requires": { - "ansi-styles": "^2.2.1", - "escape-string-regexp": "^1.0.2", - "has-ansi": "^2.0.0", - "strip-ansi": "^3.0.0", - "supports-color": "^2.0.0" - } - }, - "supports-color": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz", - "integrity": "sha1-U10EXOa2Nj+kARcIRimZXp3zJMc=", - "dev": true - } - } - }, "@cypress/request": { "version": "2.88.5", "resolved": "https://registry.npmjs.org/@cypress/request/-/request-2.88.5.tgz", @@ -4236,19 +4055,10 @@ "lodash.once": "^4.1.1" } }, - "@samverschueren/stream-to-observable": { - "version": "0.3.1", - "resolved": "https://registry.npmjs.org/@samverschueren/stream-to-observable/-/stream-to-observable-0.3.1.tgz", - "integrity": "sha512-c/qwwcHyafOQuVQJj0IlBjf5yYgBI7YPJ77k4fOJYesb41jio65eaJODRUmfYKhTOFBrIZ66kgvGPlNbjuoRdQ==", - "dev": true, - "requires": { - "any-observable": "^0.3.0" - } - }, "@types/node": { - "version": "12.12.50", - "resolved": "https://registry.npmjs.org/@types/node/-/node-12.12.50.tgz", - "integrity": "sha512-5ImO01Fb8YsEOYpV+aeyGYztcYcjGsBvN4D7G5r1ef2cuQOpymjWNQi5V0rKHE6PC2ru3HkoUr/Br2/8GUA84w==", + "version": "14.17.5", + "resolved": "https://registry.npmjs.org/@types/node/-/node-14.17.5.tgz", + "integrity": "sha512-bjqH2cX/O33jXT/UmReo2pM7DIJREPMnarixbQ57DOOzzFaI6D2+IcwaJQaJpv0M1E9TIhPCYVxrkcityLjlqA==", "dev": true }, "@types/sinonjs__fake-timers": { @@ -4263,6 +4073,16 @@ "integrity": "sha512-7EJYyKTL7tFR8+gDbB6Wwz/arpGa0Mywk1TJbNzKzHtzbwVmY4HR9WqS5VV7dsBUKQmPNr192jHr/VpBluj/hg==", "dev": true }, + "@types/yauzl": { + "version": "2.9.2", + "resolved": "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.9.2.tgz", + "integrity": "sha512-8uALY5LTvSuHgloDVUvWP3pIauILm+8/0pDMokuDYIoNsOkSwd5AiHBTSEJjKTDcZr5z8UpgOWZkxBF4iJftoA==", + "dev": true, + "optional": true, + "requires": { + "@types/node": "*" + } + }, "acorn": { "version": "6.4.1", "resolved": "https://registry.npmjs.org/acorn/-/acorn-6.4.1.tgz", @@ -4275,6 +4095,16 @@ "integrity": "sha512-HJ7CfNHrfJLlNTzIEUTj43LNWGkqpRLxm3YjAlcD0ACydk9XynzYsCBHxut+iqt+1aBXkx9UP/w/ZqMr13XIzg==", "dev": true }, + "aggregate-error": { + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz", + "integrity": "sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==", + "dev": true, + "requires": { + "clean-stack": "^2.0.0", + "indent-string": "^4.0.0" + } + }, "ajv": { "version": "6.10.0", "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.10.0.tgz", @@ -4293,6 +4123,12 @@ "integrity": "sha512-aUjdRFISbuFOl0EIZc+9e4FfZp0bDZgAdOOf30bJmw8VM9v84SHyVyxDfbWxpGYbdZD/9XoKxfHVNmxPkhwyGw==", "dev": true }, + "ansi-colors": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", + "integrity": "sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA==", + "dev": true + }, "ansi-escapes": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-3.2.0.tgz", @@ -4311,12 +4147,6 @@ "integrity": "sha1-tDLdM1i2NM914eRmQ2gkBTPB3b4=", "dev": true }, - "any-observable": { - "version": "0.3.0", - "resolved": "https://registry.npmjs.org/any-observable/-/any-observable-0.3.0.tgz", - "integrity": "sha512-/FQM1EDkTsf63Ub2C6O7GuYFDsSXUwsaZDurV0np41ocwq0jthUAYCmhBX9f+KwlaCgIuWyr/4WlUQUBfKfZog==", - "dev": true - }, "arch": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/arch/-/arch-2.2.0.tgz", @@ -4357,6 +4187,12 @@ "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", "dev": true }, + "astral-regex": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-2.0.0.tgz", + "integrity": "sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ==", + "dev": true + }, "async": { "version": "3.2.0", "resolved": "https://registry.npmjs.org/async/-/async-3.2.0.tgz", @@ -4462,12 +4298,6 @@ "integrity": "sha1-DTM+PwDqxQqhRUq9MO+MKl2ackI=", "dev": true }, - "buffer-from": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz", - "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A==", - "dev": true - }, "cachedir": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/cachedir/-/cachedir-2.3.0.tgz", @@ -4530,9 +4360,9 @@ "dev": true }, "ci-info": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-2.0.0.tgz", - "integrity": "sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ==", + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.2.0.tgz", + "integrity": "sha512-dVqRX7fLUm8J6FgHJ418XuIgDLZDkYcDFTeL6TA2gt5WlIZUQrrH6EZrNClwT/H0FateUsZkGIOPRrLbP+PR9A==", "dev": true }, "circular-json": { @@ -4541,13 +4371,19 @@ "integrity": "sha512-UZK3NBx2Mca+b5LsG7bY183pHWt5Y1xts4P3Pz7ENTwGVnJOUWbRb3ocjvX7hx9tq/yTAdclXm9sZ38gNuem4A==", "dev": true }, + "clean-stack": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz", + "integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==", + "dev": true + }, "cli-cursor": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-1.0.2.tgz", - "integrity": "sha1-ZNo/fValRBLll5S9Ytw1KV6PKYc=", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-3.1.0.tgz", + "integrity": "sha512-I/zHAwsKf9FqGoXM4WWRACob9+SNukZTd94DWF57E4toouRulbCxcUh6RKUEOQlYTHJnzkPMySvPNaaSLNfLZw==", "dev": true, "requires": { - "restore-cursor": "^1.0.1" + "restore-cursor": "^3.1.0" } }, "cli-table3": { @@ -4562,35 +4398,13 @@ } }, "cli-truncate": { - "version": "0.2.1", - "resolved": "https://registry.npmjs.org/cli-truncate/-/cli-truncate-0.2.1.tgz", - "integrity": "sha1-nxXPuwcFAFNpIWxiasfQWrkN1XQ=", + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/cli-truncate/-/cli-truncate-2.1.0.tgz", + "integrity": "sha512-n8fOixwDD6b/ObinzTrp1ZKFzbgvKZvuz/TvejnLn1aQfC6r52XEx85FmuC+3HI+JM7coBRXUvNqEU2PHVrHpg==", "dev": true, "requires": { - "slice-ansi": "0.0.4", - "string-width": "^1.0.1" - }, - "dependencies": { - "is-fullwidth-code-point": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz", - "integrity": "sha1-754xOG8DGn8NZDr4L95QxFfvAMs=", - "dev": true, - "requires": { - "number-is-nan": "^1.0.0" - } - }, - "string-width": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz", - "integrity": "sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M=", - "dev": true, - "requires": { - "code-point-at": "^1.0.0", - "is-fullwidth-code-point": "^1.0.0", - "strip-ansi": "^3.0.0" - } - } + "slice-ansi": "^3.0.0", + "string-width": "^4.2.0" } }, "cli-width": { @@ -4599,12 +4413,6 @@ "integrity": "sha1-/xnt6Kml5XkyQUewwR8PvLq+1jk=", "dev": true }, - "code-point-at": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.1.0.tgz", - "integrity": "sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c=", - "dev": true - }, "color-convert": { "version": "1.9.3", "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", @@ -4620,6 +4428,12 @@ "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=", "dev": true }, + "colorette": { + "version": "1.2.2", + "resolved": "https://registry.npmjs.org/colorette/-/colorette-1.2.2.tgz", + "integrity": "sha512-MKGMzyfeuutC/ZJ1cba9NqcNpfeqMUcYmyF1ZFY6/Cn7CNSAKx6a+s48sqLqyAiZuaP2TcqMhoo+dlwFnVxT9w==", + "dev": true + }, "colors": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/colors/-/colors-1.4.0.tgz", @@ -4654,18 +4468,6 @@ "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=", "dev": true }, - "concat-stream": { - "version": "1.6.2", - "resolved": "https://registry.npmjs.org/concat-stream/-/concat-stream-1.6.2.tgz", - "integrity": "sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw==", - "dev": true, - "requires": { - "buffer-from": "^1.0.0", - "inherits": "^2.0.3", - "readable-stream": "^2.2.2", - "typedarray": "^0.0.6" - } - }, "contains-path": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/contains-path/-/contains-path-0.1.0.tgz", @@ -4698,47 +4500,48 @@ } }, "cypress": { - "version": "6.6.0", - "resolved": "https://registry.npmjs.org/cypress/-/cypress-6.6.0.tgz", - "integrity": "sha512-+Xx3Zn653LJHUsCb9h1Keql2jlazbr1ROmbY6DFJMmXKLgXP4ez9cE403W93JNGRbZK0Tng3R/oP8mvd9XAPVg==", + "version": "7.7.0", + "resolved": "https://registry.npmjs.org/cypress/-/cypress-7.7.0.tgz", + "integrity": "sha512-uYBYXNoI5ym0UxROwhQXWTi8JbUEjpC6l/bzoGZNxoKGsLrC1SDPgIDJMgLX/MeEdPL0UInXLDUWN/rSyZUCjQ==", "dev": true, "requires": { - "@cypress/listr-verbose-renderer": "^0.4.1", "@cypress/request": "^2.88.5", "@cypress/xvfb": "^1.2.4", - "@types/node": "12.12.50", - "@types/sinonjs__fake-timers": "^6.0.1", + "@types/node": "^14.14.31", + "@types/sinonjs__fake-timers": "^6.0.2", "@types/sizzle": "^2.3.2", - "arch": "^2.1.2", - "blob-util": "2.0.2", + "arch": "^2.2.0", + "blob-util": "^2.0.2", "bluebird": "^3.7.2", "cachedir": "^2.3.0", "chalk": "^4.1.0", "check-more-types": "^2.24.0", + "cli-cursor": "^3.1.0", "cli-table3": "~0.6.0", "commander": "^5.1.0", "common-tags": "^1.8.0", - "dayjs": "^1.9.3", - "debug": "4.3.2", - "eventemitter2": "^6.4.2", - "execa": "^4.0.2", + "dayjs": "^1.10.4", + "debug": "^4.3.2", + "enquirer": "^2.3.6", + "eventemitter2": "^6.4.3", + "execa": "4.1.0", "executable": "^4.1.1", - "extract-zip": "^1.7.0", - "fs-extra": "^9.0.1", + "extract-zip": "2.0.1", + "figures": "^3.2.0", + "fs-extra": "^9.1.0", "getos": "^3.2.1", - "is-ci": "^2.0.0", - "is-installed-globally": "^0.3.2", + "is-ci": "^3.0.0", + "is-installed-globally": "~0.4.0", "lazy-ass": "^1.6.0", - "listr": "^0.14.3", - "lodash": "^4.17.19", + "listr2": "^3.8.3", + "lodash": "^4.17.21", "log-symbols": "^4.0.0", "minimist": "^1.2.5", - "moment": "^2.29.1", "ospath": "^1.2.2", - "pretty-bytes": "^5.4.1", + "pretty-bytes": "^5.6.0", "ramda": "~0.27.1", "request-progress": "^3.0.0", - "supports-color": "^7.2.0", + "supports-color": "^8.1.1", "tmp": "~0.2.1", "untildify": "^4.0.0", "url": "^0.11.0", @@ -4762,6 +4565,17 @@ "requires": { "ansi-styles": "^4.1.0", "supports-color": "^7.1.0" + }, + "dependencies": { + "supports-color": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", + "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "dev": true, + "requires": { + "has-flag": "^4.0.0" + } + } } }, "color-convert": { @@ -4794,12 +4608,6 @@ "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==", "dev": true }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", - "dev": true - }, "rimraf": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz", @@ -4810,9 +4618,9 @@ } }, "supports-color": { - "version": "7.2.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz", - "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==", + "version": "8.1.1", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz", + "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==", "dev": true, "requires": { "has-flag": "^4.0.0" @@ -4838,12 +4646,6 @@ "assert-plus": "^1.0.0" } }, - "date-fns": { - "version": "1.30.1", - "resolved": "https://registry.npmjs.org/date-fns/-/date-fns-1.30.1.tgz", - "integrity": "sha512-hBSVCvSmWC+QypYObzwGOd9wqdDpOt+0wl0KbU+R+uuZBS1jN8VsD1ss3irQDknRj5NvxiTF6oj/nDRnN/UQNw==", - "dev": true - }, "dayjs": { "version": "1.10.4", "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.10.4.tgz", @@ -4927,12 +4729,6 @@ "safer-buffer": "^2.1.0" } }, - "elegant-spinner": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/elegant-spinner/-/elegant-spinner-1.0.1.tgz", - "integrity": "sha1-2wQ1IcldfjA/2PNFvtwzSc+wcp4=", - "dev": true - }, "emoji-regex": { "version": "8.0.0", "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz", @@ -4948,6 +4744,15 @@ "once": "^1.4.0" } }, + "enquirer": { + "version": "2.3.6", + "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.3.6.tgz", + "integrity": "sha512-yjNnPr315/FjS4zIsUxYguYUPP2e1NK4d7E7ZOLiyYCcbFBiTMyID+2wvm2w6+pZ/odMA7cRkjhsPbltwBOrLg==", + "dev": true, + "requires": { + "ansi-colors": "^4.1.1" + } + }, "error-ex": { "version": "1.3.2", "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz", @@ -5325,21 +5130,6 @@ "which": "^2.0.1" } }, - "mimic-fn": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", - "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", - "dev": true - }, - "onetime": { - "version": "5.1.2", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", - "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", - "dev": true, - "requires": { - "mimic-fn": "^2.1.0" - } - }, "path-key": { "version": "3.1.1", "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz", @@ -5381,12 +5171,6 @@ "pify": "^2.2.0" } }, - "exit-hook": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/exit-hook/-/exit-hook-1.1.1.tgz", - "integrity": "sha1-8FyiM7SMBdVP/wd2XfhQfpXAL/g=", - "dev": true - }, "extend": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", @@ -5405,31 +5189,25 @@ } }, "extract-zip": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/extract-zip/-/extract-zip-1.7.0.tgz", - "integrity": "sha512-xoh5G1W/PB0/27lXgMQyIhP5DSY/LhoCsOyZgb+6iMmRtCwVBo55uKaMoEYrDCKQhWvqEip5ZPKAc6eFNyf/MA==", + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/extract-zip/-/extract-zip-2.0.1.tgz", + "integrity": "sha512-GDhU9ntwuKyGXdZBUgTIe+vXnWj0fppUEtMDL0+idd5Sta8TGpHssn/eusA9mrPr9qNDym6SxAYZjNvCn/9RBg==", "dev": true, "requires": { - "concat-stream": "^1.6.2", - "debug": "^2.6.9", - "mkdirp": "^0.5.4", + "@types/yauzl": "^2.9.1", + "debug": "^4.1.1", + "get-stream": "^5.1.0", "yauzl": "^2.10.0" }, "dependencies": { "debug": { - "version": "2.6.9", - "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", - "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "version": "4.3.2", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", + "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", "dev": true, "requires": { - "ms": "2.0.0" + "ms": "2.1.2" } - }, - "ms": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", - "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", - "dev": true } } }, @@ -5457,14 +5235,22 @@ "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=", "dev": true }, + "fd-slicer": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/fd-slicer/-/fd-slicer-1.1.0.tgz", + "integrity": "sha1-JcfInLH5B3+IkbvmHY85Dq4lbx4=", + "dev": true, + "requires": { + "pend": "~1.2.0" + } + }, "figures": { - "version": "1.7.0", - "resolved": "https://registry.npmjs.org/figures/-/figures-1.7.0.tgz", - "integrity": "sha1-y+Hjr/zxzUS4DK3+0o3Hk6lwHS4=", + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/figures/-/figures-3.2.0.tgz", + "integrity": "sha512-yaduQFRKLXYOGgEn6AZau90j3ggSOyiqXU0F9JZfeXYhNa+Jk4X+s45A2zg5jns87GAFa34BBm2kXw4XpNcbdg==", "dev": true, "requires": { - "escape-string-regexp": "^1.0.5", - "object-assign": "^4.1.0" + "escape-string-regexp": "^1.0.5" } }, "file-entry-cache": { @@ -5599,12 +5385,12 @@ } }, "global-dirs": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/global-dirs/-/global-dirs-2.1.0.tgz", - "integrity": "sha512-MG6kdOUh/xBnyo9cJFeIKkLEc1AyFq42QTU4XiX51i2NEdxLxLWXIjEjmqKeSuKR7pAZjTqUVoT2b2huxVLgYQ==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/global-dirs/-/global-dirs-3.0.0.tgz", + "integrity": "sha512-v8ho2DS5RiCjftj1nD9NmnfaOzTdud7RRnVd9kFNOjqZbISlx5DQ+OrTkywgd0dIt7oFCvKetZSHoHcP3sDdiA==", "dev": true, "requires": { - "ini": "1.3.7" + "ini": "2.0.0" } }, "globals": { @@ -5716,9 +5502,9 @@ "dev": true }, "indent-string": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-3.2.0.tgz", - "integrity": "sha1-Sl/W0nzDMvN+VBmlBNu4NxBckok=", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", + "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==", "dev": true }, "inflight": { @@ -5738,9 +5524,9 @@ "dev": true }, "ini": { - "version": "1.3.7", - "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.7.tgz", - "integrity": "sha512-iKpRpXP+CrP2jyrxvg1kMUpXDyRUFDWurxbnVT1vQPx+Wz9uCYsMIqYuSBLV+PAaZG/d7kRLKRFc9oDMsH+mFQ==", + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ini/-/ini-2.0.0.tgz", + "integrity": "sha512-7PnF4oN3CvZF23ADhA5wRaYEQpJ8qygSkbtTXWBeXWXmEVRXK+1ITciHWwHhsjv1TmW0MgacIv6hEi5pX5NQdA==", "dev": true }, "inquirer": { @@ -5847,12 +5633,12 @@ "dev": true }, "is-ci": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-2.0.0.tgz", - "integrity": "sha512-YfJT7rkpQB0updsdHLGWrvhBJfcfzNNawYDNIyQXJz0IViGf75O8EBPKSdvw2rF+LGCsX4FZ8tcr3b19LcZq4w==", + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-3.0.0.tgz", + "integrity": "sha512-kDXyttuLeslKAHYL/K28F2YkM3x5jvFPEw3yXbRptXydjD9rpLEz+C5K5iutY9ZiUu6AP41JdvRQwF4Iqs4ZCQ==", "dev": true, "requires": { - "ci-info": "^2.0.0" + "ci-info": "^3.1.1" } }, "is-date-object": { @@ -5868,30 +5654,13 @@ "dev": true }, "is-installed-globally": { - "version": "0.3.2", - "resolved": "https://registry.npmjs.org/is-installed-globally/-/is-installed-globally-0.3.2.tgz", - "integrity": "sha512-wZ8x1js7Ia0kecP/CHM/3ABkAmujX7WPvQk6uu3Fly/Mk44pySulQpnHG46OMjHGXApINnV4QhY3SWnECO2z5g==", - "dev": true, - "requires": { - "global-dirs": "^2.0.1", - "is-path-inside": "^3.0.1" - } - }, - "is-observable": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-observable/-/is-observable-1.1.0.tgz", - "integrity": "sha512-NqCa4Sa2d+u7BWc6CukaObG3Fh+CU9bvixbpcXYhy2VvYS7vVGIdAgnIS5Ks3A/cqk4rebLJ9s8zBstT2aKnIA==", + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/is-installed-globally/-/is-installed-globally-0.4.0.tgz", + "integrity": "sha512-iwGqO3J21aaSkC7jWnHP/difazwS7SFeIqxv6wEtLU8Y5KlzFTjyqcSIT0d8s4+dDhKytsk9PJZ2BkS5eZwQRQ==", "dev": true, "requires": { - "symbol-observable": "^1.1.0" - }, - "dependencies": { - "symbol-observable": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-1.2.0.tgz", - "integrity": "sha512-e900nM8RRtGhlV36KGEU9k65K3mPb1WV70OdjfxlG2EAuM1noi/E/BaW/uMhL7bPEssK8QV57vN3esixjUvcXQ==", - "dev": true - } + "global-dirs": "^3.0.0", + "is-path-inside": "^3.0.2" } }, "is-path-inside": { @@ -6053,165 +5822,54 @@ "json-schema": "0.2.3", "verror": "1.10.0" } - }, - "jsx-ast-utils": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/jsx-ast-utils/-/jsx-ast-utils-2.1.0.tgz", - "integrity": "sha512-yDGDG2DS4JcqhA6blsuYbtsT09xL8AoLuUR2Gb5exrw7UEM19sBcOTq+YBBhrNbl0PUC4R4LnFu+dHg2HKeVvA==", - "dev": true, - "requires": { - "array-includes": "^3.0.3" - } - }, - "lazy-ass": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/lazy-ass/-/lazy-ass-1.6.0.tgz", - "integrity": "sha1-eZllXoZGwX8In90YfRUNMyTVRRM=", - "dev": true - }, - "levn": { - "version": "0.3.0", - "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", - "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=", - "dev": true, - "requires": { - "prelude-ls": "~1.1.2", - "type-check": "~0.3.2" - } - }, - "listr": { - "version": "0.14.3", - "resolved": "https://registry.npmjs.org/listr/-/listr-0.14.3.tgz", - "integrity": "sha512-RmAl7su35BFd/xoMamRjpIE4j3v+L28o8CT5YhAXQJm1fD+1l9ngXY8JAQRJ+tFK2i5njvi0iRUKV09vPwA0iA==", - "dev": true, - "requires": { - "@samverschueren/stream-to-observable": "^0.3.0", - "is-observable": "^1.1.0", - "is-promise": "^2.1.0", - "is-stream": "^1.1.0", - "listr-silent-renderer": "^1.1.1", - "listr-update-renderer": "^0.5.0", - "listr-verbose-renderer": "^0.5.0", - "p-map": "^2.0.0", - "rxjs": "^6.3.3" - }, - "dependencies": { - "is-stream": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", - "integrity": "sha1-EtSj3U5o4Lec6428hBc66A2RykQ=", - "dev": true - }, - "rxjs": { - "version": "6.6.6", - "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.6.6.tgz", - "integrity": "sha512-/oTwee4N4iWzAMAL9xdGKjkEHmIwupR3oXbQjCKywF1BeFohswF3vZdogbmEF6pZkOsXTzWkrZszrWpQTByYVg==", - "dev": true, - "requires": { - "tslib": "^1.9.0" - } - } - } - }, - "listr-silent-renderer": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/listr-silent-renderer/-/listr-silent-renderer-1.1.1.tgz", - "integrity": "sha1-kktaN1cVN3C/Go4/v3S4u/P5JC4=", - "dev": true - }, - "listr-update-renderer": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/listr-update-renderer/-/listr-update-renderer-0.5.0.tgz", - "integrity": "sha512-tKRsZpKz8GSGqoI/+caPmfrypiaq+OQCbd+CovEC24uk1h952lVj5sC7SqyFUm+OaJ5HN/a1YLt5cit2FMNsFA==", - "dev": true, - "requires": { - "chalk": "^1.1.3", - "cli-truncate": "^0.2.1", - "elegant-spinner": "^1.0.1", - "figures": "^1.7.0", - "indent-string": "^3.0.0", - "log-symbols": "^1.0.2", - "log-update": "^2.3.0", - "strip-ansi": "^3.0.1" - }, - "dependencies": { - "chalk": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", - "integrity": "sha1-qBFcVeSnAv5NFQq9OHKCKn4J/Jg=", - "dev": true, - "requires": { - "ansi-styles": "^2.2.1", - "escape-string-regexp": "^1.0.2", - "has-ansi": "^2.0.0", - "strip-ansi": "^3.0.0", - "supports-color": "^2.0.0" - } - }, - "log-symbols": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-1.0.2.tgz", - "integrity": "sha1-N2/3tY6jCGoPCfrMdGF+ylAeGhg=", - "dev": true, - "requires": { - "chalk": "^1.0.0" - } - }, - "supports-color": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz", - "integrity": "sha1-U10EXOa2Nj+kARcIRimZXp3zJMc=", - "dev": true - } + }, + "jsx-ast-utils": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/jsx-ast-utils/-/jsx-ast-utils-2.1.0.tgz", + "integrity": "sha512-yDGDG2DS4JcqhA6blsuYbtsT09xL8AoLuUR2Gb5exrw7UEM19sBcOTq+YBBhrNbl0PUC4R4LnFu+dHg2HKeVvA==", + "dev": true, + "requires": { + "array-includes": "^3.0.3" + } + }, + "lazy-ass": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/lazy-ass/-/lazy-ass-1.6.0.tgz", + "integrity": "sha1-eZllXoZGwX8In90YfRUNMyTVRRM=", + "dev": true + }, + "levn": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz", + "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=", + "dev": true, + "requires": { + "prelude-ls": "~1.1.2", + "type-check": "~0.3.2" } }, - "listr-verbose-renderer": { - "version": "0.5.0", - "resolved": "https://registry.npmjs.org/listr-verbose-renderer/-/listr-verbose-renderer-0.5.0.tgz", - "integrity": "sha512-04PDPqSlsqIOaaaGZ+41vq5FejI9auqTInicFRndCBgE3bXG8D6W1I+mWhk+1nqbHmyhla/6BUrd5OSiHwKRXw==", + "listr2": { + "version": "3.10.0", + "resolved": "https://registry.npmjs.org/listr2/-/listr2-3.10.0.tgz", + "integrity": "sha512-eP40ZHihu70sSmqFNbNy2NL1YwImmlMmPh9WO5sLmPDleurMHt3n+SwEWNu2kzKScexZnkyFtc1VI0z/TGlmpw==", "dev": true, "requires": { - "chalk": "^2.4.1", - "cli-cursor": "^2.1.0", - "date-fns": "^1.27.2", - "figures": "^2.0.0" + "cli-truncate": "^2.1.0", + "colorette": "^1.2.2", + "log-update": "^4.0.0", + "p-map": "^4.0.0", + "rxjs": "^6.6.7", + "through": "^2.3.8", + "wrap-ansi": "^7.0.0" }, "dependencies": { - "cli-cursor": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-2.1.0.tgz", - "integrity": "sha1-s12sN2R5+sw+lHR9QdDQ9SOP/LU=", - "dev": true, - "requires": { - "restore-cursor": "^2.0.0" - } - }, - "figures": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/figures/-/figures-2.0.0.tgz", - "integrity": "sha1-OrGi0qYsi/tDGgyUy3l6L84nyWI=", - "dev": true, - "requires": { - "escape-string-regexp": "^1.0.5" - } - }, - "onetime": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-2.0.1.tgz", - "integrity": "sha1-BnQoIw/WdEOyeUsiu6UotoZ5YtQ=", - "dev": true, - "requires": { - "mimic-fn": "^1.0.0" - } - }, - "restore-cursor": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-2.0.0.tgz", - "integrity": "sha1-n37ih/gv0ybU/RYpI9YhKe7g368=", + "rxjs": { + "version": "6.6.7", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.6.7.tgz", + "integrity": "sha512-hTdwr+7yYNIT5n4AMYp85KA6yw2Va0FLa3Rguvbpa4W3I5xynaBZo41cM3XM+4Q6fRMj3sBYIR1VAmZMXYJvRQ==", "dev": true, "requires": { - "onetime": "^2.0.0", - "signal-exit": "^3.0.2" + "tslib": "^1.9.0" } } } @@ -6319,42 +5977,85 @@ } }, "log-update": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/log-update/-/log-update-2.3.0.tgz", - "integrity": "sha1-iDKP19HOeTiykoN0bwsbwSayRwg=", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/log-update/-/log-update-4.0.0.tgz", + "integrity": "sha512-9fkkDevMefjg0mmzWFBW8YkFP91OrizzkW3diF7CpG+S2EYdy4+TVfGwz1zeF8x7hCx1ovSPTOE9Ngib74qqUg==", "dev": true, "requires": { - "ansi-escapes": "^3.0.0", - "cli-cursor": "^2.0.0", - "wrap-ansi": "^3.0.1" + "ansi-escapes": "^4.3.0", + "cli-cursor": "^3.1.0", + "slice-ansi": "^4.0.0", + "wrap-ansi": "^6.2.0" }, "dependencies": { - "cli-cursor": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-2.1.0.tgz", - "integrity": "sha1-s12sN2R5+sw+lHR9QdDQ9SOP/LU=", + "ansi-escapes": { + "version": "4.3.2", + "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", + "integrity": "sha512-gKXj5ALrKWQLsYG9jlTRmR/xKluxHV+Z9QEwNIgCfM1/uwPMCuzVVnh5mwTd+OuBZcwSIMbqssNWRm1lE51QaQ==", "dev": true, "requires": { - "restore-cursor": "^2.0.0" + "type-fest": "^0.21.3" } }, - "onetime": { + "ansi-regex": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", + "dev": true + }, + "ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dev": true, + "requires": { + "color-convert": "^2.0.1" + } + }, + "color-convert": { "version": "2.0.1", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-2.0.1.tgz", - "integrity": "sha1-BnQoIw/WdEOyeUsiu6UotoZ5YtQ=", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", "dev": true, "requires": { - "mimic-fn": "^1.0.0" + "color-name": "~1.1.4" } }, - "restore-cursor": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-2.0.0.tgz", - "integrity": "sha1-n37ih/gv0ybU/RYpI9YhKe7g368=", + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, + "slice-ansi": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-4.0.0.tgz", + "integrity": "sha512-qMCMfhY040cVHT43K9BFygqYbUPFZKHOg7K73mtTWJRb8pyP3fzf4Ixd5SzdEJQ6MRUg/WBnOLxghZtKKurENQ==", "dev": true, "requires": { - "onetime": "^2.0.0", - "signal-exit": "^3.0.2" + "ansi-styles": "^4.0.0", + "astral-regex": "^2.0.0", + "is-fullwidth-code-point": "^3.0.0" + } + }, + "strip-ansi": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", + "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==", + "dev": true, + "requires": { + "ansi-regex": "^5.0.0" + } + }, + "wrap-ansi": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-6.2.0.tgz", + "integrity": "sha512-r6lPcBGxZXlIcymEu7InxDMhdW0KDxpLgoFLcguasxCaJ/SOIZwINatK9KY/tf+ZrlywOKU0UDj3ATXUBfxJXA==", + "dev": true, + "requires": { + "ansi-styles": "^4.0.0", + "string-width": "^4.1.0", + "strip-ansi": "^6.0.0" } } } @@ -6419,16 +6120,10 @@ "minimist": "^1.2.5" } }, - "moment": { - "version": "2.29.1", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.29.1.tgz", - "integrity": "sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ==", - "dev": true - }, "ms": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz", - "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg==", + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", + "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==", "dev": true }, "mute-stream": { @@ -6478,12 +6173,6 @@ } } }, - "number-is-nan": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.1.tgz", - "integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0=", - "dev": true - }, "oauth-sign": { "version": "0.9.0", "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", @@ -6512,10 +6201,21 @@ } }, "onetime": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/onetime/-/onetime-1.1.0.tgz", - "integrity": "sha1-ofeDj4MUxRbwXs78vEzP4EtO14k=", - "dev": true + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz", + "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==", + "dev": true, + "requires": { + "mimic-fn": "^2.1.0" + }, + "dependencies": { + "mimic-fn": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz", + "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==", + "dev": true + } + } }, "optionator": { "version": "0.8.2", @@ -6568,10 +6268,13 @@ } }, "p-map": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/p-map/-/p-map-2.1.0.tgz", - "integrity": "sha512-y3b8Kpd8OAN444hxfBbFfj1FY/RjtTd8tzYwhUqNYXx0fXx2iX4maP4Qr6qhIKbQXI02wTLAda4fYUbDagTUFw==", - "dev": true + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/p-map/-/p-map-4.0.0.tgz", + "integrity": "sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==", + "dev": true, + "requires": { + "aggregate-error": "^3.0.0" + } }, "p-try": { "version": "1.0.0", @@ -6691,12 +6394,6 @@ "integrity": "sha512-FFw039TmrBqFK8ma/7OL3sDz/VytdtJr044/QUJtH0wK9lb9jLq9tJyIxUwtQJHwar2BqtiA4iCWSwo9JLkzFg==", "dev": true }, - "process-nextick-args": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", - "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag==", - "dev": true - }, "progress": { "version": "2.0.3", "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz", @@ -6813,21 +6510,6 @@ } } }, - "readable-stream": { - "version": "2.3.7", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.7.tgz", - "integrity": "sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==", - "dev": true, - "requires": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.3", - "isarray": "~1.0.0", - "process-nextick-args": "~2.0.0", - "safe-buffer": "~5.1.1", - "string_decoder": "~1.1.1", - "util-deprecate": "~1.0.1" - } - }, "regexpp": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/regexpp/-/regexpp-2.0.1.tgz", @@ -6897,13 +6579,13 @@ "dev": true }, "restore-cursor": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-1.0.1.tgz", - "integrity": "sha1-NGYfRohjJ/7SmRR5FSJS35LapUE=", + "version": "3.1.0", + "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz", + "integrity": "sha512-l+sSefzHpj5qimhFSE5a8nufZYAM3sBSVMAPtYkmC+4EH2anSGaEMXSD0izRQbu9nfyQ9y5JrVmp7E8oZrUjvA==", "dev": true, "requires": { - "exit-hook": "^1.0.0", - "onetime": "^1.0.0" + "onetime": "^5.1.0", + "signal-exit": "^3.0.2" } }, "rimraf": { @@ -6985,10 +6667,41 @@ "dev": true }, "slice-ansi": { - "version": "0.0.4", - "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-0.0.4.tgz", - "integrity": "sha1-7b+JA/ZvfOL46v1s7tZeJkyDGzU=", - "dev": true + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-3.0.0.tgz", + "integrity": "sha512-pSyv7bSTC7ig9Dcgbw9AuRNUb5k5V6oDudjZoMBSr13qpLBG7tB+zgCkARjq7xIUgdz5P1Qe8u+rSGdouOOIyQ==", + "dev": true, + "requires": { + "ansi-styles": "^4.0.0", + "astral-regex": "^2.0.0", + "is-fullwidth-code-point": "^3.0.0" + }, + "dependencies": { + "ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dev": true, + "requires": { + "color-convert": "^2.0.1" + } + }, + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", + "dev": true, + "requires": { + "color-name": "~1.1.4" + } + }, + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + } + } }, "spdx-correct": { "version": "3.1.0", @@ -7074,15 +6787,6 @@ "pkg-conf": "^2.0.0" } }, - "string_decoder": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz", - "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==", - "dev": true, - "requires": { - "safe-buffer": "~5.1.0" - } - }, "string-width": { "version": "4.2.2", "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.2.tgz", @@ -7301,10 +7005,10 @@ "prelude-ls": "~1.1.2" } }, - "typedarray": { - "version": "0.0.6", - "resolved": "https://registry.npmjs.org/typedarray/-/typedarray-0.0.6.tgz", - "integrity": "sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c=", + "type-fest": { + "version": "0.21.3", + "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.21.3.tgz", + "integrity": "sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==", "dev": true }, "uniq": { @@ -7352,12 +7056,6 @@ } } }, - "util-deprecate": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", - "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=", - "dev": true - }, "uuid": { "version": "3.3.2", "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.2.tgz", @@ -7414,44 +7112,53 @@ "dev": true }, "wrap-ansi": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-3.0.1.tgz", - "integrity": "sha1-KIoE2H7aXChuBg3+jxNc6NAH+Lo=", + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz", + "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==", "dev": true, "requires": { - "string-width": "^2.1.1", - "strip-ansi": "^4.0.0" + "ansi-styles": "^4.0.0", + "string-width": "^4.1.0", + "strip-ansi": "^6.0.0" }, "dependencies": { "ansi-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz", - "integrity": "sha1-7QMXwyIGT3lGbAKWa922Bas32Zg=", + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz", + "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==", "dev": true }, - "is-fullwidth-code-point": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz", - "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=", - "dev": true + "ansi-styles": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz", + "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==", + "dev": true, + "requires": { + "color-convert": "^2.0.1" + } }, - "string-width": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz", - "integrity": "sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw==", + "color-convert": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz", + "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==", "dev": true, "requires": { - "is-fullwidth-code-point": "^2.0.0", - "strip-ansi": "^4.0.0" + "color-name": "~1.1.4" } }, + "color-name": { + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz", + "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==", + "dev": true + }, "strip-ansi": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz", - "integrity": "sha1-qEeQIusaw2iocTibY1JixQXuNo8=", + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz", + "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==", "dev": true, "requires": { - "ansi-regex": "^3.0.0" + "ansi-regex": "^5.0.0" } } } @@ -7485,17 +7192,6 @@ "requires": { "buffer-crc32": "~0.2.3", "fd-slicer": "~1.1.0" - }, - "dependencies": { - "fd-slicer": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/fd-slicer/-/fd-slicer-1.1.0.tgz", - "integrity": "sha1-JcfInLH5B3+IkbvmHY85Dq4lbx4=", - "dev": true, - "requires": { - "pend": "~1.2.0" - } - } } } } diff --git a/package.json b/package.json index 14443d70e76..2d47ae298c7 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ "lint": "standard --fix \"test/**/*.js\" \"cypress/**/*.js\"" }, "devDependencies": { - "cypress": "^6.6.0", + "cypress": "^7.7.0", "ory-prettier-styles": "1.1.1", "prettier": "2.1.2", "standard": "^12.0.1", diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql index c2d847b9c8c..55d80773f05 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql @@ -1 +1 @@ -DROP TABLE IF EXISTS hydra_oauth2_grant_jwk; +DROP TABLE IF EXISTS hydra_oauth2_trusted_jwt_bearer_issuer; diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql index c7a4082aca4..f7418591c12 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql @@ -1,4 +1,4 @@ -CREATE TABLE IF NOT EXISTS hydra_oauth2_grant_jwk +CREATE TABLE IF NOT EXISTS hydra_oauth2_trusted_jwt_bearer_issuer ( id UUID PRIMARY KEY, issuer VARCHAR(255) NOT NULL, diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql index c2d847b9c8c..55d80773f05 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql @@ -1 +1 @@ -DROP TABLE IF EXISTS hydra_oauth2_grant_jwk; +DROP TABLE IF EXISTS hydra_oauth2_trusted_jwt_bearer_issuer; diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql index 757a3109c1a..2f968f0c917 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql @@ -1,4 +1,4 @@ -CREATE TABLE IF NOT EXISTS hydra_oauth2_grant_jwk +CREATE TABLE IF NOT EXISTS hydra_oauth2_trusted_jwt_bearer_issuer ( id VARCHAR(36) PRIMARY KEY, issuer VARCHAR(255) NOT NULL, diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql index c2d847b9c8c..55d80773f05 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql @@ -1 +1 @@ -DROP TABLE IF EXISTS hydra_oauth2_grant_jwk; +DROP TABLE IF EXISTS hydra_oauth2_trusted_jwt_bearer_issuer; diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql index c7a4082aca4..f7418591c12 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql @@ -1,4 +1,4 @@ -CREATE TABLE IF NOT EXISTS hydra_oauth2_grant_jwk +CREATE TABLE IF NOT EXISTS hydra_oauth2_trusted_jwt_bearer_issuer ( id UUID PRIMARY KEY, issuer VARCHAR(255) NOT NULL, diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql index c2d847b9c8c..55d80773f05 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql @@ -1 +1 @@ -DROP TABLE IF EXISTS hydra_oauth2_grant_jwk; +DROP TABLE IF EXISTS hydra_oauth2_trusted_jwt_bearer_issuer; diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql index 58265f0cc5f..63e1f7791c3 100644 --- a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql +++ b/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql @@ -1,4 +1,4 @@ -CREATE TABLE IF NOT EXISTS hydra_oauth2_grant_jwk +CREATE TABLE IF NOT EXISTS hydra_oauth2_trusted_jwt_bearer_issuer ( id UUID PRIMARY KEY, issuer VARCHAR(255) NOT NULL, diff --git a/x/clean_sql.go b/x/clean_sql.go index 21f343ecfe4..eb153106247 100644 --- a/x/clean_sql.go +++ b/x/clean_sql.go @@ -24,7 +24,7 @@ func CleanSQL(t *testing.T, db *sqlx.DB) { "hydra_oauth2_obfuscated_authentication_session", "hydra_oauth2_logout_request", "hydra_oauth2_jti_blacklist", - "hydra_oauth2_grant_jwk", + "hydra_oauth2_trusted_jwt_bearer_issuer", "hydra_jwk", "hydra_client", // Migrations @@ -57,7 +57,7 @@ func CleanSQLPop(t *testing.T, c *pop.Connection) { "hydra_oauth2_obfuscated_authentication_session", "hydra_oauth2_logout_request", "hydra_oauth2_jti_blacklist", - "hydra_oauth2_grant_jwk", + "hydra_oauth2_trusted_jwt_bearer_issuer", "hydra_jwk", "hydra_client", // Migrations From 02a9a7e810f0f26fe45bfe07ea09e92acfaa8cc0 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Tue, 13 Jul 2021 15:58:17 +0200 Subject: [PATCH 22/49] feat: code review --- cypress/integration/admin/grant_jwtbearer.js | 68 ++++++++++++++------ package-lock.json | 13 ++-- package.json | 1 + 3 files changed, 56 insertions(+), 26 deletions(-) diff --git a/cypress/integration/admin/grant_jwtbearer.js b/cypress/integration/admin/grant_jwtbearer.js index ae0636d93b2..8c3e380a747 100644 --- a/cypress/integration/admin/grant_jwtbearer.js +++ b/cypress/integration/admin/grant_jwtbearer.js @@ -1,5 +1,11 @@ +const dayjs = require('dayjs') +const isBetween = require('dayjs/plugin/isBetween') +const utc = require('dayjs/plugin/utc') +dayjs.extend(utc) +dayjs.extend(isBetween) + describe('The JWT-Bearer Grants Admin Interface', () => { - let d = Cypress.moment().add(1, 'year').milliseconds(0).utc() + let d = dayjs().utc().add(1, 'year').set('millisecond', 0) const newGrant = (issuer = 'token-service', subject = 'bob@example.com') => ({ issuer, subject, @@ -17,25 +23,31 @@ describe('The JWT-Bearer Grants Admin Interface', () => { }) beforeEach(() => { - // Delete all grants - cy.request('DELETE', Cypress.env('admin_url') + '/grants/jwt-bearer').then( - (response) => { - expect(response.body).to.length(1) - } - ) + // Clean up all previous grants + cy.request( + 'GET', + Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers' + ).then((response) => { + response.body.map(({ id }) => { + cy.request( + 'delete', + Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers/' + id + ).then(() => {}) + }) + }) }) it('should return newly created jwt-bearer grant and grant can be retrieved later', () => { const grant = newGrant() - const start = Cypress.moment().subtract(1, 'minutes').utc() - const end = Cypress.moment().add(1, 'minutes').utc() + const start = dayjs().subtract(1, 'minutes') + const end = dayjs().add(1, 'minutes') cy.request( 'POST', - Cypress.env('admin_url') + '/grants/jwt-bearer', + Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers', JSON.stringify(grant) ).then((response) => { - const createdAt = Cypress.moment(response.body.created_at) - const expiresAt = Cypress.moment(response.body.expires_at) + const createdAt = dayjs(response.body.created_at) + const expiresAt = dayjs(response.body.expires_at) const grantID = response.body.id expect(response.body.issuer).to.equal(grant.issuer) @@ -48,7 +60,7 @@ describe('The JWT-Bearer Grants Admin Interface', () => { cy.request( 'GET', - Cypress.env('admin_url') + '/grants/jwt-bearer/' + grantID + Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers/' + grantID ).then((response) => { expect(response.body.issuer).to.equal(grant.issuer) expect(response.body.subject).to.equal(grant.subject) @@ -61,18 +73,34 @@ describe('The JWT-Bearer Grants Admin Interface', () => { it('should return newly created jwt-bearer grant in grants list', () => { // We have exactly one grant - cy.request('GET', Cypress.env('admin_url') + '/grants/jwt-bearer').then( - (response) => { - expect(response.body).to.length(1) - } - ) + const grant = newGrant() + cy.request( + 'POST', + Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers', + JSON.stringify(grant) + ).then(() => {}) + cy.request( + 'GET', + Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers' + ).then((response) => { + expect(response.body).to.length(1) + }) }) it('should fail, because the same grant is already exist', () => { const grant = newGrant() cy.request({ method: 'POST', - url: Cypress.env('admin_url') + '/grants/jwt-bearer', + url: Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers', + failOnStatusCode: false, + body: JSON.stringify(grant) + }).then((response) => { + expect(response.status).to.equal(201) + }) + + cy.request({ + method: 'POST', + url: Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers', failOnStatusCode: false, body: JSON.stringify(grant) }).then((response) => { @@ -85,7 +113,7 @@ describe('The JWT-Bearer Grants Admin Interface', () => { grant.issuer = '' cy.request({ method: 'POST', - url: Cypress.env('admin_url') + '/grants/jwt-bearer', + url: Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers', failOnStatusCode: false, body: JSON.stringify(grant) }).then((response) => { diff --git a/package-lock.json b/package-lock.json index be7cc46df06..be95a68eb77 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,6 +9,7 @@ "version": "0.0.0", "devDependencies": { "cypress": "^7.7.0", + "dayjs": "^1.10.6", "ory-prettier-styles": "1.1.1", "prettier": "2.1.2", "standard": "^12.0.1", @@ -819,9 +820,9 @@ } }, "node_modules/dayjs": { - "version": "1.10.4", - "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.10.4.tgz", - "integrity": "sha512-RI/Hh4kqRc1UKLOAf/T5zdMMX5DQIlDxwUe3wSyMMnEbGunnpENCdbUgM+dW7kXidZqCttBrmw7BhN4TMddkCw==", + "version": "1.10.6", + "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.10.6.tgz", + "integrity": "sha512-AztC/IOW4L1Q41A86phW5Thhcrco3xuAA+YX/BLpLWWjRcTj5TOt/QImBLmCKlrF7u7k47arTnOyL6GnbG8Hvw==", "dev": true }, "node_modules/debug": { @@ -4647,9 +4648,9 @@ } }, "dayjs": { - "version": "1.10.4", - "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.10.4.tgz", - "integrity": "sha512-RI/Hh4kqRc1UKLOAf/T5zdMMX5DQIlDxwUe3wSyMMnEbGunnpENCdbUgM+dW7kXidZqCttBrmw7BhN4TMddkCw==", + "version": "1.10.6", + "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.10.6.tgz", + "integrity": "sha512-AztC/IOW4L1Q41A86phW5Thhcrco3xuAA+YX/BLpLWWjRcTj5TOt/QImBLmCKlrF7u7k47arTnOyL6GnbG8Hvw==", "dev": true }, "debug": { diff --git a/package.json b/package.json index 2d47ae298c7..35898531133 100644 --- a/package.json +++ b/package.json @@ -16,6 +16,7 @@ }, "devDependencies": { "cypress": "^7.7.0", + "dayjs": "^1.10.6", "ory-prettier-styles": "1.1.1", "prettier": "2.1.2", "standard": "^12.0.1", From 8f1f08d8fbffccecfc5387c78a49cdcb7fe30386 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Tue, 13 Jul 2021 16:03:06 +0200 Subject: [PATCH 23/49] feat: code review --- driver/registry.go | 4 +- driver/registry_base.go | 14 +++---- driver/registry_sql.go | 4 +- oauth2/fosite_store_helpers.go | 18 ++++----- oauth2/registry.go | 4 +- {grant/jwtbearer => oauth2/trust}/doc.go | 4 +- {grant/jwtbearer => oauth2/trust}/error.go | 2 +- {grant/jwtbearer => oauth2/trust}/grant.go | 2 +- {grant/jwtbearer => oauth2/trust}/handler.go | 2 +- .../trust}/handler_test.go | 5 +-- {grant/jwtbearer => oauth2/trust}/manager.go | 2 +- .../trust}/manager_test_helpers.go | 2 +- {grant/jwtbearer => oauth2/trust}/registry.go | 2 +- {grant/jwtbearer => oauth2/trust}/request.go | 2 +- .../jwtbearer => oauth2/trust}/validator.go | 2 +- persistence/definitions.go | 4 +- persistence/sql/persister_grant_jwk.go | 40 +++++++++---------- persistence/sql/persister_test.go | 8 ++-- 18 files changed, 60 insertions(+), 61 deletions(-) rename {grant/jwtbearer => oauth2/trust}/doc.go (98%) rename {grant/jwtbearer => oauth2/trust}/error.go (94%) rename {grant/jwtbearer => oauth2/trust}/grant.go (98%) rename {grant/jwtbearer => oauth2/trust}/handler.go (99%) rename {grant/jwtbearer => oauth2/trust}/handler_test.go (98%) rename {grant/jwtbearer => oauth2/trust}/manager.go (98%) rename {grant/jwtbearer => oauth2/trust}/manager_test_helpers.go (99%) rename {grant/jwtbearer => oauth2/trust}/registry.go (92%) rename {grant/jwtbearer => oauth2/trust}/request.go (98%) rename {grant/jwtbearer => oauth2/trust}/validator.go (97%) diff --git a/driver/registry.go b/driver/registry.go index 935f6e89e40..576d4f2d13b 100644 --- a/driver/registry.go +++ b/driver/registry.go @@ -3,7 +3,7 @@ package driver import ( "context" - "github.com/ory/hydra/grant/jwtbearer" + "github.com/ory/hydra/oauth2/trust" "github.com/pkg/errors" @@ -45,7 +45,7 @@ type Registry interface { client.Registry consent.Registry jwk.Registry - jwtbearer.Registry + trust.Registry oauth2.Registry PrometheusManager() *prometheus.MetricsManager x.TracingProvider diff --git a/driver/registry_base.go b/driver/registry_base.go index f3f565d2ea6..afac853d13a 100644 --- a/driver/registry_base.go +++ b/driver/registry_base.go @@ -12,7 +12,7 @@ import ( "github.com/pkg/errors" - "github.com/ory/hydra/grant/jwtbearer" + "github.com/ory/hydra/oauth2/trust" "github.com/ory/hydra/x/oauth2cors" "github.com/ory/hydra/persistence" @@ -47,8 +47,8 @@ type RegistryBase struct { C *config.Provider ch *client.Handler fh fosite.Hasher - jwtGrantH *jwtbearer.Handler - jwtGrantV *jwtbearer.GrantValidator + jwtGrantH *trust.Handler + jwtGrantV *trust.GrantValidator kh *jwk.Handler cv *client.Validator hh *healthx.Handler @@ -190,16 +190,16 @@ func (m *RegistryBase) KeyHandler() *jwk.Handler { return m.kh } -func (m *RegistryBase) JWTGrantHandler() *jwtbearer.Handler { +func (m *RegistryBase) JWTGrantHandler() *trust.Handler { if m.jwtGrantH == nil { - m.jwtGrantH = jwtbearer.NewHandler(m.r) + m.jwtGrantH = trust.NewHandler(m.r) } return m.jwtGrantH } -func (m *RegistryBase) GrantValidator() *jwtbearer.GrantValidator { +func (m *RegistryBase) GrantValidator() *trust.GrantValidator { if m.jwtGrantV == nil { - m.jwtGrantV = jwtbearer.NewGrantValidator() + m.jwtGrantV = trust.NewGrantValidator() } return m.jwtGrantV } diff --git a/driver/registry_sql.go b/driver/registry_sql.go index 6535a3bb802..883fc6a125e 100644 --- a/driver/registry_sql.go +++ b/driver/registry_sql.go @@ -5,7 +5,7 @@ import ( "strings" "time" - "github.com/ory/hydra/grant/jwtbearer" + "github.com/ory/hydra/oauth2/trust" "github.com/ory/x/errorsx" "github.com/luna-duclos/instrumentedsql" @@ -126,6 +126,6 @@ func (m *RegistrySQL) KeyManager() jwk.Manager { return m.Persister() } -func (m *RegistrySQL) GrantManager() jwtbearer.GrantManager { +func (m *RegistrySQL) GrantManager() trust.GrantManager { return m.Persister() } diff --git a/oauth2/fosite_store_helpers.go b/oauth2/fosite_store_helpers.go index d9f5d5e73e7..c919b317eb9 100644 --- a/oauth2/fosite_store_helpers.go +++ b/oauth2/fosite_store_helpers.go @@ -33,7 +33,7 @@ import ( "github.com/ory/fosite/handler/rfc7523" - "github.com/ory/hydra/grant/jwtbearer" + "github.com/ory/hydra/oauth2/trust" "github.com/ory/hydra/x" @@ -713,12 +713,12 @@ func testFositeJWTBearerGrantStorage(x InternalRegistry) func(t *testing.T) { publicKey := keySet.Keys[1] issuer := "token-service" subject := "bob@example.com" - grant := jwtbearer.Grant{ + grant := trust.Grant{ ID: uuid.New(), Issuer: issuer, Subject: subject, Scope: []string{"openid", "offline"}, - PublicKey: jwtbearer.PublicKey{Set: issuer, KeyID: publicKey.KeyID}, + PublicKey: trust.PublicKey{Set: issuer, KeyID: publicKey.KeyID}, CreatedAt: time.Now().UTC().Round(time.Second), ExpiresAt: time.Now().UTC().Round(time.Second).AddDate(1, 0, 0), } @@ -764,12 +764,12 @@ func testFositeJWTBearerGrantStorage(x InternalRegistry) func(t *testing.T) { publicKey := keySet.Keys[1] issuer := "maria" subject := "maria@example.com" - grant := jwtbearer.Grant{ + grant := trust.Grant{ ID: uuid.New(), Issuer: issuer, Subject: subject, Scope: []string{"openid"}, - PublicKey: jwtbearer.PublicKey{Set: issuer, KeyID: publicKey.KeyID}, + PublicKey: trust.PublicKey{Set: issuer, KeyID: publicKey.KeyID}, CreatedAt: time.Now().UTC().Round(time.Second), ExpiresAt: time.Now().UTC().Round(time.Second).AddDate(1, 0, 0), } @@ -799,12 +799,12 @@ func testFositeJWTBearerGrantStorage(x InternalRegistry) func(t *testing.T) { publicKey := keySet.Keys[1] issuer := "aeneas" subject := "aeneas@example.com" - grant := jwtbearer.Grant{ + grant := trust.Grant{ ID: uuid.New(), Issuer: issuer, Subject: subject, Scope: []string{"openid", "offline"}, - PublicKey: jwtbearer.PublicKey{Set: issuer, KeyID: publicKey.KeyID}, + PublicKey: trust.PublicKey{Set: issuer, KeyID: publicKey.KeyID}, CreatedAt: time.Now().UTC().Round(time.Second), ExpiresAt: time.Now().UTC().Round(time.Second).AddDate(1, 0, 0), } @@ -835,12 +835,12 @@ func testFositeJWTBearerGrantStorage(x InternalRegistry) func(t *testing.T) { publicKey := keySet.Keys[1] issuer := "vladimir" subject := "vladimir@example.com" - grant := jwtbearer.Grant{ + grant := trust.Grant{ ID: uuid.New(), Issuer: issuer, Subject: subject, Scope: []string{"openid", "offline"}, - PublicKey: jwtbearer.PublicKey{Set: issuer, KeyID: publicKey.KeyID}, + PublicKey: trust.PublicKey{Set: issuer, KeyID: publicKey.KeyID}, CreatedAt: time.Now().UTC().Round(time.Second), ExpiresAt: time.Now().UTC().Round(time.Second).AddDate(1, 0, 0), } diff --git a/oauth2/registry.go b/oauth2/registry.go index 83d0bb07509..ddc9723602d 100644 --- a/oauth2/registry.go +++ b/oauth2/registry.go @@ -5,7 +5,7 @@ import ( "github.com/ory/fosite/handler/openid" "github.com/ory/hydra/client" "github.com/ory/hydra/consent" - "github.com/ory/hydra/grant/jwtbearer" + "github.com/ory/hydra/oauth2/trust" "github.com/ory/hydra/jwk" "github.com/ory/hydra/x" ) @@ -13,7 +13,7 @@ import ( type InternalRegistry interface { client.Registry jwk.Registry - jwtbearer.Registry + trust.Registry x.RegistryWriter x.RegistryLogger consent.Registry diff --git a/grant/jwtbearer/doc.go b/oauth2/trust/doc.go similarity index 98% rename from grant/jwtbearer/doc.go rename to oauth2/trust/doc.go index 68e2955cff3..903d63605c3 100644 --- a/grant/jwtbearer/doc.go +++ b/oauth2/trust/doc.go @@ -18,11 +18,11 @@ * @license Apache-2.0 */ -// Package jwtbearer implements jwt-bearer grant management capabilities +// Package trust implements jwt-bearer grant management capabilities // // JWT-Bearer Grant represents resource owner (RO) permission for client to act on behalf of the RO using jwt. // Client uses jwt to request access token to act as RO. -package jwtbearer +package trust import ( "time" diff --git a/grant/jwtbearer/error.go b/oauth2/trust/error.go similarity index 94% rename from grant/jwtbearer/error.go rename to oauth2/trust/error.go index 91a2a1dc4c3..5a2f5f9f2fb 100644 --- a/grant/jwtbearer/error.go +++ b/oauth2/trust/error.go @@ -1,4 +1,4 @@ -package jwtbearer +package trust import ( "net/http" diff --git a/grant/jwtbearer/grant.go b/oauth2/trust/grant.go similarity index 98% rename from grant/jwtbearer/grant.go rename to oauth2/trust/grant.go index 077d40d7a19..7996a2995bd 100644 --- a/grant/jwtbearer/grant.go +++ b/oauth2/trust/grant.go @@ -1,4 +1,4 @@ -package jwtbearer +package trust import ( "time" diff --git a/grant/jwtbearer/handler.go b/oauth2/trust/handler.go similarity index 99% rename from grant/jwtbearer/handler.go rename to oauth2/trust/handler.go index aee28f92ef8..4d52c36c169 100644 --- a/grant/jwtbearer/handler.go +++ b/oauth2/trust/handler.go @@ -1,4 +1,4 @@ -package jwtbearer +package trust import ( "encoding/json" diff --git a/grant/jwtbearer/handler_test.go b/oauth2/trust/handler_test.go similarity index 98% rename from grant/jwtbearer/handler_test.go rename to oauth2/trust/handler_test.go index 4d3b9aa68dc..8dacaa88484 100644 --- a/grant/jwtbearer/handler_test.go +++ b/oauth2/trust/handler_test.go @@ -1,4 +1,4 @@ -package jwtbearer_test +package