diff --git a/internal/httpclient/README.md b/internal/httpclient/README.md index f81a14cf1928..bc7693d6ee67 100644 --- a/internal/httpclient/README.md +++ b/internal/httpclient/README.md @@ -90,9 +90,9 @@ Class | Method | HTTP request | Description *V0alpha1Api* | [**AdminCreateIdentity**](docs/V0alpha1Api.md#admincreateidentity) | **Post** /identities | Create an Identity *V0alpha1Api* | [**AdminCreateSelfServiceRecoveryLink**](docs/V0alpha1Api.md#admincreateselfservicerecoverylink) | **Post** /recovery/link | Create a Recovery Link *V0alpha1Api* | [**AdminDeleteIdentity**](docs/V0alpha1Api.md#admindeleteidentity) | **Delete** /identities/{id} | Delete an Identity +*V0alpha1Api* | [**AdminDeleteIdentitySessions**](docs/V0alpha1Api.md#admindeleteidentitysessions) | **Delete** /identity/{id}/sessions | Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity. *V0alpha1Api* | [**AdminGetIdentity**](docs/V0alpha1Api.md#admingetidentity) | **Get** /identities/{id} | Get an Identity *V0alpha1Api* | [**AdminListIdentities**](docs/V0alpha1Api.md#adminlistidentities) | **Get** /identities | List Identities -*V0alpha1Api* | [**AdminLogoutIdentity**](docs/V0alpha1Api.md#adminlogoutidentity) | **Delete** /sessions/identity/{id} | Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity. *V0alpha1Api* | [**AdminUpdateIdentity**](docs/V0alpha1Api.md#adminupdateidentity) | **Put** /identities/{id} | Update an Identity *V0alpha1Api* | [**CreateSelfServiceLogoutFlowUrlForBrowsers**](docs/V0alpha1Api.md#createselfservicelogoutflowurlforbrowsers) | **Get** /self-service/logout/browser | Create a Logout URL for Browsers *V0alpha1Api* | [**GetJsonSchema**](docs/V0alpha1Api.md#getjsonschema) | **Get** /schemas/{id} | diff --git a/internal/httpclient/api/openapi.yaml b/internal/httpclient/api/openapi.yaml index c996b855c5c8..694f89bdbecc 100644 --- a/internal/httpclient/api/openapi.yaml +++ b/internal/httpclient/api/openapi.yaml @@ -301,6 +301,56 @@ paths: summary: Update an Identity tags: - v0alpha1 + /identity/{id}/sessions: + delete: + description: |- + This endpoint is useful for: + + To forcefully logout Identity from all devices and sessions + operationId: adminDeleteIdentitySessions + parameters: + - description: ID is the identity's ID. + explode: false + in: path + name: id + required: true + schema: + type: string + style: simple + responses: + "204": + description: Empty responses are sent when, for example, resources are deleted. + The HTTP status code for empty responses is typically 201. + "400": + content: + application/json: + schema: + $ref: '#/components/schemas/jsonError' + description: jsonError + "401": + content: + application/json: + schema: + $ref: '#/components/schemas/jsonError' + description: jsonError + "404": + content: + application/json: + schema: + $ref: '#/components/schemas/jsonError' + description: jsonError + "500": + content: + application/json: + schema: + $ref: '#/components/schemas/jsonError' + description: jsonError + security: + - oryAccessToken: [] + summary: Calling this endpoint irrecoverably and permanently deletes and invalidates + all sessions that belong to the given Identity. + tags: + - v0alpha1 /metrics/prometheus: get: description: |- @@ -1803,56 +1853,6 @@ paths: summary: Get Verification Flow tags: - v0alpha1 - /sessions/identity/{id}: - delete: - description: |- - This endpoint is useful for: - - To forcefully logout Identity from all devices and sessions - operationId: adminLogoutIdentity - parameters: - - description: ID is the identity's ID. - explode: false - in: path - name: id - required: true - schema: - type: string - style: simple - responses: - "204": - description: Empty responses are sent when, for example, resources are deleted. - The HTTP status code for empty responses is typically 201. - "400": - content: - application/json: - schema: - $ref: '#/components/schemas/jsonError' - description: jsonError - "401": - content: - application/json: - schema: - $ref: '#/components/schemas/jsonError' - description: jsonError - "404": - content: - application/json: - schema: - $ref: '#/components/schemas/jsonError' - description: jsonError - "500": - content: - application/json: - schema: - $ref: '#/components/schemas/jsonError' - description: jsonError - security: - - oryAccessToken: [] - summary: Calling this endpoint irrecoverably and permanently deletes and invalidates - all sessions that belong to the given Identity. - tags: - - v0alpha1 /sessions/whoami: get: description: |- diff --git a/internal/httpclient/api_v0alpha1.go b/internal/httpclient/api_v0alpha1.go index 9a5f6dab93fe..b3fcb787af79 100644 --- a/internal/httpclient/api_v0alpha1.go +++ b/internal/httpclient/api_v0alpha1.go @@ -77,6 +77,22 @@ type V0alpha1Api interface { */ AdminDeleteIdentityExecute(r V0alpha1ApiApiAdminDeleteIdentityRequest) (*http.Response, error) + /* + * AdminDeleteIdentitySessions Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity. + * This endpoint is useful for: + + To forcefully logout Identity from all devices and sessions + * @param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + * @param id ID is the identity's ID. + * @return V0alpha1ApiApiAdminDeleteIdentitySessionsRequest + */ + AdminDeleteIdentitySessions(ctx context.Context, id string) V0alpha1ApiApiAdminDeleteIdentitySessionsRequest + + /* + * AdminDeleteIdentitySessionsExecute executes the request + */ + AdminDeleteIdentitySessionsExecute(r V0alpha1ApiApiAdminDeleteIdentitySessionsRequest) (*http.Response, error) + /* * AdminGetIdentity Get an Identity * Learn how identities work in [Ory Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). @@ -108,22 +124,6 @@ type V0alpha1Api interface { */ AdminListIdentitiesExecute(r V0alpha1ApiApiAdminListIdentitiesRequest) ([]Identity, *http.Response, error) - /* - * AdminLogoutIdentity Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity. - * This endpoint is useful for: - - To forcefully logout Identity from all devices and sessions - * @param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - * @param id ID is the identity's ID. - * @return V0alpha1ApiApiAdminLogoutIdentityRequest - */ - AdminLogoutIdentity(ctx context.Context, id string) V0alpha1ApiApiAdminLogoutIdentityRequest - - /* - * AdminLogoutIdentityExecute executes the request - */ - AdminLogoutIdentityExecute(r V0alpha1ApiApiAdminLogoutIdentityRequest) (*http.Response, error) - /* * AdminUpdateIdentity Update an Identity * This endpoint updates an identity. It is NOT possible to set an identity's credentials (password, ...) @@ -1291,25 +1291,27 @@ func (a *V0alpha1ApiService) AdminDeleteIdentityExecute(r V0alpha1ApiApiAdminDel return localVarHTTPResponse, nil } -type V0alpha1ApiApiAdminGetIdentityRequest struct { +type V0alpha1ApiApiAdminDeleteIdentitySessionsRequest struct { ctx context.Context ApiService V0alpha1Api id string } -func (r V0alpha1ApiApiAdminGetIdentityRequest) Execute() (*Identity, *http.Response, error) { - return r.ApiService.AdminGetIdentityExecute(r) +func (r V0alpha1ApiApiAdminDeleteIdentitySessionsRequest) Execute() (*http.Response, error) { + return r.ApiService.AdminDeleteIdentitySessionsExecute(r) } /* - * AdminGetIdentity Get an Identity - * Learn how identities work in [Ory Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). + * AdminDeleteIdentitySessions Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity. + * This endpoint is useful for: + +To forcefully logout Identity from all devices and sessions * @param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - * @param id ID must be set to the ID of identity you want to get - * @return V0alpha1ApiApiAdminGetIdentityRequest - */ -func (a *V0alpha1ApiService) AdminGetIdentity(ctx context.Context, id string) V0alpha1ApiApiAdminGetIdentityRequest { - return V0alpha1ApiApiAdminGetIdentityRequest{ + * @param id ID is the identity's ID. + * @return V0alpha1ApiApiAdminDeleteIdentitySessionsRequest +*/ +func (a *V0alpha1ApiService) AdminDeleteIdentitySessions(ctx context.Context, id string) V0alpha1ApiApiAdminDeleteIdentitySessionsRequest { + return V0alpha1ApiApiAdminDeleteIdentitySessionsRequest{ ApiService: a, ctx: ctx, id: id, @@ -1318,24 +1320,22 @@ func (a *V0alpha1ApiService) AdminGetIdentity(ctx context.Context, id string) V0 /* * Execute executes the request - * @return Identity */ -func (a *V0alpha1ApiService) AdminGetIdentityExecute(r V0alpha1ApiApiAdminGetIdentityRequest) (*Identity, *http.Response, error) { +func (a *V0alpha1ApiService) AdminDeleteIdentitySessionsExecute(r V0alpha1ApiApiAdminDeleteIdentitySessionsRequest) (*http.Response, error) { var ( - localVarHTTPMethod = http.MethodGet + localVarHTTPMethod = http.MethodDelete localVarPostBody interface{} localVarFormFileName string localVarFileName string localVarFileBytes []byte - localVarReturnValue *Identity ) - localBasePath, err := a.client.cfg.ServerURLWithContext(r.ctx, "V0alpha1ApiService.AdminGetIdentity") + localBasePath, err := a.client.cfg.ServerURLWithContext(r.ctx, "V0alpha1ApiService.AdminDeleteIdentitySessions") if err != nil { - return localVarReturnValue, nil, &GenericOpenAPIError{error: err.Error()} + return nil, &GenericOpenAPIError{error: err.Error()} } - localVarPath := localBasePath + "/identities/{id}" + localVarPath := localBasePath + "/identity/{id}/sessions" localVarPath = strings.Replace(localVarPath, "{"+"id"+"}", url.PathEscape(parameterToString(r.id, "")), -1) localVarHeaderParams := make(map[string]string) @@ -1375,19 +1375,19 @@ func (a *V0alpha1ApiService) AdminGetIdentityExecute(r V0alpha1ApiApiAdminGetIde } req, err := a.client.prepareRequest(r.ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, localVarFormFileName, localVarFileName, localVarFileBytes) if err != nil { - return localVarReturnValue, nil, err + return nil, err } localVarHTTPResponse, err := a.client.callAPI(req) if err != nil || localVarHTTPResponse == nil { - return localVarReturnValue, localVarHTTPResponse, err + return localVarHTTPResponse, err } localVarBody, err := ioutil.ReadAll(localVarHTTPResponse.Body) localVarHTTPResponse.Body.Close() localVarHTTPResponse.Body = ioutil.NopCloser(bytes.NewBuffer(localVarBody)) if err != nil { - return localVarReturnValue, localVarHTTPResponse, err + return localVarHTTPResponse, err } if localVarHTTPResponse.StatusCode >= 300 { @@ -1395,106 +1395,102 @@ func (a *V0alpha1ApiService) AdminGetIdentityExecute(r V0alpha1ApiApiAdminGetIde body: localVarBody, error: localVarHTTPResponse.Status, } + if localVarHTTPResponse.StatusCode == 400 { + var v JsonError + err = a.client.decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) + if err != nil { + newErr.error = err.Error() + return localVarHTTPResponse, newErr + } + newErr.model = v + return localVarHTTPResponse, newErr + } + if localVarHTTPResponse.StatusCode == 401 { + var v JsonError + err = a.client.decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) + if err != nil { + newErr.error = err.Error() + return localVarHTTPResponse, newErr + } + newErr.model = v + return localVarHTTPResponse, newErr + } if localVarHTTPResponse.StatusCode == 404 { var v JsonError err = a.client.decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) if err != nil { newErr.error = err.Error() - return localVarReturnValue, localVarHTTPResponse, newErr + return localVarHTTPResponse, newErr } newErr.model = v - return localVarReturnValue, localVarHTTPResponse, newErr + return localVarHTTPResponse, newErr } if localVarHTTPResponse.StatusCode == 500 { var v JsonError err = a.client.decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) if err != nil { newErr.error = err.Error() - return localVarReturnValue, localVarHTTPResponse, newErr + return localVarHTTPResponse, newErr } newErr.model = v } - return localVarReturnValue, localVarHTTPResponse, newErr - } - - err = a.client.decode(&localVarReturnValue, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) - if err != nil { - newErr := &GenericOpenAPIError{ - body: localVarBody, - error: err.Error(), - } - return localVarReturnValue, localVarHTTPResponse, newErr + return localVarHTTPResponse, newErr } - return localVarReturnValue, localVarHTTPResponse, nil + return localVarHTTPResponse, nil } -type V0alpha1ApiApiAdminListIdentitiesRequest struct { +type V0alpha1ApiApiAdminGetIdentityRequest struct { ctx context.Context ApiService V0alpha1Api - perPage *int64 - page *int64 -} - -func (r V0alpha1ApiApiAdminListIdentitiesRequest) PerPage(perPage int64) V0alpha1ApiApiAdminListIdentitiesRequest { - r.perPage = &perPage - return r -} -func (r V0alpha1ApiApiAdminListIdentitiesRequest) Page(page int64) V0alpha1ApiApiAdminListIdentitiesRequest { - r.page = &page - return r + id string } -func (r V0alpha1ApiApiAdminListIdentitiesRequest) Execute() ([]Identity, *http.Response, error) { - return r.ApiService.AdminListIdentitiesExecute(r) +func (r V0alpha1ApiApiAdminGetIdentityRequest) Execute() (*Identity, *http.Response, error) { + return r.ApiService.AdminGetIdentityExecute(r) } /* - * AdminListIdentities List Identities - * Lists all identities. Does not support search at the moment. - -Learn how identities work in [Ory Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). + * AdminGetIdentity Get an Identity + * Learn how identities work in [Ory Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). * @param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - * @return V0alpha1ApiApiAdminListIdentitiesRequest -*/ -func (a *V0alpha1ApiService) AdminListIdentities(ctx context.Context) V0alpha1ApiApiAdminListIdentitiesRequest { - return V0alpha1ApiApiAdminListIdentitiesRequest{ + * @param id ID must be set to the ID of identity you want to get + * @return V0alpha1ApiApiAdminGetIdentityRequest + */ +func (a *V0alpha1ApiService) AdminGetIdentity(ctx context.Context, id string) V0alpha1ApiApiAdminGetIdentityRequest { + return V0alpha1ApiApiAdminGetIdentityRequest{ ApiService: a, ctx: ctx, + id: id, } } /* * Execute executes the request - * @return []Identity + * @return Identity */ -func (a *V0alpha1ApiService) AdminListIdentitiesExecute(r V0alpha1ApiApiAdminListIdentitiesRequest) ([]Identity, *http.Response, error) { +func (a *V0alpha1ApiService) AdminGetIdentityExecute(r V0alpha1ApiApiAdminGetIdentityRequest) (*Identity, *http.Response, error) { var ( localVarHTTPMethod = http.MethodGet localVarPostBody interface{} localVarFormFileName string localVarFileName string localVarFileBytes []byte - localVarReturnValue []Identity + localVarReturnValue *Identity ) - localBasePath, err := a.client.cfg.ServerURLWithContext(r.ctx, "V0alpha1ApiService.AdminListIdentities") + localBasePath, err := a.client.cfg.ServerURLWithContext(r.ctx, "V0alpha1ApiService.AdminGetIdentity") if err != nil { return localVarReturnValue, nil, &GenericOpenAPIError{error: err.Error()} } - localVarPath := localBasePath + "/identities" + localVarPath := localBasePath + "/identities/{id}" + localVarPath = strings.Replace(localVarPath, "{"+"id"+"}", url.PathEscape(parameterToString(r.id, "")), -1) localVarHeaderParams := make(map[string]string) localVarQueryParams := url.Values{} localVarFormParams := url.Values{} - if r.perPage != nil { - localVarQueryParams.Add("per_page", parameterToString(*r.perPage, "")) - } - if r.page != nil { - localVarQueryParams.Add("page", parameterToString(*r.page, "")) - } // to determine the Content-Type header localVarHTTPContentTypes := []string{} @@ -1548,6 +1544,16 @@ func (a *V0alpha1ApiService) AdminListIdentitiesExecute(r V0alpha1ApiApiAdminLis body: localVarBody, error: localVarHTTPResponse.Status, } + if localVarHTTPResponse.StatusCode == 404 { + var v JsonError + err = a.client.decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) + if err != nil { + newErr.error = err.Error() + return localVarReturnValue, localVarHTTPResponse, newErr + } + newErr.model = v + return localVarReturnValue, localVarHTTPResponse, newErr + } if localVarHTTPResponse.StatusCode == 500 { var v JsonError err = a.client.decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) @@ -1572,57 +1578,72 @@ func (a *V0alpha1ApiService) AdminListIdentitiesExecute(r V0alpha1ApiApiAdminLis return localVarReturnValue, localVarHTTPResponse, nil } -type V0alpha1ApiApiAdminLogoutIdentityRequest struct { +type V0alpha1ApiApiAdminListIdentitiesRequest struct { ctx context.Context ApiService V0alpha1Api - id string + perPage *int64 + page *int64 } -func (r V0alpha1ApiApiAdminLogoutIdentityRequest) Execute() (*http.Response, error) { - return r.ApiService.AdminLogoutIdentityExecute(r) +func (r V0alpha1ApiApiAdminListIdentitiesRequest) PerPage(perPage int64) V0alpha1ApiApiAdminListIdentitiesRequest { + r.perPage = &perPage + return r +} +func (r V0alpha1ApiApiAdminListIdentitiesRequest) Page(page int64) V0alpha1ApiApiAdminListIdentitiesRequest { + r.page = &page + return r +} + +func (r V0alpha1ApiApiAdminListIdentitiesRequest) Execute() ([]Identity, *http.Response, error) { + return r.ApiService.AdminListIdentitiesExecute(r) } /* - * AdminLogoutIdentity Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity. - * This endpoint is useful for: + * AdminListIdentities List Identities + * Lists all identities. Does not support search at the moment. -To forcefully logout Identity from all devices and sessions +Learn how identities work in [Ory Kratos' User And Identity Model Documentation](https://www.ory.sh/docs/next/kratos/concepts/identity-user-model). * @param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - * @param id ID is the identity's ID. - * @return V0alpha1ApiApiAdminLogoutIdentityRequest + * @return V0alpha1ApiApiAdminListIdentitiesRequest */ -func (a *V0alpha1ApiService) AdminLogoutIdentity(ctx context.Context, id string) V0alpha1ApiApiAdminLogoutIdentityRequest { - return V0alpha1ApiApiAdminLogoutIdentityRequest{ +func (a *V0alpha1ApiService) AdminListIdentities(ctx context.Context) V0alpha1ApiApiAdminListIdentitiesRequest { + return V0alpha1ApiApiAdminListIdentitiesRequest{ ApiService: a, ctx: ctx, - id: id, } } /* * Execute executes the request + * @return []Identity */ -func (a *V0alpha1ApiService) AdminLogoutIdentityExecute(r V0alpha1ApiApiAdminLogoutIdentityRequest) (*http.Response, error) { +func (a *V0alpha1ApiService) AdminListIdentitiesExecute(r V0alpha1ApiApiAdminListIdentitiesRequest) ([]Identity, *http.Response, error) { var ( - localVarHTTPMethod = http.MethodDelete + localVarHTTPMethod = http.MethodGet localVarPostBody interface{} localVarFormFileName string localVarFileName string localVarFileBytes []byte + localVarReturnValue []Identity ) - localBasePath, err := a.client.cfg.ServerURLWithContext(r.ctx, "V0alpha1ApiService.AdminLogoutIdentity") + localBasePath, err := a.client.cfg.ServerURLWithContext(r.ctx, "V0alpha1ApiService.AdminListIdentities") if err != nil { - return nil, &GenericOpenAPIError{error: err.Error()} + return localVarReturnValue, nil, &GenericOpenAPIError{error: err.Error()} } - localVarPath := localBasePath + "/sessions/identity/{id}" - localVarPath = strings.Replace(localVarPath, "{"+"id"+"}", url.PathEscape(parameterToString(r.id, "")), -1) + localVarPath := localBasePath + "/identities" localVarHeaderParams := make(map[string]string) localVarQueryParams := url.Values{} localVarFormParams := url.Values{} + if r.perPage != nil { + localVarQueryParams.Add("per_page", parameterToString(*r.perPage, "")) + } + if r.page != nil { + localVarQueryParams.Add("page", parameterToString(*r.page, "")) + } // to determine the Content-Type header localVarHTTPContentTypes := []string{} @@ -1656,19 +1677,19 @@ func (a *V0alpha1ApiService) AdminLogoutIdentityExecute(r V0alpha1ApiApiAdminLog } req, err := a.client.prepareRequest(r.ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, localVarFormFileName, localVarFileName, localVarFileBytes) if err != nil { - return nil, err + return localVarReturnValue, nil, err } localVarHTTPResponse, err := a.client.callAPI(req) if err != nil || localVarHTTPResponse == nil { - return localVarHTTPResponse, err + return localVarReturnValue, localVarHTTPResponse, err } localVarBody, err := ioutil.ReadAll(localVarHTTPResponse.Body) localVarHTTPResponse.Body.Close() localVarHTTPResponse.Body = ioutil.NopCloser(bytes.NewBuffer(localVarBody)) if err != nil { - return localVarHTTPResponse, err + return localVarReturnValue, localVarHTTPResponse, err } if localVarHTTPResponse.StatusCode >= 300 { @@ -1676,49 +1697,28 @@ func (a *V0alpha1ApiService) AdminLogoutIdentityExecute(r V0alpha1ApiApiAdminLog body: localVarBody, error: localVarHTTPResponse.Status, } - if localVarHTTPResponse.StatusCode == 400 { - var v JsonError - err = a.client.decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) - if err != nil { - newErr.error = err.Error() - return localVarHTTPResponse, newErr - } - newErr.model = v - return localVarHTTPResponse, newErr - } - if localVarHTTPResponse.StatusCode == 401 { - var v JsonError - err = a.client.decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) - if err != nil { - newErr.error = err.Error() - return localVarHTTPResponse, newErr - } - newErr.model = v - return localVarHTTPResponse, newErr - } - if localVarHTTPResponse.StatusCode == 404 { - var v JsonError - err = a.client.decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) - if err != nil { - newErr.error = err.Error() - return