trust_test import ( "crypto/rand" @@ -17,7 +17,6 @@ import ( "github.com/ory/hydra/jwk" "github.com/ory/hydra/driver/config" - "github.com/ory/hydra/grant/jwtbearer" "github.com/ory/hydra/internal" hydra "github.com/ory/hydra/internal/httpclient/client" "github.com/ory/hydra/internal/httpclient/client/admin" @@ -45,7 +44,7 @@ func (s *HandlerTestSuite) SetupSuite() { s.registry = internal.NewRegistryMemory(s.T(), conf) router := x.NewRouterAdmin() - handler := jwtbearer.NewHandler(s.registry) + handler := trust.NewHandler(s.registry) handler.SetRoutes(router) jwkHandler := jwk.NewHandler(s.registry, conf) jwkHandler.SetRoutes(router, x.NewRouterPublic(), func(h http.Handler) http.Handler { diff --git a/grant/jwtbearer/manager.go b/oauth2/trust/manager.go similarity index 98% rename from grant/jwtbearer/manager.go rename to oauth2/trust/manager.go index b809fd5d125..aad56983278 100644 --- a/grant/jwtbearer/manager.go +++ b/oauth2/trust/manager.go @@ -1,4 +1,4 @@ -package jwtbearer +package trust import ( "context" diff --git a/grant/jwtbearer/manager_test_helpers.go b/oauth2/trust/manager_test_helpers.go similarity index 99% rename from grant/jwtbearer/manager_test_helpers.go rename to oauth2/trust/manager_test_helpers.go index f8910d2823d..c2da83d5305 100644 --- a/grant/jwtbearer/manager_test_helpers.go +++ b/oauth2/trust/manager_test_helpers.go @@ -18,7 +18,7 @@ * @license Apache-2.0 */ -package jwtbearer +package trust import ( "context" diff --git a/grant/jwtbearer/registry.go b/oauth2/trust/registry.go similarity index 92% rename from grant/jwtbearer/registry.go rename to oauth2/trust/registry.go index b22c11c22e9..de7f17238d1 100644 --- a/grant/jwtbearer/registry.go +++ b/oauth2/trust/registry.go @@ -1,4 +1,4 @@ -package jwtbearer +package trust import ( "github.com/ory/hydra/x" diff --git a/grant/jwtbearer/request.go b/oauth2/trust/request.go similarity index 98% rename from grant/jwtbearer/request.go rename to oauth2/trust/request.go index 6159a244859..6a1b09bed4b 100644 --- a/grant/jwtbearer/request.go +++ b/oauth2/trust/request.go @@ -1,4 +1,4 @@ -package jwtbearer +package trust import ( "time" diff --git a/grant/jwtbearer/validator.go b/oauth2/trust/validator.go similarity index 97% rename from grant/jwtbearer/validator.go rename to oauth2/trust/validator.go index 41ba4f5acb3..48bd5085fda 100644 --- a/grant/jwtbearer/validator.go +++ b/oauth2/trust/validator.go @@ -1,4 +1,4 @@ -package jwtbearer +package trust import ( "github.com/ory/x/errorsx" diff --git a/persistence/definitions.go b/persistence/definitions.go index 01172394e3e..99306eda66d 100644 --- a/persistence/definitions.go +++ b/persistence/definitions.go @@ -5,7 +5,7 @@ import ( "github.com/ory/hydra/client" "github.com/ory/hydra/consent" - "github.com/ory/hydra/grant/jwtbearer" + "github.com/ory/hydra/oauth2/trust" "github.com/ory/hydra/jwk" "github.com/ory/hydra/x" "github.com/ory/x/popx" @@ -19,7 +19,7 @@ type ( client.Manager x.FositeStorer jwk.Manager - jwtbearer.GrantManager + trust.GrantManager MigrationStatus(ctx context.Context) (popx.MigrationStatuses, error) MigrateDown(context.Context, int) error diff --git a/persistence/sql/persister_grant_jwk.go b/persistence/sql/persister_grant_jwk.go index 31093cc665b..07b2a337a2a 100644 --- a/persistence/sql/persister_grant_jwk.go +++ b/persistence/sql/persister_grant_jwk.go @@ -9,17 +9,17 @@ import ( "github.com/gobuffalo/pop/v5" "gopkg.in/square/go-jose.v2" - "github.com/ory/hydra/grant/jwtbearer" + "github.com/ory/hydra/oauth2/trust" "github.com/ory/x/errorsx" "github.com/ory/x/sqlcon" ) -var _ jwtbearer.GrantManager = &Persister{} +var _ trust.GrantManager = &Persister{} const scopeSeparator = " " -func (p *Persister) CreateGrant(ctx context.Context, g jwtbearer.Grant, publicKey jose.JSONWebKey) error { +func (p *Persister) CreateGrant(ctx context.Context, g trust.Grant, publicKey jose.JSONWebKey) error { // add key, if it doesn't exist if _, err := p.GetKey(ctx, g.PublicKey.Set, g.PublicKey.KeyID); err != nil { if errorsx.Cause(err) != sqlcon.ErrNoRows { @@ -36,10 +36,10 @@ func (p *Persister) CreateGrant(ctx context.Context, g jwtbearer.Grant, publicKe return sqlcon.HandleError(p.Connection(ctx).Create(&data)) } -func (p *Persister) GetConcreteGrant(ctx context.Context, id string) (jwtbearer.Grant, error) { - var data jwtbearer.SQLData +func (p *Persister) GetConcreteGrant(ctx context.Context, id string) (trust.Grant, error) { + var data trust.SQLData if err := p.Connection(ctx).Where("id = ?", id).First(&data); err != nil { - return jwtbearer.Grant{}, sqlcon.HandleError(err) + return trust.Grant{}, sqlcon.HandleError(err) } return p.jwtGrantFromSQlData(data), nil @@ -52,7 +52,7 @@ func (p *Persister) DeleteGrant(ctx context.Context, id string) error { } return p.transaction(ctx, func(ctx context.Context, c *pop.Connection) error { - if err := p.Connection(ctx).Destroy(&jwtbearer.SQLData{ID: grant.ID}); err != nil { + if err := p.Connection(ctx).Destroy(&trust.SQLData{ID: grant.ID}); err != nil { return sqlcon.HandleError(err) } @@ -60,8 +60,8 @@ func (p *Persister) DeleteGrant(ctx context.Context, id string) error { }) } -func (p *Persister) GetGrants(ctx context.Context, limit, offset int, optionalIssuer string) ([]jwtbearer.Grant, error) { - grantsData := make([]jwtbearer.SQLData, 0) +func (p *Persister) GetGrants(ctx context.Context, limit, offset int, optionalIssuer string) ([]trust.Grant, error) { + grantsData := make([]trust.SQLData, 0) query := p.Connection(ctx).Paginate(offset/limit+1, limit).Order("id") if optionalIssuer != "" { @@ -72,7 +72,7 @@ func (p *Persister) GetGrants(ctx context.Context, limit, offset int, optionalIs return nil, sqlcon.HandleError(err) } - grants := make([]jwtbearer.Grant, 0, len(grantsData)) + grants := make([]trust.Grant, 0, len(grantsData)) for _, data := range grantsData { grants = append(grants, p.jwtGrantFromSQlData(data)) } @@ -81,12 +81,12 @@ func (p *Persister) GetGrants(ctx context.Context, limit, offset int, optionalIs } func (p *Persister) CountGrants(ctx context.Context) (int, error) { - n, err := p.Connection(ctx).Count(&jwtbearer.SQLData{}) + n, err := p.Connection(ctx).Count(&trust.SQLData{}) return n, sqlcon.HandleError(err) } func (p *Persister) GetPublicKey(ctx context.Context, issuer string, subject string, keyId string) (*jose.JSONWebKey, error) { - var data jwtbearer.SQLData + var data trust.SQLData query := p.Connection(ctx). Where("issuer = ?", issuer). Where("subject = ?", subject). @@ -104,7 +104,7 @@ func (p *Persister) GetPublicKey(ctx context.Context, issuer string, subject str } func (p *Persister) GetPublicKeys(ctx context.Context, issuer string, subject string) (*jose.JSONWebKeySet, error) { - grantsData := make([]jwtbearer.SQLData, 0) + grantsData := make([]trust.SQLData, 0) query := p.Connection(ctx). Where("issuer = ?", issuer). Where("subject = ?", subject) @@ -134,7 +134,7 @@ func (p *Persister) GetPublicKeys(ctx context.Context, issuer string, subject st } func (p *Persister) GetPublicKeyScopes(ctx context.Context, issuer string, subject string, keyId string) ([]string, error) { - var data jwtbearer.SQLData + var data trust.SQLData query := p.Connection(ctx). Where("issuer = ?", issuer). Where("subject = ?", subject). @@ -159,8 +159,8 @@ func (p *Persister) MarkJWTUsedForTime(ctx context.Context, jti string, exp time return p.SetClientAssertionJWT(ctx, jti, exp) } -func (p *Persister) sqlDataFromJWTGrant(g jwtbearer.Grant) jwtbearer.SQLData { - return jwtbearer.SQLData{ +func (p *Persister) sqlDataFromJWTGrant(g trust.Grant) trust.SQLData { + return trust.SQLData{ ID: g.ID, Issuer: g.Issuer, Subject: g.Subject, @@ -172,13 +172,13 @@ func (p *Persister) sqlDataFromJWTGrant(g jwtbearer.Grant) jwtbearer.SQLData { } } -func (p *Persister) jwtGrantFromSQlData(data jwtbearer.SQLData) jwtbearer.Grant { - return jwtbearer.Grant{ +func (p *Persister) jwtGrantFromSQlData(data trust.SQLData) trust.Grant { + return trust.Grant{ ID: data.ID, Issuer: data.Issuer, Subject: data.Subject, Scope: strings.Split(data.Scope, scopeSeparator), - PublicKey: jwtbearer.PublicKey{ + PublicKey: trust.PublicKey{ Set: data.KeySet, KeyID: data.KeyID, }, @@ -189,7 +189,7 @@ func (p *Persister) jwtGrantFromSQlData(data jwtbearer.SQLData) jwtbearer.Grant func (p *Persister) FlushInactiveGrants(ctx context.Context, notAfter time.Time) error { return sqlcon.HandleError(p.Connection(ctx).RawQuery( - fmt.Sprintf("DELETE FROM %s WHERE expires_at < ? AND expires_at < ?", jwtbearer.SQLData{}.TableName()), + fmt.Sprintf("DELETE FROM %s WHERE expires_at < ? AND expires_at < ?", trust.SQLData{}.TableName()), time.Now().UTC(), notAfter, ).Exec()) diff --git a/persistence/sql/persister_test.go b/persistence/sql/persister_test.go index 6a16ae21b31..8d31a6b0522 100644 --- a/persistence/sql/persister_test.go +++ b/persistence/sql/persister_test.go @@ -5,7 +5,7 @@ import ( "github.com/pborman/uuid" - "github.com/ory/hydra/grant/jwtbearer" + "github.com/ory/hydra/oauth2/trust" "github.com/stretchr/testify/require" @@ -63,9 +63,9 @@ func TestManagers(t *testing.T) { }) }) - t.Run("package=grant/jwtbearer/manager="+k, func(t *testing.T) { - t.Run("case=create-get-delete", jwtbearer.TestHelperGrantManagerCreateGetDeleteGrant(m.GrantManager())) - t.Run("case=errors", jwtbearer.TestHelperGrantManagerErrors(m.GrantManager())) + t.Run("package=grant/trust/manager="+k, func(t *testing.T) { + t.Run("case=create-get-delete", trust.TestHelperGrantManagerCreateGetDeleteGrant(m.GrantManager())) + t.Run("case=errors", trust.TestHelperGrantManagerErrors(m.GrantManager())) }) } } From b349d06502900f50973b1068251111f774902cd5 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Tue, 13 Jul 2021 16:03:17 +0200 Subject: [PATCH 24/49] feat: code review --- oauth2/trust/handler_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/oauth2/trust/handler_test.go b/oauth2/trust/handler_test.go index 8dacaa88484..97fd63dac29 100644 --- a/oauth2/trust/handler_test.go +++ b/oauth2/trust/handler_test.go @@ -3,6 +3,7 @@ package trust_test import ( "crypto/rand" "crypto/rsa" + "github.com/ory/hydra/oauth2/trust" "net/http" "net/http/httptest" "testing" From 1fa9f77913465db5a647184546449b3e18c0522d Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Tue, 13 Jul 2021 16:04:28 +0200 Subject: [PATCH 25/49] feat: code review --- docs/sidebar.json | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/sidebar.json b/docs/sidebar.json index f767a2c7579..3d22d0617b1 100644 --- a/docs/sidebar.json +++ b/docs/sidebar.json @@ -29,7 +29,6 @@ "dependencies-environment", "production", "guides/tracing", - "guides/oauth2-grant-type-jwt-bearer", "guides/secrets-key-rotation", "guides/kubernetes-helm-chart", "guides/ssl-https-tls", From d4e2c2e76f8eb2724e8b7acd767e9f183a2079ab Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Tue, 13 Jul 2021 16:06:23 +0200 Subject: [PATCH 26/49] feat: code review --- oauth2/trust/doc.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/oauth2/trust/doc.go b/oauth2/trust/doc.go index 903d63605c3..b6bec746d23 100644 --- a/oauth2/trust/doc.go +++ b/oauth2/trust/doc.go @@ -93,10 +93,10 @@ type getTrustedJwtGrantIssuer struct { } // swagger:model trustedJwtGrantIssuers -type trustedJwtGrantIssuers []swaggerJWTBearerGrant +type trustedJwtGrantIssuers []trustedJwtGrantIssuer // swagger:model trustedJwtGrantIssuer -type swaggerJWTBearerGrant struct { +type trustedJwtGrantIssuer struct { // example: 9edc811f-4e28-453c-9b46-4de65f00217f ID string `json:"id"` @@ -113,7 +113,7 @@ type swaggerJWTBearerGrant struct { Scope []string `json:"scope"` // The "public_key" contains information about public key issued by "issuer", that will be used to check JWT assertion signature. - PublicKey swaggerJWTBearerGrantPublicKey `json:"public_key"` + PublicKey trustedJsonWebKey `json:"public_key"` // The "created_at" indicates, when grant was created. CreatedAt time.Time `json:"created_at"` @@ -123,7 +123,7 @@ type swaggerJWTBearerGrant struct { } // swagger:model trustedJsonWebKey -type swaggerJWTBearerGrantPublicKey struct { +type trustedJsonWebKey struct { // The "set" is basically a name for a group(set) of keys. Will be the same as "issuer" in grant. // example: https://jwt-idp.example.com Set string `json:"set"` From e4bda4cf280e52dbd1f7db33b68001c8a0cf9537 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Tue, 13 Jul 2021 16:54:03 +0200 Subject: [PATCH 27/49] feat: code review --- ...l => 20201211145331000000_grant_jwk_bearer.cockroach.down.sql} | 0 ...sql => 20201211145331000000_grant_jwk_bearer.cockroach.up.sql} | 0 ...n.sql => 20201211145331000000_grant_jwk_bearer.mysql.down.sql} | 0 ....up.sql => 20201211145331000000_grant_jwk_bearer.mysql.up.sql} | 0 ...ql => 20201211145331000000_grant_jwk_bearer.postgres.down.sql} | 0 ....sql => 20201211145331000000_grant_jwk_bearer.postgres.up.sql} | 0 ....sql => 20201211145331000000_grant_jwk_bearer.sqlite.down.sql} | 0 ...up.sql => 20201211145331000000_grant_jwk_bearer.sqlite.up.sql} | 0 8 files changed, 0 insertions(+), 0 deletions(-) rename persistence/sql/migrations/{20201211145331_grant_jwk_bearer.cockroach.down.sql => 20201211145331000000_grant_jwk_bearer.cockroach.down.sql} (100%) rename persistence/sql/migrations/{20201211145331_grant_jwk_bearer.cockroach.up.sql => 20201211145331000000_grant_jwk_bearer.cockroach.up.sql} (100%) rename persistence/sql/migrations/{20201211145331_grant_jwk_bearer.mysql.down.sql => 20201211145331000000_grant_jwk_bearer.mysql.down.sql} (100%) rename persistence/sql/migrations/{20201211145331_grant_jwk_bearer.mysql.up.sql => 20201211145331000000_grant_jwk_bearer.mysql.up.sql} (100%) rename persistence/sql/migrations/{20201211145331_grant_jwk_bearer.postgres.down.sql => 20201211145331000000_grant_jwk_bearer.postgres.down.sql} (100%) rename persistence/sql/migrations/{20201211145331_grant_jwk_bearer.postgres.up.sql => 20201211145331000000_grant_jwk_bearer.postgres.up.sql} (100%) rename persistence/sql/migrations/{20201211145331_grant_jwk_bearer.sqlite.down.sql => 20201211145331000000_grant_jwk_bearer.sqlite.down.sql} (100%) rename persistence/sql/migrations/{20201211145331_grant_jwk_bearer.sqlite.up.sql => 20201211145331000000_grant_jwk_bearer.sqlite.up.sql} (100%) diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.down.sql similarity index 100% rename from persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.down.sql rename to persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.down.sql diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.up.sql similarity index 100% rename from persistence/sql/migrations/20201211145331_grant_jwk_bearer.cockroach.up.sql rename to persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.up.sql diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.down.sql similarity index 100% rename from persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.down.sql rename to persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.down.sql diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.up.sql similarity index 100% rename from persistence/sql/migrations/20201211145331_grant_jwk_bearer.mysql.up.sql rename to persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.up.sql diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.down.sql similarity index 100% rename from persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.down.sql rename to persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.down.sql diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.up.sql similarity index 100% rename from persistence/sql/migrations/20201211145331_grant_jwk_bearer.postgres.up.sql rename to persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.up.sql diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.down.sql similarity index 100% rename from persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.down.sql rename to persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.down.sql diff --git a/persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.up.sql similarity index 100% rename from persistence/sql/migrations/20201211145331_grant_jwk_bearer.sqlite.up.sql rename to persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.up.sql From b01cfab0650811de1545520ec1567aa1c3de1354 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jagoba=20Gasco=CC=81n?= Date: Thu, 4 Nov 2021 10:53:22 +0100 Subject: [PATCH 28/49] feat: add end-to-end tests for the jwt bearer grant type (RFC 7523) --- Makefile | 13 +- cypress.json | 5 +- cypress/helpers/index.js | 143 ++++ cypress/integration/oauth2/grant_jwtbearer.js | 688 ++++++++++++++++++ package.json | 1 + test/e2e/circle-ci.bash | 111 +-- 6 files changed, 881 insertions(+), 80 deletions(-) create mode 100644 cypress/integration/oauth2/grant_jwtbearer.js diff --git a/Makefile b/Makefile index 0d541fe1a18..abe622132e8 100644 --- a/Makefile +++ b/Makefile @@ -83,14 +83,11 @@ docker: .PHONY: e2e e2e: node_modules test-resetdb source ./scripts/test-env.sh - ./test/e2e/circle-ci.bash memory - ./test/e2e/circle-ci.bash memory-jwt - ./test/e2e/circle-ci.bash postgres - ./test/e2e/circle-ci.bash postgres-jwt - ./test/e2e/circle-ci.bash mysql - ./test/e2e/circle-ci.bash mysql-jwt - ./test/e2e/circle-ci.bash cockroach - ./test/e2e/circle-ci.bash cockroach-jwt + for db in memory postgres mysql cockroach; do \ + ./test/e2e/circle-ci.bash "$${db}"; \ + ./test/e2e/circle-ci.bash "$${db}" --jwt; \ + ./test/e2e/circle-ci.bash "$${db}" --grant_jwt_client_auth_optional --grant_jwt_jti_optional --grant_jwt_iat_optional; \ + done # Runs tests in short mode, without database adapters .PHONY: quicktest diff --git a/cypress.json b/cypress.json index eccfd50b548..2ee17f9f982 100644 --- a/cypress.json +++ b/cypress.json @@ -6,7 +6,10 @@ "client_url": "http://127.0.0.1:5003", "public_port": "5000", "client_port": "5003", - "jwt_enabled": false + "jwt_enabled": false, + "grant_jwt_client_auth_optional": false, + "grant_jwt_jti_optional": false, + "grant_jwt_iat_optional": false }, "chromeWebSecurity": false, "retries": { diff --git a/cypress/helpers/index.js b/cypress/helpers/index.js index 9e0730a400a..fe98ecfa295 100644 --- a/cypress/helpers/index.js +++ b/cypress/helpers/index.js @@ -56,3 +56,146 @@ const getClient = (id) => cy .request(Cypress.env('admin_url') + '/clients/' + id) .then(({ body }) => body) + +export const createGrant = (grant) => + cy + .request('POST', Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers', JSON.stringify(grant)) + .then((response) => { + const grantID = response.body.id + getGrant(grantID).then((actual) => { + if (actual.id !== grantID) { + return Promise.reject( + new Error( + `Expected id's to match: ${actual.id} !== ${grantID}` + ) + ) + } + return Promise.resolve(response) + }) + }) + +export const getGrant = (grantID) => + cy + .request('GET', Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers/' + grantID) + .then(({ body }) => body) + +export const deleteGrants = () => + cy.request(Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers').then(({ body = [] }) => { + ;(body || []).forEach(({ id }) => deleteGrant(id)) + }) + +const deleteGrant = (id) => + cy.request('DELETE', Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers/' + id) + +export const publicJwk = { + kid: 'token-service-key', + kty: 'RSA', + alg: 'RS256', + n: 'xbOXL8LDbB8hz4fe6__qpESz5GqX0IjH9lRIywG1xj7_w9UXnds5oZpXp0L4TM7B9j0na6_wIwcnfTlQr1cW3LHJXjzPS19zK5rrvB5eabNhtv4yIyH2DSfkI5J3y0bmfY74_J_rDFtQ1PdpfMzdF5cceYvw05B3Q6naPwPN_86GjOkxBWeBZ1-jL5-7cpbbAfeICjEEBsKDX0j-2ZyKpQ2r4jrxwxDF-J3Xsf6ieRKHggQfG-_xMucz40j7t_s-ttE8LoOm9Mmg0gl6vsfhL9rBvUiW-FLCgCqAKSB9a4JHp4_cgsUUR4TsPrJXTGXDFPoqd63S4ZLkCqOeFLOMUx7zVM_gVyyDIbfXWG2HRt6IbEiU8-A-irw0PtPKKiZ0mue2DT3gbvRJlKpL4RG8Obhlaxzf1eQ9jLx15_DoJt9M8zrK9m99YNRMBeJWwJ-RaUv0odpMkIMawH-ly0IO4Kc6fV2g0PK0f4lBnoHze802Y5SQfN19D3GaL93xlHDTHIsX_q0ICyQzupHjQeFHSa9ku0mA36p40lE3Ejpxjbx1BNAvwozGIE7OuovtUgnaodzpRp5HMrCS5YSGE0LtpTgyEibrG3pA12tSvQW3WDeB8qx4dPBBo917ujdgO23p9ZYm96ohZMUOSR_ItX7n3Q4N6W490YrNgj6c-r9kfWk', + e: 'AQAB' +} +export const privatePem = `-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAxbOXL8LDbB8hz4fe6//qpESz5GqX0IjH9lRIywG1xj7/w9UX +nds5oZpXp0L4TM7B9j0na6/wIwcnfTlQr1cW3LHJXjzPS19zK5rrvB5eabNhtv4y +IyH2DSfkI5J3y0bmfY74/J/rDFtQ1PdpfMzdF5cceYvw05B3Q6naPwPN/86GjOkx +BWeBZ1+jL5+7cpbbAfeICjEEBsKDX0j+2ZyKpQ2r4jrxwxDF+J3Xsf6ieRKHggQf +G+/xMucz40j7t/s+ttE8LoOm9Mmg0gl6vsfhL9rBvUiW+FLCgCqAKSB9a4JHp4/c +gsUUR4TsPrJXTGXDFPoqd63S4ZLkCqOeFLOMUx7zVM/gVyyDIbfXWG2HRt6IbEiU +8+A+irw0PtPKKiZ0mue2DT3gbvRJlKpL4RG8Obhlaxzf1eQ9jLx15/DoJt9M8zrK +9m99YNRMBeJWwJ+RaUv0odpMkIMawH+ly0IO4Kc6fV2g0PK0f4lBnoHze802Y5SQ +fN19D3GaL93xlHDTHIsX/q0ICyQzupHjQeFHSa9ku0mA36p40lE3Ejpxjbx1BNAv +wozGIE7OuovtUgnaodzpRp5HMrCS5YSGE0LtpTgyEibrG3pA12tSvQW3WDeB8qx4 +dPBBo917ujdgO23p9ZYm96ohZMUOSR/ItX7n3Q4N6W490YrNgj6c+r9kfWkCAwEA +AQKCAgAJvNrJg3JUtQPZUPvt6+EGzkt+CLIJl3Mh8uzS8vadGSVH5AsRv2aLSyre +FjJctiJfmouChlvxnbyYMmaC/Gsn26nrdltPfxgRIcRSs7w6wJcjiEm36UhRRZG7 +Hs+/t3JK5OvmpYnSRf0pQDZ16zFIpCzG39mw0gDN2GPjjrBq1SVTc3jypzJ8gP1s +rxVwg3WuFx8gQWHNY29NFi9XUJqTnqTEs9qMnRrjMAMbxUsDY6JBCSrvGVZsB29K +1qFvYnSoVI3+TIXAsN22+riNBRNWZBP+2sB04r6pyW4emHcVAIm++xsFZeelzipE +vEwIe0qskdXdpzYn3jBVRdHXezCCIU7xu8CKB2JqhOgOR10L4RARfgN6Xw0thQhH +j9cMim2khgpzIXnhOtA3vFKMlrskY+4CXZzWaL1WkpDZKoionmRaID6uU0+rdk0C +Ue2vzoSSUw42UQyV3Lm/AcyiDBOH9JAmma5yC2VuPNMSe2yIln8/cwrgFbjP9ksl +mG8NZj/plzpsAtPQCiPE4X2rPdABD/mOEdovqh7cASaT5kSCEneZ+ln5mkMVPcB8 +688vI+5JmRWXdGYKSqTXXIjjoy4FjaQtaFgyf2hvnfUQQ9mm/I8LEkHUCjrHoe7Y +5o7j+Ft8TO514T1pm3vgP/a8czDvOLUvBysEb3Kw4Zyl7ZODMQKCAQEA+g16bOVc +oZ09nesTuK4aNzljxQcljKqAXoUvT9hvN8epAQOmYOKUToP+4EBi6ro5mAPTq4DU +pkS7ATSIEu2/Oe9MvPMdWQijTddZSP6yCgzC+67V+Y0Rtvf/vtxE8TFQCi7jUlOs +/+lAMwmi31K0PUJSU/Fh9qzS/7zlOG7cc1FXcf5DJz4LQWP842rdWf+y/tIWQYhQ +tnrDoBLyCwyppW52kTyJFjXPiHYk2VHrImVa0bPo7rcagrGbwOmQkQvJDT496Y2h +qbPI1H9G3XkSVlpBhaVgPYb/1zFRNrbiQ8/O6AMn5FSF6e3Y3xUvgnf5qnD/aQ7v +XtU3S9zbSV4PRwKCAQEAymdbSHh1UH5TLvkFn/cNtyySBixjOKZk6rS5OI4XcdVQ +xr0YMo/hQRjQHZxkWw3Oto4jXmad02eVyJ/ttyHO0bNChMISqh/STkUKlOb8zaMJ +US6Hu7hJFSDe7OjxKgn5Sj3KHe9DhlhIW4Hzgbb7+zAvhjn60IlcjisFNSlu7Og+ ++vaUuOBLjDl0TYPBMvUzFT4Z0RIiHu9L6lqa4ka6TC/CbtrNRVbv9IYNlbs1K4xQ +SwjpbIKOxFAoWK/Y+XGBJrD4XKSgOufcRyYUsmanF46Ag2H3gkmPqmqK1Ykbrr69 +Au/hj5xtN/SuwjWNclWvO+2Ck8WYsorTA3ErqAhFzwKCAQAjYmjipApZrGCdyjg+ +OBTpn6topDxCDZagyYQKbnw+jnhx9kxDBY0rFy6oGTRmNvgTdOctK8vrw2obH43p +787RqfVX/6c1hC1nxIOT+sbC+U9WQkVxTO8mzy1Xmt/+qZXD+yKb8c9XX3CASGrN +42wyBwKTcmMEfyxUmCxvsfBsOSSAsxRZp0P8euO8YtDz/WUc/im8GEgjqneoXUX3 +HlGbYWhR4RkdFXxKuT05q4f0lBcn+aeKsEqGGBAMWoDkpaBLyXUFac9orlJLD7+9 +c3aO1bLT8LUPv9zQXOA7N+II6o1C879fZj6U/d1kpCDW+5dO8TKTcVOaPd3XVGeL +mE3dAoIBAQCE3mCwLFNm6eaVeWfV4Qqh6qJZZx4jfCfXY5gLpkuBsLT8IfoWhxkp +8K3+IkJG+8NtV9WkDN0igGd1cndMtubcBj9ugzBZedZHB0+w/AmMvLBLGK6F7q4b +Lp7pCun13OJHeFSMXhsHwECPwbkmuAammLU5+inKZ8HYmikrAu4Mm1Fs0h5DVwqB +HN5aXFmhqBFGqqOr+alogVJmn9/5FtEJXnjW6M/D6xROgwm7908qLUwwVcNWNkae +XLh/r8BRz88mpRoFRxTgVoDmO/tuObEK58M5fEBMyRmEl7hYAU+o4RGXMf3ylo+k +If3vA9S8776/KmWDuD1LR5LKOaqc/gFFAoIBAQDjlsI3A7yRx5CCOSS1zdrZXDve +dmpzjun13OqPe1N2PGbgvrrMY9oEbZ4jf1FMNUYFQafHWr8+iQRbm+WS2fZSq6ie +z8+vwhIQzyYAKDOHcfk/ImVCnCZOpWUv78T3ftBOm0flK9FgmtEVU9lZOGwJeeSl +XfXvA23Yq6h4NYvugw6YyamOjy8EnYwO707ibJVajeNFukrZO3Ywcaz1/jn/iaDv +KArlIAJ3R/phf9+e35pBAtjM6NYqzqVp93MUwMTXnK8TAPhtT8rEsP6Q5T703Lof +kphJ2V/clAXtRXwP+588e7JveeZlOS+3vUm3JWv+zHtWGY3SXefcialXfNN/ +-----END RSA PRIVATE KEY----- +` + +export const invalidPrivatePem = `-----BEGIN RSA PRIVATE KEY----- +MIIJJgIBAAKCAgBh2paLu/KqIYKapXLXD2kHt4TDGWCProE55heq9hdC0T8+zI0i +dAuwkIytczMEliM9S/HbOci7yUZNGnBEBTOYaA02ihkxuYQx+4wxTCBump6NW9um +NU3ZNj7jCglOGDCAT3He+/PeXu07N/U5+J2bmHRT4901p+o0MihJUvxZwHCFxRjP +q8o6HPFWsKrL+EcrA2yCuari4AMRwO8Kk6n6OqNpTtbEPgTeYryfGTTLnatnoX8C +tAvoEZCy0b7p9zXuBcR0dAX6AKfshz3xUe10Xo6Hm/02ZU6ckaWh9OEkNsIWs/L4 +xXfKt9IU6ZkNvN2grDftA9z6fW8FvoFhVhdPOCiZO8DgUEMZIuAdndkBUdAPpDfd +tr0hugakGq87OzpniksKgH3meTEVGKt5OWZHQ/GcLSakOcd08e5SkuhltRafbyFl +vB9gzi3WVz18ZeymXu4QP07KYDCOX1fdLW7HrKBvf4aYLDKQeMIHoZvIDWuDThVh +E75weAEcezPXAsEE1zcvDajCZmQOdgv0Trc9wxHAeRZV1hoxhheAflxG8YkMTNS3 +PcBFrHz+wjzuYUDh0yTUzFiUeUQxb2zMz0iqYkfl7Ov+ApgyysFHbCfrb88HvlFj +nYpyE0JVxA83O7QuQ/ZCtmTmalHk1y2jti0HEOGM6wJvWwZLL5pjGK1aEwIDAQAB +AoICAAaFOUjgYkAh8YD6i1d3SGliOi+B7mREnYnNIkCbG1uxc8Rsfu8PyoOebjFU +ns6sbna0K86O4ChbNhsHKvntWs3KCS9cLmeY1A08lM/oIbUdCnmi6FT/8ksKCVC5 +p3sTs4+pO44/PbXQn4A1r1qIjYADvaSlZ2Ue5kVKHlMce4JDh3vycT/NU7FholdD +eG4VAjEEjmN7mb56bNnvAD61LjtlUuQ+g6MZ+tsSuzziwhjbTcOfCEaW1sBFA15X +CaCvf2F38upLnOZWytnA/UiqS+dYMakppMrOH1nhfqb3GVV/bJl0rjkTd3MDorUQ +B8nZju8Y6rUZb80lNJOuaRKiWPUyOlIqnITBPXCAd6joqpyuKkoD5D/rZ46W+0n3 +yVa+p9cfapvXuU5ChwxBMBsa8sMQ5TSb365H6GVZkFSVSfEg4NjicTxYIC3QuEdq +zTRWTTu4lYDWaTK61o/0LKFqg+DUehSxnx9S9zUzxB0GMZzOEXTmXaJWN+1kvmgv +2NVI6WfPjaNgeG+Nr9qw5simyxbmN0vHV8FjrmgGZMNf7ogibMtnECW4MxYN+6Ie +rY5AeMry+5iOPbuSUc75JmbAYHvw0wt9o4D/gcwLKIUNoGpiyihXy9GLllYR2bHM +VaZk+bwqqMcGX4pFio+fQJNcmw6msDiK20TT1cnhrYIrbpSJAoIBAQCtyKRI49Cv +qQI7AEYwMxym7exTSaFeN8T1m+CCetvx8ss5Kce/+RgrWauVh7WNOj+wR+3DfRL+ +1NhMgTiuWt2EjrzHmX/0Fugm2Z28JxofkS7MSuSqPwA9L4pUfHOqsmXptMxSTiG2 +ypgkWfUyQh+c8lAZWpds3kUXptnzORk2vsNkk6sebuJewF3TxURGqcHdl3t/IyGQ +sc396ztoPWOSIx/mc+2D5XtcOOrHR8SEwZsr9dPYQTAqV+v/6/MJ68ZU3nSp1E15 +Wd5YfRNIc20Hg9UTM1XXGCipa75/OguCd/OqVYVxBprLC8pv3kuhxn43rbbueRiu +LZIbUhQmTfHHAoIBAQCQJeYBEYF8Ar5zj1UI9uNGDmL37XwWbTXtopMcM8E+OX7u +uF8p+FmKNBsBGJvsi9D2MIouFgIKx6CTgbovrMC2Emv80Wvi2d7lOk1pZgrXLXKo +yHzHLlK4/8wEBdHKLZ5L7JC6c1JmuDaHVIE2KC53fiBIGh+ogGeZlC6VwRvXOUJF +W0w82hYSV97IhzKMM18YaIHnvvz3KPpCbQBmYQJizWaETSmcQx8igDe4nf9b8An+ +NF2GvtNklzG9vbSeMJztK8EQgKSxpUun3z69yx71qCnvwPFg68VFCau5358N0YeM +B+6BEgy3b4n4nvmDOquvPKyYXQoNAiBXyqIEU1VVAoIBAHUWhnoF5Ik2GiaenKvF +BD0EeQH0ziCo+q9xAudm1+JAb+Rn3gneTwaGODFbaltpL5gaHnxkPPQtfD6vofz3 +g+DYOyFQrwFKncfvP3OR9Ovn6dwDaeW65PJUoaMi5tvPrxKzmiaqNdTu02tKoQXn +v10Ddixe+T+E0pCI/rf9dJuKFCQjyluK4kJs4crZUpM5tUET20Vh6i+PXPcEEta8 +5eWEfO3Mle8UIvWT87upAyNfPqlzy/Qcl9MvwfaAhxPcI5jy+S+jtz9X6ZM9Ukyy +WHeDv4BcSi3OPTdJPOSDu1WAdFADpxDsHkdH/nE5GUQ6dLgW9vXd6V8RnSuDNchJ +I+kCggEAZaCimWw7KzBQD+8k164grBqmgf+INdOHauPs7bw7aOBmcm3Agjma/0of +I9Wy0MH+cCPmt/lCNVFrD7QtjUExmOxCADux4X0Tne9N9po/2FcteHvpJRCut8l4 +j/l+YBlrekHuA9YcaVlE8IKOmp0XrZ1Zqxvn6AenguqrMV+1fjbbV0S36ksjtokH +A7/1zkzFpdLAi5/mf2b/keeBmayZXwlLVsmEJaxY/h0BrAKQr8P7d6J5se9F4KyM +ICboeYLykHABrN3Vv303asKFXJAhYrbN4j/YrilrqnHYBbL4U2i/NOW+rHcKSiW0 +U3nZlkC+HE0drkoiNOuj2+F7+qq6BQKCAQAZK0uKuSAUJXSMSJWogpNLjHbg37bM +RHpdzPxpJhrhsU4XN1W5g153qfZBdioXGGeEYrfnKM+QG5VkbZ80C7TSe/CMeOyn +J1kxh2BZV3VP0xzdaQOcL/rHn7uq75KD5t8JwIQM8N1sos1D1/k8vz9RjElvZ3kx +gkrdwl3XTM//5Aq8iUZtt5OA7Jel/Iw9e4QBf6F2pYl73BStBbUHtWPC9we8qj3p +JgGFwiBBmFjZqu1oo0Q4mteDIIEHvbebD6G0nibilORZGOFnCVE7f0HYEzHDAzVe +OgyQybTowIznIMk7WuoLS2Kq1GghMm1l1gkmXj5hmmSIg8GBwRWa+5x6 +-----END RSA PRIVATE KEY----- +` \ No newline at end of file diff --git a/cypress/integration/oauth2/grant_jwtbearer.js b/cypress/integration/oauth2/grant_jwtbearer.js new file mode 100644 index 00000000000..8e02343cb42 --- /dev/null +++ b/cypress/integration/oauth2/grant_jwtbearer.js @@ -0,0 +1,688 @@ +import { createClient, createGrant, deleteGrants, deleteClients, prng, privatePem, publicJwk, invalidPrivatePem } from '../../helpers' + +const dayjs = require('dayjs') +const isBetween = require('dayjs/plugin/isBetween') +const utc = require('dayjs/plugin/utc') +dayjs.extend(utc) +dayjs.extend(isBetween) + +const jwt = require('jsonwebtoken') + +describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { + beforeEach(() => { + deleteGrants() + deleteClients() + }) + + const tokenUrl = `${Cypress.env('public_url')}/oauth2/token` + + const canSkipClientAuth = () => Cypress.env('grant_jwt_client_auth_optional') === 'true' || Boolean(Cypress.env('grant_jwt_client_auth_optional')) + const jtiOptional = () => Cypress.env('grant_jwt_jti_optional') === 'true' || Boolean(Cypress.env('grant_jwt_jti_optional')) + const iatOptional = () => Cypress.env('grant_jwt_iat_optional') === 'true' || Boolean(Cypress.env('grant_jwt_iat_optional')) + + const nc = () => ({ + client_id: prng(), + client_secret: prng(), + scope: 'foo openid offline_access', + grant_types: ['urn:ietf:params:oauth:grant-type:jwt-bearer'], + token_endpoint_auth_method: 'client_secret_post', + response_types: ['token'], + }) + + const gr = (subject) => ({ + issuer: prng(), + subject: subject, + scope: ['foo', 'openid', 'offline_access'], + jwk: publicJwk, + expires_at: dayjs().utc().add(1, 'year').set('millisecond', 0).toISOString(), + }) + + const jwtAssertion = (grant, override) => { + const assert = { + "jti": prng(), + "iss": grant.issuer, + "sub": grant.subject, + "aud": tokenUrl, + "exp": dayjs().utc().add(2, 'minute').set('millisecond', 0).unix(), + "iat": dayjs().utc().subtract(2, 'minute').set('millisecond', 0).unix(), + } + return {...assert, ...override} + } + + it('should return an Access Token when given client credentials and a signed JWT assertion', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + }) + .its('body') + .then((body) => { + const { access_token, expires_in, scope, token_type } = body + + expect(access_token).to.not.be.empty + expect(expires_in).to.not.be.undefined + expect(scope).to.not.be.empty + expect(token_type).to.not.be.empty + }) + }) + + + + it('[client auth required] should return an Error (400) when not given client credentials', function () { + if (canSkipClientAuth()) { + this.skip() + } + + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('[jti required] should return an Error (400) when given client credentials and a JWT assertion without a jti', function () { + if (jtiOptional()) { + this.skip() + } + + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + var ja = jwtAssertion(grant) + delete ja["jti"] + const assertion = jwt.sign(ja, privatePem, { algorithm: "RS256" }) + + // first token request should work fine + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion with a duplicated jti', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const jwt1 = jwtAssertion(grant) + const assertion1 = jwt.sign(jwt1, privatePem, { algorithm: "RS256" }) + + // first token request should work fine + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion1, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + }) + .its('body') + .then((body) => { + const { access_token, expires_in, scope, token_type } = body + + expect(access_token).to.not.be.empty + expect(expires_in).to.not.be.undefined + expect(scope).to.not.be.empty + expect(token_type).to.not.be.empty + }) + + const assertion2 = jwt.sign(jwtAssertion(grant, {jti: jwt1["jti"]}), privatePem, { algorithm: "RS256" }) + + // the second should fail + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion2, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('[iat required] should return an Error (400) when given client credentials and a JWT assertion without an iat', function () { + if (iatOptional()) { + this.skip() + } + + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + var ja = jwtAssertion(grant) + delete ja["iat"] + const assertion = jwt.sign(ja, privatePem, { algorithm: "RS256", noTimestamp: true }) + + // first token request should work fine + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion with an invalid signature', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant), invalidPrivatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion with an invalid subject', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant, {"sub": "invalid_subject"}), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion with an invalid issuer', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant, {"iss": "invalid_issuer"}), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion with an invalid audience', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant, {"aud": "invalid_audience"}), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion with an expired date', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant, {"exp": dayjs().utc().subtract(1, 'minute').set('millisecond', 0).unix()}), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion with a nbf that is still not valid', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant, {"nbf": dayjs().utc().add(1, 'minute').set('millisecond', 0).unix()}), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Access Token when given client credentials and a JWT assertion with a nbf that is valid', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant, {"nbf": dayjs().utc().subtract(1, 'minute').set('millisecond', 0).unix()}), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + }) + .its('body') + .then((body) => { + const { access_token, expires_in, scope, token_type } = body + + expect(access_token).to.not.be.empty + expect(expires_in).to.not.be.undefined + expect(scope).to.not.be.empty + expect(token_type).to.not.be.empty + }) + }) + + it('[client auth optional] should return an Access Token when given a signed JWT assertion', function () { + if (!canSkipClientAuth()) { + this.skip() + } + + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: grant.scope, + }, + }) + .its('body') + .then((body) => { + const { access_token, expires_in, scope, token_type } = body + + expect(access_token).to.not.be.empty + expect(expires_in).to.not.be.undefined + expect(scope).to.not.be.empty + expect(token_type).to.not.be.empty + }) + }) + + it('[client auth optional] should return an Error (400) when given a JWT assertion with an invalid signature', function () { + if (!canSkipClientAuth()) { + this.skip() + } + + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant), invalidPrivatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('[client auth optional] should return an Error (400) when given a JWT assertion with an invalid subject', function () { + if (!canSkipClientAuth()) { + this.skip() + } + + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant, {"sub": "invalid_subject"}), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('[client auth optional] should return an Error (400) when given a JWT assertion with an invalid issuer', function () { + if (!canSkipClientAuth()) { + this.skip() + } + + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant, {"iss": "invalid_issuer"}), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('[client auth optional] should return an Error (400) when given a JWT assertion with an invalid audience', function () { + if (!canSkipClientAuth()) { + this.skip() + } + + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant, {"aud": "invalid_audience"}), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('[client auth optional] should return an Error (400) when given a JWT assertion with an expired date', function () { + if (!canSkipClientAuth()) { + this.skip() + } + + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant, {"exp": dayjs().utc().subtract(1, 'minute').set('millisecond', 0).unix()}), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('[client auth optional] should return an Error (400) when given a JWT assertion with a nbf that is still not valid', function () { + if (!canSkipClientAuth()) { + this.skip() + } + + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant, {"nbf": dayjs().utc().add(1, 'minute').set('millisecond', 0).unix()}), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + }, + failOnStatusCode: false, + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('[client auth optional] should return an Access Token when given a JWT assertion with a nbf that is valid', function () { + if (!canSkipClientAuth()) { + this.skip() + } + + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant, {"nbf": dayjs().utc().subtract(1, 'minute').set('millisecond', 0).unix()}), privatePem, { algorithm: "RS256" }) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + }, + }) + .its('body') + .then((body) => { + const { access_token, expires_in, scope, token_type } = body + + expect(access_token).to.not.be.empty + expect(expires_in).to.not.be.undefined + expect(scope).to.not.be.empty + expect(token_type).to.not.be.empty + }) + }) +}) diff --git a/package.json b/package.json index 35898531133..33d9a5db7c8 100644 --- a/package.json +++ b/package.json @@ -17,6 +17,7 @@ "devDependencies": { "cypress": "^7.7.0", "dayjs": "^1.10.6", + "jsonwebtoken": "^8.5.1", "ory-prettier-styles": "1.1.1", "prettier": "2.1.2", "standard": "^12.0.1", diff --git a/test/e2e/circle-ci.bash b/test/e2e/circle-ci.bash index 0ac23f849eb..6f3b71bd540 100755 --- a/test/e2e/circle-ci.bash +++ b/test/e2e/circle-ci.bash @@ -53,90 +53,59 @@ export OAUTH2_EXPOSE_INTERNAL_ERRORS=1 export SERVE_PUBLIC_PORT=5000 export SERVE_ADMIN_PORT=5001 export LOG_LEAK_SENSITIVE_VALUES=true + export TEST_DATABASE_SQLITE="sqlite://$(mktemp -d -t ci-XXXXXXXXXX)/e2e.sqlite?_fk=true" +export TEST_DATABASE="$TEST_DATABASE_SQLITE" WATCH=no for i in "$@" do case $i in + memory) + # NOOP default value + ;; + postgres) + export TEST_DATABASE="$TEST_DATABASE_POSTGRESQL" + ;; + mysql) + export TEST_DATABASE="$TEST_DATABASE_MYSQL" + ;; + cockroach) + export TEST_DATABASE="$TEST_DATABASE_COCKROACHDB" + ;; + # Additional parameters --watch) - WATCH=yes - shift # past argument=value + WATCH=yes + ;; + --jwt) + export STRATEGIES_ACCESS_TOKEN=jwt + export OIDC_SUBJECT_IDENTIFIERS_SUPPORTED_TYPES=public + export CYPRESS_jwt_enabled=true + ;; + --grant_jwt_client_auth_optional) + export OAUTH2_GRANT_JWT_CLIENT_AUTH_OPTIONAL=true + export CYPRESS_grant_jwt_client_auth_optional=true + ;; + --grant_jwt_jti_optional) + export OAUTH2_GRANT_JWT_JTI_OPTIONAL=true + export CYPRESS_grant_jwt_jti_optional=true + ;; + --grant_jwt_iat_optional) + export OAUTH2_GRANT_JWT_IAT_OPTIONAL=true + export CYPRESS_grant_jwt_iat_optional=true ;; *) - case "$i" in - memory) - ./hydra migrate sql --yes $TEST_DATABASE_SQLITE > ./hydra-migrate.e2e.log 2>&1 - DSN=$TEST_DATABASE_SQLITE \ - ./hydra serve all --dangerous-force-http --sqa-opt-out > ./hydra.e2e.log 2>&1 & - export CYPRESS_jwt_enabled=false - ;; - - memory-jwt) - ./hydra migrate sql --yes $TEST_DATABASE_SQLITE > ./hydra-migrate.e2e.log 2>&1 - DSN=$TEST_DATABASE_SQLITE \ - STRATEGIES_ACCESS_TOKEN=jwt \ - OIDC_SUBJECT_IDENTIFIERS_SUPPORTED_TYPES=public \ - ./hydra serve all --dangerous-force-http --sqa-opt-out > ./hydra.e2e.log 2>&1 & - export CYPRESS_jwt_enabled=true - ;; - - postgres) - ./hydra migrate sql --yes $TEST_DATABASE_POSTGRESQL > ./hydra-migrate.e2e.log 2>&1 - DSN=$TEST_DATABASE_POSTGRESQL \ - ./hydra serve all --dangerous-force-http --sqa-opt-out > ./hydra.e2e.log 2>&1 & - export CYPRESS_jwt_enabled=false - ;; - - postgres-jwt) - ./hydra migrate sql --yes $TEST_DATABASE_POSTGRESQL > ./hydra-migrate.e2e.log 2>&1 - DSN=$TEST_DATABASE_POSTGRESQL \ - STRATEGIES_ACCESS_TOKEN=jwt \ - OIDC_SUBJECT_IDENTIFIERS_SUPPORTED_TYPES=public \ - ./hydra serve all --dangerous-force-http --sqa-opt-out > ./hydra.e2e.log 2>&1 & - export CYPRESS_jwt_enabled=true - ;; - - mysql) - ./hydra migrate sql --yes $TEST_DATABASE_MYSQL > ./hydra-migrate.e2e.log 2>&1 - DSN=$TEST_DATABASE_MYSQL \ - ./hydra serve all --dangerous-force-http --sqa-opt-out > ./hydra.e2e.log 2>&1 & - export CYPRESS_jwt_enabled=false - ;; - - mysql-jwt) - ./hydra migrate sql --yes $TEST_DATABASE_MYSQL > ./hydra-migrate.e2e.log 2>&1 - DSN=$TEST_DATABASE_MYSQL \ - STRATEGIES_ACCESS_TOKEN=jwt \ - OIDC_SUBJECT_IDENTIFIERS_SUPPORTED_TYPES=public \ - ./hydra serve all --dangerous-force-http --sqa-opt-out > ./hydra.e2e.log 2>&1 & - export CYPRESS_jwt_enabled=true - ;; - - cockroach) - ./hydra migrate sql --yes $TEST_DATABASE_COCKROACHDB > ./hydra-migrate.e2e.log 2>&1 - DSN=$TEST_DATABASE_COCKROACHDB \ - ./hydra serve all --dangerous-force-http --sqa-opt-out > ./hydra.e2e.log 2>&1 & - export CYPRESS_jwt_enabled=false - ;; - - cockroach-jwt) - ./hydra migrate sql --yes $TEST_DATABASE_COCKROACHDB > ./hydra-migrate.e2e.log 2>&1 - DSN=$TEST_DATABASE_COCKROACHDB \ - STRATEGIES_ACCESS_TOKEN=jwt \ - OIDC_SUBJECT_IDENTIFIERS_SUPPORTED_TYPES=public \ - ./hydra serve all --dangerous-force-http --sqa-opt-out > ./hydra.e2e.log 2>&1 & - export CYPRESS_jwt_enabled=true - ;; - - *) - echo $"Usage: $0 {memory|postgres|mysql|cockroach|memory-jwt|postgres-jwt|mysql-jwt|cockroach-jwt} [--watch]" - exit 1 - esac + echo $"Invalid param $i" + echo $"Usage: $0 [memory|postgres|mysql|cockroach] [--watch][--jwt][--grant_jwt_client_auth_optional][--grant_jwt_jti_optional][--grant_jwt_iat_optional]" + exit 1 ;; esac done +./hydra migrate sql --yes $TEST_DATABASE > ./hydra-migrate.e2e.log 2>&1 + DSN=$TEST_DATABASE \ + ./hydra serve all --dangerous-force-http --sqa-opt-out > ./hydra.e2e.log 2>&1 & + npm run wait-on -- -l -t 300000 \ --interval 1000 -s 1 -d 1000 \ http-get://localhost:5000/health/ready http-get://localhost:5001/health/ready http-get://localhost:5002/ http-get://localhost:5003/oauth2/callback From 3ede4c0cbfb032d40075535adc21020102ca0b05 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jagoba=20Gasco=CC=81n?= Date: Thu, 11 Nov 2021 14:27:44 +0100 Subject: [PATCH 29/49] feat: add grant validator tests --- oauth2/trust/validator_test.go | 93 ++++++++++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) create mode 100644 oauth2/trust/validator_test.go diff --git a/oauth2/trust/validator_test.go b/oauth2/trust/validator_test.go new file mode 100644 index 00000000000..ec850e61606 --- /dev/null +++ b/oauth2/trust/validator_test.go @@ -0,0 +1,93 @@ +package trust + +import ( + "testing" + "time" + + "gopkg.in/square/go-jose.v2" +) + +func TestEmptyIssuerIsInvalid(t *testing.T) { + v := GrantValidator{} + + r := createGrantRequest{ + Issuer: "", + Subject: "valid-subject", + ExpiresAt: time.Now().Add(time.Hour * 10), + PublicKeyJWK: jose.JSONWebKey{ + KeyID: "valid-key-id", + }, + } + + if err := v.Validate(r); err == nil { + t.Error("an empty issuer should not be valid") + } +} + +func TestEmptySubjectIsInvalid(t *testing.T) { + v := GrantValidator{} + + r := createGrantRequest{ + Issuer: "valid-issuer", + Subject: "", + ExpiresAt: time.Now().Add(time.Hour * 10), + PublicKeyJWK: jose.JSONWebKey{ + KeyID: "valid-key-id", + }, + } + + if err := v.Validate(r); err == nil { + t.Error("an empty subject should not be valid") + } +} + +func TestEmptyExpiresAtIsInvalid(t *testing.T) { + v := GrantValidator{} + + r := createGrantRequest{ + Issuer: "valid-issuer", + Subject: "valid-subject", + ExpiresAt: time.Time{}, + PublicKeyJWK: jose.JSONWebKey{ + KeyID: "valid-key-id", + }, + } + + if err := v.Validate(r); err == nil { + t.Error("an empty expiration should not be valid") + } +} + +func TestEmptyPublicKeyIdIsInvalid(t *testing.T) { + v := GrantValidator{} + + r := createGrantRequest{ + Issuer: "valid-issuer", + Subject: "valid-subject", + ExpiresAt: time.Now().Add(time.Hour * 10), + PublicKeyJWK: jose.JSONWebKey{ + KeyID: "", + }, + } + + if err := v.Validate(r); err == nil { + t.Error("an empty public key id should not be valid") + } +} + +func TestIsValid(t *testing.T) { + v := GrantValidator{} + + r := createGrantRequest{ + Issuer: "valid-issuer", + Subject: "valid-subject", + ExpiresAt: time.Now().Add(time.Hour * 10), + PublicKeyJWK: jose.JSONWebKey{ + KeyID: "valid-key-id", + }, + } + + if err := v.Validate(r); err != nil { + t.Error("A request with an issuer, a subject, an expiration and a public key should be valid") + } +} From 656c1c63e7b56cefbaf687f5af65a3d47d5c4e12 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jagoba=20Gasco=CC=81n?= Date: Thu, 11 Nov 2021 14:53:07 +0100 Subject: [PATCH 30/49] feat: use pipe instead of space to store jwt grant scopes in the DB --- persistence/sql/persister_grant_jwk.go | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/persistence/sql/persister_grant_jwk.go b/persistence/sql/persister_grant_jwk.go index 07b2a337a2a..38c788fdeb5 100644 --- a/persistence/sql/persister_grant_jwk.go +++ b/persistence/sql/persister_grant_jwk.go @@ -11,14 +11,13 @@ import ( "github.com/ory/hydra/oauth2/trust" "github.com/ory/x/errorsx" + "github.com/ory/x/stringsx" "github.com/ory/x/sqlcon" ) var _ trust.GrantManager = &Persister{} -const scopeSeparator = " " - func (p *Persister) CreateGrant(ctx context.Context, g trust.Grant, publicKey jose.JSONWebKey) error { // add key, if it doesn't exist if _, err := p.GetKey(ctx, g.PublicKey.Set, g.PublicKey.KeyID); err != nil { @@ -143,7 +142,7 @@ func (p *Persister) GetPublicKeyScopes(ctx context.Context, issuer string, subje return nil, sqlcon.HandleError(err) } - return strings.Split(data.Scope, scopeSeparator), nil + return p.jwtGrantFromSQlData(data).Scope, nil } func (p *Persister) IsJWTUsed(ctx context.Context, jti string) (bool, error) { @@ -164,7 +163,7 @@ func (p *Persister) sqlDataFromJWTGrant(g trust.Grant) trust.SQLData { ID: g.ID, Issuer: g.Issuer, Subject: g.Subject, - Scope: strings.Join(g.Scope, " "), + Scope: strings.Join(g.Scope, "|"), KeySet: g.PublicKey.Set, KeyID: g.PublicKey.KeyID, CreatedAt: g.CreatedAt, @@ -177,7 +176,7 @@ func (p *Persister) jwtGrantFromSQlData(data trust.SQLData) trust.Grant { ID: data.ID, Issuer: data.Issuer, Subject: data.Subject, - Scope: strings.Split(data.Scope, scopeSeparator), + Scope: stringsx.Splitx(data.Scope, "|"), PublicKey: trust.PublicKey{ Set: data.KeySet, KeyID: data.KeyID, From 775a6e9529404790bfa49f0017cf26085837a528 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jagoba=20Gasco=CC=81n?= Date: Thu, 11 Nov 2021 16:30:30 +0100 Subject: [PATCH 31/49] feat: add index to jwt bearer issuers expires_at column --- .../20201211145331000000_grant_jwk_bearer.cockroach.down.sql | 2 ++ .../20201211145331000000_grant_jwk_bearer.cockroach.up.sql | 2 ++ .../20201211145331000000_grant_jwk_bearer.mysql.down.sql | 2 ++ .../20201211145331000000_grant_jwk_bearer.mysql.up.sql | 2 ++ .../20201211145331000000_grant_jwk_bearer.postgres.down.sql | 2 ++ .../20201211145331000000_grant_jwk_bearer.postgres.up.sql | 2 ++ .../20201211145331000000_grant_jwk_bearer.sqlite.down.sql | 2 ++ .../20201211145331000000_grant_jwk_bearer.sqlite.up.sql | 2 ++ 8 files changed, 16 insertions(+) diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.down.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.down.sql index 55d80773f05..6757c1859ee 100644 --- a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.down.sql +++ b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.down.sql @@ -1 +1,3 @@ +DROP INDEX hydra_oauth2_trusted_jwt_bearer_issuer_expires_at_idx; + DROP TABLE IF EXISTS hydra_oauth2_trusted_jwt_bearer_issuer; diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.up.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.up.sql index f7418591c12..4eece787bfe 100644 --- a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.up.sql +++ b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.up.sql @@ -11,3 +11,5 @@ CREATE TABLE IF NOT EXISTS hydra_oauth2_trusted_jwt_bearer_issuer UNIQUE (issuer, subject, key_id), FOREIGN KEY (key_set, key_id) REFERENCES hydra_jwk (sid, kid) ON DELETE CASCADE ); + +CREATE INDEX hydra_oauth2_trusted_jwt_bearer_issuer_expires_at_idx ON hydra_oauth2_trusted_jwt_bearer_issuer (expires_at); diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.down.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.down.sql index 55d80773f05..6757c1859ee 100644 --- a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.down.sql +++ b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.down.sql @@ -1 +1,3 @@ +DROP INDEX hydra_oauth2_trusted_jwt_bearer_issuer_expires_at_idx; + DROP TABLE IF EXISTS hydra_oauth2_trusted_jwt_bearer_issuer; diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.up.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.up.sql index 2f968f0c917..a0ed4ac4913 100644 --- a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.up.sql +++ b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.up.sql @@ -11,3 +11,5 @@ CREATE TABLE IF NOT EXISTS hydra_oauth2_trusted_jwt_bearer_issuer UNIQUE (issuer, subject, key_id), FOREIGN KEY (key_set, key_id) REFERENCES hydra_jwk (sid, kid) ON DELETE CASCADE ); + +CREATE INDEX hydra_oauth2_trusted_jwt_bearer_issuer_expires_at_idx ON hydra_oauth2_trusted_jwt_bearer_issuer (expires_at); diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.down.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.down.sql index 55d80773f05..6757c1859ee 100644 --- a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.down.sql +++ b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.down.sql @@ -1 +1,3 @@ +DROP INDEX hydra_oauth2_trusted_jwt_bearer_issuer_expires_at_idx; + DROP TABLE IF EXISTS hydra_oauth2_trusted_jwt_bearer_issuer; diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.up.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.up.sql index f7418591c12..4eece787bfe 100644 --- a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.up.sql +++ b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.up.sql @@ -11,3 +11,5 @@ CREATE TABLE IF NOT EXISTS hydra_oauth2_trusted_jwt_bearer_issuer UNIQUE (issuer, subject, key_id), FOREIGN KEY (key_set, key_id) REFERENCES hydra_jwk (sid, kid) ON DELETE CASCADE ); + +CREATE INDEX hydra_oauth2_trusted_jwt_bearer_issuer_expires_at_idx ON hydra_oauth2_trusted_jwt_bearer_issuer (expires_at); diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.down.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.down.sql index 55d80773f05..6757c1859ee 100644 --- a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.down.sql +++ b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.down.sql @@ -1 +1,3 @@ +DROP INDEX hydra_oauth2_trusted_jwt_bearer_issuer_expires_at_idx; + DROP TABLE IF EXISTS hydra_oauth2_trusted_jwt_bearer_issuer; diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.up.sql b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.up.sql index 63e1f7791c3..5a5f125fc3e 100644 --- a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.up.sql +++ b/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.up.sql @@ -11,3 +11,5 @@ CREATE TABLE IF NOT EXISTS hydra_oauth2_trusted_jwt_bearer_issuer UNIQUE (issuer, subject, key_id), FOREIGN KEY (key_set, key_id) REFERENCES hydra_jwk (sid, kid) ON DELETE CASCADE ); + +CREATE INDEX hydra_oauth2_trusted_jwt_bearer_issuer_expires_at_idx ON hydra_oauth2_trusted_jwt_bearer_issuer (expires_at); From 91e24f95507dc2e866495c7db5926bfcf061f335 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jagoba=20Gasco=CC=81n?= Date: Fri, 12 Nov 2021 09:17:57 +0100 Subject: [PATCH 32/49] refactor: get smallest time to save one DB filter when flushing grants --- persistence/sql/persister_grant_jwk.go | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/persistence/sql/persister_grant_jwk.go b/persistence/sql/persister_grant_jwk.go index 38c788fdeb5..70a9f9d675a 100644 --- a/persistence/sql/persister_grant_jwk.go +++ b/persistence/sql/persister_grant_jwk.go @@ -187,9 +187,12 @@ func (p *Persister) jwtGrantFromSQlData(data trust.SQLData) trust.Grant { } func (p *Persister) FlushInactiveGrants(ctx context.Context, notAfter time.Time) error { + deleteUntil := time.Now().UTC() + if deleteUntil.After(notAfter) { + deleteUntil = notAfter + } return sqlcon.HandleError(p.Connection(ctx).RawQuery( - fmt.Sprintf("DELETE FROM %s WHERE expires_at < ? AND expires_at < ?", trust.SQLData{}.TableName()), - time.Now().UTC(), - notAfter, + fmt.Sprintf("DELETE FROM %s WHERE expires_at < ?", trust.SQLData{}.TableName()), + deleteUntil, ).Exec()) } From a882e6e3070918f48da6e69f3ee162b432c9aec3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jagoba=20Gasco=CC=81n?= Date: Fri, 12 Nov 2021 11:13:39 +0100 Subject: [PATCH 33/49] refactor: make DeleteGrant in a single transaction --- persistence/sql/persister_grant_jwk.