localVarHTTPResponse, newErr - } - newErr.model = v - return localVarHTTPResponse, newErr - } if localVarHTTPResponse.StatusCode == 500 { var v JsonError err = a.client.decode(&v, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) if err != nil { newErr.error = err.Error() - return localVarHTTPResponse, newErr + return localVarReturnValue, localVarHTTPResponse, newErr } newErr.model = v } - return localVarHTTPResponse, newErr + return localVarReturnValue, localVarHTTPResponse, newErr } - return localVarHTTPResponse, nil + err = a.client.decode(&localVarReturnValue, localVarBody, localVarHTTPResponse.Header.Get("Content-Type")) + if err != nil { + newErr := &GenericOpenAPIError{ + body: localVarBody, + error: err.Error(), + } + return localVarReturnValue, localVarHTTPResponse, newErr + } + + return localVarReturnValue, localVarHTTPResponse, nil } type V0alpha1ApiApiAdminUpdateIdentityRequest struct { diff --git a/internal/httpclient/docs/V0alpha1Api.md b/internal/httpclient/docs/V0alpha1Api.md index 214afdfba7e1..4b9c7e0743dd 100644 --- a/internal/httpclient/docs/V0alpha1Api.md +++ b/internal/httpclient/docs/V0alpha1Api.md @@ -7,9 +7,9 @@ Method | HTTP request | Description [**AdminCreateIdentity**](V0alpha1Api.md#AdminCreateIdentity) | **Post** /identities | Create an Identity [**AdminCreateSelfServiceRecoveryLink**](V0alpha1Api.md#AdminCreateSelfServiceRecoveryLink) | **Post** /recovery/link | Create a Recovery Link [**AdminDeleteIdentity**](V0alpha1Api.md#AdminDeleteIdentity) | **Delete** /identities/{id} | Delete an Identity +[**AdminDeleteIdentitySessions**](V0alpha1Api.md#AdminDeleteIdentitySessions) | **Delete** /identity/{id}/sessions | Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity. [**AdminGetIdentity**](V0alpha1Api.md#AdminGetIdentity) | **Get** /identities/{id} | Get an Identity [**AdminListIdentities**](V0alpha1Api.md#AdminListIdentities) | **Get** /identities | List Identities -[**AdminLogoutIdentity**](V0alpha1Api.md#AdminLogoutIdentity) | **Delete** /sessions/identity/{id} | Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity. [**AdminUpdateIdentity**](V0alpha1Api.md#AdminUpdateIdentity) | **Put** /identities/{id} | Update an Identity [**CreateSelfServiceLogoutFlowUrlForBrowsers**](V0alpha1Api.md#CreateSelfServiceLogoutFlowUrlForBrowsers) | **Get** /self-service/logout/browser | Create a Logout URL for Browsers [**GetJsonSchema**](V0alpha1Api.md#GetJsonSchema) | **Get** /schemas/{id} | @@ -240,11 +240,11 @@ Name | Type | Description | Notes [[Back to README]](../README.md) -## AdminGetIdentity +## AdminDeleteIdentitySessions -> Identity AdminGetIdentity(ctx, id).Execute() +> AdminDeleteIdentitySessions(ctx, id).Execute() -Get an Identity +Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity. @@ -261,17 +261,15 @@ import ( ) func main() { - id := "id_example" // string | ID must be set to the ID of identity you want to get + id := "id_example" // string | ID is the identity's ID. configuration := openapiclient.NewConfiguration() apiClient := openapiclient.NewAPIClient(configuration) - resp, r, err := apiClient.V0alpha1Api.AdminGetIdentity(context.Background(), id).Execute() + resp, r, err := apiClient.V0alpha1Api.AdminDeleteIdentitySessions(context.Background(), id).Execute() if err != nil { - fmt.Fprintf(os.Stderr, "Error when calling `V0alpha1Api.AdminGetIdentity``: %v\n", err) + fmt.Fprintf(os.Stderr, "Error when calling `V0alpha1Api.AdminDeleteIdentitySessions``: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } - // response from `AdminGetIdentity`: Identity - fmt.Fprintf(os.Stdout, "Response from `V0alpha1Api.AdminGetIdentity`: %v\n", resp) } ``` @@ -281,11 +279,11 @@ func main() { Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- **ctx** | **context.Context** | context for authentication, logging, cancellation, deadlines, tracing, etc. -**id** | **string** | ID must be set to the ID of identity you want to get | +**id** | **string** | ID is the identity's ID. | ### Other Parameters -Other parameters are passed through a pointer to a apiAdminGetIdentityRequest struct via the builder pattern +Other parameters are passed through a pointer to a apiAdminDeleteIdentitySessionsRequest struct via the builder pattern Name | Type | Description | Notes @@ -294,7 +292,7 @@ Name | Type | Description | Notes ### Return type -[**Identity**](Identity.md) + (empty response body) ### Authorization @@ -310,11 +308,11 @@ Name | Type | Description | Notes [[Back to README]](../README.md) -## AdminListIdentities +## AdminGetIdentity -> []Identity AdminListIdentities(ctx).PerPage(perPage).Page(page).Execute() +> Identity AdminGetIdentity(ctx, id).Execute() -List Identities +Get an Identity @@ -331,38 +329,40 @@ import ( ) func main() { - perPage := int64(789) // int64 | Items per Page This is the number of items per page. (optional) (default to 100) - page := int64(789) // int64 | Pagination Page (optional) (default to 0) + id := "id_example" // string | ID must be set to the ID of identity you want to get configuration := openapiclient.NewConfiguration() apiClient := openapiclient.NewAPIClient(configuration) - resp, r, err := apiClient.V0alpha1Api.AdminListIdentities(context.Background()).PerPage(perPage).Page(page).Execute() + resp, r, err := apiClient.V0alpha1Api.AdminGetIdentity(context.Background(), id).Execute() if