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/persistence/sql/persister_grant_jwk.go b/persistence/sql/persister_grant_jwk.go index 70a9f9d675a..377142b8dd8 100644 --- a/persistence/sql/persister_grant_jwk.go +++ b/persistence/sql/persister_grant_jwk.go @@ -45,12 +45,12 @@ func (p *Persister) GetConcreteGrant(ctx context.Context, id string) (trust.Gran } func (p *Persister) DeleteGrant(ctx context.Context, id string) error { - grant, err := p.GetConcreteGrant(ctx, id) - if err != nil { - return err - } - return p.transaction(ctx, func(ctx context.Context, c *pop.Connection) error { + grant, err := p.GetConcreteGrant(ctx, id) + if err != nil { + return sqlcon.HandleError(err) + } + if err := p.Connection(ctx).Destroy(&trust.SQLData{ID: grant.ID}); err != nil { return sqlcon.HandleError(err) } From b3fd42e2539f33bfe80233c781e8f26d2e3c4cbc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jagoba=20Gasco=CC=81n?= Date: Fri, 12 Nov 2021 11:33:53 +0100 Subject: [PATCH 34/49] refactor: use a single transaction to in the CreateGrant function --- persistence/sql/persister_grant_jwk.go | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/persistence/sql/persister_grant_jwk.go b/persistence/sql/persister_grant_jwk.go index 377142b8dd8..8cda0ecd0dd 100644 --- a/persistence/sql/persister_grant_jwk.go +++ b/persistence/sql/persister_grant_jwk.go @@ -19,20 +19,22 @@ import ( var _ trust.GrantManager = &Persister{} func (p *Persister) CreateGrant(ctx context.Context, g trust.Grant, publicKey jose.JSONWebKey) error { - // add key, if it doesn't exist - if _, err := p.GetKey(ctx, g.PublicKey.Set, g.PublicKey.KeyID); err != nil { - if errorsx.Cause(err) != sqlcon.ErrNoRows { - return err + return p.transaction(ctx, func(ctx context.Context, c *pop.Connection) error { + // add key, if it doesn't exist + if _, err := p.GetKey(ctx, g.PublicKey.Set, g.PublicKey.KeyID); err != nil { + if errorsx.Cause(err) != sqlcon.ErrNoRows { + return sqlcon.HandleError(err) + } + + if err = p.AddKey(ctx, g.PublicKey.Set, &publicKey); err != nil { + return sqlcon.HandleError(err) + } } - if err = p.AddKey(ctx, g.PublicKey.Set, &publicKey); err != nil { - return err - } - } + data := p.sqlDataFromJWTGrant(g) - data := p.sqlDataFromJWTGrant(g) - - return sqlcon.HandleError(p.Connection(ctx).Create(&data)) + return sqlcon.HandleError(p.Connection(ctx).Create(&data)) + }) } func (p *Persister) GetConcreteGrant(ctx context.Context, id string) (trust.Grant, error) { From 8cb9f173e4e3fd1b7ab5bb4c9de008d567a48d99 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jagoba=20Gasco=CC=81n?= Date: Mon, 15 Nov 2021 11:47:44 +0100 Subject: [PATCH 35/49] feat: remove flush expired grants endpoint and add it to the janitor CLI --- cmd/cli/handler_janitor.go | 11 ++- cmd/cli/handler_janitor_test.go | 39 +++++++- cmd/janitor.go | 15 ++- internal/testhelpers/janitor_test_helper.go | 103 +++++++++++++++++++- oauth2/trust/doc.go | 13 --- oauth2/trust/handler.go | 35 ------- oauth2/trust/request.go | 6 -- 7 files changed, 159 insertions(+), 63 deletions(-) diff --git a/cmd/cli/handler_janitor.go b/cmd/cli/handler_janitor.go index a1c7005f496..a33435655db 100644 --- a/cmd/cli/handler_janitor.go +++ b/cmd/cli/handler_janitor.go @@ -26,6 +26,7 @@ const ( ConsentRequestLifespan = "consent-request-lifespan" OnlyTokens = "tokens" OnlyRequests = "requests" + OnlyGrants = "grants" ReadFromEnv = "read-from-env" Config = "config" ) @@ -48,9 +49,9 @@ func (_ *JanitorHandler) Args(cmd *cobra.Command, args []string) error { "- Using the config file with flag -c, --config") } - if !flagx.MustGetBool(cmd, OnlyTokens) && !flagx.MustGetBool(cmd, OnlyRequests) { + if !flagx.MustGetBool(cmd, OnlyTokens) && !flagx.MustGetBool(cmd, OnlyRequests) && !flagx.MustGetBool(cmd, OnlyGrants) { return fmt.Errorf("%s\n%s\n", cmd.UsageString(), - "Janitor requires either --tokens or --requests or both to be set") + "Janitor requires at least one of --tokens, --requests or --grants to be set") } return nil @@ -121,6 +122,10 @@ func purge(cmd *cobra.Command, args []string) error { routineFlags = append(routineFlags, OnlyRequests) } + if flagx.MustGetBool(cmd, OnlyGrants) { + routineFlags = append(routineFlags, OnlyGrants) + } + return cleanupRun(cmd.Context(), notAfter, addRoutine(p, routineFlags...)...) } @@ -133,6 +138,8 @@ func addRoutine(p persistence.Persister, names ...string) []cleanupRoutine { routines = append(routines, cleanup(p.FlushInactiveRefreshTokens, "refresh tokens")) case OnlyRequests: routines = append(routines, cleanup(p.FlushInactiveLoginConsentRequests, "login-consent requests")) + case OnlyGrants: + routines = append(routines, cleanup(p.FlushInactiveGrants, "grants")) } } return routines diff --git a/cmd/cli/handler_janitor_test.go b/cmd/cli/handler_janitor_test.go index 49ac4c48f40..4f91d3e8ffe 100644 --- a/cmd/cli/handler_janitor_test.go +++ b/cmd/cli/handler_janitor_test.go @@ -203,10 +203,47 @@ func TestJanitorHandler_Arguments(t *testing.T) { fmt.Sprintf("--%s", cli.OnlyTokens), "memory", ) + cmdx.ExecNoErr(t, cmd.NewRootCmd(), + "janitor", + fmt.Sprintf("--%s", cli.OnlyGrants), + "memory", + ) _, _, err := cmdx.ExecCtx(context.Background(), cmd.NewRootCmd(), nil, "janitor", "memory") require.Error(t, err) - require.Contains(t, err.Error(), "Janitor requires either --tokens or --requests or both to be set") + require.Contains(t, err.Error(), "Janitor requires at least one of --tokens, --requests or --grants to be set") +} + +func TestJanitorHandler_PurgeGrantNotAfter(t *testing.T) { + ctx := context.Background() + testCycles := testhelpers.NewConsentJanitorTestHelper("").GetNotAfterTestCycles() + + require.True(t, len(testCycles) > 0) + + for k, v := range testCycles { + t.Run(fmt.Sprintf("case=%s", k), func(t *testing.T) { + jt := testhelpers.NewConsentJanitorTestHelper(t.Name()) + reg, err := jt.GetRegistry(ctx, k) + require.NoError(t, err) + + // setup test + t.Run("step=setup", jt.GrantNotAfterSetup(ctx, reg.ClientManager(), reg.GrantManager())) + + // run the cleanup routine + t.Run("step=cleanup", func(t *testing.T) { + cmdx.ExecNoErr(t, newJanitorCmd(), + "janitor", + fmt.Sprintf("--%s=%s", cli.KeepIfYounger, v.String()), + fmt.Sprintf("--%s", cli.OnlyGrants), + jt.GetDSN(), + ) + }) + + // validate test + notAfter := time.Now().Round(time.Second).Add(-v) + t.Run("step=validate-access", jt.GrantNotAfterValidate(ctx, notAfter, reg.GrantManager())) + }) + } } diff --git a/cmd/janitor.go b/cmd/janitor.go index ea324dbda31..ae55922d5cc 100644 --- a/cmd/janitor.go +++ b/cmd/janitor.go @@ -10,7 +10,7 @@ import ( func NewJanitorCmd() *cobra.Command { cmd := &cobra.Command{ Use: "janitor []", - Short: "Clean the database of old tokens and login/consent requests", + Short: "Clean the database of old tokens, login/consent requests and jwt grant issuers", Long: `This command will cleanup any expired oauth2 tokens as well as login/consent requests. ### Warning ### @@ -45,9 +45,13 @@ Janitor can be used in several ways. janitor --requests - or both + or - janitor --tokens --requests + janitor --grants + + or any combination of them + + janitor --tokens --requests --grants `, RunE: cli.NewHandler().Janitor.RunE, Args: cli.NewHandler().Janitor.Args, @@ -56,8 +60,9 @@ Janitor can be used in several ways. cmd.Flags().Duration(cli.AccessLifespan, 0, "Set the access token lifespan e.g. 1s, 1m, 1h.") cmd.Flags().Duration(cli.RefreshLifespan, 0, "Set the refresh token lifespan e.g. 1s, 1m, 1h.") cmd.Flags().Duration(cli.ConsentRequestLifespan, 0, "Set the login/consent request lifespan e.g. 1s, 1m, 1h") - cmd.Flags().Bool(cli.OnlyRequests, false, "This will only run the cleanup on requests and will skip token cleanup.") - cmd.Flags().Bool(cli.OnlyTokens, false, "This will only run the cleanup on tokens and will skip requests cleanup.") + cmd.Flags().Bool(cli.OnlyRequests, false, "This will only run the cleanup on requests and will skip token and trust relationships cleanup.") + cmd.Flags().Bool(cli.OnlyTokens, false, "This will only run the cleanup on tokens and will skip requests and trust relationships cleanup.") + cmd.Flags().Bool(cli.OnlyGrants, false, "This will only run the cleanup on trust relationships and will skip requests and token cleanup.") cmd.Flags().BoolP(cli.ReadFromEnv, "e", false, "If set, reads the database connection string from the environment variable DSN or config file key dsn.") configx.RegisterFlags(cmd.PersistentFlags()) return cmd diff --git a/internal/testhelpers/janitor_test_helper.go b/internal/testhelpers/janitor_test_helper.go index 9b07fc75deb..cb6091555dd 100644 --- a/internal/testhelpers/janitor_test_helper.go +++ b/internal/testhelpers/janitor_test_helper.go @@ -7,7 +7,9 @@ import ( "testing" "time" + "github.com/google/uuid" "github.com/stretchr/testify/require" + "gopkg.in/square/go-jose.v2" "github.com/ory/fosite" "github.com/ory/fosite/handler/openid" @@ -17,6 +19,7 @@ import ( "github.com/ory/hydra/driver/config" "github.com/ory/hydra/internal" "github.com/ory/hydra/oauth2" + "github.com/ory/hydra/oauth2/trust" "github.com/ory/hydra/x" "github.com/ory/x/logrusx" @@ -29,12 +32,19 @@ type JanitorConsentTestHelper struct { flushConsentRequests []*consent.ConsentRequest flushAccessRequests []*fosite.Request flushRefreshRequests []*fosite.AccessRequest + flushGrants []*createGrantRequest conf *config.Provider Lifespan time.Duration } +type createGrantRequest struct { + grant trust.Grant + pk jose.JSONWebKey +} + +const lifespan = time.Hour + func NewConsentJanitorTestHelper(uniqueName string) *JanitorConsentTestHelper { - var lifespan = time.Hour conf := internal.NewConfigurationWithDefaults() conf.MustSet(config.KeyScopeStrategy, "DEPRECATED_HIERARCHICAL_SCOPE_STRATEGY") conf.MustSet(config.KeyIssuerURL, "http://hydra.localhost") @@ -50,6 +60,7 @@ func NewConsentJanitorTestHelper(uniqueName string) *JanitorConsentTestHelper { flushConsentRequests: genConsentRequests(uniqueName, lifespan), flushAccessRequests: getAccessRequests(uniqueName, lifespan), flushRefreshRequests: getRefreshRequests(uniqueName, lifespan), + flushGrants: getGrantRequests(uniqueName, lifespan), Lifespan: lifespan, } } @@ -134,6 +145,37 @@ func (j *JanitorConsentTestHelper) RefreshTokenNotAfterValidate(ctx context.Cont } } +func (j *JanitorConsentTestHelper) GrantNotAfterSetup(ctx context.Context, cl client.Manager, gr trust.GrantManager) func(t *testing.T) { + return func(t *testing.T) { + for _, fg := range j.flushGrants { + require.NoError(t, gr.CreateGrant(ctx, fg.grant, fg.pk)) + } + } +} + +func (j *JanitorConsentTestHelper) GrantNotAfterValidate(ctx context.Context, notAfter time.Time, gr trust.GrantManager) func(t *testing.T) { + return func(t *testing.T) { + var err error + + // flush won't delete grants that have not yet expired, so use now to check that + deleteUntil := time.Now().Round(time.Second) + if deleteUntil.After(notAfter) { + deleteUntil = notAfter + } + + for _, r := range j.flushGrants { + t.Logf("grant flush check: %s", r.grant.Issuer) + _, err = gr.GetConcreteGrant(ctx, r.grant.ID) + + if deleteUntil.After(r.grant.ExpiresAt) { + require.Error(t, err) + } else { + require.NoError(t, err) + } + } + } +} + func (j *JanitorConsentTestHelper) LoginRejectionSetup(ctx context.Context, cm consent.Manager, cl client.Manager) func(t *testing.T) { return func(t *testing.T) { var err error @@ -660,3 +702,62 @@ func genConsentRequests(uniqueName string, lifespan time.Duration) []*consent.Co }, } } + +func getGrantRequests(uniqueName string, lifespan time.Duration) []*createGrantRequest { + return []*createGrantRequest{ + { + grant: trust.Grant{ + ID: uuid.New().String(), + Issuer: fmt.Sprintf("%s_flush-grant-iss-1", uniqueName), + Subject: fmt.Sprintf("%s_flush-grant-sub-1", uniqueName), + Scope: []string{"foo", "bar"}, + PublicKey: trust.PublicKey{ + Set: fmt.Sprintf("%s_flush-grant-iss-1", uniqueName), + KeyID: fmt.Sprintf("%s_flush-grant-kid-1", uniqueName), + }, + CreatedAt: time.Now().Round(time.Second), + ExpiresAt: time.Now().Round(time.Second).Add(lifespan), + }, + pk: jose.JSONWebKey{ + Key: []byte("asdf"), + KeyID: fmt.Sprintf("%s_flush-grant-kid-1", uniqueName), + }, + }, + { + grant: trust.Grant{ + ID: uuid.New().String(), + Issuer: fmt.Sprintf("%s_flush-grant-iss-2", uniqueName), + Subject: fmt.Sprintf("%s_flush-grant-sub-2", uniqueName), + Scope: []string{"foo", "bar"}, + PublicKey: trust.PublicKey{ + Set: fmt.Sprintf("%s_flush-grant-iss-2", uniqueName), + KeyID: fmt.Sprintf("%s_flush-grant-kid-2", uniqueName), + }, + CreatedAt: time.Now().Round(time.Second).Add(-(lifespan + time.Minute)), + ExpiresAt: time.Now().Round(time.Second).Add(-(lifespan + time.Minute)).Add(lifespan), + }, + pk: jose.JSONWebKey{ + Key: []byte("asdf"), + KeyID: fmt.Sprintf("%s_flush-grant-kid-2", uniqueName), + }, + }, + { + grant: trust.Grant{ + ID: uuid.New().String(), + Issuer: fmt.Sprintf("%s_flush-grant-iss-3", uniqueName), + Subject: fmt.Sprintf("%s_flush-grant-sub-3", uniqueName), + Scope: []string{"foo", "bar"}, + PublicKey: trust.PublicKey{ + Set: fmt.Sprintf("%s_flush-grant-iss-3", uniqueName), + KeyID: fmt.Sprintf("%s_flush-grant-kid-3", uniqueName), + }, + CreatedAt: time.Now().Round(time.Second).Add(-(lifespan + time.Hour)), + ExpiresAt: time.Now().Round(time.Second).Add(-(lifespan + time.Hour)).Add(lifespan), + }, + pk: jose.JSONWebKey{ + Key: []byte("asdf"), + KeyID: fmt.Sprintf("%s_flush-grant-kid-3", uniqueName), + }, + }, + } +} diff --git a/oauth2/trust/doc.go b/oauth2/trust/doc.go index b6bec746d23..d71339e9679 100644 --- a/oauth2/trust/doc.go +++ b/oauth2/trust/doc.go @@ -132,16 +132,3 @@ type trustedJsonWebKey struct { // example: 123e4567-e89b-12d3-a456-426655440000 KeyID string `json:"kid"` } - -// swagger:parameters flushInactiveJwtBearerGrants -type swaggerFlushInactiveJWTBearerGrantsRequestParams struct { - // in: body - Body swaggerFlushInactiveJWTBearerGrantsParams -} - -// swagger:model flushInactiveJwtBearerGrantsParams -type swaggerFlushInactiveJWTBearerGrantsParams struct { - // The "notAfter" sets after which point grants should not be flushed. This is useful when you want to keep a history - // of recently added grants. - NotAfter time.Time `json:"notAfter"` -} diff --git a/oauth2/trust/handler.go b/oauth2/trust/handler.go index 4d52c36c169..19631116c2f 100644 --- a/oauth2/trust/handler.go +++ b/oauth2/trust/handler.go @@ -193,38 +193,3 @@ func (h *Handler) List(w http.ResponseWriter, r *http.Request, ps httprouter.Par h.registry.Writer().Write(w, r, grants) } - -// swagger:route POST /grants/jwt-bearer/flush admin flushInactiveJwtBearerGrants -// -// Flush Expired jwt-bearer grants. -// -// This endpoint flushes expired jwt-bearer grants from the database. You can set a time after which no tokens will be -// not be touched, in case you want to keep recent tokens for auditing. Refresh tokens can not be flushed as they are deleted -// automatically when performing the refresh flow. -// -// Consumes: -// - application/json -// -// Schemes: http, https -// -// Responses: -// 204: emptyResponse -// 500: genericError -func (h *Handler) FlushHandler(w http.ResponseWriter, r *http.Request, _ httprouter.Params) { - var request flushInactiveGrantsRequest - if err := json.NewDecoder(r.Body).Decode(&request); err != nil { - h.registry.Writer().WriteError(w, r, err) - return - } - - if request.NotAfter.IsZero() { - request.NotAfter = time.Now().UTC() - } - - if err := h.registry.GrantManager().FlushInactiveGrants(r.Context(), request.NotAfter); err != nil { - h.registry.Writer().WriteError(w, r, err) - return - } - - w.WriteHeader(http.StatusNoContent) -} diff --git a/oauth2/trust/request.go b/oauth2/trust/request.go index 6a1b09bed4b..3928ccbe627 100644 --- a/oauth2/trust/request.go +++ b/oauth2/trust/request.go @@ -22,9 +22,3 @@ type createGrantRequest struct { // ExpiresAt indicates, when grant will expire, so we will reject assertion from Issuer targeting Subject. ExpiresAt time.Time `json:"expires_at"` } - -type flushInactiveGrantsRequest struct { - // NotAfter sets after which point grants should not be flushed. This is useful when you want to keep a history - // of recently added grants. - NotAfter time.Time `json:"notAfter"` -} From 1102b2fdcbddcce79df497584ef47bf80144b111 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Wed, 17 Nov 2021 17:29:48 +0300 Subject: [PATCH 36/49] fix: circleci --- .circleci/config.yml | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 45620c3cfb1..9126df73ff1 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -112,13 +112,18 @@ jobs: key: ory-hydra-go-mod-v1 - run: ./test/e2e/circle-ci.bash memory - - run: ./test/e2e/circle-ci.bash memory-jwt + - run: ./test/e2e/circle-ci.bash memory --jwt + - run: ./test/e2e/circle-ci.bash memory --grant_jwt_client_auth_optional --grant_jwt_jti_optional --grant_jwt_iat_optional - run: ./test/e2e/circle-ci.bash cockroach - - run: ./test/e2e/circle-ci.bash cockroach-jwt + - run: ./test/e2e/circle-ci.bash cockroach --jwt + - run: ./test/e2e/circle-ci.bash cockroach --grant_jwt_client_auth_optional --grant_jwt_jti_optional --grant_jwt_iat_optional - run: ./test/e2e/circle-ci.bash mysql - - run: ./test/e2e/circle-ci.bash mysql-jwt + - run: ./test/e2e/circle-ci.bash mysql --jwt + - run: ./test/e2e/circle-ci.bash mysql --grant_jwt_client_auth_optional --grant_jwt_jti_optional --grant_jwt_iat_optional - run: ./test/e2e/circle-ci.bash postgres - - run: ./test/e2e/circle-ci.bash postgres-jwt + - run: ./test/e2e/circle-ci.bash postgres --jwt + - run: ./test/e2e/circle-ci.bash postgres --grant_jwt_client_auth_optional --grant_jwt_jti_optional --grant_jwt_iat_optional + workflows: bdt: From 72862b15f4b18744ac710f449a7ca0416daa0b83 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jagoba=20Gasco=CC=81n?= Date: Mon, 22 Nov 2021 17:43:04 +0100 Subject: [PATCH 37/49] feat: require client authentication when using the jwt bearer grant --- .circleci/config.yml | 8 +- Makefile | 2 +- cypress.json | 1 - cypress/integration/oauth2/grant_jwtbearer.js | 254 +----------------- .../guides/oauth2-grant-type-jwt-bearer.mdx | 3 +- driver/config/provider.go | 5 - driver/registry_base.go | 2 +- spec/config.json | 5 - test/e2e/circle-ci.bash | 6 +- 9 files changed, 9 insertions(+), 277 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 9126df73ff1..3915718cce0 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -113,16 +113,16 @@ jobs: - run: ./test/e2e/circle-ci.bash memory - run: ./test/e2e/circle-ci.bash memory --jwt - - run: ./test/e2e/circle-ci.bash memory --grant_jwt_client_auth_optional --grant_jwt_jti_optional --grant_jwt_iat_optional + - run: ./test/e2e/circle-ci.bash memory --grant_jwt_jti_optional --grant_jwt_iat_optional - run: ./test/e2e/circle-ci.bash cockroach - run: ./test/e2e/circle-ci.bash cockroach --jwt - - run: ./test/e2e/circle-ci.bash cockroach --grant_jwt_client_auth_optional --grant_jwt_jti_optional --grant_jwt_iat_optional + - run: ./test/e2e/circle-ci.bash cockroach --grant_jwt_jti_optional --grant_jwt_iat_optional - run: ./test/e2e/circle-ci.bash mysql - run: ./test/e2e/circle-ci.bash mysql --jwt - - run: ./test/e2e/circle-ci.bash mysql --grant_jwt_client_auth_optional --grant_jwt_jti_optional --grant_jwt_iat_optional + - run: ./test/e2e/circle-ci.bash mysql --grant_jwt_jti_optional --grant_jwt_iat_optional - run: ./test/e2e/circle-ci.bash postgres - run: ./test/e2e/circle-ci.bash postgres --jwt - - run: ./test/e2e/circle-ci.bash postgres --grant_jwt_client_auth_optional --grant_jwt_jti_optional --grant_jwt_iat_optional + - run: ./test/e2e/circle-ci.bash postgres --grant_jwt_jti_optional --grant_jwt_iat_optional workflows: diff --git a/Makefile b/Makefile index abe622132e8..f7b19a14951 100644 --- a/Makefile +++ b/Makefile @@ -86,7 +86,7 @@ e2e: node_modules test-resetdb for db in memory postgres mysql cockroach; do \ ./test/e2e/circle-ci.bash "$${db}"; \ ./test/e2e/circle-ci.bash "$${db}" --jwt; \ - ./test/e2e/circle-ci.bash "$${db}" --grant_jwt_client_auth_optional --grant_jwt_jti_optional --grant_jwt_iat_optional; \ + ./test/e2e/circle-ci.bash "$${db}" --grant_jwt_jti_optional --grant_jwt_iat_optional; \ done # Runs tests in short mode, without database adapters diff --git a/cypress.json b/cypress.json index 2ee17f9f982..454dedef2b2 100644 --- a/cypress.json +++ b/cypress.json @@ -7,7 +7,6 @@ "public_port": "5000", "client_port": "5003", "jwt_enabled": false, - "grant_jwt_client_auth_optional": false, "grant_jwt_jti_optional": false, "grant_jwt_iat_optional": false }, diff --git a/cypress/integration/oauth2/grant_jwtbearer.js b/cypress/integration/oauth2/grant_jwtbearer.js index 8e02343cb42..5c905a4f31a 100644 --- a/cypress/integration/oauth2/grant_jwtbearer.js +++ b/cypress/integration/oauth2/grant_jwtbearer.js @@ -16,7 +16,6 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { const tokenUrl = `${Cypress.env('public_url')}/oauth2/token` - const canSkipClientAuth = () => Cypress.env('grant_jwt_client_auth_optional') === 'true' || Boolean(Cypress.env('grant_jwt_client_auth_optional')) const jtiOptional = () => Cypress.env('grant_jwt_jti_optional') === 'true' || Boolean(Cypress.env('grant_jwt_jti_optional')) const iatOptional = () => Cypress.env('grant_jwt_iat_optional') === 'true' || Boolean(Cypress.env('grant_jwt_iat_optional')) @@ -83,11 +82,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { - it('[client auth required] should return an Error (400) when not given client credentials', function () { - if (canSkipClientAuth()) { - this.skip() - } - + it('should return an Error (400) when not given client credentials', function () { const client = nc() createClient(client) @@ -438,251 +433,4 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { }) }) - it('[client auth optional] should return an Access Token when given a signed JWT assertion', function () { - if (!canSkipClientAuth()) { - this.skip() - } - - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: grant.scope, - }, - }) - .its('body') - .then((body) => { - const { access_token, expires_in, scope, token_type } = body - - expect(access_token).to.not.be.empty - expect(expires_in).to.not.be.undefined - expect(scope).to.not.be.empty - expect(token_type).to.not.be.empty - }) - }) - - it('[client auth optional] should return an Error (400) when given a JWT assertion with an invalid signature', function () { - if (!canSkipClientAuth()) { - this.skip() - } - - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant), invalidPrivatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) - }) - - it('[client auth optional] should return an Error (400) when given a JWT assertion with an invalid subject', function () { - if (!canSkipClientAuth()) { - this.skip() - } - - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant, {"sub": "invalid_subject"}), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) - }) - - it('[client auth optional] should return an Error (400) when given a JWT assertion with an invalid issuer', function () { - if (!canSkipClientAuth()) { - this.skip() - } - - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant, {"iss": "invalid_issuer"}), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) - }) - - it('[client auth optional] should return an Error (400) when given a JWT assertion with an invalid audience', function () { - if (!canSkipClientAuth()) { - this.skip() - } - - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant, {"aud": "invalid_audience"}), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) - }) - - it('[client auth optional] should return an Error (400) when given a JWT assertion with an expired date', function () { - if (!canSkipClientAuth()) { - this.skip() - } - - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant, {"exp": dayjs().utc().subtract(1, 'minute').set('millisecond', 0).unix()}), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) - }) - - it('[client auth optional] should return an Error (400) when given a JWT assertion with a nbf that is still not valid', function () { - if (!canSkipClientAuth()) { - this.skip() - } - - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant, {"nbf": dayjs().utc().add(1, 'minute').set('millisecond', 0).unix()}), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) - }) - - it('[client auth optional] should return an Access Token when given a JWT assertion with a nbf that is valid', function () { - if (!canSkipClientAuth()) { - this.skip() - } - - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant, {"nbf": dayjs().utc().subtract(1, 'minute').set('millisecond', 0).unix()}), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - }, - }) - .its('body') - .then((body) => { - const { access_token, expires_in, scope, token_type } = body - - expect(access_token).to.not.be.empty - expect(expires_in).to.not.be.undefined - expect(scope).to.not.be.empty - expect(token_type).to.not.be.empty - }) - }) }) diff --git a/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx b/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx index ff25ead510c..72fdafa6b68 100644 --- a/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx +++ b/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx @@ -43,8 +43,7 @@ eyJpc3Mi[...omitted for brevity...]. J9l-ZhwP[...omitted for brevity...] ``` -Authentication of the client can be optional and is controlled by -`oauth2.grant.jwt.client_auth_optional` setting. +Clients using this grant must be authenticated. ### Establishing a Trust Relationship diff --git a/driver/config/provider.go b/driver/config/provider.go index e1df2ea7b95..fceff28903e 100644 --- a/driver/config/provider.go +++ b/driver/config/provider.go @@ -65,7 +65,6 @@ const ( KeyOAuth2LegacyErrors = "oauth2.include_legacy_error_fields" KeyExcludeNotBeforeClaim = "oauth2.exclude_not_before_claim" KeyAllowedTopLevelClaims = "oauth2.allowed_top_level_claims" - KeyOAuth2GrantJWTClientAuthOptional = "oauth2.grant.jwt.client_auth_optional" KeyOAuth2GrantJWTIDOptional = "oauth2.grant.jwt.jti_optional" KeyOAuth2GrantJWTIssuedDateOptional = "oauth2.grant.jwt.iat_optional" KeyOAuth2GrantJWTMaxDuration = "oauth2.grant.jwt.max_ttl" @@ -433,10 +432,6 @@ func (p *Provider) GrantAllClientCredentialsScopesPerDefault() bool { return p.p.Bool(KeyGrantAllClientCredentialsScopesPerDefault) } -func (p *Provider) GrantTypeJWTBearerClientAuthOptional() bool { - return p.p.Bool(KeyOAuth2GrantJWTClientAuthOptional) -} - func (p *Provider) GrantTypeJWTBearerIDOptional() bool { return p.p.Bool(KeyOAuth2GrantJWTIDOptional) } diff --git a/driver/registry_base.go b/driver/registry_base.go index afac853d13a..c27a01545cf 100644 --- a/driver/registry_base.go +++ b/driver/registry_base.go @@ -287,7 +287,7 @@ func (m *RegistryBase) oAuth2Config() *compose.Config { EnablePKCEPlainChallengeMethod: false, TokenURL: urlx.AppendPaths(m.C.PublicURL(), oauth2.TokenPath).String(), RedirectSecureChecker: x.IsRedirectURISecure(m.C), - GrantTypeJWTBearerCanSkipClientAuth: m.C.GrantTypeJWTBearerClientAuthOptional(), + GrantTypeJWTBearerCanSkipClientAuth: false, GrantTypeJWTBearerIDOptional: m.C.GrantTypeJWTBearerIDOptional(), GrantTypeJWTBearerIssuedDateOptional: m.C.GrantTypeJWTBearerIssuedDateOptional(), GrantTypeJWTBearerMaxDuration: m.C.GrantTypeJWTBearerMaxDuration(), diff --git a/spec/config.json b/spec/config.json index 1a685ef7c88..cc738216c9d 100644 --- a/spec/config.json +++ b/spec/config.json @@ -251,11 +251,6 @@ "additionalProperties": false, "description": "Authorization Grants using JWT configuration", "properties": { - "client_auth_optional": { - "type": "boolean", - "description": "If false, client authentication is required to get access token. If true client authentication is not required.", - "default": false - }, "jti_optional": { "type": "boolean", "description": "If false, JTI claim must be present in JWT assertion.", diff --git a/test/e2e/circle-ci.bash b/test/e2e/circle-ci.bash index 6f3b71bd540..3c8ec9adc56 100755 --- a/test/e2e/circle-ci.bash +++ b/test/e2e/circle-ci.bash @@ -82,10 +82,6 @@ case $i in export OIDC_SUBJECT_IDENTIFIERS_SUPPORTED_TYPES=public export CYPRESS_jwt_enabled=true ;; - --grant_jwt_client_auth_optional) - export OAUTH2_GRANT_JWT_CLIENT_AUTH_OPTIONAL=true - export CYPRESS_grant_jwt_client_auth_optional=true - ;; --grant_jwt_jti_optional) export OAUTH2_GRANT_JWT_JTI_OPTIONAL=true export CYPRESS_grant_jwt_jti_optional=true @@ -96,7 +92,7 @@ case $i in ;; *) echo $"Invalid param $i" - echo $"Usage: $0 [memory|postgres|mysql|cockroach] [--watch][--jwt][--grant_jwt_client_auth_optional][--grant_jwt_jti_optional][--grant_jwt_iat_optional]" + echo $"Usage: $0 [memory|postgres|mysql|cockroach] [--watch][--jwt][--grant_jwt_jti_optional][--grant_jwt_iat_optional]" exit 1 ;; esac From 756fab39eac59d53d3a2cacada4a1c7c3df8b2f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jagoba=20Gasco=CC=81n?= Date: Wed, 1 Dec 2021 11:22:40 +0100 Subject: [PATCH 38/49] feat: remove unnecesary iat-optional and jti-optional flags These flags were only used to skip some tests and were not adding any value. --- .circleci/config.yml | 4 ---- Makefile | 1 - cypress.json | 4 +--- cypress/integration/oauth2/grant_jwtbearer.js | 15 ++------------- test/e2e/circle-ci.bash | 10 +--------- 5 files changed, 4 insertions(+), 30 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 3915718cce0..4010beb952a 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -113,16 +113,12 @@ jobs: - run: ./test/e2e/circle-ci.bash memory - run: ./test/e2e/circle-ci.bash memory --jwt - - run: ./test/e2e/circle-ci.bash memory --grant_jwt_jti_optional --grant_jwt_iat_optional - run: ./test/e2e/circle-ci.bash cockroach - run: ./test/e2e/circle-ci.bash cockroach --jwt - - run: ./test/e2e/circle-ci.bash cockroach --grant_jwt_jti_optional --grant_jwt_iat_optional - run: ./test/e2e/circle-ci.bash mysql - run: ./test/e2e/circle-ci.bash mysql --jwt - - run: ./test/e2e/circle-ci.bash mysql --grant_jwt_jti_optional --grant_jwt_iat_optional - run: ./test/e2e/circle-ci.bash postgres - run: ./test/e2e/circle-ci.bash postgres --jwt - - run: ./test/e2e/circle-ci.bash postgres --grant_jwt_jti_optional --grant_jwt_iat_optional workflows: diff --git a/Makefile b/Makefile index f7b19a14951..217103c8081 100644 --- a/Makefile +++ b/Makefile @@ -86,7 +86,6 @@ e2e: node_modules test-resetdb for db in memory postgres mysql cockroach; do \ ./test/e2e/circle-ci.bash "$${db}"; \ ./test/e2e/circle-ci.bash "$${db}" --jwt; \ - ./test/e2e/circle-ci.bash "$${db}" --grant_jwt_jti_optional --grant_jwt_iat_optional; \ done # Runs tests in short mode, without database adapters diff --git a/cypress.json b/cypress.json index 454dedef2b2..eccfd50b548 100644 --- a/cypress.json +++ b/cypress.json @@ -6,9 +6,7 @@ "client_url": "http://127.0.0.1:5003", "public_port": "5000", "client_port": "5003", - "jwt_enabled": false, - "grant_jwt_jti_optional": false, - "grant_jwt_iat_optional": false + "jwt_enabled": false }, "chromeWebSecurity": false, "retries": { diff --git a/cypress/integration/oauth2/grant_jwtbearer.js b/cypress/integration/oauth2/grant_jwtbearer.js index 5c905a4f31a..aa11f7cfd78 100644 --- a/cypress/integration/oauth2/grant_jwtbearer.js +++ b/cypress/integration/oauth2/grant_jwtbearer.js @@ -16,9 +16,6 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { const tokenUrl = `${Cypress.env('public_url')}/oauth2/token` - const jtiOptional = () => Cypress.env('grant_jwt_jti_optional') === 'true' || Boolean(Cypress.env('grant_jwt_jti_optional')) - const iatOptional = () => Cypress.env('grant_jwt_iat_optional') === 'true' || Boolean(Cypress.env('grant_jwt_iat_optional')) - const nc = () => ({ client_id: prng(), client_secret: prng(), @@ -108,11 +105,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { }) }) - it('[jti required] should return an Error (400) when given client credentials and a JWT assertion without a jti', function () { - if (jtiOptional()) { - this.skip() - } - + it('should return an Error (400) when given client credentials and a JWT assertion without a jti', function () { const client = nc() createClient(client) @@ -198,11 +191,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { }) }) - it('[iat required] should return an Error (400) when given client credentials and a JWT assertion without an iat', function () { - if (iatOptional()) { - this.skip() - } - + it('should return an Error (400) when given client credentials and a JWT assertion without an iat', function () { const client = nc() createClient(client) diff --git a/test/e2e/circle-ci.bash b/test/e2e/circle-ci.bash index 3c8ec9adc56..ab595b81a59 100755 --- a/test/e2e/circle-ci.bash +++ b/test/e2e/circle-ci.bash @@ -82,17 +82,9 @@ case $i in export OIDC_SUBJECT_IDENTIFIERS_SUPPORTED_TYPES=public export CYPRESS_jwt_enabled=true ;; - --grant_jwt_jti_optional) - export OAUTH2_GRANT_JWT_JTI_OPTIONAL=true - export CYPRESS_grant_jwt_jti_optional=true - ;; - --grant_jwt_iat_optional) - export OAUTH2_GRANT_JWT_IAT_OPTIONAL=true - export CYPRESS_grant_jwt_iat_optional=true - ;; *) echo $"Invalid param $i" - echo $"Usage: $0 [memory|postgres|mysql|cockroach] [--watch][--jwt][--grant_jwt_jti_optional][--grant_jwt_iat_optional]" + echo $"Usage: $0 [memory|postgres|mysql|cockroach] [--watch][--jwt]" exit 1 ;; esac From 63e76607551be9d56a441ac96618d64d37827e97 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Sun, 5 Dec 2021 23:59:03 +0300 Subject: [PATCH 39/49] fix: make contributors file --- CONTRIBUTORS | 268 +++++++++++++++++++++++++++++++++++++++++++++++++++ Makefile | 4 +- 2 files changed, 270 insertions(+), 2 deletions(-) create mode 100644 CONTRIBUTORS diff --git a/CONTRIBUTORS b/CONTRIBUTORS new file mode 100644 index 00000000000..ca3d85c7b54 --- /dev/null +++ b/CONTRIBUTORS @@ -0,0 +1,268 @@ +# contributors generated by `make contributors` + +İbrahim Esen +115100 <115100@users.noreply.github.com> +Ackermann Yuriy +Aeneas +Aeneas +Aeneas +Aeneas Rekkas (arekkas) +Aeneas Rekkas +Ajanthan +Akbar Uddin Kashif +Alano Terblanche +Alexander Widerberg +Alexander Widerberg +Allan Simon +Amaan Iqbal +Amir Aslaminejad +Amir Aslaminejad +Andreas Litt +André Filipe +Ankit Singh +Ante Mihalj +Anton Samoylenko +Aritz Berasarte +Arkady Bagdasarov <56913719+arkady-bagdasarov@users.noreply.github.com> +Artem Yarmoliuk +Arthur Knoepflin +Atallah khedrane +BastianHofmann +Ben Scholzen +Benjamin Tanone +Bernat Mut <1116133+monwolf@users.noreply.github.com> +Bhargav SNV <44526455+Gituser143@users.noreply.github.com> +Brandon Philips +Brian <20056195+coopbri@users.noreply.github.com> +Brian Teller +Bruno Bigras +Bruno Heridet +Christian Dreier +Christian Skovholm +Corey Burmeister +Dallan Quass +Damien Bravin +Daniel Jiménez +Daniel Schellhorn +Daniel Shuy +Daniel Sutton +Dave Kushner <1289314+dkushner@users.noreply.github.com> +David +David +David Lobe +David López +David Wilkins +DennisPattmann5012 <44261569+DennisPattmann5012@users.noreply.github.com> +Dexter Chua +Dibyajyoti Behera +Dimitrij Drus +Dimitrij Drus +Divyansh Bansal +Dmitry +Dmitry Dolbik +Edward Wilde +Eric Douglas +Euan Kemp +Felix Jung +Flavio Leggio +Flori <40140792+fl0lli@users.noreply.github.com> +Frank Felhoffer +Furkan +Gajewski Dmitriy +Genchi +George Bolo +Gilbert Gilb's +Gorka Lerchundi Osa +Grant Zvolsky +Grant Zvolský +Greg Woodcock +Grigory +Hans +Harsimran Singh Maan +Helmuth Bederna <25813283+IonFoXx@users.noreply.github.com> +Hendrik Heil +Igor Zibarev +Imran Ismail +Iñigo +Iñigo +Jacek Symonowicz +Jagoba Gascón +Jakub Błaszczyk +Jakub Błaszczyk +James Elliott +Jamie Stackhouse +Jan +Jan Beckmann +Jay Linski +JiaLiPassion +Jimmy Stridh +Joao Carlos +Joao Carlos +Joel Pickup +John +John Wu +Josh Giles +Joshua Obasaju <41480580+obasajujoshua31@users.noreply.github.com> +Julian Tescher +Justin Clift +Kevin Minehart +Kim Neunert +Kishan B +Kostya Lepa +Kunal Parikh +LemurP +Lennart Rosam +Louis Laureys +Luis Pedrosa <2365589+lpedrosa@users.noreply.github.com> +Lukasz Jagiello +Luke Stoward +MOZGIII +Marco Hutzsch <39520486+marcohutzsch1234@users.noreply.github.com> +Masoud Tahmasebi +Matheus Moraes +Matt Bonnell <64976795+mbonnell-wish@users.noreply.github.com> +Matt Bonnell +Matt Drollette +Matt Vinall +Matt Vinall +Matteo Suppo +Matthew Fawcett +Maurizio +Max Köhler +Maxime Song +Mitar +Mitar +Moritz Lang +Natalia +Nathan Mills +Neeraj +Nejcraft +Nestor +Nick Otter +Nick Ufer +NickUfer +Nikita Puzankov +Nikolay Stupak +NikolaySl +ORY Continuous Integration +ORY Continuous Integration +ORY Continuous Integration +Olivier Deckers +Olivier Tremblay +Oz Haven +Patrick Barker +Patrick Tescher +Patrik +Paul Harman +Petr Jediný +Philip Nicolcev <33558528+pnicolcev-tulipretail@users.noreply.github.com> +Philip Nicolcev +Pierre-David Bélanger +Prateek Malhotra +Quentin Perez +RNBack +Ricardo Iván Vieitez Parra <3857362+corrideat@users.noreply.github.com> +Rich Wareham +Richard Zana +RikiyaFujii +Rob Smith +Roman Lytvyn +Roman Minkin +Saad Tazi +SaintMalik <37118134+saintmalik@users.noreply.github.com> +Samuele Lilli +Sawada Shota +Sawada Shota +Shadaï ALI +Shane Starcher +Shankar Dhanasekaran +Shaurya Dhadwal +Shota SAWADA +Simon Lipp +Simon-Pierre Gingras <892367+spg@users.noreply.github.com> +Smotrov Dmitriy +Stepan Rakitin +Stephan Renatus +Steve Kaliski +Sufijen Bani +Sven Neuhaus +T Venu Madhav +The Gitter Badger +Thibault Doubliez +Thomas Aidan Curran +Thomas Aidan Curran +Thomas Recloux +Thomas Stewart +Thor Marius Henrichsen +TilmanTheile <50573074+TilmanTheile@users.noreply.github.com> +Tim Sazon +Vadim +Vincent +Vinci Xu <277040271@qq.com> +Vishesh Handa +Vitaly Migunov +Vladimir Kalugin +Wei Cheng +Wojciech Kuźmiński <45849042+woojtek@users.noreply.github.com> +Wyatt Anderson +Yannick Heinrich +Yorman ����’.͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇͇Ỏ̷͖͈̞̩͎̻̫̫̜͉̠̫͕̭̭̫ ฏ๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎๎ +Yuki Hirasawa <48427044+hirasawayuki@users.noreply.github.com> +Zbigniew Mandziejewicz +abusaidm +aeneasr <3372410+aeneasr@users.noreply.github.com> +aeneasr +aeneasr +aeneasr +arapaho +arekkas +arekkas +arunas-ka +aspeteRakete +bfrisbie-brex <63267486+bfrisbie-brex@users.noreply.github.com> +catper <60221155+catper@users.noreply.github.com> +cherrymu +clausdenk +darron froese +debrutal +dharmendraImprowised <72780358+DKImprowised@users.noreply.github.com> +ducksecops +emil +fazal +fazal +hackerman <3372410+aeneasr@users.noreply.github.com> +hackerman +hisamura333 <0aw2794w78t0b4c@ezweb.ne.jp> +jamesnicolas +jayme-github +jess +jhuggett <59655877+jhuggett@users.noreply.github.com> +khevse +kobayashilin +lauri +michaelwagler +mkontani +naveenpaul1 <79908956+naveenpaul1@users.noreply.github.com> +nessita +nishanth2143 +olFi95 +phi2039 +phiremande <16595434+phiremande@users.noreply.github.com> +pike1212 +pike1212 +prateek1192 <1192prateek@gmail.com> +rickwang7712 +robhinds +sagarshah1983 +sawadashota +seremenko-wish <60801091+seremenko-wish@users.noreply.github.com> +simpleway +timothyknight +tutman96 <11356668+tutman96@users.noreply.github.com> +tyaps +vancity-amir <62674577+vancity-amir@users.noreply.github.com> +vinckr +wanderer163 <93438190+wanderer163@users.noreply.github.com> +zepatrik +zepatrik +巢鹏 diff --git a/Makefile b/Makefile index 43ee76bd61d..2675009a4e1 100644 --- a/Makefile +++ b/Makefile @@ -121,5 +121,5 @@ install: .PHONY: contributors contributors: - printf '# contributors generated by `make contributors`\n\n' > ./contributors - git log --format="%aN <%aE>" | sort | uniq | grep -v '^dependabot\[bot\]' >> ./contributors + printf '# contributors generated by `make contributors`\n\n' > ./CONTRIBUTORS + git log --format="%aN <%aE>" | sort | uniq | grep -v '^dependabot\[bot\]' >> ./CONTRIBUTORS From a0a48df356b883d61b02461bf28cf3867e62c672 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Mon, 6 Dec 2021 00:00:48 +0300 Subject: [PATCH 40/49] style: make format --- cypress/helpers/index.js | 41 +- cypress/integration/oauth2/grant_jwtbearer.js | 835 +++++++++--------- oauth2/registry.go | 2 +- oauth2/trust/handler_test.go | 3 +- oauth2/trust/manager_test_helpers.go | 2 +- persistence/definitions.go | 2 +- 6 files changed, 473 insertions(+), 412 deletions(-) diff --git a/cypress/helpers/index.js b/cypress/helpers/index.js index fe98ecfa295..efd8687977e 100644 --- a/cypress/helpers/index.js +++ b/cypress/helpers/index.js @@ -59,15 +59,17 @@ const getClient = (id) => export const createGrant = (grant) => cy - .request('POST', Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers', JSON.stringify(grant)) + .request( + 'POST', + Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers', + JSON.stringify(grant) + ) .then((response) => { const grantID = response.body.id getGrant(grantID).then((actual) => { if (actual.id !== grantID) { return Promise.reject( - new Error( - `Expected id's to match: ${actual.id} !== ${grantID}` - ) + new Error(`Expected id's to match: ${actual.id} !== ${grantID}`) ) } return Promise.resolve(response) @@ -76,23 +78,32 @@ export const createGrant = (grant) => export const getGrant = (grantID) => cy - .request('GET', Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers/' + grantID) + .request( + 'GET', + Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers/' + grantID + ) .then(({ body }) => body) export const deleteGrants = () => - cy.request(Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers').then(({ body = [] }) => { - ;(body || []).forEach(({ id }) => deleteGrant(id)) - }) + cy + .request(Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers') + .then(({ body = [] }) => { + ;(body || []).forEach(({ id }) => deleteGrant(id)) + }) const deleteGrant = (id) => - cy.request('DELETE', Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers/' + id) + cy.request( + 'DELETE', + Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers/' + id + ) export const publicJwk = { - kid: 'token-service-key', - kty: 'RSA', - alg: 'RS256', - n: 'xbOXL8LDbB8hz4fe6__qpESz5GqX0IjH9lRIywG1xj7_w9UXnds5oZpXp0L4TM7B9j0na6_wIwcnfTlQr1cW3LHJXjzPS19zK5rrvB5eabNhtv4yIyH2DSfkI5J3y0bmfY74_J_rDFtQ1PdpfMzdF5cceYvw05B3Q6naPwPN_86GjOkxBWeBZ1-jL5-7cpbbAfeICjEEBsKDX0j-2ZyKpQ2r4jrxwxDF-J3Xsf6ieRKHggQfG-_xMucz40j7t_s-ttE8LoOm9Mmg0gl6vsfhL9rBvUiW-FLCgCqAKSB9a4JHp4_cgsUUR4TsPrJXTGXDFPoqd63S4ZLkCqOeFLOMUx7zVM_gVyyDIbfXWG2HRt6IbEiU8-A-irw0PtPKKiZ0mue2DT3gbvRJlKpL4RG8Obhlaxzf1eQ9jLx15_DoJt9M8zrK9m99YNRMBeJWwJ-RaUv0odpMkIMawH-ly0IO4Kc6fV2g0PK0f4lBnoHze802Y5SQfN19D3GaL93xlHDTHIsX_q0ICyQzupHjQeFHSa9ku0mA36p40lE3Ejpxjbx1BNAvwozGIE7OuovtUgnaodzpRp5HMrCS5YSGE0LtpTgyEibrG3pA12tSvQW3WDeB8qx4dPBBo917ujdgO23p9ZYm96ohZMUOSR_ItX7n3Q4N6W490YrNgj6c-r9kfWk', - e: 'AQAB' + kid: 'token-service-key', + kty: 'RSA', + alg: 'RS256', + n: + 'xbOXL8LDbB8hz4fe6__qpESz5GqX0IjH9lRIywG1xj7_w9UXnds5oZpXp0L4TM7B9j0na6_wIwcnfTlQr1cW3LHJXjzPS19zK5rrvB5eabNhtv4yIyH2DSfkI5J3y0bmfY74_J_rDFtQ1PdpfMzdF5cceYvw05B3Q6naPwPN_86GjOkxBWeBZ1-jL5-7cpbbAfeICjEEBsKDX0j-2ZyKpQ2r4jrxwxDF-J3Xsf6ieRKHggQfG-_xMucz40j7t_s-ttE8LoOm9Mmg0gl6vsfhL9rBvUiW-FLCgCqAKSB9a4JHp4_cgsUUR4TsPrJXTGXDFPoqd63S4ZLkCqOeFLOMUx7zVM_gVyyDIbfXWG2HRt6IbEiU8-A-irw0PtPKKiZ0mue2DT3gbvRJlKpL4RG8Obhlaxzf1eQ9jLx15_DoJt9M8zrK9m99YNRMBeJWwJ-RaUv0odpMkIMawH-ly0IO4Kc6fV2g0PK0f4lBnoHze802Y5SQfN19D3GaL93xlHDTHIsX_q0ICyQzupHjQeFHSa9ku0mA36p40lE3Ejpxjbx1BNAvwozGIE7OuovtUgnaodzpRp5HMrCS5YSGE0LtpTgyEibrG3pA12tSvQW3WDeB8qx4dPBBo917ujdgO23p9ZYm96ohZMUOSR_ItX7n3Q4N6W490YrNgj6c-r9kfWk', + e: 'AQAB' } export const privatePem = `-----BEGIN RSA PRIVATE KEY----- MIIJKQIBAAKCAgEAxbOXL8LDbB8hz4fe6//qpESz5GqX0IjH9lRIywG1xj7/w9UX @@ -198,4 +209,4 @@ gkrdwl3XTM//5Aq8iUZtt5OA7Jel/Iw9e4QBf6F2pYl73BStBbUHtWPC9we8qj3p JgGFwiBBmFjZqu1oo0Q4mteDIIEHvbebD6G0nibilORZGOFnCVE7f0HYEzHDAzVe OgyQybTowIznIMk7WuoLS2Kq1GghMm1l1gkmXj5hmmSIg8GBwRWa+5x6 -----END RSA PRIVATE KEY----- -` \ No newline at end of file +` diff --git a/cypress/integration/oauth2/grant_jwtbearer.js b/cypress/integration/oauth2/grant_jwtbearer.js index aa11f7cfd78..e5cfa459fac 100644 --- a/cypress/integration/oauth2/grant_jwtbearer.js +++ b/cypress/integration/oauth2/grant_jwtbearer.js @@ -1,4 +1,13 @@ -import { createClient, createGrant, deleteGrants, deleteClients, prng, privatePem, publicJwk, invalidPrivatePem } from '../../helpers' +import { + createClient, + createGrant, + deleteGrants, + deleteClients, + prng, + privatePem, + publicJwk, + invalidPrivatePem +} from '../../helpers' const dayjs = require('dayjs') const isBetween = require('dayjs/plugin/isBetween') @@ -9,417 +18,457 @@ dayjs.extend(isBetween) const jwt = require('jsonwebtoken') describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { - beforeEach(() => { - deleteGrants() - deleteClients() - }) + beforeEach(() => { + deleteGrants() + deleteClients() + }) + + const tokenUrl = `${Cypress.env('public_url')}/oauth2/token` + + const nc = () => ({ + client_id: prng(), + client_secret: prng(), + scope: 'foo openid offline_access', + grant_types: ['urn:ietf:params:oauth:grant-type:jwt-bearer'], + token_endpoint_auth_method: 'client_secret_post', + response_types: ['token'] + }) + + const gr = (subject) => ({ + issuer: prng(), + subject: subject, + scope: ['foo', 'openid', 'offline_access'], + jwk: publicJwk, + expires_at: dayjs().utc().add(1, 'year').set('millisecond', 0).toISOString() + }) + + const jwtAssertion = (grant, override) => { + const assert = { + jti: prng(), + iss: grant.issuer, + sub: grant.subject, + aud: tokenUrl, + exp: dayjs().utc().add(2, 'minute').set('millisecond', 0).unix(), + iat: dayjs().utc().subtract(2, 'minute').set('millisecond', 0).unix() + } + return { ...assert, ...override } + } - const tokenUrl = `${Cypress.env('public_url')}/oauth2/token` + it('should return an Access Token when given client credentials and a signed JWT assertion', function () { + const client = nc() + createClient(client) - const nc = () => ({ - client_id: prng(), - client_secret: prng(), - scope: 'foo openid offline_access', - grant_types: ['urn:ietf:params:oauth:grant-type:jwt-bearer'], - token_endpoint_auth_method: 'client_secret_post', - response_types: ['token'], - }) + const grant = gr(prng()) + createGrant(grant) - const gr = (subject) => ({ - issuer: prng(), - subject: subject, - scope: ['foo', 'openid', 'offline_access'], - jwk: publicJwk, - expires_at: dayjs().utc().add(1, 'year').set('millisecond', 0).toISOString(), + const assertion = jwt.sign(jwtAssertion(grant), privatePem, { + algorithm: 'RS256' }) - const jwtAssertion = (grant, override) => { - const assert = { - "jti": prng(), - "iss": grant.issuer, - "sub": grant.subject, - "aud": tokenUrl, - "exp": dayjs().utc().add(2, 'minute').set('millisecond', 0).unix(), - "iat": dayjs().utc().subtract(2, 'minute').set('millisecond', 0).unix(), - } - return {...assert, ...override} - } - - it('should return an Access Token when given client credentials and a signed JWT assertion', function () { - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - client_secret: client.client_secret, - client_id: client.client_id - }, - }) - .its('body') - .then((body) => { - const { access_token, expires_in, scope, token_type } = body - - expect(access_token).to.not.be.empty - expect(expires_in).to.not.be.undefined - expect(scope).to.not.be.empty - expect(token_type).to.not.be.empty - }) + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + } }) - - - - it('should return an Error (400) when not given client credentials', function () { - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) + .its('body') + .then((body) => { + const { access_token, expires_in, scope, token_type } = body + + expect(access_token).to.not.be.empty + expect(expires_in).to.not.be.undefined + expect(scope).to.not.be.empty + expect(token_type).to.not.be.empty + }) + }) + + it('should return an Error (400) when not given client credentials', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign(jwtAssertion(grant), privatePem, { + algorithm: 'RS256' }) - it('should return an Error (400) when given client credentials and a JWT assertion without a jti', function () { - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - var ja = jwtAssertion(grant) - delete ja["jti"] - const assertion = jwt.sign(ja, privatePem, { algorithm: "RS256" }) - - // first token request should work fine - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - client_secret: client.client_secret, - client_id: client.client_id - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope + }, + failOnStatusCode: false }) - - it('should return an Error (400) when given client credentials and a JWT assertion with a duplicated jti', function () { - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const jwt1 = jwtAssertion(grant) - const assertion1 = jwt.sign(jwt1, privatePem, { algorithm: "RS256" }) - - // first token request should work fine - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion1, - scope: client.scope, - client_secret: client.client_secret, - client_id: client.client_id - }, - }) - .its('body') - .then((body) => { - const { access_token, expires_in, scope, token_type } = body - - expect(access_token).to.not.be.empty - expect(expires_in).to.not.be.undefined - expect(scope).to.not.be.empty - expect(token_type).to.not.be.empty - }) - - const assertion2 = jwt.sign(jwtAssertion(grant, {jti: jwt1["jti"]}), privatePem, { algorithm: "RS256" }) - - // the second should fail - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion2, - scope: client.scope, - client_secret: client.client_secret, - client_id: client.client_id - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion without a jti', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + var ja = jwtAssertion(grant) + delete ja['jti'] + const assertion = jwt.sign(ja, privatePem, { algorithm: 'RS256' }) + + // first token request should work fine + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false }) - - it('should return an Error (400) when given client credentials and a JWT assertion without an iat', function () { - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - var ja = jwtAssertion(grant) - delete ja["iat"] - const assertion = jwt.sign(ja, privatePem, { algorithm: "RS256", noTimestamp: true }) - - // first token request should work fine - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - client_secret: client.client_secret, - client_id: client.client_id - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion with a duplicated jti', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const jwt1 = jwtAssertion(grant) + const assertion1 = jwt.sign(jwt1, privatePem, { algorithm: 'RS256' }) + + // first token request should work fine + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion1, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + } }) - - it('should return an Error (400) when given client credentials and a JWT assertion with an invalid signature', function () { - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant), invalidPrivatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - client_secret: client.client_secret, - client_id: client.client_id - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) + .its('body') + .then((body) => { + const { access_token, expires_in, scope, token_type } = body + + expect(access_token).to.not.be.empty + expect(expires_in).to.not.be.undefined + expect(scope).to.not.be.empty + expect(token_type).to.not.be.empty + }) + + const assertion2 = jwt.sign( + jwtAssertion(grant, { jti: jwt1['jti'] }), + privatePem, + { algorithm: 'RS256' } + ) + + // the second should fail + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion2, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false }) - - it('should return an Error (400) when given client credentials and a JWT assertion with an invalid subject', function () { - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant, {"sub": "invalid_subject"}), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - client_secret: client.client_secret, - client_id: client.client_id - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion without an iat', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + var ja = jwtAssertion(grant) + delete ja['iat'] + const assertion = jwt.sign(ja, privatePem, { + algorithm: 'RS256', + noTimestamp: true }) - it('should return an Error (400) when given client credentials and a JWT assertion with an invalid issuer', function () { - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant, {"iss": "invalid_issuer"}), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - client_secret: client.client_secret, - client_id: client.client_id - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) + // first token request should work fine + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) - it('should return an Error (400) when given client credentials and a JWT assertion with an invalid audience', function () { - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant, {"aud": "invalid_audience"}), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - client_secret: client.client_secret, - client_id: client.client_id - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) - }) + it('should return an Error (400) when given client credentials and a JWT assertion with an invalid signature', function () { + const client = nc() + createClient(client) - it('should return an Error (400) when given client credentials and a JWT assertion with an expired date', function () { - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant, {"exp": dayjs().utc().subtract(1, 'minute').set('millisecond', 0).unix()}), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - client_secret: client.client_secret, - client_id: client.client_id - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) - }) + const grant = gr(prng()) + createGrant(grant) - it('should return an Error (400) when given client credentials and a JWT assertion with a nbf that is still not valid', function () { - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant, {"nbf": dayjs().utc().add(1, 'minute').set('millisecond', 0).unix()}), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - client_secret: client.client_secret, - client_id: client.client_id - }, - failOnStatusCode: false, - }) - .its('status') - .then((status) => { - expect(status).to.be.equal(400) - }) + const assertion = jwt.sign(jwtAssertion(grant), invalidPrivatePem, { + algorithm: 'RS256' }) - it('should return an Access Token when given client credentials and a JWT assertion with a nbf that is valid', function () { - const client = nc() - createClient(client) - - const grant = gr(prng()) - createGrant(grant) - - const assertion = jwt.sign(jwtAssertion(grant, {"nbf": dayjs().utc().subtract(1, 'minute').set('millisecond', 0).unix()}), privatePem, { algorithm: "RS256" }) - - cy.request({ - method: 'POST', - url: tokenUrl, - form: true, - body: { - grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', - assertion: assertion, - scope: client.scope, - client_secret: client.client_secret, - client_id: client.client_id - }, - }) - .its('body') - .then((body) => { - const { access_token, expires_in, scope, token_type } = body - - expect(access_token).to.not.be.empty - expect(expires_in).to.not.be.undefined - expect(scope).to.not.be.empty - expect(token_type).to.not.be.empty - }) + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false }) - + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion with an invalid subject', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign( + jwtAssertion(grant, { sub: 'invalid_subject' }), + privatePem, + { algorithm: 'RS256' } + ) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion with an invalid issuer', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign( + jwtAssertion(grant, { iss: 'invalid_issuer' }), + privatePem, + { algorithm: 'RS256' } + ) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion with an invalid audience', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign( + jwtAssertion(grant, { aud: 'invalid_audience' }), + privatePem, + { algorithm: 'RS256' } + ) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion with an expired date', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign( + jwtAssertion(grant, { + exp: dayjs().utc().subtract(1, 'minute').set('millisecond', 0).unix() + }), + privatePem, + { algorithm: 'RS256' } + ) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Error (400) when given client credentials and a JWT assertion with a nbf that is still not valid', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign( + jwtAssertion(grant, { + nbf: dayjs().utc().add(1, 'minute').set('millisecond', 0).unix() + }), + privatePem, + { algorithm: 'RS256' } + ) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + }, + failOnStatusCode: false + }) + .its('status') + .then((status) => { + expect(status).to.be.equal(400) + }) + }) + + it('should return an Access Token when given client credentials and a JWT assertion with a nbf that is valid', function () { + const client = nc() + createClient(client) + + const grant = gr(prng()) + createGrant(grant) + + const assertion = jwt.sign( + jwtAssertion(grant, { + nbf: dayjs().utc().subtract(1, 'minute').set('millisecond', 0).unix() + }), + privatePem, + { algorithm: 'RS256' } + ) + + cy.request({ + method: 'POST', + url: tokenUrl, + form: true, + body: { + grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer', + assertion: assertion, + scope: client.scope, + client_secret: client.client_secret, + client_id: client.client_id + } + }) + .its('body') + .then((body) => { + const { access_token, expires_in, scope, token_type } = body + + expect(access_token).to.not.be.empty + expect(expires_in).to.not.be.undefined + expect(scope).to.not.be.empty + expect(token_type).to.not.be.empty + }) + }) }) diff --git a/oauth2/registry.go b/oauth2/registry.go index cec9bf48bb6..5895b26a7d7 100644 --- a/oauth2/registry.go +++ b/oauth2/registry.go @@ -5,8 +5,8 @@ import ( "github.com/ory/fosite/handler/openid" "github.com/ory/hydra/client" "github.com/ory/hydra/consent" - "github.com/ory/hydra/oauth2/trust" "github.com/ory/hydra/jwk" + "github.com/ory/hydra/oauth2/trust" "github.com/ory/hydra/x" ) diff --git a/oauth2/trust/handler_test.go b/oauth2/trust/handler_test.go index 97fd63dac29..8b7ee977b2f 100644 --- a/oauth2/trust/handler_test.go +++ b/oauth2/trust/handler_test.go @@ -3,12 +3,13 @@ package trust_test import ( "crypto/rand" "crypto/rsa" - "github.com/ory/hydra/oauth2/trust" "net/http" "net/http/httptest" "testing" "time" + "github.com/ory/hydra/oauth2/trust" + "github.com/go-openapi/strfmt" "github.com/google/uuid" "github.com/stretchr/testify/suite" diff --git a/oauth2/trust/manager_test_helpers.go b/oauth2/trust/manager_test_helpers.go index e49c9d2671e..710deb954f0 100644 --- a/oauth2/trust/manager_test_helpers.go +++ b/oauth2/trust/manager_test_helpers.go @@ -151,7 +151,7 @@ func TestHelperGrantManagerCreateGetDeleteGrant(m GrantManager) func(t *testing. require.NoError(t, err) assert.Equal(t, 2, count) - err = m.FlushInactiveGrants(context.TODO(), grant2.ExpiresAt, 1000,100) + err = m.FlushInactiveGrants(context.TODO(), grant2.ExpiresAt, 1000, 100) require.NoError(t, err) count, err = m.CountGrants(context.TODO()) diff --git a/persistence/definitions.go b/persistence/definitions.go index 99306eda66d..4afdaa63207 100644 --- a/persistence/definitions.go +++ b/persistence/definitions.go @@ -5,8 +5,8 @@ import ( "github.com/ory/hydra/client" "github.com/ory/hydra/consent" - "github.com/ory/hydra/oauth2/trust" "github.com/ory/hydra/jwk" + "github.com/ory/hydra/oauth2/trust" "github.com/ory/hydra/x" "github.com/ory/x/popx" From 259f23ba09472cb53ed4cbf9eac42b2e34c9e866 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jagoba=20Gasco=CC=81n?= Date: Thu, 9 Dec 2021 14:56:27 +0100 Subject: [PATCH 41/49] feat: programatically generate testing RSA key pairs Hard-coded keys were secure because they were only used inside a test. However the CodeQL analyze tool was complaining about it so this change should stop that. --- cypress/helpers/index.js | 114 ------------------ cypress/integration/oauth2/grant_jwtbearer.js | 70 ++++++++--- 2 files changed, 52 insertions(+), 132 deletions(-) diff --git a/cypress/helpers/index.js b/cypress/helpers/index.js index efd8687977e..adfc70561a7 100644 --- a/cypress/helpers/index.js +++ b/cypress/helpers/index.js @@ -96,117 +96,3 @@ const deleteGrant = (id) => 'DELETE', Cypress.env('admin_url') + '/trust/grants/jwt-bearer/issuers/' + id ) - -export const publicJwk = { - kid: 'token-service-key', - kty: 'RSA', - alg: 'RS256', - n: - 'xbOXL8LDbB8hz4fe6__qpESz5GqX0IjH9lRIywG1xj7_w9UXnds5oZpXp0L4TM7B9j0na6_wIwcnfTlQr1cW3LHJXjzPS19zK5rrvB5eabNhtv4yIyH2DSfkI5J3y0bmfY74_J_rDFtQ1PdpfMzdF5cceYvw05B3Q6naPwPN_86GjOkxBWeBZ1-jL5-7cpbbAfeICjEEBsKDX0j-2ZyKpQ2r4jrxwxDF-J3Xsf6ieRKHggQfG-_xMucz40j7t_s-ttE8LoOm9Mmg0gl6vsfhL9rBvUiW-FLCgCqAKSB9a4JHp4_cgsUUR4TsPrJXTGXDFPoqd63S4ZLkCqOeFLOMUx7zVM_gVyyDIbfXWG2HRt6IbEiU8-A-irw0PtPKKiZ0mue2DT3gbvRJlKpL4RG8Obhlaxzf1eQ9jLx15_DoJt9M8zrK9m99YNRMBeJWwJ-RaUv0odpMkIMawH-ly0IO4Kc6fV2g0PK0f4lBnoHze802Y5SQfN19D3GaL93xlHDTHIsX_q0ICyQzupHjQeFHSa9ku0mA36p40lE3Ejpxjbx1BNAvwozGIE7OuovtUgnaodzpRp5HMrCS5YSGE0LtpTgyEibrG3pA12tSvQW3WDeB8qx4dPBBo917ujdgO23p9ZYm96ohZMUOSR_ItX7n3Q4N6W490YrNgj6c-r9kfWk', - e: 'AQAB' -} -export const privatePem = `-----BEGIN RSA PRIVATE KEY----- -MIIJKQIBAAKCAgEAxbOXL8LDbB8hz4fe6//qpESz5GqX0IjH9lRIywG1xj7/w9UX -nds5oZpXp0L4TM7B9j0na6/wIwcnfTlQr1cW3LHJXjzPS19zK5rrvB5eabNhtv4y -IyH2DSfkI5J3y0bmfY74/J/rDFtQ1PdpfMzdF5cceYvw05B3Q6naPwPN/86GjOkx -BWeBZ1+jL5+7cpbbAfeICjEEBsKDX0j+2ZyKpQ2r4jrxwxDF+J3Xsf6ieRKHggQf -G+/xMucz40j7t/s+ttE8LoOm9Mmg0gl6vsfhL9rBvUiW+FLCgCqAKSB9a4JHp4/c -gsUUR4TsPrJXTGXDFPoqd63S4ZLkCqOeFLOMUx7zVM/gVyyDIbfXWG2HRt6IbEiU -8+A+irw0PtPKKiZ0mue2DT3gbvRJlKpL4RG8Obhlaxzf1eQ9jLx15/DoJt9M8zrK -9m99YNRMBeJWwJ+RaUv0odpMkIMawH+ly0IO4Kc6fV2g0PK0f4lBnoHze802Y5SQ -fN19D3GaL93xlHDTHIsX/q0ICyQzupHjQeFHSa9ku0mA36p40lE3Ejpxjbx1BNAv -wozGIE7OuovtUgnaodzpRp5HMrCS5YSGE0LtpTgyEibrG3pA12tSvQW3WDeB8qx4 -dPBBo917ujdgO23p9ZYm96ohZMUOSR/ItX7n3Q4N6W490YrNgj6c+r9kfWkCAwEA -AQKCAgAJvNrJg3JUtQPZUPvt6+EGzkt+CLIJl3Mh8uzS8vadGSVH5AsRv2aLSyre -FjJctiJfmouChlvxnbyYMmaC/Gsn26nrdltPfxgRIcRSs7w6wJcjiEm36UhRRZG7 -Hs+/t3JK5OvmpYnSRf0pQDZ16zFIpCzG39mw0gDN2GPjjrBq1SVTc3jypzJ8gP1s -rxVwg3WuFx8gQWHNY29NFi9XUJqTnqTEs9qMnRrjMAMbxUsDY6JBCSrvGVZsB29K -1qFvYnSoVI3+TIXAsN22+riNBRNWZBP+2sB04r6pyW4emHcVAIm++xsFZeelzipE -vEwIe0qskdXdpzYn3jBVRdHXezCCIU7xu8CKB2JqhOgOR10L4RARfgN6Xw0thQhH -j9cMim2khgpzIXnhOtA3vFKMlrskY+4CXZzWaL1WkpDZKoionmRaID6uU0+rdk0C -Ue2vzoSSUw42UQyV3Lm/AcyiDBOH9JAmma5yC2VuPNMSe2yIln8/cwrgFbjP9ksl -mG8NZj/plzpsAtPQCiPE4X2rPdABD/mOEdovqh7cASaT5kSCEneZ+ln5mkMVPcB8 -688vI+5JmRWXdGYKSqTXXIjjoy4FjaQtaFgyf2hvnfUQQ9mm/I8LEkHUCjrHoe7Y -5o7j+Ft8TO514T1pm3vgP/a8czDvOLUvBysEb3Kw4Zyl7ZODMQKCAQEA+g16bOVc -oZ09nesTuK4aNzljxQcljKqAXoUvT9hvN8epAQOmYOKUToP+4EBi6ro5mAPTq4DU -pkS7ATSIEu2/Oe9MvPMdWQijTddZSP6yCgzC+67V+Y0Rtvf/vtxE8TFQCi7jUlOs -/+lAMwmi31K0PUJSU/Fh9qzS/7zlOG7cc1FXcf5DJz4LQWP842rdWf+y/tIWQYhQ -tnrDoBLyCwyppW52kTyJFjXPiHYk2VHrImVa0bPo7rcagrGbwOmQkQvJDT496Y2h -qbPI1H9G3XkSVlpBhaVgPYb/1zFRNrbiQ8/O6AMn5FSF6e3Y3xUvgnf5qnD/aQ7v -XtU3S9zbSV4PRwKCAQEAymdbSHh1UH5TLvkFn/cNtyySBixjOKZk6rS5OI4XcdVQ -xr0YMo/hQRjQHZxkWw3Oto4jXmad02eVyJ/ttyHO0bNChMISqh/STkUKlOb8zaMJ -US6Hu7hJFSDe7OjxKgn5Sj3KHe9DhlhIW4Hzgbb7+zAvhjn60IlcjisFNSlu7Og+ -+vaUuOBLjDl0TYPBMvUzFT4Z0RIiHu9L6lqa4ka6TC/CbtrNRVbv9IYNlbs1K4xQ -SwjpbIKOxFAoWK/Y+XGBJrD4XKSgOufcRyYUsmanF46Ag2H3gkmPqmqK1Ykbrr69 -Au/hj5xtN/SuwjWNclWvO+2Ck8WYsorTA3ErqAhFzwKCAQAjYmjipApZrGCdyjg+ -OBTpn6topDxCDZagyYQKbnw+jnhx9kxDBY0rFy6oGTRmNvgTdOctK8vrw2obH43p -787RqfVX/6c1hC1nxIOT+sbC+U9WQkVxTO8mzy1Xmt/+qZXD+yKb8c9XX3CASGrN -42wyBwKTcmMEfyxUmCxvsfBsOSSAsxRZp0P8euO8YtDz/WUc/im8GEgjqneoXUX3 -HlGbYWhR4RkdFXxKuT05q4f0lBcn+aeKsEqGGBAMWoDkpaBLyXUFac9orlJLD7+9 -c3aO1bLT8LUPv9zQXOA7N+II6o1C879fZj6U/d1kpCDW+5dO8TKTcVOaPd3XVGeL -mE3dAoIBAQCE3mCwLFNm6eaVeWfV4Qqh6qJZZx4jfCfXY5gLpkuBsLT8IfoWhxkp -8K3+IkJG+8NtV9WkDN0igGd1cndMtubcBj9ugzBZedZHB0+w/AmMvLBLGK6F7q4b -Lp7pCun13OJHeFSMXhsHwECPwbkmuAammLU5+inKZ8HYmikrAu4Mm1Fs0h5DVwqB -HN5aXFmhqBFGqqOr+alogVJmn9/5FtEJXnjW6M/D6xROgwm7908qLUwwVcNWNkae -XLh/r8BRz88mpRoFRxTgVoDmO/tuObEK58M5fEBMyRmEl7hYAU+o4RGXMf3ylo+k -If3vA9S8776/KmWDuD1LR5LKOaqc/gFFAoIBAQDjlsI3A7yRx5CCOSS1zdrZXDve -dmpzjun13OqPe1N2PGbgvrrMY9oEbZ4jf1FMNUYFQafHWr8+iQRbm+WS2fZSq6ie -z8+vwhIQzyYAKDOHcfk/ImVCnCZOpWUv78T3ftBOm0flK9FgmtEVU9lZOGwJeeSl -XfXvA23Yq6h4NYvugw6YyamOjy8EnYwO707ibJVajeNFukrZO3Ywcaz1/jn/iaDv -KArlIAJ3R/phf9+e35pBAtjM6NYqzqVp93MUwMTXnK8TAPhtT8rEsP6Q5T703Lof -kphJ2V/clAXtRXwP+588e7JveeZlOS+3vUm3JWv+zHtWGY3SXefcialXfNN/ ------END RSA PRIVATE KEY----- -` - -export const invalidPrivatePem = `-----BEGIN RSA PRIVATE KEY----- -MIIJJgIBAAKCAgBh2paLu/KqIYKapXLXD2kHt4TDGWCProE55heq9hdC0T8+zI0i -dAuwkIytczMEliM9S/HbOci7yUZNGnBEBTOYaA02ihkxuYQx+4wxTCBump6NW9um -NU3ZNj7jCglOGDCAT3He+/PeXu07N/U5+J2bmHRT4901p+o0MihJUvxZwHCFxRjP -q8o6HPFWsKrL+EcrA2yCuari4AMRwO8Kk6n6OqNpTtbEPgTeYryfGTTLnatnoX8C -tAvoEZCy0b7p9zXuBcR0dAX6AKfshz3xUe10Xo6Hm/02ZU6ckaWh9OEkNsIWs/L4 -xXfKt9IU6ZkNvN2grDftA9z6fW8FvoFhVhdPOCiZO8DgUEMZIuAdndkBUdAPpDfd -tr0hugakGq87OzpniksKgH3meTEVGKt5OWZHQ/GcLSakOcd08e5SkuhltRafbyFl -vB9gzi3WVz18ZeymXu4QP07KYDCOX1fdLW7HrKBvf4aYLDKQeMIHoZvIDWuDThVh -E75weAEcezPXAsEE1zcvDajCZmQOdgv0Trc9wxHAeRZV1hoxhheAflxG8YkMTNS3 -PcBFrHz+wjzuYUDh0yTUzFiUeUQxb2zMz0iqYkfl7Ov+ApgyysFHbCfrb88HvlFj -nYpyE0JVxA83O7QuQ/ZCtmTmalHk1y2jti0HEOGM6wJvWwZLL5pjGK1aEwIDAQAB -AoICAAaFOUjgYkAh8YD6i1d3SGliOi+B7mREnYnNIkCbG1uxc8Rsfu8PyoOebjFU -ns6sbna0K86O4ChbNhsHKvntWs3KCS9cLmeY1A08lM/oIbUdCnmi6FT/8ksKCVC5 -p3sTs4+pO44/PbXQn4A1r1qIjYADvaSlZ2Ue5kVKHlMce4JDh3vycT/NU7FholdD -eG4VAjEEjmN7mb56bNnvAD61LjtlUuQ+g6MZ+tsSuzziwhjbTcOfCEaW1sBFA15X -CaCvf2F38upLnOZWytnA/UiqS+dYMakppMrOH1nhfqb3GVV/bJl0rjkTd3MDorUQ -B8nZju8Y6rUZb80lNJOuaRKiWPUyOlIqnITBPXCAd6joqpyuKkoD5D/rZ46W+0n3 -yVa+p9cfapvXuU5ChwxBMBsa8sMQ5TSb365H6GVZkFSVSfEg4NjicTxYIC3QuEdq -zTRWTTu4lYDWaTK61o/0LKFqg+DUehSxnx9S9zUzxB0GMZzOEXTmXaJWN+1kvmgv -2NVI6WfPjaNgeG+Nr9qw5simyxbmN0vHV8FjrmgGZMNf7ogibMtnECW4MxYN+6Ie -rY5AeMry+5iOPbuSUc75JmbAYHvw0wt9o4D/gcwLKIUNoGpiyihXy9GLllYR2bHM -VaZk+bwqqMcGX4pFio+fQJNcmw6msDiK20TT1cnhrYIrbpSJAoIBAQCtyKRI49Cv -qQI7AEYwMxym7exTSaFeN8T1m+CCetvx8ss5Kce/+RgrWauVh7WNOj+wR+3DfRL+ -1NhMgTiuWt2EjrzHmX/0Fugm2Z28JxofkS7MSuSqPwA9L4pUfHOqsmXptMxSTiG2 -ypgkWfUyQh+c8lAZWpds3kUXptnzORk2vsNkk6sebuJewF3TxURGqcHdl3t/IyGQ -sc396ztoPWOSIx/mc+2D5XtcOOrHR8SEwZsr9dPYQTAqV+v/6/MJ68ZU3nSp1E15 -Wd5YfRNIc20Hg9UTM1XXGCipa75/OguCd/OqVYVxBprLC8pv3kuhxn43rbbueRiu -LZIbUhQmTfHHAoIBAQCQJeYBEYF8Ar5zj1UI9uNGDmL37XwWbTXtopMcM8E+OX7u -uF8p+FmKNBsBGJvsi9D2MIouFgIKx6CTgbovrMC2Emv80Wvi2d7lOk1pZgrXLXKo -yHzHLlK4/8wEBdHKLZ5L7JC6c1JmuDaHVIE2KC53fiBIGh+ogGeZlC6VwRvXOUJF -W0w82hYSV97IhzKMM18YaIHnvvz3KPpCbQBmYQJizWaETSmcQx8igDe4nf9b8An+ -NF2GvtNklzG9vbSeMJztK8EQgKSxpUun3z69yx71qCnvwPFg68VFCau5358N0YeM -B+6BEgy3b4n4nvmDOquvPKyYXQoNAiBXyqIEU1VVAoIBAHUWhnoF5Ik2GiaenKvF -BD0EeQH0ziCo+q9xAudm1+JAb+Rn3gneTwaGODFbaltpL5gaHnxkPPQtfD6vofz3 -g+DYOyFQrwFKncfvP3OR9Ovn6dwDaeW65PJUoaMi5tvPrxKzmiaqNdTu02tKoQXn -v10Ddixe+T+E0pCI/rf9dJuKFCQjyluK4kJs4crZUpM5tUET20Vh6i+PXPcEEta8 -5eWEfO3Mle8UIvWT87upAyNfPqlzy/Qcl9MvwfaAhxPcI5jy+S+jtz9X6ZM9Ukyy -WHeDv4BcSi3OPTdJPOSDu1WAdFADpxDsHkdH/nE5GUQ6dLgW9vXd6V8RnSuDNchJ -I+kCggEAZaCimWw7KzBQD+8k164grBqmgf+INdOHauPs7bw7aOBmcm3Agjma/0of -I9Wy0MH+cCPmt/lCNVFrD7QtjUExmOxCADux4X0Tne9N9po/2FcteHvpJRCut8l4 -j/l+YBlrekHuA9YcaVlE8IKOmp0XrZ1Zqxvn6AenguqrMV+1fjbbV0S36ksjtokH -A7/1zkzFpdLAi5/mf2b/keeBmayZXwlLVsmEJaxY/h0BrAKQr8P7d6J5se9F4KyM -ICboeYLykHABrN3Vv303asKFXJAhYrbN4j/YrilrqnHYBbL4U2i/NOW+rHcKSiW0 -U3nZlkC+HE0drkoiNOuj2+F7+qq6BQKCAQAZK0uKuSAUJXSMSJWogpNLjHbg37bM -RHpdzPxpJhrhsU4XN1W5g153qfZBdioXGGeEYrfnKM+QG5VkbZ80C7TSe/CMeOyn -J1kxh2BZV3VP0xzdaQOcL/rHn7uq75KD5t8JwIQM8N1sos1D1/k8vz9RjElvZ3kx -gkrdwl3XTM//5Aq8iUZtt5OA7Jel/Iw9e4QBf6F2pYl73BStBbUHtWPC9we8qj3p -JgGFwiBBmFjZqu1oo0Q4mteDIIEHvbebD6G0nibilORZGOFnCVE7f0HYEzHDAzVe -OgyQybTowIznIMk7WuoLS2Kq1GghMm1l1gkmXj5hmmSIg8GBwRWa+5x6 ------END RSA PRIVATE KEY----- -` diff --git a/cypress/integration/oauth2/grant_jwtbearer.js b/cypress/integration/oauth2/grant_jwtbearer.js index e5cfa459fac..fcf89634734 100644 --- a/cypress/integration/oauth2/grant_jwtbearer.js +++ b/cypress/integration/oauth2/grant_jwtbearer.js @@ -4,9 +4,6 @@ import { deleteGrants, deleteClients, prng, - privatePem, - publicJwk, - invalidPrivatePem } from '../../helpers' const dayjs = require('dayjs') @@ -17,11 +14,48 @@ dayjs.extend(isBetween) const jwt = require('jsonwebtoken') + +let testPublicJwk; +let testPrivatePem; +let invalidtestPrivatePem +const initTestKeyPairs = async () => { + const algorithm = { + name: 'RSASSA-PKCS1-v1_5', + modulusLength: 2048, + publicExponent: new Uint8Array([1, 0, 1]), + hash: 'SHA-256', + }; + const keys = await crypto.subtle.generateKey(algorithm, true, ['sign', 'verify']); + + // public key to jwk + const publicJwk = await crypto.subtle.exportKey("jwk", keys.publicKey); + publicJwk.kid = 'token-service-key'; + + // private key to pem + const exportedPK = await crypto.subtle.exportKey("pkcs8", keys.privateKey); + const exportedAsBase64 = Buffer.from(exportedPK).toString('base64'); + const privatePem = `-----BEGIN PRIVATE KEY-----\n${exportedAsBase64}\n-----END PRIVATE KEY-----`; + + // create another private key to test invalid signatures + const invalidKeys = await crypto.subtle.generateKey(algorithm, true, ['sign', 'verify']); + const invalidPK = await crypto.subtle.exportKey("pkcs8", invalidKeys.privateKey); + const invalidAsBase64 = Buffer.from(invalidPK).toString('base64'); + const invalidPrivatePem = `-----BEGIN PRIVATE KEY-----\n${invalidAsBase64}\n-----END PRIVATE KEY-----`; + + testPublicJwk = publicJwk; + testPrivatePem = privatePem; + invalidtestPrivatePem = invalidPrivatePem; +}; + describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { beforeEach(() => { deleteGrants() deleteClients() - }) + }); + + before(() => { + return cy.wrap(initTestKeyPairs()); + }); const tokenUrl = `${Cypress.env('public_url')}/oauth2/token` @@ -38,7 +72,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { issuer: prng(), subject: subject, scope: ['foo', 'openid', 'offline_access'], - jwk: publicJwk, + jwk: testPublicJwk, expires_at: dayjs().utc().add(1, 'year').set('millisecond', 0).toISOString() }) @@ -61,7 +95,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { const grant = gr(prng()) createGrant(grant) - const assertion = jwt.sign(jwtAssertion(grant), privatePem, { + const assertion = jwt.sign(jwtAssertion(grant), testPrivatePem, { algorithm: 'RS256' }) @@ -95,7 +129,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { const grant = gr(prng()) createGrant(grant) - const assertion = jwt.sign(jwtAssertion(grant), privatePem, { + const assertion = jwt.sign(jwtAssertion(grant), testPrivatePem, { algorithm: 'RS256' }) @@ -125,7 +159,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { var ja = jwtAssertion(grant) delete ja['jti'] - const assertion = jwt.sign(ja, privatePem, { algorithm: 'RS256' }) + const assertion = jwt.sign(ja, testPrivatePem, { algorithm: 'RS256' }) // first token request should work fine cy.request({ @@ -155,7 +189,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { createGrant(grant) const jwt1 = jwtAssertion(grant) - const assertion1 = jwt.sign(jwt1, privatePem, { algorithm: 'RS256' }) + const assertion1 = jwt.sign(jwt1, testPrivatePem, { algorithm: 'RS256' }) // first token request should work fine cy.request({ @@ -182,7 +216,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { const assertion2 = jwt.sign( jwtAssertion(grant, { jti: jwt1['jti'] }), - privatePem, + testPrivatePem, { algorithm: 'RS256' } ) @@ -215,7 +249,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { var ja = jwtAssertion(grant) delete ja['iat'] - const assertion = jwt.sign(ja, privatePem, { + const assertion = jwt.sign(ja, testPrivatePem, { algorithm: 'RS256', noTimestamp: true }) @@ -247,7 +281,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { const grant = gr(prng()) createGrant(grant) - const assertion = jwt.sign(jwtAssertion(grant), invalidPrivatePem, { + const assertion = jwt.sign(jwtAssertion(grant), invalidtestPrivatePem, { algorithm: 'RS256' }) @@ -279,7 +313,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { const assertion = jwt.sign( jwtAssertion(grant, { sub: 'invalid_subject' }), - privatePem, + testPrivatePem, { algorithm: 'RS256' } ) @@ -311,7 +345,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { const assertion = jwt.sign( jwtAssertion(grant, { iss: 'invalid_issuer' }), - privatePem, + testPrivatePem, { algorithm: 'RS256' } ) @@ -343,7 +377,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { const assertion = jwt.sign( jwtAssertion(grant, { aud: 'invalid_audience' }), - privatePem, + testPrivatePem, { algorithm: 'RS256' } ) @@ -377,7 +411,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { jwtAssertion(grant, { exp: dayjs().utc().subtract(1, 'minute').set('millisecond', 0).unix() }), - privatePem, + testPrivatePem, { algorithm: 'RS256' } ) @@ -411,7 +445,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { jwtAssertion(grant, { nbf: dayjs().utc().add(1, 'minute').set('millisecond', 0).unix() }), - privatePem, + testPrivatePem, { algorithm: 'RS256' } ) @@ -445,7 +479,7 @@ describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { jwtAssertion(grant, { nbf: dayjs().utc().subtract(1, 'minute').set('millisecond', 0).unix() }), - privatePem, + testPrivatePem, { algorithm: 'RS256' } ) From dd18daf4c3f2107326f18f30b41ef822f3d3df73 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jagoba=20Gasco=CC=81n?= Date: Thu, 9 Dec 2021 16:07:31 +0100 Subject: [PATCH 42/49] feat: replace Math.random with crypto.getRandomValues The CodeQL analyze tool was complaining about using a cryptographically insecure random value in a security context. This change should stop that. --- cypress/helpers/index.js | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/cypress/helpers/index.js b/cypress/helpers/index.js index adfc70561a7..92b7cea26cb 100644 --- a/cypress/helpers/index.js +++ b/cypress/helpers/index.js @@ -1,7 +1,9 @@ -export const prng = () => - `${Math.random().toString(36).substring(2)}${Math.random() - .toString(36) - .substring(2)}` +export const prng = () => { + var array = new Uint32Array(2); + crypto.getRandomValues(array); + + return `${array[0].toString()}${array[1].toString()}` +} const isStatusOk = (res) => res.ok From 9a59bd3e36baec7710c9036befd1a6debd9c9113 Mon Sep 17 00:00:00 2001 From: Vladimir Kalugin Date: Tue, 14 Dec 2021 12:47:31 +0300 Subject: [PATCH 43/49] chore: format --- cypress/helpers/index.js | 4 +- cypress/integration/oauth2/grant_jwtbearer.js | 58 +++++++++++-------- 2 files changed, 35 insertions(+), 27 deletions(-) diff --git a/cypress/helpers/index.js b/cypress/helpers/index.js index 92b7cea26cb..c57d12cb307 100644 --- a/cypress/helpers/index.js +++ b/cypress/helpers/index.js @@ -1,6 +1,6 @@ export const prng = () => { - var array = new Uint32Array(2); - crypto.getRandomValues(array); + var array = new Uint32Array(2) + crypto.getRandomValues(array) return `${array[0].toString()}${array[1].toString()}` } diff --git a/cypress/integration/oauth2/grant_jwtbearer.js b/cypress/integration/oauth2/grant_jwtbearer.js index fcf89634734..5007efc13cd 100644 --- a/cypress/integration/oauth2/grant_jwtbearer.js +++ b/cypress/integration/oauth2/grant_jwtbearer.js @@ -3,7 +3,7 @@ import { createGrant, deleteGrants, deleteClients, - prng, + prng } from '../../helpers' const dayjs = require('dayjs') @@ -14,48 +14,56 @@ dayjs.extend(isBetween) const jwt = require('jsonwebtoken') - -let testPublicJwk; -let testPrivatePem; +let testPublicJwk +let testPrivatePem let invalidtestPrivatePem const initTestKeyPairs = async () => { const algorithm = { name: 'RSASSA-PKCS1-v1_5', modulusLength: 2048, publicExponent: new Uint8Array([1, 0, 1]), - hash: 'SHA-256', - }; - const keys = await crypto.subtle.generateKey(algorithm, true, ['sign', 'verify']); - + hash: 'SHA-256' + } + const keys = await crypto.subtle.generateKey(algorithm, true, [ + 'sign', + 'verify' + ]) + // public key to jwk - const publicJwk = await crypto.subtle.exportKey("jwk", keys.publicKey); - publicJwk.kid = 'token-service-key'; + const publicJwk = await crypto.subtle.exportKey('jwk', keys.publicKey) + publicJwk.kid = 'token-service-key' // private key to pem - const exportedPK = await crypto.subtle.exportKey("pkcs8", keys.privateKey); - const exportedAsBase64 = Buffer.from(exportedPK).toString('base64'); - const privatePem = `-----BEGIN PRIVATE KEY-----\n${exportedAsBase64}\n-----END PRIVATE KEY-----`; + const exportedPK = await crypto.subtle.exportKey('pkcs8', keys.privateKey) + const exportedAsBase64 = Buffer.from(exportedPK).toString('base64') + const privatePem = `-----BEGIN PRIVATE KEY-----\n${exportedAsBase64}\n-----END PRIVATE KEY-----` // create another private key to test invalid signatures - const invalidKeys = await crypto.subtle.generateKey(algorithm, true, ['sign', 'verify']); - const invalidPK = await crypto.subtle.exportKey("pkcs8", invalidKeys.privateKey); - const invalidAsBase64 = Buffer.from(invalidPK).toString('base64'); - const invalidPrivatePem = `-----BEGIN PRIVATE KEY-----\n${invalidAsBase64}\n-----END PRIVATE KEY-----`; - - testPublicJwk = publicJwk; - testPrivatePem = privatePem; - invalidtestPrivatePem = invalidPrivatePem; -}; + const invalidKeys = await crypto.subtle.generateKey(algorithm, true, [ + 'sign', + 'verify' + ]) + const invalidPK = await crypto.subtle.exportKey( + 'pkcs8', + invalidKeys.privateKey + ) + const invalidAsBase64 = Buffer.from(invalidPK).toString('base64') + const invalidPrivatePem = `-----BEGIN PRIVATE KEY-----\n${invalidAsBase64}\n-----END PRIVATE KEY-----` + + testPublicJwk = publicJwk + testPrivatePem = privatePem + invalidtestPrivatePem = invalidPrivatePem +} describe('The OAuth 2.0 JWT Bearer (RFC 7523) Grant', function () { beforeEach(() => { deleteGrants() deleteClients() - }); + }) before(() => { - return cy.wrap(initTestKeyPairs()); - }); + return cy.wrap(initTestKeyPairs()) + }) const tokenUrl = `${Cypress.env('public_url')}/oauth2/token` From 533f8e6e581dc92651aeeb52cd912562d8d31517 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Sun, 26 Dec 2021 19:10:50 +0200 Subject: [PATCH 44/49] chore: code review --- docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx | 6 +++--- go.mod | 2 ++ go.sum | 4 ++-- .../sql/migratest/testdata/20211226155900_testdata.sql | 4 ++++ ...0211226155900000000_grant_jwk_bearer.cockroach.down.sql} | 0 ... 