err != nil { - fmt.Fprintf(os.Stderr, "Error when calling `V0alpha1Api.AdminListIdentities``: %v\n", err) + fmt.Fprintf(os.Stderr, "Error when calling `V0alpha1Api.AdminGetIdentity``: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } - // response from `AdminListIdentities`: []Identity - fmt.Fprintf(os.Stdout, "Response from `V0alpha1Api.AdminListIdentities`: %v\n", resp) + // response from `AdminGetIdentity`: Identity + fmt.Fprintf(os.Stdout, "Response from `V0alpha1Api.AdminGetIdentity`: %v\n", resp) } ``` ### Path Parameters +Name | Type | Description | Notes +------------- | ------------- | ------------- | ------------- +**ctx** | **context.Context** | context for authentication, logging, cancellation, deadlines, tracing, etc. +**id** | **string** | ID must be set to the ID of identity you want to get | ### Other Parameters -Other parameters are passed through a pointer to a apiAdminListIdentitiesRequest struct via the builder pattern +Other parameters are passed through a pointer to a apiAdminGetIdentityRequest struct via the builder pattern Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **perPage** | **int64** | Items per Page This is the number of items per page. | [default to 100] - **page** | **int64** | Pagination Page | [default to 0] + ### Return type -[**[]Identity**](Identity.md) +[**Identity**](Identity.md) ### Authorization @@ -378,11 +378,11 @@ Name | Type | Description | Notes [[Back to README]](../README.md) -## AdminLogoutIdentity +## AdminListIdentities -> AdminLogoutIdentity(ctx, id).Execute() +> []Identity AdminListIdentities(ctx).PerPage(perPage).Page(page).Execute() -Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity. +List Identities @@ -399,38 +399,38 @@ import ( ) func main() { - id := "id_example" // string | ID is the identity's ID. + perPage := int64(789) // int64 | Items per Page This is the number of items per page. (optional) (default to 100) + page := int64(789) // int64 | Pagination Page (optional) (default to 0) configuration := openapiclient.NewConfiguration() apiClient := openapiclient.NewAPIClient(configuration) - resp, r, err := apiClient.V0alpha1Api.AdminLogoutIdentity(context.Background(), id).Execute() + resp, r, err := apiClient.V0alpha1Api.AdminListIdentities(context.Background()).PerPage(perPage).Page(page).Execute() if err != nil { - fmt.Fprintf(os.Stderr, "Error when calling `V0alpha1Api.AdminLogoutIdentity``: %v\n", err) + fmt.Fprintf(os.Stderr, "Error when calling `V0alpha1Api.AdminListIdentities``: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) } + // response from `AdminListIdentities`: []Identity + fmt.Fprintf(os.Stdout, "Response from `V0alpha1Api.AdminListIdentities`: %v\n", resp) } ``` ### Path Parameters -Name | Type | Description | Notes -------------- | ------------- | ------------- | ------------- -**ctx** | **context.Context** | context for authentication, logging, cancellation, deadlines, tracing, etc. -**id** | **string** | ID is the identity's ID. | ### Other Parameters -Other parameters are passed through a pointer to a apiAdminLogoutIdentityRequest struct via the builder pattern +Other parameters are passed through a pointer to a apiAdminListIdentitiesRequest struct via the builder pattern Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - + **perPage** | **int64** | Items per Page This is the number of items per page. | [default to 100] + **page** | **int64** | Pagination Page | [default to 0] ### Return type - (empty response body) +[**[]Identity**](Identity.md) ### Authorization diff --git a/session/handler.go b/session/handler.go index 6d856cb9ee76..2e7aa763f701 100644 --- a/session/handler.go +++ b/session/handler.go @@ -45,10 +45,10 @@ func NewHandler( } const ( - RouteCollection = "/sessions" - RouteWhoami = RouteCollection + "/whoami" - RouteIdentity = RouteCollection + "/identity" - RouteLogout = RouteIdentity + "/:id" + RouteCollection = "/sessions" + RouteWhoami = RouteCollection + "/whoami" + RouteIdentity = "/identities" + RouteDeleteSession = RouteIdentity + "/:id/sessions" ) func (h *Handler) RegisterAdminRoutes(admin *x.RouterAdmin) { @@ -58,7 +58,7 @@ func (h *Handler) RegisterAdminRoutes(admin *x.RouterAdmin) { admin.Handle(m, RouteWhoami, x.RedirectToPublicRoute(h.r)) } - admin.DELETE(RouteLogout, h.logout) + admin.DELETE(RouteDeleteSession, h.deleteIdentitySessions) } func (h *Handler) RegisterPublicRoutes(public *x.RouterPublic) { @@ -71,7 +71,7 @@ func (h *Handler) RegisterPublicRoutes(public *x.RouterPublic) { http.MethodDelete, http.MethodConnect, http.MethodOptions, http.MethodTrace} { public.Handle(m, RouteWhoami, h.whoami) } - public.DELETE(RouteLogout, x.RedirectToAdminRoute(h.r)) + public.DELETE(RouteDeleteSession, x.RedirectToAdminRoute(h.r)) } // nolint:deadcode,unused @@ -161,9 +161,9 @@ func (h *Handler) whoami(w http.ResponseWriter, r *http.Request, ps httprouter.P h.r.Writer().Write(w, r, s) } -// swagger:parameters adminLogoutIdentity +// swagger:parameters adminDeleteIdentitySessions // nolint:deadcode,unused -type adminLogoutIdentity struct { +type adminDeleteIdentitySessions struct { // ID is the identity's ID. // // required: true @@ -171,7 +171,7 @@ type adminLogoutIdentity struct { ID string `json:"id"` } -// swagger:route DELETE /sessions/identity/{id} v0alpha1 adminLogoutIdentity +// swagger:route DELETE /identity/{id}/sessions v0alpha1 adminDeleteIdentitySessions // // Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity. // @@ -190,7 +190,7 @@ type adminLogoutIdentity struct { // 401: jsonError // 404: jsonError // 500: jsonError -func (h *Handler) logout(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { +func (h *Handler) deleteIdentitySessions(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { iID, err := uuid.FromString(ps.ByName("id")) if err != nil { h.r.Writer().WriteError(w, r, herodot.ErrBadRequest.WithError(err.Error()).WithDebug("could not parse UUID")) diff --git a/session/handler_test.go b/session/handler_test.go index 5a8b99c6d797..915dea379024 100644 --- a/session/handler_test.go +++ b/session/handler_test.go @@ -236,7 +236,7 @@ func TestHandlerDeleteSessionByIdentityID(t *testing.T) { }) conf.MustSet(config.ViperKeyPublicBaseURL, mockServerURL.String()) - var logout = func(t *testing.T, base *httptest.Server, href string, expectCode int) { + var deleteSessions = func(t *testing.T, base *httptest.Server, href string, expectCode int) { req, err := http.NewRequest("DELETE", base.URL+href, nil) require.NoError(t, err) @@ -254,7 +254,7 @@ func TestHandlerDeleteSessionByIdentityID(t *testing.T) { s := &Session{Identity: i} require.NoError(t, reg.SessionPersister().CreateSession(context.Background(), s)) - logout(t, ts, "/sessions/identity/"+i.ID.String(), http.StatusNoContent) + deleteSessions(t, ts, "/identity/"+i.ID.String()+"/sessions", http.StatusNoContent) _, err := reg.SessionPersister().GetSession(context.Background(), s.ID) require.True(t, errors.Is(err, sqlcon.ErrNoRows)) }) @@ -264,7 +264,7 @@ func TestHandlerDeleteSessionByIdentityID(t *testing.T) { t.Run("case=should return 400 when bad UUID is sent", func(t *testing.T) { for name, ts := range map[string]*httptest.Server{"public": publicTS, "admin": adminTS} { t.Run("endpoint="+name, func(t *testing.T) { - logout(t, ts, "/sessions/identity/BADUUID", http.StatusBadRequest) + deleteSessions(t, ts, "/identity/BADUUID/sessions", http.StatusBadRequest) }) } }) @@ -273,7 +273,7 @@ func TestHandlerDeleteSessionByIdentityID(t *testing.T) { for name, ts := range map[string]*httptest.Server{"public": publicTS, "admin": adminTS} { t.Run("endpoint="+name, func(t *testing.T) { someID, _ := uuid.NewV4() - logout(t, ts, "/sessions/identity/"+someID.String(), http.StatusNotFound) + deleteSessions(t, ts, "/identity/"+someID.String()+"/sessions", http.StatusNotFound) }) } }) diff --git a/spec/api.json b/spec/api.json index 055f82c01591..181e1794f32a 100755 --- a/spec/api.json +++ b/spec/api.json @@ -1750,6 +1750,77 @@ ] } }, + "/identity/{id}/sessions": { + "delete": { + "description": "This endpoint is useful for:\n\nTo forcefully logout Identity from all devices and sessions", + "operationId": "adminDeleteIdentitySessions", + "parameters": [ + { + "description": "ID is the identity's ID.", + "in": "path", + "name": "id", + "required": true, + "schema": { + "type": "string" + } + } + ], + "responses": { + "204": { + "$ref": "#/components/responses/emptyResponse" + }, + "400": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/jsonError" + } + } + }, + "description": "jsonError" + }, + "401": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/jsonError" + } + } + }, + "description": "jsonError" + }, + "404": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/jsonError" + } + } + }, + "description": "jsonError" + }, + "500": { + "content": { + "application/json": { + "schema": { + "$ref": "#/components/schemas/jsonError" + } + } + }, + "description": "jsonError" + } + }, + "security": [ + { + "oryAccessToken": [] + } + ], + "summary": "Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity.", + "tags": [ + "v0alpha1" + ] + } + }, "/metrics/prometheus": { "get": { "description": "```\nmetadata:\nannotations:\nprometheus.io/port: \"4434\"\nprometheus.io/path: \"/metrics/prometheus\"\n```", @@ -3320,77 +3391,6 @@ ] } }, - "/sessions/identity/{id}": { - "delete": { - "description": "This endpoint is useful for:\n\nTo forcefully logout Identity from all devices and sessions", - "operationId": "adminLogoutIdentity", - "parameters": [ - { - "description": "ID is the identity's ID.", - "in": "path", - "name": "id", - "required": true, - "schema": { - "type": "string" - } - } - ], - "responses": { - "204": { - "$ref": "#/components/responses/emptyResponse" - }, - "400": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/jsonError" - } - } - }, - "description": "jsonError" - }, - "401": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/jsonError" - } - } - }, - "description": "jsonError" - }, - "404": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/jsonError" - } - } - }, - "description": "jsonError" - }, - "500": { - "content": { - "application/json": { - "schema": { - "$ref": "#/components/schemas/jsonError" - } - } - }, - "description": "jsonError" - } - }, - "security": [ - { - "oryAccessToken": [] - } - ], - "summary": "Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity.", - "tags": [ - "v0alpha1" - ] - } - }, "/sessions/whoami": { "get": { "description": "Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated.\nReturns a session object in the body or 401 if the credentials are invalid or no credentials were sent.\nAdditionally when the request it successful it adds the user ID to the 'X-Kratos-Authenticated-Identity-Id' header in the response.\n\nIf you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint:\n\n```js\npseudo-code example\nrouter.get('/protected-endpoint', async function (req, res) {\nconst session = await client.toSession(undefined, req.header('cookie'))\n\nconsole.log(session)\n})\n```\n\nWhen calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token:\n\n```js\npseudo-code example\n...\nconst session = await client.toSession(\"the-session-token\")\n\nconsole.log(session)\n```\n\nThis endpoint is useful for:\n\nAJAX calls. Remember to send credentials and set up CORS correctly!\nReverse proxies and API Gateways\nServer-side calls - use the `X-Session-Token` header!\n\nThis endpoint authenticates users by checking\n\nif the `Cookie` HTTP header was set containing an Ory Kratos Session Cookie;\nif the `Authorization: bearer \u003cory-session-token\u003e` HTTP header was set with a valid Ory Kratos Session Token;\nif the `X-Session-Token` HTTP header was set with a valid Ory Kratos Session Token.\n\nIf none of these headers are set or the cooke or token are invalid, the endpoint returns a HTTP 401 status code.", diff --git a/spec/swagger.json b/spec/swagger.json index 53333ee8ab99..fc1be8b229e3 100755 --- a/spec/swagger.json +++ b/spec/swagger.json @@ -358,6 +358,63 @@ } } }, + "/identity/{id}/sessions": { + "delete": { + "security": [ + { + "oryAccessToken": [] + } + ], + "description": "This endpoint is useful for:\n\nTo forcefully logout Identity from all devices and sessions", + "schemes": [ + "http", + "https" + ], + "tags": [ + "v0alpha1" + ], + "summary": "Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity.", + "operationId": "adminDeleteIdentitySessions", + "parameters": [ + { + "type": "string", + "description": "ID is the identity's ID.", + "name": "id", + "in": "path", + "required": true + } + ], + "responses": { + "204": { + "$ref": "#/responses/emptyResponse" + }, + "400": { + "description": "jsonError", + "schema": { + "$ref": "#/definitions/jsonError" + } + }, + "401": { + "description": "jsonError", + "schema": { + "$ref": "#/definitions/jsonError" + } + }, + "404": { + "description": "jsonError", + "schema": { + "$ref": "#/definitions/jsonError" + } + }, + "500": { + "description": "jsonError", + "schema": { + "$ref": "#/definitions/jsonError" + } + } + } + } + }, "/metrics/prometheus": { "get": { "description": "```\nmetadata:\nannotations:\nprometheus.io/port: \"4434\"\nprometheus.io/path: \"/metrics/prometheus\"\n```", @@ -1688,63 +1745,6 @@ } } }, - "/sessions/identity/{id}": { - "delete": { - "security": [ - { - "oryAccessToken": [] - } - ], - "description": "This endpoint is useful for:\n\nTo forcefully logout Identity from all devices and sessions", - "schemes": [ - "http", - "https" - ], - "tags": [ - "v0alpha1" - ], - "summary": "Calling this endpoint irrecoverably and permanently deletes and invalidates all sessions that belong to the given Identity.", - "operationId": "adminLogoutIdentity", - "parameters": [ - { - "type": "string", - "description": "ID is the identity's ID.", - "name": "id", - "in": "path", - "required": true - } - ], - "responses": { - "204": { - "$ref": "#/responses/emptyResponse" - }, - "400": { - "description": "jsonError", - "schema": { - "$ref": "#/definitions/jsonError" - } - }, - "401": { - "description": "jsonError", - "schema": { - "$ref": "#/definitions/jsonError" - } - }, - "404": { - "description": "jsonError", - "schema": { - "$ref": "#/definitions/jsonError" - } - }, - "500": { - "description": "jsonError", - "schema": { - "$ref": "#/definitions/jsonError" - } - } - } - } - }, "/sessions/whoami": { "get": { "description": "Uses the HTTP Headers in the GET request to determine (e.g. by using checking the cookies) who is authenticated.\nReturns a session object in the body or 401 if the credentials are invalid or no credentials were sent.\nAdditionally when the request it successful it adds the user ID to the 'X-Kratos-Authenticated-Identity-Id' header in the response.\n\nIf you call this endpoint from a server-side application, you must forward the HTTP Cookie Header to this endpoint:\n\n```js\npseudo-code example\nrouter.get('/protected-endpoint', async function (req, res) {\nconst session = await client.toSession(undefined, req.header('cookie'))\n\nconsole.log(session)\n})\n```\n\nWhen calling this endpoint from a non-browser application (e.g. mobile app) you must include the session token:\n\n```js\npseudo-code example\n...\nconst session = await client.toSession(\"the-session-token\")\n\nconsole.log(session)\n```\n\nThis endpoint is useful for:\n\nAJAX calls. Remember to send credentials and set up CORS correctly!\nReverse proxies and API Gateways\nServer-side calls - use the `X-Session-Token` header!\n\nThis endpoint authenticates users by checking\n\nif the `Cookie` HTTP header was set containing an Ory Kratos Session Cookie;\nif the `Authorization: bearer \u003cory-session-token\u003e` HTTP header was set with a valid Ory Kratos Session Token;\nif the `X-Session-Token` HTTP header was set with a valid Ory Kratos Session Token.\n\nIf none of these headers are set or the cooke or token are invalid, the endpoint returns a HTTP 401 status code.",