20211226155900000000_grant_jwk_bearer.cockroach.up.sql} | 2 +- ...=> 20211226155900000000_grant_jwk_bearer.mysql.down.sql} | 0 ...l => 20211226155900000000_grant_jwk_bearer.mysql.up.sql} | 2 +- ...20211226155900000000_grant_jwk_bearer.postgres.down.sql} | 0 ...> 20211226155900000000_grant_jwk_bearer.postgres.up.sql} | 2 +- ...> 20211226155900000000_grant_jwk_bearer.sqlite.down.sql} | 0 ... => 20211226155900000000_grant_jwk_bearer.sqlite.up.sql} | 2 +- 12 files changed, 15 insertions(+), 9 deletions(-) create mode 100644 persistence/sql/migratest/testdata/20211226155900_testdata.sql rename persistence/sql/migrations/{20201211145331000000_grant_jwk_bearer.cockroach.down.sql => 20211226155900000000_grant_jwk_bearer.cockroach.down.sql} (100%) rename persistence/sql/migrations/{20201211145331000000_grant_jwk_bearer.cockroach.up.sql => 20211226155900000000_grant_jwk_bearer.cockroach.up.sql} (92%) rename persistence/sql/migrations/{20201211145331000000_grant_jwk_bearer.mysql.down.sql => 20211226155900000000_grant_jwk_bearer.mysql.down.sql} (100%) rename persistence/sql/migrations/{20201211145331000000_grant_jwk_bearer.mysql.up.sql => 20211226155900000000_grant_jwk_bearer.mysql.up.sql} (92%) rename persistence/sql/migrations/{20201211145331000000_grant_jwk_bearer.postgres.down.sql => 20211226155900000000_grant_jwk_bearer.postgres.down.sql} (100%) rename persistence/sql/migrations/{20201211145331000000_grant_jwk_bearer.postgres.up.sql => 20211226155900000000_grant_jwk_bearer.postgres.up.sql} (92%) rename persistence/sql/migrations/{20201211145331000000_grant_jwk_bearer.sqlite.down.sql => 20211226155900000000_grant_jwk_bearer.sqlite.down.sql} (100%) rename persistence/sql/migrations/{20201211145331000000_grant_jwk_bearer.sqlite.up.sql => 20211226155900000000_grant_jwk_bearer.sqlite.up.sql} (94%) diff --git a/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx b/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx index 18764660440..4f88a2fe466 100644 --- a/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx +++ b/docs/docs/guides/oauth2-grant-type-jwt-bearer.mdx @@ -49,10 +49,10 @@ Clients using this grant must be authenticated. Before using this grant type, you must establish a trust relationship in Ory Hydra. This involves registering the issuer, subject, and the public key at Ory -Hydra: +Hydra's Admin Endpoint: ``` -POST /trust/grants/jwt-bearer/issuers +POST https:///trust/grants/jwt-bearer/issuers Content-Type: application/json { @@ -96,7 +96,7 @@ which has the claims } ``` -to be exchanged for an OAuth2 Access Token (the `scoe` parameter is optional!) +to be exchanged for an OAuth2 Access Token (the `scope` parameter is optional!) ``` POST /oauth2/token HTTP/1.1 diff --git a/go.mod b/go.mod index 80cf4f449c7..2cb4ae6519f 100644 --- a/go.mod +++ b/go.mod @@ -3,6 +3,7 @@ module github.com/ory/hydra go 1.16 replace ( + github.com/bradleyjkemp/cupaloy/v2 => github.com/aeneasr/cupaloy/v2 v2.6.1-0.20210924214125-3dfdd01210a3 github.com/dgrijalva/jwt-go => github.com/golang-jwt/jwt/v4 v4.0.0 github.com/gobuffalo/packr => github.com/gobuffalo/packr v1.30.1 github.com/gogo/protobuf => github.com/gogo/protobuf v1.3.2 @@ -14,6 +15,7 @@ replace ( ) require ( + github.com/bradleyjkemp/cupaloy/v2 v2.6.0 github.com/cenkalti/backoff/v3 v3.0.0 github.com/evanphx/json-patch v4.9.0+incompatible github.com/go-bindata/go-bindata v3.1.2+incompatible diff --git a/go.sum b/go.sum index a9b5c45ac74..17619c88086 100644 --- a/go.sum +++ b/go.sum @@ -107,6 +107,8 @@ github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:H github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo= github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g= +github.com/aeneasr/cupaloy/v2 v2.6.1-0.20210924214125-3dfdd01210a3 h1:/SkiUr3JJzun9QN9cpUVCPri2ZwOFJ3ani+F3vdoCiY= +github.com/aeneasr/cupaloy/v2 v2.6.1-0.20210924214125-3dfdd01210a3/go.mod h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0= github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c= github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM= github.com/ajg/form v0.0.0-20160822230020-523a5da1a92f h1:zvClvFQwU++UpIUBGC8YmDlfhUrweEy1R1Fj1gu5iIM= @@ -175,8 +177,6 @@ github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 h1:DDGfHa7BWjL4Yn github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= -github.com/bradleyjkemp/cupaloy/v2 v2.6.0 h1:knToPYa2xtfg42U3I6punFEjaGFKWQRXJwj0JTv4mTs= -github.com/bradleyjkemp/cupaloy/v2 v2.6.0/go.mod h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0= github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= github.com/buger/jsonparser v0.0.0-20180808090653-f4dd9f5a6b44/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s= github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= diff --git a/persistence/sql/migratest/testdata/20211226155900_testdata.sql b/persistence/sql/migratest/testdata/20211226155900_testdata.sql new file mode 100644 index 00000000000..0d5ce9ef6ea --- /dev/null +++ b/persistence/sql/migratest/testdata/20211226155900_testdata.sql @@ -0,0 +1,4 @@ +INSERT INTO hydra_jwk (pk, sid, kid, version, keydata, created_at) VALUES (8, 'sid-0008', 'kid-0008', 2, 'key-0002', now()); + +INSERT INTO hydra_oauth2_trusted_jwt_bearer_issuer (id, issuer, subject, scope, key_set, key_id) +VALUES ('30e51720-4a88-48ca-8243-de7d8f461674', 'some-issuer', 'some-subject', 'some-scope', 'sid-0008', 'kid-0008'); diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.down.sql b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.cockroach.down.sql similarity index 100% rename from persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.down.sql rename to persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.cockroach.down.sql diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.up.sql b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.cockroach.up.sql similarity index 92% rename from persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.up.sql rename to persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.cockroach.up.sql index 4eece787bfe..b2291acafa0 100644 --- a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.cockroach.up.sql +++ b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.cockroach.up.sql @@ -1,6 +1,6 @@ CREATE TABLE IF NOT EXISTS hydra_oauth2_trusted_jwt_bearer_issuer ( - id UUID PRIMARY KEY, + id UUID PRIMARY KEY, issuer VARCHAR(255) NOT NULL, subject VARCHAR(255) NOT NULL, scope TEXT NOT NULL, diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.down.sql b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.mysql.down.sql similarity index 100% rename from persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.down.sql rename to persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.mysql.down.sql diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.up.sql b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.mysql.up.sql similarity index 92% rename from persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.up.sql rename to persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.mysql.up.sql index a0ed4ac4913..dce069ad6a8 100644 --- a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.mysql.up.sql +++ b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.mysql.up.sql @@ -1,6 +1,6 @@ CREATE TABLE IF NOT EXISTS hydra_oauth2_trusted_jwt_bearer_issuer ( - id VARCHAR(36) PRIMARY KEY, + id UUID PRIMARY KEY, issuer VARCHAR(255) NOT NULL, subject VARCHAR(255) NOT NULL, scope TEXT NOT NULL, diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.down.sql b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.postgres.down.sql similarity index 100% rename from persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.down.sql rename to persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.postgres.down.sql diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.up.sql b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.postgres.up.sql similarity index 92% rename from persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.up.sql rename to persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.postgres.up.sql index 4eece787bfe..b2291acafa0 100644 --- a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.postgres.up.sql +++ b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.postgres.up.sql @@ -1,6 +1,6 @@ CREATE TABLE IF NOT EXISTS hydra_oauth2_trusted_jwt_bearer_issuer ( - id UUID PRIMARY KEY, + id UUID PRIMARY KEY, issuer VARCHAR(255) NOT NULL, subject VARCHAR(255) NOT NULL, scope TEXT NOT NULL, diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.down.sql b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.sqlite.down.sql similarity index 100% rename from persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.down.sql rename to persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.sqlite.down.sql diff --git a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.up.sql b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.sqlite.up.sql similarity index 94% rename from persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.up.sql rename to persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.sqlite.up.sql index 5a5f125fc3e..0e175fc5dfe 100644 --- a/persistence/sql/migrations/20201211145331000000_grant_jwk_bearer.sqlite.up.sql +++ b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.sqlite.up.sql @@ -1,6 +1,6 @@ CREATE TABLE IF NOT EXISTS hydra_oauth2_trusted_jwt_bearer_issuer ( - id UUID PRIMARY KEY, + id VARCHAR(36) PRIMARY KEY, issuer VARCHAR(255) NOT NULL, subject VARCHAR(255) NOT NULL, scope TEXT NOT NULL, From 8527fabb5ee3dee4ddf08ac317feb3bad1e78376 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Sun, 26 Dec 2021 19:14:28 +0200 Subject: [PATCH 45/49] chore: code review --- test/e2e/docker-compose.mysql.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/test/e2e/docker-compose.mysql.yml b/test/e2e/docker-compose.mysql.yml index d3b29c1ccc8..03396fc7e87 100644 --- a/test/e2e/docker-compose.mysql.yml +++ b/test/e2e/docker-compose.mysql.yml @@ -18,6 +18,7 @@ services: mysqld: image: mysql:5.7 + platform: linux/amd64 ports: - "3306:3306" environment: From a8f1a514cc5f97e37808ce8d30c6eff2d3f74032 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Sun, 26 Dec 2021 19:17:17 +0200 Subject: [PATCH 46/49] chore: format --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 2675009a4e1..406a8b26e19 100644 --- a/Makefile +++ b/Makefile @@ -59,7 +59,7 @@ test-resetdb: node_modules docker rm -f hydra_test_database_mysql || true docker rm -f hydra_test_database_postgres || true docker rm -f hydra_test_database_cockroach || true - docker run --rm --name hydra_test_database_mysql -p 3444:3306 -e MYSQL_ROOT_PASSWORD=secret -d mysql:5.7 + docker run --rm --name hydra_test_database_mysql --platform linux/amd64 -p 3444:3306 -e MYSQL_ROOT_PASSWORD=secret -d mysql:5.7 docker run --rm --name hydra_test_database_postgres -p 3445:5432 -e POSTGRES_PASSWORD=secret -e POSTGRES_DB=postgres -d postgres:9.6 docker run --rm --name hydra_test_database_cockroach -p 3446:26257 -d cockroachdb/cockroach:v20.2.6 start-single-node --insecure From ac9f7ec6f65053a66695675bc005a0eeb089a726 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Sun, 26 Dec 2021 19:18:25 +0200 Subject: [PATCH 47/49] chore: code review --- .docker/Dockerfile-alpine | 2 +- .docker/Dockerfile-build | 4 ++-- .docker/Dockerfile-scratch | 2 +- .docker/Dockerfile-sqlite | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.docker/Dockerfile-alpine b/.docker/Dockerfile-alpine index 1efe9e82592..ee1f2b785f2 100644 --- a/.docker/Dockerfile-alpine +++ b/.docker/Dockerfile-alpine @@ -1,4 +1,4 @@ -FROM alpine:3.14.3 +FROM alpine:3.15 RUN addgroup -S ory; \ adduser -S ory -G ory -D -H -s /bin/nologin diff --git a/.docker/Dockerfile-build b/.docker/Dockerfile-build index 3567f860e06..3a04b737b62 100644 --- a/.docker/Dockerfile-build +++ b/.docker/Dockerfile-build @@ -1,4 +1,4 @@ -FROM golang:1.16-alpine AS builder +FROM golang:1.17-alpine3.15 AS builder RUN apk -U --no-cache add build-base git gcc bash @@ -16,7 +16,7 @@ ADD . . RUN go build -tags sqlite -o /usr/bin/hydra -FROM alpine:3.14.3 +FROM alpine:3.15 RUN addgroup -S ory; \ adduser -S ory -G ory -D -h /home/ory -s /bin/nologin; \ diff --git a/.docker/Dockerfile-scratch b/.docker/Dockerfile-scratch index 12fb2ac3df0..dafd2f60c53 100644 --- a/.docker/Dockerfile-scratch +++ b/.docker/Dockerfile-scratch @@ -1,4 +1,4 @@ -FROM alpine:3.14.3 +FROM alpine:3.15 RUN apk add -U --no-cache ca-certificates diff --git a/.docker/Dockerfile-sqlite b/.docker/Dockerfile-sqlite index a8717de2037..f31b4e21c53 100644 --- a/.docker/Dockerfile-sqlite +++ b/.docker/Dockerfile-sqlite @@ -1,4 +1,4 @@ -FROM alpine:3.14.3 +FROM alpine:3.15 # Because this image is built for SQLite, we create /home/ory and /home/ory/sqlite which is owned by the ory user # and declare /home/ory/sqlite a volume. From 5e161c8ddb38d6cd8b1834f53aaea4650912bc26 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Sun, 26 Dec 2021 19:20:53 +0200 Subject: [PATCH 48/49] chore: code review --- docs/docs/concepts/consent.mdx | 4 - docs/docs/concepts/login.mdx | 8 -- docs/docs/guides/consent.mdx | 2 - docs/docs/guides/login.mdx | 8 -- docs/docs/guides/logout.mdx | 8 -- docs/scripts/config.js | 156 +++++++++++----------- docs/scripts/rerelease.js | 14 +- docs/src/theme/CodeFromRemote.js | 26 ++-- docs/src/theme/ketoRelationTuplesPrism.js | 3 +- 9 files changed, 103 insertions(+), 126 deletions(-) diff --git a/docs/docs/concepts/consent.mdx b/docs/docs/concepts/consent.mdx index 225ed42b82f..b6d378f115b 100644 --- a/docs/docs/concepts/consent.mdx +++ b/docs/docs/concepts/consent.mdx @@ -151,13 +151,11 @@ request! For more details about the implementation check the ]}> - ![Exemplary OAuth 2.0 Consent Screen](../images/consent-endpoint.png) - ```shell script $ curl \ "http://127.0.0.1:4445/oauth2/auth/requests/consent?consent_challenge=7bb518c4eec2454dbb289f5fdb4c0ee2" @@ -169,7 +167,6 @@ examples using the ORY Hydra SDK in different languages. - ```json { "challenge": "f633e49d56bc40e0a876ac8242eb9891", @@ -216,7 +213,6 @@ examples using the ORY Hydra SDK in different languages. - The way you collect the consent information from the End-User is up to you. In most cases, you will show an HTML form similar to: diff --git a/docs/docs/concepts/login.mdx b/docs/docs/concepts/login.mdx index 4607d035d91..0abbc420328 100644 --- a/docs/docs/concepts/login.mdx +++ b/docs/docs/concepts/login.mdx @@ -78,13 +78,11 @@ correct endpoint for your interactions. ]}> - ![OAuth 2.0 Client](../images/oauth2-consumer.png) - ```html - ```js // ... window.location.href = @@ -106,7 +103,6 @@ window.location.href = - ## Redirection to the Login Endpoint The next task for ORY Hydra is to know the user of the request. To achieve that, @@ -206,13 +202,11 @@ more details about the implementation check the ]}> - ![OAuth 2.0 Login UI Screen](../images/login-endpoint.png) - ``` curl "http://127.0.0.1:4445/oauth2/auth/requests/login?login_challenge=7bb518c4eec2454dbb289f5fdb4c0ee2" ``` @@ -223,7 +217,6 @@ examples using the ORY Hydra SDK in different languages. - ```json { "challenge": "7bb518c4eec2454dbb289f5fdb4c0ee2", @@ -262,7 +255,6 @@ examples using the ORY Hydra SDK in different languages. - The way you authenticate the End-User is up to you. In most cases, you will show an HTML form similar to: diff --git a/docs/docs/guides/consent.mdx b/docs/docs/guides/consent.mdx index 14ba5a6a625..0fcccfee1d5 100644 --- a/docs/docs/guides/consent.mdx +++ b/docs/docs/guides/consent.mdx @@ -43,7 +43,6 @@ access to ORY Hydra's Admin Endpoint! ]}> - ![OAuth2 Consent UI Screen](../images/consent-endpoint.png) @@ -59,7 +58,6 @@ access to ORY Hydra's Admin Endpoint! - ## Accepting the Consent Request diff --git a/docs/docs/guides/login.mdx b/docs/docs/guides/login.mdx index 079804e8405..c065e394d7f 100644 --- a/docs/docs/guides/login.mdx +++ b/docs/docs/guides/login.mdx @@ -37,13 +37,11 @@ access to ORY Hydra's Admin Endpoint! ]}> - ![OAuth2 Login UI Screen](../images/login-endpoint.png) - :::note Check out our @@ -104,7 +102,6 @@ router.get('/login', csrfProtection, (req, res, next) => { - ```html
@@ -122,7 +119,6 @@ router.get('/login', csrfProtection, (req, res, next) => { - ## Accepting the Login Request { ]}> - :::note Check out our @@ -191,7 +186,6 @@ router.post('/login', csrfProtection, (req, res, next) => { - ## Rejecting the Login Request { ]}> - ```typescript // You can deny the login request at any point - for example if the system is currently undergoing maintenance // or the user has been banned, is not allowed to use OAuth2 flows, and so on: @@ -218,4 +211,3 @@ hydraAdmin - diff --git a/docs/docs/guides/logout.mdx b/docs/docs/guides/logout.mdx index b2b3f063586..02663ab1af1 100644 --- a/docs/docs/guides/logout.mdx +++ b/docs/docs/guides/logout.mdx @@ -37,13 +37,11 @@ access to ORY Hydra's Admin Endpoint! ]}> - ![OAuth2 Logout UI Screen](../images/logout-endpoint.png) - :::note Check out our @@ -96,7 +94,6 @@ router.get('/', csrfProtection, (req, res, next) => { - ```html @@ -109,7 +106,6 @@ router.get('/', csrfProtection, (req, res, next) => { - ## Accepting Logout { ]}> - :::note Check out our @@ -146,7 +141,6 @@ router.post('/logout', csrfProtection, (req, res, next) => { - ## Rejecting Logout { ]}> - :::note Check out our @@ -183,4 +176,3 @@ router.post('/logout', csrfProtection, (req, res, next) => { - diff --git a/docs/scripts/config.js b/docs/scripts/config.js index 058a030e056..ce2bc434d81 100644 --- a/docs/scripts/config.js +++ b/docs/scripts/config.js @@ -45,98 +45,100 @@ if (process.argv.length !== 3 || process.argv[1] === 'help') { const config = require(path.resolve(process.argv[2])) -const enhance = (schema, parents = []) => (item) => { - const key = item.key.value - - const path = [ - ...parents.map((parent) => ['properties', parent]), - ['properties', key] - ].flat() - - if (['title', 'description'].find((f) => path[path.length - 1] === f)) { - return - } +const enhance = + (schema, parents = []) => + (item) => { + const key = item.key.value + + const path = [ + ...parents.map((parent) => ['properties', parent]), + ['properties', key] + ].flat() + + if (['title', 'description'].find((f) => path[path.length - 1] === f)) { + return + } - const comments = [`# ${pathOr(key, [...path, 'title'], schema)} ##`, ''] + const comments = [`# ${pathOr(key, [...path, 'title'], schema)} ##`, ''] - const description = pathOr('', [...path, 'description'], schema) - if (description) { - comments.push(' ' + description.split('\n').join('\n '), '') - } + const description = pathOr('', [...path, 'description'], schema) + if (description) { + comments.push(' ' + description.split('\n').join('\n '), '') + } - const defaultValue = pathOr('', [...path, 'default'], schema) - if (defaultValue || defaultValue === false) { - comments.push(' Default value: ' + defaultValue, '') - } + const defaultValue = pathOr('', [...path, 'default'], schema) + if (defaultValue || defaultValue === false) { + comments.push(' Default value: ' + defaultValue, '') + } - const enums = pathOr('', [...path, 'enum'], schema) - if (enums && Array.isArray(enums)) { - comments.push( - ' One of:', - ...YAML.stringify(enums) - .split('\n') - .map((i) => ` ${i}`) - ) // split always returns one empty object so no need for newline - } + const enums = pathOr('', [...path, 'enum'], schema) + if (enums && Array.isArray(enums)) { + comments.push( + ' One of:', + ...YAML.stringify(enums) + .split('\n') + .map((i) => ` ${i}`) + ) // split always returns one empty object so no need for newline + } - const min = pathOr('', [...path, 'minimum'], schema) - if (min || min === 0) { - comments.push(` Minimum value: ${min}`, '') - } + const min = pathOr('', [...path, 'minimum'], schema) + if (min || min === 0) { + comments.push(` Minimum value: ${min}`, '') + } - const max = pathOr('', [...path, 'maximum'], schema) - if (max || max === 0) { - comments.push(` Maximum value: ${max}`, '') - } + const max = pathOr('', [...path, 'maximum'], schema) + if (max || max === 0) { + comments.push(` Maximum value: ${max}`, '') + } - const examples = pathOr('', [...path, 'examples'], schema) - if (examples) { - comments.push( - ' Examples:', - ...YAML.stringify(examples) - .split('\n') - .map((i) => ` ${i}`) - ) // split always returns one empty object so no need for newline - } + const examples = pathOr('', [...path, 'examples'], schema) + if (examples) { + comments.push( + ' Examples:', + ...YAML.stringify(examples) + .split('\n') + .map((i) => ` ${i}`) + ) // split always returns one empty object so no need for newline + } - let hasChildren - if (item.value.items) { - item.value.items.forEach((item) => { - if (item.key) { - enhance(schema, [...parents, key])(item) - hasChildren = true - } - }) - } + let hasChildren + if (item.value.items) { + item.value.items.forEach((item) => { + if (item.key) { + enhance(schema, [...parents, key])(item) + hasChildren = true + } + }) + } - const showEnvVarBlockForObject = pathOr( - '', - [...path, 'showEnvVarBlockForObject'], - schema - ) - if (!hasChildren || showEnvVarBlockForObject) { - const env = [...parents, key].map((i) => i.toUpperCase()).join('_') - comments.push( - ' Set this value using environment variables on', - ' - Linux/macOS:', - ` $ export ${env}=`, - ' - Windows Command Line (CMD):', - ` > set ${env}=`, - '' + const showEnvVarBlockForObject = pathOr( + '', + [...path, 'showEnvVarBlockForObject'], + schema ) - - // Show this if the config property is an object, to call out how to specify the env var - if (hasChildren) { + if (!hasChildren || showEnvVarBlockForObject) { + const env = [...parents, key].map((i) => i.toUpperCase()).join('_') comments.push( - ' This can be set as an environment variable by supplying it as a JSON object.', + ' Set this value using environment variables on', + ' - Linux/macOS:', + ` $ export ${env}=`, + ' - Windows Command Line (CMD):', + ` > set ${env}=`, '' ) + + // Show this if the config property is an object, to call out how to specify the env var + if (hasChildren) { + comments.push( + ' This can be set as an environment variable by supplying it as a JSON object.', + '' + ) + } } - } - item.commentBefore = comments.join('\n') - item.spaceBefore = true -} + item.commentBefore = comments.join('\n') + item.spaceBefore = true + } new Promise((resolve, reject) => { parser.dereference( diff --git a/docs/scripts/rerelease.js b/docs/scripts/rerelease.js index 3ca95ad8cba..1d42fde416a 100644 --- a/docs/scripts/rerelease.js +++ b/docs/scripts/rerelease.js @@ -4,10 +4,12 @@ const fs = require('fs') const p = path.join(__dirname, '../versions.json') -fs.writeFile(p, JSON.stringify(require(p).filter((v) => v !== name)), function ( - err -) { - if (err) { - return console.error(err) +fs.writeFile( + p, + JSON.stringify(require(p).filter((v) => v !== name)), + function (err) { + if (err) { + return console.error(err) + } } -}) +) diff --git a/docs/src/theme/CodeFromRemote.js b/docs/src/theme/CodeFromRemote.js index a3609647f38..189028c2091 100644 --- a/docs/src/theme/CodeFromRemote.js +++ b/docs/src/theme/CodeFromRemote.js @@ -53,21 +53,23 @@ const findLine = (needle, haystack) => { return index } -const transform = ({ startAt, endAt }) => (content) => { - let lines = content.split('\n') +const transform = + ({ startAt, endAt }) => + (content) => { + let lines = content.split('\n') - const startIndex = findLine(startAt, lines) - if (startIndex > 0) { - lines = ['// ...', ...lines.slice(startIndex, -1)] - } + const startIndex = findLine(startAt, lines) + if (startIndex > 0) { + lines = ['// ...', ...lines.slice(startIndex, -1)] + } - const endIndex = findLine(endAt, lines) - if (endIndex > 0) { - lines = [...lines.slice(0, endIndex + 1), '// ...'] - } + const endIndex = findLine(endAt, lines) + if (endIndex > 0) { + lines = [...lines.slice(0, endIndex + 1), '// ...'] + } - return lines.join('\n') -} + return lines.join('\n') + } const CodeFromRemote = (props) => { const { src, title } = props diff --git a/docs/src/theme/ketoRelationTuplesPrism.js b/docs/src/theme/ketoRelationTuplesPrism.js index 513d653dfdd..9a00e5bbf70 100644 --- a/docs/src/theme/ketoRelationTuplesPrism.js +++ b/docs/src/theme/ketoRelationTuplesPrism.js @@ -44,7 +44,8 @@ export default (prism) => (prism.languages['keto-relation-tuples'] = { comment: /\/\/.*(\n|$)/, 'relation-tuple': { - pattern: /([^:#@()\n]+:)?([^:#@()\n]+)#([^:#@()\n]+)@?((\(([^:#@()\n]+:)?([^:#@()\n]+)#([^:#@()\n]*)\))|([^:#@()\n]+))/, + pattern: + /([^:#@()\n]+:)?([^:#@()\n]+)#([^:#@()\n]+)@?((\(([^:#@()\n]+:)?([^:#@()\n]+)#([^:#@()\n]*)\))|([^:#@()\n]+))/, inside: { namespace, object, From 47996e0345d6176e8e226b1fc0386743194f5d78 Mon Sep 17 00:00:00 2001 From: aeneasr <3372410+aeneasr@users.noreply.github.com> Date: Sun, 26 Dec 2021 19:33:04 +0200 Subject: [PATCH 49/49] u --- .../20211226155900000000_grant_jwk_bearer.mysql.up.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.mysql.up.sql b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.mysql.up.sql index dce069ad6a8..7d53d510659 100644 --- a/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.mysql.up.sql +++ b/persistence/sql/migrations/20211226155900000000_grant_jwk_bearer.mysql.up.sql @@ -1,6 +1,6 @@ CREATE TABLE IF NOT EXISTS hydra_oauth2_trusted_jwt_bearer_issuer ( - id UUID PRIMARY KEY, + id VARCHAR(36) PRIMARY KEY, issuer VARCHAR(255) NOT NULL, subject VARCHAR(255) NOT NULL, scope TEXT NOT NULL,